Documentation ¶
Overview ¶
Copyright 2021 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- Constants
- Variables
- func Equal(existingFwdRule, newFwdRule *composite.ForwardingRule) (bool, error)
- func EqualIPv6ForwardingRules(fr1, fr2 *composite.ForwardingRule) (bool, error)
- func GCEResourceName(ingAnnotations map[string]string, resourceName string) string
- func GetLBAnnotations(l7 *L7, existing map[string]string, backendSyncer backends.Syncer, ...) (map[string]string, error)
- func InsertForwardingRuleHook(ctx context.Context, key *meta.Key, obj *compute.ForwardingRule, ...) (b bool, e error)
- func InsertGlobalForwardingRuleHook(ctx context.Context, key *meta.Key, obj *compute.ForwardingRule, ...) (b bool, e error)
- func IsSameIP(ip1 string, ip2 string) bool
- type ForwardingRulesProvider
- type IPAddressType
- type IPVersion
- type L4
- type L4ILBParams
- type L4ILBSyncResult
- type L4NetLB
- type L4NetLBParams
- type L4NetLBSyncResult
- type L7
- func (l7 *L7) Cleanup(versions *features.ResourceVersions) error
- func (l7 *L7) CreateKey(name string) (*meta.Key, error)
- func (l7 *L7) GetIP() string
- func (l7 *L7) Regional() bool
- func (l7 *L7) RuntimeInfo() *L7RuntimeInfo
- func (l7 *L7) String() string
- func (l7 *L7) UrlMap() *composite.UrlMap
- func (l7 *L7) Versions() *features.ResourceVersions
- type L7RuntimeInfo
- type L7s
- func (l7s *L7s) DidRegionalClassChange(ing *v1.Ingress, ingLogger klog.Logger) (bool, error)
- func (l7s *L7s) Ensure(ri *L7RuntimeInfo) (*L7, error)
- func (l7s *L7s) FrontendScopeChangeGC(ing *v1.Ingress, ingLogger klog.Logger) (*meta.KeyType, error)
- func (l7s *L7s) GCv1(names []string) error
- func (l7s *L7s) GCv2(ing *v1.Ingress, scope meta.KeyType) error
- func (l7s *L7s) HasUrlMap(ing *v1.Ingress) (bool, error)
- func (l7s *L7s) Shutdown(ings []*v1.Ingress) error
- type LoadBalancerPool
- type ResourceUpdates
- func (ru *ResourceUpdates) SetBackendService(status utils.ResourceSyncStatus)
- func (ru *ResourceUpdates) SetFirewallForHealthCheck(status utils.ResourceSyncStatus)
- func (ru *ResourceUpdates) SetFirewallForNodes(status utils.ResourceSyncStatus)
- func (ru *ResourceUpdates) SetForwardingRule(status utils.ResourceSyncStatus)
- func (ru *ResourceUpdates) SetHealthCheck(status utils.ResourceSyncStatus)
- func (ru *ResourceUpdates) String() string
- func (ru *ResourceUpdates) WereAnyResourcesModified() bool
Constants ¶
const ( IPv4Version IPVersion = "IPV4" IPv6Version IPVersion = "IPV6" // IPv6LBAddressPrefixLength used for reserving IPv6 addresses. // Google Cloud reserves not a single IPv6 address, but a /96 range. // At the moment, no other ranges are supported IPv6LBAddressPrefixLength = 96 // IPv6EndpointTypeNetLB is a value on Address.Ipv6EndpointType used specify // that IPv6 address will be used for NetLB. Required for new IPv6 NetLB address creation. IPv6EndpointTypeNetLB = "NETLB" )
const ( SyncTypeCreate = "create" SyncTypeUpdate = "update" SyncTypeDelete = "delete" )
const FakeCertQuota = 15
const (
IPVersionIPv6 = "IPV6"
)
const SslCertificateMissing = "SslCertificateMissing"
const (
// Every target https proxy accepts up to 10 ssl certificates.
TargetProxyCertLimit = 10
)
const (
WeightedLBPodsPerNodeAllowlistMessage = "Weighted Load Balancing for L4 " +
"Internal Passthrough Load Balancers requires project allowlisting. If " +
"you need access to this feature please contact Google Cloud support team"
)
Variables ¶
var L4DualStackResourceAnnotationKeys = append(L4ResourceAnnotationKeys, l4IPv6ResourceAnnotationKeys...)
var L4ResourceAnnotationKeys = []string{ annotations.BackendServiceKey, annotations.TCPForwardingRuleKey, annotations.UDPForwardingRuleKey, annotations.HealthcheckKey, annotations.FirewallRuleKey, annotations.FirewallRuleForHealthcheckKey, }
Functions ¶
func Equal ¶ added in v1.9.0
func Equal(existingFwdRule, newFwdRule *composite.ForwardingRule) (bool, error)
func EqualIPv6ForwardingRules ¶ added in v1.21.0
func EqualIPv6ForwardingRules(fr1, fr2 *composite.ForwardingRule) (bool, error)
func GCEResourceName ¶
GCEResourceName retrieves the name of the gce resource created for this Ingress, of the given resource type, by inspecting the map of ingress annotations.
func GetLBAnnotations ¶
func GetLBAnnotations(l7 *L7, existing map[string]string, backendSyncer backends.Syncer, ingLogger klog.Logger) (map[string]string, error)
GetLBAnnotations returns the annotations of an l7. This includes it's current status.
func InsertForwardingRuleHook ¶ added in v1.9.0
func InsertGlobalForwardingRuleHook ¶ added in v1.7.0
Types ¶
type ForwardingRulesProvider ¶ added in v1.20.0
type ForwardingRulesProvider interface { Get(name string) (*composite.ForwardingRule, error) Create(forwardingRule *composite.ForwardingRule) error Delete(name string) error Patch(forwardingRule *composite.ForwardingRule) error }
ForwardingRulesProvider is an interface to manage Google Cloud Forwarding Rules
type IPAddressType ¶ added in v1.16.0
type IPAddressType int
IPAddressType defines if IP address is Managed by controller
const ( IPAddrUndefined IPAddressType = iota // IP Address type could not be determine due to error is address provisioning. IPAddrManaged IPAddrUnmanaged )
type IPVersion ¶ added in v1.24.0
type IPVersion = string
IPVersion represents compute.Address IpVersion field
type L4 ¶ added in v1.9.0
type L4 struct { Service *corev1.Service ServicePort utils.ServicePort NamespacedName types.NamespacedName // contains filtered or unexported fields }
Many of the functions in this file are re-implemented from gce_loadbalancer_internal.go L4 handles the resource creation/deletion/update for a given L4 ILB service.
func NewL4Handler ¶ added in v1.9.0
func NewL4Handler(params *L4ILBParams, logger klog.Logger) *L4
NewL4Handler creates a new L4Handler for the given L4 service.
func (*L4) CreateKey ¶ added in v1.9.0
CreateKey generates a meta.Key for a given GCE resource name.
func (*L4) EnsureInternalLoadBalancer ¶ added in v1.9.0
func (l4 *L4) EnsureInternalLoadBalancer(nodeNames []string, svc *corev1.Service) *L4ILBSyncResult
EnsureInternalLoadBalancer ensures that all GCE resources for the given loadbalancer service have been created. It returns a LoadBalancerStatus with the updated ForwardingRule IP address.
func (*L4) EnsureInternalLoadBalancerDeleted ¶ added in v1.9.0
func (l4 *L4) EnsureInternalLoadBalancerDeleted(svc *corev1.Service) *L4ILBSyncResult
EnsureInternalLoadBalancerDeleted performs a cleanup of all GCE resources for the given loadbalancer service.
type L4ILBParams ¶ added in v1.20.0
type L4ILBSyncResult ¶ added in v1.16.0
type L4ILBSyncResult struct { Annotations map[string]string Error error GCEResourceInError string Status *corev1.LoadBalancerStatus MetricsLegacyState metrics.L4ILBServiceLegacyState MetricsState metrics.L4ServiceState SyncType string StartTime time.Time ResourceUpdates ResourceUpdates }
L4ILBSyncResult contains information about the outcome of an L4 ILB sync. It stores the list of resource name annotations, sync error, the GCE resource that hit the error along with the error type, metrics and more fields.
func NewL4ILBSyncResult ¶ added in v1.25.0
type L4NetLB ¶ added in v1.15.0
type L4NetLB struct { Service *corev1.Service NamespacedName types.NamespacedName // contains filtered or unexported fields }
L4NetLB handles the resource creation/deletion/update for a given L4 External LoadBalancer service.
func NewL4NetLB ¶ added in v1.15.0
func NewL4NetLB(params *L4NetLBParams, logger klog.Logger) *L4NetLB
NewL4NetLB creates a new Handler for the given L4NetLB service.
func (*L4NetLB) EnsureFrontend ¶ added in v1.15.0
func (l4netlb *L4NetLB) EnsureFrontend(nodeNames []string, svc *corev1.Service) *L4NetLBSyncResult
EnsureFrontend ensures that all frontend resources for the given loadbalancer service have been created. It is health check, firewall rules, backend service and forwarding rule. It returns a LoadBalancerStatus with the updated ForwardingRule IP address. This function does not link instances to Backend Service.
func (*L4NetLB) EnsureLoadBalancerDeleted ¶ added in v1.15.0
func (l4netlb *L4NetLB) EnsureLoadBalancerDeleted(svc *corev1.Service) *L4NetLBSyncResult
EnsureLoadBalancerDeleted performs a cleanup of all GCE resources for the given loadbalancer service. It is health check, firewall rules and backend service
type L4NetLBParams ¶ added in v1.20.0
type L4NetLBSyncResult ¶ added in v1.16.0
type L4NetLBSyncResult struct { Annotations map[string]string Error error GCEResourceInError string Status *corev1.LoadBalancerStatus MetricsLegacyState metrics.L4NetLBServiceLegacyState MetricsState metrics.L4ServiceState SyncType string StartTime time.Time GCEResourceUpdate ResourceUpdates }
L4NetLBSyncResult contains information about the outcome of an L4 NetLB sync. It stores the list of resource name annotations, sync error, the GCE resource that hit the error along with the error type, metrics and more fields.
func NewL4SyncResult ¶ added in v1.20.0
func (*L4NetLBSyncResult) SetMetricsForSuccessfulServiceSync ¶ added in v1.17.1
func (r *L4NetLBSyncResult) SetMetricsForSuccessfulServiceSync()
SetMetricsForSuccessfulServiceSync should be call after successful sync.
type L7 ¶
type L7 struct {
// contains filtered or unexported fields
}
L7 represents a single L7 loadbalancer.
func (*L7) Cleanup ¶
func (l7 *L7) Cleanup(versions *features.ResourceVersions) error
Cleanup deletes resources specific to this l7 in the right order. forwarding rule -> target proxy -> url map This leaves backends and health checks, which are shared across loadbalancers.
func (*L7) RuntimeInfo ¶ added in v1.2.2
func (l7 *L7) RuntimeInfo() *L7RuntimeInfo
RuntimeInfo returns the L7RuntimeInfo associated with the L7 load balancer.
func (*L7) String ¶ added in v1.8.0
String returns the name of the loadbalancer. Warning: This should be used only for logging and should not be used to retrieve/ delete gce resource names.
func (*L7) Versions ¶ added in v1.7.0
func (l7 *L7) Versions() *features.ResourceVersions
Versions returns the struct listing the versions for every resource
type L7RuntimeInfo ¶
type L7RuntimeInfo struct { // IP is the desired ip of the loadbalancer, eg from a staticIP. IP string // TLS are the tls certs to use in termination. TLS []*translator.TLSCerts // TLSName is the name of the preshared cert to use. Multiple certs can be specified as a comma-separated string TLSName string // Ingress is the processed Ingress API object. Ingress *v1.Ingress // AllowHTTP will not setup :80, if TLS is nil and AllowHTTP is set, // no loadbalancer is created. AllowHTTP bool // The name of a Global/Regional Static IP. If specified, the IP associated with // this name is used in the Forwarding Rules for this loadbalancer. // If this is an l7-ILB ingress, the static IP is assumed to be internal StaticIPName string // The name of the static IP subnet, this is only used for L7-ILB Ingress static IPs StaticIPSubnet string // UrlMap is our internal representation of a url map. UrlMap *utils.GCEURLMap // FrontendConfig is the type which encapsulates features for the load balancer. FrontendConfig *frontendconfigv1beta1.FrontendConfig }
L7RuntimeInfo is info passed to this module from the controller runtime.
type L7s ¶
type L7s struct {
// contains filtered or unexported fields
}
L7s implements LoadBalancerPool.
func (*L7s) DidRegionalClassChange ¶ added in v1.29.0
DidRegionalClassChange detects if regional ingress changed type between ILB and RXLB. We should garbage collect frontend resources on such change, because RXLB and ILB use the same name, but different LoadBalancingScheme.
func (*L7s) Ensure ¶ added in v1.5.0
func (l7s *L7s) Ensure(ri *L7RuntimeInfo) (*L7, error)
Ensure implements LoadBalancerPool.
func (*L7s) FrontendScopeChangeGC ¶ added in v1.9.10
func (l7s *L7s) FrontendScopeChangeGC(ing *v1.Ingress, ingLogger klog.Logger) (*meta.KeyType, error)
FrontendScopeChangeGC returns the scope to GC if the LB has changed scopes (e.g. when a user migrates from ILB to ELB on the same ingress or vice versa.) This only applies to the V2 Naming Scheme TODO(shance): Refactor to avoid calling GCE every sync loop
func (*L7s) GCv1 ¶ added in v1.8.0
GCv1 implements LoadBalancerPool. TODO(shance): Update to handle regional and global LB with same name
type LoadBalancerPool ¶
type LoadBalancerPool interface { // Ensure ensures a loadbalancer and its resources given the RuntimeInfo. Ensure(ri *L7RuntimeInfo) (*L7, error) // GCv2 garbage collects loadbalancer associated with given ingress using v2 naming scheme. GCv2(ing *v1.Ingress, scope meta.KeyType) error // GCv1 garbage collects loadbalancers not in the input list using v1 naming scheme. GCv1(names []string) error // FrontendScopeChangeGC checks if GC is needed for an ingress that has changed scopes. FrontendScopeChangeGC(ing *v1.Ingress, ingLogger klog.Logger) (*meta.KeyType, error) // DidRegionalClassChange checks if GC is needed for an ingress that has changed regional class name. DidRegionalClassChange(ing *v1.Ingress, ingLogger klog.Logger) (bool, error) // Shutdown deletes all loadbalancers for given list of ingresses. Shutdown(ings []*v1.Ingress) error // HasUrlMap returns true if an URL map exists in GCE for given ingress. HasUrlMap(ing *v1.Ingress) (bool, error) }
LoadBalancerPool is an interface to manage the cloud resources associated with a gce loadbalancer.
func NewLoadBalancerPool ¶
func NewLoadBalancerPool(cloud *gce.Cloud, v1NamerHelper namer_util.V1FrontendNamer, recorderProducer events.RecorderProducer, namerFactory namer_util.IngressFrontendNamerFactory, logger klog.Logger) LoadBalancerPool
NewLoadBalancerPool returns a new loadbalancer pool. - cloud: implements LoadBalancers. Used to sync L7 loadbalancer resources
with the cloud.
type ResourceUpdates ¶ added in v1.32.0
type ResourceUpdates struct {
// contains filtered or unexported fields
}
ResourceUpdates tracks the updates to the GCE resources that were done during ensuring the LB. Ensuring of a resource follows this pattern: - get the existing resource - compare it with the expected state - if the resource is already in the expected state - do nothing - if the resource differs perform an update This struct will track if nothing was done (resync) or if an update was performed. It usually should be added to the SyncResult struct of L4 controllers and updated with sync results of GCE resources ensure operations. It is part of the effort to add more transparency to what the controller is doing and also to detect situations where resources are unexpectedly updated.
func (*ResourceUpdates) SetBackendService ¶ added in v1.32.0
func (ru *ResourceUpdates) SetBackendService(status utils.ResourceSyncStatus)
SetBackendService sets the status of the Backend Service update. When this function is invoked multiple times with at least one UPDATE status then the result will be UPDATE.
func (*ResourceUpdates) SetFirewallForHealthCheck ¶ added in v1.32.0
func (ru *ResourceUpdates) SetFirewallForHealthCheck(status utils.ResourceSyncStatus)
SetFirewallForHealthCheck sets the status of the Firewall for Health Check update. When this function is invoked multiple times with at least one UPDATE status then the result will be UPDATE.
func (*ResourceUpdates) SetFirewallForNodes ¶ added in v1.32.0
func (ru *ResourceUpdates) SetFirewallForNodes(status utils.ResourceSyncStatus)
SetFirewallForNodes sets the status of the Firewall for nodes update. When this function is invoked multiple times with at least one UPDATE status then the result will be UPDATE.
func (*ResourceUpdates) SetForwardingRule ¶ added in v1.32.0
func (ru *ResourceUpdates) SetForwardingRule(status utils.ResourceSyncStatus)
SetForwardingRule sets the status of the Forwarding Rule update. When this function is invoked multiple times with at least one UPDATE status then the result will be UPDATE.
func (*ResourceUpdates) SetHealthCheck ¶ added in v1.32.0
func (ru *ResourceUpdates) SetHealthCheck(status utils.ResourceSyncStatus)
SetHealthCheck sets the status of the Health Check update. When this function is invoked multiple times with at least one UPDATE status then the result will be UPDATE.
func (*ResourceUpdates) String ¶ added in v1.32.0
func (ru *ResourceUpdates) String() string
func (*ResourceUpdates) WereAnyResourcesModified ¶ added in v1.32.0
func (ru *ResourceUpdates) WereAnyResourcesModified() bool
WereAnyResourcesModified returns true if any of the LB resources were updated.