catalog

package
v1.4.14 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 5, 2024 License: Apache-2.0 Imports: 32 Imported by: 0

Documentation

Overview

Package catalog is a generated GoMock package.

Package catalog implements the MeshCataloger interface, which forms the central component in FSM that transforms outputs from all other components (SMI policies, Kubernetes services, endpoints etc.) into configuration that is consumed by the the proxy control plane component to program sidecar proxies. Reference: https://github.com/flomesh-io/fsm/blob/main/DESIGN.md#5-mesh-catalog

Index

Constants

View Source
const (
	// AllowPartialHostnamesMatch is used to allow a partial/subset match on hostnames in traffic policies
	AllowPartialHostnamesMatch bool = true

	// DisallowPartialHostnamesMatch is used to disallow a partial/subset match on hostnames in traffic policies
	DisallowPartialHostnamesMatch bool = false
)

Variables

This section is empty.

Functions

This section is empty.

Types

type MeshCatalog

type MeshCatalog struct {
	// contains filtered or unexported fields
}

MeshCatalog is the struct for the service catalog

func NewMeshCatalog

func NewMeshCatalog(kubeController k8s.Controller,
	meshSpec smi.MeshSpec,
	certManager *certificate.Manager,
	policyController policy.Controller,
	pluginController plugin.Controller,
	multiclusterController multicluster.Controller,
	stop <-chan struct{},
	cfg configurator.Configurator,
	serviceProviders []service.Provider,
	endpointsProviders []endpoint.Provider,
	msgBroker *messaging.Broker) *MeshCatalog

NewMeshCatalog creates a new service catalog

func (*MeshCatalog) GetAccessControlTrafficPolicy

func (mc *MeshCatalog) GetAccessControlTrafficPolicy(svc service.MeshService) (*trafficpolicy.AccessControlTrafficPolicy, error)

GetAccessControlTrafficPolicy returns the access control traffic policy for the given mesh service Depending on if the AccessControl API is enabled, the policies will be generated either from the AccessControl or Kubernetes AccessControl API.

func (*MeshCatalog) GetConfigurator

func (mc *MeshCatalog) GetConfigurator() *configurator.Configurator

GetConfigurator converts private variable to public

func (*MeshCatalog) GetEgressGatewayPolicy

func (mc *MeshCatalog) GetEgressGatewayPolicy() (*trafficpolicy.EgressGatewayPolicy, error)

GetEgressGatewayPolicy returns the Egress gateway policy.

func (*MeshCatalog) GetEgressSourceSecret

func (mc *MeshCatalog) GetEgressSourceSecret(secretReference corev1.SecretReference) (*corev1.Secret, error)

GetEgressSourceSecret returns the secret resource that matches the given options

func (*MeshCatalog) GetEgressTrafficPolicy

func (mc *MeshCatalog) GetEgressTrafficPolicy(serviceIdentity identity.ServiceIdentity) (*trafficpolicy.EgressTrafficPolicy, error)

GetEgressTrafficPolicy returns the Egress traffic policy associated with the given service identity

func (*MeshCatalog) GetExportTrafficPolicy

func (mc *MeshCatalog) GetExportTrafficPolicy(svc service.MeshService) (*trafficpolicy.ServiceExportTrafficPolicy, error)

GetExportTrafficPolicy returns the export policy for the given mesh service

func (*MeshCatalog) GetInboundMeshTrafficPolicy

func (mc *MeshCatalog) GetInboundMeshTrafficPolicy(upstreamIdentity identity.ServiceIdentity, upstreamServices []service.MeshService) *trafficpolicy.InboundMeshTrafficPolicy

GetInboundMeshTrafficPolicy returns the inbound mesh traffic policy for the given upstream identity and services

func (*MeshCatalog) GetIngressTrafficPolicy

func (mc *MeshCatalog) GetIngressTrafficPolicy(svc service.MeshService) (*trafficpolicy.IngressTrafficPolicy, error)

GetIngressTrafficPolicy returns the ingress traffic policy for the given mesh service Depending on if the IngressBackend API is enabled, the policies will be generated either from the IngressBackend or Kubernetes Ingress API.

func (*MeshCatalog) GetIsolationCidrs added in v1.3.9

func (mc *MeshCatalog) GetIsolationCidrs() []*cidr.CIDR

GetIsolationCidrs returns the isolation cidrs

func (*MeshCatalog) GetKubeController

func (mc *MeshCatalog) GetKubeController() k8s.Controller

GetKubeController returns the kube controller instance handling the current cluster

func (*MeshCatalog) GetOutboundMeshTrafficPolicy

func (mc *MeshCatalog) GetOutboundMeshTrafficPolicy(downstreamIdentity identity.ServiceIdentity) *trafficpolicy.OutboundMeshTrafficPolicy

GetOutboundMeshTrafficPolicy returns the outbound mesh traffic policy for the given downstream identity

The function works as follows:

  1. If permissive mode is enabled, builds outbound mesh traffic policies to reach every upstream service discovered using service discovery, using wildcard routes.
  2. In SMI mode, builds outbound mesh traffic policies to reach every upstream service corresponding to every upstream service account that this downstream is authorized to access using SMI TrafficTarget policies.
  3. Process TraficSplit policies and update the weights for the upstream services based on the policies.

The route configurations are consolidated per port, such that upstream services using the same port are a part of the same route configuration. This is required to avoid route conflicts that can occur when the same hostname needs to be routed differently based on the port used.

func (*MeshCatalog) GetPluginChains

func (mc *MeshCatalog) GetPluginChains() []*trafficpolicy.PluginChain

GetPluginChains lists plugin chains

func (*MeshCatalog) GetPluginConfigs

func (mc *MeshCatalog) GetPluginConfigs() []*trafficpolicy.PluginConfig

GetPluginConfigs lists plugin configs

func (*MeshCatalog) GetPlugins

func (mc *MeshCatalog) GetPlugins() []*trafficpolicy.Plugin

GetPlugins returns the plugin policies

func (*MeshCatalog) GetRetryPolicy

func (mc *MeshCatalog) GetRetryPolicy(downstreamIdentity identity.ServiceIdentity, upstreamSvc service.MeshService) *v1alpha1.RetryPolicySpec

GetRetryPolicy returns the RetryPolicySpec for the given downstream identity and upstream service TODO: Add support for wildcard destinations

func (*MeshCatalog) GetTrustDomain

func (mc *MeshCatalog) GetTrustDomain() string

GetTrustDomain returns the currently configured trust domain, ie: cluster.local

func (*MeshCatalog) ListAllowedUpstreamEndpointsForService

func (mc *MeshCatalog) ListAllowedUpstreamEndpointsForService(downstreamIdentity identity.ServiceIdentity, upstreamSvc service.MeshService) []endpoint.Endpoint

ListAllowedUpstreamEndpointsForService returns the list of endpoints over which the downstream client identity is allowed access the upstream service

func (*MeshCatalog) ListEndpointsForServiceIdentity

func (mc *MeshCatalog) ListEndpointsForServiceIdentity(serviceIdentity identity.ServiceIdentity) []endpoint.Endpoint

ListEndpointsForServiceIdentity converts private method to public

func (*MeshCatalog) ListInboundServiceIdentities

func (mc *MeshCatalog) ListInboundServiceIdentities(upstream identity.ServiceIdentity) []identity.ServiceIdentity

ListInboundServiceIdentities lists the downstream service identities that are allowed to connect to the given service identity Note: ServiceIdentity must be in the format "name.namespace" [https://github.com/flomesh-io/fsm/issues/3188]

func (*MeshCatalog) ListInboundTrafficTargetsWithRoutes

func (mc *MeshCatalog) ListInboundTrafficTargetsWithRoutes(upstream identity.ServiceIdentity) ([]trafficpolicy.TrafficTargetWithRoutes, error)

ListInboundTrafficTargetsWithRoutes returns a list traffic target objects composed of its routes for the given destination service account Note: ServiceIdentity must be in the format "name.namespace" [https://github.com/flomesh-io/fsm/issues/3188]

func (*MeshCatalog) ListOutboundServiceIdentities

func (mc *MeshCatalog) ListOutboundServiceIdentities(downstream identity.ServiceIdentity) []identity.ServiceIdentity

ListOutboundServiceIdentities lists the upstream service identities the given service identity are allowed to connect to Note: ServiceIdentity must be in the format "name.namespace" [https://github.com/flomesh-io/fsm/issues/3188]

func (*MeshCatalog) ListOutboundServicesForIdentity

func (mc *MeshCatalog) ListOutboundServicesForIdentity(serviceIdentity identity.ServiceIdentity) []service.MeshService

ListOutboundServicesForIdentity list the services the given service account is allowed to initiate outbound connections to Note: ServiceIdentity must be in the format "name.namespace" [https://github.com/flomesh-io/fsm/issues/3188]

func (*MeshCatalog) ListSMIPolicies

ListSMIPolicies returns all policies FSM is aware of.

func (*MeshCatalog) ListServiceIdentitiesForService

func (mc *MeshCatalog) ListServiceIdentitiesForService(svc service.MeshService) []identity.ServiceIdentity

ListServiceIdentitiesForService lists the service identities associated with the given mesh service.

type MeshCataloger

type MeshCataloger interface {
	// ListOutboundServicesForIdentity list the services the given service identity is allowed to initiate outbound connections to
	ListOutboundServicesForIdentity(identity.ServiceIdentity) []service.MeshService

	// ListInboundServiceIdentities lists the downstream service identities that are allowed to connect to the given service identity
	ListInboundServiceIdentities(identity.ServiceIdentity) []identity.ServiceIdentity

	// ListOutboundServiceIdentities lists the upstream service identities the given service identity are allowed to connect to
	ListOutboundServiceIdentities(identity.ServiceIdentity) []identity.ServiceIdentity

	// ListServiceIdentitiesForService lists the service identities associated with the given service
	ListServiceIdentitiesForService(service.MeshService) []identity.ServiceIdentity

	// ListAllowedUpstreamEndpointsForService returns the list of endpoints over which the downstream client identity
	// is allowed access the upstream service
	ListAllowedUpstreamEndpointsForService(identity.ServiceIdentity, service.MeshService) []endpoint.Endpoint

	// GetIngressTrafficPolicy returns the ingress traffic policy for the given mesh service
	GetIngressTrafficPolicy(service.MeshService) (*trafficpolicy.IngressTrafficPolicy, error)

	// GetAccessControlTrafficPolicy returns the access control traffic policy for the given mesh service
	GetAccessControlTrafficPolicy(service.MeshService) (*trafficpolicy.AccessControlTrafficPolicy, error)

	// ListInboundTrafficTargetsWithRoutes returns a list traffic target objects composed of its routes for the given destination service identity
	ListInboundTrafficTargetsWithRoutes(identity.ServiceIdentity) ([]trafficpolicy.TrafficTargetWithRoutes, error)

	// GetEgressGatewayPolicy returns the Egress gateway policy.
	GetEgressGatewayPolicy() (*trafficpolicy.EgressGatewayPolicy, error)

	// GetEgressTrafficPolicy returns the Egress traffic policy associated with the given service identity.
	GetEgressTrafficPolicy(identity.ServiceIdentity) (*trafficpolicy.EgressTrafficPolicy, error)

	// GetEgressSourceSecret returns the secret resource that matches the given options
	GetEgressSourceSecret(corev1.SecretReference) (*corev1.Secret, error)

	// GetKubeController returns the kube controller instance handling the current cluster
	GetKubeController() k8s.Controller

	// GetOutboundMeshTrafficPolicy returns the outbound mesh traffic policy for the given downstream identity
	GetOutboundMeshTrafficPolicy(identity.ServiceIdentity) *trafficpolicy.OutboundMeshTrafficPolicy

	// GetInboundMeshTrafficPolicy returns the inbound mesh traffic policy for the given upstream identity and services
	GetInboundMeshTrafficPolicy(identity.ServiceIdentity, []service.MeshService) *trafficpolicy.InboundMeshTrafficPolicy

	// GetRetryPolicy returns the RetryPolicySpec for the given downstream identity and upstream service
	GetRetryPolicy(downstreamIdentity identity.ServiceIdentity, upstreamSvc service.MeshService) *v1alpha1.RetryPolicySpec

	// GetExportTrafficPolicy returns the export policy for the given mesh service
	GetExportTrafficPolicy(svc service.MeshService) (*trafficpolicy.ServiceExportTrafficPolicy, error)

	GetIsolationCidrs() []*cidr.CIDR

	// GetPlugins returns the plugin policies
	GetPlugins() []*trafficpolicy.Plugin

	// GetPluginConfigs lists plugin configs
	GetPluginConfigs() []*trafficpolicy.PluginConfig

	// GetPluginChains lists plugin chains
	GetPluginChains() []*trafficpolicy.PluginChain
}

MeshCataloger is the mechanism by which the Service Mesh controller discovers all sidecar proxies connected to the catalog.

func GetMeshCataloger added in v1.4.4

func GetMeshCataloger() MeshCataloger

type MockMeshCataloger

type MockMeshCataloger struct {
	// contains filtered or unexported fields
}

MockMeshCataloger is a mock of MeshCataloger interface.

func NewMockMeshCataloger

func NewMockMeshCataloger(ctrl *gomock.Controller) *MockMeshCataloger

NewMockMeshCataloger creates a new mock instance.

func (*MockMeshCataloger) EXPECT

EXPECT returns an object that allows the caller to indicate expected use.

func (*MockMeshCataloger) GetAccessControlTrafficPolicy

func (m *MockMeshCataloger) GetAccessControlTrafficPolicy(arg0 service.MeshService) (*trafficpolicy.AccessControlTrafficPolicy, error)

GetAccessControlTrafficPolicy mocks base method.

func (*MockMeshCataloger) GetEgressGatewayPolicy

func (m *MockMeshCataloger) GetEgressGatewayPolicy() (*trafficpolicy.EgressGatewayPolicy, error)

GetEgressGatewayPolicy mocks base method.

func (*MockMeshCataloger) GetEgressSourceSecret

func (m *MockMeshCataloger) GetEgressSourceSecret(arg0 v1.SecretReference) (*v1.Secret, error)

GetEgressSourceSecret mocks base method.

func (*MockMeshCataloger) GetEgressTrafficPolicy

GetEgressTrafficPolicy mocks base method.

func (*MockMeshCataloger) GetExportTrafficPolicy

GetExportTrafficPolicy mocks base method.

func (*MockMeshCataloger) GetInboundMeshTrafficPolicy

GetInboundMeshTrafficPolicy mocks base method.

func (*MockMeshCataloger) GetIngressTrafficPolicy

func (m *MockMeshCataloger) GetIngressTrafficPolicy(arg0 service.MeshService) (*trafficpolicy.IngressTrafficPolicy, error)

GetIngressTrafficPolicy mocks base method.

func (*MockMeshCataloger) GetIsolationCidrs added in v1.4.4

func (m *MockMeshCataloger) GetIsolationCidrs() []*cidr.CIDR

GetIsolationCidrs mocks base method.

func (*MockMeshCataloger) GetKubeController

func (m *MockMeshCataloger) GetKubeController() k8s.Controller

GetKubeController mocks base method.

func (*MockMeshCataloger) GetOutboundMeshTrafficPolicy

func (m *MockMeshCataloger) GetOutboundMeshTrafficPolicy(arg0 identity.ServiceIdentity) *trafficpolicy.OutboundMeshTrafficPolicy

GetOutboundMeshTrafficPolicy mocks base method.

func (*MockMeshCataloger) GetPluginChains

func (m *MockMeshCataloger) GetPluginChains() []*trafficpolicy.PluginChain

GetPluginChains mocks base method.

func (*MockMeshCataloger) GetPluginConfigs

func (m *MockMeshCataloger) GetPluginConfigs() []*trafficpolicy.PluginConfig

GetPluginConfigs mocks base method.

func (*MockMeshCataloger) GetPlugins

func (m *MockMeshCataloger) GetPlugins() []*trafficpolicy.Plugin

GetPlugins mocks base method.

func (*MockMeshCataloger) GetRetryPolicy

GetRetryPolicy mocks base method.

func (*MockMeshCataloger) ListAllowedUpstreamEndpointsForService

func (m *MockMeshCataloger) ListAllowedUpstreamEndpointsForService(arg0 identity.ServiceIdentity, arg1 service.MeshService) []endpoint.Endpoint

ListAllowedUpstreamEndpointsForService mocks base method.

func (*MockMeshCataloger) ListInboundServiceIdentities

func (m *MockMeshCataloger) ListInboundServiceIdentities(arg0 identity.ServiceIdentity) []identity.ServiceIdentity

ListInboundServiceIdentities mocks base method.

func (*MockMeshCataloger) ListInboundTrafficTargetsWithRoutes

func (m *MockMeshCataloger) ListInboundTrafficTargetsWithRoutes(arg0 identity.ServiceIdentity) ([]trafficpolicy.TrafficTargetWithRoutes, error)

ListInboundTrafficTargetsWithRoutes mocks base method.

func (*MockMeshCataloger) ListOutboundServiceIdentities

func (m *MockMeshCataloger) ListOutboundServiceIdentities(arg0 identity.ServiceIdentity) []identity.ServiceIdentity

ListOutboundServiceIdentities mocks base method.

func (*MockMeshCataloger) ListOutboundServicesForIdentity

func (m *MockMeshCataloger) ListOutboundServicesForIdentity(arg0 identity.ServiceIdentity) []service.MeshService

ListOutboundServicesForIdentity mocks base method.

func (*MockMeshCataloger) ListServiceIdentitiesForService

func (m *MockMeshCataloger) ListServiceIdentitiesForService(arg0 service.MeshService) []identity.ServiceIdentity

ListServiceIdentitiesForService mocks base method.

type MockMeshCatalogerMockRecorder

type MockMeshCatalogerMockRecorder struct {
	// contains filtered or unexported fields
}

MockMeshCatalogerMockRecorder is the mock recorder for MockMeshCataloger.

func (*MockMeshCatalogerMockRecorder) GetAccessControlTrafficPolicy

func (mr *MockMeshCatalogerMockRecorder) GetAccessControlTrafficPolicy(arg0 interface{}) *gomock.Call

GetAccessControlTrafficPolicy indicates an expected call of GetAccessControlTrafficPolicy.

func (*MockMeshCatalogerMockRecorder) GetEgressGatewayPolicy

func (mr *MockMeshCatalogerMockRecorder) GetEgressGatewayPolicy() *gomock.Call

GetEgressGatewayPolicy indicates an expected call of GetEgressGatewayPolicy.

func (*MockMeshCatalogerMockRecorder) GetEgressSourceSecret

func (mr *MockMeshCatalogerMockRecorder) GetEgressSourceSecret(arg0 interface{}) *gomock.Call

GetEgressSourceSecret indicates an expected call of GetEgressSourceSecret.

func (*MockMeshCatalogerMockRecorder) GetEgressTrafficPolicy

func (mr *MockMeshCatalogerMockRecorder) GetEgressTrafficPolicy(arg0 interface{}) *gomock.Call

GetEgressTrafficPolicy indicates an expected call of GetEgressTrafficPolicy.

func (*MockMeshCatalogerMockRecorder) GetExportTrafficPolicy

func (mr *MockMeshCatalogerMockRecorder) GetExportTrafficPolicy(arg0 interface{}) *gomock.Call

GetExportTrafficPolicy indicates an expected call of GetExportTrafficPolicy.

func (*MockMeshCatalogerMockRecorder) GetInboundMeshTrafficPolicy

func (mr *MockMeshCatalogerMockRecorder) GetInboundMeshTrafficPolicy(arg0, arg1 interface{}) *gomock.Call

GetInboundMeshTrafficPolicy indicates an expected call of GetInboundMeshTrafficPolicy.

func (*MockMeshCatalogerMockRecorder) GetIngressTrafficPolicy

func (mr *MockMeshCatalogerMockRecorder) GetIngressTrafficPolicy(arg0 interface{}) *gomock.Call

GetIngressTrafficPolicy indicates an expected call of GetIngressTrafficPolicy.

func (*MockMeshCatalogerMockRecorder) GetIsolationCidrs added in v1.4.4

func (mr *MockMeshCatalogerMockRecorder) GetIsolationCidrs() *gomock.Call

GetIsolationCidrs indicates an expected call of GetIsolationCidrs.

func (*MockMeshCatalogerMockRecorder) GetKubeController

func (mr *MockMeshCatalogerMockRecorder) GetKubeController() *gomock.Call

GetKubeController indicates an expected call of GetKubeController.

func (*MockMeshCatalogerMockRecorder) GetOutboundMeshTrafficPolicy

func (mr *MockMeshCatalogerMockRecorder) GetOutboundMeshTrafficPolicy(arg0 interface{}) *gomock.Call

GetOutboundMeshTrafficPolicy indicates an expected call of GetOutboundMeshTrafficPolicy.

func (*MockMeshCatalogerMockRecorder) GetPluginChains

func (mr *MockMeshCatalogerMockRecorder) GetPluginChains() *gomock.Call

GetPluginChains indicates an expected call of GetPluginChains.

func (*MockMeshCatalogerMockRecorder) GetPluginConfigs

func (mr *MockMeshCatalogerMockRecorder) GetPluginConfigs() *gomock.Call

GetPluginConfigs indicates an expected call of GetPluginConfigs.

func (*MockMeshCatalogerMockRecorder) GetPlugins

func (mr *MockMeshCatalogerMockRecorder) GetPlugins() *gomock.Call

GetPlugins indicates an expected call of GetPlugins.

func (*MockMeshCatalogerMockRecorder) GetRetryPolicy

func (mr *MockMeshCatalogerMockRecorder) GetRetryPolicy(arg0, arg1 interface{}) *gomock.Call

GetRetryPolicy indicates an expected call of GetRetryPolicy.

func (*MockMeshCatalogerMockRecorder) ListAllowedUpstreamEndpointsForService

func (mr *MockMeshCatalogerMockRecorder) ListAllowedUpstreamEndpointsForService(arg0, arg1 interface{}) *gomock.Call

ListAllowedUpstreamEndpointsForService indicates an expected call of ListAllowedUpstreamEndpointsForService.

func (*MockMeshCatalogerMockRecorder) ListInboundServiceIdentities

func (mr *MockMeshCatalogerMockRecorder) ListInboundServiceIdentities(arg0 interface{}) *gomock.Call

ListInboundServiceIdentities indicates an expected call of ListInboundServiceIdentities.

func (*MockMeshCatalogerMockRecorder) ListInboundTrafficTargetsWithRoutes

func (mr *MockMeshCatalogerMockRecorder) ListInboundTrafficTargetsWithRoutes(arg0 interface{}) *gomock.Call

ListInboundTrafficTargetsWithRoutes indicates an expected call of ListInboundTrafficTargetsWithRoutes.

func (*MockMeshCatalogerMockRecorder) ListOutboundServiceIdentities

func (mr *MockMeshCatalogerMockRecorder) ListOutboundServiceIdentities(arg0 interface{}) *gomock.Call

ListOutboundServiceIdentities indicates an expected call of ListOutboundServiceIdentities.

func (*MockMeshCatalogerMockRecorder) ListOutboundServicesForIdentity

func (mr *MockMeshCatalogerMockRecorder) ListOutboundServicesForIdentity(arg0 interface{}) *gomock.Call

ListOutboundServicesForIdentity indicates an expected call of ListOutboundServicesForIdentity.

func (*MockMeshCatalogerMockRecorder) ListServiceIdentitiesForService

func (mr *MockMeshCatalogerMockRecorder) ListServiceIdentitiesForService(arg0 interface{}) *gomock.Call

ListServiceIdentitiesForService indicates an expected call of ListServiceIdentitiesForService.

Directories

Path Synopsis
Package fake implements Fake's methods.
Package fake implements Fake's methods.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL