Documentation

Index

Constants

View Source
const DefaultMaxEBSVolumes = 39

    Amazon recommends having no more that 40 volumes attached to an instance, and at least one of those is for the system root volume. See http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/volume_limits.html#linux-specific-volume-limits

    View Source
    const DefaultVolumeType = "gp2"

      Default volume type for newly created Volumes TODO: Remove when user/admin can configure volume types and thus we don't need hardcoded defaults.

      View Source
      const MaxReadThenCreateRetries = 30

        We sometimes read to see if something exists; then try to create it if we didn't find it This can fail once in a consistent system if done in parallel In an eventually consistent system, it could fail unboundedly MaxReadThenCreateRetries sets the maximum number of attempts we will make

        View Source
        const ProviderName = "aws"
        View Source
        const ServiceAnnotationLoadBalancerInternal = "service.beta.kubernetes.io/aws-load-balancer-internal"

          Annotation used on the service to indicate that we want an internal ELB. Currently we accept only the value "0.0.0.0/0" - other values are an error. This lets us define more advanced semantics in future.

          View Source
          const TagNameKubernetesCluster = "KubernetesCluster"

            The tag name we use to differentiate multiple logically independent clusters running in the same AZ

            View Source
            const TagNameKubernetesService = "kubernetes.io/service-name"

              The tag name we use to differentiate multiple services. Used currently for ELBs only.

              View Source
              const TagNameSubnetInternalELB = "kubernetes.io/role/internal-elb"

                The tag name used on a subnet to designate that it should be used for internal ELBs

                View Source
                const TagNameSubnetPublicELB = "kubernetes.io/role/elb"

                  The tag name used on a subnet to designate that it should be used for internet ELBs

                  Variables

                  This section is empty.

                  Functions

                  func ResizeInstanceGroup

                  func ResizeInstanceGroup(asg ASG, instanceGroupName string, size int) error

                    ResizeInstanceGroup sets the size of the specificed instancegroup Exported so it can be used by the e2e tests, which don't want to instantiate a full cloudprovider.

                    Types

                    type ASG

                      This is a simple pass-through of the Autoscaling client interface, which allows for testing

                      type AWSCloud

                      type AWSCloud struct {
                      	// contains filtered or unexported fields
                      }

                        AWSCloud is an implementation of Interface, LoadBalancer and Instances for Amazon Web Services.

                        func (*AWSCloud) AddSSHKeyToAllInstances

                        func (self *AWSCloud) AddSSHKeyToAllInstances(user string, keyData []byte) error

                        func (*AWSCloud) AttachDisk

                        func (c *AWSCloud) AttachDisk(diskName string, instanceName string, readOnly bool) (string, error)

                          Implements Volumes.AttachDisk

                          func (*AWSCloud) Clusters

                          func (aws *AWSCloud) Clusters() (cloudprovider.Clusters, bool)

                          func (*AWSCloud) CreateDisk

                          func (s *AWSCloud) CreateDisk(volumeOptions *VolumeOptions) (string, error)

                            Implements Volumes.CreateVolume

                            func (*AWSCloud) CreateRoute

                            func (s *AWSCloud) CreateRoute(clusterName string, nameHint string, route *cloudprovider.Route) error

                              CreateRoute implements Routes.CreateRoute Create the described route

                              func (*AWSCloud) CurrentNodeName

                              func (c *AWSCloud) CurrentNodeName(hostname string) (string, error)

                              func (*AWSCloud) DeleteDisk

                              func (c *AWSCloud) DeleteDisk(volumeName string) (bool, error)

                                Implements Volumes.DeleteDisk

                                func (*AWSCloud) DeleteRoute

                                func (s *AWSCloud) DeleteRoute(clusterName string, route *cloudprovider.Route) error

                                  DeleteRoute implements Routes.DeleteRoute Delete the specified route

                                  func (*AWSCloud) DescribeInstanceGroup

                                  func (a *AWSCloud) DescribeInstanceGroup(instanceGroupName string) (InstanceGroupInfo, error)

                                    Implement InstanceGroups.DescribeInstanceGroup Queries the cloud provider for information about the specified instance group

                                    func (*AWSCloud) DetachDisk

                                    func (aws *AWSCloud) DetachDisk(diskName string, instanceName string) (string, error)

                                      Implements Volumes.DetachDisk

                                      func (*AWSCloud) EnsureLoadBalancer

                                      func (s *AWSCloud) EnsureLoadBalancer(name, region string, publicIP net.IP, ports []*api.ServicePort, hosts []string, serviceName types.NamespacedName, affinity api.ServiceAffinity, annotations map[string]string) (*api.LoadBalancerStatus, error)

                                        EnsureLoadBalancer implements LoadBalancer.EnsureLoadBalancer TODO(justinsb) It is weird that these take a region. I suspect it won't work cross-region anyway.

                                        func (*AWSCloud) EnsureLoadBalancerDeleted

                                        func (s *AWSCloud) EnsureLoadBalancerDeleted(name, region string) error

                                          EnsureLoadBalancerDeleted implements LoadBalancer.EnsureLoadBalancerDeleted.

                                          func (*AWSCloud) ExternalID

                                          func (c *AWSCloud) ExternalID(name string) (string, error)

                                            ExternalID returns the cloud provider ID of the specified instance (deprecated).

                                            func (*AWSCloud) GetLoadBalancer

                                            func (s *AWSCloud) GetLoadBalancer(name, region string) (*api.LoadBalancerStatus, bool, error)

                                              GetLoadBalancer is an implementation of LoadBalancer.GetLoadBalancer

                                              func (*AWSCloud) GetVolumeLabels

                                              func (c *AWSCloud) GetVolumeLabels(volumeName string) (map[string]string, error)

                                                Implements Volumes.GetVolumeLabels

                                                func (*AWSCloud) GetZone

                                                func (c *AWSCloud) GetZone() (cloudprovider.Zone, error)

                                                  GetZone implements Zones.GetZone

                                                  func (*AWSCloud) InstanceID

                                                  func (c *AWSCloud) InstanceID(name string) (string, error)

                                                    InstanceID returns the cloud provider ID of the specified instance.

                                                    func (*AWSCloud) InstanceType

                                                    func (c *AWSCloud) InstanceType(name string) (string, error)

                                                      InstanceType returns the type of the specified instance.

                                                      func (*AWSCloud) Instances

                                                      func (aws *AWSCloud) Instances() (cloudprovider.Instances, bool)

                                                        Instances returns an implementation of Instances for Amazon Web Services.

                                                        func (*AWSCloud) List

                                                        func (aws *AWSCloud) List(filter string) ([]string, error)

                                                          List is an implementation of Instances.List.

                                                          func (*AWSCloud) ListRoutes

                                                          func (s *AWSCloud) ListRoutes(clusterName string) ([]*cloudprovider.Route, error)

                                                            ListRoutes implements Routes.ListRoutes List all routes that match the filter

                                                            func (*AWSCloud) LoadBalancer

                                                            func (s *AWSCloud) LoadBalancer() (cloudprovider.LoadBalancer, bool)

                                                              LoadBalancer returns an implementation of LoadBalancer for Amazon Web Services.

                                                              func (*AWSCloud) NodeAddresses

                                                              func (c *AWSCloud) NodeAddresses(name string) ([]api.NodeAddress, error)

                                                                NodeAddresses is an implementation of Instances.NodeAddresses.

                                                                func (*AWSCloud) ProviderName

                                                                func (aws *AWSCloud) ProviderName() string

                                                                  ProviderName returns the cloud provider ID.

                                                                  func (*AWSCloud) ResizeInstanceGroup

                                                                  func (a *AWSCloud) ResizeInstanceGroup(instanceGroupName string, size int) error

                                                                    Implement InstanceGroups.ResizeInstanceGroup Set the size to the fixed size

                                                                    func (*AWSCloud) Routes

                                                                    func (aws *AWSCloud) Routes() (cloudprovider.Routes, bool)

                                                                      Routes returns an implementation of Routes for Amazon Web Services.

                                                                      func (*AWSCloud) ScrubDNS

                                                                      func (aws *AWSCloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []string)

                                                                        ScrubDNS filters DNS settings for pods.

                                                                        func (*AWSCloud) UpdateLoadBalancer

                                                                        func (s *AWSCloud) UpdateLoadBalancer(name, region string, hosts []string) error

                                                                          UpdateLoadBalancer implements LoadBalancer.UpdateLoadBalancer

                                                                          func (*AWSCloud) Zones

                                                                          func (aws *AWSCloud) Zones() (cloudprovider.Zones, bool)

                                                                            Zones returns an implementation of Zones for Amazon Web Services.

                                                                            type AWSCloudConfig

                                                                            type AWSCloudConfig struct {
                                                                            	Global struct {
                                                                            		// TODO: Is there any use for this?  We can get it from the instance metadata service
                                                                            		// Maybe if we're not running on AWS, e.g. bootstrap; for now it is not very useful
                                                                            		Zone string
                                                                            
                                                                            		KubernetesClusterTag string
                                                                            
                                                                            		//The aws provider creates an inbound rule per load balancer on the node security
                                                                            		//group. However, this can run into the AWS security group rule limit of 50 if
                                                                            		//many LoadBalancers are created.
                                                                            		//
                                                                            		//This flag disables the automatic ingress creation. It requires that the user
                                                                            		//has setup a rule that allows inbound traffic on kubelet ports from the
                                                                            		//local VPC subnet (so load balancers can access it). E.g. 10.82.0.0/16 30000-32000.
                                                                            		DisableSecurityGroupIngress bool
                                                                            	}
                                                                            }

                                                                            type AWSServices

                                                                            type AWSServices interface {
                                                                            	Compute(region string) (EC2, error)
                                                                            	LoadBalancing(region string) (ELB, error)
                                                                            	Autoscaling(region string) (ASG, error)
                                                                            	Metadata() (EC2Metadata, error)
                                                                            }

                                                                              Abstraction over AWS, to allow mocking/other implementations

                                                                              type Backoff

                                                                              type Backoff struct {
                                                                              	// contains filtered or unexported fields
                                                                              }

                                                                                Backoff manages a backoff that varies based on the recently observed failures

                                                                                func (*Backoff) ComputeDelayForRequest

                                                                                func (b *Backoff) ComputeDelayForRequest(now time.Time) time.Duration

                                                                                  Computes the delay required for a request, also updating internal state to count this request

                                                                                  func (*Backoff) ReportError

                                                                                  func (b *Backoff) ReportError()

                                                                                    Called when we observe a throttling error

                                                                                    type CrossRequestRetryDelay

                                                                                    type CrossRequestRetryDelay struct {
                                                                                    	// contains filtered or unexported fields
                                                                                    }

                                                                                      CrossRequestRetryDelay inserts delays before AWS calls, when we are observing RequestLimitExceeded errors Note that we share a CrossRequestRetryDelay across multiple AWS requests; this is a process-wide back-off, whereas the aws-sdk-go implements a per-request exponential backoff/retry

                                                                                      func NewCrossRequestRetryDelay

                                                                                      func NewCrossRequestRetryDelay() *CrossRequestRetryDelay

                                                                                        Create a new CrossRequestRetryDelay

                                                                                        func (*CrossRequestRetryDelay) AfterRetry

                                                                                        func (c *CrossRequestRetryDelay) AfterRetry(r *request.Request)

                                                                                          Added to the AfterRetry chain; called after any error

                                                                                          func (*CrossRequestRetryDelay) BeforeSign

                                                                                          func (c *CrossRequestRetryDelay) BeforeSign(r *request.Request)

                                                                                            Added to the Sign chain; called before each request

                                                                                            type EC2

                                                                                            type EC2 interface {
                                                                                            	// Query EC2 for instances matching the filter
                                                                                            	DescribeInstances(request *ec2.DescribeInstancesInput) ([]*ec2.Instance, error)
                                                                                            
                                                                                            	// Attach a volume to an instance
                                                                                            	AttachVolume(*ec2.AttachVolumeInput) (*ec2.VolumeAttachment, error)
                                                                                            	// Detach a volume from an instance it is attached to
                                                                                            	DetachVolume(request *ec2.DetachVolumeInput) (resp *ec2.VolumeAttachment, err error)
                                                                                            	// Lists volumes
                                                                                            	DescribeVolumes(request *ec2.DescribeVolumesInput) ([]*ec2.Volume, error)
                                                                                            	// Create an EBS volume
                                                                                            	CreateVolume(request *ec2.CreateVolumeInput) (resp *ec2.Volume, err error)
                                                                                            	// Delete an EBS volume
                                                                                            	DeleteVolume(*ec2.DeleteVolumeInput) (*ec2.DeleteVolumeOutput, error)
                                                                                            
                                                                                            	DescribeSecurityGroups(request *ec2.DescribeSecurityGroupsInput) ([]*ec2.SecurityGroup, error)
                                                                                            
                                                                                            	CreateSecurityGroup(*ec2.CreateSecurityGroupInput) (*ec2.CreateSecurityGroupOutput, error)
                                                                                            	DeleteSecurityGroup(request *ec2.DeleteSecurityGroupInput) (*ec2.DeleteSecurityGroupOutput, error)
                                                                                            
                                                                                            	AuthorizeSecurityGroupIngress(*ec2.AuthorizeSecurityGroupIngressInput) (*ec2.AuthorizeSecurityGroupIngressOutput, error)
                                                                                            	RevokeSecurityGroupIngress(*ec2.RevokeSecurityGroupIngressInput) (*ec2.RevokeSecurityGroupIngressOutput, error)
                                                                                            
                                                                                            	DescribeSubnets(*ec2.DescribeSubnetsInput) ([]*ec2.Subnet, error)
                                                                                            
                                                                                            	CreateTags(*ec2.CreateTagsInput) (*ec2.CreateTagsOutput, error)
                                                                                            
                                                                                            	DescribeRouteTables(request *ec2.DescribeRouteTablesInput) ([]*ec2.RouteTable, error)
                                                                                            	CreateRoute(request *ec2.CreateRouteInput) (*ec2.CreateRouteOutput, error)
                                                                                            	DeleteRoute(request *ec2.DeleteRouteInput) (*ec2.DeleteRouteOutput, error)
                                                                                            
                                                                                            	ModifyInstanceAttribute(request *ec2.ModifyInstanceAttributeInput) (*ec2.ModifyInstanceAttributeOutput, error)
                                                                                            }

                                                                                              TODO: Should we rename this to AWS (EBS & ELB are not technically part of EC2) Abstraction over EC2, to allow mocking/other implementations Note that the DescribeX functions return a list, so callers don't need to deal with paging

                                                                                              type EC2Metadata

                                                                                              type EC2Metadata interface {
                                                                                              	// Query the EC2 metadata service (used to discover instance-id etc)
                                                                                              	GetMetadata(path string) (string, error)
                                                                                              }

                                                                                                Abstraction over the AWS metadata service

                                                                                                type IPPermissionSet

                                                                                                type IPPermissionSet map[string]*ec2.IpPermission

                                                                                                func NewIPPermissionSet

                                                                                                func NewIPPermissionSet(items ...*ec2.IpPermission) IPPermissionSet

                                                                                                func (IPPermissionSet) Difference

                                                                                                  Difference returns a set of objects that are not in s2 For example: s1 = {a1, a2, a3} s2 = {a1, a2, a4, a5} s1.Difference(s2) = {a3} s2.Difference(s1) = {a4, a5}

                                                                                                  func (IPPermissionSet) Equal

                                                                                                  func (s1 IPPermissionSet) Equal(s2 IPPermissionSet) bool

                                                                                                    Equal returns true if and only if s1 is equal (as a set) to s2. Two sets are equal if their membership is identical. (In practice, this means same elements, order doesn't matter)

                                                                                                    func (IPPermissionSet) Insert

                                                                                                    func (s IPPermissionSet) Insert(items ...*ec2.IpPermission)

                                                                                                      Insert adds items to the set.

                                                                                                      func (IPPermissionSet) IsSuperset

                                                                                                      func (s1 IPPermissionSet) IsSuperset(s2 IPPermissionSet) bool

                                                                                                        IsSuperset returns true if and only if s1 is a superset of s2.

                                                                                                        func (IPPermissionSet) Len

                                                                                                        func (s IPPermissionSet) Len() int

                                                                                                          Len returns the size of the set.

                                                                                                          func (IPPermissionSet) List

                                                                                                          func (s IPPermissionSet) List() []*ec2.IpPermission

                                                                                                            List returns the contents as a slice. Order is not defined.

                                                                                                            func (IPPermissionSet) Ungroup

                                                                                                            func (s IPPermissionSet) Ungroup() IPPermissionSet

                                                                                                              Ungroup splits permissions out into individual permissions EC2 will combine permissions with the same port but different SourceRanges together, for example We ungroup them so we can process them

                                                                                                              type InstanceGroupInfo

                                                                                                              type InstanceGroupInfo interface {
                                                                                                              	// The number of instances currently running under control of this group
                                                                                                              	CurrentSize() (int, error)
                                                                                                              }

                                                                                                                InstanceGroupInfo is returned by InstanceGroups.Describe, and exposes information about the group.

                                                                                                                func DescribeInstanceGroup

                                                                                                                func DescribeInstanceGroup(asg ASG, instanceGroupName string) (InstanceGroupInfo, error)

                                                                                                                  DescribeInstanceGroup gets info about the specified instancegroup Exported so it can be used by the e2e tests, which don't want to instantiate a full cloudprovider.

                                                                                                                  type InstanceGroups

                                                                                                                  type InstanceGroups interface {
                                                                                                                  	// Set the size to the fixed size
                                                                                                                  	ResizeInstanceGroup(instanceGroupName string, size int) error
                                                                                                                  	// Queries the cloud provider for information about the specified instance group
                                                                                                                  	DescribeInstanceGroup(instanceGroupName string) (InstanceGroupInfo, error)
                                                                                                                  }

                                                                                                                    InstanceGroups is an interface for managing cloud-managed instance groups / autoscaling instance groups TODO: Allow other clouds to implement this

                                                                                                                    type VolumeOptions

                                                                                                                    type VolumeOptions struct {
                                                                                                                    	CapacityGB int
                                                                                                                    	Tags       map[string]string
                                                                                                                    }

                                                                                                                    type Volumes

                                                                                                                    type Volumes interface {
                                                                                                                    	// Attach the disk to the specified instance
                                                                                                                    	// instanceName can be empty to mean "the instance on which we are running"
                                                                                                                    	// Returns the device (e.g. /dev/xvdf) where we attached the volume
                                                                                                                    	AttachDisk(diskName string, instanceName string, readOnly bool) (string, error)
                                                                                                                    	// Detach the disk from the specified instance
                                                                                                                    	// instanceName can be empty to mean "the instance on which we are running"
                                                                                                                    	// Returns the device where the volume was attached
                                                                                                                    	DetachDisk(diskName string, instanceName string) (string, error)
                                                                                                                    
                                                                                                                    	// Create a volume with the specified options
                                                                                                                    	CreateDisk(volumeOptions *VolumeOptions) (volumeName string, err error)
                                                                                                                    	// Delete the specified volume
                                                                                                                    	// Returns true iff the volume was deleted
                                                                                                                    	// If the was not found, returns (false, nil)
                                                                                                                    	DeleteDisk(volumeName string) (bool, error)
                                                                                                                    
                                                                                                                    	// Get labels to apply to volume on creation
                                                                                                                    	GetVolumeLabels(volumeName string) (map[string]string, error)
                                                                                                                    }

                                                                                                                      Volumes is an interface for managing cloud-provisioned volumes TODO: Allow other clouds to implement this