Documentation ¶
Index ¶
- Constants
- func OwnerLabels(contour *Contour) map[string]string
- type AWSLoadBalancerParameters
- type AWSLoadBalancerType
- type AzureLoadBalancerParameters
- type Contour
- func (c *Contour) CommonAnnotations() map[string]string
- func (c *Contour) CommonLabels() map[string]string
- func (c *Contour) ContourCertsSecretName() string
- func (c *Contour) ContourConfigurationName() string
- func (c *Contour) ContourDeploymentName() string
- func (c *Contour) ContourNodeSelectorExists() bool
- func (c *Contour) ContourRBACNames() RBACNames
- func (c *Contour) ContourServiceName() string
- func (c *Contour) ContourTolerationsExist() bool
- func (c *Contour) EnvoyCertsSecretName() string
- func (c *Contour) EnvoyDataPlaneName() string
- func (c *Contour) EnvoyNodeSelectorExists() bool
- func (c *Contour) EnvoyRBACNames() RBACNames
- func (c *Contour) EnvoyServiceName() string
- func (c *Contour) EnvoyTolerationsExist() bool
- func (c *Contour) LeaderElectionLeaseName() string
- func (c *Contour) WatchAllNamespaces() bool
- func (c *Contour) WorkloadLabels() map[string]string
- type ContourNodePlacement
- type ContourSpec
- type EnvoyNetworkPublishing
- type EnvoyNodePlacement
- type GCPLoadBalancerParameters
- type LoadBalancerProviderType
- type LoadBalancerScope
- type LoadBalancerStrategy
- type NamespaceSpec
- type NetworkPublishing
- type NetworkPublishingType
- type NodePlacement
- type Port
- type ProviderLoadBalancerParameters
- type RBACNames
- type WorkloadType
Constants ¶
const ( // ContourOwningGatewayNameLabel is the Contour-defined owner reference label applied // to generated resources. The value should be the name of the Gateway. ContourOwningGatewayNameLabel = "projectcontour.io/owning-gateway-name" // GatewayAPIOwningGatewayNameLabel is the Gateway API-defined owner reference label applied // to generated resources. The value should be the name of the Gateway. GatewayAPIOwningGatewayNameLabel = "gateway.networking.k8s.io/gateway-name" )
const ( // A Kubernetes DaemonSet. WorkloadTypeDaemonSet = contourv1alpha1.WorkloadTypeDaemonSet // A Kubernetes Deployment. WorkloadTypeDeployment = contourv1alpha1.WorkloadTypeDeployment )
const ( // ContourAvailableConditionType indicates that the contour is running // and available. ContourAvailableConditionType = "Available" )
Variables ¶
This section is empty.
Functions ¶
func OwnerLabels ¶
OwnerLabels returns owner labels for the provided contour.
Types ¶
type AWSLoadBalancerParameters ¶
type AWSLoadBalancerParameters struct { // Type is the type of AWS load balancer to manage. // // Valid values are: // // * "Classic": A Classic load balancer makes routing decisions at either the // transport layer (TCP/SSL) or the application layer (HTTP/HTTPS). See // the following for additional details: // // https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#clb // // * "NLB": A Network load balancer makes routing decisions at the transport // layer (TCP/SSL). See the following for additional details: // // https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#nlb // // If unset, defaults to "Classic". Type AWSLoadBalancerType // AllocationIDs is a list of Allocation IDs of Elastic IP addresses that are // to be assigned to the Network Load Balancer. Works only with type NLB. // If you are using Amazon EKS 1.16 or later, you can assign Elastic IP addresses // to Network Load Balancer with AllocationIDs. The number of Allocation IDs // must match the number of subnets used for the load balancer. // // Example: "eipalloc-<xxxxxxxxxxxxxxxxx>" // // See: https://docs.aws.amazon.com/eks/latest/userguide/load-balancing.html AllocationIDs []string }
AWSLoadBalancerParameters provides configuration settings that are specific to AWS load balancers.
type AWSLoadBalancerType ¶
type AWSLoadBalancerType string
AWSLoadBalancerType is the type of AWS load balancer to manage.
const ( AWSClassicLoadBalancer AWSLoadBalancerType = "Classic" AWSNetworkLoadBalancer AWSLoadBalancerType = "NLB" )
type AzureLoadBalancerParameters ¶
type AzureLoadBalancerParameters struct { // Address is the desired load balancer IP address. If scope is "Internal", address // must reside in same virtual network as AKS and must not already be assigned // to a resource. If address does not reside in same subnet as AKS, the subnet // parameter is also required. // // Address must already exist (e.g. `az network public-ip create`). // // See: // https://docs.microsoft.com/en-us/azure/aks/static-ip#create-a-service-using-the-static-ip-address // https://docs.microsoft.com/en-us/azure/aks/internal-lb#specify-an-ip-address Address *string // ResourceGroup is the resource group name where the "address" resides. Relevant // only if scope is "External". // // Omit if desired IP is created in same resource group as AKS cluster. ResourceGroup *string // Subnet is the subnet name where the "address" resides. Relevant only // if scope is "Internal" and desired IP does not reside in same subnet as AKS. // // Omit if desired IP is in same subnet as AKS cluster. // // See: https://docs.microsoft.com/en-us/azure/aks/internal-lb#specify-an-ip-address Subnet *string }
type Contour ¶
type Contour struct { metav1.ObjectMeta `json:"metadata,omitempty"` // Spec defines the desired state of Contour. Spec ContourSpec `json:"spec,omitempty"` }
Contour is the representation of an instance of Contour + Envoy.
func (*Contour) CommonAnnotations ¶ added in v1.28.0
CommonAnnotations returns annotations to apply to all generated resources.
func (*Contour) CommonLabels ¶ added in v1.28.0
CommonLabels returns labels to apply to all generated resources. Note that WorkloadLabels should be used in place of CommonLabels for the Contour and Envoy workload resources.
func (*Contour) ContourCertsSecretName ¶
ContourCertsSecretName returns the name of the Contour xDS TLS certs Secret resource.
func (*Contour) ContourConfigurationName ¶
ContourConfigurationName returns the name of the ContourConfiguration resource.
func (*Contour) ContourDeploymentName ¶
ContourDeploymentName returns the name of the Contour Deployment resource.
func (*Contour) ContourNodeSelectorExists ¶
ContourNodeSelectorExists returns true if a nodeSelector is specified for Contour.
func (*Contour) ContourRBACNames ¶
ContourRBACNames returns the names of the RBAC resources for the Contour deployment.
func (*Contour) ContourServiceName ¶
ContourServiceName returns the name of the Contour Service resource.
func (*Contour) ContourTolerationsExist ¶
ContourTolerationsExist returns true if tolerations are set for Contour.
func (*Contour) EnvoyCertsSecretName ¶
EnvoyCertsSecretName returns the name of the Envoy xDS TLS certs Secret resource.
func (*Contour) EnvoyDataPlaneName ¶
EnvoyDataPlaneName returns the name of the Envoy data plane (DaemonSet or Deployment) resource.
func (*Contour) EnvoyNodeSelectorExists ¶
EnvoyNodeSelectorExists returns true if a nodeSelector is specified for Envoy.
func (*Contour) EnvoyRBACNames ¶
EnvoyRBACNames returns the names of the RBAC resources for the Envoy daemonset.
func (*Contour) EnvoyServiceName ¶
EnvoyServiceName returns the name of the Envoy Service resource.
func (*Contour) EnvoyTolerationsExist ¶
EnvoyTolerationsExist returns true if tolerations are set for Envoy.
func (*Contour) LeaderElectionLeaseName ¶
LeaderElectionLeaseName returns the name of the Contour leader election Lease resource.
func (*Contour) WatchAllNamespaces ¶ added in v1.28.0
func (*Contour) WorkloadLabels ¶ added in v1.28.0
WorkloadLabels returns labels to apply to the Contour and Envoy workloads (i.e. deployment(s)/daemonset).
type ContourNodePlacement ¶
type ContourNodePlacement struct { // NodeSelector is the simplest recommended form of node selection constraint // and specifies a map of key-value pairs. For the Contour pod to be eligible // to run on a node, the node must have each of the indicated key-value pairs // as labels (it can have additional labels as well). // // If unset, the Contour pod(s) will be scheduled to any available node. NodeSelector map[string]string // Tolerations work with taints to ensure that Envoy pods are not scheduled // onto inappropriate nodes. One or more taints are applied to a node; this // marks that the node should not accept any pods that do not tolerate the // taints. // // The default is an empty list. // // See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ // for additional details. Tolerations []corev1.Toleration }
ContourNodePlacement describes node scheduling configuration for Contour pods. If nodeSelector and tolerations are specified, the scheduler will use both to determine where to place the Contour pod(s).
type ContourSpec ¶
type ContourSpec struct { // ContourReplicas is the desired number of Contour replicas. If unset, // defaults to 2. ContourReplicas int32 // EnvoyReplicas is the desired number of Envoy replicas. If WorkloadType // is not "Deployment", this field is ignored. Otherwise, if unset, // defaults to 2. EnvoyReplicas int32 // NetworkPublishing defines the schema for publishing Contour to a network. // // See each field for additional details. NetworkPublishing NetworkPublishing // GatewayControllerName is used to determine which GatewayClass // Contour reconciles. The string takes the form of // "projectcontour.io/<namespace>/contour". If unset, Contour will not // reconcile Gateway API resources. GatewayControllerName *string // IngressClassName is the name of the IngressClass used by Contour. If unset, // Contour will process all ingress objects without an ingress class annotation // or ingress objects with an annotation matching ingress-class=contour. When // specified, Contour will only process ingress objects that match the provided // class. // // For additional IngressClass details, refer to: // https://projectcontour.io/docs/main/config/annotations/#ingress-class IngressClassName *string // ContourLogLevel sets the log level for Contour // Allowed values are "info", "debug". ContourLogLevel contourv1alpha1.LogLevel // NodePlacement enables scheduling of Contour and Envoy pods onto specific nodes. // // See each field for additional details. NodePlacement *NodePlacement // EnableExternalNameService enables ExternalName Services. // ExternalName Services are disabled by default due to CVE-2021-XXXXX // You can re-enable them by setting this setting to "true". // This is not recommended without understanding the security implications. // Please see the advisory at https://github.com/projectcontour/contour/security/advisories/GHSA-5ph6-qq5x-7jwc for the details. EnableExternalNameService *bool // RuntimeSettings is any user-defined ContourConfigurationSpec to use when provisioning. RuntimeSettings *contourv1alpha1.ContourConfigurationSpec // EnvoyWorkloadType is the way to deploy Envoy, either "DaemonSet" or "Deployment". EnvoyWorkloadType WorkloadType // KubernetesLogLevel Enable Kubernetes client debug logging with log level. If unset, // defaults to 0. KubernetesLogLevel uint8 // An update strategy to replace existing Envoy DaemonSet pods with new pods. // when envoy be running as a `Deployment`,it's must be nil // +optional EnvoyDaemonSetUpdateStrategy appsv1.DaemonSetUpdateStrategy // The deployment strategy to use to replace existing Envoy pods with new ones. // when envoy be running as a `DaemonSet`,it's must be nil EnvoyDeploymentStrategy appsv1.DeploymentStrategy // The deployment strategy to use to replace existing Contour pods with new ones. // when envoy be running as a `DaemonSet`,it's must be nil ContourDeploymentStrategy appsv1.DeploymentStrategy // ResourceLabels is a set of labels to add to the provisioned resources. ResourceLabels map[string]string // ResourceAnnotations is a set of annotations to add to the provisioned resources. ResourceAnnotations map[string]string // EnvoyExtraVolumes holds the extra volumes to add to envoy's pod. EnvoyExtraVolumes []corev1.Volume // EnvoyExtraVolumeMounts holds the extra volume mounts to add to envoy's pod(normally used with envoyExtraVolumes). EnvoyExtraVolumeMounts []corev1.VolumeMount // EnvoyPodAnnotations holds the annotations that will be add to the envoy‘s pod. // the annotations: "prometheus.io/scrape", "prometheus.io/port", "prometheus.io/path" will be overwritten with predefined value. EnvoyPodAnnotations map[string]string // ContourPodAnnotations holds the annotations that will be add to the contour's pod. // the annotations: "prometheus.io/scrape", "prometheus.io/port" will be overwritten with predefined value. ContourPodAnnotations map[string]string // Compute Resources required by envoy container. EnvoyResources corev1.ResourceRequirements // Compute Resources required by contour container. ContourResources corev1.ResourceRequirements // EnvoyLogLevel sets the log level for Envoy // Allowed values are "trace", "debug", "info", "warn", "error", "critical", "off". EnvoyLogLevel contourv1alpha1.LogLevel // The base ID to use when allocating shared memory regions. // if Envoy needs to be run multiple times on the same machine, each running Envoy will need a unique base ID // so that the shared memory regions do not conflict. // defaults to 0. EnvoyBaseID int32 // MaximumHeapSizeBytes defines how much memory the overload manager controls Envoy to allocate at most. // If the value is 0, the overload manager is disabled. // defaults to 0. EnvoyMaxHeapSizeBytes uint64 // WatchNamespaces is an array of namespaces. Setting it will instruct the contour instance // to only watch these set of namespaces // default is nil, contour will watch resource of all namespaces WatchNamespaces []string }
ContourSpec defines the desired state of Contour.
type EnvoyNetworkPublishing ¶
type EnvoyNetworkPublishing struct { // Type is the type of publishing strategy to use. Valid values are: // // * LoadBalancerService // // In this configuration, network endpoints for Envoy use container networking. // A Kubernetes LoadBalancer Service is created to publish Envoy network // endpoints. The Service uses port 80 to publish Envoy's HTTP network endpoint // and port 443 to publish Envoy's HTTPS network endpoint. // // See: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer // // * NodePortService // // Publishes Envoy network endpoints using a Kubernetes NodePort Service. // // In this configuration, Envoy network endpoints use container networking. A Kubernetes // NodePort Service is created to publish the network endpoints. // // See: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport // // * ClusterIPService // // Publishes Envoy network endpoints using a Kubernetes ClusterIP Service. // // In this configuration, Envoy network endpoints use container networking. A Kubernetes // ClusterIP Service is created to publish the network endpoints. // // See: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types Type NetworkPublishingType // LoadBalancer holds parameters for the load balancer. Present only if type is // LoadBalancerService. // // If unspecified, defaults to an external Classic AWS ELB. LoadBalancer LoadBalancerStrategy // Ports is a list of ports to expose on the Envoy service and // workload. Ports []Port // ServiceAnnotations is a set of annotations to add to the provisioned Envoy service. ServiceAnnotations map[string]string // IPFamilyPolicy represents the dual-stack-ness requested or required by // this Service. If there is no value provided, then this field will be set // to SingleStack. IPFamilyPolicy corev1.IPFamilyPolicy // ExternalTrafficPolicy describes how nodes distribute service traffic they // receive on one of the Service's "externally-facing" addresses (NodePorts, ExternalIPs, // and LoadBalancer IPs). // // If unset, defaults to "Local". ExternalTrafficPolicy corev1.ServiceExternalTrafficPolicyType }
EnvoyNetworkPublishing defines the schema to publish Envoy to a network.
type EnvoyNodePlacement ¶
type EnvoyNodePlacement struct { // NodeSelector is the simplest recommended form of node selection constraint // and specifies a map of key-value pairs. For the Envoy pod to be eligible to // run on a node, the node must have each of the indicated key-value pairs as // labels (it can have additional labels as well). // // If unset, the Envoy pod(s) will be scheduled to any available node. NodeSelector map[string]string // Tolerations work with taints to ensure that Envoy pods are not scheduled // onto inappropriate nodes. One or more taints are applied to a node; this // marks that the node should not accept any pods that do not tolerate the taints. // // The default is an empty list. // // See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ // for additional details. Tolerations []corev1.Toleration }
EnvoyNodePlacement describes node scheduling configuration for Envoy pods. If nodeSelector and tolerations are specified, the scheduler will use both to determine where to place the Envoy pod(s).
type GCPLoadBalancerParameters ¶
type GCPLoadBalancerParameters struct { // Address is the desired load balancer IP address. If scope is "Internal", the address // must reside in same subnet as the GKE cluster or "subnet" has to be provided. // // See: // https://cloud.google.com/kubernetes-engine/docs/tutorials/configuring-domain-name-static-ip#use_a_service // https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing#lb_subnet Address *string // Subnet is the subnet name where the "address" resides. Relevant only // if scope is "Internal" and desired IP does not reside in same subnet as GKE // cluster. // // Omit if desired IP is in same subnet as GKE cluster. // // See: https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing#lb_subnet Subnet *string }
type LoadBalancerProviderType ¶
type LoadBalancerProviderType string
LoadBalancerProviderType is the underlying infrastructure provider for the load balancer. Allowed values are "AWS", "Azure", and "GCP".
const ( AWSLoadBalancerProvider LoadBalancerProviderType = "AWS" AzureLoadBalancerProvider LoadBalancerProviderType = "Azure" GCPLoadBalancerProvider LoadBalancerProviderType = "GCP" )
type LoadBalancerScope ¶
type LoadBalancerScope string
LoadBalancerScope is the scope at which a load balancer is exposed. +kubebuilder:validation:Enum=Internal;External
var ( // InternalLoadBalancer is a load balancer that is exposed only on the // cluster's private network. InternalLoadBalancer LoadBalancerScope = "Internal" // ExternalLoadBalancer is a load balancer that is exposed on the // cluster's public network (which is typically on the Internet). ExternalLoadBalancer LoadBalancerScope = "External" )
type LoadBalancerStrategy ¶
type LoadBalancerStrategy struct { // Scope indicates the scope at which the load balancer is exposed. // Possible values are "External" and "Internal". Scope LoadBalancerScope // ProviderParameters contains load balancer information specific to // the underlying infrastructure provider. ProviderParameters ProviderLoadBalancerParameters // LoadBalancerIP is the IP (or hostname) to request // for the LoadBalancer service. LoadBalancerIP string }
LoadBalancerStrategy holds parameters for a load balancer.
type NamespaceSpec ¶
type NamespaceSpec struct { // Name is the name of the namespace to run Contour and dependent // resources. If unset, defaults to "projectcontour". Name string // RemoveOnDeletion will remove the namespace when the Contour is // deleted. If set to True, deletion will not occur if any of the // following conditions exist: // // 1. The Contour namespace is "default", "kube-system" or the // contour-operator's namespace. // // 2. Another Contour exists in the namespace. // // 3. The namespace does not contain the Contour owning label. RemoveOnDeletion bool }
NamespaceSpec defines the schema of a Contour namespace.
type NetworkPublishing ¶
type NetworkPublishing struct { // Envoy provides the schema for publishing the network endpoints of Envoy. // // If unset, defaults to: // type: LoadBalancerService // containerPorts: // - name: http // portNumber: 8080 // - name: https // portNumber: 8443 Envoy EnvoyNetworkPublishing }
NetworkPublishing defines the schema for publishing Contour to a network.
type NetworkPublishingType ¶
type NetworkPublishingType = contourv1alpha1.NetworkPublishingType
const ( // LoadBalancerServicePublishingType publishes a network endpoint using a Kubernetes // LoadBalancer Service. LoadBalancerServicePublishingType NetworkPublishingType = contourv1alpha1.LoadBalancerServicePublishingType // NodePortServicePublishingType publishes a network endpoint using a Kubernetes // NodePort Service. NodePortServicePublishingType NetworkPublishingType = contourv1alpha1.NodePortServicePublishingType // ClusterIPServicePublishingType publishes a network endpoint using a Kubernetes // ClusterIP Service. ClusterIPServicePublishingType NetworkPublishingType = contourv1alpha1.ClusterIPServicePublishingType )
type NodePlacement ¶
type NodePlacement struct { // Contour describes node scheduling configuration of Contour pods. Contour *ContourNodePlacement // Envoy describes node scheduling configuration of Envoy pods. Envoy *EnvoyNodePlacement }
NodePlacement describes node scheduling configuration of Contour and Envoy pods.
type Port ¶ added in v1.24.0
type Port struct { // Name is the name to use for the port on the Envoy service and workload. Name string // ServicePort is the port to expose on the Envoy service. ServicePort int32 // ContainerPort is the port to expose on the Envoy container(s). ContainerPort int32 // NodePort is the network port number to expose for the NodePort Service. // If unspecified, a port number will be assigned from the cluster's // nodeport service range, i.e. --service-node-port-range flag // (default: 30000-32767). // // If specified, the number must: // // 1. Not be used by another NodePort Service. // 2. Be within the cluster's nodeport service range, i.e. --service-node-port-range // flag (default: 30000-32767). // 3. Be a valid network port number, i.e. greater than 0 and less than 65536. NodePort int32 }
type ProviderLoadBalancerParameters ¶
type ProviderLoadBalancerParameters struct { // Type is the underlying infrastructure provider for the load balancer. // Allowed values are "AWS", "Azure", and "GCP". Type LoadBalancerProviderType // AWS provides configuration settings that are specific to AWS // load balancers. // // If empty, defaults will be applied. See specific aws fields for // details about their defaults. AWS *AWSLoadBalancerParameters // Azure provides configuration settings that are specific to Azure // load balancers. // // If empty, defaults will be applied. See specific azure fields for // details about their defaults. Azure *AzureLoadBalancerParameters // GCP provides configuration settings that are specific to GCP // load balancers. // // If empty, defaults will be applied. See specific gcp fields for // details about their defaults. GCP *GCPLoadBalancerParameters }
ProviderLoadBalancerParameters holds desired load balancer information specific to the underlying infrastructure provider.
type RBACNames ¶
type RBACNames struct { ServiceAccount string ClusterRole string ClusterRoleBinding string Role string RoleBinding string NamespaceScopedResourceRole string NamespaceScopedResourceRoleBinding string }
RBACNames holds a set of names of related RBAC resources.
type WorkloadType ¶
type WorkloadType = contourv1alpha1.WorkloadType
WorkloadType is the type of Kubernetes workload to use for a component.