loadbalancers

package
v1.32.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 7, 2025 License: Apache-2.0 Imports: 39 Imported by: 32

Documentation

Overview

Copyright 2021 The Kubernetes Authors.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source
const (
	IPv4Version IPVersion = "IPV4"
	IPv6Version IPVersion = "IPV6"
	// IPv6LBAddressPrefixLength used for reserving IPv6 addresses.
	// Google Cloud reserves not a single IPv6 address, but a /96 range.
	// At the moment, no other ranges are supported
	IPv6LBAddressPrefixLength = 96
	// IPv6EndpointTypeNetLB is a value on Address.Ipv6EndpointType used specify
	// that IPv6 address will be used for NetLB. Required for new IPv6 NetLB address creation.
	IPv6EndpointTypeNetLB = "NETLB"
)
View Source
const (
	SyncTypeCreate = "create"
	SyncTypeUpdate = "update"
	SyncTypeDelete = "delete"
)
View Source
const FakeCertQuota = 15
View Source
const (
	IPVersionIPv6 = "IPV6"
)
View Source
const SslCertificateMissing = "SslCertificateMissing"
View Source
const (
	// Every target https proxy accepts up to 10 ssl certificates.
	TargetProxyCertLimit = 10
)
View Source
const (
	WeightedLBPodsPerNodeAllowlistMessage = "Weighted Load Balancing for L4 " +
		"Internal Passthrough Load Balancers requires project allowlisting. If " +
		"you need access to this feature please contact Google Cloud support team"
)

Variables

View Source
var L4DualStackResourceAnnotationKeys = append(L4ResourceAnnotationKeys, l4IPv6ResourceAnnotationKeys...)

Functions

func Equal added in v1.9.0

func Equal(existingFwdRule, newFwdRule *composite.ForwardingRule) (bool, error)

func EqualIPv6ForwardingRules added in v1.21.0

func EqualIPv6ForwardingRules(fr1, fr2 *composite.ForwardingRule) (bool, error)

func GCEResourceName

func GCEResourceName(ingAnnotations map[string]string, resourceName string) string

GCEResourceName retrieves the name of the gce resource created for this Ingress, of the given resource type, by inspecting the map of ingress annotations.

func GetLBAnnotations

func GetLBAnnotations(l7 *L7, existing map[string]string, backendSyncer backends.Syncer, ingLogger klog.Logger) (map[string]string, error)

GetLBAnnotations returns the annotations of an l7. This includes it's current status.

func InsertForwardingRuleHook added in v1.9.0

func InsertForwardingRuleHook(ctx context.Context, key *meta.Key, obj *compute.ForwardingRule, m *cloud.MockForwardingRules, options ...cloud.Option) (b bool, e error)

func InsertGlobalForwardingRuleHook added in v1.7.0

func InsertGlobalForwardingRuleHook(ctx context.Context, key *meta.Key, obj *compute.ForwardingRule, m *cloud.MockGlobalForwardingRules, options ...cloud.Option) (b bool, e error)

func IsSameIP added in v1.24.0

func IsSameIP(ip1 string, ip2 string) bool

Types

type ForwardingRulesProvider added in v1.20.0

type ForwardingRulesProvider interface {
	Get(name string) (*composite.ForwardingRule, error)
	Create(forwardingRule *composite.ForwardingRule) error
	Delete(name string) error
	Patch(forwardingRule *composite.ForwardingRule) error
}

ForwardingRulesProvider is an interface to manage Google Cloud Forwarding Rules

type IPAddressType added in v1.16.0

type IPAddressType int

IPAddressType defines if IP address is Managed by controller

const (
	IPAddrUndefined IPAddressType = iota // IP Address type could not be determine due to error is address provisioning.
	IPAddrManaged
	IPAddrUnmanaged
)

type IPVersion added in v1.24.0

type IPVersion = string

IPVersion represents compute.Address IpVersion field

type L4 added in v1.9.0

type L4 struct {
	Service        *corev1.Service
	ServicePort    utils.ServicePort
	NamespacedName types.NamespacedName
	// contains filtered or unexported fields
}

Many of the functions in this file are re-implemented from gce_loadbalancer_internal.go L4 handles the resource creation/deletion/update for a given L4 ILB service.

func NewL4Handler added in v1.9.0

func NewL4Handler(params *L4ILBParams, logger klog.Logger) *L4

NewL4Handler creates a new L4Handler for the given L4 service.

func (*L4) CreateKey added in v1.9.0

func (l4 *L4) CreateKey(name string) (*meta.Key, error)

CreateKey generates a meta.Key for a given GCE resource name.

func (*L4) EnsureInternalLoadBalancer added in v1.9.0

func (l4 *L4) EnsureInternalLoadBalancer(nodeNames []string, svc *corev1.Service) *L4ILBSyncResult

EnsureInternalLoadBalancer ensures that all GCE resources for the given loadbalancer service have been created. It returns a LoadBalancerStatus with the updated ForwardingRule IP address.

func (*L4) EnsureInternalLoadBalancerDeleted added in v1.9.0

func (l4 *L4) EnsureInternalLoadBalancerDeleted(svc *corev1.Service) *L4ILBSyncResult

EnsureInternalLoadBalancerDeleted performs a cleanup of all GCE resources for the given loadbalancer service.

func (*L4) GetFRName added in v1.9.0

func (l4 *L4) GetFRName() string

GetFRName returns the name of the forwarding rule for the given ILB service. This appends the protocol to the forwarding rule name, which will help supporting multiple protocols in the same ILB service.

type L4ILBParams added in v1.20.0

type L4ILBParams struct {
	Service                          *corev1.Service
	Cloud                            *gce.Cloud
	Namer                            namer.L4ResourcesNamer
	Recorder                         record.EventRecorder
	DualStackEnabled                 bool
	NetworkResolver                  network.Resolver
	EnableWeightedLB                 bool
	DisableNodesFirewallProvisioning bool
}

type L4ILBSyncResult added in v1.16.0

type L4ILBSyncResult struct {
	Annotations        map[string]string
	Error              error
	GCEResourceInError string
	Status             *corev1.LoadBalancerStatus
	MetricsLegacyState metrics.L4ILBServiceLegacyState
	MetricsState       metrics.L4ServiceState
	SyncType           string
	StartTime          time.Time
	ResourceUpdates    ResourceUpdates
}

L4ILBSyncResult contains information about the outcome of an L4 ILB sync. It stores the list of resource name annotations, sync error, the GCE resource that hit the error along with the error type, metrics and more fields.

func NewL4ILBSyncResult added in v1.25.0

func NewL4ILBSyncResult(syncType string, startTime time.Time, svc *corev1.Service, isMultinetService bool, isWeightedLBPodsPerNode bool) *L4ILBSyncResult

type L4NetLB added in v1.15.0

type L4NetLB struct {
	Service        *corev1.Service
	NamespacedName types.NamespacedName
	// contains filtered or unexported fields
}

L4NetLB handles the resource creation/deletion/update for a given L4 External LoadBalancer service.

func NewL4NetLB added in v1.15.0

func NewL4NetLB(params *L4NetLBParams, logger klog.Logger) *L4NetLB

NewL4NetLB creates a new Handler for the given L4NetLB service.

func (*L4NetLB) EnsureFrontend added in v1.15.0

func (l4netlb *L4NetLB) EnsureFrontend(nodeNames []string, svc *corev1.Service) *L4NetLBSyncResult

EnsureFrontend ensures that all frontend resources for the given loadbalancer service have been created. It is health check, firewall rules, backend service and forwarding rule. It returns a LoadBalancerStatus with the updated ForwardingRule IP address. This function does not link instances to Backend Service.

func (*L4NetLB) EnsureLoadBalancerDeleted added in v1.15.0

func (l4netlb *L4NetLB) EnsureLoadBalancerDeleted(svc *corev1.Service) *L4NetLBSyncResult

EnsureLoadBalancerDeleted performs a cleanup of all GCE resources for the given loadbalancer service. It is health check, firewall rules and backend service

type L4NetLBParams added in v1.20.0

type L4NetLBParams struct {
	Service                          *corev1.Service
	Cloud                            *gce.Cloud
	Namer                            namer.L4ResourcesNamer
	Recorder                         record.EventRecorder
	DualStackEnabled                 bool
	StrongSessionAffinityEnabled     bool
	NetworkResolver                  network.Resolver
	EnableWeightedLB                 bool
	DisableNodesFirewallProvisioning bool
	UseNEGs                          bool
}

type L4NetLBSyncResult added in v1.16.0

type L4NetLBSyncResult struct {
	Annotations        map[string]string
	Error              error
	GCEResourceInError string
	Status             *corev1.LoadBalancerStatus
	MetricsLegacyState metrics.L4NetLBServiceLegacyState
	MetricsState       metrics.L4ServiceState
	SyncType           string
	StartTime          time.Time
	GCEResourceUpdate  ResourceUpdates
}

L4NetLBSyncResult contains information about the outcome of an L4 NetLB sync. It stores the list of resource name annotations, sync error, the GCE resource that hit the error along with the error type, metrics and more fields.

func NewL4SyncResult added in v1.20.0

func NewL4SyncResult(syncType string, svc *corev1.Service, isMultinet bool, enabledStrongSessionAffinity bool, isWeightedLBPodsPerNode bool, useNEGs bool) *L4NetLBSyncResult

func (*L4NetLBSyncResult) SetMetricsForSuccessfulServiceSync added in v1.17.1

func (r *L4NetLBSyncResult) SetMetricsForSuccessfulServiceSync()

SetMetricsForSuccessfulServiceSync should be call after successful sync.

type L7

type L7 struct {
	// contains filtered or unexported fields
}

L7 represents a single L7 loadbalancer.

func (*L7) Cleanup

func (l7 *L7) Cleanup(versions *features.ResourceVersions) error

Cleanup deletes resources specific to this l7 in the right order. forwarding rule -> target proxy -> url map This leaves backends and health checks, which are shared across loadbalancers.

func (*L7) CreateKey added in v1.7.0

func (l7 *L7) CreateKey(name string) (*meta.Key, error)

CreateKey creates a meta.Key for use with composite types

func (*L7) GetIP

func (l7 *L7) GetIP() string

GetIP returns the ip associated with the forwarding rule for this l7.

func (*L7) Regional added in v1.7.0

func (l7 *L7) Regional() bool

Regional returns true if the l7 scope is regional

func (*L7) RuntimeInfo added in v1.2.2

func (l7 *L7) RuntimeInfo() *L7RuntimeInfo

RuntimeInfo returns the L7RuntimeInfo associated with the L7 load balancer.

func (*L7) String added in v1.8.0

func (l7 *L7) String() string

String returns the name of the loadbalancer. Warning: This should be used only for logging and should not be used to retrieve/ delete gce resource names.

func (*L7) UrlMap

func (l7 *L7) UrlMap() *composite.UrlMap

UrlMap returns the UrlMap associated with the L7 load balancer.

func (*L7) Versions added in v1.7.0

func (l7 *L7) Versions() *features.ResourceVersions

Versions returns the struct listing the versions for every resource

type L7RuntimeInfo

type L7RuntimeInfo struct {
	// IP is the desired ip of the loadbalancer, eg from a staticIP.
	IP string
	// TLS are the tls certs to use in termination.
	TLS []*translator.TLSCerts
	// TLSName is the name of the preshared cert to use. Multiple certs can be specified as a comma-separated string
	TLSName string
	// Ingress is the processed Ingress API object.
	Ingress *v1.Ingress
	// AllowHTTP will not setup :80, if TLS is nil and AllowHTTP is set,
	// no loadbalancer is created.
	AllowHTTP bool
	// The name of a Global/Regional Static IP. If specified, the IP associated with
	// this name is used in the Forwarding Rules for this loadbalancer.
	// If this is an l7-ILB ingress, the static IP is assumed to be internal
	StaticIPName string
	// The name of the static IP subnet, this is only used for L7-ILB Ingress static IPs
	StaticIPSubnet string
	// UrlMap is our internal representation of a url map.
	UrlMap *utils.GCEURLMap
	// FrontendConfig is the type which encapsulates features for the load balancer.
	FrontendConfig *frontendconfigv1beta1.FrontendConfig
}

L7RuntimeInfo is info passed to this module from the controller runtime.

type L7s

type L7s struct {
	// contains filtered or unexported fields
}

L7s implements LoadBalancerPool.

func (*L7s) DidRegionalClassChange added in v1.29.0

func (l7s *L7s) DidRegionalClassChange(ing *v1.Ingress, ingLogger klog.Logger) (bool, error)

DidRegionalClassChange detects if regional ingress changed type between ILB and RXLB. We should garbage collect frontend resources on such change, because RXLB and ILB use the same name, but different LoadBalancingScheme.

func (*L7s) Ensure added in v1.5.0

func (l7s *L7s) Ensure(ri *L7RuntimeInfo) (*L7, error)

Ensure implements LoadBalancerPool.

func (*L7s) FrontendScopeChangeGC added in v1.9.10

func (l7s *L7s) FrontendScopeChangeGC(ing *v1.Ingress, ingLogger klog.Logger) (*meta.KeyType, error)

FrontendScopeChangeGC returns the scope to GC if the LB has changed scopes (e.g. when a user migrates from ILB to ELB on the same ingress or vice versa.) This only applies to the V2 Naming Scheme TODO(shance): Refactor to avoid calling GCE every sync loop

func (*L7s) GCv1 added in v1.8.0

func (l7s *L7s) GCv1(names []string) error

GCv1 implements LoadBalancerPool. TODO(shance): Update to handle regional and global LB with same name

func (*L7s) GCv2 added in v1.8.0

func (l7s *L7s) GCv2(ing *v1.Ingress, scope meta.KeyType) error

GCv2 implements LoadBalancerPool.

func (*L7s) HasUrlMap added in v1.8.0

func (l7s *L7s) HasUrlMap(ing *v1.Ingress) (bool, error)

HasUrlMap implements LoadBalancerPool.

func (*L7s) Shutdown

func (l7s *L7s) Shutdown(ings []*v1.Ingress) error

Shutdown implements LoadBalancerPool.

type LoadBalancerPool

type LoadBalancerPool interface {
	// Ensure ensures a loadbalancer and its resources given the RuntimeInfo.
	Ensure(ri *L7RuntimeInfo) (*L7, error)
	// GCv2 garbage collects loadbalancer associated with given ingress using v2 naming scheme.
	GCv2(ing *v1.Ingress, scope meta.KeyType) error
	// GCv1 garbage collects loadbalancers not in the input list using v1 naming scheme.
	GCv1(names []string) error
	// FrontendScopeChangeGC checks if GC is needed for an ingress that has changed scopes.
	FrontendScopeChangeGC(ing *v1.Ingress, ingLogger klog.Logger) (*meta.KeyType, error)
	// DidRegionalClassChange checks if GC is needed for an ingress that has changed regional class name.
	DidRegionalClassChange(ing *v1.Ingress, ingLogger klog.Logger) (bool, error)
	// Shutdown deletes all loadbalancers for given list of ingresses.
	Shutdown(ings []*v1.Ingress) error
	// HasUrlMap returns true if an URL map exists in GCE for given ingress.
	HasUrlMap(ing *v1.Ingress) (bool, error)
}

LoadBalancerPool is an interface to manage the cloud resources associated with a gce loadbalancer.

func NewLoadBalancerPool

func NewLoadBalancerPool(cloud *gce.Cloud, v1NamerHelper namer_util.V1FrontendNamer, recorderProducer events.RecorderProducer, namerFactory namer_util.IngressFrontendNamerFactory, logger klog.Logger) LoadBalancerPool

NewLoadBalancerPool returns a new loadbalancer pool. - cloud: implements LoadBalancers. Used to sync L7 loadbalancer resources

with the cloud.

type ResourceUpdates added in v1.32.0

type ResourceUpdates struct {
	// contains filtered or unexported fields
}

ResourceUpdates tracks the updates to the GCE resources that were done during ensuring the LB. Ensuring of a resource follows this pattern: - get the existing resource - compare it with the expected state - if the resource is already in the expected state - do nothing - if the resource differs perform an update This struct will track if nothing was done (resync) or if an update was performed. It usually should be added to the SyncResult struct of L4 controllers and updated with sync results of GCE resources ensure operations. It is part of the effort to add more transparency to what the controller is doing and also to detect situations where resources are unexpectedly updated.

func (*ResourceUpdates) SetBackendService added in v1.32.0

func (ru *ResourceUpdates) SetBackendService(status utils.ResourceSyncStatus)

SetBackendService sets the status of the Backend Service update. When this function is invoked multiple times with at least one UPDATE status then the result will be UPDATE.

func (*ResourceUpdates) SetFirewallForHealthCheck added in v1.32.0

func (ru *ResourceUpdates) SetFirewallForHealthCheck(status utils.ResourceSyncStatus)

SetFirewallForHealthCheck sets the status of the Firewall for Health Check update. When this function is invoked multiple times with at least one UPDATE status then the result will be UPDATE.

func (*ResourceUpdates) SetFirewallForNodes added in v1.32.0

func (ru *ResourceUpdates) SetFirewallForNodes(status utils.ResourceSyncStatus)

SetFirewallForNodes sets the status of the Firewall for nodes update. When this function is invoked multiple times with at least one UPDATE status then the result will be UPDATE.

func (*ResourceUpdates) SetForwardingRule added in v1.32.0

func (ru *ResourceUpdates) SetForwardingRule(status utils.ResourceSyncStatus)

SetForwardingRule sets the status of the Forwarding Rule update. When this function is invoked multiple times with at least one UPDATE status then the result will be UPDATE.

func (*ResourceUpdates) SetHealthCheck added in v1.32.0

func (ru *ResourceUpdates) SetHealthCheck(status utils.ResourceSyncStatus)

SetHealthCheck sets the status of the Health Check update. When this function is invoked multiple times with at least one UPDATE status then the result will be UPDATE.

func (*ResourceUpdates) String added in v1.32.0

func (ru *ResourceUpdates) String() string

func (*ResourceUpdates) WereAnyResourcesModified added in v1.32.0

func (ru *ResourceUpdates) WereAnyResourcesModified() bool

WereAnyResourcesModified returns true if any of the LB resources were updated.

Directories

Path Synopsis
TODO: (shance) this file should ideally be combined with backends/features
TODO: (shance) this file should ideally be combined with backends/features

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL