Documentation
¶
Index ¶
- Constants
- func CreateCiliumEndpointLocalPodIndexFunc() cache.IndexFunc
- func CreateCiliumEndpointSliceLocalPodIndexFunc() cache.IndexFunc
- func NewCiliumNodeUpdater(kvStoreNodeUpdater NodeUpdate) *ciliumNodeUpdater
- type EgressGatewayManager
- type EndpointSynchronizer
- type K8sWatcher
- func (k *K8sWatcher) GetAPIGroups() []string
- func (k *K8sWatcher) GetCachedNamespace(namespace string) (*slim_corev1.Namespace, error)
- func (k *K8sWatcher) GetCachedPod(namespace, name string) (*slim_corev1.Pod, error)
- func (k *K8sWatcher) GetCiliumNode(ctx context.Context, nodeName string) (*cilium_v2.CiliumNode, error)
- func (k *K8sWatcher) GetIndexer(name string) cache.Indexer
- func (k *K8sWatcher) GetK8sNode(ctx context.Context, nodeName string) (*slim_corev1.Node, error)
- func (k *K8sWatcher) GetStore(name string) cache.Store
- func (k *K8sWatcher) InitK8sSubsystem(ctx context.Context, cachesSynced chan struct{})
- func (k *K8sWatcher) K8sEventProcessed(scope, action string, status bool)
- func (k *K8sWatcher) K8sEventReceived(apiResourceName, scope, action string, valid, equal bool)
- func (k *K8sWatcher) NodesInit(k8sClient client.Clientset)
- func (k *K8sWatcher) RegisterCiliumNodeSubscriber(s subscriber.CiliumNode)
- func (k *K8sWatcher) RegisterNodeSubscriber(s subscriber.Node)
- func (k *K8sWatcher) RunK8sServiceHandler()
- func (k *K8sWatcher) SetIndexer(name string, indexer cache.Indexer)
- func (k *K8sWatcher) StopK8sServiceHandler()
- func (k *K8sWatcher) WaitForCRDsToRegister(ctx context.Context) error
- func (k *K8sWatcher) WaitForCacheSync(resourceNames ...string)
- func (k *K8sWatcher) WaitForCacheSyncWithTimeout(timeout time.Duration, resourceNames ...string) error
- type NodeUpdate
- type WatcherConfiguration
Constants ¶
const (
K8sAPIGroupServiceV1Core = "core/v1::Service"
)
Variables ¶
This section is empty.
Functions ¶
func CreateCiliumEndpointLocalPodIndexFunc ¶
CreateCiliumEndpointLocalPodIndexFunc returns an IndexFunc that indexes only local CiliumEndpoints, by their local Node IP.
func CreateCiliumEndpointSliceLocalPodIndexFunc ¶
CreateCiliumEndpointSliceLocalPodIndexFunc returns an IndexFunc that indexes CiliumEndpointSlices by their corresponding Pod, which are running locally on this Node.
func NewCiliumNodeUpdater ¶
func NewCiliumNodeUpdater(kvStoreNodeUpdater NodeUpdate) *ciliumNodeUpdater
Types ¶
type EgressGatewayManager ¶
type EgressGatewayManager interface {
OnAddEgressPolicy(config egressgateway.PolicyConfig)
OnDeleteEgressPolicy(configID types.NamespacedName)
OnUpdateEndpoint(endpoint *k8sTypes.CiliumEndpoint)
OnDeleteEndpoint(endpoint *k8sTypes.CiliumEndpoint)
OnUpdateNode(node nodeTypes.Node)
OnDeleteNode(node nodeTypes.Node)
}
type EndpointSynchronizer ¶
EndpointSynchronizer currently is an empty type, which wraps around syncing of CiliumEndpoint resources.
func (*EndpointSynchronizer) DeleteK8sCiliumEndpointSync ¶
func (epSync *EndpointSynchronizer) DeleteK8sCiliumEndpointSync(e *endpoint.Endpoint)
DeleteK8sCiliumEndpointSync replaces the endpoint controller to remove the CEP from Kubernetes once the endpoint is stopped / removed from the Cilium agent.
func (*EndpointSynchronizer) RunK8sCiliumEndpointSync ¶
func (epSync *EndpointSynchronizer) RunK8sCiliumEndpointSync(e *endpoint.Endpoint, conf endpoint.EndpointStatusConfiguration)
RunK8sCiliumEndpointSync starts a controller that synchronizes the endpoint to the corresponding k8s CiliumEndpoint CRD. It is expected that each CEP has 1 controller that updates it, and a local copy is retained and only updates are pushed up. CiliumEndpoint objects have the same name as the pod they represent.
type K8sWatcher ¶
type K8sWatcher struct {
// K8sSvcCache is a cache of all Kubernetes services and endpoints
K8sSvcCache *k8s.ServiceCache
// NodeChain is the root of a notification chain for k8s Node events.
// This NodeChain allows registration of subscriber.Node implementations.
// On k8s Node events all registered subscriber.Node implementations will
// have their event handling methods called in order of registration.
NodeChain *subscriber.NodeChain
// CiliumNodeChain is the root of a notification chain for CiliumNode events.
// This CiliumNodeChain allows registration of subscriber.CiliumNode implementations.
// On CiliumNode events all registered subscriber.CiliumNode implementations will
// have their event handling methods called in order of registration.
CiliumNodeChain *subscriber.CiliumNodeChain
// contains filtered or unexported fields
}
func NewK8sWatcher ¶
func NewK8sWatcher( clientset client.Clientset, endpointManager endpointManager, nodeDiscoverManager nodeDiscoverManager, policyManager policyManager, policyRepository policyRepository, svcManager svcManager, datapath datapath.Datapath, redirectPolicyManager redirectPolicyManager, bgpSpeakerManager bgpSpeakerManager, egressGatewayManager EgressGatewayManager, envoyConfigManager envoyConfigManager, cfg WatcherConfiguration, ipcache ipcacheManager, cgroupManager cgroupManager, resources agentK8s.Resources, serviceCache *k8s.ServiceCache, ) *K8sWatcher
func (*K8sWatcher) GetAPIGroups ¶
func (k *K8sWatcher) GetAPIGroups() []string
func (*K8sWatcher) GetCachedNamespace ¶
func (k *K8sWatcher) GetCachedNamespace(namespace string) (*slim_corev1.Namespace, error)
GetCachedNamespace returns a namespace from the local store.
func (*K8sWatcher) GetCachedPod ¶
func (k *K8sWatcher) GetCachedPod(namespace, name string) (*slim_corev1.Pod, error)
GetCachedPod returns a pod from the local store. Depending if the Cilium agent flag `option.Config.K8sEventHandover` this function might only return local pods. If `option.Config.K8sEventHandover` is:
- true: returns only local pods received by the pod watcher.
- false: returns any pod in the cluster received by the pod watcher.
func (*K8sWatcher) GetCiliumNode ¶
func (k *K8sWatcher) GetCiliumNode(ctx context.Context, nodeName string) (*cilium_v2.CiliumNode, error)
GetCiliumNode returns the CiliumNode "nodeName" from the local store. If the local store is not initialized then it will fallback retrieving the node from kube-apiserver.
func (*K8sWatcher) GetIndexer ¶
func (k *K8sWatcher) GetIndexer(name string) cache.Indexer
GetIndexer returns an index to a k8s cache store for the given resource name. Objects gotten using returned stores should *not* be mutated as they are references to internal k8s watcher store state.
func (*K8sWatcher) GetK8sNode ¶
func (k *K8sWatcher) GetK8sNode(ctx context.Context, nodeName string) (*slim_corev1.Node, error)
GetK8sNode returns the *local Node* from the local store.
func (*K8sWatcher) GetStore ¶
func (k *K8sWatcher) GetStore(name string) cache.Store
GetStore returns the k8s cache store for the given resource name. It's possible for valid resource names to return nil stores if that watcher is not in use. Objects gotten using returned stores should *not* be mutated as they are references to internal k8s watcher store state.
func (*K8sWatcher) InitK8sSubsystem ¶
func (k *K8sWatcher) InitK8sSubsystem(ctx context.Context, cachesSynced chan struct{})
InitK8sSubsystem takes a channel for which it will be closed when all caches essential for daemon are synchronized. To be called after WaitForCRDsToRegister() so that all needed CRDs have already been registered.
func (*K8sWatcher) K8sEventProcessed ¶
func (k *K8sWatcher) K8sEventProcessed(scope, action string, status bool)
K8sEventProcessed is called to do metrics accounting for each processed Kubernetes event
func (*K8sWatcher) K8sEventReceived ¶
func (k *K8sWatcher) K8sEventReceived(apiResourceName, scope, action string, valid, equal bool)
K8sEventReceived does metric accounting for each received Kubernetes event, as well as notifying of events for k8s resources synced.
func (*K8sWatcher) NodesInit ¶
func (k *K8sWatcher) NodesInit(k8sClient client.Clientset)
func (*K8sWatcher) RegisterCiliumNodeSubscriber ¶
func (k *K8sWatcher) RegisterCiliumNodeSubscriber(s subscriber.CiliumNode)
RegisterCiliumNodeSubscriber allows registration of subscriber.CiliumNode implementations. On CiliumNode events all registered subscriber.CiliumNode implementations will have their event handling methods called in order of registration.
func (*K8sWatcher) RegisterNodeSubscriber ¶
func (k *K8sWatcher) RegisterNodeSubscriber(s subscriber.Node)
RegisterNodeSubscriber allows registration of subscriber.Node implementations. On k8s Node events all registered subscriber.Node implementations will have their event handling methods called in order of registration.
func (*K8sWatcher) RunK8sServiceHandler ¶
func (k *K8sWatcher) RunK8sServiceHandler()
func (*K8sWatcher) SetIndexer ¶
func (k *K8sWatcher) SetIndexer(name string, indexer cache.Indexer)
SetIndexer lets you set a named cache store, only used for testing.
func (*K8sWatcher) StopK8sServiceHandler ¶
func (k *K8sWatcher) StopK8sServiceHandler()
func (*K8sWatcher) WaitForCRDsToRegister ¶
func (k *K8sWatcher) WaitForCRDsToRegister(ctx context.Context) error
WaitForCRDsToRegister will wait for the Cilium Operator to register the CRDs with the apiserver. This step is required before launching the full K8s watcher, as those resource controllers need the resources to be registered with K8s first.
func (*K8sWatcher) WaitForCacheSync ¶
func (k *K8sWatcher) WaitForCacheSync(resourceNames ...string)
WaitForCacheSync blocks until the given resources have been synchronized from k8s. Note that if the controller for a resource has not been started, the wait for that resource returns immediately. If it is required that the resource exists and is actually synchronized, the caller must ensure the controller for that resource has been started before calling WaitForCacheSync. For most resources this can be done by receiving from controllersStarted channel (<-k.controllersStarted), which is closed after most watchers have been started.
func (*K8sWatcher) WaitForCacheSyncWithTimeout ¶
func (k *K8sWatcher) WaitForCacheSyncWithTimeout(timeout time.Duration, resourceNames ...string) error
WaitForCacheSyncWithTimeout calls WaitForCacheSync to block until given resources have had their caches synced from K8s. This will wait up to the timeout duration after starting or since the last K8s registered watcher event (i.e. each event causes the timeout to be pushed back). Events are recorded using K8sResourcesSynced.Event function. If the timeout is exceeded, an error is returned.
type NodeUpdate ¶
type NodeUpdate interface {
UpdateLocalNode()
}
The NodeUpdate interface is used to provide an abstraction for the nodediscovery.NodeDiscovery object logic used to update a node entry in the KVStore and the k8s CiliumNode.
type WatcherConfiguration ¶
type WatcherConfiguration interface {
utils.ServiceConfiguration
utils.IngressConfiguration
utils.GatewayAPIConfiguration
utils.PolicyConfiguration
}
WatcherConfiguration is the required configuration for enableK8sWatchers
Source Files
¶
- cilium_cidr_group.go
- cilium_clusterwide_envoy_config.go
- cilium_egress_gateway_policy.go
- cilium_endpoint.go
- cilium_endpoint_slice.go
- cilium_endpoint_slice_subscriber.go
- cilium_envoy_config.go
- cilium_local_redirect_policy.go
- cilium_network_policy.go
- cilium_node.go
- endpoints.go
- endpointsynchronizer.go
- namespace.go
- network_policy.go
- node.go
- pod.go
- secret.go
- service.go
- watcher.go
Directories
¶
| Path | Synopsis |
|---|---|
|
This package contains exported resource identifiers and metric resource labels related to K8s watchers.
|
This package contains exported resource identifiers and metric resource labels related to K8s watchers. |
|
Package subscriber implements a mechanism to represent K8s watcher subscribers and allows K8s events to objects / resources to notify their respective subscribers.
|
Package subscriber implements a mechanism to represent K8s watcher subscribers and allows K8s events to objects / resources to notify their respective subscribers. |