Documentation ¶
Index ¶
- Constants
- Variables
- func ClusterInfoFromIstiod(conf config.Config, k8s ClientInterface) (string, bool, error)
- func DestinationRuleHasMTLSEnabled(destinationRule *networking_v1beta1.DestinationRule) (bool, string)
- func DestinationRuleHasMTLSEnabledForHost(expectedHost string, destinationRule *networking_v1beta1.DestinationRule) (bool, string)
- func DestinationRuleHasMeshWideMTLSEnabled(destinationRule *networking_v1beta1.DestinationRule) (bool, string)
- func DestinationRuleHasNamespaceWideMTLSEnabled(namespace string, destinationRule *networking_v1beta1.DestinationRule) (bool, string)
- func FilterAuthorizationPoliciesBySelector(workloadSelector string, ...) []*security_v1beta1.AuthorizationPolicy
- func FilterAutogeneratedDestinationRules(destinationRules []*networking_v1beta1.DestinationRule) []*networking_v1beta1.DestinationRule
- func FilterAutogeneratedGateways(gateways []*networking_v1beta1.Gateway) []*networking_v1beta1.Gateway
- func FilterAutogeneratedVirtualServices(vss []*networking_v1beta1.VirtualService) []*networking_v1beta1.VirtualService
- func FilterByHost(host, hostNamespace, serviceName, svcNamespace string) bool
- func FilterByRegistryService(namespace string, hostname string, registryService *RegistryService) bool
- func FilterDestinationRulesByHostname(allDr []*networking_v1beta1.DestinationRule, hostname string) []*networking_v1beta1.DestinationRule
- func FilterDestinationRulesByNamespaces(namespaces []string, allDr []*networking_v1beta1.DestinationRule) []*networking_v1beta1.DestinationRule
- func FilterDestinationRulesByService(allDr []*networking_v1beta1.DestinationRule, namespace string, ...) []*networking_v1beta1.DestinationRule
- func FilterEnvoyFiltersBySelector(workloadSelector string, envoyfilters []*networking_v1alpha3.EnvoyFilter) []*networking_v1alpha3.EnvoyFilter
- func FilterGatewaysBySelector(workloadSelector string, gateways []*networking_v1beta1.Gateway) []*networking_v1beta1.Gateway
- func FilterGatewaysByVirtualServices(allGws []*networking_v1beta1.Gateway, ...) []*networking_v1beta1.Gateway
- func FilterK8sGatewaysByHTTPRoutes(allGws []*k8s_networking_v1beta1.Gateway, ...) []*k8s_networking_v1beta1.Gateway
- func FilterK8sHTTPRoutesByService(allRoutes []*k8s_networking_v1beta1.HTTPRoute, namespace string, ...) []*k8s_networking_v1beta1.HTTPRoute
- func FilterPeerAuthenticationByNamespace(namespace string, peerauthentications []*security_v1beta1.PeerAuthentication) []*security_v1beta1.PeerAuthentication
- func FilterPeerAuthenticationsBySelector(workloadSelector string, ...) []*security_v1beta1.PeerAuthentication
- func FilterPodsByController(controllerName string, controllerType string, allPods []core_v1.Pod) []core_v1.Pod
- func FilterPodsByEndpoints(endpoints *core_v1.Endpoints, unfiltered []core_v1.Pod) []core_v1.Pod
- func FilterPodsBySelector(selector labels.Selector, allPods []core_v1.Pod) []core_v1.Pod
- func FilterPodsByService(s *core_v1.Service, allPods []core_v1.Pod) []core_v1.Pod
- func FilterRequestAuthenticationsBySelector(workloadSelector string, ...) []*security_v1beta1.RequestAuthentication
- func FilterServiceEntriesByHostname(serviceEntries []*networking_v1beta1.ServiceEntry, hostname string) []*networking_v1beta1.ServiceEntry
- func FilterServicesByLabels(selector labels.Selector, allServices []core_v1.Service) []core_v1.Service
- func FilterSidecarsBySelector(workloadSelector string, sidecars []*networking_v1beta1.Sidecar) []*networking_v1beta1.Sidecar
- func FilterSupportedGateways(gateways []*networking_v1beta1.Gateway) []*networking_v1beta1.Gateway
- func FilterSupportedK8sGateways(gateways []*k8s_networking_v1beta1.Gateway) []*k8s_networking_v1beta1.Gateway
- func FilterVirtualServiceByRoute(vs *networking_v1beta1.VirtualService, service string, namespace string) bool
- func FilterVirtualServicesByHostname(allVs []*networking_v1beta1.VirtualService, hostname string) []*networking_v1beta1.VirtualService
- func FilterVirtualServicesByService(allVs []*networking_v1beta1.VirtualService, namespace string, ...) []*networking_v1beta1.VirtualService
- func GatewayNames(gateways []*networking_v1beta1.Gateway) map[string]struct{}
- func GetConfigForLocalCluster() (*rest.Config, error)
- func GetConfigForRemoteCluster(cluster RemoteSecretClusterListItem) (*rest.Config, error)
- func GetConfigForRemoteClusterInfo(cluster RemoteClusterInfo) (*rest.Config, error)
- func GetConfigWithTokenForRemoteCluster(cluster RemoteSecretClusterListItem, user RemoteSecretUser) (*rest.Config, error)
- func GetKialiTokenForHomeCluster() (string, error)
- func GetPatchType(patchType string) types.PatchType
- func GetRemoteClusterInfos() (map[string]RemoteClusterInfo, error)
- func HasMatchingRegistryService(namespace string, host string, registryServices []*RegistryService) bool
- func HasMatchingServiceEntries(service string, serviceEntries map[string][]string) bool
- func HasMatchingServices(service string, services []core_v1.Service) bool
- func HasMatchingVirtualServices(host Host, virtualServices []*networking_v1beta1.VirtualService) bool
- func HasMatchingWorkloads(service string, workloadList []labels.Set) bool
- func HostWithinWildcardHost(subdomain, wildcardDomain string) bool
- func IsAutogenerated(name string) bool
- func IsMaistraAutogenerated(labels map[string]string) bool
- func K8sGatewayNames(gateways []*k8s_networking_v1beta1.Gateway) map[string]struct{}
- func MatchPortAppProtocolWithValidProtocols(appProtocol *string) bool
- func MatchPortNameRule(portName, protocol string) bool
- func MatchPortNameWithValidProtocols(portName string) bool
- func NewNotFound(name, group, resource string) error
- func ParseTwoPartHost(host Host) (string, string)
- func PeerAuthnHasMTLSEnabled(peerAuthn *security_v1beta1.PeerAuthentication) (bool, string)
- func PeerAuthnHasStrictMTLS(peerAuthn *security_v1beta1.PeerAuthentication) bool
- func PeerAuthnMTLSMode(peerAuthn *security_v1beta1.PeerAuthentication) (bool, string)
- func ReadFile(t *testing.T, path string) []byte
- func ServiceEntryHostnames(serviceEntries []*networking_v1beta1.ServiceEntry) map[string][]string
- func ValidatePort(portDef *api_networking_v1beta1.Port) bool
- type ClientFactory
- type ClientInterface
- type ClusterDump
- type ComponentStatus
- type ConfigDump
- type DynamicListener
- type EnvoyCluster
- type EnvoyClusterWrapper
- type EnvoyFilterChain
- type EnvoyListener
- type EnvoyListenerFilter
- type EnvoyMetadata
- type EnvoyRouteConfig
- type FilterChainMatch
- type Host
- type IstioClientInterface
- type IstioComponentStatus
- type IstioEndpoint
- type IstioMeshConfig
- type IstioService
- type K8SClient
- func (in *K8SClient) CanConnectToIstiod() (IstioComponentStatus, error)
- func (in *K8SClient) GatewayAPI() gatewayapiclient.Interface
- func (in *K8SClient) GetClusterServicesByLabels(labelsSelector string) ([]core_v1.Service, error)
- func (in *K8SClient) GetConfigDump(namespace, podName string) (*ConfigDump, error)
- func (in *K8SClient) GetConfigMap(namespace, name string) (*core_v1.ConfigMap, error)
- func (in *K8SClient) GetCronJobs(namespace string) ([]batch_v1.CronJob, error)
- func (in *K8SClient) GetDaemonSet(namespace string, name string) (*apps_v1.DaemonSet, error)
- func (in *K8SClient) GetDaemonSets(namespace string) ([]apps_v1.DaemonSet, error)
- func (in *K8SClient) GetDeployment(namespace, name string) (*apps_v1.Deployment, error)
- func (in *K8SClient) GetDeploymentConfig(namespace, name string) (*osapps_v1.DeploymentConfig, error)
- func (in *K8SClient) GetDeploymentConfigs(namespace string) ([]osapps_v1.DeploymentConfig, error)
- func (in *K8SClient) GetDeployments(namespace string) ([]apps_v1.Deployment, error)
- func (in *K8SClient) GetEndpoints(namespace, name string) (*core_v1.Endpoints, error)
- func (in *K8SClient) GetJobs(namespace string) ([]batch_v1.Job, error)
- func (in *K8SClient) GetNamespace(namespace string) (*core_v1.Namespace, error)
- func (in *K8SClient) GetNamespaces(labelSelector string) ([]core_v1.Namespace, error)
- func (in *K8SClient) GetPod(namespace, name string) (*core_v1.Pod, error)
- func (in *K8SClient) GetPods(namespace, labelSelector string) ([]core_v1.Pod, error)
- func (in *K8SClient) GetProject(name string) (*osproject_v1.Project, error)
- func (in *K8SClient) GetProjects(labelSelector string) ([]osproject_v1.Project, error)
- func (in *K8SClient) GetProxyStatus() ([]*ProxyStatus, error)
- func (in *K8SClient) GetRegistryConfiguration() (*RegistryConfiguration, error)
- func (in *K8SClient) GetRegistryEndpoints() ([]*RegistryEndpoint, error)
- func (in *K8SClient) GetRegistryServices() ([]*RegistryService, error)
- func (in *K8SClient) GetReplicaSets(namespace string) ([]apps_v1.ReplicaSet, error)
- func (in *K8SClient) GetReplicationControllers(namespace string) ([]core_v1.ReplicationController, error)
- func (in *K8SClient) GetRoute(namespace, name string) (*osroutes_v1.Route, error)
- func (in *K8SClient) GetSecret(namespace, name string) (*core_v1.Secret, error)
- func (in *K8SClient) GetSelfSubjectAccessReview(ctx context.Context, namespace, api, resourceType string, verbs []string) ([]*auth_v1.SelfSubjectAccessReview, error)
- func (in *K8SClient) GetServerVersion() (*version.Info, error)
- func (in *K8SClient) GetService(namespace, name string) (*core_v1.Service, error)
- func (in *K8SClient) GetServices(namespace string, selectorLabels map[string]string) ([]core_v1.Service, error)
- func (in *K8SClient) GetServicesByLabels(namespace string, labelsSelector string) ([]core_v1.Service, error)
- func (in *K8SClient) GetStatefulSet(namespace string, name string) (*apps_v1.StatefulSet, error)
- func (in *K8SClient) GetStatefulSets(namespace string) ([]apps_v1.StatefulSet, error)
- func (client *K8SClient) GetToken() string
- func (in *K8SClient) GetTokenSubject(authInfo *api.AuthInfo) (string, error)
- func (in *K8SClient) IsGatewayAPI() bool
- func (in *K8SClient) IsIstioAPI() bool
- func (in *K8SClient) IsOpenShift() bool
- func (in *K8SClient) Istio() istio.Interface
- func (in *K8SClient) Kube() kubernetes.Interface
- func (in *K8SClient) SetProxyLogLevel(namespace, pod, level string) error
- func (in *K8SClient) StreamPodLogs(namespace, name string, opts *core_v1.PodLogOptions) (io.ReadCloser, error)
- func (in *K8SClient) UpdateNamespace(namespace string, jsonPatch string) (*core_v1.Namespace, error)
- func (in *K8SClient) UpdateProject(namespace string, jsonPatch string) (*osproject_v1.Project, error)
- func (in *K8SClient) UpdateService(namespace string, name string, jsonPatch string, patchType string) error
- func (in *K8SClient) UpdateWorkload(namespace string, workloadName string, workloadType string, jsonPatch string, ...) error
- type K8SClientInterface
- type ListenerDump
- type MTLSDetails
- type OSClientInterface
- type PodLogs
- type ProxyStatus
- type RBACDetails
- type RegistryConfiguration
- type RegistryEndpoint
- type RegistryService
- func FilterRegistryServicesBySelector(selector labels.Selector, namespace string, ...) []*RegistryService
- func FilterRegistryServicesByServices(registryServices []*RegistryService, services []core_v1.Service) []*RegistryService
- func ParseRegistryServices(registries map[string][]byte) ([]*RegistryService, error)
- type RegistryStatus
- type RemoteClusterInfo
- type RemoteSecret
- type RemoteSecretCluster
- type RemoteSecretClusterListItem
- type RemoteSecretUser
- type RemoteSecretUserToken
- type RouteConfig
- type RouteDump
- type StaticListener
- type SyncStatus
- type VirtualHostFilter
Constants ¶
const ( ComponentHealthy = "Healthy" ComponentNotFound = "NotFound" ComponentNotReady = "NotReady" ComponentUnhealthy = "Unhealthy" ComponentUnreachable = "Unreachable" )
const ( // Kubernetes Controllers ConfigMapType = "ConfigMap" CronJobType = "CronJob" DaemonSetType = "DaemonSet" DeploymentType = "Deployment" DeploymentConfigType = "DeploymentConfig" EndpointsType = "Endpoints" JobType = "Job" PodType = "Pod" ReplicationControllerType = "ReplicationController" ReplicaSetType = "ReplicaSet" ServiceType = "Service" StatefulSetType = "StatefulSet" DestinationRules = "destinationrules" DestinationRuleType = "DestinationRule" Gateways = "gateways" GatewayType = "Gateway" EnvoyFilters = "envoyfilters" EnvoyFilterType = "EnvoyFilter" Sidecars = "sidecars" SidecarType = "Sidecar" ServiceEntries = "serviceentries" ServiceEntryType = "ServiceEntry" VirtualServices = "virtualservices" VirtualServiceType = "VirtualService" WorkloadEntries = "workloadentries" WorkloadEntryType = "WorkloadEntry" WorkloadGroups = "workloadgroups" WorkloadGroupType = "WorkloadGroup" WasmPlugins = "wasmplugins" WasmPluginType = "WasmPlugin" Telemetries = "telemetries" TelemetryType = "Telemetry" K8sGateways = "k8sgateways" K8sGatewayType = "K8sGateway" // K8sActualGatewayType There is a naming conflict between Istio and K8s Gateways, keeping here an actual type to show in YAML editor K8sActualGatewayType = "Gateway" K8sHTTPRoutes = "k8shttproutes" K8sHTTPRouteType = "K8sHTTPRoute" // K8sActualHTTPRouteType There is a naming conflict between Istio and K8s Gateways, keeping here an actual type to show in YAML editor K8sActualHTTPRouteType = "HTTPRoute" // Authorization PeerAuthentications AuthorizationPolicies = "authorizationpolicies" AuthorizationPoliciesType = "AuthorizationPolicy" // Peer Authentications PeerAuthentications = "peerauthentications" PeerAuthenticationsType = "PeerAuthentication" // Request Authentications RequestAuthentications = "requestauthentications" RequestAuthenticationsType = "RequestAuthentication" )
const RemoteSecretData = "/kiali-remote-secret/kiali"
RemoteSecretData is used to identify the remote cluster Kiali will connect to as its "local cluster". This is to support installing Kiali in the control plane, but observing only the data plane in the remote cluster. Experimental feature. See: https://github.com/kiali/kiali/issues/3002
Variables ¶
var ( NetworkingGroupVersionV1Alpha3 = schema.GroupVersion{ Group: "networking.istio.io", Version: "v1alpha3", } ApiNetworkingVersionV1Alpha3 = NetworkingGroupVersionV1Alpha3.Group + "/" + NetworkingGroupVersionV1Alpha3.Version K8sNetworkingGroupVersionV1Alpha2 = schema.GroupVersion{ Group: "gateway.networking.k8s.io", Version: "v1alpha2", } K8sApiNetworkingVersionV1Alpha2 = K8sNetworkingGroupVersionV1Alpha2.Group + "/" + K8sNetworkingGroupVersionV1Alpha2.Version K8sNetworkingGroupVersionV1Beta1 = schema.GroupVersion{ Group: "gateway.networking.k8s.io", Version: "v1beta1", } K8sApiNetworkingVersionV1Beta1 = K8sNetworkingGroupVersionV1Beta1.Group + "/" + K8sNetworkingGroupVersionV1Beta1.Version NetworkingGroupVersionV1Beta1 = schema.GroupVersion{ Group: "networking.istio.io", Version: "v1beta1", } ApiNetworkingVersionV1Beta1 = NetworkingGroupVersionV1Beta1.Group + "/" + NetworkingGroupVersionV1Beta1.Version SecurityGroupVersion = schema.GroupVersion{ Group: "security.istio.io", Version: "v1beta1", } ApiSecurityVersion = SecurityGroupVersion.Group + "/" + SecurityGroupVersion.Version ExtensionGroupVersionV1Alpha1 = schema.GroupVersion{ Group: "extensions.istio.io", Version: "v1alpha1", } ApiExtensionV1Alpha1 = ExtensionGroupVersionV1Alpha1.Group + "/" + ExtensionGroupVersionV1Alpha1.Version TelemetryGroupV1Alpha1 = schema.GroupVersion{ Group: "telemetry.istio.io", Version: "v1alpha1", } ApiTelemetryV1Alpha1 = TelemetryGroupV1Alpha1.Group + "/" + TelemetryGroupV1Alpha1.Version PluralType = map[string]string{ Gateways: GatewayType, VirtualServices: VirtualServiceType, DestinationRules: DestinationRuleType, ServiceEntries: ServiceEntryType, Sidecars: SidecarType, WorkloadEntries: WorkloadEntryType, WorkloadGroups: WorkloadGroupType, EnvoyFilters: EnvoyFilterType, WasmPlugins: WasmPluginType, Telemetries: TelemetryType, K8sGateways: K8sGatewayType, K8sHTTPRoutes: K8sHTTPRouteType, AuthorizationPolicies: AuthorizationPoliciesType, PeerAuthentications: PeerAuthenticationsType, RequestAuthentications: RequestAuthenticationsType, } ResourceTypesToAPI = map[string]string{ DestinationRules: NetworkingGroupVersionV1Beta1.Group, EnvoyFilters: NetworkingGroupVersionV1Alpha3.Group, Gateways: NetworkingGroupVersionV1Beta1.Group, ServiceEntries: NetworkingGroupVersionV1Beta1.Group, Sidecars: NetworkingGroupVersionV1Beta1.Group, VirtualServices: NetworkingGroupVersionV1Beta1.Group, WorkloadEntries: NetworkingGroupVersionV1Beta1.Group, WorkloadGroups: NetworkingGroupVersionV1Beta1.Group, WasmPlugins: ExtensionGroupVersionV1Alpha1.Group, Telemetries: TelemetryGroupV1Alpha1.Group, K8sGateways: K8sNetworkingGroupVersionV1Beta1.Group, K8sHTTPRoutes: K8sNetworkingGroupVersionV1Beta1.Group, AuthorizationPolicies: SecurityGroupVersion.Group, PeerAuthentications: SecurityGroupVersion.Group, RequestAuthentications: SecurityGroupVersion.Group, } )
var DefaultServiceAccountPath = "/var/run/secrets/kubernetes.io/serviceaccount/token"
var (
HomeClusterName = ""
)
cluster name to denote the cluster where Kiali is deployed If you need an SA client connected to the home cluster, use GetSAHomeClusterClient() instead of this. This gets set when newClientFactory() is called. TODO: Deprecated - remove this.
var KialiTokenForHomeCluster string
var RemoteClusterSecretsDir = "/kiali-remote-cluster-secrets"
Defines where the files are located that contain the remote cluster secrets
Functions ¶
func ClusterInfoFromIstiod ¶ added in v1.67.0
ClusterInfoFromIstiod attempts to resolve the cluster info of the "home" cluster where kiali is running by inspecting the istiod deployment. Assumes that the istiod deployment is in the same cluster as the kiali pod.
func DestinationRuleHasMTLSEnabled ¶ added in v1.31.0
func DestinationRuleHasMTLSEnabled(destinationRule *networking_v1beta1.DestinationRule) (bool, string)
func DestinationRuleHasMTLSEnabledForHost ¶ added in v0.16.0
func DestinationRuleHasMTLSEnabledForHost(expectedHost string, destinationRule *networking_v1beta1.DestinationRule) (bool, string)
func DestinationRuleHasMeshWideMTLSEnabled ¶ added in v0.16.0
func DestinationRuleHasMeshWideMTLSEnabled(destinationRule *networking_v1beta1.DestinationRule) (bool, string)
func DestinationRuleHasNamespaceWideMTLSEnabled ¶ added in v0.16.0
func DestinationRuleHasNamespaceWideMTLSEnabled(namespace string, destinationRule *networking_v1beta1.DestinationRule) (bool, string)
func FilterAuthorizationPoliciesBySelector ¶ added in v1.44.0
func FilterAuthorizationPoliciesBySelector(workloadSelector string, authorizationpolicies []*security_v1beta1.AuthorizationPolicy) []*security_v1beta1.AuthorizationPolicy
func FilterAutogeneratedDestinationRules ¶ added in v1.65.1
func FilterAutogeneratedDestinationRules(destinationRules []*networking_v1beta1.DestinationRule) []*networking_v1beta1.DestinationRule
func FilterAutogeneratedGateways ¶ added in v1.55.0
func FilterAutogeneratedGateways(gateways []*networking_v1beta1.Gateway) []*networking_v1beta1.Gateway
func FilterAutogeneratedVirtualServices ¶ added in v1.55.0
func FilterAutogeneratedVirtualServices(vss []*networking_v1beta1.VirtualService) []*networking_v1beta1.VirtualService
func FilterByHost ¶
FilterByHost returns true if a (host, hostNamespace) combination is making reference to a (serviceName, svcNamespace) combination. Presumably, the host is part of the definition of some Istio Resource. Thus, it can take the form of "host", "host.namespace" or "host.namespace.svc", or the FQDN "host.namespace.svc.<identity_domain_suffix>". For the cases where the host argument takes the simplistic form of only "host", you need to provide the hostNamespace argument, which should be set to the namespace of the involved Istio Resource. For the other cases, it is safe to omit it. The other arguments are always mandatory.
func FilterByRegistryService ¶ added in v1.44.0
func FilterByRegistryService(namespace string, hostname string, registryService *RegistryService) bool
func FilterDestinationRulesByHostname ¶ added in v1.44.0
func FilterDestinationRulesByHostname(allDr []*networking_v1beta1.DestinationRule, hostname string) []*networking_v1beta1.DestinationRule
func FilterDestinationRulesByNamespaces ¶ added in v1.45.0
func FilterDestinationRulesByNamespaces(namespaces []string, allDr []*networking_v1beta1.DestinationRule) []*networking_v1beta1.DestinationRule
func FilterDestinationRulesByService ¶ added in v1.44.0
func FilterDestinationRulesByService(allDr []*networking_v1beta1.DestinationRule, namespace string, serviceName string) []*networking_v1beta1.DestinationRule
func FilterEnvoyFiltersBySelector ¶ added in v1.44.0
func FilterEnvoyFiltersBySelector(workloadSelector string, envoyfilters []*networking_v1alpha3.EnvoyFilter) []*networking_v1alpha3.EnvoyFilter
func FilterGatewaysBySelector ¶ added in v1.44.0
func FilterGatewaysBySelector(workloadSelector string, gateways []*networking_v1beta1.Gateway) []*networking_v1beta1.Gateway
func FilterGatewaysByVirtualServices ¶ added in v1.44.0
func FilterGatewaysByVirtualServices(allGws []*networking_v1beta1.Gateway, allVs []*networking_v1beta1.VirtualService) []*networking_v1beta1.Gateway
func FilterK8sGatewaysByHTTPRoutes ¶ added in v1.60.0
func FilterK8sGatewaysByHTTPRoutes(allGws []*k8s_networking_v1beta1.Gateway, allRoutes []*k8s_networking_v1beta1.HTTPRoute) []*k8s_networking_v1beta1.Gateway
func FilterK8sHTTPRoutesByService ¶ added in v1.60.0
func FilterK8sHTTPRoutesByService(allRoutes []*k8s_networking_v1beta1.HTTPRoute, namespace string, serviceName string) []*k8s_networking_v1beta1.HTTPRoute
func FilterPeerAuthenticationByNamespace ¶ added in v1.45.0
func FilterPeerAuthenticationByNamespace(namespace string, peerauthentications []*security_v1beta1.PeerAuthentication) []*security_v1beta1.PeerAuthentication
func FilterPeerAuthenticationsBySelector ¶ added in v1.44.0
func FilterPeerAuthenticationsBySelector(workloadSelector string, peerauthentications []*security_v1beta1.PeerAuthentication) []*security_v1beta1.PeerAuthentication
func FilterPodsByController ¶ added in v1.44.0
func FilterPodsByEndpoints ¶ added in v1.44.0
FilterPodsByEndpoints performs a second pass was selector may return too many data This case happens when a "nil" selector (such as one of default/kubernetes service) is used
func FilterPodsBySelector ¶ added in v1.44.0
func FilterPodsByService ¶ added in v1.44.0
FilterPodsByService returns a subpart of pod list filtered according service selector
func FilterRequestAuthenticationsBySelector ¶ added in v1.44.0
func FilterRequestAuthenticationsBySelector(workloadSelector string, requestauthentications []*security_v1beta1.RequestAuthentication) []*security_v1beta1.RequestAuthentication
func FilterServiceEntriesByHostname ¶ added in v1.44.0
func FilterServiceEntriesByHostname(serviceEntries []*networking_v1beta1.ServiceEntry, hostname string) []*networking_v1beta1.ServiceEntry
func FilterServicesByLabels ¶ added in v1.34.1
func FilterSidecarsBySelector ¶ added in v1.44.0
func FilterSidecarsBySelector(workloadSelector string, sidecars []*networking_v1beta1.Sidecar) []*networking_v1beta1.Sidecar
func FilterSupportedGateways ¶ added in v1.55.0
func FilterSupportedGateways(gateways []*networking_v1beta1.Gateway) []*networking_v1beta1.Gateway
func FilterSupportedK8sGateways ¶ added in v1.59.0
func FilterSupportedK8sGateways(gateways []*k8s_networking_v1beta1.Gateway) []*k8s_networking_v1beta1.Gateway
func FilterVirtualServiceByRoute ¶ added in v1.44.0
func FilterVirtualServiceByRoute(vs *networking_v1beta1.VirtualService, service string, namespace string) bool
func FilterVirtualServicesByHostname ¶ added in v1.44.0
func FilterVirtualServicesByHostname(allVs []*networking_v1beta1.VirtualService, hostname string) []*networking_v1beta1.VirtualService
func FilterVirtualServicesByService ¶ added in v1.44.0
func FilterVirtualServicesByService(allVs []*networking_v1beta1.VirtualService, namespace string, serviceName string) []*networking_v1beta1.VirtualService
func GatewayNames ¶ added in v0.7.0
func GatewayNames(gateways []*networking_v1beta1.Gateway) map[string]struct{}
GatewayNames extracts the gateway names for easier matching
func GetConfigForLocalCluster ¶ added in v1.64.0
GetConfigForLocalCluster return a client with the correct configuration Returns configuration if Kiali is in Cluster when InCluster is true Returns configuration if Kiali is not in Cluster when InCluster is false It returns an error on any problem
func GetConfigForRemoteCluster ¶ added in v1.64.0
func GetConfigForRemoteCluster(cluster RemoteSecretClusterListItem) (*rest.Config, error)
GetConfigForRemoteCluster points the returned k8s client config to a remote cluster's API server. The returned config will not have any user token associated with it.
func GetConfigForRemoteClusterInfo ¶ added in v1.64.0
func GetConfigForRemoteClusterInfo(cluster RemoteClusterInfo) (*rest.Config, error)
GetConfigForRemoteClusterInfo points the returned k8s client config to a remote cluster's API server. The returned config will have the user's token associated with it.
func GetConfigWithTokenForRemoteCluster ¶ added in v1.64.0
func GetConfigWithTokenForRemoteCluster(cluster RemoteSecretClusterListItem, user RemoteSecretUser) (*rest.Config, error)
GetConfigWithTokenForRemoteCluster points the returned k8s client config to a remote cluster's API server. The returned config will have the given user's token associated with it.
func GetKialiTokenForHomeCluster ¶ added in v1.64.0
GetKialiTokenForHomeCluster returns the Kiali SA token to be used to communicate with the local data plane k8s api endpoint.
func GetPatchType ¶ added in v1.64.0
func GetRemoteClusterInfos ¶ added in v1.64.0
func GetRemoteClusterInfos() (map[string]RemoteClusterInfo, error)
GetRemoteClusterInfos loads remote cluster secrets that contain information about other remote mesh clusters. The returned map is keyed on cluster name.
func HasMatchingRegistryService ¶ added in v1.44.0
func HasMatchingRegistryService(namespace string, host string, registryServices []*RegistryService) bool
HasMatchingRegistryService returns true when the FDQN of the host (from given namespace) param matches with one registry service of the registryServices param.
func HasMatchingServiceEntries ¶ added in v1.15.0
func HasMatchingServices ¶ added in v1.15.0
func HasMatchingVirtualServices ¶ added in v1.22.1
func HasMatchingVirtualServices(host Host, virtualServices []*networking_v1beta1.VirtualService) bool
func HasMatchingWorkloads ¶ added in v1.15.0
func HostWithinWildcardHost ¶ added in v1.22.1
func IsAutogenerated ¶ added in v1.55.0
func IsMaistraAutogenerated ¶ added in v1.65.1
func K8sGatewayNames ¶ added in v1.63.0
func K8sGatewayNames(gateways []*k8s_networking_v1beta1.Gateway) map[string]struct{}
K8sGatewayNames extracts the gateway names for easier matching
func MatchPortAppProtocolWithValidProtocols ¶ added in v1.44.0
func MatchPortNameRule ¶ added in v0.19.0
func MatchPortNameWithValidProtocols ¶ added in v0.19.0
func NewNotFound ¶ added in v0.7.0
NewNotFound is a helper method to create a NotFound error similar as used by the kubernetes client. This method helps upper layers to send a explicit NotFound error without querying the backend.
func ParseTwoPartHost ¶ added in v1.15.0
func PeerAuthnHasMTLSEnabled ¶ added in v1.18.1
func PeerAuthnHasMTLSEnabled(peerAuthn *security_v1beta1.PeerAuthentication) (bool, string)
func PeerAuthnHasStrictMTLS ¶ added in v1.18.1
func PeerAuthnHasStrictMTLS(peerAuthn *security_v1beta1.PeerAuthentication) bool
func PeerAuthnMTLSMode ¶ added in v1.31.0
func PeerAuthnMTLSMode(peerAuthn *security_v1beta1.PeerAuthentication) (bool, string)
func ReadFile ¶ added in v1.59.0
ReadFile reads a file's contents and calls t.Fatal if any error occurs.
func ServiceEntryHostnames ¶ added in v0.7.0
func ServiceEntryHostnames(serviceEntries []*networking_v1beta1.ServiceEntry) map[string][]string
ServiceEntryHostnames returns a list of hostnames defined in the ServiceEntries Specs. Key in the resulting map is the protocol (in lowercase) + hostname exported for test
func ValidatePort ¶ added in v0.15.0
func ValidatePort(portDef *api_networking_v1beta1.Port) bool
ValidaPort parses the Istio Port definition and validates the naming scheme
Types ¶
type ClientFactory ¶ added in v0.16.0
type ClientFactory interface { GetClient(authInfo *api.AuthInfo) (ClientInterface, error) // TODO: Make private GetClients(authInfo *api.AuthInfo) (map[string]ClientInterface, error) GetSAClient(cluster string) ClientInterface GetSAClients() map[string]ClientInterface GetSAHomeClusterClient() ClientInterface }
ClientFactory interface for the clientFactory object
func GetClientFactory ¶ added in v0.17.0
func GetClientFactory() (ClientFactory, error)
GetClientFactory returns the client factory. Creates a new one if necessary
type ClientInterface ¶ added in v1.20.0
type ClientInterface interface { GetServerVersion() (*version.Info, error) GetToken() string GetAuthInfo() *api.AuthInfo IsOpenShift() bool IsGatewayAPI() bool IsIstioAPI() bool K8SClientInterface IstioClientInterface OSClientInterface }
ClientInterface for mocks (only mocked function are necessary here)
type ClusterDump ¶ added in v1.28.0
type ClusterDump struct { DynamicClusters []EnvoyClusterWrapper `mapstructure:"dynamic_active_clusters"` StaticClusters []EnvoyClusterWrapper `mapstructure:"static_clusters"` }
type ComponentStatus ¶ added in v1.59.0
type ComponentStatus struct { // Namespace where the component is deployed. // This field is ignored when marshalling to JSON. Namespace string `json:"-"` // The workload name of the Istio component. // // example: istio-ingressgateway // required: true Name string `json:"name"` // The status of an Istio component. // // example: Not Found // required: true Status string `json:"status"` // When true, the component is necessary for Istio to function. Otherwise, it is an addon. // // example: true // required: true IsCore bool `json:"is_core"` }
type ConfigDump ¶ added in v1.28.0
type ConfigDump struct {
Configs []interface{} `json:"configs"`
}
Root of ConfigDump
func (*ConfigDump) GetClusters ¶ added in v1.28.0
func (cd *ConfigDump) GetClusters() (*ClusterDump, error)
func (*ConfigDump) GetConfig ¶ added in v1.28.0
func (cd *ConfigDump) GetConfig(objectType string) map[string]interface{}
func (*ConfigDump) GetListeners ¶ added in v1.28.0
func (cd *ConfigDump) GetListeners() (*ListenerDump, error)
func (*ConfigDump) GetRoutes ¶ added in v1.28.0
func (cd *ConfigDump) GetRoutes() (*RouteDump, error)
type DynamicListener ¶ added in v1.28.0
type DynamicListener struct { Name string `mapstructure:"name"` ActiveState StaticListener `mapstructure:"active_state"` }
type EnvoyCluster ¶ added in v1.28.0
type EnvoyCluster struct { Name string `mapstructure:"name"` Type string `mapstructure:"type"` Metadata *EnvoyMetadata `mapstructure:"metadata,omitempty"` }
type EnvoyClusterWrapper ¶ added in v1.28.0
type EnvoyClusterWrapper struct {
Cluster EnvoyCluster `mapstructure:"cluster"`
}
type EnvoyFilterChain ¶ added in v1.28.0
type EnvoyFilterChain struct { Filters []EnvoyListenerFilter `mapstructure:"filters"` FilterChainMatch *FilterChainMatch `mapstructure:"filter_chain_match"` }
type EnvoyListener ¶ added in v1.28.0
type EnvoyListener struct { Address struct { SocketAddress struct { Address string `mapstructure:"address"` PortValue float64 `mapstructure:"port_value"` } `mapstructure:"socket_address"` } `mapstructure:"address"` FilterChains []EnvoyFilterChain `mapstructure:"filter_chains,omitempty"` DefaultFilterChain *EnvoyFilterChain `mapstructure:"default_filter_chain,omitempty"` }
type EnvoyListenerFilter ¶ added in v1.28.0
type EnvoyListenerFilter struct { Name string `mapstructure:"name"` TypedConfig struct { Type string `mapstructure:"@type"` Cluster string `mapstructure:"cluster"` RouteConfig *RouteConfig `mapstructure:"route_config,omitempty"` Rds *struct { RouteConfigName string `mapstructure:"route_config_name"` } `mapstructure:"rds,omitempty"` } `mapstructure:"typed_config"` }
type EnvoyMetadata ¶ added in v1.28.0
type EnvoyMetadata struct { FilterMetadata *struct { Istio *struct { Config string `mapstructure:"config,omitempty"` } `mapstructure:"istio,omitempty"` } `mapstructure:"filter_metadata,omitempty"` }
type EnvoyRouteConfig ¶ added in v1.28.0
type EnvoyRouteConfig struct {
RouteConfig *RouteConfig `mapstructure:"route_config,omitempty"`
}
type FilterChainMatch ¶ added in v1.28.0
type FilterChainMatch struct { ApplicationProtocols []string `mapstructure:"application_protocols,omitempty"` TransportProtocol string `mapstructure:"transport_protocol,omitempty"` ServerNames []string `mapstructure:"server_names,omitempty"` DestinationPort *int32 `mapstructure:"destination_port,omitempty"` PrefixRanges []struct { AddressPrefix string `mapstructure:"address_prefix"` PrefixLen int `mapstructure:"prefix_len"` } `mapstructure:"prefix_ranges"` }
type Host ¶ added in v0.15.0
type Host struct { Service string `json:"service"` Namespace string `json:"namespace"` Cluster string `json:"cluster"` // CompleteInput is true when Service, Namespace and Cluster fields are present. // It is true for simple service names and FQDN services. // It is false for service.namespace format and service entries. CompleteInput bool `json:"complete_input"` }
Host represents the FQDN format for Istio hostnames
func GetHost ¶ added in v1.12.0
GetHost parses hostName and returns a Host struct. It considers Namespaces in the cluster to be more accurate when deciding if the hostName is a ServiceEntry or a service.namespace host definition.
func ParseGatewayAsHost ¶ added in v1.19.0
func ParseHost ¶ added in v0.15.0
ParseHost takes as an input a hostname (simple or full FQDN), namespace and clusterName and returns a parsed Host struct
func (Host) IsWildcard ¶ added in v1.40.0
type IstioClientInterface ¶
type IstioClientInterface interface { Istio() istio.Interface // GatewayAPI returns the gateway-api kube client. GatewayAPI() gatewayapiclient.Interface CanConnectToIstiod() (IstioComponentStatus, error) GetProxyStatus() ([]*ProxyStatus, error) GetConfigDump(namespace, podName string) (*ConfigDump, error) SetProxyLogLevel(namespace, podName, level string) error GetRegistryConfiguration() (*RegistryConfiguration, error) GetRegistryEndpoints() ([]*RegistryEndpoint, error) GetRegistryServices() ([]*RegistryService, error) }
type IstioComponentStatus ¶ added in v1.59.0
type IstioComponentStatus []ComponentStatus
func (*IstioComponentStatus) Merge ¶ added in v1.59.0
func (ics *IstioComponentStatus) Merge(cs IstioComponentStatus) IstioComponentStatus
type IstioEndpoint ¶ added in v1.44.0
type IstioEndpoint struct { Service string `json:"svc"` Endpoints []struct { Service IstioService `json:"service,omitempty"` ServicePort struct { Name string `json:"name,omitempty"` Port uint32 `json:"port,omitempty"` Protocol string `json:"protocol,omitempty"` } `json:"servicePort,omitempty"` Endpoint struct { Labels map[string]string `json:"Labels,omitempty"` Address string `json:"Address,omitempty"` ServicePortName string `json:"ServicePortName,omitempty"` // EnvoyEndpoint is not mapped into the model ServiceAccount string `json:"ServiceAccount,omitempty"` Network string `json:"Network,omitempty"` Locality struct { Label string `json:"Label,omitempty"` ClusterID string `json:"ClusterID,omitempty"` } `json:"Locality,omitempty"` EndpointPort uint32 `json:"EndpointPort,omitempty"` LbWeight uint32 `json:"LbWeight,omitempty"` TLSMode string `json:"TLSMode,omitempty"` Namespace string `json:"Namespace,omitempty"` WorkloadName string `json:"WorkloadName,omitempty"` HostName string `json:"HostName,omitempty"` SubDomain string `json:"SubDomain,omitempty"` } `json:"endpoint"` } `json:"ep"` }
type IstioMeshConfig ¶ added in v1.18.1
type IstioMeshConfig struct { DisableMixerHttpReports bool `yaml:"disableMixerHttpReports,omitempty"` DiscoverySelectors []*metav1.LabelSelector `yaml:"discoverySelectors,omitempty"` EnableAutoMtls *bool `yaml:"enableAutoMtls,omitempty"` }
func GetIstioConfigMap ¶ added in v1.23.0
func GetIstioConfigMap(istioConfig *core_v1.ConfigMap) (*IstioMeshConfig, error)
func (IstioMeshConfig) GetEnableAutoMtls ¶ added in v1.18.1
func (imc IstioMeshConfig) GetEnableAutoMtls() bool
type IstioService ¶ added in v1.44.0
type IstioService struct { Attributes struct { // ServiceRegistry values: // Kubernetes: is a service registry backed by k8s API server // External: is a service registry for externally provided ServiceEntries // Federation: special case when registry is provided from a federated environment ServiceRegistry string `json:"ServiceRegistry,omitempty"` Name string `json:"Name,omitempty"` Namespace string `json:"Namespace,omitempty"` Labels map[string]string `json:"Labels,omitempty"` // UID is present in Istio 1.11.x but not in 1.12.x UID string `json:"UID,omitempty"` // ExportTo key values: // ".": Private implies namespace local config // "*": Public implies config is visible to all // "~": None implies service is visible to no one. Used for services only ExportTo map[string]bool `json:"ExportTo,omitempty"` LabelSelectors map[string]string `json:"LabelSelectors,omitempty"` } `json:"Attributes,omitempty"` Ports []struct { Name string `json:"name,omitempty"` Port int `json:"port"` Protocol string `json:"protocol,omitempty"` } `json:"ports"` ServiceAccounts []string `json:"serviceAccounts,omitempty"` CreationTime time.Time `json:"creationTime,omitempty"` Hostname string `json:"hostname"` // Address is present in Istio 1.11.x but not in 1.12.x Address string `json:"address,omitempty"` AutoAllocatedAddress string `json:"autoAllocatedAddress,omitempty"` // ClusterVIPs defined in Istio 1.11.x ClusterVIPs11 map[string]string `json:"cluster-vips,omitempty"` // ClusterVIPs defined in Istio 1.12.x ClusterVIPs12 struct { Addresses map[string][]string `json:"Addresses,omitempty"` } `json:"clusterVIPs,omitempty"` // Resolution values, as the debug endpoint doesn't perform a conversion // 0: ClientSideLB // 1: DNSLB // 2: Passthrough Resolution int `json:"Resolution,omitempty"` MeshExternal bool `json:"MeshExternal,omitempty"` }
Mapped from https://github.com/istio/istio/blob/master/pilot/pkg/model/service.go It's a helper to fetch the /debug/registryz results before to parse it to the Kiali's Service model Not all fields from /debug/registryz are mapped, only those needed by Kiali There may be differences between Istio 1.11.x and 1.12.x to be addressed case by case in the mapping
type K8SClient ¶ added in v1.20.0
type K8SClient struct { ClientInterface // contains filtered or unexported fields }
K8SClient is the client struct for Kubernetes and Istio APIs It hides the way it queries each API
func NewClient ¶
func NewClient(kubeClient kube.Interface, istioClient istio.Interface, gatewayapiClient gatewayapiclient.Interface) *K8SClient
NewClient is just used for testing purposes.
func NewClientFromConfig ¶ added in v0.9.0
NewClientFromConfig creates a new client to the Kubernetes and Istio APIs. It takes the assumption that Istio is deployed into the cluster. It hides the access to Kubernetes/Openshift credentials. It hides the low level use of the API of Kubernetes and Istio, it should be considered as an implementation detail. It returns an error on any problem.
func (*K8SClient) CanConnectToIstiod ¶ added in v1.59.0
func (in *K8SClient) CanConnectToIstiod() (IstioComponentStatus, error)
CanConnectToIstiod checks if Kiali can reach the istiod pod(s) via port fowarding through the k8s api server or via http if the registry is configured with a remote url. An error does not indicate that istiod cannot be reached. The IstioComponentStatus must be checked.
func (*K8SClient) GatewayAPI ¶ added in v1.57.0
func (in *K8SClient) GatewayAPI() gatewayapiclient.Interface
func (*K8SClient) GetClusterServicesByLabels ¶ added in v1.34.1
GetClusterServicesByLabels fetches and returns all services in the whole cluster that match the optional labelSelector. This is using the cluster-wide call to fetch the services. The client will need to be created with an account that has cluster-wide privileges to list services.
func (*K8SClient) GetConfigDump ¶ added in v1.28.0
func (in *K8SClient) GetConfigDump(namespace, podName string) (*ConfigDump, error)
func (*K8SClient) GetConfigMap ¶ added in v1.20.0
GetConfigMap fetches and returns the specified ConfigMap definition from the cluster
func (*K8SClient) GetCronJobs ¶ added in v1.20.0
func (*K8SClient) GetDaemonSet ¶ added in v1.33.0
func (*K8SClient) GetDaemonSets ¶ added in v1.33.0
func (*K8SClient) GetDeployment ¶ added in v1.20.0
func (in *K8SClient) GetDeployment(namespace, name string) (*apps_v1.Deployment, error)
GetDeployment returns the definition of a specific deployment. It returns an error on any problem.
func (*K8SClient) GetDeploymentConfig ¶ added in v1.20.0
func (in *K8SClient) GetDeploymentConfig(namespace, name string) (*osapps_v1.DeploymentConfig, error)
GetDeployment returns the definition of a specific deployment. It returns an error on any problem.
func (*K8SClient) GetDeploymentConfigs ¶ added in v1.20.0
func (in *K8SClient) GetDeploymentConfigs(namespace string) ([]osapps_v1.DeploymentConfig, error)
GetDeployments returns an array of deployments for a given namespace. An empty labelSelector will fetch all Deployments for a namespace. It returns an error on any problem.
func (*K8SClient) GetDeployments ¶ added in v1.20.0
func (in *K8SClient) GetDeployments(namespace string) ([]apps_v1.Deployment, error)
GetDeployments returns an array of deployments for a given namespace. It returns an error on any problem.
func (*K8SClient) GetEndpoints ¶ added in v1.20.0
GetEndpoints return the list of endpoint of a specific service. It returns an error on any problem.
func (*K8SClient) GetNamespace ¶ added in v1.20.0
GetNamespace fetches and returns the specified namespace definition from the cluster
func (*K8SClient) GetNamespaces ¶ added in v1.20.0
GetNamespaces returns a list of all namespaces of the cluster. It returns a list of all namespaces of the cluster. It returns an error on any problem.
func (*K8SClient) GetPod ¶ added in v1.20.0
GetPod returns the pod definitions for a given pod name. It returns an error on any problem.
func (*K8SClient) GetPods ¶ added in v1.20.0
GetPods returns the pods definitions for a given set of labels. An empty labelSelector will fetch all pods found per a namespace. It returns an error on any problem.
func (*K8SClient) GetProject ¶ added in v1.20.0
func (in *K8SClient) GetProject(name string) (*osproject_v1.Project, error)
GetProject fetches and returns the definition of the project with the specified name by querying the cluster API. GetProject will fail if the underlying cluster is not Openshift.
func (*K8SClient) GetProjects ¶ added in v1.20.0
func (in *K8SClient) GetProjects(labelSelector string) ([]osproject_v1.Project, error)
func (*K8SClient) GetProxyStatus ¶ added in v1.25.0
func (in *K8SClient) GetProxyStatus() ([]*ProxyStatus, error)
func (*K8SClient) GetRegistryConfiguration ¶ added in v1.44.0
func (in *K8SClient) GetRegistryConfiguration() (*RegistryConfiguration, error)
func (*K8SClient) GetRegistryEndpoints ¶ added in v1.44.0
func (in *K8SClient) GetRegistryEndpoints() ([]*RegistryEndpoint, error)
func (*K8SClient) GetRegistryServices ¶ added in v1.44.0
func (in *K8SClient) GetRegistryServices() ([]*RegistryService, error)
func (*K8SClient) GetReplicaSets ¶ added in v1.20.0
func (in *K8SClient) GetReplicaSets(namespace string) ([]apps_v1.ReplicaSet, error)
GetReplicaSets returns the cached ReplicaSets for the namespace. For any given RS for a given Owner (i.e. Deployment), only the most recent version of the RS will be included in the returned list. When an owning Deployment is configured with revisionHistoryLimit > 0, then k8s may return multiple versions of the RS for the same Deployment (current and older revisions). Note that it is still possible to have multiple RS for the same owner. In which case the most recent version of each is returned. see also: ../kubernetes.go
func (*K8SClient) GetReplicationControllers ¶ added in v1.20.0
func (in *K8SClient) GetReplicationControllers(namespace string) ([]core_v1.ReplicationController, error)
func (*K8SClient) GetRoute ¶ added in v1.20.0
func (in *K8SClient) GetRoute(namespace, name string) (*osroutes_v1.Route, error)
GetRoute returns the external URL endpoint of a specific route name. It returns an error on any problem.
func (*K8SClient) GetSecret ¶ added in v1.40.0
GetSecret fetches and returns the specified Secret definition from the cluster
func (*K8SClient) GetSelfSubjectAccessReview ¶ added in v1.20.0
func (in *K8SClient) GetSelfSubjectAccessReview(ctx context.Context, namespace, api, resourceType string, verbs []string) ([]*auth_v1.SelfSubjectAccessReview, error)
GetSelfSubjectAccessReview provides information on Kiali permissions
func (*K8SClient) GetServerVersion ¶ added in v1.20.0
GetServerVersion fetches and returns information about the version Kubernetes that is running
func (*K8SClient) GetService ¶ added in v1.20.0
GetService returns the definition of a specific service. It returns an error on any problem.
func (*K8SClient) GetServices ¶ added in v1.20.0
func (in *K8SClient) GetServices(namespace string, selectorLabels map[string]string) ([]core_v1.Service, error)
GetServices returns a list of services for a given namespace. If selectorLabels is defined the list of services is filtered for those that matches Services selector labels. It returns an error on any problem. NOTE: The selectorLabels argument is NOT to find services matching the given labels. Assume selectorLabels are the labels of a Deployment. If this imaginary Deployment is selected by the Service (because of its Selector), then that service is returned; else it's omitted.
func (*K8SClient) GetServicesByLabels ¶ added in v1.31.0
func (*K8SClient) GetStatefulSet ¶ added in v1.20.0
func (*K8SClient) GetStatefulSets ¶ added in v1.20.0
func (in *K8SClient) GetStatefulSets(namespace string) ([]apps_v1.StatefulSet, error)
func (*K8SClient) GetTokenSubject ¶ added in v1.29.0
GetTokenSubject returns the subject of the authInfo using the TokenReview api
func (*K8SClient) IsGatewayAPI ¶ added in v1.57.0
func (*K8SClient) IsIstioAPI ¶ added in v1.66.0
Is IstioAPI checks whether Istio API is installed or not
func (*K8SClient) IsOpenShift ¶ added in v1.20.0
func (*K8SClient) Kube ¶ added in v1.64.0
func (in *K8SClient) Kube() kubernetes.Interface
func (*K8SClient) SetProxyLogLevel ¶ added in v1.41.0
func (*K8SClient) StreamPodLogs ¶ added in v1.53.0
func (in *K8SClient) StreamPodLogs(namespace, name string, opts *core_v1.PodLogOptions) (io.ReadCloser, error)
StreamPodLogs opens a connection to progressively fetch the logs of a pod. Callers must make sure to properly close the returned io.ReadCloser. It returns an error on any problem.
func (*K8SClient) UpdateNamespace ¶ added in v1.22.1
func (*K8SClient) UpdateProject ¶ added in v1.22.1
func (*K8SClient) UpdateService ¶ added in v1.30.0
type K8SClientInterface ¶ added in v1.20.0
type K8SClientInterface interface { // Kube returns the underlying kubernetes client. Kube() kubernetes.Interface GetClusterServicesByLabels(labelsSelector string) ([]core_v1.Service, error) GetConfigMap(namespace, name string) (*core_v1.ConfigMap, error) GetCronJobs(namespace string) ([]batch_v1.CronJob, error) GetDaemonSet(namespace string, name string) (*apps_v1.DaemonSet, error) GetDaemonSets(namespace string) ([]apps_v1.DaemonSet, error) GetDeployment(namespace string, name string) (*apps_v1.Deployment, error) GetDeployments(namespace string) ([]apps_v1.Deployment, error) GetDeploymentConfig(namespace string, name string) (*osapps_v1.DeploymentConfig, error) GetDeploymentConfigs(namespace string) ([]osapps_v1.DeploymentConfig, error) GetEndpoints(namespace string, name string) (*core_v1.Endpoints, error) GetJobs(namespace string) ([]batch_v1.Job, error) GetNamespace(namespace string) (*core_v1.Namespace, error) GetNamespaces(labelSelector string) ([]core_v1.Namespace, error) GetPod(namespace, name string) (*core_v1.Pod, error) GetPods(namespace, labelSelector string) ([]core_v1.Pod, error) GetReplicationControllers(namespace string) ([]core_v1.ReplicationController, error) GetReplicaSets(namespace string) ([]apps_v1.ReplicaSet, error) GetSecret(namespace, name string) (*core_v1.Secret, error) GetSelfSubjectAccessReview(ctx context.Context, namespace, api, resourceType string, verbs []string) ([]*auth_v1.SelfSubjectAccessReview, error) GetService(namespace string, name string) (*core_v1.Service, error) GetServices(namespace string, selectorLabels map[string]string) ([]core_v1.Service, error) GetServicesByLabels(namespace string, labelsSelector string) ([]core_v1.Service, error) GetStatefulSet(namespace string, name string) (*apps_v1.StatefulSet, error) GetStatefulSets(namespace string) ([]apps_v1.StatefulSet, error) GetTokenSubject(authInfo *api.AuthInfo) (string, error) StreamPodLogs(namespace, name string, opts *core_v1.PodLogOptions) (io.ReadCloser, error) UpdateNamespace(namespace string, jsonPatch string) (*core_v1.Namespace, error) UpdateService(namespace string, name string, jsonPatch string, patchType string) error UpdateWorkload(namespace string, name string, workloadType string, jsonPatch string, patchType string) error }
type ListenerDump ¶ added in v1.28.0
type ListenerDump struct { DynamicListeners []DynamicListener `mapstructure:"dynamic_listeners"` StaticListeners []StaticListener `mapstructure:"static_listeners"` }
type MTLSDetails ¶ added in v0.15.0
type MTLSDetails struct { DestinationRules []*networking_v1beta1.DestinationRule `json:"destinationrules"` MeshPeerAuthentications []*security_v1beta.PeerAuthentication `json:"meshpeerauthentications"` PeerAuthentications []*security_v1beta.PeerAuthentication `json:"peerauthentications"` EnabledAutoMtls bool `json:"enabledautomtls"` }
MTLSDetails is a wrapper to group all Istio objects related to non-local mTLS configurations
type OSClientInterface ¶ added in v1.20.0
type OSClientInterface interface { GetProject(project string) (*osproject_v1.Project, error) GetProjects(labelSelector string) ([]osproject_v1.Project, error) GetRoute(namespace string, name string) (*osroutes_v1.Route, error) UpdateProject(project string, jsonPatch string) (*osproject_v1.Project, error) }
type ProxyStatus ¶ added in v1.25.0
type ProxyStatus struct { SyncStatus // contains filtered or unexported fields }
type RBACDetails ¶ added in v0.17.0
type RBACDetails struct {
AuthorizationPolicies []*security_v1beta.AuthorizationPolicy `json:"authorizationpolicies"`
}
RBACDetails is a wrapper for objects related to Istio RBAC (Role Based Access Control)
type RegistryConfiguration ¶ added in v1.44.0
type RegistryConfiguration struct { // Networking DestinationRules []*networking_v1beta1.DestinationRule EnvoyFilters []*networking_v1alpha3.EnvoyFilter Gateways []*networking_v1beta1.Gateway ServiceEntries []*networking_v1beta1.ServiceEntry Sidecars []*networking_v1beta1.Sidecar VirtualServices []*networking_v1beta1.VirtualService WorkloadEntries []*networking_v1beta1.WorkloadEntry WorkloadGroups []*networking_v1beta1.WorkloadGroup WasmPlugins []*extentions_v1alpha1.WasmPlugin Telemetries []*v1alpha1.Telemetry // K8s Networking Gateways K8sGateways []*k8s_networking_v1beta1.Gateway K8sHTTPRoutes []*k8s_networking_v1beta1.HTTPRoute // Security AuthorizationPolicies []*security_v1beta.AuthorizationPolicy PeerAuthentications []*security_v1beta.PeerAuthentication RequestAuthentications []*security_v1beta.RequestAuthentication }
RegistryConfiguration will hold the Istio configuration required for Kiali validations Resources not used (i.e. EnvoyFilters) are not added, those will require update them in the future
func ParseRegistryConfig ¶ added in v1.44.0
func ParseRegistryConfig(config map[string][]byte) (*RegistryConfiguration, error)
type RegistryEndpoint ¶ added in v1.44.0
type RegistryEndpoint struct { IstioEndpoint // contains filtered or unexported fields }
func ParseRegistryEndpoints ¶ added in v1.44.0
func ParseRegistryEndpoints(endpoints map[string][]byte) ([]*RegistryEndpoint, error)
type RegistryService ¶ added in v1.35.0
type RegistryService struct { IstioService // contains filtered or unexported fields }
func FilterRegistryServicesBySelector ¶ added in v1.45.0
func FilterRegistryServicesBySelector(selector labels.Selector, namespace string, registryServices []*RegistryService) []*RegistryService
func FilterRegistryServicesByServices ¶ added in v1.44.0
func FilterRegistryServicesByServices(registryServices []*RegistryService, services []core_v1.Service) []*RegistryService
Filter Istio registry that are not persent as kubernetes services
func ParseRegistryServices ¶ added in v1.44.0
func ParseRegistryServices(registries map[string][]byte) ([]*RegistryService, error)
type RegistryStatus ¶ added in v1.35.0
type RegistryStatus struct { Configuration *RegistryConfiguration Endpoints []*RegistryEndpoint Services []*RegistryService }
type RemoteClusterInfo ¶ added in v1.64.0
type RemoteClusterInfo struct { // Cluster contains information necessary to connect to the remote cluster Cluster RemoteSecretClusterListItem // SecretFile is the absolute file location of the secret as found on the file system SecretFile string // SecretName is the name of the secret where the data about this cluster was found SecretName string // User contains information about the user credentials that can be used to connect to the remote cluster User RemoteSecretUser }
RemoteClusterInfo is data that identifies a cluster particpating in the mesh. Multi-cluster meshes have multiple RemoteClusterInfos. Information obtained for a RemoteClusterInfo comes from remote cluster secrets.
type RemoteSecret ¶ added in v1.23.0
type RemoteSecret struct { APIVersion string `yaml:"apiVersion"` Clusters []RemoteSecretClusterListItem `yaml:"clusters"` Contexts []struct { Context struct { Cluster string `yaml:"cluster"` User string `yaml:"user"` } `yaml:"context"` Name string `yaml:"name"` } `yaml:"contexts"` CurrentContext string `yaml:"current-context"` Kind string `yaml:"kind"` Preferences struct { } `yaml:"preferences"` Users []RemoteSecretUser `yaml:"users"` }
RemoteSecret contains all the content for a secret containing kubeconfig information. It can contain information about one or more clusters and one or more users.
func GetRemoteSecret ¶ added in v1.23.0
func GetRemoteSecret(path string) (*RemoteSecret, error)
func ParseRemoteSecretBytes ¶ added in v1.29.0
func ParseRemoteSecretBytes(secretBytes []byte) (*RemoteSecret, error)
ParseRemoteSecretBytes parses a raw file containing a <Kubeconfig file> and returns the parsed file in a RemoteSecret structure.
type RemoteSecretCluster ¶ added in v1.23.0
type RemoteSecretClusterListItem ¶ added in v1.23.0
type RemoteSecretClusterListItem struct { Cluster RemoteSecretCluster `yaml:"cluster"` Name string `yaml:"name"` }
type RemoteSecretUser ¶ added in v1.29.0
type RemoteSecretUser struct { Name string `yaml:"name"` User RemoteSecretUserToken `yaml:"user"` }
type RemoteSecretUserToken ¶ added in v1.29.0
type RemoteSecretUserToken struct {
Token string `yaml:"token"`
}
type RouteConfig ¶ added in v1.28.0
type RouteConfig struct { Name string `mapstructure:"name"` VirtualHosts []VirtualHostFilter `mapstructure:"virtual_hosts,omitempty"` }
type RouteDump ¶ added in v1.28.0
type RouteDump struct { DynamicRouteConfigs []EnvoyRouteConfig `mapstructure:"dynamic_route_configs"` StaticRouteConfigs []EnvoyRouteConfig `mapstructure:"static_route_configs"` }
type StaticListener ¶ added in v1.28.0
type StaticListener struct { LastUpdated string `mapstructure:"last_updated"` VersionInfo string `mapstructure:"version_info"` Listener EnvoyListener `mapstructure:"listener"` }
type SyncStatus ¶ added in v1.25.0
type SyncStatus struct { ProxyID string `json:"proxy,omitempty"` ProxyVersion string `json:"proxy_version,omitempty"` IstioVersion string `json:"istio_version,omitempty"` ClusterSent string `json:"cluster_sent,omitempty"` ClusterAcked string `json:"cluster_acked,omitempty"` ListenerSent string `json:"listener_sent,omitempty"` ListenerAcked string `json:"listener_acked,omitempty"` RouteSent string `json:"route_sent,omitempty"` RouteAcked string `json:"route_acked,omitempty"` EndpointSent string `json:"endpoint_sent,omitempty"` EndpointAcked string `json:"endpoint_acked,omitempty"` }
SyncStatus is the synchronization status between Pilot and a given Envoy
type VirtualHostFilter ¶ added in v1.28.0
type VirtualHostFilter struct { Domains []string `mapstructure:"domains,omitempty"` Name string `mapstructure:"name,omitempty"` Routes []struct { Name string `mapstructure:"name"` Match map[string]interface{} `mapstructure:"match"` Metadata *EnvoyMetadata `mapstructure:"metadata,omitempty"` Route *struct { Cluster string `mapstructure:"cluster,omitempty"` } `mapstructure:"route,omitempty"` } `mapstructure:"routes,omitempty"` }