ingress

package

v1.17.0-pre.0 Latest Latest Go to latest Published: Sep 5, 2024 License: Apache-2.0 Imports: 34 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Documentation ¶

Overview ¶

Package ingress contains all the logic for Cilium Ingress Controller. Only Ingress resources having annotations."kubernetes.io/ingress.class" or spec.ingressClassName set to "cilium" are managed and processed by the Cilium Ingress Controller.

Two LB modes are supported:

dedicated LB mode: a dedicated LB is used for each Ingress.
shared LB mode: all eligible Ingresses are using the same LB.

Each LB mode will have its own translation logic, which converts Ingress resource(s) into internal representation, and then turns it into a set of Cilium configurations (e.g. CiliumEnvoyConfig, LB Service, Endpoints etc.).

Create one Load Balancer service, the external IP/FQDN is available will bubble up to Ingress status once ready. (dedicated LB mode only)
Create dummy Endpoint for above LB service. (dedicated LB mode only)
Create CiliumEnvoyConfig with all routing details. (both modes)

There is a small secret sync component, which will watch all tls ingress secrets and sync them to another give namespace. This is to limit the permission during runtime in all nodes.

Index ¶

Variables
func EnqueueReferencedTLSSecrets(c client.Client, logger *slog.Logger) handler.EventHandler
func IsReferencedByCiliumIngress(ctx context.Context, c client.Client, logger *slog.Logger, obj *corev1.Secret) bool

Constants ¶

This section is empty.

Variables ¶

View Source

var Cell = cell.Module(
	"ingress",
	"Manages the Kubernetes Ingress controllers",

	cell.Config(ingressConfig{
		EnableIngressController:      false,
		EnforceIngressHTTPS:          true,
		EnableIngressProxyProtocol:   false,
		EnableIngressSecretsSync:     true,
		IngressSecretsNamespace:      "cilium-secrets",
		IngressDefaultRequestTimeout: time.Duration(0),
		IngressLBAnnotationPrefixes:  []string{"lbipam.cilium.io", "service.beta.kubernetes.io", "service.kubernetes.io", "cloud.google.com"},
		IngressSharedLBServiceName:   "cilium-ingress",
		IngressDefaultLBMode:         "dedicated",

		IngressHostnetworkEnabled:            false,
		IngressHostnetworkSharedListenerPort: 0,
		IngressHostnetworkNodelabelselector:  "",
	}),
	cell.Invoke(registerReconciler),
	cell.Provide(registerSecretSync),
)

Cell manages the Kubernetes Ingress related controllers.

Functions ¶

func EnqueueReferencedTLSSecrets ¶ added in v1.15.0

func EnqueueReferencedTLSSecrets(c client.Client, logger *slog.Logger) handler.EventHandler

func IsReferencedByCiliumIngress ¶ added in v1.15.0

func IsReferencedByCiliumIngress(ctx context.Context, c client.Client, logger *slog.Logger, obj *corev1.Secret) bool

Types ¶

This section is empty.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
annotations Package annotations contains all annotations that supported by cilium ingress controller along with some sensible defaults.	Package annotations contains all annotations that supported by cilium ingress controller along with some sensible defaults.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL