Documentation ¶
Index ¶
- Constants
- func GCEResourceName(ingAnnotations map[string]string, resourceName string) string
- func GetCertHash(contents string) string
- func GetLBAnnotations(l7 *L7, existing map[string]string, backendPool backends.BackendPool) map[string]string
- type FakeLoadBalancers
- func (f *FakeLoadBalancers) CheckURLMap(l7 *L7, expectedMap map[string]utils.FakeIngressRuleValueMap) error
- func (f *FakeLoadBalancers) CreateGlobalForwardingRule(rule *compute.ForwardingRule) error
- func (f *FakeLoadBalancers) CreateSslCertificate(cert *compute.SslCertificate) (*compute.SslCertificate, error)
- func (f *FakeLoadBalancers) CreateTargetHttpProxy(proxy *compute.TargetHttpProxy) error
- func (f *FakeLoadBalancers) CreateTargetHttpsProxy(proxy *compute.TargetHttpsProxy) error
- func (f *FakeLoadBalancers) CreateUrlMap(urlMap *compute.UrlMap) error
- func (f *FakeLoadBalancers) DeleteGlobalAddress(name string) error
- func (f *FakeLoadBalancers) DeleteGlobalForwardingRule(name string) error
- func (f *FakeLoadBalancers) DeleteSslCertificate(name string) error
- func (f *FakeLoadBalancers) DeleteTargetHttpProxy(name string) error
- func (f *FakeLoadBalancers) DeleteTargetHttpsProxy(name string) error
- func (f *FakeLoadBalancers) DeleteUrlMap(name string) error
- func (f *FakeLoadBalancers) FWName(https bool) string
- func (f *FakeLoadBalancers) GetForwardingRulesWithIPs(ip []string) (fwRules []*compute.ForwardingRule)
- func (f *FakeLoadBalancers) GetGlobalAddress(name string) (*compute.Address, error)
- func (f *FakeLoadBalancers) GetGlobalForwardingRule(name string) (*compute.ForwardingRule, error)
- func (f *FakeLoadBalancers) GetSslCertificate(name string) (*compute.SslCertificate, error)
- func (f *FakeLoadBalancers) GetTargetHttpProxy(name string) (*compute.TargetHttpProxy, error)
- func (f *FakeLoadBalancers) GetTargetHttpsProxy(name string) (*compute.TargetHttpsProxy, error)
- func (f *FakeLoadBalancers) GetUrlMap(name string) (*compute.UrlMap, error)
- func (f *FakeLoadBalancers) ListGlobalForwardingRules() ([]*compute.ForwardingRule, error)
- func (f *FakeLoadBalancers) ListSslCertificates() ([]*compute.SslCertificate, error)
- func (f *FakeLoadBalancers) ListUrlMaps() ([]*compute.UrlMap, error)
- func (f *FakeLoadBalancers) ReserveGlobalAddress(addr *compute.Address) error
- func (f *FakeLoadBalancers) SetProxyForGlobalForwardingRule(forwardingRuleName, proxyLink string) error
- func (f *FakeLoadBalancers) SetSslCertificateForTargetHttpsProxy(proxy *compute.TargetHttpsProxy, SSLCerts []*compute.SslCertificate) error
- func (f *FakeLoadBalancers) SetUrlMapForTargetHttpProxy(proxy *compute.TargetHttpProxy, urlMap *compute.UrlMap) error
- func (f *FakeLoadBalancers) SetUrlMapForTargetHttpsProxy(proxy *compute.TargetHttpsProxy, urlMap *compute.UrlMap) error
- func (f *FakeLoadBalancers) String() string
- func (f *FakeLoadBalancers) TPName(https bool) string
- func (f *FakeLoadBalancers) UMName() string
- func (f *FakeLoadBalancers) UpdateUrlMap(urlMap *compute.UrlMap) error
- type L7
- type L7RuntimeInfo
- type L7s
- func (l *L7s) Add(ri *L7RuntimeInfo) (err error)
- func (l *L7s) Delete(name string) error
- func (l *L7s) GC(names []string) error
- func (l *L7s) GLBCDefaultBackend() *compute.BackendService
- func (l *L7s) Get(name string) (*L7, error)
- func (l *L7s) Namer() *utils.Namer
- func (l *L7s) Shutdown() error
- func (l *L7s) Sync(lbs []*L7RuntimeInfo) error
- type LoadBalancerPool
- type LoadBalancers
- type TLSCerts
Constants ¶
const ( // DefaultHost is the host used if none is specified. It is a valid value // for the "Host" field recognized by GCE. DefaultHost = "*" // DefaultPath is the path used if none is specified. It is a valid path // recognized by GCE. DefaultPath = "/*" // Every target https proxy accepts upto 10 ssl certificates. TargetProxyCertLimit = 10 )
Variables ¶
This section is empty.
Functions ¶
func GCEResourceName ¶
GCEResourceName retrieves the name of the gce resource created for this Ingress, of the given resource type, by inspecting the map of ingress annotations.
func GetCertHash ¶ added in v1.1.0
func GetLBAnnotations ¶
func GetLBAnnotations(l7 *L7, existing map[string]string, backendPool backends.BackendPool) map[string]string
GetLBAnnotations returns the annotations of an l7. This includes it's current status.
Types ¶
type FakeLoadBalancers ¶
type FakeLoadBalancers struct { Fw []*compute.ForwardingRule Um []*compute.UrlMap Tp []*compute.TargetHttpProxy Tps []*compute.TargetHttpsProxy IP []*compute.Address Certs []*compute.SslCertificate // contains filtered or unexported fields }
FakeLoadBalancers is a type that fakes out the loadbalancer interface.
func NewFakeLoadBalancers ¶
func NewFakeLoadBalancers(name string, namer *utils.Namer) *FakeLoadBalancers
NewFakeLoadBalancers creates a fake cloud client. Name is the name inserted into the selfLink of the associated resources for testing. eg: forwardingRule.SelfLink == k8-fw-name.
func (*FakeLoadBalancers) CheckURLMap ¶
func (f *FakeLoadBalancers) CheckURLMap(l7 *L7, expectedMap map[string]utils.FakeIngressRuleValueMap) error
CheckURLMap checks the URL map.
func (*FakeLoadBalancers) CreateGlobalForwardingRule ¶
func (f *FakeLoadBalancers) CreateGlobalForwardingRule(rule *compute.ForwardingRule) error
CreateGlobalForwardingRule fakes forwarding rule creation.
func (*FakeLoadBalancers) CreateSslCertificate ¶
func (f *FakeLoadBalancers) CreateSslCertificate(cert *compute.SslCertificate) (*compute.SslCertificate, error)
CreateSslCertificate fakes out certificate creation.
func (*FakeLoadBalancers) CreateTargetHttpProxy ¶
func (f *FakeLoadBalancers) CreateTargetHttpProxy(proxy *compute.TargetHttpProxy) error
CreateTargetHttpProxy fakes creating a target http proxy.
func (*FakeLoadBalancers) CreateTargetHttpsProxy ¶
func (f *FakeLoadBalancers) CreateTargetHttpsProxy(proxy *compute.TargetHttpsProxy) error
CreateTargetHttpsProxy fakes creating a target http proxy.
func (*FakeLoadBalancers) CreateUrlMap ¶
func (f *FakeLoadBalancers) CreateUrlMap(urlMap *compute.UrlMap) error
CreateUrlMap fakes url-map creation.
func (*FakeLoadBalancers) DeleteGlobalAddress ¶
func (f *FakeLoadBalancers) DeleteGlobalAddress(name string) error
DeleteGlobalAddress fakes out static IP deletion.
func (*FakeLoadBalancers) DeleteGlobalForwardingRule ¶
func (f *FakeLoadBalancers) DeleteGlobalForwardingRule(name string) error
DeleteGlobalForwardingRule fakes deleting a global forwarding rule.
func (*FakeLoadBalancers) DeleteSslCertificate ¶
func (f *FakeLoadBalancers) DeleteSslCertificate(name string) error
DeleteSslCertificate fakes out certificate deletion.
func (*FakeLoadBalancers) DeleteTargetHttpProxy ¶
func (f *FakeLoadBalancers) DeleteTargetHttpProxy(name string) error
DeleteTargetHttpProxy fakes deleting a target http proxy.
func (*FakeLoadBalancers) DeleteTargetHttpsProxy ¶
func (f *FakeLoadBalancers) DeleteTargetHttpsProxy(name string) error
DeleteTargetHttpsProxy fakes deleting a target http proxy.
func (*FakeLoadBalancers) DeleteUrlMap ¶
func (f *FakeLoadBalancers) DeleteUrlMap(name string) error
DeleteUrlMap fakes url-map deletion.
func (*FakeLoadBalancers) FWName ¶
func (f *FakeLoadBalancers) FWName(https bool) string
FWName returns the name of the firewall given the protocol.
TODO: There is some duplication between these functions and the name mungers in loadbalancer file.
func (*FakeLoadBalancers) GetForwardingRulesWithIPs ¶
func (f *FakeLoadBalancers) GetForwardingRulesWithIPs(ip []string) (fwRules []*compute.ForwardingRule)
GetForwardingRulesWithIPs returns all forwarding rules that match the given ips.
func (*FakeLoadBalancers) GetGlobalAddress ¶
func (f *FakeLoadBalancers) GetGlobalAddress(name string) (*compute.Address, error)
GetGlobalAddress fakes out static IP retrieval.
func (*FakeLoadBalancers) GetGlobalForwardingRule ¶
func (f *FakeLoadBalancers) GetGlobalForwardingRule(name string) (*compute.ForwardingRule, error)
GetGlobalForwardingRule returns a fake forwarding rule.
func (*FakeLoadBalancers) GetSslCertificate ¶
func (f *FakeLoadBalancers) GetSslCertificate(name string) (*compute.SslCertificate, error)
GetSslCertificate fakes out getting ssl certs.
func (*FakeLoadBalancers) GetTargetHttpProxy ¶
func (f *FakeLoadBalancers) GetTargetHttpProxy(name string) (*compute.TargetHttpProxy, error)
GetTargetHttpProxy fakes getting target http proxies from the cloud.
func (*FakeLoadBalancers) GetTargetHttpsProxy ¶
func (f *FakeLoadBalancers) GetTargetHttpsProxy(name string) (*compute.TargetHttpsProxy, error)
GetTargetHttpsProxy fakes getting target http proxies from the cloud.
func (*FakeLoadBalancers) GetUrlMap ¶
func (f *FakeLoadBalancers) GetUrlMap(name string) (*compute.UrlMap, error)
GetUrlMap fakes getting url maps from the cloud.
func (*FakeLoadBalancers) ListGlobalForwardingRules ¶
func (f *FakeLoadBalancers) ListGlobalForwardingRules() ([]*compute.ForwardingRule, error)
func (*FakeLoadBalancers) ListSslCertificates ¶ added in v1.1.0
func (f *FakeLoadBalancers) ListSslCertificates() ([]*compute.SslCertificate, error)
func (*FakeLoadBalancers) ListUrlMaps ¶ added in v1.1.0
func (f *FakeLoadBalancers) ListUrlMaps() ([]*compute.UrlMap, error)
ListUrlMaps fakes getting url maps from the cloud.
func (*FakeLoadBalancers) ReserveGlobalAddress ¶
func (f *FakeLoadBalancers) ReserveGlobalAddress(addr *compute.Address) error
ReserveGlobalAddress fakes out static IP reservation.
func (*FakeLoadBalancers) SetProxyForGlobalForwardingRule ¶
func (f *FakeLoadBalancers) SetProxyForGlobalForwardingRule(forwardingRuleName, proxyLink string) error
SetProxyForGlobalForwardingRule fakes setting a global forwarding rule.
func (*FakeLoadBalancers) SetSslCertificateForTargetHttpsProxy ¶
func (f *FakeLoadBalancers) SetSslCertificateForTargetHttpsProxy(proxy *compute.TargetHttpsProxy, SSLCerts []*compute.SslCertificate) error
SetSslCertificateForTargetHttpsProxy fakes out setting certificates.
func (*FakeLoadBalancers) SetUrlMapForTargetHttpProxy ¶
func (f *FakeLoadBalancers) SetUrlMapForTargetHttpProxy(proxy *compute.TargetHttpProxy, urlMap *compute.UrlMap) error
SetUrlMapForTargetHttpProxy fakes setting an url-map for a target http proxy.
func (*FakeLoadBalancers) SetUrlMapForTargetHttpsProxy ¶
func (f *FakeLoadBalancers) SetUrlMapForTargetHttpsProxy(proxy *compute.TargetHttpsProxy, urlMap *compute.UrlMap) error
SetUrlMapForTargetHttpsProxy fakes setting an url-map for a target http proxy.
func (*FakeLoadBalancers) String ¶
func (f *FakeLoadBalancers) String() string
String is the string method for FakeLoadBalancers.
func (*FakeLoadBalancers) TPName ¶
func (f *FakeLoadBalancers) TPName(https bool) string
func (*FakeLoadBalancers) UMName ¶
func (f *FakeLoadBalancers) UMName() string
func (*FakeLoadBalancers) UpdateUrlMap ¶
func (f *FakeLoadBalancers) UpdateUrlMap(urlMap *compute.UrlMap) error
UpdateUrlMap fakes updating url-maps.
type L7 ¶
type L7 struct { Name string // contains filtered or unexported fields }
L7 represents a single L7 loadbalancer.
func (*L7) Cleanup ¶
Cleanup deletes resources specific to this l7 in the right order. forwarding rule -> target proxy -> url map This leaves backends and health checks, which are shared across loadbalancers.
func (*L7) UpdateUrlMap ¶
UpdateUrlMap translates the given hostname: endpoint->port mapping into a gce url map.
HostRule: Conceptually contains all PathRules for a given host. PathMatcher: Associates a path rule with a host rule. Mostly an optimization. PathRule: Maps a single path regex to a backend.
The GCE url map allows multiple hosts to share url->backend mappings without duplication, eg:
Host: foo(PathMatcher1), bar(PathMatcher1,2) PathMatcher1: /a -> b1 /b -> b2 PathMatcher2: /c -> b1
This leads to a lot of complexity in the common case, where all we want is a mapping of host->{/path: backend}.
Consider some alternatives:
- Using a single backend per PathMatcher: Host: foo(PathMatcher1,3) bar(PathMatcher1,2,3) PathMatcher1: /a -> b1 PathMatcher2: /c -> b1 PathMatcher3: /b -> b2
- Using a single host per PathMatcher: Host: foo(PathMatcher1) PathMatcher1: /a -> b1 /b -> b2 Host: bar(PathMatcher2) PathMatcher2: /a -> b1 /b -> b2 /c -> b1
In the context of kubernetes services, 2 makes more sense, because we rarely want to lookup backends (service:nodeport). When a service is deleted, we need to find all host PathMatchers that have the backend and remove the mapping. When a new path is added to a host (happens more frequently than service deletion) we just need to lookup the 1 pathmatcher of the host.
type L7RuntimeInfo ¶
type L7RuntimeInfo struct { // Name is the name of a loadbalancer. Name string // IP is the desired ip of the loadbalancer, eg from a staticIP. IP string // TLS are the tls certs to use in termination. TLS []*TLSCerts // TLSName is the name of the preshared cert to use. Multiple certs can be specified as a comma-separated string TLSName string // AllowHTTP will not setup :80, if TLS is nil and AllowHTTP is set, // no loadbalancer is created. AllowHTTP bool // The name of a Global Static IP. If specified, the IP associated with // this name is used in the Forwarding Rules for this loadbalancer. StaticIPName string }
L7RuntimeInfo is info passed to this module from the controller runtime.
func (*L7RuntimeInfo) String ¶
func (l *L7RuntimeInfo) String() string
String returns the load balancer name
type L7s ¶
type L7s struct {
// contains filtered or unexported fields
}
L7s implements LoadBalancerPool.
func (*L7s) Add ¶
func (l *L7s) Add(ri *L7RuntimeInfo) (err error)
Add gets or creates a loadbalancer. If the loadbalancer already exists, it checks that its edges are valid.
func (*L7s) GLBCDefaultBackend ¶
func (l *L7s) GLBCDefaultBackend() *compute.BackendService
GLBCDefaultBackend returns the BackendService used when no path rules match.
func (*L7s) Sync ¶
func (l *L7s) Sync(lbs []*L7RuntimeInfo) error
Sync loadbalancers with the given runtime info from the controller.
type LoadBalancerPool ¶
type LoadBalancerPool interface { Get(name string) (*L7, error) Add(ri *L7RuntimeInfo) error Delete(name string) error Sync(ri []*L7RuntimeInfo) error GC(names []string) error Shutdown() error }
LoadBalancerPool is an interface to manage the cloud resources associated with a gce loadbalancer.
func NewLoadBalancerPool ¶
func NewLoadBalancerPool( cloud LoadBalancers, defaultBackendPool backends.BackendPool, defaultBackendNodePort backends.ServicePort, namer *utils.Namer) LoadBalancerPool
NewLoadBalancerPool returns a new loadbalancer pool.
- cloud: implements LoadBalancers. Used to sync L7 loadbalancer resources with the cloud.
- defaultBackendPool: a BackendPool used to manage the GCE BackendService for the default backend.
- defaultBackendNodePort: The nodePort of the Kubernetes service representing the default backend.
type LoadBalancers ¶
type LoadBalancers interface { // Forwarding Rules GetGlobalForwardingRule(name string) (*compute.ForwardingRule, error) CreateGlobalForwardingRule(rule *compute.ForwardingRule) error DeleteGlobalForwardingRule(name string) error SetProxyForGlobalForwardingRule(fw, proxy string) error ListGlobalForwardingRules() ([]*compute.ForwardingRule, error) // UrlMaps GetUrlMap(name string) (*compute.UrlMap, error) CreateUrlMap(urlMap *compute.UrlMap) error UpdateUrlMap(urlMap *compute.UrlMap) error DeleteUrlMap(name string) error ListUrlMaps() ([]*compute.UrlMap, error) // TargetProxies GetTargetHttpProxy(name string) (*compute.TargetHttpProxy, error) CreateTargetHttpProxy(proxy *compute.TargetHttpProxy) error DeleteTargetHttpProxy(name string) error SetUrlMapForTargetHttpProxy(proxy *compute.TargetHttpProxy, urlMap *compute.UrlMap) error // TargetHttpsProxies GetTargetHttpsProxy(name string) (*compute.TargetHttpsProxy, error) CreateTargetHttpsProxy(proxy *compute.TargetHttpsProxy) error DeleteTargetHttpsProxy(name string) error SetUrlMapForTargetHttpsProxy(proxy *compute.TargetHttpsProxy, urlMap *compute.UrlMap) error SetSslCertificateForTargetHttpsProxy(proxy *compute.TargetHttpsProxy, SSLCerts []*compute.SslCertificate) error // SslCertificates GetSslCertificate(name string) (*compute.SslCertificate, error) ListSslCertificates() ([]*compute.SslCertificate, error) CreateSslCertificate(certs *compute.SslCertificate) (*compute.SslCertificate, error) DeleteSslCertificate(name string) error ReserveGlobalAddress(addr *compute.Address) error GetGlobalAddress(name string) (*compute.Address, error) DeleteGlobalAddress(name string) error }
LoadBalancers is an interface for managing all the gce resources needed by L7 loadbalancers. We don't have individual pools for each of these resources because none of them are usable (or acquirable) stand-alone, unlinke backends and instance groups. The dependency graph: ForwardingRule -> UrlMaps -> TargetProxies