inject

package

v1.1.0-rc1 Latest Latest Go to latest Published: Jul 9, 2020 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aws/aws-app-mesh-controller-for-k8s

Documentation ¶

Index ¶

Constants
type Config
type DatadogEnvoyConfigTemplateVariables
type DatadogInitContainerTemplateVariables
type EnvoyTemplateVariables
type InitContainerTemplateVariables
type JaegerEnvoyConfigTemplateVariables
type JaegerInitContainerTemplateVariables
type PodMutator
type SidecarInjector
- func NewSidecarInjector(cfg Config, accountID string, awsRegion string, k8sClient client.Client, ...) *SidecarInjector
- func (m *SidecarInjector) Inject(ctx context.Context, pod *corev1.Pod) error
type VirtualGatewayEnvoyVariables
type XrayTemplateVariables

Constants ¶

View Source

const (
	//AppMeshCPURequestAnnotation specifies the CPU requests for proxy
	AppMeshCPURequestAnnotation = "appmesh.k8s.aws/cpuRequest"
	//AppMeshMemoryRequestAnnotation specifies the memory requests for proxy
	AppMeshMemoryRequestAnnotation = "appmesh.k8s.aws/memoryRequest"

	// === begin proxy settings annotations ===
	//AppMeshCNIAnnotation specifies that CNI will be used to configure traffic interception
	AppMeshCNIAnnotation = "appmesh.k8s.aws/appmeshCNI"
	//AppMeshPortsAnnotation specifies the ports that proxy will forward traffic to. By default this is detected using the Pod ports.
	AppMeshPortsAnnotation = "appmesh.k8s.aws/ports"
	//AppMeshEgressIgnoredPortsAnnotation specifies the IPs that need to be ignored when intercepting traffic
	AppMeshEgressIgnoredIPsAnnotation = "appmesh.k8s.aws/egressIgnoredIPs"
	//AppMeshEgressIgnoredPortsAnnotation specifies the ports that need to ignored when intercepting traffic
	AppMeshEgressIgnoredPortsAnnotation = "appmesh.k8s.aws/egressIgnoredPorts"
	//AppMeshIgnoredGIDAnnotation specifies the GID used by proxy
	AppMeshIgnoredGIDAnnotation = "appmesh.k8s.aws/ignoredGID"
	//AppMeshIgnoredUIDAnnotation specifies the UID used by proxy
	AppMeshIgnoredUIDAnnotation = "appmesh.k8s.aws/ignoredUID"
	//AppMeshProxyEgressPortAnnotation specifies the port used by proxy for egress traffic (traffic originating from app container to external services). This is fixed to AppMeshProxyEgressPort
	AppMeshProxyEgressPortAnnotation = "appmesh.k8s.aws/proxyEgressPort"
	//AppMeshProxyIngressPortAnnotation specifies the port used by proxy for incoming traffic. This is fixed to AppMeshProxyIngressPort
	AppMeshProxyIngressPortAnnotation = "appmesh.k8s.aws/proxyIngressPort"

	//AppMeshPreviewAnnotation specifies that proxy should use App Mesh preview endpoint
	AppMeshPreviewAnnotation = "appmesh.k8s.aws/preview"
	//AppMeshSidecarInjectAnnotation specifies proxy should be injected for pod. Other systems can use this annotation on pod to determine if proxy is injected or not
	AppMeshSidecarInjectAnnotation = "appmesh.k8s.aws/sidecarInjectorWebhook"
	//AppMeshSecretMountsAnnotation specifies the list of Secret that need to be mounted to the proxy as a volume
	AppMeshSecretMountsAnnotation = "appmesh.k8s.aws/secretMounts"
	//AppMeshGatewaySkipImageOverride specifies if Virtual Gateway sidecar image override needs to be skipped for customers
	//to use their own sidecare image for Virtual Gateway
	AppMeshGatewaySkipImageOverride = "appmesh.k8s.aws/virtualGatewaySkipImageOverride"

	//FargateProfileLabel is added by fargate-scheduler when pod is running on AWS Fargate
	FargateProfileLabel = "eks.amazonaws.com/fargate-profile"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	// If enabled, an fsGroup: 1337 will be injected in the absence of it within pod securityContext
	// see https://github.com/aws/amazon-eks-pod-identity-webhook/issues/8 for more details
	EnableIAMForServiceAccounts bool
	// If enabled, additional image pull secret(appmesh-ecr-secret) will be injected.
	EnableECRSecret bool

	// Sidecar settings
	SidecarImage  string
	SidecarCpu    string
	SidecarMemory string
	Preview       bool
	LogLevel      string

	// Init container settings
	InitImage  string
	IgnoredIPs string

	// Observability settings
	EnableJaegerTracing  bool
	JaegerAddress        string
	JaegerPort           string
	EnableDatadogTracing bool
	DatadogAddress       string
	DatadogPort          string
	EnableXrayTracing    bool
	EnableStatsTags      bool
	EnableStatsD         bool
}

func (*Config) BindEnv ¶

func (cfg *Config) BindEnv() error

func (*Config) BindFlags ¶

func (cfg *Config) BindFlags(fs *pflag.FlagSet)

func (*Config) Validate ¶

func (cfg *Config) Validate() error

type DatadogEnvoyConfigTemplateVariables ¶

type DatadogEnvoyConfigTemplateVariables struct {
	DatadogAddress string
	DatadogPort    string
}

type DatadogInitContainerTemplateVariables ¶

type DatadogInitContainerTemplateVariables struct {
	EnvoyConfig                  string
	EnvoyTracingConfigVolumeName string
}

type EnvoyTemplateVariables ¶

type EnvoyTemplateVariables struct {
	AWSRegion                    string
	MeshName                     string
	VirtualNodeName              string
	Preview                      string
	LogLevel                     string
	SidecarImage                 string
	SidecarCPURequests           string
	SidecarMemoryRequests        string
	EnvoyTracingConfigVolumeName string
	EnableXrayTracing            bool
	EnableJaegerTracing          bool
	EnableDatadogTracing         bool
	EnableStatsTags              bool
	EnableStatsD                 bool
}

type InitContainerTemplateVariables ¶

type InitContainerTemplateVariables struct {
	AppPorts           string
	EgressIgnoredIPs   string
	EgressIgnoredPorts string
	ProxyEgressPort    int64
	ProxyIngressPort   int64
	ProxyUID           int64
	ContainerImage     string
	CPURequests        string
	MemoryRequests     string
}

type JaegerEnvoyConfigTemplateVariables ¶

type JaegerEnvoyConfigTemplateVariables struct {
	JaegerAddress string
	JaegerPort    string
}

type JaegerInitContainerTemplateVariables ¶

type JaegerInitContainerTemplateVariables struct {
	EnvoyConfig                  string
	EnvoyTracingConfigVolumeName string
}

type PodMutator ¶

type PodMutator interface {
	// contains filtered or unexported methods
}

type SidecarInjector ¶

type SidecarInjector struct {
	// contains filtered or unexported fields
}

func NewSidecarInjector ¶

func NewSidecarInjector(cfg Config, accountID string, awsRegion string,
	k8sClient client.Client,
	referenceResolver references.Resolver,
	vnMembershipDesignator virtualnode.MembershipDesignator,
	vgMembershipDesignator virtualgateway.MembershipDesignator) *SidecarInjector

func (*SidecarInjector) Inject ¶

func (m *SidecarInjector) Inject(ctx context.Context, pod *corev1.Pod) error

type VirtualGatewayEnvoyVariables ¶

type VirtualGatewayEnvoyVariables struct {
	AWSRegion          string
	MeshName           string
	VirtualGatewayName string
	Preview            string
	LogLevel           string
	EnableXrayTracing  bool
}

type XrayTemplateVariables ¶

type XrayTemplateVariables struct {
	AWSRegion             string
	SidecarCPURequests    string
	SidecarMemoryRequests string
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL