podbouncer

package
v1.1.0-beta33 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 11, 2021 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type PodBouncer 

type PodBouncer interface {
	BouncePods(
		ctx context.Context,
		podBounceDirective *certificatesv1.PodBounceDirective,
		pods corev1sets.PodSet,
		configMaps corev1sets.ConfigMapSet,
		secrets corev1sets.SecretSet,
	) (bool, error)
}

bounce (delete) the listed pods returns true if we need to wait before proceeding to process the podBounceDirective. we must wait for the following conditions: 1. istiod control plane has come back online after it has been restarted 2. istio's root cert has been propagated to all istio-controlled namespaces for consumption by the data plane. this should cause the reconcile to end early and persist the IssuedCertificate in the Issued state

func NewPodBouncer 

func NewPodBouncer(
	podClient corev1client.PodClient,
	rootCertMatcher RootCertMatcher,
) PodBouncer

type RootCertMatcher 

type RootCertMatcher interface {
	MatchesRootCert(
		ctx context.Context,
		rootCert []byte,
		selector *certificatesv1.PodBounceDirectiveSpec_PodSelector,
		allSecrets corev1sets.SecretSet,
	) (matches bool, err error)
}

func NewSecretRootCertMatcher 

func NewSecretRootCertMatcher() RootCertMatcher

Source Files

View all Source files

Directories

Path Synopsis
Package mock_podbouncer is a generated GoMock package.
 Package mock_podbouncer is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.