resources

package
v0.39.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 22, 2024 License: Apache-2.0 Imports: 36 Imported by: 1

Documentation

Overview

Package resources holds simple functions for synthesizing child resources from an Ingress resource and any relevant Ingress controller configuration.

Index

Constants

View Source
const (
	// ServingGroupName is the group name for Knative serving labels
	// and annotations
	ServingGroupName = "serving.knative.dev"
	// RouteLabelKey is the label key attached to a Configuration
	// indicating by which Route it is configured as traffic target.
	// The key is also attached to Revision resources to indicate they
	// are directly referenced by a Route, or are a child of a
	// Configuration which is referenced by a Route.  The key can also
	// be attached to Ingress resources to indicate which Route
	// triggered their creation.  The key is also attached to k8s
	// Service resources to indicate which Route triggered their
	// creation.
	RouteLabelKey = ServingGroupName + "/route"
	// RouteNamespaceLabelKey is the label key attached to a Ingress
	// by a Route to indicate which namespace the Route was created in.
	RouteNamespaceLabelKey = ServingGroupName + "/routeNamespace"
)
View Source
const (
	GatewayHTTPPort = 80
)

GatewayHTTPPort is the HTTP port the gateways listen on.

Variables

This section is empty.

Functions

func CategorizeSecrets added in v0.15.0

func CategorizeSecrets(secrets map[string]*corev1.Secret) (map[string]*corev1.Secret, map[string]*corev1.Secret, error)

CategorizeSecrets categorizes secrets into two sets: wildcard cert secrets and non-wildcard cert secrets.

func ExtractOriginSecretRef added in v0.36.0

func ExtractOriginSecretRef(secret *corev1.Secret) tracker.Reference

ExtractOriginSecretRef extracts the origin secret from a certificate

func GatewayName

func GatewayName(accessor kmeta.Accessor, gatewaySvc *corev1.Service) string

GatewayName create a name for the Gateway that is built based on the given Ingress and bonds to the given ingress gateway service.

func GatewayRef added in v0.16.0

func GatewayRef(gw *v1beta1.Gateway) tracker.Reference

GatewayRef returns the Reference for a give Gateway.

func GenerateCertificate added in v0.16.0

func GenerateCertificate(hosts []string, secretName string, namespace string) (*corev1.Secret, error)

func GetHTTPServer

func GetHTTPServer(gateway *v1beta1.Gateway) *istiov1beta1.Server

GetHTTPServer gets the HTTP `Server` from `Gateway`.

func GetHostsFromCertSecret added in v0.15.0

func GetHostsFromCertSecret(secret *corev1.Secret) ([]string, error)

GetHostsFromCertSecret gets cert hosts from cert secret.

func GetIngressGatewaySvcNameNamespaces

func GetIngressGatewaySvcNameNamespaces(ctx context.Context) ([]metav1.ObjectMeta, error)

GetIngressGatewaySvcNameNamespaces gets the Istio ingress namespaces from ConfigMap. TODO(nghia): Remove this by parsing at config parsing time.

func GetNonWildcardIngressTLS added in v0.16.0

func GetNonWildcardIngressTLS(ingressTLS []v1alpha1.IngressTLS, nonWildcardSecrest map[string]*corev1.Secret) []v1alpha1.IngressTLS

GetNonWildcardIngressTLS gets Ingress TLS that do not reference wildcard certificates.

func GetQualifiedGatewayNames added in v0.15.0

func GetQualifiedGatewayNames(gateways []*v1beta1.Gateway) []string

GetQualifiedGatewayNames return the qualified Gateway names for the given Gateways.

func GetSecrets

func GetSecrets(ing *v1alpha1.Ingress, secretLister corev1listers.SecretLister) (map[string]*corev1.Secret, error)

GetSecrets gets the all of the secrets referenced by the given Ingress, and returns a map whose key is the a secret namespace/name key and value is pointer of the secret.

func GetServers

func GetServers(gateway *v1beta1.Gateway, ing *v1alpha1.Ingress) []*istiov1beta1.Server

GetServers gets the `Servers` from `Gateway` that belongs to the given Ingress.

func MakeHTTPServer

func MakeHTTPServer(httpOption v1alpha1.HTTPOption, hosts []string) *istiov1beta1.Server

MakeHTTPServer creates a HTTP Gateway `Server` based on the HTTP option configuration.

func MakeIngressGateways

func MakeIngressGateways(ctx context.Context, ing *v1alpha1.Ingress, servers []*istiov1beta1.Server, svcLister corev1listers.ServiceLister) ([]*v1beta1.Gateway, error)

MakeIngressGateways creates Gateways with given Servers for a given Ingress.

func MakeIngressTLSGateways added in v0.17.0

func MakeIngressTLSGateways(ctx context.Context, ing *v1alpha1.Ingress, ingressTLS []v1alpha1.IngressTLS, originSecrets map[string]*corev1.Secret, svcLister corev1listers.ServiceLister) ([]*v1beta1.Gateway, error)

MakeIngressTLSGateways creates Gateways that have only TLS servers for a given Ingress.

func MakeIngressVirtualService

func MakeIngressVirtualService(ing *v1alpha1.Ingress, gateways map[v1alpha1.IngressVisibility]sets.Set[string]) *v1beta1.VirtualService

MakeIngressVirtualService creates Istio VirtualService as network programming for Istio Gateways other than 'mesh'.

func MakeInternalEncryptionDestinationRule added in v0.39.0

func MakeInternalEncryptionDestinationRule(host string, ing *v1alpha1.Ingress, http2 bool) *v1beta1.DestinationRule

MakeInternalEncryptionDestinationRule creates a DestinationRule that enables upstream TLS on for the specified host

func MakeMeshVirtualService

func MakeMeshVirtualService(ing *v1alpha1.Ingress, gateways map[v1alpha1.IngressVisibility]sets.Set[string]) *v1beta1.VirtualService

MakeMeshVirtualService creates a mesh Virtual Service

func MakeSecrets

func MakeSecrets(ctx context.Context, originSecrets map[string]*corev1.Secret, accessor kmeta.OwnerRefableAccessor) ([]*corev1.Secret, error)

MakeSecrets makes copies of the origin Secrets under the namespace of Istio gateway service.

func MakeTLSServers

func MakeTLSServers(ing *v1alpha1.Ingress, ingressTLS []v1alpha1.IngressTLS, gatewayServiceNamespace string, originSecrets map[string]*corev1.Secret) ([]*istiov1beta1.Server, error)

MakeTLSServers creates the expected Gateway TLS `Servers` based on the given IngressTLS.

func MakeTargetSecretAnnotations added in v0.36.0

func MakeTargetSecretAnnotations(originSecretName string) map[string]string

MakeTargetSecretAnnotations returns the annotations used in target secret.

func MakeTargetSecretLabels

func MakeTargetSecretLabels(originSecretName, originSecretNamespace string) map[string]string

MakeTargetSecretLabels returns the labels used in target secret.

func MakeVirtualServices

func MakeVirtualServices(ing *v1alpha1.Ingress, gateways map[v1alpha1.IngressVisibility]sets.Set[string]) ([]*v1beta1.VirtualService, error)

MakeVirtualServices creates a mesh VirtualService and a virtual service for each gateway

func MakeWildcardSecrets added in v0.15.0

func MakeWildcardSecrets(ctx context.Context, originWildcardCerts map[string]*corev1.Secret) ([]*corev1.Secret, error)

MakeWildcardSecrets copies wildcard certificates from origin namespace to the namespace of gateway servicess so they could consumed by Istio ingress.

func MakeWildcardTLSGateways added in v0.24.0

func MakeWildcardTLSGateways(ctx context.Context, originWildcardSecrets map[string]*corev1.Secret,
	svcLister corev1listers.ServiceLister) ([]*v1beta1.Gateway, error)

MakeWildcardTLSGateways creates gateways that only contain TLS server with wildcard hosts based on the wildcard secret information. For each public ingress service, we will create a list of Gateways. Each Gateway of the list corresponds to a wildcard cert secret.

func SecretRef

func SecretRef(namespace, name string) tracker.Reference

SecretRef returns the Reference of a secret given the namespace and name of the secret.

func SortServers

func SortServers(servers []*istiov1beta1.Server) []*istiov1beta1.Server

SortServers sorts `Server` according to its port name.

func UpdateGateway

func UpdateGateway(gateway *v1beta1.Gateway, want []*istiov1beta1.Server, existing []*istiov1beta1.Server) *v1beta1.Gateway

UpdateGateway replaces the existing servers with the wanted servers.

func VirtualServiceNamespace

func VirtualServiceNamespace(ing *v1alpha1.Ingress) string

VirtualServiceNamespace gives the namespace of the child VirtualServices for a given Ingress.

func WildcardGatewayName added in v0.15.0

func WildcardGatewayName(secretName, gatewayServiceNamespace, gatewayServiceName string) string

WildcardGatewayName creates the name of wildcard Gateway.

Types

This section is empty.

Directories

Path Synopsis
Package names holds simple functions for synthesizing resource names.
Package names holds simple functions for synthesizing resource names.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL