k8s

package
v1.9.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 23, 2020 License: Apache-2.0 Imports: 44 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// TLS Secret
	TLS = iota + 1
	// JWK Secret
	JWK
	// CA Secret
	CA
)
View Source 
const CAKey = "ca.crt"

CAKey is the key of the data field of a Secret where the certificate authority must be stored.

View Source 
const (

	// IngressControllerName holds Ingress Controller name
	IngressControllerName = "nginx.org/ingress-controller"
)
View Source 
const JWTKeyKey = "jwk"

JWTKeyKey is the key of the data field of a Secret where the JWK must be stored.

Variables

This section is empty.

Functions

func GetK8sVersion added in v1.9.0 

func GetK8sVersion(client kubernetes.Interface) (v *version.Version, err error)

GetK8sVersion returns the running version of k8s

func GetSecretKind 

func GetSecretKind(secret *v1.Secret) (int, error)

GetSecretKind returns the kind of the Secret.

func NewSpiffeController added in v1.7.1 

func NewSpiffeController(sync func(*workload.X509SVIDs), spireAgentAddr string) (*spiffeController, error)

NewSpiffeController creates the spiffeWatcher and the Spiffe Workload API Client, returns an error if the client cannot connect to the Spire Agent.

func ParseNamespaceName 

func ParseNamespaceName(value string) (ns string, name string, err error)

ParseNamespaceName parses the string in the <namespace>/<name> format and returns the name and the namespace. It returns an error in case the string does not follow the <namespace>/<name> format.

func ParseResourceReferenceAnnotation added in v1.8.0 

func ParseResourceReferenceAnnotation(ns, antn string) string

ParseResourceReferenceAnnotation returns a namespace/name string

func ValidateAppProtectLogConf added in v1.8.0 

func ValidateAppProtectLogConf(logConf *unstructured.Unstructured) error

ValidateAppProtectLogConf validates LogConfiguration resource

func ValidateAppProtectLogDestinationAnnotation added in v1.8.0 

func ValidateAppProtectLogDestinationAnnotation(dstAntn string) error

ValidateAppProtectLogDestinationAnnotation validates annotation for log destination configuration

func ValidateAppProtectPolicy added in v1.8.0 

func ValidateAppProtectPolicy(policy *unstructured.Unstructured) error

ValidateAppProtectPolicy validates Policy resource

func ValidateCASecret added in v1.9.0 

func ValidateCASecret(secret *v1.Secret) error

ValidateCASecret validates the secret. If it is valid, the function returns nil.

func ValidateJWKSecret 

func ValidateJWKSecret(secret *v1.Secret) error

ValidateJWKSecret validates the secret. If it is valid, the function returns nil.

func ValidateTLSSecret 

func ValidateTLSSecret(secret *v1.Secret) error

ValidateTLSSecret validates the secret. If it is valid, the function returns nil.

Types

type Configuration added in v1.9.0 

type Configuration struct {
	// contains filtered or unexported fields
}

Configuration represents the configuration of the Ingress Controller - a collection of configuration objects (Ingresses, VirtualServers, VirtualServerRoutes) ready to be transformed into NGINX config. It holds the latest valid state of those objects. The IC needs to ensure that at any point in time the NGINX config on the filesystem reflects the state of the objects in the Configuration.

func NewConfiguration added in v1.9.0 

func NewConfiguration(hasCorrectIngressClass func(interface{}) bool, isPlus bool, virtualServerValidator *validation.VirtualServerValidator) *Configuration

NewConfiguration creates a new Configuration.

func (*Configuration) AddOrUpdateIngress added in v1.9.0 

func (c *Configuration) AddOrUpdateIngress(ing *networking.Ingress) ([]ResourceChange, []ConfigurationProblem)

AddOrUpdateIngress adds or updates the Ingress resource.

func (*Configuration) AddOrUpdateVirtualServer added in v1.9.0 

func (c *Configuration) AddOrUpdateVirtualServer(vs *conf_v1.VirtualServer) ([]ResourceChange, []ConfigurationProblem)

AddOrUpdateVirtualServer adds or updates the VirtualServer resource.

func (*Configuration) AddOrUpdateVirtualServerRoute added in v1.9.0 

func (c *Configuration) AddOrUpdateVirtualServerRoute(vsr *conf_v1.VirtualServerRoute) ([]ResourceChange, []ConfigurationProblem)

AddOrUpdateVirtualServerRoute adds or updates the VirtualServerRoute.

func (*Configuration) DeleteIngress added in v1.9.0 

func (c *Configuration) DeleteIngress(key string) ([]ResourceChange, []ConfigurationProblem)

DeleteIngress deletes an Ingress resource by the key.

func (*Configuration) DeleteVirtualServer added in v1.9.0 

func (c *Configuration) DeleteVirtualServer(key string) ([]ResourceChange, []ConfigurationProblem)

DeleteVirtualServer deletes a VirtualServerResource by the key.

func (*Configuration) DeleteVirtualServerRoute added in v1.9.0 

func (c *Configuration) DeleteVirtualServerRoute(key string) ([]ResourceChange, []ConfigurationProblem)

DeleteVirtualServerRoute deletes a VirtualServerRoute by the key.

func (*Configuration) FindResourcesForAppProtectLogConf added in v1.9.0 

func (c *Configuration) FindResourcesForAppProtectLogConf(logConfNamespace string, logConfName string) []Resource

FindResourcesForAppProtectLogConf finds resources that reference the specified AppProtect LogConf.

func (*Configuration) FindResourcesForAppProtectPolicy added in v1.9.0 

func (c *Configuration) FindResourcesForAppProtectPolicy(policyNamespace string, policyName string) []Resource

FindResourcesForAppProtectPolicy finds resources that reference the specified AppProtect policy.

func (*Configuration) FindResourcesForEndpoints added in v1.9.0 

func (c *Configuration) FindResourcesForEndpoints(endpointsNamespace string, endpointsName string) []Resource

FindResourcesForEndpoints finds resources that reference the specified endpoints.

func (*Configuration) FindResourcesForPolicy added in v1.9.0 

func (c *Configuration) FindResourcesForPolicy(policyNamespace string, policyName string) []Resource

FindResourcesForPolicy finds resources that reference the specified policy.

func (*Configuration) FindResourcesForSecret added in v1.9.0 

func (c *Configuration) FindResourcesForSecret(secretNamespace string, secretName string) []Resource

FindResourcesForSecret finds resources that reference the specified secret.

func (*Configuration) FindResourcesForService added in v1.9.0 

func (c *Configuration) FindResourcesForService(svcNamespace string, svcName string) []Resource

FindResourcesForService finds resources that reference the specified service.

func (*Configuration) GetResources added in v1.9.0 

func (c *Configuration) GetResources() []Resource

GetResources returns all configuration resources.

func (*Configuration) GetResourcesWithFilter added in v1.9.0 

func (c *Configuration) GetResourcesWithFilter(filter resourceFilter) []Resource

GetResourcesWithFilter returns resources using the filter.

type ConfigurationProblem added in v1.9.0 

type ConfigurationProblem struct {
	// Object is a configuration object.
	Object runtime.Object
	// IsError tells if the problem is an error. If it is an error, then it is expected that the status of the object
	// will be updated to the state 'invalid'. Otherwise, the state will be 'warning'.
	IsError bool
	// Reason tells the reason. It matches the reason in the events/status of our configuration objects.
	Reason string
	// Messages gives the details about the problem. It matches the message in the events/status of our configuration objects.
	Message string
}

ConfigurationProblem is a problem associated with a configuration object.

type FullIngress added in v1.9.0 

type FullIngress struct {
	// Ingress holds a regular Ingress or a master Ingress.
	Ingress *networking.Ingress
	// IsMaster is true when the Ingress is a master.
	IsMaster bool
	// Minions contains minions if the Ingress is a master.
	Minions []*FullMinion
	// ValidHosts marks the hosts of the Ingress as valid (true) or invalid (false).
	// Regular Ingress resources can have multiple hosts. It is possible that some of the hosts are taken by other
	// resources. In that case, those hosts will be marked as invalid.
	ValidHosts map[string]bool
	// Warnings includes all the warnings for the resource.
	Warnings []string
	// ChildWarnings includes the warnings of the minions. The key is the namespace/name.
	ChildWarnings map[string][]string
}

FullIngress holds an Ingress resource with its minions. It implements the Resource interface.

func NewMasterFullIngress added in v1.9.0 

func NewMasterFullIngress(ing *networking.Ingress, minions []*FullMinion, childWarnings map[string][]string) *FullIngress

NewMasterFullIngress creates a FullIngress from a master Ingress resource.

func NewRegularFullIngress added in v1.9.0 

func NewRegularFullIngress(ing *networking.Ingress) *FullIngress

NewRegularFullIngress creates a FullIngress from a regular Ingress resource.

func (*FullIngress) AcquireHost added in v1.9.0 

func (fi *FullIngress) AcquireHost(host string)

AcquireHost acquires the host for this resource.

func (*FullIngress) AddWarning added in v1.9.0 

func (fi *FullIngress) AddWarning(warning string)

AddWarning adds a warning.

func (*FullIngress) GetKeyWithKind added in v1.9.0 

func (fi *FullIngress) GetKeyWithKind() string

GetKeyWithKind returns the key of the resource with its kind. For example, Ingress/my-namespace/my-name.

func (*FullIngress) GetObjectMeta added in v1.9.0 

func (fi *FullIngress) GetObjectMeta() *metav1.ObjectMeta

GetObjectMeta returns the resource ObjectMeta.

func (*FullIngress) IsEqual added in v1.9.0 

func (fi *FullIngress) IsEqual(resource Resource) bool

IsEqual tests if the FullIngress is equal to the resource.

func (*FullIngress) ReleaseHost added in v1.9.0 

func (fi *FullIngress) ReleaseHost(host string)

ReleaseHost releases the host.

func (*FullIngress) Wins added in v1.9.0 

func (fi *FullIngress) Wins(resource Resource) bool

Wins tells if this resource wins over the specified resource.

type FullMinion added in v1.9.0 

type FullMinion struct {
	// Ingress is the Ingress behind a minion.
	Ingress *networking.Ingress
	// ValidPaths marks the paths of the Ingress as valid (true) or invalid (false).
	// Minion Ingress resources can have multiple paths. It is possible that some of the paths are taken by other
	// Minions. In that case, those paths will be marked as invalid.
	ValidPaths map[string]bool
}

FullMinion holds a Minion resource.

func NewFullMinion added in v1.9.0 

func NewFullMinion(ing *networking.Ingress) *FullMinion

NewFullMinion creates a new FullMinion.

type FullVirtualServer added in v1.9.0 

type FullVirtualServer struct {
	VirtualServer       *conf_v1.VirtualServer
	VirtualServerRoutes []*conf_v1.VirtualServerRoute
	Warnings            []string
}

FullVirtualServer holds a VirtualServer along with its VirtualServerRoutes.

func NewFullVirtualServer added in v1.9.0 

func NewFullVirtualServer(vs *conf_v1.VirtualServer, vsrs []*conf_v1.VirtualServerRoute, warnings []string) *FullVirtualServer

NewFullVirtualServer creates a NewFullVirtualServer.

func (*FullVirtualServer) AcquireHost added in v1.9.0 

func (fvs *FullVirtualServer) AcquireHost(host string)

AcquireHost acquires the host for this resource.

func (*FullVirtualServer) AddWarning added in v1.9.0 

func (fvs *FullVirtualServer) AddWarning(warning string)

AddWarning adds a warning.

func (*FullVirtualServer) GetKeyWithKind added in v1.9.0 

func (fvs *FullVirtualServer) GetKeyWithKind() string

GetKeyWithKind returns the key of the resource with its kind. For example, VirtualServer/my-namespace/my-name.

func (*FullVirtualServer) GetObjectMeta added in v1.9.0 

func (fvs *FullVirtualServer) GetObjectMeta() *metav1.ObjectMeta

GetObjectMeta returns the resource ObjectMeta.

func (*FullVirtualServer) IsEqual added in v1.9.0 

func (fvs *FullVirtualServer) IsEqual(resource Resource) bool

IsEqual tests if the FullVirtualServer is equal to the resource.

func (*FullVirtualServer) ReleaseHost added in v1.9.0 

func (fvs *FullVirtualServer) ReleaseHost(host string)

ReleaseHost releases the host.

func (*FullVirtualServer) Wins added in v1.9.0 

func (fvs *FullVirtualServer) Wins(resource Resource) bool

Wins tells if this resource wins over the specified resource. It is used to determine which resource should win over a host.

type LoadBalancerController 

type LoadBalancerController struct {
	// contains filtered or unexported fields
}

LoadBalancerController watches Kubernetes API and reconfigures NGINX via NginxController when needed

func NewLoadBalancerController 

func NewLoadBalancerController(input NewLoadBalancerControllerInput) *LoadBalancerController

NewLoadBalancerController creates a controller

func (*LoadBalancerController) AddSyncQueue 

func (lbc *LoadBalancerController) AddSyncQueue(item interface{})

AddSyncQueue enqueues the provided item on the sync queue

func (*LoadBalancerController) EnqueueTransportServerForService added in v1.7.0 

func (lbc *LoadBalancerController) EnqueueTransportServerForService(service *api_v1.Service)

EnqueueTransportServerForService enqueues TransportServers for the given service.

func (*LoadBalancerController) HasCorrectIngressClass added in v1.8.0 

func (lbc *LoadBalancerController) HasCorrectIngressClass(obj interface{}) bool

HasCorrectIngressClass checks if resource ingress class annotation (if exists) or ingressClass string for VS/VSR is matching with ingress controller class

func (*LoadBalancerController) IsExternalServiceForStatus 

func (lbc *LoadBalancerController) IsExternalServiceForStatus(svc *api_v1.Service) bool

IsExternalServiceForStatus matches the service specified by the external-service cli arg

func (*LoadBalancerController) IsExternalServiceKeyForStatus added in v1.9.0 

func (lbc *LoadBalancerController) IsExternalServiceKeyForStatus(key string) bool

IsExternalServiceKeyForStatus matches the service key specified by the external-service cli arg

func (*LoadBalancerController) IsNginxReady added in v1.8.0 

func (lbc *LoadBalancerController) IsNginxReady() bool

IsNginxReady returns ready status of NGINX

func (*LoadBalancerController) Run 

func (lbc *LoadBalancerController) Run()

Run starts the loadbalancer controller

func (*LoadBalancerController) Stop 

func (lbc *LoadBalancerController) Stop()

Stop shutdowns the load balancer controller

func (*LoadBalancerController) UpdateIngressStatusAndEventsOnDelete added in v1.9.0 

func (lbc *LoadBalancerController) UpdateIngressStatusAndEventsOnDelete(fullIng *FullIngress, changeError string, deleteErr error)

func (*LoadBalancerController) UpdateVirtualServerStatusAndEventsOnDelete added in v1.9.0 

func (lbc *LoadBalancerController) UpdateVirtualServerStatusAndEventsOnDelete(fullVS *FullVirtualServer, changeError string, deleteErr error)

type NewLoadBalancerControllerInput 

type NewLoadBalancerControllerInput struct {
	KubeClient                   kubernetes.Interface
	ConfClient                   k8s_nginx.Interface
	DynClient                    dynamic.Interface
	ResyncPeriod                 time.Duration
	Namespace                    string
	NginxConfigurator            *configs.Configurator
	DefaultServerSecret          string
	AppProtectEnabled            bool
	IsNginxPlus                  bool
	IngressClass                 string
	UseIngressClassOnly          bool
	ExternalServiceName          string
	ControllerNamespace          string
	ReportIngressStatus          bool
	IsLeaderElectionEnabled      bool
	LeaderElectionLockName       string
	WildcardTLSSecret            string
	ConfigMaps                   string
	GlobalConfiguration          string
	AreCustomResourcesEnabled    bool
	MetricsCollector             collectors.ControllerCollector
	GlobalConfigurationValidator *validation.GlobalConfigurationValidator
	TransportServerValidator     *validation.TransportServerValidator
	VirtualServerValidator       *validation.VirtualServerValidator
	SpireAgentAddress            string
	InternalRoutesEnabled        bool
	IsLatencyMetricsEnabled      bool
}

NewLoadBalancerControllerInput holds the input needed to call NewLoadBalancerController.

type Operation added in v1.9.0 

type Operation int

Operation defines an operation to perform for a resource. 

const (
	// Delete the config of the resource
	Delete Operation = iota
	// AddOrUpdate the config of the resource
	AddOrUpdate
)

type Resource added in v1.9.0 

type Resource interface {
	GetObjectMeta() *metav1.ObjectMeta
	GetKeyWithKind() string
	AcquireHost(host string)
	ReleaseHost(host string)
	Wins(resource Resource) bool
	AddWarning(warning string)
	IsEqual(resource Resource) bool
}

Resource represents a configuration resource. A Resource can be a top level configuration object: - Regular or Master Ingress - VirtualServer

type ResourceChange added in v1.9.0 

type ResourceChange struct {
	// Op is an operation that needs be performed on the resource.
	Op Operation
	// Resource is the target resource.
	Resource Resource
	// Error is the error associated with the resource.
	Error string
}

ResourceChange represents a change of the resource that needs to be reflected in the NGINX config.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.