annotations

package
v1.9.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 21, 2020 License: Apache-2.0 Imports: 7 Imported by: 51

Documentation

Index

Constants

View Source
const (
	// StatusPrefix is the prefix used in annotations used to record
	// debug information in the Ingress annotations.
	StatusPrefix = "ingress.kubernetes.io"

	// AllowHTTPKey tells the Ingress controller to allow/block HTTP access.
	// If either unset or set to true, the controller will create a
	// forwarding-rule for port 80, and any additional rules based on the TLS
	// section of the Ingress. If set to false, the controller will only create
	// rules for port 443 based on the TLS section.
	AllowHTTPKey = "kubernetes.io/ingress.allow-http"

	// StaticIPNameKey tells the Ingress controller to use a specific GCE
	// static ip for its forwarding rules. If specified, the Ingress controller
	// assigns the static ip by this name to the forwarding rules of the given
	// Ingress. The controller *does not* manage this ip, it is the users
	// responsibility to create/delete it.
	StaticIPNameKey = "kubernetes.io/ingress.global-static-ip-name"

	// PreSharedCertKey represents the specific pre-shared SSL
	// certificate for the Ingress controller to use. The controller *does not*
	// manage this certificate, it is the users responsibility to create/delete it.
	// In GCP, the Ingress controller assigns the SSL certificate with this name
	// to the target proxies of the Ingress.
	PreSharedCertKey = "ingress.gcp.kubernetes.io/pre-shared-cert"

	// IngressClassKey picks a specific "class" for the Ingress. The controller
	// only processes Ingresses with this annotation either unset, or set
	// to either gceIngessClass or the empty string.
	IngressClassKey      = "kubernetes.io/ingress.class"
	GceIngressClass      = "gce"
	GceMultiIngressClass = "gce-multi-cluster"
	GceL7ILBIngressClass = "gce-internal"

	// Label key to denote which GCE zone a Kubernetes node is in.
	ZoneKey     = "failure-domain.beta.kubernetes.io/zone"
	DefaultZone = ""

	// InstanceGroupsAnnotationKey is the annotation key used by controller to
	// specify the name and zone of instance groups created for the ingress.
	// This is read only for users. Controller will overrite any user updates.
	// This is only set for ingresses with ingressClass = "gce-multi-cluster"
	InstanceGroupsAnnotationKey = "ingress.gcp.kubernetes.io/instance-groups"

	// SuppressFirewallXPNErrorKey is the annotation key used by firewall
	// controller whether to suppress firewallXPNError.
	SuppressFirewallXPNErrorKey = "networking.gke.io/suppress-firewall-xpn-error"

	// FrontendConfigKey is the annotation key used by controller to specify
	// the FrontendConfig resource which should be associated with the Ingress.
	// The value of the annotation is the name of the FrontendConfig resource.
	// Examples:
	// - annotations:
	//     networking.gke.io/v1beta1.FrontendConfig: 'my-frontendconfig'
	FrontendConfigKey = "networking.gke.io/v1beta1.FrontendConfig"

	// UrlMapKey is the annotation key used by controller to record GCP URL map.
	UrlMapKey = StatusPrefix + "/url-map"
	// HttpForwardingRuleKey is the annotation key used by controller to record
	// GCP http forwarding rule.
	HttpForwardingRuleKey = StatusPrefix + "/forwarding-rule"
	// HttpsForwardingRuleKey is the annotation key used by controller to record
	// GCP https forwarding rule.
	HttpsForwardingRuleKey = StatusPrefix + "/https-forwarding-rule"
	// TargetHttpProxyKey is the annotation key used by controller to record
	// GCP target http proxy.
	TargetHttpProxyKey = StatusPrefix + "/target-proxy"
	// TargetHttpsProxyKey is the annotation key used by controller to record
	// GCP target https proxy.
	TargetHttpsProxyKey = StatusPrefix + "/https-target-proxy"
	// SSLCertKey is the annotation key used by controller to record GCP ssl cert.
	SSLCertKey = StatusPrefix + "/ssl-cert"
	// StaticIPKey is the annotation key used by controller to record GCP static ip.
	StaticIPKey = StatusPrefix + "/static-ip"
)
View Source
const (
	// ServiceApplicationProtocolKey and GoogleServiceApplicationProtocolKey
	// is a stringified JSON map of port names to protocol strings.
	// Possible values are HTTP, HTTPS and HTTP2.
	// Example:
	// '{"my-https-port":"HTTPS","my-http-port":"HTTP"}'
	// Note: ServiceApplicationProtocolKey will be deprecated.
	ServiceApplicationProtocolKey       = "service.alpha.kubernetes.io/app-protocols"
	GoogleServiceApplicationProtocolKey = "cloud.google.com/app-protocols"

	// NEGAnnotationKey is the annotation key to enable GCE NEG.
	// The value of the annotation must be a valid JSON string in the format
	// specified by type NegAnnotation. To enable, must have either Ingress: true
	// or a non-empty ExposedPorts map referencing valid ServicePorts.
	// examples:
	// - `{"exposed_ports":{"80":{},"443":{}}}`
	// - `{"ingress":true}`
	// - `{"ingress": true,"exposed_ports":{"3000":{},"4000":{}}}`
	NEGAnnotationKey = "cloud.google.com/neg"

	// NEGStatusKey is the annotation key whose value is the status of the NEGs
	// on the Service, and is applied by the NEG Controller.
	NEGStatusKey = "cloud.google.com/neg-status"

	// BetaBackendConfigKey is a stringified JSON with two fields:
	// - "ports": a map of port names or port numbers to backendConfig names
	// - "default": denotes the default backendConfig name for all ports except
	// those are explicitly referenced.
	// Examples:
	// - '{"ports":{"my-https-port":"config-https","my-http-port":"config-http"}}'
	// - '{"default":"config-default","ports":{"my-https-port":"config-https"}}'
	BetaBackendConfigKey = "beta.cloud.google.com/backend-config"

	// BackendConfigKey is GA version of backend config key.
	BackendConfigKey = "cloud.google.com/backend-config"

	// ProtocolHTTP protocol for a service
	ProtocolHTTP AppProtocol = "HTTP"
	// ProtocolHTTPS protocol for a service
	ProtocolHTTPS AppProtocol = "HTTPS"
	// ProtocolHTTP2 protocol for a service
	ProtocolHTTP2 AppProtocol = "HTTP2"
)

Variables

View Source
var (
	ErrBackendConfigNoneFound         = errors.New("no BackendConfig's found in annotation")
	ErrBackendConfigInvalidJSON       = errors.New("BackendConfig annotation is invalid json")
	ErrBackendConfigAnnotationMissing = errors.New("BackendConfig annotation is missing")
	ErrNEGAnnotationInvalid           = errors.New("NEG annotation is invalid.")
)

Functions

func OnlyNEGStatusChanged added in v1.9.0

func OnlyNEGStatusChanged(oldService, newService *v1.Service) bool

OnlyNEGStatusChanged returns true if the only annotation change between the 2 services is the NEG status annotation. This will be true if neg annotation was added or removed in the new service. Note : This assumes that the annotations in old and new service are different. If they are identical, this will return true.

func WantsL4ILB added in v1.9.0

func WantsL4ILB(service *v1.Service) (bool, string)

WantsL4ILB checks if the given service requires L4 ILB. the function returns a boolean as well as the loadbalancer type(string).

Types

type AppProtocol

type AppProtocol string

AppProtocol describes the service protocol.

type BackendConfigs added in v1.2.2

type BackendConfigs struct {
	Default string            `json:"default,omitempty"`
	Ports   map[string]string `json:"ports,omitempty"`
}

type DestinationRuleNEGStatus added in v1.7.0

type DestinationRuleNEGStatus struct {
	NetworkEndpointGroups PortSubsetNegMap `json:"network_endpoint_groups,omitempty"`
	// Zones is a list of zones where the NEGs exist.
	Zones []string `json:"zones,omitempty"`
}

DestinationRuleNEGStatus holds the NEGs Zones info. NetworkEndpointGroups(PortSubsetNegMap) is the mapping between subset to NEG name. Structure:

{
	"subsetv1": {
				 "9080": "somehash-default-reviews-v1-9080",
	  }
	 "v2": {
				"9080": "somehash-default-reviews-v2-9080",
	   }
}

func NewDestinationRuleNegStatus added in v1.7.0

func NewDestinationRuleNegStatus(zones []string, portSubsetToNegs PortSubsetNegMap) DestinationRuleNEGStatus

NewDestinationRuleNegStatus generates a NegStatus denoting the current NEGs associated with the given PortSubsetNegMap.

func ParseDestinationRuleNEGStatus added in v1.8.0

func ParseDestinationRuleNEGStatus(annotation string) (DestinationRuleNEGStatus, error)

ParseDestinationRuleNEGStatus parses the given annotation into DestinationRuleNEGStatus struct

func (DestinationRuleNEGStatus) Marshal added in v1.7.0

func (ns DestinationRuleNEGStatus) Marshal() (string, error)

Marshal returns the DestinationRuleNEGStatus in json string.

type Ingress

type Ingress struct {
	// contains filtered or unexported fields
}

Ingress represents ingress annotations.

func FromIngress

func FromIngress(ing *v1beta1.Ingress) *Ingress

FromIngress extracts the annotations from an Ingress definition.

func (*Ingress) AllowHTTP

func (ing *Ingress) AllowHTTP() bool

AllowHTTP returns the allowHTTP flag. True by default.

func (*Ingress) FrontendConfig added in v1.6.0

func (ing *Ingress) FrontendConfig() string

func (*Ingress) IngressClass

func (ing *Ingress) IngressClass() string

func (*Ingress) StaticIPName

func (ing *Ingress) StaticIPName() string

func (*Ingress) SuppressFirewallXPNError added in v1.4.0

func (ing *Ingress) SuppressFirewallXPNError() bool

SuppressFirewallXPNError returns the SuppressFirewallXPNErrorKey flag. False by default.

func (*Ingress) UseNamedTLS

func (ing *Ingress) UseNamedTLS() string

UseNamedTLS returns the name of the GCE SSL certificate. Empty by default.

type NegAnnotation added in v1.2.2

type NegAnnotation struct {
	// "Ingress" indicates whether to enable NEG feature for Ingress referencing
	// the service. Each NEG correspond to a service port.
	// NEGs will be created and managed under the following conditions:
	// 1. Service is referenced by ingress
	// 2. "ingress" is set to "true". Default to "false"
	// When the above conditions are satisfied, Ingress will create a load balancer
	//  and target corresponding NEGs as backends. Service Nodeport is not required.
	Ingress bool `json:"ingress,omitempty"`
	// ExposedPorts specifies the service ports to be exposed as stand-alone NEG.
	// The exposed NEGs will be created and managed by NEG controller.
	// ExposedPorts maps ServicePort to attributes of the NEG that should be
	// associated with the ServicePort.
	ExposedPorts map[int32]NegAttributes `json:"exposed_ports,omitempty"`
}

NegAnnotation is the format of the annotation associated with the NEGAnnotationKey key.

func (*NegAnnotation) NEGEnabled added in v1.3.1

func (n *NegAnnotation) NEGEnabled() bool

NEGExposed is true if the service uses NEG

func (*NegAnnotation) NEGEnabledForIngress added in v1.3.1

func (n *NegAnnotation) NEGEnabledForIngress() bool

NEGEnabledForIngress returns true if the annotation is to be applied on Ingress-referenced ports

func (*NegAnnotation) NEGExposed added in v1.3.1

func (n *NegAnnotation) NEGExposed() bool

NEGExposed is true if the service exposes NEGs

func (*NegAnnotation) String added in v1.6.0

func (n *NegAnnotation) String() string

type NegAttributes added in v1.2.2

type NegAttributes struct {
	// Note - in the future, this will be used for custom naming of NEGs.
	// Currently has no effect.
	Name string `json:"name,omitempty"`
}

NegAttributes houses the attributes of the NEGs that are associated with the service. Future extensions to the Expose NEGs annotation should be added here.

type NegStatus added in v1.6.0

type NegStatus struct {
	// NetworkEndpointGroups returns the mapping between service port and NEG
	// resource. key is service port, value is the name of the NEG resource.
	NetworkEndpointGroups PortNegMap `json:"network_endpoint_groups,omitempty"`
	// Zones is a list of zones where the NEGs exist.
	Zones []string `json:"zones,omitempty"`
}

NegStatus contains name and zone of the Network Endpoint Group resources associated with this service

func NewNegStatus added in v1.6.0

func NewNegStatus(zones []string, portToNegs PortNegMap) NegStatus

NewNegStatus generates a NegStatus denoting the current NEGs associated with the given ports.

func ParseNegStatus added in v1.6.0

func ParseNegStatus(annotation string) (NegStatus, error)

ParseNegStatus parses the given annotation into NEG status struct

func (NegStatus) Marshal added in v1.6.0

func (ns NegStatus) Marshal() (string, error)

type PortNegMap added in v1.6.0

type PortNegMap map[string]string

PortNegMap is the mapping between service port to NEG name

type PortSubsetNegMap added in v1.7.0

type PortSubsetNegMap map[string]map[string]string

PortSubsetNegMap is the mapping between subset to NEG name.

type Service

type Service struct {
	// contains filtered or unexported fields
}

Service represents Service annotations.

func FromService

func FromService(obj *v1.Service) *Service

FromService extracts the annotations from an Service definition.

func (*Service) ApplicationProtocols

func (svc *Service) ApplicationProtocols() (map[string]AppProtocol, error)

ApplicationProtocols returns a map of port (name or number) to the protocol on the port.

func (*Service) GetBackendConfigs added in v1.2.2

func (svc *Service) GetBackendConfigs() (*BackendConfigs, error)

GetBackendConfigs returns BackendConfigs for the service.

func (*Service) NEGAnnotation added in v1.3.1

func (svc *Service) NEGAnnotation() (*NegAnnotation, bool, error)

NEGAnnotation returns true if NEG annotation is found. If found, it also returns NEG annotation struct.

func (*Service) NEGStatus added in v1.6.0

func (svc *Service) NEGStatus() (*NegStatus, bool, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL