resource

package
v0.0.0-...-442c461 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 25, 2024 License: Apache-2.0, Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source
const (
	MultiServiceIngressType = iota
	SingleServiceIngressType
	RouteType
)
View Source
const (
	DEFAULT_MODE       string = "tcp"
	DEFAULT_BALANCE    string = "round-robin"
	DEFAULT_HTTP_PORT  int32  = 80
	DEFAULT_HTTPS_PORT int32  = 443

	InsecurePolicyName = "openshift_insecure_routes"
	SecurePolicyName   = "openshift_secure_routes"

	// Constants for CustomProfile.Type as defined in CCCL
	CustomProfileAll    string = "all"
	CustomProfileClient string = "clientside"
	CustomProfileServer string = "serverside"

	// Constants for CustomProfile.PeerCertMode
	PeerCertRequired = "require"
	PeerCertIgnored  = "ignore"
	PeerCertDefault  = PeerCertIgnored

	// Constants for Resource Types
	ResourceTypeIngress          string = "ingress"
	ResourceTypeRoute            string = "route"
	ResourceTypeCfgMap           string = "cfgMap"
	DefaultSourceAddrTranslation        = "automap"
	SnatSourceAddrTranslation           = "snat"
)
View Source
const AbDeploymentDgName = "ab_deployment_dg"

Internal data group for ab deployment routes.

View Source
const AbDeploymentPathIRuleName = "ab_deployment_path_irule"
View Source
const AppRootDep = "App-Root-Annotation"
View Source
const CISControllerName = "f5.com/cntr-ingress-svcs"
View Source
const DefaultConfigMapLabel = "f5type in (virtual-server)"
View Source
const DefaultIngressClass = "ingressclass.kubernetes.io/is-default-class"
View Source
const DefaultSslServerCAName = "openshift_route_cluster_default-ca"
View Source
const EdgeHostsDgName = "ssl_edge_servername_dg"

Internal data group for edge routes.

View Source
const EdgeServerSslDgName = "ssl_edge_serverssl_dg"

Internal data group for edge routes that maps the host name to the false. This will help Irule to understand ssl should be disabled on serverside.

View Source
const F5ClientSslProfileAnnotation = "virtual-server.f5.com/clientssl"
View Source
const F5ServerSslProfileAnnotation = "virtual-server.f5.com/serverssl"
View Source
const F5ServerSslSecureAnnotation = "virtual-server.f5.com/secure-serverssl"
View Source
const F5VSTranslateServerAddress = "virtual-server.f5.com/translate-server-address"
View Source
const F5VsAllowSourceRangeAnnotation = "virtual-server.f5.com/allow-source-range"
View Source
const F5VsAppRootAnnotation = "virtual-server.f5.com/rewrite-app-root"
View Source
const F5VsBalanceAnnotation = "virtual-server.f5.com/balance"
View Source
const F5VsBindAddrAnnotation = "virtual-server.f5.com/ip"
View Source
const F5VsHttpPortAnnotation = "virtual-server.f5.com/http-port"
View Source
const F5VsHttpsPortAnnotation = "virtual-server.f5.com/https-port"
View Source
const F5VsPartitionAnnotation = "virtual-server.f5.com/partition"
View Source
const F5VsURLRewriteAnnotation = "virtual-server.f5.com/rewrite-target-url"
View Source
const F5VsWAFPolicy = "virtual-server.f5.com/waf"
View Source
const F5VsWhitelistSourceRangeAnnotation = "virtual-server.f5.com/whitelist-source-range"
View Source
const HealthMonitorAnnotation = "virtual-server.f5.com/health"
View Source
const HttpRedirectIRuleName = "http_redirect_irule"
View Source
const HttpsRedirectDgName = "https_redirect_dg"

Internal data group for https redirect

View Source
const IngressAllowHttp = "ingress.kubernetes.io/allow-http"
View Source
const IngressSslRedirect = "ingress.kubernetes.io/ssl-redirect"
View Source
const K8sIngressClass = "kubernetes.io/ingress.class"
View Source
const MultiClusterServicesAnnotation = "virtual-server.f5.com/multiClusterServices"

Multicluster annotations

View Source
const NodePort = "nodeport"
View Source
const NodePortLocal = "nodeportlocal"
View Source
const OprTypeCreate = "create"
View Source
const OprTypeDelete = "delete"
View Source
const OprTypeUpdate = "update"
View Source
const PassthroughHostsDgName = "ssl_passthrough_servername_dg"

Internal data group for passthrough routes to map server names to pools.

View Source
const ReencryptHostsDgName = "ssl_reencrypt_servername_dg"

Internal data group for reencrypt routes.

View Source
const ReencryptServerSslDgName = "ssl_reencrypt_serverssl_dg"

Internal data group for reencrypt routes that maps the host name to the server ssl profile.

View Source
const RuleDep = "Rule"
View Source
const ServiceDep = "Service"
View Source
const SslPassthroughIRuleName = "openshift_passthrough_irule"
View Source
const URLDep = "URL-Rewrite-Annotation"
View Source
const VsStatusBindAddrAnnotation = "status.virtual-server.f5.com/ip"
View Source
const WhitelistDep = "Whitelist-Annotation"

Variables

View Source
var DEFAULT_PARTITION string = "k8s"

Functions

func Contains

func Contains(x interface{}, y interface{}) bool

Contains returns whether x Contains y

func ExistsRouteServiceName

func ExistsRouteServiceName(route *routeapi.Route, expSvcName string) bool

Verify if the service is associated with the route

func ExtractCertificateName

func ExtractCertificateName(fn string) string

func FormatConfigMapVSName

func FormatConfigMapVSName(cm *v1.ConfigMap) string

To handle VS name which start with Number, we are prefixing with 'cfgmap_' to avoid errors with bigip.

func FormatIngressPoolName

func FormatIngressPoolName(namespace, svc string, ingressName string, port int32) string

format the pool name for an Ingress

func FormatIngressSslProfileName

func FormatIngressSslProfileName(secret string) string

func FormatIngressVSName

func FormatIngressVSName(ip string, port int32) string

format the virtual server name for an Ingress

func FormatMonitorName

func FormatMonitorName(poolName, monitorType string) string

formats a health monitor name

func FormatRoutePoolName

func FormatRoutePoolName(namespace, svcName string) string

format the pool name for a Route

func FormatRouteRuleName

func FormatRouteRuleName(route *routeapi.Route) string

format the Rule name for a Route

func GetRouteAssociatedRuleNames

func GetRouteAssociatedRuleNames(route *routeapi.Route) []string

return the service names associated with a route

func GetRouteCanonicalServiceName

func GetRouteCanonicalServiceName(route *routeapi.Route) string

func GetRouteServiceNames

func GetRouteServiceNames(route *routeapi.Route) []string

return the service names associated with a route

func GetServicePort

func GetServicePort(
	ns string,
	svcName string,
	svcIndexer cache.Indexer,
	portName string,
	rscType string,
) (int32, error)

GetServicePort returns the port number, for a given port name, else, returns the first port found for a Route's service.

func IsABServiceOfRoute

func IsABServiceOfRoute(route *routeapi.Route, expSvcName string) bool

Verify if the service is associated with the route as AlternateBackend

func IsAnnotationRule

func IsAnnotationRule(ruleName string) bool

func IsRouteABDeployment

func IsRouteABDeployment(route *routeapi.Route) bool

func JoinBigipPath

func JoinBigipPath(partition, objName string) string

func MakeCertificateFileName

func MakeCertificateFileName(partition, name string) string

func NewObjectDependencies

func NewObjectDependencies(
	obj interface{},
) (ObjectDependency, ObjectDependencies)

NewObjectDependencies parses an object and returns a map of its dependencies

func ParseAnnotationURL

func ParseAnnotationURL(urlString string) *url.URL

func ParseAppRootURLRewriteAnnotations

func ParseAppRootURLRewriteAnnotations(annotation string) map[string]string

func ParseRewriteAction

func ParseRewriteAction(targetUrlPath, valueUrlPath string) string

func ParseWhitelistSourceRangeAnnotations

func ParseWhitelistSourceRangeAnnotations(annotation string) []string

func SetAnnotationRulesForRoute

func SetAnnotationRulesForRoute(
	policyName string,
	urlRewriteRule *Rule,
	appRootRules []*Rule,
	rc *ResourceConfig,
	skipUrlRewriteRule bool,
)

func SetProfilesForMode

func SetProfilesForMode(mode string, cfg *ResourceConfig)

func SplitBigipPath

func SplitBigipPath(path string, keepSlash bool) (partition, objName string)

func Split_ip_with_route_domain_cidr

func Split_ip_with_route_domain_cidr(address string) (ip string, rd string, cidr string)

Types

type Action

type Action struct {
	Name      string `json:"name"`
	Pool      string `json:"pool,omitempty"`
	HTTPHost  bool   `json:"httpHost,omitempty"`
	HttpReply bool   `json:"httpReply,omitempty"`
	HTTPURI   bool   `json:"httpUri,omitempty"`
	Forward   bool   `json:"forward,omitempty"`
	Location  string `json:"location,omitempty"`
	Path      string `json:"path,omitempty"`
	Redirect  bool   `json:"redirect,omitempty"`
	Replace   bool   `json:"replace,omitempty"`
	Request   bool   `json:"request,omitempty"`
	Reset     bool   `json:"reset,omitempty"`
	Select    bool   `json:"select,omitempty"`
	Value     string `json:"value,omitempty"`
}

Action config for a Rule

type AgentCfgMap

type AgentCfgMap struct {
	Operation    string
	GetEndpoints func(string, string) ([]Member, error)
	Data         string
	Name         string
	Namespace    string
	Label        map[string]string
}

func (*AgentCfgMap) Init

func (cm *AgentCfgMap) Init(n string, ns string, d string, l map[string]string, getEP func(string, string) ([]Member, error))

type AgentResources

type AgentResources struct {
	RsMap      ResourceConfigMap
	Partitions map[string]struct{}
}

type AnnotationHealthMonitor

type AnnotationHealthMonitor struct {
	Path       string `json:"path"`
	Interval   int    `json:"interval"`
	Send       string `json:"send"`
	Recv       string `json:"recv"`
	Timeout    int    `json:"timeout"`
	Type       string `json:"type"`
	SslProfile string `json:"sslProfile"`
}

This is the format for each item in the health monitor annotation used in the Ingress and Route objects.

type AnnotationHealthMonitors

type AnnotationHealthMonitors []AnnotationHealthMonitor

type AnnotationProfile

type AnnotationProfile struct {
	Hosts        []string `json:"hosts,omitempty"`
	Bigipprofile string   `json:"bigIpProfile"`
}

This is the format for each item in the clientssl annotation used in the Ingress objects.

type AnnotationProfiles

type AnnotationProfiles []AnnotationProfile

type BigIPConfig

type BigIPConfig struct {
	Virtuals           Virtuals            `json:"virtualServers,omitempty"`
	Pools              Pools               `json:"pools,omitempty"`
	Monitors           Monitors            `json:"monitors,omitempty"`
	Policies           []Policy            `json:"l7Policies,omitempty"`
	CustomProfiles     []CustomProfile     `json:"customProfiles,omitempty"`
	IRules             []IRule             `json:"iRules,omitempty"`
	InternalDataGroups []InternalDataGroup `json:"internalDataGroups,omitempty"`
	IApps              []IApp              `json:"iapps,omitempty"`
	ServiceIPAddress   []ServiceAddress    `json:"serviceAddress,omitempty"`
}

Config of all resources to configure on the BIG-IP

func (*BigIPConfig) SortMonitors

func (cfg *BigIPConfig) SortMonitors()

func (*BigIPConfig) SortPools

func (cfg *BigIPConfig) SortPools()

func (*BigIPConfig) SortVirtuals

func (cfg *BigIPConfig) SortVirtuals()

type Condition

type Condition struct {
	Name            string   `json:"name"`
	Address         bool     `json:"address,omitempty"`
	CaseInsensitive bool     `json:"caseInsensitive,omitempty"`
	Equals          bool     `json:"equals,omitempty"`
	EndsWith        bool     `json:"endsWith,omitempty"`
	External        bool     `json:"external,omitempty"`
	HTTPHost        bool     `json:"httpHost,omitempty"`
	Host            bool     `json:"host,omitempty"`
	HTTPURI         bool     `json:"httpUri,omitempty"`
	Index           int      `json:"index,omitempty"`
	Matches         bool     `json:"matches,omitempty"`
	Path            bool     `json:"path,omitempty"`
	PathSegment     bool     `json:"pathSegment,omitempty"`
	Present         bool     `json:"present,omitempty"`
	Remote          bool     `json:"remote,omitempty"`
	Request         bool     `json:"request,omitempty"`
	Scheme          bool     `json:"scheme,omitempty"`
	Tcp             bool     `json:"tcp,omitempty"`
	Values          []string `json:"values"`
}

Condition config for a Rule

type ConfigMap

type ConfigMap struct {
	VirtualServer struct {
		Backend  configMapBackend  `json:"backend"`
		Frontend configMapFrontend `json:"frontend"`
	} `json:"virtualServer"`
}

Used to unmarshal ConfigMap data

type ConfigMapMonitor

type ConfigMapMonitor struct {
	Name      string `json:"name"`
	Partition string `json:"partition,omitempty"`
	Interval  int    `json:"interval,omitempty"`
	Protocol  string `json:"protocol,omitempty"`
	Send      string `json:"send,omitempty"`
	Recv      string `json:"recv,omitempty"`
	Timeout   int    `json:"timeout,omitempty"`
}

type ConstVirtuals

type ConstVirtuals int

AS3 Backend supported features

const (
	HTTP ConstVirtuals = iota
	HTTPS
	HTTPANDS
)

Determines which virtual server needs a specific feature applied.

type CustomProfile

type CustomProfile struct {
	Name         string `json:"name"`
	Partition    string `json:"-"`
	Context      string `json:"context"` // 'clientside', 'serverside', or 'all'
	Cert         string `json:"cert"`
	Key          string `json:"key"`
	ServerName   string `json:"serverName,omitempty"`
	SNIDefault   bool   `json:"sniDefault,omitempty"`
	PeerCertMode string `json:"peerCertMode,omitempty"`
	CAFile       string `json:"caFile,omitempty"`
	ChainCA      string `json:"chainCA,onitempty"`
}

SSL Profile loaded from Secret or Route object

func NewCustomProfile

func NewCustomProfile(
	profile ProfileRef,
	cert,
	key,
	serverName string,
	sni bool,
	peerCertMode,
	caFile string,
	chainCA string,
) CustomProfile

type CustomProfileStore

type CustomProfileStore struct {
	sync.Mutex
	Profs map[SecretKey]CustomProfile
}

Store of CustomProfiles

func NewCustomProfiles

func NewCustomProfiles() *CustomProfileStore

Contructor for CustomProfiles

type DataGroupNamespaceMap

type DataGroupNamespaceMap map[string]*InternalDataGroup

func (DataGroupNamespaceMap) FlattenNamespaces

func (dgnm DataGroupNamespaceMap) FlattenNamespaces() *InternalDataGroup

type F5Resources

type F5Resources struct {
	Virtual   ConstVirtuals // 0 - HTTP, 1 - HTTPS, 2 - HTTP/S
	WAFPolicy string
}

type FlattenConflictFunc

type FlattenConflictFunc func(key, oldVal, newVal string) string

DataGroup flattening.

type HostToPathMap

type HostToPathMap map[string]PathToRuleMap

type IApp

type IApp struct {
	Name                string                    `json:"name"`
	Partition           string                    `json:"-"`
	IApp                string                    `json:"template"`
	IAppPoolMemberTable *IappPoolMemberTable      `json:"poolMemberTable,omitempty"`
	IAppOptions         map[string]string         `json:"options,omitempty"`
	IAppTables          map[string]iappTableEntry `json:"tables,omitempty"`
	IAppVariables       map[string]string         `json:"variables,omitempty"`
}

IApp

type IRule

type IRule struct {
	Name      string `json:"name"`
	Partition string `json:"-"`
	Code      string `json:"apiAnonymous"`
}

iRules

func NewIRule

func NewIRule(name, partition, code string) *IRule

type IRulesMap

type IRulesMap map[NameRef]*IRule

type IappPoolMemberTable

type IappPoolMemberTable struct {
	Name    string                 `json:"name"`
	Columns []iappPoolMemberColumn `json:"columns"`
	Members []Member               `json:"members,omitempty"`
}

frontend pool member table

type InternalDataGroup

type InternalDataGroup struct {
	Name      string                   `json:"name"`
	Partition string                   `json:"-"`
	Records   InternalDataGroupRecords `json:"records"`
}

func NewInternalDataGroup

func NewInternalDataGroup(name, partition string) *InternalDataGroup

func (*InternalDataGroup) AddOrUpdateRecord

func (idg *InternalDataGroup) AddOrUpdateRecord(name, data string) bool

func (*InternalDataGroup) RemoveRecord

func (idg *InternalDataGroup) RemoveRecord(name string) bool

type InternalDataGroupMap

type InternalDataGroupMap map[NameRef]DataGroupNamespaceMap

type InternalDataGroupRecord

type InternalDataGroupRecord struct {
	Name string `json:"name"`
	Data string `json:"data"`
}

type InternalDataGroupRecords

type InternalDataGroupRecords []InternalDataGroupRecord

func (InternalDataGroupRecords) Len

func (slice InternalDataGroupRecords) Len() int

func (InternalDataGroupRecords) Less

func (slice InternalDataGroupRecords) Less(i, j int) bool

func (InternalDataGroupRecords) Swap

func (slice InternalDataGroupRecords) Swap(i, j int)

type InternalF5Resources

type InternalF5Resources map[Record]F5Resources

type InternalF5ResourcesGroup

type InternalF5ResourcesGroup map[string]InternalF5Resources

Routes annotation features that are possible by an AS3 declaration can be added here. Initially enabling a WAF policy is added as an AS3 feature. | Host + Path | Virtual Server to Apply | WAF Policy Name | |-------------|-------------------------|-----------------| Host + Path is a unique record. The columns can be extended to add future features. InternalF5ResourcesGroup takes OpenShift/Kubernetes namespace as key

type Member

type Member struct {
	Address         string `json:"address"`
	Port            int32  `json:"port"`
	MemberType      string `json:"memberType"`
	SvcPort         int32  `json:"svcPort"`
	Session         string `json:"session,omitempty"`
	AdminState      string `json:"adminState,omitempty"`
	ConnectionLimit int32  `json:"connectionLimit,omitempty"`
}

Pool Member

type MergedRuleEntry

type MergedRuleEntry struct {
	RuleName       string
	OtherRuleNames []string
	MergedActions  map[string][]*Action
	OriginalRule   *Rule
}

type MessageRequest

type MessageRequest struct {
	ReqID   uint
	MsgType string
	ResourceRequest
}

type MessageResponse

type MessageResponse struct {
	ReqID uint
	ResourceResponse
}

type MetaData

type MetaData struct {
	Active       bool
	ResourceType string
	// Only used for Routes (for keeping track of annotated profiles)
	RouteProfs map[RouteKey]string
	// Name of the Ingress that created this config
	// Used to prevent single-service Ingresses from sharing virtuals
	DefaultIngressName string
}

type Monitor

type Monitor struct {
	Name       string `json:"name"`
	Partition  string `json:"-"`
	Interval   int    `json:"interval,omitempty"`
	Type       string `json:"type,omitempty"`
	Send       string `json:"send,omitempty"`
	Recv       string `json:"recv,omitempty"`
	Timeout    int    `json:"timeout,omitempty"`
	SslProfile string `json:"sslProfile,omitempty"`
}

Pool health monitor

type Monitors

type Monitors []Monitor

func (Monitors) Len

func (slice Monitors) Len() int

func (Monitors) Less

func (slice Monitors) Less(i, j int) bool

func (Monitors) Swap

func (slice Monitors) Swap(i, j int)

type NameRef

type NameRef struct {
	Name      string `json:"name"`
	Partition string `json:"partition"`
}

virtual server policy/profile reference

type ObjectDependencies

type ObjectDependencies map[ObjectDependency]int

ObjectDependencies contains each dependency and its use count (usually 1)

type ObjectDependency

type ObjectDependency struct {
	Kind              string
	Namespace         string
	Name              string
	BackendPortNumber int32
	BackendPortName   string
}

ObjectDependency identifies a K8s Object

type ObjectDependencyMap

type ObjectDependencyMap map[ObjectDependency]ObjectDependencies

ObjectDependencyMap key is an Ingress or Route and the value is a map of other objects it depends on - typically services.

type PartitionMap

type PartitionMap map[string]*BigIPConfig

Configs for each BIG-IP partition

type PathToRuleMap

type PathToRuleMap map[string]*RuleData

type Policies

type Policies []Policy

type Policy

type Policy struct {
	Name        string   `json:"name"`
	Partition   string   `json:"-"`
	SubPath     string   `json:"subPath,omitempty"`
	Controls    []string `json:"controls,omitempty"`
	Description string   `json:"description,omitempty"`
	Legacy      bool     `json:"legacy,omitempty"`
	Requires    []string `json:"requires,omitempty"`
	Rules       Rules    `json:"rules,omitempty"`
	Strategy    string   `json:"strategy,omitempty"`
}

Virtual policy

func CreatePolicy

func CreatePolicy(rls Rules, policyName, partition string) *Policy

func (*Policy) RemoveRuleAt

func (pol *Policy) RemoveRuleAt(offset int) bool

func (*Policy) RemoveRules

func (pol *Policy) RemoveRules(ruleOffsets []int) bool

type Pool

type Pool struct {
	Name         string   `json:"name"`
	Partition    string   `json:"-"`
	ServiceName  string   `json:"-"`
	ServicePort  int32    `json:"-"`
	Balance      string   `json:"loadBalancingMode"`
	Members      []Member `json:"members"`
	MonitorNames []string `json:"monitors,omitempty"`
}

Pool config

type Pools

type Pools []Pool

func (Pools) Len

func (slice Pools) Len() int

func (Pools) Less

func (slice Pools) Less(i, j int) bool

func (Pools) Swap

func (slice Pools) Swap(i, j int)

type ProfileRef

type ProfileRef struct {
	Name      string `json:"name"`
	Partition string `json:"partition"`
	Context   string `json:"context"` // 'clientside', 'serverside', or 'all'
	// Used as reference to which Namespace/Ingress this profile came from
	// (for deletion purposes)
	Namespace string `json:"-"`
}

Reference to pre-existing profiles

func ConvertStringToProfileRef

func ConvertStringToProfileRef(profileName, context, ns string) ProfileRef

func MakeRouteClientSSLProfileRef

func MakeRouteClientSSLProfileRef(partition, namespace, name string) ProfileRef

format the client ssl profile name for a Route

func MakeRouteServerSSLProfileRef

func MakeRouteServerSSLProfileRef(partition, namespace, name string) ProfileRef

format the server ssl profile name for a Route

type ProfileRefs

type ProfileRefs []ProfileRef

func (ProfileRefs) Len

func (slice ProfileRefs) Len() int

func (ProfileRefs) Less

func (slice ProfileRefs) Less(i, j int) bool

func (ProfileRefs) Swap

func (slice ProfileRefs) Swap(i, j int)

type Record

type Record struct {
	Host string
	Path string
}

type ResourceConfig

type ResourceConfig struct {
	MetaData       MetaData         `json:"-"`
	Virtual        Virtual          `json:"virtual,omitempty"`
	IApp           IApp             `json:"iapp,omitempty"`
	Pools          Pools            `json:"pools,omitempty"`
	Monitors       Monitors         `json:"monitors,omitempty"`
	Policies       Policies         `json:"policies,omitempty"`
	ServiceAddress []ServiceAddress `json:"serviceAddress,omitempty"`
}

Config for a single resource (ConfigMap, Ingress, or Route)

func ParseConfigMap

func ParseConfigMap(cm *v1.ConfigMap, schemaDBPath, snatPoolName string) (*ResourceConfig, error)

Unmarshal an expected ConfigMap object

func (*ResourceConfig) AddRuleToPolicy

func (rc *ResourceConfig) AddRuleToPolicy(
	policyName string,
	rule *Rule,
)

func (*ResourceConfig) CopyConfig

func (rc *ResourceConfig) CopyConfig(cfg *ResourceConfig)

Copies from an existing config into our new config

func (*ResourceConfig) DeleteRouteProfile

func (rc *ResourceConfig) DeleteRouteProfile(namespace, name string)

func (*ResourceConfig) DeleteRuleFromPolicy

func (rc *ResourceConfig) DeleteRuleFromPolicy(
	policyName string,
	rule *Rule,
	mergedRulesMap map[string]map[string]MergedRuleEntry,
)

func (*ResourceConfig) DeleteWhitelistCondition

func (rsCfg *ResourceConfig) DeleteWhitelistCondition()

Deletes a whitelist reset rule

func (*ResourceConfig) FindPolicy

func (rc *ResourceConfig) FindPolicy(controlType string) *Policy

func (*ResourceConfig) GetName

func (cfg *ResourceConfig) GetName() string

func (*ResourceConfig) GetNameRef

func (cfg *ResourceConfig) GetNameRef() NameRef

func (*ResourceConfig) GetPartition

func (cfg *ResourceConfig) GetPartition() string

func (*ResourceConfig) MergeRules

func (rc *ResourceConfig) MergeRules(mergedRulesMap map[string]map[string]MergedRuleEntry)

func (*ResourceConfig) RemoveMonitor

func (rc *ResourceConfig) RemoveMonitor(pool string) bool

func (*ResourceConfig) RemovePolicy

func (rc *ResourceConfig) RemovePolicy(policy Policy)

func (*ResourceConfig) RemovePool

func (rc *ResourceConfig) RemovePool(
	namespace,
	poolName string,

	mergedRulesMap map[string]map[string]MergedRuleEntry,
) (bool, *ServiceKey)

func (*ResourceConfig) RemovePoolAt

func (rc *ResourceConfig) RemovePoolAt(offset int) bool

func (*ResourceConfig) SetMonitor

func (rc *ResourceConfig) SetMonitor(pool *Pool, monitor Monitor) bool

func (*ResourceConfig) SetPolicy

func (rc *ResourceConfig) SetPolicy(policy Policy)

func (*ResourceConfig) SortMonitors

func (rc *ResourceConfig) SortMonitors()

func (*ResourceConfig) UnmergeRule

func (rc *ResourceConfig) UnmergeRule(ruleName string, mergedRulesMap map[string]map[string]MergedRuleEntry) bool

type ResourceConfigMap

type ResourceConfigMap map[NameRef]*ResourceConfig

Key is resource name, value is pointer to config. May be shared.

type ResourceConfigs

type ResourceConfigs []*ResourceConfig

type ResourceEnumFunc

type ResourceEnumFunc func(key ServiceKey, cfg *ResourceConfig)

callback type for ForEach()

type ResourceInterface

type ResourceInterface interface {
	Init()
	Assign(key ServiceKey, name string, cfg *ResourceConfig)
	PoolCount() int
	VirtualCount() int
	CountOf(key ServiceKey) int
	Get(key ServiceKey, name string) (*ResourceConfig, bool)
	GetAll(key ServiceKey) ResourceConfigs
	GetAllWithName(name string) (ResourceConfigs, []ServiceKey)
	GetAllResources() ResourceConfigs
	Delete(key ServiceKey, name string) bool
	ForEach(f ResourceEnumFunc)
	DependencyDiff(key ObjectDependency, newDeps ObjectDependencies) ([]ObjectDependency, []ObjectDependency)
}

type ResourceRequest

type ResourceRequest struct {
	PoolMembers  map[Member]struct{}
	Resources    *AgentResources
	Profs        map[SecretKey]CustomProfile
	IrulesMap    IRulesMap
	IntDgMap     InternalDataGroupMap
	IntF5Res     InternalF5ResourcesGroup
	AgentCfgmaps []*AgentCfgMap
}

type ResourceResponse

type ResourceResponse struct {
	IsResponseSuccessful bool
}

type Resources

type Resources struct {
	sync.Mutex

	RsMap ResourceConfigMap

	//Only for ingress. For tracking translate address annotation across multiple ingress for single VS
	//Namespace Key -> VS key -> List of translate address for all ingress sharing same VS
	TranslateAddress map[string]map[NameRef][]string
	// contains filtered or unexported fields
}

Map of Resource configs

func NewResources

func NewResources() *Resources

Constructor for Resources

func (*Resources) Assign

func (rs *Resources) Assign(svcKey ServiceKey, nameRef NameRef, cfg *ResourceConfig)

Add or update a Resource config, identified by key.

func (*Resources) CountOf

func (rs *Resources) CountOf(svcKey ServiceKey) int

Count of all configurations for a specific backend.

func (*Resources) Delete

func (rs *Resources) Delete(svcKey ServiceKey, nameRef NameRef) bool

Remove a specific resource configuration.

func (*Resources) DeleteKeyRef

func (rs *Resources) DeleteKeyRef(sKey ServiceKey, nameRef NameRef) bool

Remove a svcKey's reference to a config (pool was removed)

func (*Resources) DeleteKeyRefLocked

func (rs *Resources) DeleteKeyRefLocked(sKey ServiceKey, nameRef NameRef) bool

Remove a svcKey's reference to a config (pool was removed)

func (*Resources) ForEach

func (rs *Resources) ForEach(f ResourceEnumFunc)

Iterate over all configurations, calling the supplied callback with each.

func (*Resources) Get

func (rs *Resources) Get(svcKey ServiceKey, nameRef NameRef) (*ResourceConfig, bool)

Get a specific Resource cfg

func (*Resources) GetAll

func (rs *Resources) GetAll(svcKey ServiceKey) ResourceConfigs

Get all configurations for a specific backend

func (*Resources) GetAllWithName

func (rs *Resources) GetAllWithName(nameRef NameRef) (ResourceConfigs, []ServiceKey)

Get all configurations with a specific name, spanning multiple backends This is for multi-service ingress

func (*Resources) GetByName

func (rs *Resources) GetByName(nameRef NameRef) (*ResourceConfig, bool)

Get a specific Resource cfg

func (*Resources) Init

func (rs *Resources) Init()

Receiver to initialize the object.

func (*Resources) PoolCount

func (rs *Resources) PoolCount() int

Count of all pools (svcKeys) currently stored.

func (*Resources) RemoveDependency

func (rs *Resources) RemoveDependency(
	key ObjectDependency,
)

RemoveDependency will remove the object dependencies from the rs.objDeps map for given route

func (*Resources) UpdateDependencies

func (rs *Resources) UpdateDependencies(
	newKey ObjectDependency,
	newDeps ObjectDependencies,
	svcDepKey ObjectDependency,
	lookupFunc func(key ObjectDependency) bool,
) ([]ObjectDependency, []ObjectDependency)

UpdateDependencies will keep the rs.objDeps map updated, and return two arrays identifying what has changed - added for dependencies that were added, and removed for dependencies that were removed.

func (*Resources) UpdatePolicy

func (rs *Resources) UpdatePolicy(
	rsName NameRef,
	policyName string,
	ruleName string,
)

UpdatePolicy will keep the rs.RsMap map updated and remove the unwanted rules from policy,

func (*Resources) VirtualCount

func (rs *Resources) VirtualCount() int

Count of all virtuals currently stored.

type RouteKey

type RouteKey struct {
	Name      string
	Namespace string
	Context   string
}

Key used to store annotated profiles for a route

type RouteService

type RouteService struct {
	Weight int
	Name   string
}

func GetRouteServices

func GetRouteServices(route *routeapi.Route) []RouteService

return the services associated with a route (names + weight)

type Rule

type Rule struct {
	Name       string       `json:"name"`
	FullURI    string       `json:"-"`
	Ordinal    int          `json:"ordinal,omitempty"`
	Actions    []*Action    `json:"actions,omitempty"`
	Conditions []*Condition `json:"conditions,omitempty"`
}

Rule config for a Policy

func CreateRule

func CreateRule(uri, poolName, partition, ruleName string) (*Rule, error)

func ProcessURLRewrite

func ProcessURLRewrite(target, value string, rsType int) *Rule

type RuleData

type RuleData struct {
	SvcName   string
	SvcPort   int32
	HealthMon AnnotationHealthMonitor
	Assigned  bool
}

type RuleMap

type RuleMap map[string]*Rule

type Rules

type Rules []*Rule

func ProcessAppRoot

func ProcessAppRoot(target, value, poolName string, rsType int) Rules

func (Rules) Len

func (r Rules) Len() int

func (Rules) Less

func (r Rules) Less(i, j int) bool

func (Rules) Swap

func (r Rules) Swap(i, j int)

type SecretKey

type SecretKey struct {
	Name         string
	ResourceName string
}

type ServiceAddress

type ServiceAddress struct {
	ArpEnabled         bool   `json:"arpEnabled,omitempty"`
	ICMPEcho           string `json:"icmpEcho,omitempty"`
	RouteAdvertisement string `json:"routeAdvertisement,omitempty"`
	TrafficGroup       string `json:"trafficGroup,omitempty"`
	SpanningEnabled    bool   `json:"spanningEnabled,omitempty"`
}

type ServiceKey

type ServiceKey struct {
	ServiceName string
	ServicePort int32
	Namespace   string
}

Virtual Server Key - unique server is Name + Port

type SourceAddrTranslation

type SourceAddrTranslation struct {
	Type string `json:"type"`
	Pool string `json:"pool,omitempty"`
}

Virtual Server Source Address Translation

func SetSourceAddrTranslation

func SetSourceAddrTranslation(snatPoolName string) SourceAddrTranslation

type Virtual

type Virtual struct {
	Name                   string                `json:"name"`
	PoolName               string                `json:"pool,omitempty"`
	Partition              string                `json:"-"`
	Destination            string                `json:"destination"`
	Enabled                bool                  `json:"enabled"`
	IpProtocol             string                `json:"ipProtocol,omitempty"`
	SourceAddrTranslation  SourceAddrTranslation `json:"sourceAddressTranslation,omitempty"`
	Policies               []NameRef             `json:"policies,omitempty"`
	IRules                 []string              `json:"rules,omitempty"`
	Profiles               ProfileRefs           `json:"profiles,omitempty"`
	Description            string                `json:"description,omitempty"`
	VirtualAddress         *VirtualAddress       `json:"-"`
	Mask                   string                `json:"mask,omitempty"`
	TranslateServerAddress string                `json:"translateAddress,omitempty"`
}

Virtual server config

func (*Virtual) AddIRule

func (v *Virtual) AddIRule(ruleName string) bool

Adds an IRule reference to a Virtual object

func (*Virtual) AddOrUpdateProfile

func (v *Virtual) AddOrUpdateProfile(prof ProfileRef) bool

func (*Virtual) GetProfileCountByContext

func (v *Virtual) GetProfileCountByContext(context string) int

func (*Virtual) ReferencesProfile

func (v *Virtual) ReferencesProfile(profile CustomProfile) bool

func (*Virtual) RemoveIRule

func (v *Virtual) RemoveIRule(ruleName string) bool

Removes an IRule reference from a Virtual object

func (*Virtual) RemoveProfile

func (v *Virtual) RemoveProfile(prof ProfileRef) bool

func (*Virtual) SetVirtualAddress

func (v *Virtual) SetVirtualAddress(bindAddr string, port int32, excludeCidr bool)

func (*Virtual) SetVirtualAddressNetMask

func (v *Virtual) SetVirtualAddressNetMask(bindAddr string)

SetVirtualAddressNetMask calculates the netmask from CIDR notation and sets it in virtual server

func (*Virtual) ToString

func (v *Virtual) ToString() string

type VirtualAddress

type VirtualAddress struct {
	BindAddr string `json:"bindAddr,omitempty"`
	Port     int32  `json:"port,omitempty"`
}

frontend bindaddr and port

type Virtuals

type Virtuals []Virtual

func (Virtuals) Len

func (slice Virtuals) Len() int

Sorting methods for unit testing

func (Virtuals) Less

func (slice Virtuals) Less(i, j int) bool

func (Virtuals) Swap

func (slice Virtuals) Swap(i, j int)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL