gateway

package
v1.0.0-rc2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 11, 2023 License: Apache-2.0 Imports: 47 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DefaultClassName = "istio"
	ControllerName   = "istio.io/gateway-controller"
)
View Source 
const NamespaceNameLabel = "kubernetes.io/metadata.name"

NamespaceNameLabel represents that label added automatically to namespaces is newer Kubernetes clusters

Variables

View Source 
var Templates embed.FS

Templates embeds the templates

Functions

func StrPointer 

func StrPointer(s string) *string

Types

type AllowedReferences 

type AllowedReferences struct {
	AllowAll     bool
	AllowedNames sets.Set
}

type ClassController 

type ClassController struct {
	// contains filtered or unexported fields
}

ClassController is a controller that creates the default Istio GatewayClass. This will not continually reconcile the full state of the GatewayClass object, and instead only create the class if it doesn't exist. This allows users to manage it through other means or modify it as they wish. If it is deleted, however, it will be added back. This controller intentionally does not do leader election for simplicity. Because we only create and not update there is no need; the first controller to create the GatewayClass wins.

func NewClassController 

func NewClassController(client kube.Client) *ClassController

func (*ClassController) Reconcile 

func (c *ClassController) Reconcile(name types.NamespacedName) error

func (*ClassController) Run 

func (c *ClassController) Run(stop <-chan struct{})

type ConfigError 

type ConfigError struct {
	Reason  ConfigErrorReason
	Message string
}

ConfigError represents an invalid configuration that will be reported back to the user.

type ConfigErrorReason 

type ConfigErrorReason = string
const (
	// InvalidDestination indicates an issue with the destination
	InvalidDestination ConfigErrorReason = "InvalidDestination"
	// InvalidParentRef indicates we could not refer to the parent we request
	InvalidParentRef ConfigErrorReason = "InvalidParentReference"
	// InvalidFilter indicates an issue with the filters
	InvalidFilter ConfigErrorReason = "InvalidFilter"
	// InvalidTLS indicates an issue with TLS settings
	InvalidTLS ConfigErrorReason = "InvalidTLS"
	// InvalidConfiguration indicates a generic error for all other invalid configurations
	InvalidConfiguration ConfigErrorReason = "InvalidConfiguration"
)

type Controller 

type Controller struct {
	// contains filtered or unexported fields
}

Controller defines the controller for the gateway-api. The controller acts a bit different from most. Rather than watching the CRs directly, we depend on the existing model.ConfigStoreController which already watches all CRs. When there are updates, a new PushContext will be computed, which will eventually call Controller.Recompute(). Once this happens, we will inspect the current state of the world, and transform gateway-api types into Istio types (Gateway/VirtualService). Future calls to Get/List will return these Istio types. These are not stored in the cluster at all, and are purely internal; they can be seen on /debug/configz. During Recompute(), the status on all gateway-api types is also tracked. Once completed, if the status has changed at all, it is queued to asynchronously update the status of the object in Kubernetes.

func NewController 

func NewController(client kube.Client, c model.ConfigStoreController, options controller.Options) *Controller

func (*Controller) Create 

func (c *Controller) Create(config config.Config) (revision string, err error)

func (*Controller) Delete 

func (c *Controller) Delete(typ config.GroupVersionKind, name, namespace string, _ *string) error

func (*Controller) Get 

func (c *Controller) Get(typ config.GroupVersionKind, name, namespace string) *config.Config

func (*Controller) HasSynced 

func (c *Controller) HasSynced() bool

func (*Controller) List 

func (c *Controller) List(typ config.GroupVersionKind, namespace string) ([]config.Config, error)

func (*Controller) Patch 

func (c *Controller) Patch(orig config.Config, patchFn config.PatchFunc) (string, error)

func (*Controller) QueueStatusUpdates 

func (c *Controller) QueueStatusUpdates(r *KubernetesResources)

func (*Controller) Recompute 

func (c *Controller) Recompute(context model.GatewayContext) error

Recompute takes in a current snapshot of the gateway-api configs, and regenerates our internal state. Any status updates required will be enqueued as well.

func (*Controller) RegisterEventHandler 

func (c *Controller) RegisterEventHandler(typ config.GroupVersionKind, handler model.EventHandler)

func (*Controller) Run 

func (c *Controller) Run(stop <-chan struct{})

func (*Controller) Schemas 

func (c *Controller) Schemas() collection.Schemas

func (*Controller) SecretAllowed 

func (c *Controller) SecretAllowed(resourceName string, namespace string) bool

func (*Controller) SetStatusWrite 

func (c *Controller) SetStatusWrite(enabled bool, statusManager *status.Manager)

func (*Controller) SetWatchErrorHandler 

func (c *Controller) SetWatchErrorHandler(handler func(r *cache.Reflector, err error)) error

func (*Controller) Update 

func (c *Controller) Update(config config.Config) (newRevision string, err error)

func (*Controller) UpdateStatus 

func (c *Controller) UpdateStatus(config config.Config) (newRevision string, err error)

type DeploymentController 

type DeploymentController struct {
	// contains filtered or unexported fields
}

DeploymentController implements a controller that materializes a Gateway into an in cluster gateway proxy to serve requests from. This is implemented with a Deployment and Service today. The implementation makes a few non-obvious choices - namely using Server Side Apply from go templates and not using controller-runtime.

controller-runtime has a number of constraints that make it inappropriate for usage here, despite this seeming to be the bread and butter of the library: * It is not readily possible to bring existing Informers, which would require extra watches (#1668) * Goroutine leaks (#1655) * Excessive API-server calls at startup which have no benefit to us (#1603) * Hard to use with SSA (#1669) While these can be worked around, at some point it isn't worth the effort.

Server Side Apply with go templates is an odd choice (no one likes YAML templating...) but is one of the few remaining options after all others are ruled out.

  • Merge patch/Update cannot be used. If we always enforce that our object is *exactly* the same as the in-cluster object we will get in endless loops due to other controllers that like to add annotations, etc. If we chose to allow any unknown fields, then we would never be able to remove fields we added, as we cannot tell if we created it or someone else did. SSA fixes these issues
  • SSA using client-go Apply libraries is almost a good choice, but most third-party clients (Istio, MCS, and gateway-api) do not provide these libraries.
  • SSA using standard API types doesn't work well either: https://github.com/kubernetes-sigs/controller-runtime/issues/1669
  • This leaves YAML templates, converted to unstructured types and Applied with the dynamic client.

func NewDeploymentController 

func NewDeploymentController(client kube.Client) *DeploymentController

NewDeploymentController constructs a DeploymentController and registers required informers. The controller will not start until Run() is called.

func (*DeploymentController) ApplyObject 

func (d *DeploymentController) ApplyObject(obj controllers.Object, subresources ...string) error

ApplyObject renders an object with the given input and (server-side) applies the results to the cluster.

func (*DeploymentController) ApplyTemplate 

func (d *DeploymentController) ApplyTemplate(template string, input metav1.Object, subresources ...string) error

ApplyTemplate renders a template with the given input and (server-side) applies the results to the cluster.

func (*DeploymentController) Reconcile 

func (d *DeploymentController) Reconcile(req types.NamespacedName) error

Reconcile takes in the name of a Gateway and ensures the cluster is in the desired state

func (*DeploymentController) Run 

func (d *DeploymentController) Run(stop <-chan struct{})

type KubernetesResources 

type KubernetesResources struct {
	GatewayClass    []config.Config
	Gateway         []config.Config
	HTTPRoute       []config.Config
	TCPRoute        []config.Config
	TLSRoute        []config.Config
	ReferencePolicy []config.Config
	// Namespaces stores all namespace in the cluster, keyed by name
	Namespaces map[string]*corev1.Namespace

	// Domain for the cluster. Typically, cluster.local
	Domain  string
	Context model.GatewayContext
}

KubernetesResources stores all inputs to our conversion

type OutputResources 

type OutputResources struct {
	Gateway        []config.Config
	VirtualService []config.Config
	// AllowedReferences stores all allowed references, from Reference -> to Reference(s)
	AllowedReferences map[Reference]map[Reference]*AllowedReferences
	// ReferencedNamespaceKeys stores the label key of all namespace selections. This allows us to quickly
	// determine if a namespace update could have impacted any Gateways. See namespaceEvent.
	ReferencedNamespaceKeys sets.Set
}

OutputResources stores all outputs of our conversion

type Reference 

type Reference struct {
	Kind      config.GroupVersionKind
	Namespace k8s.Namespace
}

Reference stores a reference to a namespaced GVK, as used by ReferencePolicy

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.