Documentation ¶
Index ¶
- Constants
- func ConfigIsPresent(ctx context.Context, configDir string) bool
- func ForceEndpoints() bool
- func GetAgentService() string
- func GetAmbId(resource kates.Object) amb.AmbassadorID
- func GetAmbassadorConfigBaseDir() string
- func GetAmbassadorDebug() string
- func GetAmbassadorFieldSelector() string
- func GetAmbassadorId() string
- func GetAmbassadorLabelSelector() string
- func GetAmbassadorNamespace() string
- func GetAmbassadorRoot() string
- func GetAnnotations(ctx context.Context, resources ...kates.Object) (result []kates.Object)
- func GetAppDir() string
- func GetClusterID(ctx context.Context) (clusterID string)
- func GetConfigDir(demoMode bool) string
- func GetDiagdArgs(ctx context.Context, demoMode bool) []string
- func GetDiagdBindAddress() string
- func GetDiagdBindPort() string
- func GetDiagdFlags(ctx context.Context, demoMode bool) []string
- func GetEnvoyAPIVersion() string
- func GetEnvoyBaseId() string
- func GetEnvoyBootstrapFile() string
- func GetEnvoyConcurrency() string
- func GetEnvoyConfigFile() string
- func GetEnvoyDir() string
- func GetEnvoyFlags() []string
- func GetEventHost() string
- func GetEventPath() string
- func GetEventUrl() string
- func GetHomeDir() string
- func GetInterestingTypes(ctx context.Context, serverTypeList []kates.APIResource) map[string]thingToWatch
- func GetLicenseSecretName() string
- func GetLicenseSecretNamespace() string
- func GetQueries(ctx context.Context, interestingTypes map[string]thingToWatch) []kates.Query
- func GetSidecarHost() string
- func GetSidecarPath() string
- func GetSidecarUrl() string
- func GetSnapshotDir() string
- func IsAmbassadorSingleNamespace() bool
- func IsDiagdOnly() bool
- func IsEdgeStack() bool
- func IsEnvoyAvailable() bool
- func IsKnativeEnabled() bool
- func Main(ctx context.Context, Version string, args ...string) error
- func NewKubernetesSnapshot() *snapshotTypes.KubernetesSnapshot
- func ReconcileConsul(ctx context.Context, consul *consul, s *snapshotTypes.KubernetesSnapshot)
- func ReconcileSecrets(ctx context.Context, s *snapshotTypes.KubernetesSnapshot)
- type ConsulKey
- type ConsulStore
- type FSWErrorHandler
- type FSWEvent
- type FSWEventHandler
- type FSWOp
- type FSWatcher
- type Fake
- func (f *Fake) AssertEndpointsEmpty(timeout time.Duration)
- func (f *Fake) AutoFlush(enabled bool)
- func (f *Fake) ConsulEndpoint(datacenter, service, address string, port int, tags ...string)
- func (f *Fake) Delete(kind, namespace, name string)
- func (f *Fake) Flush()
- func (f *Fake) GetEndpoints(predicate func(*ambex.Endpoints) bool) *ambex.Endpoints
- func (f *Fake) GetEnvoyConfig(predicate func(*v3bootstrap.Bootstrap) bool) *v3bootstrap.Bootstrap
- func (f *Fake) GetSnapshot(predicate func(*snapshot.Snapshot) bool) *snapshot.Snapshot
- func (f *Fake) GetSnapshotEntry(predicate func(SnapshotEntry) bool) SnapshotEntry
- func (f *Fake) SendIstioCertUpdate(update IstioCertUpdate)
- func (f *Fake) SetAmbassadorMeta(ambMeta *snapshot.AmbassadorMetaInfo)
- func (f *Fake) Setup()
- func (f *Fake) Teardown()
- func (f *Fake) Upsert(resource kates.Object)
- func (f *Fake) UpsertFile(filename string)
- func (f *Fake) UpsertYAML(yaml string)
- type FakeConfig
- type FastpathProcessor
- type IstioCert
- func (icert *IstioCert) HandleEvent(ctx context.Context, name string, deleted bool)
- func (icert *IstioCert) Secret(ctx context.Context) (*kates.Secret, bool)
- func (icert *IstioCert) SetFetchTime(fetchTime timeFetcher)
- func (icert *IstioCert) SetReadPEM(readPEM pemReader)
- func (icert *IstioCert) String() string
- type IstioCertSource
- type IstioCertUpdate
- type IstioCertWatcher
- type K8sKey
- type K8sSource
- type K8sStore
- type K8sStoreCursor
- type K8sWatcher
- type ModuleSecrets
- type Notifier
- type Queue
- type ResolverType
- type SnapshotDisposition
- type SnapshotEntry
- type SnapshotHolder
- func (sh *SnapshotHolder) ConsulUpdate(ctx context.Context, consul *consul, fastpathProcessor FastpathProcessor) bool
- func (sh *SnapshotHolder) IstioUpdate(ctx context.Context, istio *istioCertWatchManager, icertUpdate IstioCertUpdate) bool
- func (sh *SnapshotHolder) K8sUpdate(ctx context.Context, watcher K8sWatcher, consul *consul, ...) bool
- func (sh *SnapshotHolder) Notify(ctx context.Context, encoded *atomic.Value, consul *consul, ...)
- type SnapshotProcessor
- type StopFunc
- type Stopper
- type Watcher
Constants ¶
const ExternalSnapshotPort = 8005
take the next port in the range of ambassador ports.
Variables ¶
This section is empty.
Functions ¶
func ConfigIsPresent ¶
ConfigIsPresent checks to see if any configuration is actually present in the given configdir.
func ForceEndpoints ¶
func ForceEndpoints() bool
ForceEndpoints reflects AMBASSADOR_FORCE_ENDPOINTS, to determine whether we're forcing endpoint watching or (the default) not.
func GetAgentService ¶
func GetAgentService() string
func GetAmbId ¶
func GetAmbId(resource kates.Object) amb.AmbassadorID
GetAmbId extracts the AmbassadorId from the kubernetes resource.
func GetAmbassadorConfigBaseDir ¶
func GetAmbassadorConfigBaseDir() string
func GetAmbassadorDebug ¶
func GetAmbassadorDebug() string
func GetAmbassadorFieldSelector ¶
func GetAmbassadorFieldSelector() string
func GetAmbassadorId ¶
func GetAmbassadorId() string
func GetAmbassadorLabelSelector ¶
func GetAmbassadorLabelSelector() string
func GetAmbassadorNamespace ¶
func GetAmbassadorNamespace() string
func GetAmbassadorRoot ¶
func GetAmbassadorRoot() string
func GetAnnotations ¶
GetAnnotations extracts and converts any parseable annotations from the supplied resource. It omits any malformed annotations and does not report the errors. This is ok for now because the python code will catch and report any errors.
func GetClusterID ¶
func GetConfigDir ¶
GetConfigDir returns the path to the directory we should check for filesystem config.
func GetDiagdBindAddress ¶
func GetDiagdBindAddress() string
func GetDiagdBindPort ¶
func GetDiagdBindPort() string
func GetEnvoyAPIVersion ¶
func GetEnvoyAPIVersion() string
func GetEnvoyBaseId ¶
func GetEnvoyBaseId() string
func GetEnvoyBootstrapFile ¶
func GetEnvoyBootstrapFile() string
func GetEnvoyConcurrency ¶
func GetEnvoyConcurrency() string
func GetEnvoyConfigFile ¶
func GetEnvoyConfigFile() string
func GetEnvoyDir ¶
func GetEnvoyDir() string
func GetEnvoyFlags ¶
func GetEnvoyFlags() []string
func GetEventHost ¶
func GetEventHost() string
func GetEventPath ¶
func GetEventPath() string
func GetEventUrl ¶
func GetEventUrl() string
func GetHomeDir ¶
func GetHomeDir() string
func GetInterestingTypes ¶
func GetInterestingTypes(ctx context.Context, serverTypeList []kates.APIResource) map[string]thingToWatch
GetInterestingTypes takes a list of available server types, and returns the types we think are interesting to watch.
func GetLicenseSecretName ¶
func GetLicenseSecretName() string
func GetLicenseSecretNamespace ¶
func GetLicenseSecretNamespace() string
func GetQueries ¶
GetQueries takes a set of interesting types, and returns a set of kates.Query to watch for them.
func GetSidecarHost ¶
func GetSidecarHost() string
func GetSidecarPath ¶
func GetSidecarPath() string
func GetSidecarUrl ¶
func GetSidecarUrl() string
func GetSnapshotDir ¶
func GetSnapshotDir() string
func IsAmbassadorSingleNamespace ¶
func IsAmbassadorSingleNamespace() bool
func IsDiagdOnly ¶
func IsDiagdOnly() bool
func IsEdgeStack ¶
func IsEdgeStack() bool
func IsEnvoyAvailable ¶
func IsEnvoyAvailable() bool
func IsKnativeEnabled ¶
func IsKnativeEnabled() bool
func Main ¶
This is the main ambassador entrypoint. It launches and manages two other processes:
- The diagd process.
- Envoy
The entrypoint process manages two other goroutines:
- The watcher goroutine that watches for changes in ambassador inputs and notifies diagd.
- The ambex goroutine that feeds envoy configuration updates via ADS.
Dataflow Diagram
Kubernetes Watches | | (k8s resources, subscription) | \|/ consul endpoints, subscription) entrypoint[watcher]<----------------------------------- Consul Watches | | (Snapshot, POST) | \|/ diagd | | (envoy config resources, pushed via writing files + SIGHUP) | \|/ entrypoint[ambex] | | (envoy config resources, ADS subscription) | \|/ envoy
Notation:
The arrows point in the direction that data flows. Each arrow is labeled with a tuple of the data type, and a short description of the nature of communication.
The golang entrypoint process assembles all the ambassador inputs from kubernetes and consul. When it has a complete/consistent set of inputs, it passes the complete snapshot of inputs along to diagd along with a list of deltas and invalid objects. This snapshot is fully detailed in snapshot.go
The entrypoint goes to some trouble to ensure shared fate between all three processes as well as all the goroutines it manages, i.e. if any one of them dies for any reason, the whole process will shutdown and some larger process manager (e.g. kubernetes) is expected to take note and restart if appropriate.
func NewKubernetesSnapshot ¶
func NewKubernetesSnapshot() *snapshotTypes.KubernetesSnapshot
NewKubernetesSnapshot creates a new, empty set of Ambassador inputs.
func ReconcileConsul ¶
func ReconcileConsul(ctx context.Context, consul *consul, s *snapshotTypes.KubernetesSnapshot)
func ReconcileSecrets ¶
func ReconcileSecrets(ctx context.Context, s *snapshotTypes.KubernetesSnapshot)
ReconcileSecrets figures out which secrets we're actually using, since we don't want to send secrets to Ambassador unless we're using them, since any secret we send will be saved to disk.
Types ¶
type ConsulStore ¶
type ConsulStore struct {
// contains filtered or unexported fields
}
func NewConsulStore ¶
func NewConsulStore() *ConsulStore
func (*ConsulStore) ConsulEndpoint ¶
func (c *ConsulStore) ConsulEndpoint(datacenter, service, address string, port int, tags ...string)
func (*ConsulStore) Get ¶
func (c *ConsulStore) Get(datacenter, service string) (consulwatch.Endpoints, bool)
type FSWErrorHandler ¶
FSWErrorHandler is a handler function for an error.
type FSWEvent ¶
type FSWEvent struct { // Path is the fully-qualified path of the file that changed. Path string // Op is the operation for this event. Op FSWOp // Bootstrap is true IFF this is a synthesized event noting // that a file existed at the moment we started watching a // directory. Bootstrap bool // Time is when this event happened Time time.Time }
FSWEvent represents a single interesting event.
type FSWEventHandler ¶
FSWEventHandler is a handler function for an interesting event.
type FSWatcher ¶
FSWatcher is a thing that can watch the filesystem for us, and call handler functions when things change.
The core of an FSWatcher is fsnotify/fsnotify, but we wrap some state around it.
First, fsnotify tries to mark the operation associated with a change -- however, these are not always accurate, since the filesystem tries to coalesce events that are close in time. Therefore FSWatcher doesn't actually look at the operation: everything is just "a change happened".
This causes one interesting problem: given a touch of temporal separation between Create and Write, we may decide to trigger a reconfigure on the Create, before the data have been written. To mitigate against that, we'll wait up to half a second after an event to see if any other events will be happening (with the idea that if you've come within half a second of your cert expiring before renewing it, uh, yeah, maybe you _will_ have some transient errors).
Second, when we start watching a directory, we make sure that "update" events get posted for every file in the directory. These are marked as "bootstrap" events.
Finally, rather than posting things to channels, we call a handler function whenever anything interesting happens, where "interesting" is one of the events above, or an error.
func NewFSWatcher ¶
NewFSWatcher instantiates an FSWatcher. At instantiation time, no directories are being watched.
func (*FSWatcher) SetErrorHandler ¶
func (fsw *FSWatcher) SetErrorHandler(handler FSWErrorHandler)
SetErrorHandler sets the function that will be used to respond to errors.
type Fake ¶
The Fake struct is a test harness for edgestack. Its goals are to help us fill out our test pyramid by making it super easy to create unit-like tests directly from the snapshots, bug reports, and other inputs provided by users who find regressions and/or encounter other problems in the field. Since we have no shortage of these reports, if we make it easy to create tests from them, we will fill out our test pyramid quickly and hopefully reduce our rate of regressions. This also means the tests produced this way need to scale well both in terms of execution time/parallelism as well as flakiness since we will quickly have a large number of these tests.
The way this works is by isolating via dependency injection the key portions of the control plane where the bulk of our business logic is implemented. The Fake utilities directly feed this lightweight control plane its input as specified by the test code without passing the resources all the way through a real kubernetes API server and/or a real consul deployment. This is not only significantly more efficient than spinning up real kubernetes and/or consul deployments, but it also lets us precisely control the order of events thereby a) removing the nondeterminism that leads to flaky tests, and b) also allowing us to deliberately create/recreate the sort of low probability sequence of events that are often at the root of heisenbugs.
The key to being able to build tests this way is expressing our business logic as "hermetically sealed" libraries, i.e. libraries with no/few hardcoded dependencies. This doesn't have to be done in a fancy/elegant way, it is well worth practicing "stupidly mechanical dependency injection" in order to quickly excise some business logic of its hardcoded dependencies and enable this sort of testing.
See TestFakeHello, TestFakeHelloWithEnvoyConfig, and TestFakeHelloConsul for examples of how to get started using this struct to write tests.
func NewFake ¶
func NewFake(t *testing.T, config FakeConfig) *Fake
NewFake will construct a new Fake object. See RunFake for a convenient way to handle construct, Setup, and Teardown of a Fake with one line of code.
func RunFake ¶
func RunFake(t *testing.T, config FakeConfig, ambMeta *snapshot.AmbassadorMetaInfo) *Fake
RunFake will create a new fake, invoke its Setup method and register its Teardown method as a Cleanup function with the test object.
func (*Fake) AssertEndpointsEmpty ¶
func (*Fake) ConsulEndpoint ¶
ConsulEndpoint stores the supplied consul endpoint data.
func (*Fake) Flush ¶
func (f *Fake) Flush()
Feed will cause inputs from all datasources to be delivered to the control plane.
func (*Fake) GetEndpoints ¶
func (*Fake) GetEnvoyConfig ¶
func (f *Fake) GetEnvoyConfig(predicate func(*v3bootstrap.Bootstrap) bool) *v3bootstrap.Bootstrap
GetEnvoyConfig will return the next envoy config that satisfies the supplied predicate.
func (*Fake) GetSnapshot ¶
GetSnapshot will return the next snapshot that satisfies the supplied predicate.
func (*Fake) GetSnapshotEntry ¶
func (f *Fake) GetSnapshotEntry(predicate func(SnapshotEntry) bool) SnapshotEntry
GetSnapshotEntry will return the next SnapshotEntry that satisfies the supplied predicate.
func (*Fake) SendIstioCertUpdate ¶
func (f *Fake) SendIstioCertUpdate(update IstioCertUpdate)
SendIstioCertUpdate sends the supplied Istio certificate update.
func (*Fake) SetAmbassadorMeta ¶
func (f *Fake) SetAmbassadorMeta(ambMeta *snapshot.AmbassadorMetaInfo)
sets the ambassador meta info that should get sent in each snapshot
func (*Fake) Setup ¶
func (f *Fake) Setup()
Setup will start up all the goroutines needed for this fake edgestack instance. Depending on the FakeConfig supplied wen constructing the Fake, this may also involve launching external processes, you should therefore ensure that you call Teardown whenever you call Setup.
func (*Fake) Teardown ¶
func (f *Fake) Teardown()
Teardown will clean up anything that Setup has started. It is idempotent. Note that if you use RunFake Setup will be called and Teardown will be automatically registered as a Cleanup function with the supplied testing.T
func (*Fake) Upsert ¶
Upsert will update (or if necessary create) the supplied resource in the fake k8s datastore.
func (*Fake) UpsertFile ¶
UpsertFile will parse the contents of the file as yaml and feed them into the control plane created or updating any overlapping resources that exist.
func (*Fake) UpsertYAML ¶
UpsertYAML will parse the provided YAML and feed the resources in it into the control plane, creating or updating any overlapping resources that exist.
type FakeConfig ¶
type FakeConfig struct { EnvoyConfig bool // If true then the Fake will produce envoy configs in addition to Snapshots. DiagdDebug bool // If true then diagd will have debugging enabled Timeout time.Duration // How long to wait for snapshots and/or envoy configs to become available. }
FakeConfig provides option when constructing a new Fake.
type FastpathProcessor ¶
type FastpathProcessor func(context.Context, *ambex.FastpathSnapshot)
type IstioCert ¶
type IstioCert struct {
// contains filtered or unexported fields
}
IstioCert holds all the state we need to manage an Istio certificate.
func NewIstioCert ¶
func NewIstioCert(dir string, name string, namespace string, updateChannel chan IstioCertUpdate) *IstioCert
NewIstioCert instantiates an IstioCert to manage a certificate that Istio will write into directory "dir", should have the given "name" and appear to live in K8s namespace "namespace", and will have updates posted to "updateChannel" whenever the cert changes.
What's with this namespace business? Well, Ambassador may be running in single-namespace mode, so causing our cert to appear to be in the same namespace as Ambassador will just be less confusing for everyone.
XXX Nomenclature is a little odd here. Istio is writing a _certificate_, but we're supplying it to the rest of Ambassador as a thing that looks like a Kubernetes TLS _Secret_ -- so we call this class an IstioCert, but the thing it's posting to the updateChannel includes a kates.Secret. Names are hard.
func (*IstioCert) HandleEvent ¶
HandleEvent tells an IstioCert to update its internal state because a file in its directory has been written. If all the cert files have been updated closely enough in time, Update will decide that it's time to actually update the cert, and it'll send an IstioCertUpdate over the Updates channel.
func (*IstioCert) Secret ¶
Secret generates a kates.Secret for this IstioCert. Since this involves reading PEM, it can fail, so it logs and returns a status.
func (*IstioCert) SetFetchTime ¶
func (icert *IstioCert) SetFetchTime(fetchTime timeFetcher)
SetFetchTime will change the function we use to get the current time.
func (*IstioCert) SetReadPEM ¶
func (icert *IstioCert) SetReadPEM(readPEM pemReader)
SetReadPEM will change the function we use to read PEM files.
type IstioCertSource ¶
type IstioCertSource interface {
Watch(ctx context.Context) IstioCertWatcher
}
type IstioCertUpdate ¶
type IstioCertUpdate struct { Op string // "update" or "delete" Name string // secret name Namespace string // secret namespace Secret *kates.Secret // IstioCert secret }
IstioCertUpdate gets sent over the IstioCert's Updates channel whenever the cert changes
XXX This will morph into a more general "internally-generated resource" thing later.
type IstioCertWatcher ¶
type IstioCertWatcher interface {
Changed() chan IstioCertUpdate
}
type K8sSource ¶
type K8sSource interface {
Watch(ctx context.Context, queries ...kates.Query) K8sWatcher
}
type K8sStore ¶
type K8sStore struct {
// contains filtered or unexported fields
}
A K8sStore is implement just enough data structures to mock the watch aspect of kubernetes for testing purposes. It holds a map of kubernetes resources. Whenever any of these resources change it computes a delta and adds it to the list of deltas. The store is also capable of creating cursors that can be used to track multiple watches independently consuming the deltas at different rates.
func (*K8sStore) Cursor ¶
func (k *K8sStore) Cursor() *K8sStoreCursor
A Cursor allows multiple views of the same stream of deltas. The cursors implement a bootstrap semantic where they will generate synthetic Add deltas for every resource that currently exists, and from that point on report the real deltas that actually occur on the store.
func (*K8sStore) Upsert ¶
Upsert will either update or insert the given object depending on whether or not an object with that key already exists. Note that this is currently done based solely on the key (namespace, name) of the resource. Theoretically resources are assigned UUIDs and so in theory we could detect changes to the name and namespace, however I'm not even sure how kubernetes handles this or if it even permits that, so I am not going to attempt to consider those cases, and that may well result in some very obscure edgecases around changing names/namespaces that behave differently different from kubernetes.
func (*K8sStore) UpsertFile ¶
UpsertFile will parse the yaml manifests in the referenced file and Upsert each resource from the file.
func (*K8sStore) UpsertYAML ¶
UpsertYAML will parse the provided YAML and feed the resources in it into the control plane, creating or updating any overlapping resources that exist.
type K8sStoreCursor ¶
type K8sStoreCursor struct {
// contains filtered or unexported fields
}
type K8sWatcher ¶
type ModuleSecrets ¶
type ModuleSecrets struct { Defaults struct { TLSSecretNamespacing bool `json:"tls_secret_namespacing"` } `json:"defaults"` Upstream struct { Secret string `json:"secret"` } `json:"upstream"` Server struct { Secret string `json:"secret"` } `json:"server"` Client struct { Secret string `json:"secret"` } `json:"client"` }
ModuleSecrets is... a hack. It's sort of a mashup of the chunk of the Ambassador Module and the chunk of the TLS Module that are common, because they're able to specify secrets. However... first, I don't think the TLS Module actually supported tls_secret_namespacing. Second, the Ambassador Module at least supports arbitrary origination context names -- _any_ key in the TLS dictionary will get turned into an origination context.
I seriously doubt that either of these will actually affect anyone at this remove, but... yeah.
type Notifier ¶
type Notifier struct {
// contains filtered or unexported fields
}
The Notifier struct buffers up notifications to multiple listeners. This is used as plumbing to wire up watchers for the K8sStore and ConsulStore. A monotonically increasing changeCount field functions as a logical clock tracking how many changes have occured. The notifyCount field tracks how many of these changes are to be communicated to listeners. Each listener also tracks its own count which starts at zero. This ensures that new listeners are always notified of changes that have happened prior to the listener being created.
func NewNotifier ¶
func NewNotifier() *Notifier
NewNotifier constructs a new notifier struct that is ready for use.
func (*Notifier) AutoNotify ¶
AutoNotify controls the notification mode.
func (*Notifier) Changed ¶
func (n *Notifier) Changed()
Changed signals that a change has occured that will eventually need to be communicated to all listeners.
type Queue ¶
The Queue struct implements a multi-writer/multi-reader concurrent queue where the dequeue operation (the Get() method) takes a predicate that allows it to skip past queue entries until it finds one that satisfies the specified predicate.
func (*Queue) AssertEmpty ¶
AssertEmpty will check that the queue remains empty for the supplied duration.
type ResolverType ¶
type ResolverType int
const ( KubernetesServiceResolver ResolverType = iota KubernetesEndpointResolver ConsulResolver )
func (ResolverType) String ¶
func (rt ResolverType) String() string
type SnapshotDisposition ¶
type SnapshotDisposition int
const ( // Indicates the watcher is still in the booting process and the snapshot has dangling pointers. SnapshotIncomplete SnapshotDisposition = iota // Indicates that the watcher is deferring processing of the snapshot because it is considered // to be a product of churn. SnapshotDefer // Indicates that the watcher is dropping the snapshot because it has determined that it is // logically a noop. SnapshotDrop // Indicates that the snapshot is ready to be processed. SnapshotReady )
type SnapshotEntry ¶
type SnapshotEntry struct { Disposition SnapshotDisposition Snapshot *snapshot.Snapshot }
type SnapshotHolder ¶
type SnapshotHolder struct {
// contains filtered or unexported fields
}
SnapshotHolder is responsible for holding
func NewSnapshotHolder ¶
func NewSnapshotHolder(ambassadorMeta *snapshot.AmbassadorMetaInfo) *SnapshotHolder
func (*SnapshotHolder) ConsulUpdate ¶
func (sh *SnapshotHolder) ConsulUpdate(ctx context.Context, consul *consul, fastpathProcessor FastpathProcessor) bool
func (*SnapshotHolder) IstioUpdate ¶
func (sh *SnapshotHolder) IstioUpdate(ctx context.Context, istio *istioCertWatchManager, icertUpdate IstioCertUpdate) bool
func (*SnapshotHolder) K8sUpdate ¶
func (sh *SnapshotHolder) K8sUpdate(ctx context.Context, watcher K8sWatcher, consul *consul, fastpathProcessor FastpathProcessor) bool
Get the raw update from the kubernetes watcher, then redo our computed view.
func (*SnapshotHolder) Notify ¶
func (sh *SnapshotHolder) Notify(ctx context.Context, encoded *atomic.Value, consul *consul, snapshotProcessor SnapshotProcessor)
type SnapshotProcessor ¶
type SnapshotProcessor func(context.Context, SnapshotDisposition, []byte)
type Watcher ¶
type Watcher interface {
Watch(resolver *amb.ConsulResolver, svc string, endpoints chan consulwatch.Endpoints) Stopper
}
Source Files ¶
- annotations.go
- consul.go
- demomode.go
- endpoint_routing.go
- endpoints.go
- entrypoint.go
- env.go
- envoy.go
- fake.go
- fake_consul_store.go
- fake_k8s_store.go
- fake_notifier.go
- fake_queue.go
- fswatcher.go
- healthcheck_server.go
- helpers.go
- interesting_types.go
- istiocert.go
- notify.go
- resource_validator.go
- secrets.go
- snapshot.go
- snapshot_server.go
- sources.go
- watcher.go