Documentation ¶
Index ¶
- Constants
- Variables
- func ConvertDownwardAPIFieldLabel(version, label, value string) (string, string, error)
- func ExtractContainerNameFromFieldPath(fs *corev1.ObjectFieldSelector, pod *corev1.Pod) (string, error)
- func FetchSidecarSetMatchedNamespace(c client.Client, sidecarSet *appsv1alpha1.SidecarSet) (sets.String, error)
- func GetHotUpgradeContainerName(name string) (string, string)
- func GetInjectedVolumeMountsAndEnvs(control SidecarControl, sidecarContainer *appsv1alpha1.SidecarContainer, ...) ([]corev1.VolumeMount, []corev1.EnvVar)
- func GetPodHotUpgradeContainers(sidecarName string, pod *corev1.Pod) (workContainer, otherContainer string)
- func GetPodHotUpgradeInfoInAnnotations(pod *corev1.Pod) map[string]string
- func GetPodSidecarSetControllerRevision(sidecarSetName string, pod metav1.Object) string
- func GetPodSidecarSetRevision(sidecarSetName string, pod metav1.Object) string
- func GetPodSidecarSetVersionAltAnnotation(cName string) string
- func GetPodSidecarSetVersionAnnotation(cName string) string
- func GetPodSidecarSetWithoutImageRevision(sidecarSetName string, pod metav1.Object) string
- func GetPodsSortFunc(pods []*corev1.Pod, waitUpdateIndexes []int) func(i, j int) bool
- func GetSidecarContainersInPod(sidecarSet *appsv1alpha1.SidecarSet) sets.String
- func GetSidecarSetRevision(sidecarSet *appsv1alpha1.SidecarSet) string
- func GetSidecarSetWithoutImageRevision(sidecarSet *appsv1alpha1.SidecarSet) string
- func GetSidecarTransferEnvs(sidecarContainer *appsv1alpha1.SidecarContainer, pod *corev1.Pod) (injectedEnvs []corev1.EnvVar)
- func IsActivePod(pod *corev1.Pod) bool
- func IsHotUpgradeContainer(sidecarContainer *appsv1alpha1.SidecarContainer) bool
- func IsInjectedSidecarContainerInPod(container *corev1.Container) bool
- func IsPodConsistentWithSidecarSet(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet) bool
- func IsPodInjectedSidecarSet(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet) bool
- func IsPodSidecarUpdated(sidecarSet *appsv1alpha1.SidecarSet, pod *corev1.Pod) bool
- func IsSelectorNamespace(c client.Client, ns string, nsSelector *metav1.LabelSelector) bool
- func IsSharePodVolumeMounts(container *appsv1alpha1.SidecarContainer) bool
- func IsSidecarContainerUpdateCompleted(pod *v1.Pod, sidecarSets, containers sets.String) bool
- func MockSidecarSetForRevision(set *appsv1alpha1.SidecarSet) metav1.Object
- func PatchPodMetadata(originMetadata *metav1.ObjectMeta, ...) (skip bool, err error)
- func PodMatchedSidecarSet(c client.Client, pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet) (bool, error)
- func SidecarSetHash(sidecarSet *appsv1alpha1.SidecarSet) (string, error)
- func SidecarSetHashWithoutImage(sidecarSet *appsv1alpha1.SidecarSet) (string, error)
- func UpdatePodSidecarSetHash(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet)
- func ValidateSidecarSetPatchMetadataWhitelist(c client.Client, sidecarSet *appsv1alpha1.SidecarSet) error
- type HistoryControl
- type SidecarControl
- type SidecarSetUpgradeSpec
Constants ¶
const ( SidecarSetKindName = "kruise.io/sidecarset-name" // SidecarSetHashAnnotation represents the key of a sidecarSet hash SidecarSetHashAnnotation = "kruise.io/sidecarset-hash" // SidecarSetHashWithoutImageAnnotation represents the key of a sidecarset hash without images of sidecar SidecarSetHashWithoutImageAnnotation = "kruise.io/sidecarset-hash-without-image" // SidecarSetListAnnotation represent sidecarset list that injected pods SidecarSetListAnnotation = "kruise.io/sidecarset-injected-list" // SidecarEnvKey specifies the environment variable which record a container as injected SidecarEnvKey = "IS_INJECTED" // SidecarsetInplaceUpdateStateKey records the state of inplace-update. // The value of annotation is SidecarsetInplaceUpdateStateKey. SidecarsetInplaceUpdateStateKey string = "kruise.io/sidecarset-inplace-update-state" // SidecarSetUpgradable is a pod condition to indicate whether the pod's sidecarset is upgradable SidecarSetUpgradable corev1.PodConditionType = "SidecarSetUpgradable" )
const ( // SidecarSetWorkingHotUpgradeContainer records which hot upgrade container is working currently SidecarSetWorkingHotUpgradeContainer = "kruise.io/sidecarset-working-hotupgrade-container" // SidecarSetVersionEnvKey is sidecar container version in container env(SIDECARSET_VERSION) SidecarSetVersionEnvKey = "SIDECARSET_VERSION" // SidecarSetVersionAltEnvKey is container version env in the other sidecar container of the same hotupgrade sidecar(SIDECARSET_VERSION_ALT) SidecarSetVersionAltEnvKey = "SIDECARSET_VERSION_ALT" )
Variables ¶
var (
// SidecarIgnoredNamespaces specifies the namespaces where Pods won't get injected
// SidecarIgnoredNamespaces = []string{"kube-system", "kube-public"}
// SubPathExprEnvReg format: $(ODD_NAME)、$(POD_NAME)...
SubPathExprEnvReg, _ = regexp.Compile(`\$\(([-._a-zA-Z][-._a-zA-Z0-9]*)\)`)
UpdateExpectations = expectations.NewUpdateExpectations(RevisionAdapterImpl)
)
var (
RevisionAdapterImpl = &revisionAdapterImpl{}
)
Functions ¶
func ConvertDownwardAPIFieldLabel ¶ added in v0.10.2
code lifted from https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/core/pods/helpers.go ConvertDownwardAPIFieldLabel converts the specified downward API field label and its value in the pod of the specified version to the internal version, and returns the converted label and value. This function returns an error if the conversion fails.
func ExtractContainerNameFromFieldPath ¶ added in v0.10.2
func FetchSidecarSetMatchedNamespace ¶ added in v1.4.0
func FetchSidecarSetMatchedNamespace(c client.Client, sidecarSet *appsv1alpha1.SidecarSet) (sets.String, error)
FetchSidecarSetMatchedNamespace fetch sidecarSet matched namespaces
func GetHotUpgradeContainerName ¶ added in v0.9.0
GetHotUpgradeContainerName returns format: mesh-1, mesh-2
func GetInjectedVolumeMountsAndEnvs ¶
func GetInjectedVolumeMountsAndEnvs(control SidecarControl, sidecarContainer *appsv1alpha1.SidecarContainer, pod *corev1.Pod) ([]corev1.VolumeMount, []corev1.EnvVar)
func GetPodHotUpgradeContainers ¶ added in v0.9.0
func GetPodHotUpgradeContainers(sidecarName string, pod *corev1.Pod) (workContainer, otherContainer string)
GetPodHotUpgradeContainers return two hot upgrade sidecar containers workContainer: currently working sidecar container, record in pod annotations[kruise.io/sidecarset-working-hotupgrade-container] otherContainer:
- empty container
- when in hot upgrading process, the older sidecar container
func GetPodHotUpgradeInfoInAnnotations ¶ added in v0.9.0
GetPodHotUpgradeInfoInAnnotations checks which hot upgrade sidecar container is working now format: sidecarset.spec.container[x].name -> pod.spec.container[x].name for example: mesh -> mesh-1, envoy -> envoy-2
func GetPodSidecarSetControllerRevision ¶ added in v1.0.1
func GetPodSidecarSetVersionAltAnnotation ¶ added in v0.9.0
func GetPodSidecarSetVersionAnnotation ¶ added in v0.9.0
GetPodSidecarSetVersionAnnotation is only used in hot upgrade container cName format: mesh-1, mesh-2
func GetPodsSortFunc ¶
func GetSidecarContainersInPod ¶
func GetSidecarContainersInPod(sidecarSet *appsv1alpha1.SidecarSet) sets.String
func GetSidecarSetRevision ¶
func GetSidecarSetRevision(sidecarSet *appsv1alpha1.SidecarSet) string
func GetSidecarSetWithoutImageRevision ¶
func GetSidecarSetWithoutImageRevision(sidecarSet *appsv1alpha1.SidecarSet) string
func GetSidecarTransferEnvs ¶
func GetSidecarTransferEnvs(sidecarContainer *appsv1alpha1.SidecarContainer, pod *corev1.Pod) (injectedEnvs []corev1.EnvVar)
func IsActivePod ¶
IsActivePod determines the pod whether need be injected and updated
func IsHotUpgradeContainer ¶ added in v0.9.0
func IsHotUpgradeContainer(sidecarContainer *appsv1alpha1.SidecarContainer) bool
IsHotUpgradeContainer indicates whether sidecar container update strategy is HotUpdate
func IsPodConsistentWithSidecarSet ¶ added in v1.0.1
func IsPodConsistentWithSidecarSet(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet) bool
func IsPodInjectedSidecarSet ¶ added in v1.0.1
func IsPodInjectedSidecarSet(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet) bool
func IsPodSidecarUpdated ¶
func IsPodSidecarUpdated(sidecarSet *appsv1alpha1.SidecarSet, pod *corev1.Pod) bool
whether this pod has been updated based on the latest sidecarSet
func IsSelectorNamespace ¶ added in v1.4.0
func IsSharePodVolumeMounts ¶
func IsSharePodVolumeMounts(container *appsv1alpha1.SidecarContainer) bool
func IsSidecarContainerUpdateCompleted ¶ added in v0.10.0
isContainerInplaceUpdateCompleted checks whether imageID in container status has been changed since in-place update. If the imageID in containerStatuses has not been changed, we assume that kubelet has not updated containers in Pod.
func MockSidecarSetForRevision ¶ added in v1.3.0
func MockSidecarSetForRevision(set *appsv1alpha1.SidecarSet) metav1.Object
func PatchPodMetadata ¶ added in v1.3.0
func PatchPodMetadata(originMetadata *metav1.ObjectMeta, patches []appsv1alpha1.SidecarSetPatchPodMetadata) (skip bool, err error)
PatchPodMetadata patch pod annotations and labels
func PodMatchedSidecarSet ¶
func PodMatchedSidecarSet(c client.Client, pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet) (bool, error)
PodMatchSidecarSet determines if pod match Selector of sidecar.
func SidecarSetHash ¶ added in v1.3.0
func SidecarSetHash(sidecarSet *appsv1alpha1.SidecarSet) (string, error)
SidecarSetHash returns a hash of the SidecarSet. The Containers are taken into account.
func SidecarSetHashWithoutImage ¶ added in v1.3.0
func SidecarSetHashWithoutImage(sidecarSet *appsv1alpha1.SidecarSet) (string, error)
SidecarSetHashWithoutImage calculates sidecars's container hash without its image we use this to determine if the sidecar reconcile needs to update a pod image
func UpdatePodSidecarSetHash ¶ added in v1.3.0
func UpdatePodSidecarSetHash(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet)
UpdatePodSidecarSetHash when sidecarSet in-place update sidecar container, Update sidecarSet hash in Pod annotations[kruise.io/sidecarset-hash]
func ValidateSidecarSetPatchMetadataWhitelist ¶ added in v1.3.0
func ValidateSidecarSetPatchMetadataWhitelist(c client.Client, sidecarSet *appsv1alpha1.SidecarSet) error
Types ¶
type HistoryControl ¶ added in v1.0.1
type HistoryControl interface { CreateControllerRevision(parent metav1.Object, revision *apps.ControllerRevision, collisionCount *int32) (*apps.ControllerRevision, error) NewRevision(s *appsv1alpha1.SidecarSet, namespace string, revision int64, collisionCount *int32) (*apps.ControllerRevision, error) NextRevision(revisions []*apps.ControllerRevision) int64 GetRevisionSelector(s *appsv1alpha1.SidecarSet) labels.Selector GetHistorySidecarSet(sidecarSet *appsv1alpha1.SidecarSet, revisionInfo *appsv1alpha1.SidecarSetInjectRevision) (*appsv1alpha1.SidecarSet, error) }
func NewHistoryControl ¶ added in v1.0.1
func NewHistoryControl(client client.Client) HistoryControl
type SidecarControl ¶
type SidecarControl interface { //*****common*****// // get sidecarset GetSidecarset() *appsv1alpha1.SidecarSet // when sidecarSet is not active, it will not perform injections and upgrades process. // You can re-implement the function IsActiveSidecarSet to indicate that this sidecarSet is no longer working by adding some sidecarSet flags, // for example: sidecarSet.Annotations[sidecarset.kruise.io/disabled] = "true" IsActiveSidecarSet() bool //*****inject portion*****// // whether need inject the volumeMount into container // when ShareVolumePolicy is enabled, the sidecar container will share the other container's VolumeMounts in the pod(don't contains the injected sidecar container). // You can reimplement the function NeedToInjectVolumeMount to filter out some of the volumes that don't need to be shared NeedToInjectVolumeMount(volumeMount v1.VolumeMount) bool // when update pod, judge whether inject sidecar container into pod // one can customize validation to allow sidecar addition after pod creation, and reimplement NeedToInjectInUpdatedPod to enable such injection in sidecarset NeedToInjectInUpdatedPod(pod, oldPod *v1.Pod, sidecarContainer *appsv1alpha1.SidecarContainer, injectedEnvs []v1.EnvVar, injectedMounts []v1.VolumeMount) (needInject bool, existSidecars []*appsv1alpha1.SidecarContainer, existVolumes []v1.Volume) // IsPodAvailabilityChanged check whether pod changed on updating trigger re-inject sidecar container // For update pod injection sidecar container scenario, this method can filter out many invalid update events, thus improving the overall webhook performance. IsPodAvailabilityChanged(pod, oldPod *v1.Pod) bool //*****upgrade portion*****// // IsPodStateConsistent indicates whether pod.spec and pod.status are consistent after updating the sidecar containers IsPodStateConsistent(pod *v1.Pod, sidecarContainers sets.String) bool // IsPodReady indicates whether pod is fully ready // 1. pod.Status.Phase == v1.PodRunning // 2. pod.condition PodReady == true // 3. whether empty sidecar container is HotUpgradeEmptyImage IsPodReady(pod *v1.Pod) bool // upgrade pod sidecar container to sidecarSet latest version // if container==nil means no change, no need to update, otherwise need to update UpgradeSidecarContainer(sidecarContainer *appsv1alpha1.SidecarContainer, pod *v1.Pod) *v1.Container // When upgrading the pod sidecar container, you need to record some in-place upgrade information in pod annotations, // which is needed by the sidecarset controller to determine whether the upgrade is completed. UpdatePodAnnotationsInUpgrade(changedContainers []string, pod *v1.Pod) // Is sidecarset can upgrade pods, // In Kubernetes native scenarios, only Container Image upgrades are allowed // When modifying other fields of the container, e.g. volumemounts, the sidecarSet will not depart to upgrade the sidecar container logic in-place, // and needs to be done by rebuilding the pod // consistent indicates pod.spec and pod.status is consistent, // when pod.spec.image is v2 and pod.status.image is v1, then it is inconsistent. IsSidecarSetUpgradable(pod *v1.Pod) (canUpgrade, consistent bool) }
func New ¶
func New(cs *appsv1alpha1.SidecarSet) SidecarControl
type SidecarSetUpgradeSpec ¶
type SidecarSetUpgradeSpec struct { UpdateTimestamp metav1.Time `json:"updateTimestamp"` SidecarSetHash string `json:"hash"` SidecarSetName string `json:"sidecarSetName"` SidecarList []string `json:"sidecarList"` // sidecarSet container list SidecarSetControllerRevision string `json:"controllerRevision,omitempty"` // sidecarSet controllerRevision name }
func GetPodSidecarSetUpgradeSpecInAnnotations ¶ added in v0.10.0
func GetPodSidecarSetUpgradeSpecInAnnotations(sidecarSetName, annotationKey string, pod metav1.Object) SidecarSetUpgradeSpec