Documentation ¶
Index ¶
- Constants
- func GetMeshConfig(kube kubernetes.Interface, namespace, name string) (*v1.ConfigMap, *meshconfig.MeshConfig, error)
- func InitImageName(hub string, tag string, _ bool) string
- func IntoResourceFile(c *Config, in io.Reader, out io.Writer) error
- func ProxyImageName(hub string, tag string, debug bool) string
- type Config
- type HTTPServer
- type Initializer
- type InjectionPolicy
- type Params
Constants ¶
const ( DefaultSidecarProxyUID = int64(1337) DefaultVerbosity = 2 DefaultHub = "docker.io/istio" DefaultImagePullPolicy = "IfNotPresent" )
Defaults values for injecting istio proxy into kubernetes resources.
const ( // InitContainerName is the name for init container InitContainerName = "istio-init" // ProxyContainerName is the name for sidecar proxy container ProxyContainerName = "istio-proxy" // ConfigMapKey should match the expected MeshConfig file name ConfigMapKey = "mesh" // InitializerConfigMapKey is the key into the initailizer ConfigMap data. InitializerConfigMapKey = "config" // DefaultResyncPeriod specifies how frequently to retrieve the // full list of watched resources for initialization. DefaultResyncPeriod = 30 * time.Second // DefaultInitializerName specifies the name of the initializer. DefaultInitializerName = "sidecar.initializer.istio.io" )
Variables ¶
This section is empty.
Functions ¶
func GetMeshConfig ¶
func GetMeshConfig(kube kubernetes.Interface, namespace, name string) (*v1.ConfigMap, *meshconfig.MeshConfig, error)
GetMeshConfig fetches the ProxyMesh configuration from Kubernetes ConfigMap.
func InitImageName ¶
InitImageName returns the fully qualified image name for the istio init image given a docker hub and tag and debug flag
func IntoResourceFile ¶
IntoResourceFile injects the istio proxy into the specified kubernetes YAML file.
Types ¶
type Config ¶
type Config struct { Policy InjectionPolicy `json:"policy"` // deprecate if InitializerConfiguration becomes namespace aware IncludeNamespaces []string `json:"namespaces"` // deprecate if InitializerConfiguration becomes namespace aware ExcludeNamespaces []string `json:"excludeNamespaces"` // Params specifies the parameters of the injected sidcar template Params Params `json:"params"` // InitializerName specifies the name of the initializer. InitializerName string `json:"initializerName"` }
Config specifies the initializer configuration for sidecar injection. This includes the sidear template and cluster-side injection policy. It is used by kube-inject, initializer, and http endpoint.
func GetInitializerConfig ¶
func GetInitializerConfig(kube kubernetes.Interface, namespace, injectConfigName string) (*Config, error)
GetInitializerConfig fetches the initializer configuration from a Kubernetes ConfigMap.
type HTTPServer ¶
type HTTPServer struct {
// contains filtered or unexported fields
}
HTTPServer implements an HTTP endpoint equivalent of the k8s sidecar initializer.
func NewHTTPServer ¶
func NewHTTPServer(port int, config *Config) *HTTPServer
NewHTTPServer creates a new HTTP server.
type Initializer ¶
type Initializer struct {
// contains filtered or unexported fields
}
Initializer implements a k8s initializer for transparently injecting the sidecar into user resources. For each resource in the managed namespace, the initializer will remove itself from the pending list of initializers can optionally inject the sidecar based on the InjectionPolicy and per-resource policy (see istioSidecarAnnotationPolicyKey).
func NewInitializer ¶
func NewInitializer(restConfig *rest.Config, config *Config, cl kubernetes.Interface) (*Initializer, error)
NewInitializer creates a new instance of the Istio sidecar initializer.
func (*Initializer) Run ¶
func (i *Initializer) Run(stopCh <-chan struct{})
Run runs the Initializer controller.
type InjectionPolicy ¶
type InjectionPolicy string
InjectionPolicy determines the policy for injecting the sidecar proxy into the watched namespace(s).
const ( // InjectionPolicyDisabled specifies that the initializer will not // inject the sidecar into resources by default for the // namespace(s) being watched. Resources can enable injection // using the "sidecar.istio.io/inject" annotation with value of // true. InjectionPolicyDisabled InjectionPolicy = "disabled" // InjectionPolicyEnabled specifies that the initializer will // inject the sidecar into resources by default for the // namespace(s) being watched. Resources can disable injection // using the "sidecar.istio.io/inject" annotation with value of // false. InjectionPolicyEnabled InjectionPolicy = "enabled" // DefaultInjectionPolicy is the default injection policy. DefaultInjectionPolicy = InjectionPolicyEnabled )
type Params ¶
type Params struct { InitImage string `json:"initImage"` ProxyImage string `json:"proxyImage"` Verbosity int `json:"verbosity"` SidecarProxyUID int64 `json:"sidecarProxyUID"` Version string `json:"version"` EnableCoreDump bool `json:"enableCoreDump"` DebugMode bool `json:"debugMode"` Mesh *meshconfig.MeshConfig `json:"-"` ImagePullPolicy string `json:"imagePullPolicy"` // Comma separated list of IP ranges in CIDR form. If set, only // redirect outbound traffic to Envoy for these IP // ranges. Otherwise all outbound traffic is redirected to Envoy. IncludeIPRanges string `json:"includeIPRanges"` }
Params describes configurable parameters for injecting istio proxy into kubernetes resource.