Documentation ¶
Index ¶
- Constants
- func ApplyProbeSettingsToHC(p *v1.Probe, hc *HealthCheck)
- func GetCertHash(contents string) string
- func OverwriteWithTHC(hc *HealthCheck, port int64)
- func ToCompositeURLMap(g *utils.GCEURLMap, namer namer.IngressFrontendNamer, key *meta.Key) *composite.UrlMap
- type Env
- type HealthCheck
- func DefaultHealthCheck(port int64, protocol annotations.AppProtocol) *HealthCheck
- func DefaultILBHealthCheck(protocol annotations.AppProtocol) *HealthCheck
- func DefaultNEGHealthCheck(protocol annotations.AppProtocol) *HealthCheck
- func DefaultXLBRegionalHealthCheck(protocol annotations.AppProtocol) *HealthCheck
- func NewHealthCheck(hc *computealpha.HealthCheck) (*HealthCheck, error)
- func (hc *HealthCheck) Protocol() annotations.AppProtocol
- func (hc *HealthCheck) SetHealthcheckInfo(ci healthcheck.ClusterInfo, si healthcheck.ServiceInfo)
- func (hc *HealthCheck) ToAlphaComputeHealthCheck() (*computealpha.HealthCheck, error)
- func (hc *HealthCheck) ToBetaComputeHealthCheck() (*computebeta.HealthCheck, error)
- func (hc *HealthCheck) ToComputeHealthCheck() (*compute.HealthCheck, error)
- func (hc *HealthCheck) UpdateFromBackendConfig(c *backendconfigv1.HealthCheckConfig)
- func (hc *HealthCheck) Version() meta.Version
- type TLSCerts
- type Translator
- func (t *Translator) ToCompositeForwardingRule(env *Env, protocol namer.NamerProtocol, version meta.Version, ...) *composite.ForwardingRule
- func (t *Translator) ToCompositeSSLCertificates(env *Env, tlsName string, tls []*TLSCerts, version meta.Version) []*composite.SslCertificate
- func (t *Translator) ToCompositeTargetHttpProxy(description string, version meta.Version, urlMapKey *meta.Key) *composite.TargetHttpProxy
- func (t *Translator) ToCompositeTargetHttpsProxy(env *Env, description string, version meta.Version, urlMapKey *meta.Key, ...) (*composite.TargetHttpsProxy, bool, error)
- func (t *Translator) ToRedirectUrlMap(env *Env, version meta.Version) *composite.UrlMap
Constants ¶
const ( DescriptionForDefaultHealthChecks = "Default kubernetes L7 Loadbalancing health check." DescriptionForDefaultNEGHealthChecks = "Default kubernetes L7 Loadbalancing health check for NEG." DescriptionForDefaultILBHealthChecks = "Default kubernetes L7 Loadbalancing health check for ILB." DescriptionForDefaultXLBRegionalHealthChecks = "Default kubernetes L7 Loadbalancing health check for Regional XLB." DescriptionForHealthChecksFromReadinessProbe = "Kubernetes L7 health check generated with readiness probe settings." DescriptionForHealthChecksFromBackendConfig = "Kubernetes L7 health check generated with BackendConfig CRD." DescriptionForTransparentHealthChecks = "Kubernetes L7 transparent health check." )
Variables ¶
This section is empty.
Functions ¶
func ApplyProbeSettingsToHC ¶
func ApplyProbeSettingsToHC(p *v1.Probe, hc *HealthCheck)
ApplyProbeSettingsToHC takes the Pod healthcheck settings and applies it to the healthcheck.
TODO: what if the port changes? TODO: does not handle protocol?
func GetCertHash ¶
TODO(shance): find a way to unexport this
func OverwriteWithTHC ¶ added in v1.24.0
func OverwriteWithTHC(hc *HealthCheck, port int64)
OverwriteWithTHC applies the standard values for Transparent Health Checks.
func ToCompositeURLMap ¶
func ToCompositeURLMap(g *utils.GCEURLMap, namer namer.IngressFrontendNamer, key *meta.Key) *composite.UrlMap
ToCompositeURLMap translates the given hostname: endpoint->port mapping into a gce url map.
HostRule: Conceptually contains all PathRules for a given host. PathMatcher: Associates a path rule with a host rule. Mostly an optimization. PathRule: Maps a single path regex to a backend.
The GCE url map allows multiple hosts to share url->backend mappings without duplication, eg:
Host: foo(PathMatcher1), bar(PathMatcher1,2) PathMatcher1: /a -> b1 /b -> b2 PathMatcher2: /c -> b1
This leads to a lot of complexity in the common case, where all we want is a mapping of host->{/path: backend}.
Consider some alternatives: 1. Using a single backend per PathMatcher:
Host: foo(PathMatcher1,3) bar(PathMatcher1,2,3) PathMatcher1: /a -> b1 PathMatcher2: /c -> b1 PathMatcher3: /b -> b2
2. Using a single host per PathMatcher:
Host: foo(PathMatcher1) PathMatcher1: /a -> b1 /b -> b2 Host: bar(PathMatcher2) PathMatcher2: /a -> b1 /b -> b2 /c -> b1
In the context of kubernetes services, 2 makes more sense, because we rarely want to lookup backends (service:nodeport). When a service is deleted, we need to find all host PathMatchers that have the backend and remove the mapping. When a new path is added to a host (happens more frequently than service deletion) we just need to lookup the 1 path matcher of the host.
Types ¶
type Env ¶
type Env struct { // Ing is the Ingress we are translating. Ing *v1.Ingress // TODO(shance): this should be a map, similar to SecretsMap // FrontendConfig is the frontendconfig associated with the Ingress FrontendConfig *frontendconfigv1beta1.FrontendConfig // SecretsMap contains a mapping from Secret name to the actual resource. // It is assumed that the map contains resources from a single namespace. // This is the same namespace as the Ingress namespace. SecretsMap map[string]*api_v1.Secret // VIP is the IP address assigned to the Ingress. This could be a raw IP address in GCP or the // name of an Address resource. VIP string Network string Subnetwork string Region string Project string }
Env contains all k8s & GCP configuration needed to perform the translation.
type HealthCheck ¶
type HealthCheck struct { ForNEG bool ForILB bool ForRegionalXLB bool // As the {HTTP, HTTPS, HTTP2} settings are identical, we maintain the // settings at the outer-level and copy into the appropriate struct // in the HealthCheck embedded struct (see `merge()`) when getting the // compute struct back. computealpha.HTTPHealthCheck computealpha.HealthCheck Service *v1.Service // contains filtered or unexported fields }
HealthCheck is a wrapper for different versions of the compute struct. TODO(bowei): replace inner workings with composite.
func DefaultHealthCheck ¶
func DefaultHealthCheck(port int64, protocol annotations.AppProtocol) *HealthCheck
DefaultHealthCheck simply returns the default health check.
func DefaultILBHealthCheck ¶
func DefaultILBHealthCheck(protocol annotations.AppProtocol) *HealthCheck
func DefaultNEGHealthCheck ¶
func DefaultNEGHealthCheck(protocol annotations.AppProtocol) *HealthCheck
DefaultNEGHealthCheck simply returns the default health check.
func DefaultXLBRegionalHealthCheck ¶ added in v1.26.0
func DefaultXLBRegionalHealthCheck(protocol annotations.AppProtocol) *HealthCheck
func NewHealthCheck ¶
func NewHealthCheck(hc *computealpha.HealthCheck) (*HealthCheck, error)
NewHealthCheck creates a HealthCheck which abstracts nested structs away
func (*HealthCheck) Protocol ¶
func (hc *HealthCheck) Protocol() annotations.AppProtocol
Protocol returns the type cased to AppProtocol
func (*HealthCheck) SetHealthcheckInfo ¶ added in v1.24.0
func (hc *HealthCheck) SetHealthcheckInfo(ci healthcheck.ClusterInfo, si healthcheck.ServiceInfo)
func (*HealthCheck) ToAlphaComputeHealthCheck ¶
func (hc *HealthCheck) ToAlphaComputeHealthCheck() (*computealpha.HealthCheck, error)
ToAlphaComputeHealthCheck returns a valid computealpha.HealthCheck object
func (*HealthCheck) ToBetaComputeHealthCheck ¶
func (hc *HealthCheck) ToBetaComputeHealthCheck() (*computebeta.HealthCheck, error)
ToBetaComputeHealthCheck returns a valid computebeta.HealthCheck object
func (*HealthCheck) ToComputeHealthCheck ¶
func (hc *HealthCheck) ToComputeHealthCheck() (*compute.HealthCheck, error)
ToComputeHealthCheck returns a valid compute.HealthCheck object
func (*HealthCheck) UpdateFromBackendConfig ¶
func (hc *HealthCheck) UpdateFromBackendConfig(c *backendconfigv1.HealthCheckConfig)
func (*HealthCheck) Version ¶
func (hc *HealthCheck) Version() meta.Version
Version returns the appropriate API version to handle the health check Use Beta API for NEG as PORT_SPECIFICATION is required, and HTTP2
type TLSCerts ¶
type TLSCerts struct { // Key is private key. Key string // Cert is a public key. Cert string // Chain is a certificate chain. Chain string Name string // md5 hash(first 8 bytes) of the cert contents CertHash string }
TLSCerts encapsulates .pem encoded TLS information. TODO(shance): Remove this intermediate representation
func ToTLSCerts ¶
type Translator ¶
type Translator struct { // IsL7ILB is true if the Ingress will be translated into an L7 ILB (as opposed to an XLB). IsL7ILB bool // IsL7XLBRegional is true if the Ingress will be translated into an L7 Regional XLB (as opposed to an XLB). IsL7XLBRegional bool // FrontendNamer generates names for frontend resources. FrontendNamer namer.IngressFrontendNamer }
Translator implements the mapping between an Ingress and its corresponding GCE resources.
func NewTranslator ¶
func NewTranslator(isL7ILB bool, isL7XLBRegional bool, frontendNamer namer.IngressFrontendNamer) *Translator
NewTranslator returns a new Translator.
func (*Translator) ToCompositeForwardingRule ¶
func (t *Translator) ToCompositeForwardingRule(env *Env, protocol namer.NamerProtocol, version meta.Version, proxyLink, description, fwSubnet string) *composite.ForwardingRule
ToCompositeForwardingRule returns a composite.ForwardingRule of type HTTP or HTTPS.
func (*Translator) ToCompositeSSLCertificates ¶ added in v1.11.0
func (t *Translator) ToCompositeSSLCertificates(env *Env, tlsName string, tls []*TLSCerts, version meta.Version) []*composite.SslCertificate
func (*Translator) ToCompositeTargetHttpProxy ¶
func (t *Translator) ToCompositeTargetHttpProxy(description string, version meta.Version, urlMapKey *meta.Key) *composite.TargetHttpProxy
func (*Translator) ToCompositeTargetHttpsProxy ¶
func (t *Translator) ToCompositeTargetHttpsProxy(env *Env, description string, version meta.Version, urlMapKey *meta.Key, sslCerts []*composite.SslCertificate) (*composite.TargetHttpsProxy, bool, error)
TODO(shance): find a way to remove the second return value for sslPolicySet. We currently need to this to maintain the behavior where we do not update the policy if the frontendconfig is empty/deleted
func (*Translator) ToRedirectUrlMap ¶
ToRedirectUrlMap returns the UrlMap used for HTTPS Redirects on a L7 ELB This function returns nil if no url map needs to be created