podbouncer

package
v1.1.0-beta10 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 28, 2021 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type PodBouncer

type PodBouncer interface {
	BouncePods(
		ctx context.Context,
		podBounceDirective *certificatesv1.PodBounceDirective,
		pods corev1sets.PodSet,
		configMaps corev1sets.ConfigMapSet,
		secrets corev1sets.SecretSet,
	) (bool, error)
}

bounce (delete) the listed pods returns true if we need to wait before proceeding to process the podBounceDirective. we must wait for the following conditions: 1. istiod control plane has come back online after it has been restarted 2. istio's root cert has been propagated to all istio-controlled namespaces for consumption by the data plane. this should cause the reconcile to end early and persist the IssuedCertificate in the Issued state

func NewPodBouncer

func NewPodBouncer(
	podClient corev1client.PodClient,
	rootCertMatcher RootCertMatcher,
) PodBouncer

type RootCertMatcher

type RootCertMatcher interface {
	MatchesRootCert(
		ctx context.Context,
		rootCert []byte,
		selector *certificatesv1.PodBounceDirectiveSpec_PodSelector,
		allSecrets corev1sets.SecretSet,
	) (matches bool, err error)
}

func NewSecretRootCertMatcher

func NewSecretRootCertMatcher() RootCertMatcher

Directories

Path Synopsis
Package mock_podbouncer is a generated GoMock package.
Package mock_podbouncer is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL