Documentation
¶
Index ¶
- Constants
- func ConsulNamespaceIsNotFound(err error) bool
- func ConsulNodeNameFromK8sNode(nodeName string) string
- func DetermineAndValidatePort(pod corev1.Pod, annotation string, defaultPort string, privileged bool) (string, error)
- func GetOpenShiftGroup(ns *corev1.Namespace) (int64, error)
- func GetOpenShiftUID(ns *corev1.Namespace) (int64, error)
- func GetPortProtocol(appProtocol *string) pbcatalog.Protocol
- func HasBeenMeshInjected(pod corev1.Pod) bool
- func IsGateway(pod corev1.Pod) bool
- func PortValue(pod corev1.Pod, value string) (int32, error)
- func PortValueFromIntOrString(pod corev1.Pod, port intstr.IntOrString) (uint32, error)
- func ProcessPodDestinations(pod corev1.Pod, enablePartitions, enableNamespaces bool) (*pbmesh.Destinations, error)
- func ProcessPodDestinationsForMeshWebhook(pod corev1.Pod) (*pbmesh.Destinations, error)
- func ShouldIgnore(namespace string, denySet, allowSet mapset.Set) bool
- func ShouldOverwriteProbes(pod corev1.Pod, globalOverwrite bool) (bool, error)
- func ToProtoAny(m proto.Message) *anypb.Any
- func TransparentProxyEnabled(namespace corev1.Namespace, pod corev1.Pod, globalEnabled bool) (bool, error)
- func WorkloadPortName(port *corev1.ContainerPort) string
Constants ¶
const (
ConsulNodeAddress = "127.0.0.1"
)
Variables ¶
This section is empty.
Functions ¶
func ConsulNamespaceIsNotFound ¶
ConsulNamespaceIsNotFound checks the gRPC error code and message to determine if a namespace does not exist. If the namespace exists this function returns false, true otherwise.
func DetermineAndValidatePort ¶
func DetermineAndValidatePort(pod corev1.Pod, annotation string, defaultPort string, privileged bool) (string, error)
DetermineAndValidatePort behaves as follows: If the annotation exists, validate the port and return it. If the annotation does not exist, return the default port. If the privileged flag is true, it will allow the port to be in the privileged port range of 1-1023. Otherwise, it will only allow ports in the unprivileged range of 1024-65535.
func GetOpenShiftGroup ¶
GetOpenShiftGroup gets the group from OpenShift annotation 'openshift.io/sa.scc.supplemental-groups' Fall back to the UID annotation if the group annotation does not exist. The values should be the same.
func GetOpenShiftUID ¶
GetOpenShiftUID gets the user id from the OpenShift annotation 'openshift.io/sa.scc.uid-range'.
func GetPortProtocol ¶
GetPortProtocol matches the Kubernetes EndpointPort.AppProtocol or ServicePort.AppProtocol (*string) to a supported Consul catalog port protocol. If nil or unrecognized, the default of `PROTOCOL_UNSPECIFIED` is returned.
func HasBeenMeshInjected ¶
HasBeenMeshInjected checks the value of the status annotation and returns true if the Pod has been injected. Does not apply to V1 pods, which use a different key (`constants.KeyInjectStatus`).
func PortValue ¶
PortValue returns the port of the container for the string value passed in as an argument on the provided pod.
func PortValueFromIntOrString ¶
PortValueFromIntOrString returns the integer port value from the port that can be a named port, an integer string (e.g. "80"), or an integer. If the port is a named port, this function will attempt to find the value from the containers of the pod.
func ProcessPodDestinations ¶
func ProcessPodDestinations(pod corev1.Pod, enablePartitions, enableNamespaces bool) (*pbmesh.Destinations, error)
ProcessPodDestinations reads the list of destinations from the Pod annotation and converts them into a pbmesh.Destinations object.
func ProcessPodDestinationsForMeshWebhook ¶
func ProcessPodDestinationsForMeshWebhook(pod corev1.Pod) (*pbmesh.Destinations, error)
ProcessPodDestinationsForMeshWebhook reads the list of destinations from the Pod annotation and converts them into a pbmesh.Destinations object.
func ShouldIgnore ¶
ShouldIgnore ignores namespaces where we don't mesh-inject.
func ShouldOverwriteProbes ¶
ShouldOverwriteProbes returns true if we need to overwrite readiness/liveness probes for this pod. It returns an error when the annotation value cannot be parsed by strconv.ParseBool.
func ToProtoAny ¶
ToProtoAny is a convenience function for converting proto.Message values to anypb.Any without error handling. This should _only_ be used in cases where a nil or valid proto.Message value is _guaranteed_, else it will panic. If the type of m is *anypb.Any, that value will be returned unmodified.
func TransparentProxyEnabled ¶
func TransparentProxyEnabled(namespace corev1.Namespace, pod corev1.Pod, globalEnabled bool) (bool, error)
TransparentProxyEnabled returns true if transparent proxy should be enabled for this pod. It returns an error when the annotation value cannot be parsed by strconv.ParseBool or if we are unable to read the pod's namespace label when it exists.
func WorkloadPortName ¶
func WorkloadPortName(port *corev1.ContainerPort) string
WorkloadPortName returns the container port's name if it has one, and if not, constructs a name from the port number and adds a constant prefix. The port name must be 1-15 characters and must have at least 1 alpha character.
Types ¶
This section is empty.
Source Files