Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AssociationController ¶
type AssociationController interface { // Reconcile ensured the securityGroups in AWS matches the state specified by association. Reconcile(ctx context.Context, ingress *extensions.Ingress, lbInstance *elbv2.LoadBalancer, tgGroup tg.TargetGroupGroup) error // Delete ensures the securityGroups created by ingress controller for specified LbID doesn't exists. Delete(ctx context.Context, ingressKey types.NamespacedName, lbInstance *elbv2.LoadBalancer) error }
AssociationController provides functionality to manage Association
func NewAssociationController ¶
func NewAssociationController(store store.Storer, cloud aws.CloudAPI, tagsController tags.Controller, nameTagGen NameTagGenerator) AssociationController
NewAssociationController constructs a new association controller
type InstanceAttachmentController ¶
type InstanceAttachmentController interface { // Reconcile ensures the securityGroupID specified is attached to ENIs of k8s cluster, // which enables inbound traffic the targets specified. Reconcile(ctx context.Context, groupID string, tgGroup tg.TargetGroupGroup) error // Delete ensures the securityGroupID specified is not attached to ENIs of k8s cluster. Delete(ctx context.Context, groupID string) error }
InstanceAttachmentController manages InstanceAttachment
type LbAttachmentController ¶
type LbAttachmentController interface { // Reconcile ensures `only specified SecurityGroups` exists in LoadBalancer. Reconcile(ctx context.Context, lbInstance *elbv2.LoadBalancer, groupIDs []string) error // Delete will restore the securityGroup on LoadBalancer to be default securityGroup of VPC Delete(ctx context.Context, lbInstance *elbv2.LoadBalancer) error }
LbAttachmentController controls the LbAttachment
type LbAttachmentInfo ¶
type LbAttachmentInfo struct { // The managed securityGroupID. It will be empty when securityGroups are external-managed via annotation `alb.ingress.kubernetes.io/security-groups` ManagedGroupID string }
Information about securityGroup on LoadBalancer
type NameGenerator ¶
type NameGenerator interface { // NameLBSG generates name for managed securityGroup that will be attached to LoadBalancer. NameLBSG(namespace string, ingressName string) string // NameLBSG generates name for managed securityGroup that will be attached to EC2 instances. NameInstanceSG(namespace string, ingressName string) string }
NameGenerator provides name generation functionality for sg package.
type NameTagGenerator ¶
type NameTagGenerator interface { NameGenerator TagGenerator }
NameTagGenerator is combination of NameGenerator and TagGenerator
type SecurityGroupController ¶
type SecurityGroupController interface { // Reconcile ensures the securityGroup configuration matches specification. Reconcile(ctx context.Context, instance *ec2.SecurityGroup, inboundPermissions []*ec2.IpPermission, tags map[string]string) error }
SecurityGroupController manages configuration on securityGroup.
type TagGenerator ¶
type TagGenerator interface { // TagLBSG generates tags for managed securityGroup that will be attached to LoadBalancer. TagLBSG(namespace string, ingressName string) map[string]string // TagInstanceSG generates tags for managed securityGroup that will be attached to EC2 instances. TagInstanceSG(namespace string, ingressName string) map[string]string }
TagGenerator provides tag generation functionality for sg package.
Click to show internal directories.
Click to hide internal directories.