cilium

package
v0.17.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 28, 2023 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// DaemonSetName is the default name for the Cilium DS installed in EKS-A clusters.
	DaemonSetName = "cilium"
	// PreflightDaemonSetName is the default name for the Cilium preflight DS installed
	// in EKS-A clusters during Cilium upgrades.
	PreflightDaemonSetName  = "cilium-pre-flight-check"
	DeploymentName          = "cilium-operator"
	PreflightDeploymentName = "cilium-pre-flight-check"
	// ConfigMapName is the default name for the Cilium ConfigMap
	// containing Cilium's configuration.
	ConfigMapName = "cilium-config"
	// ServiceName is the default name for the Cilium Service installed in EKS-A clusters.
	ServiceName = "cilium-agent"
)
View Source
const (
	// PolicyEnforcementConfigMapKey is the key used in the "cilium-config" ConfigMap to
	// store the value for the PolicyEnforcementMode.
	PolicyEnforcementConfigMapKey = "enable-policy"

	// PolicyEnforcementComponentName is the ConfigComponentUpdatePlan name for the
	// PolicyEnforcement configuration component.
	PolicyEnforcementComponentName = "PolicyEnforcementMode"

	// EgressMasqueradeInterfacesMapKey is the key used in the "cilium-config" ConfigMap to
	// store the value for the EgressMasqueradeInterfaces.
	EgressMasqueradeInterfacesMapKey = "egress-masquerade-interfaces"

	// EgressMasqueradeInterfacesComponentName is the ConfigComponentUpdatePlan name for the
	// egressMasqueradeInterfaces configuration component.
	EgressMasqueradeInterfacesComponentName = "EgressMasqueradeInterfaces"
)

Variables

This section is empty.

Functions

func ChangeDiff

func ChangeDiff(currentSpec, newSpec *cluster.Spec) *types.ChangeDiff

func CheckDaemonSetReady added in v0.11.0

func CheckDaemonSetReady(daemonSet *v1.DaemonSet) error

func CheckDeploymentReady added in v0.11.0

func CheckDeploymentReady(deployment *v1.Deployment) error

func CheckPreflightDaemonSetReady added in v0.11.0

func CheckPreflightDaemonSetReady(ciliumDaemonSet, preflightDaemonSet *v1.DaemonSet) error

Types

type Cilium

type Cilium struct {
	*Upgrader
	*Installer
}

Cilium allows to install and upgrade the Cilium CNI in clusters.

func NewCilium

func NewCilium(client KubernetesClient, templater InstallUpgradeTemplater) *Cilium

NewCilium constructs a new Cilium.

type Client

type Client interface {
	ApplyKubeSpecFromBytes(ctx context.Context, cluster *types.Cluster, data []byte) error
	DeleteKubeSpecFromBytes(ctx context.Context, cluster *types.Cluster, data []byte) error
	GetDaemonSet(ctx context.Context, name, namespace, kubeconfig string) (*v1.DaemonSet, error)
	GetDeployment(ctx context.Context, name, namespace, kubeconfig string) (*v1.Deployment, error)
	RolloutRestartDaemonSet(ctx context.Context, name, namespace, kubeconfig string) error
}

Client allows to interact with the Kubernetes API.

type Config added in v0.13.0

type Config struct {
	// AllowedNamespaces defines k8s namespaces from/which traffic is allowed
	// when PolicyEnforcementMode is Always. For other values of PolicyEnforcementMode
	// it is ignored.
	AllowedNamespaces []string

	// Spec is the complete EKS-A cluster definition
	Spec *cluster.Spec
}

Config defines a Cilium installation for an EKS-A cluster.

type ConfigComponentUpdatePlan added in v0.13.0

type ConfigComponentUpdatePlan struct {
	Name               string
	UpdateReason       string
	OldValue, NewValue string
}

ConfigComponentUpdatePlan contains update information for a Cilium config component.

type ConfigUpdatePlan added in v0.13.0

type ConfigUpdatePlan struct {
	UpdateReason string
	Components   []ConfigComponentUpdatePlan
}

ConfigUpdatePlan contains update information for the Cilium config.

func (ConfigUpdatePlan) Needed added in v0.13.0

func (c ConfigUpdatePlan) Needed() bool

Needed determines if an upgrade is needed or not.

type Helm

type Helm interface {
	Template(ctx context.Context, ociURI, version, namespace string, values interface{}, kubeVersion string) ([]byte, error)
	RegistryLogin(ctx context.Context, registry, username, password string) error
}

type InstallTemplater added in v0.13.0

type InstallTemplater interface {
	GenerateManifest(ctx context.Context, spec *cluster.Spec, opts ...ManifestOpt) ([]byte, error)
}

InstallTemplater generates a Cilium manifest for installation.

type InstallUpgradeTemplater added in v0.13.0

type InstallUpgradeTemplater interface {
	InstallTemplater
	UpgradeTemplater
}

InstallUpgradeTemplater is the composition of InstallTemplater and UpgradeTemplater.

type Installation added in v0.11.0

type Installation struct {
	DaemonSet *appsv1.DaemonSet
	Operator  *appsv1.Deployment
	ConfigMap *corev1.ConfigMap
}

Installation is an installation of EKSA Cilium components.

func GetInstallation added in v0.16.0

func GetInstallation(ctx context.Context, client client.Client) (*Installation, error)

GetInstallation creates a new Installation instance. The returned installation's DaemonSet, Operator and ConfigMap fields will be nil if they could not be found within the target cluster.

func (Installation) Installed added in v0.11.0

func (i Installation) Installed() bool

Installed determines if all EKS-A Embedded Cilium components are present. It identifies EKS-A Embedded Cilium by the image name. If the ConfigMap doesn't exist we still considered Cilium is installed. The installation might not be complete but it can be functional.

type Installer added in v0.13.0

type Installer struct {
	// contains filtered or unexported fields
}

Installer allows to configure Cilium in a cluster.

func NewInstaller added in v0.13.0

func NewInstaller(client KubernetesClient, templater InstallTemplater) *Installer

NewInstaller constructs a new Installer.

func (*Installer) Install added in v0.13.0

func (i *Installer) Install(ctx context.Context, cluster *types.Cluster, spec *cluster.Spec, allowedNamespaces []string) error

Install configures Cilium in an EKS-A cluster.

type InstallerForSpec added in v0.13.0

type InstallerForSpec struct {
	// contains filtered or unexported fields
}

InstallerForSpec allows to configure Cilium for a particular EKS-A cluster It's a stateful version of installer, with a fixed Cilium config.

func NewInstallerForSpec added in v0.13.0

func NewInstallerForSpec(client KubernetesClient, templater InstallTemplater, config Config) *InstallerForSpec

NewInstallerForSpec constructs a new InstallerForSpec.

func (*InstallerForSpec) Install added in v0.13.0

func (i *InstallerForSpec) Install(ctx context.Context, cluster *types.Cluster) error

Install installs Cilium in an cluster.

type KubernetesClient added in v0.13.0

type KubernetesClient interface {
	Apply(ctx context.Context, cluster *types.Cluster, data []byte) error
	Delete(ctx context.Context, cluster *types.Cluster, data []byte) error
	WaitForPreflightDaemonSet(ctx context.Context, cluster *types.Cluster) error
	WaitForPreflightDeployment(ctx context.Context, cluster *types.Cluster) error
	WaitForCiliumDaemonSet(ctx context.Context, cluster *types.Cluster) error
	WaitForCiliumDeployment(ctx context.Context, cluster *types.Cluster) error
	RolloutRestartCiliumDaemonSet(ctx context.Context, cluster *types.Cluster) error
}

KubernetesClient is a client to interact with the Kubernetes API.

type ManifestConfig added in v0.11.0

type ManifestConfig struct {
	// contains filtered or unexported fields
}

type ManifestOpt added in v0.11.0

type ManifestOpt func(*ManifestConfig)

ManifestOpt allows to modify options for a cilium manifest.

func WithKubeVersion added in v0.11.0

func WithKubeVersion(kubeVersion string) ManifestOpt

WithKubeVersion allows to generate the Cilium manifest for a different kubernetes version than the one specified in the cluster spec. Useful for upgrades scenarios where Cilium is upgraded before the kubernetes components.

func WithPolicyAllowedNamespaces added in v0.11.0

func WithPolicyAllowedNamespaces(namespaces []string) ManifestOpt

WithPolicyAllowedNamespaces allows to specify which namespaces traffic should be allowed when using and "Always" policy enforcement mode.

func WithRetrier added in v0.11.2

func WithRetrier(retrier *retrier.Retrier) ManifestOpt

WithRetrier introduced for optimizing unit tests.

func WithUpgradeFromVersion added in v0.11.0

func WithUpgradeFromVersion(version semver.Version) ManifestOpt

WithUpgradeFromVersion allows to specify the compatibility Cilium version to use in the manifest. This is necessary for Cilium upgrades.

type RetrierClient added in v0.13.0

type RetrierClient struct {
	// contains filtered or unexported fields
}

RetrierClient wraps basic kubernetes API operations around a retrier.

func NewRetrier added in v0.13.0

func NewRetrier(client Client, opts ...RetrierClientOpt) *RetrierClient

NewRetrier constructs a new RetrierClient.

func (*RetrierClient) Apply added in v0.13.0

func (c *RetrierClient) Apply(ctx context.Context, cluster *types.Cluster, data []byte) error

Apply creates/updates the objects provided by the yaml document in the cluster.

func (*RetrierClient) Delete added in v0.13.0

func (c *RetrierClient) Delete(ctx context.Context, cluster *types.Cluster, data []byte) error

Delete deletes the objects defined in the yaml document from the cluster.

func (*RetrierClient) RolloutRestartCiliumDaemonSet added in v0.13.0

func (c *RetrierClient) RolloutRestartCiliumDaemonSet(ctx context.Context, cluster *types.Cluster) error

RolloutRestartCiliumDaemonSet triggers a rollout restart of the Cilium DS installed as part of the default Cilium installation.

func (*RetrierClient) WaitForCiliumDaemonSet added in v0.13.0

func (c *RetrierClient) WaitForCiliumDaemonSet(ctx context.Context, cluster *types.Cluster) error

WaitForCiliumDaemonSet blocks until the Cilium DS installed as part of the default Cilium installation becomes ready or until the timeout expires.

func (*RetrierClient) WaitForCiliumDeployment added in v0.13.0

func (c *RetrierClient) WaitForCiliumDeployment(ctx context.Context, cluster *types.Cluster) error

WaitForCiliumDeployment blocks until the Cilium Deployment installed as part of the default Cilium installation becomes ready or until the timeout expires.

func (*RetrierClient) WaitForPreflightDaemonSet added in v0.13.0

func (c *RetrierClient) WaitForPreflightDaemonSet(ctx context.Context, cluster *types.Cluster) error

WaitForPreflightDaemonSet blocks until the Cilium preflight DS installed during upgrades becomes ready or until the timeout expires.

func (*RetrierClient) WaitForPreflightDeployment added in v0.13.0

func (c *RetrierClient) WaitForPreflightDeployment(ctx context.Context, cluster *types.Cluster) error

WaitForPreflightDeployment blocks until the Cilium preflight Deployment installed during upgrades becomes ready or until the timeout expires.

type RetrierClientOpt added in v0.15.2

type RetrierClientOpt func(*RetrierClient)

RetrierClientOpt allows to customize a RetrierClient on construction.

func RetrierClientRetrier added in v0.15.2

func RetrierClientRetrier(retrier *retrier.Retrier) RetrierClientOpt

RetrierClientRetrier allows to use a custom retrier.

type Templater

type Templater struct {
	// contains filtered or unexported fields
}

func NewTemplater

func NewTemplater(helm Helm) *Templater

func (*Templater) GenerateManifest

func (t *Templater) GenerateManifest(ctx context.Context, spec *cluster.Spec, opts ...ManifestOpt) ([]byte, error)

func (*Templater) GenerateNetworkPolicyManifest added in v0.8.0

func (t *Templater) GenerateNetworkPolicyManifest(spec *cluster.Spec, namespaces []string) ([]byte, error)

func (*Templater) GenerateUpgradePreflightManifest

func (t *Templater) GenerateUpgradePreflightManifest(ctx context.Context, spec *cluster.Spec) ([]byte, error)

type UpgradePlan added in v0.11.0

type UpgradePlan struct {
	DaemonSet VersionedComponentUpgradePlan
	Operator  VersionedComponentUpgradePlan
	ConfigMap ConfigUpdatePlan
}

UpgradePlan contains information about a Cilium installation upgrade.

func BuildUpgradePlan added in v0.11.0

func BuildUpgradePlan(installation *Installation, clusterSpec *cluster.Spec) UpgradePlan

BuildUpgradePlan generates the upgrade plan information for a cilium installation by comparing it with a desired cluster Spec.

func (UpgradePlan) ConfigUpdateNeeded added in v0.13.0

func (c UpgradePlan) ConfigUpdateNeeded() bool

ConfigUpdateNeeded determines if an upgrade is needed on the cilium config or not.

func (UpgradePlan) Needed added in v0.11.0

func (c UpgradePlan) Needed() bool

Needed determines if an upgrade is needed or not Returns true if any of the installation components needs an upgrade.

func (UpgradePlan) Reason added in v0.11.0

func (c UpgradePlan) Reason() string

Reason returns the reason why an upgrade might be needed If no upgrade needed, returns empty string For multiple components with needed upgrades, it composes their reasons into one.

func (UpgradePlan) VersionUpgradeNeeded added in v0.13.0

func (c UpgradePlan) VersionUpgradeNeeded() bool

VersionUpgradeNeeded determines if a version upgrade is needed or not Returns true if any of the installation components needs an upgrade.

type UpgradeTemplater added in v0.13.0

type UpgradeTemplater interface {
	GenerateUpgradePreflightManifest(ctx context.Context, spec *cluster.Spec) ([]byte, error)
	GenerateManifest(ctx context.Context, spec *cluster.Spec, opts ...ManifestOpt) ([]byte, error)
}

UpgradeTemplater generates a Cilium manifests for upgrade.

type Upgrader

type Upgrader struct {
	// contains filtered or unexported fields
}

Upgrader allows to upgrade a Cilium installation in a EKS-A cluster.

func NewUpgrader

func NewUpgrader(client KubernetesClient, templater UpgradeTemplater) *Upgrader

NewUpgrader constructs a new Upgrader.

func (*Upgrader) RunPostControlPlaneUpgradeSetup added in v0.9.1

func (u *Upgrader) RunPostControlPlaneUpgradeSetup(ctx context.Context, cluster *types.Cluster) error

func (*Upgrader) SetSkipUpgrade added in v0.15.0

func (u *Upgrader) SetSkipUpgrade(v bool)

SetSkipUpgrade configures u to skip the upgrade process.

func (*Upgrader) Upgrade

func (u *Upgrader) Upgrade(ctx context.Context, cluster *types.Cluster, currentSpec, newSpec *cluster.Spec, namespaces []string) (*types.ChangeDiff, error)

Upgrade configures a Cilium installation to match the desired state in the cluster Spec.

type VersionedComponentUpgradePlan added in v0.13.0

type VersionedComponentUpgradePlan struct {
	UpgradeReason string
	OldImage      string
	NewImage      string
}

VersionedComponentUpgradePlan contains upgrade information for a Cilium versioned component.

func (VersionedComponentUpgradePlan) Needed added in v0.13.0

Needed determines if an upgrade is needed or not.

Directories

Path Synopsis
Package mocks is a generated GoMock package.
Package mocks is a generated GoMock package.
mocks
Package mocks is a generated GoMock package.
Package mocks is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL