network

package
v0.10.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 9, 2019 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Overview

+k8s:deepcopy-gen=package Package network holds the typed objects that define the schemas for configuring the knative/serving networking layer.

Index

Constants

View Source
const (
	// ProbeHeaderName is the name of a header that can be added to
	// requests to probe the knative networking layer.  Requests
	// with this header will not be passed to the user container or
	// included in request metrics.
	ProbeHeaderName = "K-Network-Probe"

	// ProxyHeaderName is the name of an internal header that activator
	// uses to mark requests going through it.
	ProxyHeaderName = "K-Proxy-Request"

	// HashHeaderName is the name of an internal header that Ingress controller
	// uses to find out which version of the networking config is deployed.
	HashHeaderName = "K-Network-Hash"

	// OriginalHostHeader is used to avoid Istio host based routing rules
	// in Activator.
	// The header contains the original Host value that can be rewritten
	// at the Queue proxy level back to be a host header.
	OriginalHostHeader = "K-Original-Host"

	// ConfigName is the name of the configmap containing all
	// customizations for networking features.
	ConfigName = "config-network"

	// IstioOutboundIPRangesKey is the name of the configuration entry
	// that specifies Istio outbound ip ranges.
	IstioOutboundIPRangesKey = "istio.sidecar.includeOutboundIPRanges"

	// DeprecatedDefaultIngressClassKey  Please use DefaultIngressClassKey instead.
	DeprecatedDefaultIngressClassKey = "clusteringress.class"

	// DefaultIngressClassKey is the name of the configuration entry
	// that specifies the default Ingress.
	DefaultIngressClassKey = "ingress.class"

	// DefaultCertificateClassKey is the name of the configuration entry
	// that specifies the default Certificate.
	DefaultCertificateClassKey = "certificate.class"

	// IstioIngressClassName value for specifying knative's Istio
	// Ingress reconciler.
	IstioIngressClassName = "istio.ingress.networking.knative.dev"

	// CertManagerCertificateClassName value for specifying Knative's Cert-Manager
	// Certificate reconciler.
	CertManagerCertificateClassName = "cert-manager.certificate.networking.internal.knative.dev"

	// DomainTemplateKey is the name of the configuration entry that
	// specifies the golang template string to use to construct the
	// Knative service's DNS name.
	DomainTemplateKey = "domainTemplate"

	// TagTemplateKey is the name of the configuration entry that
	// specifies the golang template string to use to construct the
	// hostname for a Route's tag.
	TagTemplateKey = "tagTemplate"

	// Since K8s 1.8, prober requests have
	//   User-Agent = "kube-probe/{major-version}.{minor-version}".
	KubeProbeUAPrefix = "kube-probe/"

	// Istio with mTLS rewrites probes, but their probes pass a different
	// user-agent.  So we augment the probes with this header.
	KubeletProbeHeaderName = "K-Kubelet-Probe"

	// DefaultConnTimeout specifies a short default connection timeout
	// to avoid hitting the issue fixed in
	// https://github.com/kubernetes/kubernetes/pull/72534 but only
	// avalailable after Kubernetes 1.14.
	//
	// Our connections are usually between pods in the same cluster
	// like activator <-> queue-proxy, or even between containers
	// within the same pod queue-proxy <-> user-container, so a
	// smaller connect timeout would be justifiable.
	//
	// We should consider exposing this as a configuration.
	DefaultConnTimeout = 200 * time.Millisecond

	// DefaultDomainTemplate is the default golang template to use when
	// constructing the Knative Route's Domain(host)
	DefaultDomainTemplate = "{{.Name}}.{{.Namespace}}.{{.Domain}}"

	// DefaultTagTemplate is the default golang template to use when
	// constructing the Knative Route's tag names.
	DefaultTagTemplate = "{{.Tag}}-{{.Name}}"

	// AutoTLSKey is the name of the configuration entry
	// that specifies enabling auto-TLS or not.
	AutoTLSKey = "autoTLS"

	// HTTPProtocolKey is the name of the configuration entry that
	// specifies the HTTP endpoint behavior of Knative ingress.
	HTTPProtocolKey = "httpProtocol"

	// UserAgentKey is the constant for header "User-Agent".
	UserAgentKey = "User-Agent"

	// ActivatorUserAgent is the user-agent header value set in probe requests sent
	// from activator.
	ActivatorUserAgent = "Knative-Activator-Probe"

	// QueueProxyUserAgent is the user-agent header value set in probe requests sent
	// from queue-proxy.
	QueueProxyUserAgent = "Knative-Queue-Proxy-Probe"
)

Variables

View Source
var AutoTransport = NewAutoTransport()

AutoTransport uses h2c for HTTP2 requests and falls back to `http.DefaultTransport` for all others

View Source
var ProbeHeaderValue = "probe"

ProbeHeaderValue is the value used in 'K-Network-Probe'

Functions

func ErrorHandler added in v0.9.0

func ErrorHandler(logger *zap.SugaredLogger) func(http.ResponseWriter, *http.Request, error)

ErrorHandler sets up a handler suitable for use with the ErrorHandler field on httputil's reverse proxy.

func IsKubeletProbe added in v0.6.0

func IsKubeletProbe(r *http.Request) bool

IsKubeletProbe returns true if the request is a Kubernetes probe.

func IsProbe added in v0.8.0

func IsProbe(r *http.Request) bool

IsProbe returns true if the request is a Kubernetes probe or a Knative probe, i.e. non-empty ProbeHeaderName header.

func KnativeProbeHeader added in v0.8.0

func KnativeProbeHeader(r *http.Request) string

KnativeProbeHeader returns the value for key ProbeHeaderName in request headers.

func KnativeProxyHeader added in v0.8.0

func KnativeProxyHeader(r *http.Request) string

KnativeProxyHeader returns the value for key ProxyHeaderName in request headers.

func NewAutoTransport added in v0.6.0

func NewAutoTransport() http.RoundTripper

NewAutoTransport creates a RoundTripper that can use appropriate transport based on the request's HTTP version.

func NewH2CTransport added in v0.6.0

func NewH2CTransport() http.RoundTripper

NewH2CTransport constructs a new H2C transport. That transport will reroute all HTTPS traffic to HTTP. This is to explicitly allow h2c (http2 without TLS) transport. See https://github.com/golang/go/issues/14141 for more details.

func NewProbeHandler added in v0.9.0

func NewProbeHandler(next http.Handler) http.Handler

NewProbeHandler wraps a HTTP handler handling probing requests around the provided HTTP handler

func NewProberTransport added in v0.8.0

func NewProberTransport() http.RoundTripper

NewProberTransport creates a RoundTripper that is useful for probing, since it will not cache connections.

func NewServer added in v0.6.0

func NewServer(addr string, h http.Handler) *http.Server

NewServer returns a new HTTP Server with HTTP2 handler.

func RewriteHostIn added in v0.6.0

func RewriteHostIn(r *http.Request)

RewriteHostIn removes the `Host` header from the inbound (server) request and replaces it with our custom header. This is done to avoid Istio Host based routing, see #3870. Queue-Proxy will execute the reverse process.

func RewriteHostOut added in v0.6.0

func RewriteHostOut(r *http.Request)

RewriteHostOut undoes the `RewriteHostIn` action. RewriteHostOut checks if network.OriginalHostHeader was set and if it was, then uses that as the r.Host (which takes priority over Request.Header["Host"]). If the request did not have the OriginalHostHeader header set, the request is untouched.

Types

type Config

type Config struct {
	// IstioOutboundIPRange specifies the IP ranges to intercept
	// by Istio sidecar.
	IstioOutboundIPRanges string

	// DefaultIngressClass specifies the default Ingress class.
	DefaultIngressClass string

	// DomainTemplate is the golang text template to use to generate the
	// Route's domain (host) for the Service.
	DomainTemplate string

	// TagTemplate is the golang text template to use to generate the
	// Route's tag hostnames.
	TagTemplate string

	// AutoTLS specifies if auto-TLS is enabled or not.
	AutoTLS bool

	// HTTPProtocol specifics the behavior of HTTP endpoint of Knative
	// ingress.
	HTTPProtocol HTTPProtocol

	// DefaultCertificateClass specifies the default Certificate class.
	DefaultCertificateClass string
}

Config contains the networking configuration defined in the network config map.

func NewConfigFromConfigMap

func NewConfigFromConfigMap(configMap *corev1.ConfigMap) (*Config, error)

NewConfigFromConfigMap creates a Config from the supplied ConfigMap

func (*Config) DeepCopy

func (in *Config) DeepCopy() *Config

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Config.

func (*Config) DeepCopyInto

func (in *Config) DeepCopyInto(out *Config)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Config) GetDomainTemplate added in v0.6.0

func (c *Config) GetDomainTemplate() *template.Template

GetDomainTemplate returns the golang Template from the config map or panics (the value is validated during CM validation and at this point guaranteed to be parseable).

func (*Config) GetTagTemplate added in v0.7.0

func (c *Config) GetTagTemplate() *template.Template

type DomainTemplateValues added in v0.6.0

type DomainTemplateValues struct {
	Name        string
	Namespace   string
	Domain      string
	Annotations map[string]string
}

DomainTemplateValues are the available properties people can choose from in their Route's "DomainTemplate" golang template sting. We could add more over time - e.g. RevisionName if we thought that might be of interest to people.

func (*DomainTemplateValues) DeepCopy added in v0.6.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainTemplateValues.

func (*DomainTemplateValues) DeepCopyInto added in v0.6.0

func (in *DomainTemplateValues) DeepCopyInto(out *DomainTemplateValues)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTPProtocol added in v0.6.0

type HTTPProtocol string

HTTPProtocol indicates a type of HTTP endpoint behavior that Knative ingress could take.

const (
	// HTTPEnabled represents HTTP proocol is enabled in Knative ingress.
	HTTPEnabled HTTPProtocol = "enabled"

	// HTTPDisabled represents HTTP protocol is disabled in Knative ingress.
	HTTPDisabled HTTPProtocol = "disabled"

	// HTTPRedirected represents HTTP connection is redirected to HTTPS in Knative ingress.
	HTTPRedirected HTTPProtocol = "redirected"
)

type RoundTripperFunc added in v0.6.0

type RoundTripperFunc func(*http.Request) (*http.Response, error)

RoundTripperFunc implementation roundtrips a request.

func (RoundTripperFunc) RoundTrip added in v0.6.0

func (rt RoundTripperFunc) RoundTrip(r *http.Request) (*http.Response, error)

RoundTrip implements http.RoundTripper.

type TagTemplateValues added in v0.7.0

type TagTemplateValues struct {
	Name string
	Tag  string
}

TagTemplateValues are the available properties people can choose from in their Route's "TagTemplate" golang template sting.

func (*TagTemplateValues) DeepCopy added in v0.7.0

func (in *TagTemplateValues) DeepCopy() *TagTemplateValues

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TagTemplateValues.

func (*TagTemplateValues) DeepCopyInto added in v0.7.0

func (in *TagTemplateValues) DeepCopyInto(out *TagTemplateValues)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Directories

Path Synopsis
Package prober contains functionality for implementing probing in knative serving.
Package prober contains functionality for implementing probing in knative serving.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL