Documentation ¶
Overview ¶
Package apiserver contains the code that provides a RESTful api service.
Index ¶
- Constants
- Variables
- func APIVersionHandler(versions ...string) restful.RouteFunction
- func AddApiWebService(container *restful.Container, apiPrefix string, versions []string)
- func CORS(handler http.Handler, allowedOriginPatterns []*regexp.Regexp, ...) http.Handler
- func CreateResource(r RESTCreater, ctxFn ContextFunc, namer ScopeNamer, codec runtime.Codec, ...) restful.RouteFunction
- func DeleteResource(r RESTDeleter, ctxFn ContextFunc, namer ScopeNamer, codec runtime.Codec, ...) restful.RouteFunction
- func GetResource(r RESTGetter, ctxFn ContextFunc, namer ScopeNamer, codec runtime.Codec) restful.RouteFunction
- func Handle(storage map[string]RESTStorage, codec runtime.Codec, root string, ...) http.Handler
- func IndexHandler(container *restful.Container, muxHelper *MuxHelper) func(http.ResponseWriter, *http.Request)
- func InstallLogsSupport(mux Mux)
- func InstallSupport(mux Mux, ws *restful.WebService)
- func InstallValidator(mux Mux, servers func() map[string]Server)
- func IsReadOnlyReq(req http.Request) bool
- func ListResource(r RESTLister, ctxFn ContextFunc, namer ScopeNamer, codec runtime.Codec) restful.RouteFunction
- func MakeAsync(fn WorkFunc) <-chan RESTResult
- func NewAlwaysAllowAuthorizer() authorizer.Authorizer
- func NewAlwaysDenyAuthorizer() authorizer.Authorizer
- func NewAuthenticatorFromTokenFile(tokenAuthFile string) (authenticator.Request, error)
- func NewAuthorizerFromAuthorizationConfig(authorizationMode string, authorizationPolicyFile string) (authorizer.Authorizer, error)
- func NewValidator(servers func() map[string]Server) (http.Handler, error)
- func RateLimit(rl util.RateLimiter, handler http.Handler) http.Handler
- func ReadOnly(handler http.Handler) http.Handler
- func RecoverPanics(handler http.Handler) http.Handler
- func UpdateResource(r RESTUpdater, ctxFn ContextFunc, namer ScopeNamer, codec runtime.Codec, ...) restful.RouteFunction
- func WithAuthorizationCheck(handler http.Handler, getAttribs RequestAttributeGetter, ...) http.Handler
- type APIGroupVersion
- type APIInstaller
- type APIRequestInfo
- type APIRequestInfoResolver
- type Attributes
- type ContextFunc
- type Mux
- type MuxHelper
- type Operation
- type Operations
- type ProxyHandler
- type RESTCreater
- type RESTDeleter
- type RESTGetter
- type RESTLister
- type RESTResult
- type RESTStorage
- type RESTUpdater
- type RedirectHandler
- type Redirector
- type RequestAttributeGetter
- type ResourceWatcher
- type ScopeNamer
- type Server
- type ServerStatus
- type WatchHandler
- type WatchServer
- type WorkFunc
Constants ¶
const ( ModeAlwaysAllow string = "AlwaysAllow" ModeAlwaysDeny string = "AlwaysDeny" ModeABAC string = "ABAC" )
Variables ¶
var AuthorizationModeChoices = []string{ModeAlwaysAllow, ModeAlwaysDeny, ModeABAC}
Keep this list in sync with constant list above.
Functions ¶
func APIVersionHandler ¶
func APIVersionHandler(versions ...string) restful.RouteFunction
APIVersionHandler returns a handler which will list the provided versions as available.
func AddApiWebService ¶
Adds a service to return the supported api versions.
func CORS ¶
func CORS(handler http.Handler, allowedOriginPatterns []*regexp.Regexp, allowedMethods []string, allowedHeaders []string, allowCredentials string) http.Handler
TODO: use restful.CrossOriginResourceSharing Simple CORS implementation that wraps an http Handler For a more detailed implementation use https://github.com/martini-contrib/cors or implement CORS at your proxy layer Pass nil for allowedMethods and allowedHeaders to use the defaults
func CreateResource ¶
func CreateResource(r RESTCreater, ctxFn ContextFunc, namer ScopeNamer, codec runtime.Codec, resource string, admit admission.Interface) restful.RouteFunction
CreateResource returns a function that will handle a resource creation.
func DeleteResource ¶
func DeleteResource(r RESTDeleter, ctxFn ContextFunc, namer ScopeNamer, codec runtime.Codec, resource, kind string, admit admission.Interface) restful.RouteFunction
DeleteResource returns a function that will handle a resource deletion
func GetResource ¶
func GetResource(r RESTGetter, ctxFn ContextFunc, namer ScopeNamer, codec runtime.Codec) restful.RouteFunction
GetResource returns a function that handles retrieving a single resource from a RESTStorage object.
func Handle ¶
func Handle(storage map[string]RESTStorage, codec runtime.Codec, root string, version string, linker runtime.SelfLinker, admissionControl admission.Interface, contextMapper api.RequestContextMapper, mapper meta.RESTMapper) http.Handler
Handle returns a Handler function that exposes the provided storage interfaces as RESTful resources at prefix, serialized by codec, and also includes the support http resources. Note: This method is used only in tests.
func IndexHandler ¶
func IndexHandler(container *restful.Container, muxHelper *MuxHelper) func(http.ResponseWriter, *http.Request)
func InstallLogsSupport ¶
func InstallLogsSupport(mux Mux)
InstallLogsSupport registers the APIServer log support function into a mux.
func InstallSupport ¶
func InstallSupport(mux Mux, ws *restful.WebService)
TODO: document all handlers InstallSupport registers the APIServer support functions
func InstallValidator ¶
TODO: Convert to go-restful
func IsReadOnlyReq ¶
IsReadOnlyReq() is true for any (or at least many) request which has no observable side effects on state of apiserver (though there may be internal side effects like caching and logging).
func ListResource ¶
func ListResource(r RESTLister, ctxFn ContextFunc, namer ScopeNamer, codec runtime.Codec) restful.RouteFunction
ListResource returns a function that handles retrieving a list of resources from a RESTStorage object.
func MakeAsync ¶
func MakeAsync(fn WorkFunc) <-chan RESTResult
MakeAsync takes a function and executes it, delivering the result in the way required by RESTStorage's Update, Delete, and Create methods.
func NewAlwaysAllowAuthorizer ¶
func NewAlwaysAllowAuthorizer() authorizer.Authorizer
func NewAlwaysDenyAuthorizer ¶
func NewAlwaysDenyAuthorizer() authorizer.Authorizer
func NewAuthenticatorFromTokenFile ¶
func NewAuthenticatorFromTokenFile(tokenAuthFile string) (authenticator.Request, error)
NewAuthenticatorFromTokenFile returns an authenticator.Request or an error
func NewAuthorizerFromAuthorizationConfig ¶
func NewAuthorizerFromAuthorizationConfig(authorizationMode string, authorizationPolicyFile string) (authorizer.Authorizer, error)
NewAuthorizerFromAuthorizationConfig returns the right sort of authorizer.Authorizer based on the authorizationMode xor an error. authorizationMode should be one of AuthorizationModeChoices.
func NewValidator ¶
NewValidator creates a validator for a set of servers.
func ReadOnly ¶
ReadOnly passes all GET requests on to handler, and returns an error on all other requests.
func RecoverPanics ¶
RecoverPanics wraps an http Handler to recover and log panics.
func UpdateResource ¶
func UpdateResource(r RESTUpdater, ctxFn ContextFunc, namer ScopeNamer, codec runtime.Codec, resource string, admit admission.Interface) restful.RouteFunction
UpdateResource returns a function that will handle a resource update
func WithAuthorizationCheck ¶
func WithAuthorizationCheck(handler http.Handler, getAttribs RequestAttributeGetter, a authorizer.Authorizer) http.Handler
WithAuthorizationCheck passes all authorized requests on to handler, and returns a forbidden error otherwise.
Types ¶
type APIGroupVersion ¶
type APIGroupVersion struct {
// contains filtered or unexported fields
}
APIGroupVersion is a helper for exposing RESTStorage objects as http.Handlers via go-restful It handles URLs of the form: /${storage_key}[/${object_name}] Where 'storage_key' points to a RESTStorage object stored in storage.
func NewAPIGroupVersion ¶
func NewAPIGroupVersion(storage map[string]RESTStorage, codec runtime.Codec, root, prefix string, linker runtime.SelfLinker, admissionControl admission.Interface, contextMapper api.RequestContextMapper, mapper meta.RESTMapper) *APIGroupVersion
NewAPIGroupVersion returns an object that will serve a set of REST resources and their associated operations. The provided codec controls serialization and deserialization. This is a helper method for registering multiple sets of REST handlers under different prefixes onto a server. TODO: add multitype codec serialization
func (*APIGroupVersion) InstallREST ¶
func (g *APIGroupVersion) InstallREST(container *restful.Container, root string, version string) error
InstallREST registers the REST handlers (storage, watch, proxy and redirect) into a restful Container. It is expected that the provided path root prefix will serve all operations. Root MUST NOT end in a slash. A restful WebService is created for the group and version.
type APIInstaller ¶
type APIInstaller struct {
// contains filtered or unexported fields
}
func (*APIInstaller) Install ¶
func (a *APIInstaller) Install() (ws *restful.WebService, errors []error)
Installs handlers for API resources.
type APIRequestInfo ¶
type APIRequestInfo struct { // Verb is the kube verb associated with the request, not the http verb. This includes things like list and watch. Verb string APIVersion string Namespace string // Resource is the name of the resource being requested. This is not the kind. For example: pods Resource string // Kind is the type of object being manipulated. For example: Pod Kind string // Name is empty for some verbs, but if the request directly indicates a name (not in body content) then this field is filled in. Name string // Parts are the path parts for the request relative to /{resource}/{name} Parts []string }
APIRequestInfo holds information parsed from the http.Request
type APIRequestInfoResolver ¶
type APIRequestInfoResolver struct { APIPrefixes util.StringSet RestMapper meta.RESTMapper }
func (*APIRequestInfoResolver) GetAPIRequestInfo ¶
func (r *APIRequestInfoResolver) GetAPIRequestInfo(req *http.Request) (APIRequestInfo, error)
GetAPIRequestInfo returns the information from the http request. If error is not nil, APIRequestInfo holds the information as best it is known before the failure Valid Inputs: Storage paths /namespaces /namespaces/{namespace} /namespaces/{namespace}/{resource} /namespaces/{namespace}/{resource}/{resourceName} /{resource} /{resource}/{resourceName} /{resource}/{resourceName}?namespace={namespace} /{resource}?namespace={namespace}
Special verbs: /proxy/{resource}/{resourceName} /proxy/ns/{namespace}/{resource}/{resourceName} /redirect/ns/{namespace}/{resource}/{resourceName} /redirect/{resource}/{resourceName} /watch/{resource} /watch/ns/{namespace}/{resource}
Fully qualified paths for above: /api/{version}/* /api/{version}/*
type ContextFunc ¶
ContextFunc returns a Context given a request - a context must be returned
type Mux ¶
type Mux interface { Handle(pattern string, handler http.Handler) HandleFunc(pattern string, handler func(http.ResponseWriter, *http.Request)) }
mux is an object that can register http handlers.
type MuxHelper ¶
Offers additional functionality over ServeMux, for ex: supports listing registered paths.
func (*MuxHelper) HandleFunc ¶
type Operation ¶
type Operation struct { ID string // contains filtered or unexported fields }
Operation represents an ongoing action which the server is performing.
func (*Operation) StatusOrResult ¶
func (op *Operation) StatusOrResult() (description RESTResult, finished bool)
StatusOrResult returns status information or the result of the operation if it is complete, with a bool indicating true in the latter case.
type Operations ¶
type Operations struct {
// contains filtered or unexported fields
}
Operations tracks all the ongoing operations.
func NewOperations ¶
func NewOperations() *Operations
NewOperations returns a new Operations repository.
func (*Operations) Get ¶
func (ops *Operations) Get(id string) *Operation
Get returns the operation with the given ID, or nil.
func (*Operations) NewOperation ¶
func (ops *Operations) NewOperation(from <-chan RESTResult, onReceive func(RESTResult)) *Operation
NewOperation adds a new operation. It is lock-free. 'onReceive' will be called with the value read from 'from', when it is read.
type ProxyHandler ¶
type ProxyHandler struct {
// contains filtered or unexported fields
}
ProxyHandler provides a http.Handler which will proxy traffic to locations specified by items implementing Redirector.
func (*ProxyHandler) ServeHTTP ¶
func (r *ProxyHandler) ServeHTTP(w http.ResponseWriter, req *http.Request)
type RESTCreater ¶
type RESTCreater interface { // New returns an empty object that can be used with Create after request data has been put into it. // This object must be a pointer type for use with Codec.DecodeInto([]byte, runtime.Object) New() runtime.Object // Create creates a new version of a resource. Create(ctx api.Context, obj runtime.Object) (runtime.Object, error) }
type RESTDeleter ¶
type RESTDeleter interface { // Delete finds a resource in the storage and deletes it. // Although it can return an arbitrary error value, IsNotFound(err) is true for the // returned error value err when the specified resource is not found. // Delete *may* return the object that was deleted, or a status object indicating additional // information about deletion. Delete(ctx api.Context, id string) (runtime.Object, error) }
type RESTGetter ¶
type RESTGetter interface { // Get finds a resource in the storage by id and returns it. // Although it can return an arbitrary error value, IsNotFound(err) is true for the // returned error value err when the specified resource is not found. Get(ctx api.Context, id string) (runtime.Object, error) }
type RESTLister ¶
type RESTLister interface { // NewList returns an empty object that can be used with the List call. // This object must be a pointer type for use with Codec.DecodeInto([]byte, runtime.Object) NewList() runtime.Object // List selects resources in the storage which match to the selector. List(ctx api.Context, label, field labels.Selector) (runtime.Object, error) }
type RESTResult ¶
type RESTResult struct { // The result of this operation. May be nil if the operation has no meaningful // result (like Delete) runtime.Object // May be set true to indicate that the Update operation resulted in the object // being created. Created bool }
RESTResult indicates the result of a REST transformation.
type RESTStorage ¶
type RESTStorage interface { // New returns an empty object that can be used with Create and Update after request data has been put into it. // This object must be a pointer type for use with Codec.DecodeInto([]byte, runtime.Object) New() runtime.Object }
RESTStorage is a generic interface for RESTful storage services. Resources which are exported to the RESTful API of apiserver need to implement this interface. It is expected that objects may implement any of the REST* interfaces. TODO: implement dynamic introspection (so GenericREST objects can indicate what they implement)
type RESTUpdater ¶
type RESTUpdater interface { // New returns an empty object that can be used with Update after request data has been put into it. // This object must be a pointer type for use with Codec.DecodeInto([]byte, runtime.Object) New() runtime.Object // Update finds a resource in the storage and updates it. Some implementations // may allow updates creates the object - they should set the created boolean // to true. Update(ctx api.Context, obj runtime.Object) (runtime.Object, bool, error) }
type RedirectHandler ¶
type RedirectHandler struct {
// contains filtered or unexported fields
}
func (*RedirectHandler) ServeHTTP ¶
func (r *RedirectHandler) ServeHTTP(w http.ResponseWriter, req *http.Request)
type Redirector ¶
type Redirector interface { // ResourceLocation should return the remote location of the given resource, or an error. ResourceLocation(ctx api.Context, id string) (remoteLocation string, err error) }
Redirector know how to return a remote resource's location.
type RequestAttributeGetter ¶
type RequestAttributeGetter interface {
GetAttribs(req *http.Request) (attribs authorizer.Attributes)
}
RequestAttributeGetter is a function that extracts authorizer.Attributes from an http.Request
func NewRequestAttributeGetter ¶
func NewRequestAttributeGetter(requestContextMapper api.RequestContextMapper, restMapper meta.RESTMapper, apiRoots ...string) RequestAttributeGetter
NewAttributeGetter returns an object which implements the RequestAttributeGetter interface.
type ResourceWatcher ¶
type ResourceWatcher interface { // 'label' selects on labels; 'field' selects on the object's fields. Not all fields // are supported; an error should be returned if 'field' tries to select on a field that // isn't supported. 'resourceVersion' allows for continuing/starting a watch at a // particular version. Watch(ctx api.Context, label, field labels.Selector, resourceVersion string) (watch.Interface, error) }
ResourceWatcher should be implemented by all RESTStorage objects that want to offer the ability to watch for changes through the watch api.
type ScopeNamer ¶
type ScopeNamer interface { // Namespace returns the appropriate namespace value from the request (may be empty) or an // error. Namespace(req *restful.Request) (namespace string, err error) // Name returns the name from the request, and an optional namespace value if this is a namespace // scoped call. An error is returned if the name is not available. Name(req *restful.Request) (namespace, name string, err error) // ObjectName returns the namespace and name from an object if they exist, or an error if the object // does not support names. ObjectName(obj runtime.Object) (namespace, name string, err error) // SetSelfLink sets the provided URL onto the object. The method should return nil if the object // does not support selfLinks. SetSelfLink(obj runtime.Object, url string) error // GenerateLink creates a path and query for a given runtime object that represents the canonical path. GenerateLink(req *restful.Request, obj runtime.Object) (path, query string, err error) // GenerateLink creates a path and query for a list that represents the canonical path. GenerateListLink(req *restful.Request) (path, query string, err error) }
ScopeNamer handles accessing names from requests and objects
type ServerStatus ¶
type WatchHandler ¶
type WatchHandler struct {
// contains filtered or unexported fields
}
func (*WatchHandler) ServeHTTP ¶
func (h *WatchHandler) ServeHTTP(w http.ResponseWriter, req *http.Request)
ServeHTTP processes watch requests.
type WatchServer ¶
type WatchServer struct {
// contains filtered or unexported fields
}
WatchServer serves a watch.Interface over a websocket or vanilla HTTP.
func (*WatchServer) HandleWS ¶
func (w *WatchServer) HandleWS(ws *websocket.Conn)
HandleWS implements a websocket handler.
func (*WatchServer) ServeHTTP ¶
func (self *WatchServer) ServeHTTP(w http.ResponseWriter, req *http.Request)
ServeHTTP serves a series of JSON encoded events via straight HTTP with Transfer-Encoding: chunked.