oci

package
v1.26.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 16, 2024 License: Apache-2.0 Imports: 58 Imported by: 0

Documentation

Overview

Package oci implements an external Kubernetes cloud-provider for Oracle Cloud Infrastructure.

Index

Constants

View Source
const (
	DefaultLoadBalancerPolicy            = "ROUND_ROBIN"
	RoundRobinLoadBalancerPolicy         = "ROUND_ROBIN"
	LeastConnectionsLoadBalancerPolicy   = "LEAST_CONNECTIONS"
	IPHashLoadBalancerPolicy             = "IP_HASH"
	DefaultNetworkLoadBalancerPolicy     = "FIVE_TUPLE"
	NetworkLoadBalancingPolicyTwoTuple   = "TWO_TUPLE"
	NetworkLoadBalancingPolicyThreeTuple = "THREE_TUPLE"
	NetworkLoadBalancingPolicyFiveTuple  = "FIVE_TUPLE"
	LbOperationAlreadyExistsFmt          = "An operation for the %s: %s already exists."
)

Defines the traffic policy for load balancers created by the CCM.

View Source
const (
	// RuleManagementModeNsg denotes the management of loadbalancer ingress via NSG
	RuleManagementModeNsg = "NSG"
	// RuleManagementModeSlAll denotes the management of security list rules for load
	// balancer ingress/egress, health checkers, and worker ingress/egress.
	RuleManagementModeSlAll = "SL-All"
	// RuleManagementModeSlFrontend denotes the management of security list rules for load
	// balancer ingress only.
	RuleManagementModeSlFrontend = "SL-Frontend"
)
View Source
const (
	// ProtocolTCP is the IANA decimal protocol number for the Transmission
	// Control Protocol (TCP).
	ProtocolTCP = 6
	// ProtocolUDP is the IANA decimal protocol number for the User
	// Datagram Protocol (UDP).
	ProtocolUDP = 17
)
View Source
const (
	// ManagementModeAll denotes the management of security list rules for load
	// balancer ingress/egress, health checkers, and worker ingress/egress.
	ManagementModeAll = "All"
	// ManagementModeFrontend denotes the management of security list rules for load
	// balancer ingress only.
	ManagementModeFrontend = "Frontend"
	// ManagementModeNone denotes the management of no security list rules.
	ManagementModeNone = "None"
)
View Source
const (
	LB                        = "lb"
	NLB                       = "nlb"
	NSG                       = "NSG"
	LBHealthCheckIntervalMin  = 1000
	LBHealthCheckIntervalMax  = 1800000
	NLBHealthCheckIntervalMin = 10000
	NLBHealthCheckIntervalMax = 1800000
)
View Source
const (
	// ServiceAnnotationLoadBalancerInternal is a service annotation for
	// specifying that a load balancer should be internal.
	ServiceAnnotationLoadBalancerInternal = "service.beta.kubernetes.io/oci-load-balancer-internal"

	// ServiceAnnotationLoadBalancerShape is a Service annotation for
	// specifying the Shape of a load balancer. The shape is a template that
	// determines the load balancer's total pre-provisioned maximum capacity
	// (bandwidth) for ingress plus egress traffic. Available shapes include
	// "100Mbps", "400Mbps", "8000Mbps", and "flexible". When using
	// "flexible" ,it is required to also supply
	// ServiceAnnotationLoadBalancerShapeFlexMin and
	// ServiceAnnotationLoadBalancerShapeFlexMax.
	ServiceAnnotationLoadBalancerShape = "service.beta.kubernetes.io/oci-load-balancer-shape"

	// ServiceAnnotationLoadBalancerShapeFlexMin is a Service annotation for
	// specifying the minimum bandwidth in Mbps if the LB shape is flex.
	ServiceAnnotationLoadBalancerShapeFlexMin = "service.beta.kubernetes.io/oci-load-balancer-shape-flex-min"

	// ServiceAnnotationLoadBalancerShapeFlexMax is a Service annotation for
	// specifying the maximum bandwidth in Mbps if the shape is flex.
	ServiceAnnotationLoadBalancerShapeFlexMax = "service.beta.kubernetes.io/oci-load-balancer-shape-flex-max"

	// ServiceAnnotationLoadBalancerSubnet1 is a Service annotation for
	// specifying the first subnet of a load balancer.
	ServiceAnnotationLoadBalancerSubnet1 = "service.beta.kubernetes.io/oci-load-balancer-subnet1"

	// ServiceAnnotationLoadBalancerSubnet2 is a Service annotation for
	// specifying the second subnet of a load balancer.
	ServiceAnnotationLoadBalancerSubnet2 = "service.beta.kubernetes.io/oci-load-balancer-subnet2"

	// ServiceAnnotationLoadBalancerSSLPorts is a Service annotation for
	// specifying the ports to enable SSL termination on the corresponding load
	// balancer listener.
	ServiceAnnotationLoadBalancerSSLPorts = "service.beta.kubernetes.io/oci-load-balancer-ssl-ports"

	// ServiceAnnotationLoadBalancerTLSSecret is a Service annotation for
	// specifying the TLS secret to install on the load balancer listeners which
	// have SSL enabled.
	// See: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
	ServiceAnnotationLoadBalancerTLSSecret = "service.beta.kubernetes.io/oci-load-balancer-tls-secret"

	// ServiceAnnotationLoadBalancerTLSBackendSetSecret is a Service annotation for
	// specifying the generic secret to install on the load balancer listeners which
	// have SSL enabled.
	// See: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
	ServiceAnnotationLoadBalancerTLSBackendSetSecret = "service.beta.kubernetes.io/oci-load-balancer-tls-backendset-secret"

	// ServiceAnnotationLoadBalancerConnectionIdleTimeout is the annotation used
	// on the service to specify the idle connection timeout.
	ServiceAnnotationLoadBalancerConnectionIdleTimeout = "service.beta.kubernetes.io/oci-load-balancer-connection-idle-timeout"

	// ServiceAnnotationLoadBalancerConnectionProxyProtocolVersion is the annotation used
	// on the service to specify the proxy protocol version.
	ServiceAnnotationLoadBalancerConnectionProxyProtocolVersion = "service.beta.kubernetes.io/oci-load-balancer-connection-proxy-protocol-version"

	// ServiceAnnotationLoadBalancerSecurityListManagementMode is a Service annotation for
	// specifying the security list management mode ("All", "Frontend", "None") that configures how security lists are managed by the CCM
	ServiceAnnotationLoadBalancerSecurityListManagementMode = "service.beta.kubernetes.io/oci-load-balancer-security-list-management-mode"

	// ServiceAnnotationLoadBalancerHealthCheckRetries is the annotation used
	// on the service to specify the number of retries to attempt before a backend server is considered "unhealthy".
	ServiceAnnotationLoadBalancerHealthCheckRetries = "service.beta.kubernetes.io/oci-load-balancer-health-check-retries"

	// ServiceAnnotationLoadBalancerHealthCheckInterval is a Service annotation for
	// specifying the interval between health checks, in milliseconds.
	ServiceAnnotationLoadBalancerHealthCheckInterval = "service.beta.kubernetes.io/oci-load-balancer-health-check-interval"

	// ServiceAnnotationLoadBalancerHealthCheckTimeout is a Service annotation for
	// specifying the maximum time, in milliseconds, to wait for a reply to a health check. A health check is successful only if a reply
	// returns within this timeout period.
	ServiceAnnotationLoadBalancerHealthCheckTimeout = "service.beta.kubernetes.io/oci-load-balancer-health-check-timeout"

	// ServiceAnnotationLoadBalancerBEProtocol is a Service annotation for specifying the
	// load balancer listener backend protocol ("TCP", "HTTP").
	// See: https://docs.cloud.oracle.com/iaas/Content/Balance/Concepts/balanceoverview.htm#concepts
	ServiceAnnotationLoadBalancerBEProtocol = "service.beta.kubernetes.io/oci-load-balancer-backend-protocol"

	// ServiceAnnotationLoadBalancerNetworkSecurityGroups is a service annotation for
	// specifying Network security group Ids for the Loadbalancer
	ServiceAnnotationLoadBalancerNetworkSecurityGroups = "oci.oraclecloud.com/oci-network-security-groups"

	// ServiceAnnotationLoadBalancerPolicy is a service annotation for specifying
	// loadbalancer traffic policy("ROUND_ROBIN", "LEAST_CONNECTION", "IP_HASH")
	ServiceAnnotationLoadBalancerPolicy = "oci.oraclecloud.com/loadbalancer-policy"

	// ServiceAnnotationLoadBalancerInitialDefinedTagsOverride is a service annotation for specifying
	// defined tags on the LB
	ServiceAnnotationLoadBalancerInitialDefinedTagsOverride = "oci.oraclecloud.com/initial-defined-tags-override"

	// ServiceAnnotationLoadBalancerInitialFreeformTagsOverride is a service annotation for specifying
	// freeform tags on the LB
	ServiceAnnotationLoadBalancerInitialFreeformTagsOverride = "oci.oraclecloud.com/initial-freeform-tags-override"

	// ServiceAnnotationLoadBalancerType is a service annotation for specifying lb type
	ServiceAnnotationLoadBalancerType = "oci.oraclecloud.com/load-balancer-type"

	// ServiceAnnotationLoadBalancerNodeFilter is a service annotation to select specific nodes as your backend in the LB
	// based on label selector.
	ServiceAnnotationLoadBalancerNodeFilter = "oci.oraclecloud.com/node-label-selector"

	// ServiceAnnotationServiceAccountName is a service annotation to select Service Account to be used to
	// exchange for Workload Identity Token which can then be used for LB/NLB Client to communicate to OCI LB/NLB API.
	ServiceAnnotationServiceAccountName = "oci.oraclecloud.com/workload-service-account"

	// ServiceAnnotationLoadBalancerSecurityRuleManagementMode is a Service annotation for
	// specifying the security rule management mode ("SL-All", "SL-Frontend", "NSG", "None") that configures how security lists are managed by the CCM
	ServiceAnnotationLoadBalancerSecurityRuleManagementMode = "oci.oraclecloud.com/security-rule-management-mode"

	// ServiceAnnotationBackendSecurityRuleManagement is a service annotation to denote management of backend Network Security Group(s)
	// ingress / egress security rules for a given kubernetes service could be either LB or NLB
	ServiceAnnotationBackendSecurityRuleManagement = "oci.oraclecloud.com/oci-backend-network-security-group"
)
View Source
const (
	// ServiceAnnotationNetworkLoadBalancerInternal is a service annotation for
	// specifying that a network load balancer should be internal
	ServiceAnnotationNetworkLoadBalancerInternal = "oci-network-load-balancer.oraclecloud.com/internal"

	// ServiceAnnotationNetworkLoadBalancerSubnet is a Service annotation for
	// specifying the first subnet of a network load balancer
	ServiceAnnotationNetworkLoadBalancerSubnet = "oci-network-load-balancer.oraclecloud.com/subnet"

	// ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups is a Service annotation for
	// specifying network security group id's for the network load balancer
	ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups = "oci-network-load-balancer.oraclecloud.com/oci-network-security-groups"

	// ServiceAnnotationNetworkLoadBalancerHealthCheckRetries is the annotation used
	// The number of retries to attempt before a backend server is considered "unhealthy".
	ServiceAnnotationNetworkLoadBalancerHealthCheckRetries = "oci-network-load-balancer.oraclecloud.com/health-check-retries"

	// ServiceAnnotationNetworkLoadBalancerHealthCheckInterval is a Service annotation for
	// The interval between health checks requests, in milliseconds.
	ServiceAnnotationNetworkLoadBalancerHealthCheckInterval = "oci-network-load-balancer.oraclecloud.com/health-check-interval"

	// ServiceAnnotationNetworkLoadBalancerHealthCheckTimeout is a Service annotation for
	// The maximum time, in milliseconds, to wait for a reply to a health check. A health check is successful only if a reply returns within this timeout period.
	ServiceAnnotationNetworkLoadBalancerHealthCheckTimeout = "oci-network-load-balancer.oraclecloud.com/health-check-timeout"

	// ServiceAnnotationNetworkLoadBalancerBackendPolicy is a Service annotation for
	// The network load balancer policy for the backend set.
	ServiceAnnotationNetworkLoadBalancerBackendPolicy = "oci-network-load-balancer.oraclecloud.com/backend-policy"

	// ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode is a Service annotation for
	// specifying the security list management mode ("All", "Frontend", "None") that configures how security lists are managed by the CCM
	ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode = "oci-network-load-balancer.oraclecloud.com/security-list-management-mode"

	// ServiceAnnotationNetworkLoadBalancerDefinedTags is a service annotation for specifying
	// defined tags on the nlb
	// DEPRECATED
	ServiceAnnotationNetworkLoadBalancerDefinedTags = "oci-network-load-balancer.oraclecloud.com/defined-tags"

	// ServiceAnnotationNetworkLoadBalancerFreeformTags is a service annotation for specifying
	// freeform tags on the nlb
	// DEPRECATED
	ServiceAnnotationNetworkLoadBalancerFreeformTags = "oci-network-load-balancer.oraclecloud.com/freeform-tags"

	// ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride is a service annotation for specifying
	// defined tags on the nlb
	ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride = "oci-network-load-balancer.oraclecloud.com/initial-defined-tags-override"

	// ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride is a service annotation for specifying
	// freeform tags on the nlb
	ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride = "oci-network-load-balancer.oraclecloud.com/initial-freeform-tags-override"

	// ServiceAnnotationNetworkLoadBalancerNodeFilter is a service annotation to select specific nodes as your backend in the NLB
	// based on label selector.
	ServiceAnnotationNetworkLoadBalancerNodeFilter = "oci-network-load-balancer.oraclecloud.com/node-label-selector"

	// ServiceAnnotationNetworkLoadBalancerIsPreserveSource is a service annotation to enable/disable preserving source information
	// on the NLB traffic. Default value when no annotation is given is to enable this for NLBs with externalTrafficPolicy=Local.
	ServiceAnnotationNetworkLoadBalancerIsPreserveSource = "oci-network-load-balancer.oraclecloud.com/is-preserve-source"
)

NLB specific annotations

View Source
const (
	// SSLCAFileName is a key name for ca data in the secrets config.
	SSLCAFileName = "ca.crt"
	// SSLCertificateFileName is a key name for certificate data in the secrets config.
	SSLCertificateFileName = "tls.crt"
	// SSLPrivateKeyFileName is a key name for cartificate private key in the secrets config.
	SSLPrivateKeyFileName = "tls.key"
	// SSLPassphrase is a key name for certificate passphrase in the secrets config.
	SSLPassphrase = "passphrase"
)
View Source
const (
	// Create the resource as it doesn't exist yet.
	Create = "create"
	// Update the resource.
	Update = "update"
	// Delete the resource.
	Delete = "delete"
	// List the resource
	List = "list"
	// Get the resource
	Get = "get"
)
View Source
const (
	FaultDomainLabel        = "oci.oraclecloud.com/fault-domain"
	CompartmentIDAnnotation = "oci.oraclecloud.com/compartment-id"
)

metadata labeling for placement info

View Source
const DefaultLoadBalancerBEProtocol = "TCP"

DefaultLoadBalancerBEProtocol defines the default protocol for load balancer listeners created by the CCM.

View Source
const DefaultNetworkLoadBalancerListenerProtocol = "TCP"

DefaultNetworkLoadBalancerListenerProtocol defines the default protocol for network load balancer listeners created by the CCM.

View Source
const MaxNsgPerVnic = 5

MaxNsgPerVnic is the maximum number of NSGs that can be attached to a vnic https://docs.oracle.com/en-us/iaas/Content/General/Concepts/servicelimits.htm#nsg_limits

View Source
const ProtocolTypeMixed = "TCP_AND_UDP"

Variables

View Source
var ServiceAccountTokenExpiry = int64(serviceAccountTokenExpiry)

Functions

func DeepEqualLists

func DeepEqualLists(listA, listB []string) bool

DeepEqualLists diffs two slices and returns bool if the slices are equal/not-equal. the duplicates and order of items in both lists is ignored.

func GetLoadBalancerName

func GetLoadBalancerName(service *api.Service) string

GetLoadBalancerName gets the name of the load balancer based on the service

func MapProviderIDToResourceID added in v1.26.3

func MapProviderIDToResourceID(providerID string) (string, error)

MapProviderIDToResourceID parses the provider id and returns the instance ocid.

func NewCloudProvider

func NewCloudProvider(config *providercfg.Config) (cloudprovider.Interface, error)

NewCloudProvider creates a new oci.CloudProvider.

func NewLoadBalancerLocks added in v1.25.2

func NewLoadBalancerLocks() *loadBalancerLocks

func NodeInternalIP

func NodeInternalIP(node *api.Node) string

NodeInternalIP returns the nodes internal ip A node managed by the CCM will always have an internal ip since it's not possible to deploy an instance without a private ip.

func ProviderName

func ProviderName() string

ProviderName uniquely identifies the Oracle Bare Metal Cloud Services (OCI) cloud-provider.

func RemoveDuplicatesFromList

func RemoveDuplicatesFromList(list []string) []string

RemoveDuplicatesFromList takes Slice and returns new Slice with no duplicate elements (e.g. if given list is {"a", "b", "a"}, function returns new slice with {"a", "b"}

Types

type Action

type Action interface {
	Type() ActionType
	Name() string
}

Action that should take place on the resource.

type ActionType

type ActionType string

ActionType specifies what action should be taken on the resource.

type BackendSetAction

type BackendSetAction struct {
	Action

	BackendSet client.GenericBackendSetDetails

	Ports    portSpec
	OldPorts *portSpec
	// contains filtered or unexported fields
}

BackendSetAction denotes the action that should be taken on the given BackendSet.

func (*BackendSetAction) Name

func (b *BackendSetAction) Name() string

Name of the action's object.

func (*BackendSetAction) String

func (b *BackendSetAction) String() string

func (*BackendSetAction) Type

func (b *BackendSetAction) Type() ActionType

Type of the Action.

type Clientset added in v1.25.2

type Clientset struct {
	*fake.Clientset
	// contains filtered or unexported fields
}

Clientset implements clientset.Interface. Meant to be embedded into a struct to get a default implementation. This makes faking out just the method you want to test easier.

func NewSimpleClientset added in v1.25.2

func NewSimpleClientset(objects ...runtime.Object) *Clientset

NewSimpleClientset returns a clientset that will respond with the provided objects. It's backed by a very simple object tracker that processes creates, updates and deletions as-is, without applying any validations and/or defaults. It shouldn't be considered a replacement for a real clientset and is mostly useful in simple unit tests.

func (*Clientset) CoreV1 added in v1.25.2

func (c *Clientset) CoreV1() corev1.CoreV1Interface

CoreV1 retrieves the CoreV1Client

type CloudLoadBalancerProvider added in v1.19.12

type CloudLoadBalancerProvider struct {
	// contains filtered or unexported fields
}

CloudLoadBalancerProvider is an implementation of the cloud-provider struct

type CloudProvider

type CloudProvider struct {
	// NodeLister provides a cache to lookup nodes for deleting a load balancer.
	// Due to limitations in the OCI API around going from an IP to a subnet
	// we use the node lister to go from IP -> node / provider id -> ... -> subnet
	NodeLister listersv1.NodeLister

	// ServiceAccountLister provides a cache to lookup Service Accounts to exchange
	// with Worker Identity which then can be used to communicate with OCI services.
	ServiceAccountLister listersv1.ServiceAccountLister
	// contains filtered or unexported fields
}

CloudProvider is an implementation of the cloud-provider interface for OCI.

func (*CloudProvider) AddSSHKeyToAllInstances

func (cp *CloudProvider) AddSSHKeyToAllInstances(ctx context.Context, user string, keyData []byte) error

AddSSHKeyToAllInstances adds an SSH public key as a legal identity for all instances expected format for the key is standard ssh-keygen format: <protocol> <blob>

func (*CloudProvider) Clusters

func (cp *CloudProvider) Clusters() (cloudprovider.Clusters, bool)

Clusters returns a clusters interface. Also returns true if the interface is supported, false otherwise.

func (*CloudProvider) CurrentNodeName

func (cp *CloudProvider) CurrentNodeName(ctx context.Context, hostname string) (types.NodeName, error)

CurrentNodeName returns the name of the node we are currently running on On most clouds (e.g. GCE) this is the hostname, so we provide the hostname

func (*CloudProvider) EnsureLoadBalancer

func (cp *CloudProvider) EnsureLoadBalancer(ctx context.Context, clusterName string, service *v1.Service, clusterNodes []*v1.Node) (*v1.LoadBalancerStatus, error)

EnsureLoadBalancer creates a new load balancer or updates the existing one. Returns the status of the balancer (i.e it's public IP address if one exists).

func (*CloudProvider) EnsureLoadBalancerDeleted

func (cp *CloudProvider) EnsureLoadBalancerDeleted(ctx context.Context, clusterName string, service *v1.Service) error

EnsureLoadBalancerDeleted deletes the specified load balancer if it exists, returning nil if the load balancer specified either didn't exist or was successfully deleted.

func (*CloudProvider) GetLoadBalancer

func (cp *CloudProvider) GetLoadBalancer(ctx context.Context, clusterName string, service *v1.Service) (*v1.LoadBalancerStatus, bool, error)

GetLoadBalancer returns whether the specified load balancer exists, and if so, what its status is.

func (*CloudProvider) GetLoadBalancerName

func (cp *CloudProvider) GetLoadBalancerName(ctx context.Context, clusterName string, service *v1.Service) string

GetLoadBalancerName returns the name of the loadbalancer

func (*CloudProvider) GetZone

func (cp *CloudProvider) GetZone(ctx context.Context) (cloudprovider.Zone, error)

GetZone returns the Zone containing the current failure zone and locality region that the program is running in.

func (*CloudProvider) GetZoneByNodeName

func (cp *CloudProvider) GetZoneByNodeName(ctx context.Context, nodeName types.NodeName) (cloudprovider.Zone, error)

GetZoneByNodeName returns the Zone containing the current zone and locality region of the node specified by node name This method is particularly used in the context of external cloud providers where node initialization must be down outside the kubelets.

func (*CloudProvider) GetZoneByProviderID

func (cp *CloudProvider) GetZoneByProviderID(ctx context.Context, providerID string) (cloudprovider.Zone, error)

GetZoneByProviderID returns the Zone containing the current zone and locality region of the node specified by providerID This method is particularly used in the context of external cloud providers where node initialization must be down outside the kubelets.

func (*CloudProvider) HasClusterID

func (cp *CloudProvider) HasClusterID() bool

HasClusterID returns true if the cluster has a clusterID.

func (*CloudProvider) Initialize

func (cp *CloudProvider) Initialize(clientBuilder cloudprovider.ControllerClientBuilder, stop <-chan struct{})

Initialize passes a Kubernetes clientBuilder interface to the cloud provider.

func (*CloudProvider) InstanceExistsByProviderID

func (cp *CloudProvider) InstanceExistsByProviderID(ctx context.Context, providerID string) (bool, error)

InstanceExistsByProviderID returns true if the instance for the given provider id still is running. If false is returned with no error, the instance will be immediately deleted by the cloud controller manager.

func (*CloudProvider) InstanceID

func (cp *CloudProvider) InstanceID(ctx context.Context, nodeName types.NodeName) (string, error)

InstanceID returns the cloud provider ID of the node with the specified NodeName.

func (*CloudProvider) InstanceShutdownByProviderID

func (cp *CloudProvider) InstanceShutdownByProviderID(ctx context.Context, providerID string) (bool, error)

InstanceShutdownByProviderID returns true if the instance is shutdown in cloudprovider.

func (*CloudProvider) InstanceType

func (cp *CloudProvider) InstanceType(ctx context.Context, name types.NodeName) (string, error)

InstanceType returns the type of the specified instance.

func (*CloudProvider) InstanceTypeByProviderID

func (cp *CloudProvider) InstanceTypeByProviderID(ctx context.Context, providerID string) (string, error)

InstanceTypeByProviderID returns the type of the specified instance.

func (*CloudProvider) Instances

func (cp *CloudProvider) Instances() (cloudprovider.Instances, bool)

Instances returns an instances interface. Also returns true if the interface is supported, false otherwise.

func (*CloudProvider) InstancesV2

func (cp *CloudProvider) InstancesV2() (cloudprovider.InstancesV2, bool)

func (*CloudProvider) LoadBalancer

func (cp *CloudProvider) LoadBalancer() (cloudprovider.LoadBalancer, bool)

LoadBalancer returns a balancer interface. Also returns true if the interface is supported, false otherwise.

func (*CloudProvider) NodeAddresses

func (cp *CloudProvider) NodeAddresses(ctx context.Context, name types.NodeName) ([]api.NodeAddress, error)

NodeAddresses returns the addresses of the specified instance. TODO(roberthbailey): This currently is only used in such a way that it returns the address of the calling instance. We should do a rename to make this clearer.

func (*CloudProvider) NodeAddressesByProviderID

func (cp *CloudProvider) NodeAddressesByProviderID(ctx context.Context, providerID string) ([]api.NodeAddress, error)

NodeAddressesByProviderID returns the addresses of the specified instance. The instance is specified using the providerID of the node. The ProviderID is a unique identifier of the node. This will not be called from the node whose nodeaddresses are being queried. i.e. local metadata services cannot be used in this method to obtain nodeaddresses.

func (*CloudProvider) ProviderName

func (cp *CloudProvider) ProviderName() string

ProviderName returns the cloud-provider ID.

func (*CloudProvider) Routes

func (cp *CloudProvider) Routes() (cloudprovider.Routes, bool)

Routes returns a routes interface along with whether the interface is supported.

func (*CloudProvider) ScrubDNS

func (cp *CloudProvider) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []string)

ScrubDNS provides an opportunity for cloud-provider-specific code to process DNS settings for pods.

func (*CloudProvider) UpdateLoadBalancer

func (cp *CloudProvider) UpdateLoadBalancer(ctx context.Context, clusterName string, service *v1.Service, nodes []*v1.Node) error

UpdateLoadBalancer updates an existing loadbalancer

func (*CloudProvider) Zones

func (cp *CloudProvider) Zones() (cloudprovider.Zones, bool)

Zones returns a zones interface. Also returns true if the interface is supported, false otherwise.

type FakeCoreV1 added in v1.25.2

type FakeCoreV1 struct {
	*fakecorev1.FakeCoreV1
	*testing.Fake
}

func (*FakeCoreV1) ServiceAccounts added in v1.25.2

func (c *FakeCoreV1) ServiceAccounts(namespace string) corev1.ServiceAccountInterface

type FakeServiceAccounts added in v1.25.2

type FakeServiceAccounts struct {
	Fake *FakeCoreV1
	// contains filtered or unexported fields
}

FakeServiceAccounts implements ServiceAccountInterface

func (*FakeServiceAccounts) Apply added in v1.25.2

Apply takes the given apply declarative configuration, applies it and returns the applied serviceAccount.

func (*FakeServiceAccounts) Create added in v1.25.2

func (c *FakeServiceAccounts) Create(ctx context.Context, serviceAccount *apicorev1.ServiceAccount, opts v1.CreateOptions) (result *apicorev1.ServiceAccount, err error)

Create takes the representation of a serviceAccount and creates it. Returns the server's representation of the serviceAccount, and an error, if there is any.

func (*FakeServiceAccounts) CreateToken added in v1.25.2

func (c *FakeServiceAccounts) CreateToken(ctx context.Context, serviceAccountName string, tokenRequest *apiauthenticationv1.TokenRequest, opts v1.CreateOptions) (result *apiauthenticationv1.TokenRequest, err error)

CreateToken takes the representation of a tokenRequest and creates it. Returns the server's representation of the tokenRequest, and an error, if there is any.

func (*FakeServiceAccounts) Delete added in v1.25.2

func (c *FakeServiceAccounts) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error

Delete takes name of the serviceAccount and deletes it. Returns an error if one occurs.

func (*FakeServiceAccounts) DeleteCollection added in v1.25.2

func (c *FakeServiceAccounts) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error

DeleteCollection deletes a collection of objects.

func (*FakeServiceAccounts) Get added in v1.25.2

func (c *FakeServiceAccounts) Get(ctx context.Context, name string, options v1.GetOptions) (result *apicorev1.ServiceAccount, err error)

Get takes name of the serviceAccount, and returns the corresponding serviceAccount object, and an error if there is any.

func (*FakeServiceAccounts) List added in v1.25.2

List takes label and field selectors, and returns the list of ServiceAccounts that match those selectors.

func (*FakeServiceAccounts) Patch added in v1.25.2

func (c *FakeServiceAccounts) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *apicorev1.ServiceAccount, err error)

Patch applies the patch and returns the patched serviceAccount.

func (*FakeServiceAccounts) Update added in v1.25.2

func (c *FakeServiceAccounts) Update(ctx context.Context, serviceAccount *apicorev1.ServiceAccount, opts v1.UpdateOptions) (result *apicorev1.ServiceAccount, err error)

Update takes the representation of a serviceAccount and updates it. Returns the server's representation of the serviceAccount, and an error, if there is any.

func (*FakeServiceAccounts) Watch added in v1.25.2

Watch returns a watch.Interface that watches the requested serviceAccounts.

type LBSpec

type LBSpec struct {
	Type             string
	Name             string
	Shape            string
	FlexMin          *int
	FlexMax          *int
	Subnets          []string
	Internal         bool
	Listeners        map[string]client.GenericListener
	BackendSets      map[string]client.GenericBackendSetDetails
	LoadBalancerIP   string
	IsPreserveSource *bool
	Ports            map[string]portSpec
	SourceCIDRs      []string
	SSLConfig        *SSLConfig

	ManagedNetworkSecurityGroup *ManagedNetworkSecurityGroup
	NetworkSecurityGroupIds     []string
	FreeformTags                map[string]string
	DefinedTags                 map[string]map[string]interface{}
	// contains filtered or unexported fields
}

LBSpec holds the data required to build a OCI load balancer from a kubernetes service.

func NewLBSpec

func NewLBSpec(logger *zap.SugaredLogger, svc *v1.Service, nodes []*v1.Node, subnets []string, sslConfig *SSLConfig, secListFactory securityListManagerFactory, initialLBTags *config.InitialTags, existingLB *client.GenericLoadBalancer) (*LBSpec, error)

NewLBSpec creates a LB Spec from a Kubernetes service and a slice of nodes.

func (*LBSpec) Certificates

func (s *LBSpec) Certificates() (map[string]client.GenericCertificate, error)

Certificates builds a map of required SSL certificates.

type ListenerAction

type ListenerAction struct {
	Action

	Listener client.GenericListener

	Ports    portSpec
	OldPorts *portSpec
	// contains filtered or unexported fields
}

ListenerAction denotes the action that should be taken on the given Listener.

func (*ListenerAction) Name

func (l *ListenerAction) Name() string

Name of the action's object.

func (*ListenerAction) String

func (l *ListenerAction) String() string

func (*ListenerAction) Type

func (l *ListenerAction) Type() ActionType

Type of the Action.

type ManagedNetworkSecurityGroup added in v1.26.3

type ManagedNetworkSecurityGroup struct {
	// contains filtered or unexported fields
}

type NodeInfoController

type NodeInfoController struct {
	// contains filtered or unexported fields
}

NodeInfoController helps compute workers in the cluster

func NewNodeInfoController

func NewNodeInfoController(
	nodeInformer coreinformers.NodeInformer,
	kubeClient clientset.Interface,
	cloud *CloudProvider,
	logger *zap.SugaredLogger,
	instanceCache cache.Store,
	ociClient client.Interface) *NodeInfoController

NewNodeInfoController creates a NodeInfoController object

func (*NodeInfoController) Run

func (nic *NodeInfoController) Run(stopCh <-chan struct{})

Run will start the NodeInfoController and manage shutdown

type SSLConfig

type SSLConfig struct {
	Ports sets.Int

	ListenerSSLSecretName      string
	ListenerSSLSecretNamespace string

	BackendSetSSLSecretName      string
	BackendSetSSLSecretNamespace string
	// contains filtered or unexported fields
}

SSLConfig is a description of a SSL certificate.

func NewSSLConfig

func NewSSLConfig(secretListenerString string, secretBackendSetString string, service *v1.Service, ports []int, ssr sslSecretReader) *SSLConfig

NewSSLConfig constructs a new SSLConfig.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL