configs

package
v1.7.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 3, 2020 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const DefaultServerSecretName = "default"

DefaultServerSecretName is the filename of the Secret with a TLS cert and a key for the default server.

View Source 
const JWTKeyAnnotation = "nginx.com/jwt-key"

JWTKeyAnnotation is the annotation where the Secret with a JWK is specified.

View Source 
const JWTKeyKey = "jwk"

JWTKeyKey is the key of the data field of a Secret where the JWK must be stored.

View Source 
const WildcardSecretName = "wildcard"

WildcardSecretName is the filename of the Secret with a TLS cert and a key for the ingress resources with TLS termination enabled but not secret defined.

Variables

This section is empty.

Functions

func GenerateCertAndKeyFileContent 

func GenerateCertAndKeyFileContent(secret *api_v1.Secret) []byte

GenerateCertAndKeyFileContent generates a pem file content from the TLS secret.

func GenerateEndpointsKey 

func GenerateEndpointsKey(serviceNamespace string, serviceName string, subselector map[string]string, port uint16) string

GenerateEndpointsKey generates a key for the Endpoints map in VirtualServerEx.

func GenerateExternalNameSvcKey added in v1.6.0 

func GenerateExternalNameSvcKey(namespace string, service string) string

GenerateExternalNameSvcKey returns the key to identify an ExternalName service.

func GenerateNginxMainConfig 

func GenerateNginxMainConfig(staticCfgParams *StaticConfigParams, config *ConfigParams) *version1.MainConfig

GenerateNginxMainConfig generates MainConfig.

func GetMapKeyAsBool 

func GetMapKeyAsBool(m map[string]string, key string, context apiObject) (bool, bool, error)

GetMapKeyAsBool searches the map for the given key and parses the key as bool.

func GetMapKeyAsInt 

func GetMapKeyAsInt(m map[string]string, key string, context apiObject) (int, bool, error)

GetMapKeyAsInt tries to find and parse a key in a map as int.

func GetMapKeyAsInt64 

func GetMapKeyAsInt64(m map[string]string, key string, context apiObject) (int64, bool, error)

GetMapKeyAsInt64 tries to find and parse a key in a map as int64.

func GetMapKeyAsStringSlice 

func GetMapKeyAsStringSlice(m map[string]string, key string, context apiObject, delimiter string) ([]string, bool, error)

GetMapKeyAsStringSlice tries to find and parse a key in the map as string slice splitting it on delimiter.

func GetMapKeyAsUint64 

func GetMapKeyAsUint64(m map[string]string, key string, context apiObject, nonZero bool) (uint64, bool, error)

GetMapKeyAsUint64 tries to find and parse a key in a map as uint64.

func ParseLBMethod 

func ParseLBMethod(method string) (string, error)

ParseLBMethod parses method and matches it to a corresponding load balancing method in NGINX. An error is returned if method is not valid.

func ParseLBMethodForPlus 

func ParseLBMethodForPlus(method string) (string, error)

ParseLBMethodForPlus parses method and matches it to a corresponding load balancing method in NGINX Plus. An error is returned if method is not valid.

func ParseTime added in v1.6.0 

func ParseTime(s string) (string, error)

ParseTime ensures that the string value in the annotation is a valid time.

Types

type ConfigParams 

type ConfigParams struct {
	ClientMaxBodySize             string
	DefaultServerAccessLogOff     bool
	FailTimeout                   string
	HealthCheckEnabled            bool
	HealthCheckMandatory          bool
	HealthCheckMandatoryQueue     int64
	HSTS                          bool
	HSTSBehindProxy               bool
	HSTSIncludeSubdomains         bool
	HSTSMaxAge                    int64
	HTTP2                         bool
	Keepalive                     int
	LBMethod                      string
	LocationSnippets              []string
	MainAccessLogOff              bool
	MainErrorLogLevel             string
	MainHTTPSnippets              []string
	MainKeepaliveRequests         int64
	MainKeepaliveTimeout          string
	MainLogFormat                 []string
	MainLogFormatEscaping         string
	MainMainSnippets              []string
	MainOpenTracingEnabled        bool
	MainOpenTracingLoadModule     bool
	MainOpenTracingTracer         string
	MainOpenTracingTracerConfig   string
	MainServerNamesHashBucketSize string
	MainServerNamesHashMaxSize    string
	MainStreamLogFormat           []string
	MainStreamLogFormatEscaping   string
	MainStreamSnippets            []string
	MainWorkerConnections         string
	MainWorkerCPUAffinity         string
	MainWorkerProcesses           string
	MainWorkerRlimitNofile        string
	MainWorkerShutdownTimeout     string
	MaxConns                      int
	MaxFails                      int
	ProxyBuffering                bool
	ProxyBuffers                  string
	ProxyBufferSize               string
	ProxyConnectTimeout           string
	ProxyHideHeaders              []string
	ProxyMaxTempFileSize          string
	ProxyPassHeaders              []string
	ProxyProtocol                 bool
	ProxyReadTimeout              string
	ProxySendTimeout              string
	RedirectToHTTPS               bool
	ResolverAddresses             []string
	ResolverIPV6                  bool
	ResolverTimeout               string
	ResolverValid                 string
	ServerSnippets                []string
	ServerTokens                  string
	SlowStart                     string
	SSLRedirect                   bool
	UpstreamZoneSize              string
	VariablesHashBucketSize       uint64
	VariablesHashMaxSize          uint64

	RealIPHeader    string
	RealIPRecursive bool
	SetRealIPFrom   []string

	MainServerSSLCiphers             string
	MainServerSSLDHParam             string
	MainServerSSLDHParamFileContent  *string
	MainServerSSLPreferServerCiphers bool
	MainServerSSLProtocols           string

	IngressTemplate *string
	MainTemplate    *string

	JWTKey      string
	JWTLoginURL string
	JWTRealm    string
	JWTToken    string

	Ports    []int
	SSLPorts []int

	SpiffeCerts bool
}

ConfigParams holds NGINX configuration parameters that affect the main NGINX config as well as configs for Ingress resources.

func NewDefaultConfigParams 

func NewDefaultConfigParams() *ConfigParams

NewDefaultConfigParams creates a ConfigParams with default values.

func ParseConfigMap 

func ParseConfigMap(cfgm *v1.ConfigMap, nginxPlus bool) *ConfigParams

ParseConfigMap parses ConfigMap into ConfigParams.

type Configurator 

type Configurator struct {
	// contains filtered or unexported fields
}

Configurator configures NGINX.

func NewConfigurator 

func NewConfigurator(nginxManager nginx.Manager, staticCfgParams *StaticConfigParams, config *ConfigParams, globalCfgParams *GlobalConfigParams,
	templateExecutor *version1.TemplateExecutor, templateExecutorV2 *version2.TemplateExecutor, isPlus bool, isWildcardEnabled bool) *Configurator

NewConfigurator creates a new Configurator.

func (*Configurator) AddOrUpdateDHParam 

func (cnf *Configurator) AddOrUpdateDHParam(content string) (string, error)

AddOrUpdateDHParam creates a dhparam file with the content of the string.

func (*Configurator) AddOrUpdateIngress 

func (cnf *Configurator) AddOrUpdateIngress(ingEx *IngressEx) error

AddOrUpdateIngress adds or updates NGINX configuration for the Ingress resource.

func (*Configurator) AddOrUpdateJWKSecret 

func (cnf *Configurator) AddOrUpdateJWKSecret(secret *api_v1.Secret)

func (*Configurator) AddOrUpdateMergeableIngress 

func (cnf *Configurator) AddOrUpdateMergeableIngress(mergeableIngs *MergeableIngresses) error

AddOrUpdateMergeableIngress adds or updates NGINX configuration for the Ingress resources with Mergeable Types.

func (*Configurator) AddOrUpdateSpecialTLSSecrets 

func (cnf *Configurator) AddOrUpdateSpecialTLSSecrets(secret *api_v1.Secret, secretNames []string) error

AddOrUpdateSpecialTLSSecrets adds or updates a file with a TLS cert and a key from a Special TLS Secret (eg. DefaultServerSecret, WildcardTLSSecret).

func (*Configurator) AddOrUpdateSpiffeCerts added in v1.7.1 

func (cnf *Configurator) AddOrUpdateSpiffeCerts(svidResponse *workload.X509SVIDs) error

AddOrUpdateSpiffeCerts writes Spiffe certs and keys to disk and reloads NGINX

func (*Configurator) AddOrUpdateTLSSecret 

func (cnf *Configurator) AddOrUpdateTLSSecret(secret *api_v1.Secret, ingExes []IngressEx, mergeableIngresses []MergeableIngresses, virtualServerExes []*VirtualServerEx) error

AddOrUpdateTLSSecret adds or updates a file with the content of the TLS secret.

func (*Configurator) AddOrUpdateTransportServer added in v1.7.0 

func (cnf *Configurator) AddOrUpdateTransportServer(transportServerEx *TransportServerEx) error

AddOrUpdateTransportServer adds or updates NGINX configuration for the TransportServer resource. It is a responsibility of the caller to check that the TransportServer references an existing listener.

func (*Configurator) AddOrUpdateVirtualServer 

func (cnf *Configurator) AddOrUpdateVirtualServer(virtualServerEx *VirtualServerEx) (Warnings, error)

AddOrUpdateVirtualServer adds or updates NGINX configuration for the VirtualServer resource.

func (*Configurator) CheckIfListenerExists added in v1.7.0 

func (cnf *Configurator) CheckIfListenerExists(transportServerListener *conf_v1alpha1.TransportServerListener) bool

func (*Configurator) DeleteIngress 

func (cnf *Configurator) DeleteIngress(key string) error

DeleteIngress deletes NGINX configuration for the Ingress resource.

func (*Configurator) DeleteSecret 

func (cnf *Configurator) DeleteSecret(key string, ingExes []IngressEx, mergeableIngresses []MergeableIngresses, virtualServerExes []*VirtualServerEx) error

DeleteSecret deletes the file associated with the secret and the configuration files for Ingress and VirtualServer resources. NGINX is reloaded only when the total number of the resources > 0.

func (*Configurator) DeleteTransportServer added in v1.7.0 

func (cnf *Configurator) DeleteTransportServer(key string) error

DeleteTransportServer deletes NGINX configuration for the TransportServer resource.

func (*Configurator) DeleteVirtualServer 

func (cnf *Configurator) DeleteVirtualServer(key string) error

DeleteVirtualServer deletes NGINX configuration for the VirtualServer resource.

func (*Configurator) GetIngressCounts 

func (cnf *Configurator) GetIngressCounts() map[string]int

GetIngressCounts returns the total count of Ingress resources that are handled by the Ingress Controller grouped by their type

func (*Configurator) GetVirtualServerCounts added in v1.6.0 

func (cnf *Configurator) GetVirtualServerCounts() (vsCount int, vsrCount int)

GetVirtualServerCounts returns the total count of VS/VSR resources that are handled by the Ingress Controller

func (*Configurator) HasIngress 

func (cnf *Configurator) HasIngress(ing *extensions.Ingress) bool

HasIngress checks if the Ingress resource is present in NGINX configuration.

func (*Configurator) HasMinion 

func (cnf *Configurator) HasMinion(master *extensions.Ingress, minion *extensions.Ingress) bool

HasMinion checks if the minion Ingress resource of the master is present in NGINX configuration.

func (*Configurator) IsResolverConfigured 

func (cnf *Configurator) IsResolverConfigured() bool

IsResolverConfigured checks if a DNS resolver is present in NGINX configuration.

func (*Configurator) UpdateConfig 

func (cnf *Configurator) UpdateConfig(cfgParams *ConfigParams, ingExes []*IngressEx, mergeableIngs map[string]*MergeableIngresses, virtualServerExes []*VirtualServerEx) (Warnings, error)

UpdateConfig updates NGINX configuration parameters.

func (*Configurator) UpdateEndpoints 

func (cnf *Configurator) UpdateEndpoints(ingExes []*IngressEx) error

UpdateEndpoints updates endpoints in NGINX configuration for the Ingress resources.

func (*Configurator) UpdateEndpointsForTransportServers added in v1.7.0 

func (cnf *Configurator) UpdateEndpointsForTransportServers(transportServerExes []*TransportServerEx) error

UpdateEndpointsForTransportServers updates endpoints in NGINX configuration for the TransportServer resources.

func (*Configurator) UpdateEndpointsForVirtualServers 

func (cnf *Configurator) UpdateEndpointsForVirtualServers(virtualServerExes []*VirtualServerEx) error

UpdateEndpointsForVirtualServers updates endpoints in NGINX configuration for the VirtualServer resources.

func (*Configurator) UpdateEndpointsMergeableIngress 

func (cnf *Configurator) UpdateEndpointsMergeableIngress(mergeableIngresses []*MergeableIngresses) error

UpdateEndpointsMergeableIngress updates endpoints in NGINX configuration for a mergeable Ingress resource.

func (*Configurator) UpdateGlobalConfiguration added in v1.7.0 

func (cnf *Configurator) UpdateGlobalConfiguration(globalConfiguration *conf_v1alpha1.GlobalConfiguration,
	transportServerExes []*TransportServerEx) (updatedTransportServerExes []*TransportServerEx, deletedTransportServerExes []*TransportServerEx, err error)

UpdateGlobalConfiguration updates NGINX config based on the changes to the GlobalConfiguration resource. Currently, changes to the GlobalConfiguration only affect TransportServer resources. As a result of the changes, the configuration for TransportServers is updated and some TransportServers might be removed from NGINX.

type GlobalConfigParams added in v1.7.0 

type GlobalConfigParams struct {
	Listeners map[string]Listener
}

GlobalConfigParams holds global configuration parameters. For now, it only holds listeners. GlobalConfigParams should replace ConfigParams in the future.

func NewDefaultGlobalConfigParams added in v1.7.0 

func NewDefaultGlobalConfigParams() *GlobalConfigParams

NewDefaultGlobalConfigParams creates a GlobalConfigParams with default values.

func NewGlobalConfigParamsWithTLSPassthrough added in v1.7.0 

func NewGlobalConfigParamsWithTLSPassthrough() *GlobalConfigParams

NewGlobalConfigParamsWithTLSPassthrough creates new GlobalConfigParams with enabled TLS Passthrough listener.

func ParseGlobalConfiguration added in v1.7.0 

func ParseGlobalConfiguration(gc *conf_v1alpha1.GlobalConfiguration, tlsPassthrough bool) *GlobalConfigParams

type IngressEx 

type IngressEx struct {
	Ingress          *extensions.Ingress
	TLSSecrets       map[string]*api_v1.Secret
	JWTKey           JWTKey
	Endpoints        map[string][]string
	HealthChecks     map[string]*api_v1.Probe
	ExternalNameSvcs map[string]bool
}

IngressEx holds an Ingress along with the resources that are referenced in this Ingress.

func (*IngressEx) String 

func (ingEx *IngressEx) String() string

type JWTKey 

type JWTKey struct {
	Name   string
	Secret *api_v1.Secret
}

JWTKey represents a secret that holds JSON Web Key.

type Listener added in v1.7.0 

type Listener struct {
	Port     int
	Protocol string
}

Listener represents a listener that can be used in a TransportServer resource.

type MergeableIngresses 

type MergeableIngresses struct {
	Master  *IngressEx
	Minions []*IngressEx
}

MergeableIngresses is a mergeable ingress of a master and minions.

type StaticConfigParams 

type StaticConfigParams struct {
	HealthStatus                   bool
	HealthStatusURI                string
	NginxStatus                    bool
	NginxStatusAllowCIDRs          []string
	NginxStatusPort                int
	StubStatusOverUnixSocketForOSS bool
	TLSPassthrough                 bool
	SpiffeCerts                    bool
}

StaticConfigParams holds immutable NGINX configuration parameters that affect the main NGINX config.

type TransportServerEx added in v1.7.0 

type TransportServerEx struct {
	TransportServer *conf_v1alpha1.TransportServer
	Endpoints       map[string][]string
}

TransportServerEx holds a TransportServer along with the resources referenced by it.

func (*TransportServerEx) String added in v1.7.0 

func (tsEx *TransportServerEx) String() string

type VirtualServerEx 

type VirtualServerEx struct {
	VirtualServer       *conf_v1.VirtualServer
	Endpoints           map[string][]string
	TLSSecret           *api_v1.Secret
	VirtualServerRoutes []*conf_v1.VirtualServerRoute
	ExternalNameSvcs    map[string]bool
}

VirtualServerEx holds a VirtualServer along with the resources that are referenced in this VirtualServer.

func (*VirtualServerEx) String 

func (vsx *VirtualServerEx) String() string

type Warnings added in v1.6.0 

type Warnings map[runtime.Object][]string

Warnings stores a list of warnings for a given runtime k8s object in a map

func (Warnings) Add added in v1.6.0 

func (w Warnings) Add(warnings Warnings)

Add adds new Warnings to the map

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.