Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ContivService ¶
type ContivService struct { // ID uniquely identifies service across all namespaces. ID svcmodel.ID // TrafficPolicy decides if traffic is routed cluster-wide or node-local only. TrafficPolicy TrafficPolicyType // ExternalIPs is a set of all IP addresses on which the service // should be exposed on this node (aside from node IPs for NodePorts, which // are provided separately via the ServiceRendererAPI.UpdateNodePortServices() // method). ExternalIPs *IPAddresses // Ports is a map of all ports exposed for this service. Ports map[string]*ServicePort // Backends map external service ports with corresponding backends (= endpoints). Backends map[string][]*ServiceBackend }
ContivService is a less-abstract, free of indirect references representation of K8s Service. It has:
- endpoints combined with services
- the full list of IP addresses on which the service should be exposed on this node
func NewContivService ¶
func NewContivService() *ContivService
NewContivService is a constructor for ContivService.
func (ContivService) HasNodePort ¶
func (cs ContivService) HasNodePort() bool
HasNodePort returns true if service is also exposed on the Node IP.
func (ContivService) String ¶
func (cs ContivService) String() string
String converts ContivService into a human-readable string.
type IPAddresses ¶
type IPAddresses struct {
// contains filtered or unexported fields
}
IPAddresses is a set of IP addresses.
func NewIPAddresses ¶
func NewIPAddresses(addrs ...net.IP) *IPAddresses
NewIPAddresses is a constructor for IPAddresses.
func (*IPAddresses) Copy ¶
func (addrs *IPAddresses) Copy() *IPAddresses
Copy creates a deep copy of the set.
func (*IPAddresses) Has ¶
func (addrs *IPAddresses) Has(addr net.IP) bool
Has returns true if the given IP address is in the set.
func (*IPAddresses) List ¶
func (addrs *IPAddresses) List() []net.IP
List returns the set as a slice which can be iterated through.
func (IPAddresses) String ¶
func (addrs IPAddresses) String() string
String converts a set of IP addresses into a human-readable string.
type Interfaces ¶
type Interfaces map[string]struct{}
Interfaces is a set of interface names.
func NewInterfaces ¶
func NewInterfaces(ifNames ...string) Interfaces
NewInterfaces is a constructor for Interfaces.
func (Interfaces) Copy ¶
func (ifs Interfaces) Copy() Interfaces
Copy creates a deep copy of the set.
func (Interfaces) Has ¶
func (ifs Interfaces) Has(ifName string) bool
Has returns true if the given interface name is in the set.
func (Interfaces) String ¶
func (ifs Interfaces) String() string
String converts a set of interface names into a human-readable string.
type ProtocolType ¶
type ProtocolType int
ProtocolType is either TCP or UDP.
const ( // TCP protocol. TCP ProtocolType = 6 // UDP protocol. UDP ProtocolType = 17 )
func (ProtocolType) String ¶
func (pt ProtocolType) String() string
String converts ProtocolType into a human-readable string.
type ResyncEventData ¶
type ResyncEventData struct { // NodeIPs is a list of IP addresses of all nodes in the cluster. NodeIPs *IPAddresses // Services is a list of all currently deployed services. Services []*ContivService // FrontendIfs is a set of all interfaces connecting clients with VPP // (VPP specific). FrontendIfs Interfaces // BackendIfs is a set of all interfaces connecting service backends with VPP // (VPP specific). BackendIfs Interfaces }
ResyncEventData wraps an entire state of K8s services as provided by the Processor.
func NewResyncEventData ¶
func NewResyncEventData() *ResyncEventData
NewResyncEventData is a constructor for ResyncEventData.
func (ResyncEventData) String ¶
func (red ResyncEventData) String() string
String converts ResyncEventData into a human-readable string.
type ServiceBackend ¶
type ServiceBackend struct { IP net.IP /* internal IP address of the backend */ Port uint16 /* backend-local port on which the service listens */ Local bool /* true if the backend is deployed on this node (can be leveraged for smart load-balancing) */ HostNetwork bool /* true if the backend uses host networking */ }
ServiceBackend represents a single service backend (= endpoint).
func (ServiceBackend) String ¶
func (sb ServiceBackend) String() string
String converts Backend into a human-readable string.
type ServicePort ¶
type ServicePort struct { Protocol ProtocolType /* protocol type */ Port uint16 /* port that will be exposed by this service */ NodePort uint16 /* port on which this service is exposed for Node IP (0 if none) */ }
ServicePort contains information on service's port.
func (ServicePort) String ¶
func (sp ServicePort) String() string
String converts ServicePort into a human-readable string.
type ServiceRendererAPI ¶
type ServiceRendererAPI interface { // AddService is called for a newly added service. AddService(service *ContivService) error // UpdateService informs renderer about a change in the configuration // or in the state of a service. UpdateService(oldService, newService *ContivService) error // DeleteService is called for every removed service. DeleteService(service *ContivService) error // UpdateNodePortServices is called whenever the set of node IPs in the cluster // changes. UpdateNodePortServices(nodeIPs *IPAddresses, npServices []*ContivService) error // UpdateLocalFrontendIfs gives an update about a changed set of Frontend // interfaces (VPP specific). UpdateLocalFrontendIfs(oldIfNames, newIfNames Interfaces) error // UpdateLocalBackendIfs gives an updated about a changed set of backend // interfaces (VPP specific). UpdateLocalBackendIfs(oldIfNames, newIfNames Interfaces) error // Resync provides a complete snapshot of all service-related data. // The render should resolve any discrepancies between the state of K8s // services and the currently rendered configuration. Resync(resyncEv *ResyncEventData) error }
ServiceRendererAPI defines the API of Service Renderer.
Service Renderer is a pluggable component of the service plugin, sitting below the processor and implementing rendering of ContivService instances into the configuration of the target network stack. The idea is to allow to have alternative and/or complementary Kubernetes service implementations. For example, IPv4 and IPv6 protocols could be handled separately by two different renderers. Similarly, the set of supported vswitches in the data plane can be extended simply by adding new renderers for services and policies. Another use-case is to provide alternative implementation of Kubernetes services for the same stack - one being the default, others possibly experimental or tailor-made for specific applications. The set of renderers to be activated can be configurable or determined from the environment. Every active renderer is given the same set of data from the processor.
ServiceRendererAPI is the interface that connects processor's southbound with the renderer's northbound. For a single Kubernetes service, all relevant configuration and state data are wrapped into a single instance of ContivService. The renderer learns the set of external IPs and ports on which the service should be exposed together with corresponding sets of backends (= endpoints). AddService(), DeleteService(), UpdateService() are called every time a service is created, removed or its state/configuration data has changed, respectively. ContivService is referenced by ID unique across all namespaces.
The processor also monitors the set of all node IPs in the cluster. Every time a new IP is assigned to any node inside the cluster or an existing node has been deleted, UpdateNodePortServices() is called with the latest list of all node IPs together with a set of NodePort services.
Additionally, the processor distinguishes interfaces connecting VPP with potential service clients - denoted as Frontends - from those connecting vswitch with service endpoints - denoted as Backends. Interface can be both Frontend and Backend. The sets of Frontend and Backend interfaces are refreshed by the processor every time a pod is created, destroyed, assigned to a service for the first time, or no longer acting as a service endpoint. For Renderer this classification of interfaces may or may not be useful. It is up to the renderer to either leverage or completely ignore events UpdateLocalFrontendIfs() and UpdateLocalBackendIfs(). Please note that the sets of Frontend & Backend interfaces are specific to the VPP-based networking and not relevant for a different vswitch / network stack.
Resync() is used to pass the current snapshot of all data provided by the processor. Upon receipt, the renderer is supposed to make sure that the rendered configuration matches the state of Kubernetes services and to resolve any discrepancies. Resync() is always called on the agent startup, but may also be triggered during the runtime - in case a potential data loss between the agent and the data store or the vswitch has been detected.
To integrate (VPP-specific) renderer with the ACL-based policies (plugins/policy/renderer/acl), it is required to perform the service address translation for both directions in-between the VPP nodes: `acl-plugin-in-ip4-fa` and `acl-plugin-out-ip4-fa` (i.e. after ingress ACLs, but before egress ACLs).
type TrafficPolicyType ¶
type TrafficPolicyType int
TrafficPolicyType is either Cluster-wide routing or Node-local only routing.
const ( // ClusterWide allows to load-balance traffic across all backends. ClusterWide TrafficPolicyType = 0 // NodeLocal allows to load-balance traffic only across node-local backends. NodeLocal TrafficPolicyType = 1 )
func (TrafficPolicyType) String ¶
func (tpt TrafficPolicyType) String() string
String converts TrafficPolicyType into a human-readable string.