Documentation
¶
Index ¶
- Constants
- func GenerateTemplateFromParams(params *Params) (string, error)
- func InitImageName(hub string, tag string, _ bool) string
- func IntoResourceFile(sidecarTemplate string, meshconfig *meshconfig.MeshConfig, in io.Reader, ...) error
- func ProxyImageName(hub string, tag string, debug bool) string
- type Config
- type InjectionPolicy
- type Params
- type SidecarInjectionSpec
- type SidecarInjectionStatus
- type SidecarTemplateData
- type Webhook
- type WebhookParameters
Constants ¶
const ( DefaultSidecarProxyUID = uint64(1337) DefaultVerbosity = 2 DefaultImagePullPolicy = "IfNotPresent" )
Defaults values for injecting istio proxy into kubernetes resources.
const (
// ProxyContainerName is used by e2e integration tests for fetching logs
ProxyContainerName = "istio-proxy"
)
Variables ¶
This section is empty.
Functions ¶
func GenerateTemplateFromParams ¶
GenerateTemplateFromParams generates a sidecar template from the legacy injection parameters
func InitImageName ¶
InitImageName returns the fully qualified image name for the istio init image given a docker hub and tag and debug flag
func IntoResourceFile ¶
func IntoResourceFile(sidecarTemplate string, meshconfig *meshconfig.MeshConfig, in io.Reader, out io.Writer) error
IntoResourceFile injects the istio proxy into the specified kubernetes YAML file.
Types ¶
type Config ¶
type Config struct {
Policy InjectionPolicy `json:"policy"`
// Template is the templated version of `SidecarInjectionSpec` prior to
// expansion over the `SidecarTemplateData`.
Template string `json:"template"`
}
Config specifies the sidecar injection configuration This includes the sidear template and cluster-side injection policy. It is used by kube-inject, sidecar injector, and http endpoint.
type InjectionPolicy ¶
type InjectionPolicy string
InjectionPolicy determines the policy for injecting the sidecar proxy into the watched namespace(s).
const ( // InjectionPolicyDisabled specifies that the sidecar injector // will not inject the sidecar into resources by default for the // namespace(s) being watched. Resources can enable injection // using the "sidecar.istio.io/inject" annotation with value of // true. InjectionPolicyDisabled InjectionPolicy = "disabled" // InjectionPolicyEnabled specifies that the sidecar injector will // inject the sidecar into resources by default for the // namespace(s) being watched. Resources can disable injection // using the "sidecar.istio.io/inject" annotation with value of // false. InjectionPolicyEnabled InjectionPolicy = "enabled" )
type Params ¶
type Params struct {
InitImage string `json:"initImage"`
ProxyImage string `json:"proxyImage"`
Verbosity int `json:"verbosity"`
SidecarProxyUID uint64 `json:"sidecarProxyUID"`
Version string `json:"version"`
EnableCoreDump bool `json:"enableCoreDump"`
DebugMode bool `json:"debugMode"`
Mesh *meshconfig.MeshConfig `json:"-"`
ImagePullPolicy string `json:"imagePullPolicy"`
// Comma separated list of IP ranges in CIDR form. If set, only
// redirect outbound traffic to Envoy for these IP
// ranges. Otherwise all outbound traffic is redirected to Envoy.
IncludeIPRanges string `json:"includeIPRanges"`
// Comma separated list of IP ranges in CIDR form. If set, outbound
// traffic will not be redirected for these IP ranges.
ExcludeIPRanges string `json:"excludeIPRanges"`
// Comma separated list of inbound ports for which traffic is to
// be redirected to Envoy. All ports can be redirected with the wildcard
// character "*".
IncludeInboundPorts string `json:"includeInboundPorts"`
// Comma separated list of inbound ports for which traffic should not
// be redirected to Envoy.
ExcludeInboundPorts string `json:"excludeInboundPorts"`
}
Params describes configurable parameters for injecting istio proxy into a kubernetes resource.
type SidecarInjectionSpec ¶
type SidecarInjectionSpec struct {
InitContainers []v1.Container `yaml:"initContainers"`
Containers []v1.Container `yaml:"containers"`
Volumes []v1.Volume `yaml:"volumes"`
}
SidecarInjectionSpec collects all container types and volumes for sidecar mesh injection
type SidecarInjectionStatus ¶
type SidecarInjectionStatus struct {
Version string `json:"version"`
InitContainers []string `json:"initContainers"`
Containers []string `json:"containers"`
Volumes []string `json:"volumes"`
}
SidecarInjectionStatus contains basic information about the injected sidecar. This includes the names of added containers and volumes.
type SidecarTemplateData ¶
type SidecarTemplateData struct {
ObjectMeta *metav1.ObjectMeta
Spec *v1.PodSpec
ProxyConfig *meshconfig.ProxyConfig
MeshConfig *meshconfig.MeshConfig
}
SidecarTemplateData is the data object to which the templated version of `SidecarInjectionSpec` is applied.
type Webhook ¶
type Webhook struct {
// contains filtered or unexported fields
}
Webhook implements a mutating webhook for automatic proxy injection.
func NewWebhook ¶
func NewWebhook(p WebhookParameters) (*Webhook, error)
NewWebhook creates a new instance of a mutating webhook for automatic sidecar injection.
type WebhookParameters ¶
type WebhookParameters struct {
// ConfigFile is the path to the sidecar injection configuration file.
ConfigFile string
// MeshFile is the path to the mesh configuration file.
MeshFile string
// CertFile is the path to the x509 certificate for https.
CertFile string
// KeyFile is the path to the x509 private key matching `CertFile`.
KeyFile string
// Port is the webhook port, e.g. typically 443 for https.
Port int
// HealthCheckInterval configures how frequently the health check
// file is updated. Value of zero disables the health check
// update.
HealthCheckInterval time.Duration
// HealthCheckFile specifies the path to the health check file
// that is periodically updated.
HealthCheckFile string
}
WebhookParameters configures parameters for the sidecar injection webhook.
Source Files