service

package

v1.1.1 Latest Latest Go to latest Published: Sep 11, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubermatic/kubelb

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func CreateOrUpdateService(ctx context.Context, client ctrlclient.Client, obj *corev1.Service) error
func GenerateBridgeService(service corev1.Service, appName, controllerNamespace string) corev1.Service
func GenerateServiceForLBCluster(service corev1.Service, appName, namespace string, ...) corev1.Service
func GetServiceName(service corev1.Service) string
func GetServiceNamespace(service corev1.Service) string
func NormalizeAndReplicateServices(ctx context.Context, log logr.Logger, client ctrlclient.Client, ...) ([]corev1.Service, error)

Constants ¶

View Source

const (
	NodePortServicePattern = "%s-nodeport"
)

Variables ¶

This section is empty.

Functions ¶

func CreateOrUpdateService ¶

func CreateOrUpdateService(ctx context.Context, client ctrlclient.Client, obj *corev1.Service) error

func GenerateBridgeService ¶

func GenerateBridgeService(service corev1.Service, appName, controllerNamespace string) corev1.Service

GenerateBridgeService creates a service that is used to forward traffic from the tenant namespace to the controller namespace. Controller namespace hosts Envoy Proxy instance in case if Global topology is used. What other options were assessed for this: 1. ExternalName service that forwards traffic to `service-name.controller-namespace.svc.cluster.local`. Dropped this idea since ExternalName services are not supported in Gateway API 2. EndpointSlice with FQDN `service-name.controller-namespace.svc.cluster.local` as endpoint. FQDN is deprecated https://github.com/kubernetes/kubernetes/pull/114677 3. Place all resources in controller namespace - this is possible but is poor from a security and isolation standpoint since we lose the ability of 1-1 mapping of resources to namespaces. Also resources are not unique anymore and someone might end up attaching their services/httproutes to Ingresses/Gateways for another tenant. Complete NO GO for Layer 7. Decision: Use a bridge service in controller namespace that simply forwards traffic to envoy on the correct target port. Use Service without Selector in tenant namespace and EndpointSlices to forward traffic from tenant namespace to the envoy proxy in controller namespace.

func GenerateServiceForLBCluster ¶

func GenerateServiceForLBCluster(service corev1.Service, appName, namespace string, portAllocator *portlookup.PortAllocator, globalTopology bool, annotations kubelbv1alpha1.AnnotationSettings) corev1.Service

func GetServiceName ¶

func GetServiceName(service corev1.Service) string

func GetServiceNamespace ¶

func GetServiceNamespace(service corev1.Service) string

func NormalizeAndReplicateServices ¶

func NormalizeAndReplicateServices(ctx context.Context, log logr.Logger, client ctrlclient.Client, references []types.NamespacedName) ([]corev1.Service, error)

Types ¶

This section is empty.

Source Files ¶

View all Source files

service.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL