resources

package
v0.41.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 24, 2024 License: Apache-2.0 Imports: 37 Imported by: 1

Documentation

Overview

Package resources holds simple functions for synthesizing child resources from an Ingress resource and any relevant Ingress controller configuration.

Index

Constants

View Source 
const (
	GatewayHTTPPort              = 80
	ExternalGatewayHTTPSPort     = 443
	ClusterLocalGatewayHTTPSPort = 8444
)
View Source 
const (
	// ServingGroupName is the group name for Knative serving labels
	// and annotations
	ServingGroupName = "serving.knative.dev"
	// RouteLabelKey is the label key attached to a Configuration
	// indicating by which Route it is configured as traffic target.
	// The key is also attached to Revision resources to indicate they
	// are directly referenced by a Route, or are a child of a
	// Configuration which is referenced by a Route.  The key can also
	// be attached to Ingress resources to indicate which Route
	// triggered their creation.  The key is also attached to k8s
	// Service resources to indicate which Route triggered their
	// creation.
	RouteLabelKey = ServingGroupName + "/route"
	// RouteNamespaceLabelKey is the label key attached to a Ingress
	// by a Route to indicate which namespace the Route was created in.
	RouteNamespaceLabelKey = ServingGroupName + "/routeNamespace"
)

Variables

This section is empty.

Functions

func CategorizeSecrets added in v0.15.0 

func CategorizeSecrets(secrets map[string]*corev1.Secret) (map[string]*corev1.Secret, map[string]*corev1.Secret, error)

CategorizeSecrets categorizes secrets into two sets: wildcard cert secrets and non-wildcard cert secrets.

func ExtractOriginSecretRef added in v0.36.0 

func ExtractOriginSecretRef(secret *corev1.Secret) tracker.Reference

ExtractOriginSecretRef extracts the origin secret from a certificate

func GatewayName 

func GatewayName(accessor kmeta.Accessor, visibility v1alpha1.IngressVisibility, gatewaySvc *corev1.Service) string

GatewayName create a name for the Gateway that is built based on the given Ingress and bonds to the given ingress gateway service.

func GatewayRef added in v0.16.0 

func GatewayRef(gw *v1beta1.Gateway) tracker.Reference

GatewayRef returns the Reference for a give Gateway.

func GatewaysFromContext added in v0.41.0 

func GatewaysFromContext(ctx context.Context, obj kmeta.Accessor) (map[v1alpha1.IngressVisibility][]config.Gateway, error)

GatewaysFromContext get gateways relevant to this ingress from context.

func GenerateCertificate added in v0.16.0 

func GenerateCertificate(hosts []string, secretName string, namespace string) (*corev1.Secret, error)

func GetHTTPServer 

func GetHTTPServer(gateway *v1beta1.Gateway) *istiov1beta1.Server

GetHTTPServer gets the HTTP `Server` from `Gateway`.

func GetHostsFromCertSecret added in v0.15.0 

func GetHostsFromCertSecret(secret *corev1.Secret) ([]string, error)

GetHostsFromCertSecret gets cert hosts from cert secret.

func GetIngressGatewaySvcNameNamespaces 

func GetIngressGatewaySvcNameNamespaces(ctx context.Context, obj kmeta.Accessor) ([]metav1.ObjectMeta, error)

GetIngressGatewaySvcNameNamespaces gets the Istio ingress namespaces from ConfigMap for gateways that should expose the service.

func GetNonWildcardIngressTLS added in v0.16.0 

func GetNonWildcardIngressTLS(ingressTLS []v1alpha1.IngressTLS, nonWildcardSecrets map[string]*corev1.Secret) []v1alpha1.IngressTLS

GetNonWildcardIngressTLS gets Ingress TLS that do not reference wildcard certificates.

func GetQualifiedGatewayNames added in v0.15.0 

func GetQualifiedGatewayNames(gateways []*v1beta1.Gateway) []string

GetQualifiedGatewayNames return the qualified Gateway names for the given Gateways.

func GetSecrets 

func GetSecrets(ing *v1alpha1.Ingress, visibility v1alpha1.IngressVisibility, secretLister corev1listers.SecretLister) (map[string]*corev1.Secret, error)

GetSecrets gets the all the secrets referenced by the given Ingress and visibility. Returns a map whose key is the secret namespace/name key and value is pointer of the secret.

func GetServers 

func GetServers(gateway *v1beta1.Gateway, ing *v1alpha1.Ingress) []*istiov1beta1.Server

GetServers gets the `Servers` from `Gateway` that belongs to the given Ingress.

func MakeExternalIngressGateways added in v0.41.0 

func MakeExternalIngressGateways(ctx context.Context, ing *v1alpha1.Ingress, servers []*istiov1beta1.Server, svcLister corev1listers.ServiceLister) ([]*v1beta1.Gateway, error)

MakeExternalIngressGateways creates Gateways with given Servers for a given Ingress.

func MakeHTTPServer 

func MakeHTTPServer(httpOption v1alpha1.HTTPOption, hosts []string) *istiov1beta1.Server

MakeHTTPServer creates a HTTP Gateway `Server` based on the HTTP option configuration.

func MakeIngressTLSGateways added in v0.17.0 

func MakeIngressTLSGateways(ctx context.Context, ing *v1alpha1.Ingress, visibility v1alpha1.IngressVisibility,
	ingressTLS []v1alpha1.IngressTLS, originSecrets map[string]*corev1.Secret, svcLister corev1listers.ServiceLister) ([]*v1beta1.Gateway, error)

MakeIngressTLSGateways creates Gateways that have only TLS servers for a given Ingress.

func MakeIngressVirtualService 

func MakeIngressVirtualService(ing *v1alpha1.Ingress, gateways map[v1alpha1.IngressVisibility]sets.Set[string]) *v1beta1.VirtualService

MakeIngressVirtualService creates Istio VirtualService as network programming for Istio Gateways other than 'mesh'.

func MakeInternalEncryptionDestinationRule added in v0.39.0 

func MakeInternalEncryptionDestinationRule(host string, ing *v1alpha1.Ingress, http2 bool) *v1beta1.DestinationRule

MakeInternalEncryptionDestinationRule creates a DestinationRule that enables upstream TLS on for the specified host

func MakeMeshVirtualService 

func MakeMeshVirtualService(ing *v1alpha1.Ingress, gateways map[v1alpha1.IngressVisibility]sets.Set[string]) *v1beta1.VirtualService

MakeMeshVirtualService creates a mesh Virtual Service

func MakeSecrets 

func MakeSecrets(ctx context.Context, originSecrets map[string]*corev1.Secret, ing *v1alpha1.Ingress) ([]*corev1.Secret, error)

MakeSecrets makes copies of the origin Secrets under the namespace of Istio gateway service.

func MakeTLSServers 

func MakeTLSServers(ing *v1alpha1.Ingress, visibility v1alpha1.IngressVisibility, ingressTLS []v1alpha1.IngressTLS, gatewayServiceNamespace string, originSecrets map[string]*corev1.Secret) ([]*istiov1beta1.Server, error)

MakeTLSServers creates the expected Gateway TLS `Servers` based on the given IngressTLS.

func MakeTargetSecretAnnotations added in v0.36.0 

func MakeTargetSecretAnnotations(originSecretName string) map[string]string

MakeTargetSecretAnnotations returns the annotations used in target secret.

func MakeTargetSecretLabels 

func MakeTargetSecretLabels(originSecretName, originSecretNamespace string) map[string]string

MakeTargetSecretLabels returns the labels used in target secret.

func MakeVirtualServices 

func MakeVirtualServices(ing *v1alpha1.Ingress, gateways map[v1alpha1.IngressVisibility]sets.Set[string]) ([]*v1beta1.VirtualService, error)

MakeVirtualServices creates a mesh VirtualService and a virtual service for each gateway

func MakeWildcardSecrets added in v0.15.0 

func MakeWildcardSecrets(ctx context.Context, originWildcardCerts map[string]*corev1.Secret, ing *v1alpha1.Ingress) ([]*corev1.Secret, error)

MakeWildcardSecrets copies wildcard certificates from origin namespace to the namespace of gateway services, so they can be consumed by Istio ingress.

func MakeWildcardTLSGateways added in v0.24.0 

func MakeWildcardTLSGateways(ctx context.Context, ing *v1alpha1.Ingress, originWildcardSecrets map[string]*corev1.Secret,
	svcLister corev1listers.ServiceLister) ([]*v1beta1.Gateway, error)

MakeWildcardTLSGateways creates gateways that only contain TLS server with wildcard hosts based on the wildcard secret information. Gateways generated are based on the related ingress being reconciled. For each public ingress service, we will create a list of Gateways. Each Gateway of the list corresponds to a wildcard cert secret.

func QualifiedGatewayNamesFromContext added in v0.41.0 

func QualifiedGatewayNamesFromContext(ctx context.Context, obj kmeta.Accessor) (map[v1alpha1.IngressVisibility]sets.Set[string], error)

QualifiedGatewayNamesFromContext get gateway names from context.

func SecretRef 

func SecretRef(namespace, name string) tracker.Reference

SecretRef returns the Reference of a secret given the namespace and name of the secret.

func SortServers 

func SortServers(servers []*istiov1beta1.Server) []*istiov1beta1.Server

SortServers sorts `Server` according to its port name.

func UpdateGateway 

func UpdateGateway(gateway *v1beta1.Gateway, want []*istiov1beta1.Server, existing []*istiov1beta1.Server) *v1beta1.Gateway

UpdateGateway replaces the existing servers with the wanted servers.

func VirtualServiceNamespace 

func VirtualServiceNamespace(ing *v1alpha1.Ingress) string

VirtualServiceNamespace gives the namespace of the child VirtualServices for a given Ingress.

func WildcardGatewayName added in v0.15.0 

func WildcardGatewayName(secretName, gatewayServiceNamespace, gatewayServiceName string) string

WildcardGatewayName creates the name of wildcard Gateway.

Types

This section is empty.

Source Files

View all Source files

Directories

Path Synopsis
Package names holds simple functions for synthesizing resource names.
 Package names holds simple functions for synthesizing resource names.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.