Documentation ¶
Index ¶
- Constants
- Variables
- func EnvoyAppLabel() map[string]string
- func EnvoyAppLabelSelector() []string
- func ExpectedResourceHashedName(name string) string
- func OwningGatewayLabelsAbsent(labels map[string]string) bool
- type ResourceRender
- func (r *ResourceRender) ConfigMap() (*corev1.ConfigMap, error)
- func (r *ResourceRender) Deployment() (*appsv1.Deployment, error)
- func (r *ResourceRender) HorizontalPodAutoscaler() (*autoscalingv2.HorizontalPodAutoscaler, error)
- func (r *ResourceRender) Name() string
- func (r *ResourceRender) Service() (*corev1.Service, error)
- func (r *ResourceRender) ServiceAccount() (*corev1.ServiceAccount, error)
Constants ¶
View Source
const ( SdsCAFilename = "xds-trusted-ca.json" SdsCertFilename = "xds-certificate.json" // XdsTLSCertFilename is the fully qualified path of the file containing Envoy's // xDS server TLS certificate. XdsTLSCertFilename = "/certs/tls.crt" // XdsTLSKeyFilename is the fully qualified path of the file containing Envoy's // xDS server TLS key. XdsTLSKeyFilename = "/certs/tls.key" // XdsTLSCaFilename is the fully qualified path of the file containing Envoy's // trusted CA certificate. XdsTLSCaFilename = "/certs/ca.crt" )
Variables ¶
View Source
var ( // xDS certificate rotation is supported by using SDS path-based resource files. SdsCAConfigMapData = fmt.Sprintf(`{"resources":[{"@type":"type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.Secret",`+ `"name":"xds_trusted_ca","validation_context":{"trusted_ca":{"filename":"%s"},`+ `"match_typed_subject_alt_names":[{"san_type":"DNS","matcher":{"exact":"envoy-gateway"}}]}}]}`, XdsTLSCaFilename) SdsCertConfigMapData = fmt.Sprintf(`{"resources":[{"@type":"type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.Secret",`+ `"name":"xds_certificate","tls_certificate":{"certificate_chain":{"filename":"%s"},`+ `"private_key":{"filename":"%s"}}}]}`, XdsTLSCertFilename, XdsTLSKeyFilename) )
Functions ¶
func EnvoyAppLabel ¶
EnvoyAppLabel returns the labels used for all Envoy resources.
func EnvoyAppLabelSelector ¶
func EnvoyAppLabelSelector() []string
EnvoyAppLabelSelector returns the labels used for all Envoy resources.
func ExpectedResourceHashedName ¶
ExpectedResourceHashedName returns expected resource hashed name including up to the 48 characters of the original name.
func OwningGatewayLabelsAbsent ¶ added in v1.0.0
OwningGatewayLabelsAbsent Check if labels are missing some OwningGatewayLabels
Types ¶
type ResourceRender ¶
type ResourceRender struct { // Namespace is the Namespace used for managed infra. Namespace string // contains filtered or unexported fields }
func NewResourceRender ¶
func NewResourceRender(ns string, infra *ir.ProxyInfra) *ResourceRender
func (*ResourceRender) ConfigMap ¶
func (r *ResourceRender) ConfigMap() (*corev1.ConfigMap, error)
ConfigMap returns the expected ConfigMap based on the provided infra.
func (*ResourceRender) Deployment ¶
func (r *ResourceRender) Deployment() (*appsv1.Deployment, error)
Deployment returns the expected Deployment based on the provided infra.
func (*ResourceRender) HorizontalPodAutoscaler ¶ added in v1.0.0
func (r *ResourceRender) HorizontalPodAutoscaler() (*autoscalingv2.HorizontalPodAutoscaler, error)
func (*ResourceRender) Name ¶
func (r *ResourceRender) Name() string
func (*ResourceRender) Service ¶
func (r *ResourceRender) Service() (*corev1.Service, error)
Service returns the expected Service based on the provided infra.
func (*ResourceRender) ServiceAccount ¶
func (r *ResourceRender) ServiceAccount() (*corev1.ServiceAccount, error)
ServiceAccount returns the expected proxy serviceAccount.
Click to show internal directories.
Click to hide internal directories.