README
¶
Design
Lifecycle
Every time we enter a reconciliation loop we do essentially the same 5 things in the following order for logical consistency:
- See where we are in the lifecycle of an object -- if it's being deleted, clean it up, if it needs finalizer additions or deletions, do them -- this happens in the Controller/reconciler itself.
- Validate and resolve any references to external objects -- this happens in the reconciliation manager.
- Attempt to upsert the object into our state tree -- this happens in the store that the manager invokes.
- Synchronize any changed objects from the upsert into Consul's state -- this happens in a synchronization adapter used by the store.
- Synchronize any status changes back to Kubernetes -- this happens as callbacks invoked by the store after synchronization either fails or completes.
Error Handling
Generally we've followed the following major design principles for error handling in our reconciler loop code:
- Any unexpected Kubernetes API errors should return an error from the controller
Reconcilemethod which will immediately reschedule (in a ratelimited fashion) the event on the loop. - Any errors that are non-retryable in nature due to bad data i.e. validation errors, should be swallowed and Kubernetes status conditions used to give user feedback.
- Errors from synchronizing a resolved Gateway-Route tree, whether they're Consul network-connectivity issues or data validation issues due to external modification or invalid Consul state should be retried, however the reconciliation loop should not be blocked, instead the reconciliation attempt should be requeued with a delay, allowing subsequent state changes to still be processed, causing whatever guards against out-of-date configuration (generation checks) to eventually drop the bad event.
- In order to facillitate the above, wrap all controller
Reconcilemethods ingatewayclient.NewRequeueingMiddlewareand make sure any errors returned from thegatewayclientapi calls are wrapped ingatewayclient.K8sError.
Documentation
¶
Index ¶
Constants ¶
View Source
const (
ControllerName = "hashicorp.com/consul-api-gateway-controller"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type ConsulNamespaceConfig ¶
type ConsulNamespaceConfig struct {
ConsulDestinationNamespace string
MirrorKubernetesNamespaces bool
MirrorKubernetesNamespacePrefix string
}
func (ConsulNamespaceConfig) Namespace ¶
func (c ConsulNamespaceConfig) Namespace(namespace string) string
type K8sSecretClient ¶
type K8sSecretClient struct {
// contains filtered or unexported fields
}
K8sSecretClient acts as a secret fetcher for kubernetes secrets
func NewK8sSecretClient ¶
func NewK8sSecretClient(logger hclog.Logger, config *rest.Config) (*K8sSecretClient, error)
NewK8sSecretClient initializes a K8sSecretClient instance
func (*K8sSecretClient) AddToMultiClient ¶
func (c *K8sSecretClient) AddToMultiClient(m *envoy.MultiSecretClient)
type Kubernetes ¶
type Kubernetes struct {
// contains filtered or unexported fields
}
func New ¶
func New(logger hclog.Logger, config *Config) (*Kubernetes, error)
func (*Kubernetes) SetConsul ¶
func (k *Kubernetes) SetConsul(consul *api.Client)
func (*Kubernetes) SetStore ¶
func (k *Kubernetes) SetStore(store store.Store)
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
mocks
Package mocks is a generated GoMock package.
|
Package mocks is a generated GoMock package. |
|
mocks
Package mocks is a generated GoMock package.
|
Package mocks is a generated GoMock package. |
|
mocks
Package mocks is a generated GoMock package.
|
Package mocks is a generated GoMock package. |
Click to show internal directories.
Click to hide internal directories.