ingress

package

v1.17.0 Latest Latest Go to latest Published: Feb 3, 2025 License: Apache-2.0 Imports: 34 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cilium/cilium

Links

Open Source Insights

Documentation ¶

Overview ¶

Package ingress contains all the logic for Cilium Ingress Controller. Only Ingress resources having annotations."kubernetes.io/ingress.class" or spec.ingressClassName set to "cilium" are managed and processed by the Cilium Ingress Controller.

Two LB modes are supported:

dedicated LB mode: a dedicated LB is used for each Ingress.
shared LB mode: all eligible Ingresses are using the same LB.

Each LB mode will have its own translation logic, which converts Ingress resource(s) into internal representation, and then turns it into a set of Cilium configurations (e.g. CiliumEnvoyConfig, LB Service, Endpoints etc.).

Create one Load Balancer service, the external IP/FQDN is available will bubble up to Ingress status once ready. (dedicated LB mode only)
Create dummy Endpoint for above LB service. (dedicated LB mode only)
Create CiliumEnvoyConfig with all routing details. (both modes)

There is a small secret sync component, which will watch all tls ingress secrets and sync them to another give namespace. This is to limit the permission during runtime in all nodes.

Index ¶

Variables
func EnqueueReferencedTLSSecrets(c client.Client, logger *slog.Logger) handler.EventHandler
func IsReferencedByCiliumIngress(ctx context.Context, c client.Client, logger *slog.Logger, obj *corev1.Secret) bool
type IngressConfig
- func (r IngressConfig) Flags(flags *pflag.FlagSet)
- func (r IngressConfig) IsEnabled() bool

Constants ¶

This section is empty.

Variables ¶

View Source

var Cell = cell.Module(
	"ingress",
	"Manages the Kubernetes Ingress controllers",

	cell.Config(IngressConfig{
		EnableIngressController:      false,
		EnforceIngressHTTPS:          true,
		EnableIngressProxyProtocol:   false,
		EnableIngressSecretsSync:     true,
		IngressSecretsNamespace:      "cilium-secrets",
		IngressDefaultRequestTimeout: time.Duration(0),
		IngressLBAnnotationPrefixes:  []string{"lbipam.cilium.io", "service.beta.kubernetes.io", "service.kubernetes.io", "cloud.google.com"},
		IngressSharedLBServiceName:   "cilium-ingress",
		IngressDefaultLBMode:         "dedicated",

		IngressHostnetworkEnabled:            false,
		IngressHostnetworkSharedListenerPort: 0,
		IngressHostnetworkNodelabelselector:  "",
	}),
	cell.Invoke(registerReconciler),
	cell.Provide(registerSecretSync),
)

Cell manages the Kubernetes Ingress related controllers.

Functions ¶

func EnqueueReferencedTLSSecrets ¶ added in v1.15.0

func EnqueueReferencedTLSSecrets(c client.Client, logger *slog.Logger) handler.EventHandler

func IsReferencedByCiliumIngress ¶ added in v1.15.0

func IsReferencedByCiliumIngress(ctx context.Context, c client.Client, logger *slog.Logger, obj *corev1.Secret) bool

Types ¶

type IngressConfig ¶ added in v1.15.13

type IngressConfig struct {
	KubeProxyReplacement                 string
	EnableNodePort                       bool
	EnableIngressController              bool
	EnforceIngressHTTPS                  bool
	EnableIngressProxyProtocol           bool
	EnableIngressSecretsSync             bool
	IngressSecretsNamespace              string
	IngressLBAnnotationPrefixes          []string
	IngressSharedLBServiceName           string
	IngressDefaultLBMode                 string
	IngressDefaultSecretNamespace        string
	IngressDefaultSecretName             string
	IngressDefaultRequestTimeout         time.Duration
	IngressHostnetworkEnabled            bool
	IngressHostnetworkSharedListenerPort uint32
	IngressHostnetworkNodelabelselector  string
	IngressDefaultXffNumTrustedHops      uint32
}

func (IngressConfig) Flags ¶ added in v1.15.13

func (r IngressConfig) Flags(flags *pflag.FlagSet)

func (IngressConfig) IsEnabled ¶ added in v1.15.13

func (r IngressConfig) IsEnabled() bool

IsEnabled returns true if the Ingress Controller is enabled.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
annotations Package annotations contains all annotations that supported by cilium ingress controller along with some sensible defaults.	Package annotations contains all annotations that supported by cilium ingress controller along with some sensible defaults.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL