resources

package
v1.2.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2024 License: Apache-2.0 Imports: 36 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DefaultControlPlaneCPURequest is the default ControlPlane CPU request.
	DefaultControlPlaneCPURequest = "100m"
	// DefaultControlPlaneCPULimit is the default ControlPlane CPU limit.
	DefaultControlPlaneCPULimit = "200m"

	// DefaultControlPlaneMemoryRequest is the default ControlPlane memory request.
	DefaultControlPlaneMemoryRequest = "20Mi"
	// DefaultControlPlaneMemoryLimit is the default ControlPlane memory limit.
	DefaultControlPlaneMemoryLimit = "100Mi"
)
View Source 
const (
	// DefaultDataPlaneCPURequest is the default DataPlane CPU request.
	DefaultDataPlaneCPURequest = "100m"
	// DefaultDataPlaneCPULimit is the default DataPlane CPU limit.
	DefaultDataPlaneCPULimit = "1000m"

	// DefaultDataPlaneMemoryRequest is the default DataPlane memory request.
	DefaultDataPlaneMemoryRequest = "20Mi"
	// DefaultDataPlaneMemoryLimit is the default DataPlane memory limit.
	DefaultDataPlaneMemoryLimit = "1000Mi"
)
View Source 
const DefaultDataPlaneIngressServiceType = corev1.ServiceTypeLoadBalancer

DefaultDataPlaneIngressServiceType is the default Service type for a DataPlane.

Variables

View Source 
var DefaultDataPlaneIngressServicePorts = []corev1.ServicePort{
	{
		Name:       "http",
		Protocol:   corev1.ProtocolTCP,
		Port:       consts.DefaultHTTPPort,
		TargetPort: intstr.FromInt(consts.DataPlaneProxyPort),
	},
	{
		Name:       "https",
		Protocol:   corev1.ProtocolTCP,
		Port:       consts.DefaultHTTPSPort,
		TargetPort: intstr.FromInt(consts.DataPlaneProxySSLPort),
	},
}

DefaultDataPlaneIngressServicePorts returns the default ServicePorts for a DataPlane.

View Source 
var ErrControlPlaneVersionNotSupported = fmt.Errorf("version not supported")

Functions

func ClusterCertificateVolume 

func ClusterCertificateVolume(certSecretName string) corev1.Volume

ClusterCertificateVolume returns a volume holding a cluster certificate given a Secret holding a certificate.

func ClusterCertificateVolumeMount 

func ClusterCertificateVolumeMount() corev1.VolumeMount

ClusterCertificateVolumeMount returns a volume mount for the cluster certificate.

func ClusterRoleBindingContainsServiceAccount 

func ClusterRoleBindingContainsServiceAccount(existingClusterRoleBinding *rbacv1.ClusterRoleBinding, namespace string, serviceAccountName string) bool

ClusterRoleBindingContainsServiceAccount returns true if the subjects of the ClusterRoleBinding contains given service account.

func CompareClusterRoleName 

func CompareClusterRoleName(existingClusterRoleBinding *rbacv1.ClusterRoleBinding, clusterRoleName string) bool

CompareClusterRoleName compares RoleRef in ClusterRoleBinding with given cluster role name. It returns true if the referenced role is the cluster role with the given name.

func DefaultControlPlaneResources 

func DefaultControlPlaneResources() *corev1.ResourceRequirements

DefaultControlPlaneResources generates a ResourceRequirements with the ControlPlane defaults.

func DefaultDataPlaneResources 

func DefaultDataPlaneResources() *corev1.ResourceRequirements

DefaultDataPlaneResources generates a ResourceRequirements with the DataPlane defaults.

func EnsureNetworkPolicyIsUpdated 

func EnsureNetworkPolicyIsUpdated(
	existing *v1.NetworkPolicy,
	generated *v1.NetworkPolicy,
) bool

EnsureNetworkPolicyIsUpdated checks if the provided network policy needs an update. It comes to a decision by comparing the provided policies' specs. It returns a boolean which indicates whether we need to perform an update. Note that the provided existing policy is updated in place.

func GenerateControlPlaneContainer 

func GenerateControlPlaneContainer(image string) corev1.Container

GenerateControlPlaneContainer generates a control plane container.

func GenerateControlPlaneProbe 

func GenerateControlPlaneProbe(endpoint string, port intstr.IntOrString) *corev1.Probe

GenerateControlPlaneProbe generates a controlplane probe that uses the specified endpoint. This is currently used both for readiness and liveness.

func GenerateDataPlaneContainer 

func GenerateDataPlaneContainer(image string) corev1.Container

GenerateDataPlaneContainer generates a DataPlane container.

func GenerateDataPlaneReadinessProbe 

func GenerateDataPlaneReadinessProbe(endpoint string) *corev1.Probe

GenerateDataPlaneReadinessProbe generates a dataplane probe that uses the specified endpoint.

func GenerateHPAForDataPlane 

func GenerateHPAForDataPlane(dataplane *operatorv1beta1.DataPlane, deploymentName string) (
	*autoscalingv2.HorizontalPodAutoscaler, error,
)

GenerateHPAForDataPlane generate an HPA for the given DataPlane. The provided deploymentName is the name of the Deployment that the HPA will target using its ScaleTargetRef.

func GenerateNewAdminServiceForDataPlane 

func GenerateNewAdminServiceForDataPlane(dataplane *operatorv1beta1.DataPlane, opts ...ServiceOpt) (*corev1.Service, error)

GenerateNewAdminServiceForDataPlane is a helper to generate the headless dataplane admin service

func GenerateNewAdmissionWebhookServiceForControlPlane 

func GenerateNewAdmissionWebhookServiceForControlPlane(cp *operatorv1beta1.ControlPlane) (*corev1.Service, error)

GenerateNewAdmissionWebhookServiceForControlPlane is a helper to generate the admission webhook service for a control plane.

func GenerateNewClusterRoleBindingForCertificateConfig 

func GenerateNewClusterRoleBindingForCertificateConfig(namespace, name, labelValue string) *rbacv1.ClusterRoleBinding

GenerateNewClusterRoleBindingForCertificateConfig is a helper to generate a ClusterRoleBinding to be used by the certificateConfig jobs

func GenerateNewClusterRoleBindingForControlPlane 

func GenerateNewClusterRoleBindingForControlPlane(namespace, controlplaneName, serviceAccountName, clusterRoleName string) *rbacv1.ClusterRoleBinding

GenerateNewClusterRoleBindingForControlPlane is a helper to generate a ClusterRoleBinding resource to bind roles to the service account used by the controlplane deployment.

func GenerateNewClusterRoleForCertificateConfig 

func GenerateNewClusterRoleForCertificateConfig(namespace, name, labelValue string) *rbacv1.ClusterRole

GenerateNewClusterRoleForCertificateConfig is a helper to generate a ClusterRole to be used by the certificateConfig jobs

func GenerateNewClusterRoleForControlPlane 

func GenerateNewClusterRoleForControlPlane(controlplaneName string, image string, devMode bool) (*rbacv1.ClusterRole, error)

GenerateNewClusterRoleForControlPlane is a helper function that extract the version from the tag, and returns the ClusterRole with all the needed permissions.

func GenerateNewDeploymentForControlPlane 

func GenerateNewDeploymentForControlPlane(params GenerateNewDeploymentForControlPlaneParams) (*appsv1.Deployment, error)

GenerateNewDeploymentForControlPlane generates a new Deployment for the ControlPlane

func GenerateNewIngressServiceForDataPlane 

func GenerateNewIngressServiceForDataPlane(dataplane *operatorv1beta1.DataPlane, opts ...ServiceOpt) (*corev1.Service, error)

GenerateNewIngressServiceForDataPlane is a helper to generate the dataplane ingress service

func GenerateNewRoleBindingForCertificateConfig 

func GenerateNewRoleBindingForCertificateConfig(namespace, name, labelValue string) *rbacv1.RoleBinding

GenerateNewRoleBindingForCertificateConfig is a helper to generate a RoleBinding to be used by the certificateConfig jobs

func GenerateNewRoleForCertificateConfig 

func GenerateNewRoleForCertificateConfig(namespace, name, labelValue string) *rbacv1.Role

GenerateNewRoleForCertificateConfig is a helper to generate a Role to be used by the certificateConfig jobs

func GenerateNewServiceAccountForCertificateConfig 

func GenerateNewServiceAccountForCertificateConfig(namespace, name, labelValue string) *corev1.ServiceAccount

GenerateNewServiceAccountForCertificateConfig is a helper to generate a ServiceAccount to be used by the certificateConfig jobs

func GenerateNewServiceAccountForControlPlane 

func GenerateNewServiceAccountForControlPlane(namespace, controlplaneName string) *corev1.ServiceAccount

GenerateNewServiceAccountForControlPlane is a helper to generate a ServiceAccount to be used by the controlplane deployment.

func GenerateNewServiceForCertificateConfig 

func GenerateNewServiceForCertificateConfig(namespace, name string) *corev1.Service

GenerateNewServiceForCertificateConfig is a helper to generate a service to expose the operator webhook

func GenerateNewTLSSecret 

func GenerateNewTLSSecret[
	T interface {
		controlPlaneOrDataPlane
		client.Object
	},
](
	owner T, opts ...SecretOpt,
) *corev1.Secret

GenerateNewTLSSecret is a helper to generate a TLS Secret to be used for mutual TLS. It accepts a list of options that can change the generated Secret.

func GenerateNewWebhookCertificateConfigJob 

func GenerateNewWebhookCertificateConfigJob(namespace,
	serviceAccountName,
	imageName,
	secretName,
	webhookName string,
) *batchv1.Job

GenerateNewWebhookCertificateConfigJob generates the create and patch jobs for the certificateConfig

func GenerateValidatingWebhookConfigurationForControlPlane 

func GenerateValidatingWebhookConfigurationForControlPlane(webhookName string, image string, devMode bool, clientConfig admregv1.WebhookClientConfig) (*admregv1.ValidatingWebhookConfiguration, error)

GenerateValidatingWebhookConfigurationForControlPlane generates a ValidatingWebhookConfiguration for a control plane based on the control plane version. It also overrides all webhooks' client configurations with the provided service details.

func GetManagedLabelForOwner 

func GetManagedLabelForOwner(owner metav1.Object) client.MatchingLabels

GetManagedLabelForOwner returns the managed-by labels for the provided owner.

func GetManagedLabelForOwnerLegacy deprecated 

func GetManagedLabelForOwnerLegacy(owner metav1.Object) client.MatchingLabels

GetManagedLabelForOwnerLegacy returns the legacy managed-by labels for the provided owner.

Deprecated: use getManagedLabelForOwner instead. Removed when https://github.com/Kong/gateway-operator/issues/1101 is closed.

func GetManagedLabelRequirementsForOwnerLegacy 

func GetManagedLabelRequirementsForOwnerLegacy(owner metav1.Object) (labels.Requirements, error)

GetManagedLabelRequirementsForOwnerLegacy returns the legacy managed-by label requirements for the provided owner.

func IsContainerResourceEmpty 

func IsContainerResourceEmpty(resources corev1.ResourceRequirements) bool

IsContainerResourceEmpty determines if the provided resource requirements is effectively "empty" in that all fields are unset.

func LabelObjectAsControlPlaneManaged 

func LabelObjectAsControlPlaneManaged(obj metav1.Object)

LabelObjectAsControlPlaneManaged ensures that labels are set on the provided object to signal that it's owned by a ControlPlane resource and that its lifecycle is managed by this operator.

func LabelObjectAsDataPlaneManaged 

func LabelObjectAsDataPlaneManaged(obj metav1.Object)

LabelObjectAsDataPlaneManaged ensures that labels are set on the provided object to signal that it's owned by a DataPlane resource and that its lifecycle is managed by this operator.

func ResourceRequirementsEqual 

func ResourceRequirementsEqual(a corev1.ResourceRequirements, b corev1.ResourceRequirements) bool

ResourceRequirementsEqual compares two corev1.ResourceRequirements. It is needed because sometimes we get objects with '1000m' and sometimes with '1' set as values and while those 2 are "different", they are the same in value.

func SecretWithLabel 

func SecretWithLabel(k, v string) func(s *corev1.Secret)

SecretWithLabel adds a label to a Secret.

func SetDefaultsContainer 

func SetDefaultsContainer(c *corev1.Container)

SetDefaultsContainer sets defaults in the provided Container.

func SetDefaultsPodTemplateSpec 

func SetDefaultsPodTemplateSpec(pts *corev1.PodTemplateSpec)

SetDefaultsPodTemplateSpec sets defaults in the provided PodTemplateSpec. This is useful for setting defaults in patches, where the defaults are not applied and we end up with structs that are filled with "zero default values".

The reason for this is that native Kubernetes structs (e.g. `Pod`) define their default values in comments and are applied in the SetDefaults_* functions. To prevent situations where users use fields from the PodTemplateSpec which imply usage of other fields which do not have zero values as defaults (e.g. probe timeouts or SecretVolumeSource default mode) we need to apply the defaults to the patch.

func SetDefaultsVolume 

func SetDefaultsVolume(v *corev1.Volume)

SetDefaultsVolume sets defaults in the provided Volume.

func StrategicMergePatchPodTemplateSpec 

func StrategicMergePatchPodTemplateSpec(base, patch *corev1.PodTemplateSpec) (*corev1.PodTemplateSpec, error)

StrategicMergePatchPodTemplateSpec adds patches to base using a strategic merge patch and iterating by container name, failing on the first error

Types

type Deployment 

type Deployment appsv1.Deployment

Deployment is a wrapper for appsv1.Deployment. It provides additional methods to modify parts of the Deployment, such as to add a Volume or set an environment variable. These "With" methods do not return errors to allow chaining, and may no-op if target subsection is not available or overwrite existing conflicting configuration. If the presence of existing configuration is uncertain, you must check before invoking them.

func ApplyDeploymentUserPatches 

func ApplyDeploymentUserPatches(
	deployment *Deployment,
	podTemplateSpec *corev1.PodTemplateSpec,
) (*Deployment, error)

ApplyDeploymentUserPatches applies user PodTemplateSpec patches to a Deployment. It returns the existing Deployment if there are no patches.

func GenerateNewDeploymentForDataPlane 

func GenerateNewDeploymentForDataPlane(
	dataplane *operatorv1beta1.DataPlane,
	dataplaneImage string,
	opts ...DeploymentOpt,
) (*Deployment, error)

GenerateNewDeploymentForDataPlane generates a new Deployment for the DataPlane

func (*Deployment) Unwrap 

func (d *Deployment) Unwrap() *appsv1.Deployment

func (*Deployment) WithEnvVar 

func (d *Deployment) WithEnvVar(v corev1.EnvVar, container string) *Deployment

WithEnvVar sets an environment variable in a container. It overwrites any existing environment variable with the same name. It takes no action if the container does not exist.

func (*Deployment) WithVolume 

func (d *Deployment) WithVolume(v corev1.Volume) *Deployment

WithVolume appends a volume to a Deployment. It overwrites any existing Volume with the same name.

func (*Deployment) WithVolumeMount 

func (d *Deployment) WithVolumeMount(v corev1.VolumeMount, container string) *Deployment

WithVolumeMount appends a volume mount to a Deployment's container. It overwrites any existing VolumeMount with the same path. It takes no action if the container does not exist.

type DeploymentOpt 

type DeploymentOpt func(*appsv1.Deployment)

DeploymentOpt is an option for Deployment generators.

type GenerateNewDeploymentForControlPlaneParams 

type GenerateNewDeploymentForControlPlaneParams struct {
	ControlPlane                   *operatorv1beta1.ControlPlane
	ControlPlaneImage              string
	ServiceAccountName             string
	AdminMTLSCertSecretName        string
	AdmissionWebhookCertSecretName string
}

GenerateNewDeploymentForControlPlaneParams is a parameter struct for GenerateNewDeploymentForControlPlane function.

type SecretOpt 

type SecretOpt func(*corev1.Secret)

SecretOpt is an option function for a Secret.

type ServiceOpt 

type ServiceOpt func(*corev1.Service)

ServiceOpt is an option function for a Service.

func LabelSelectorFromDataPlaneStatusSelectorServiceOpt 

func LabelSelectorFromDataPlaneStatusSelectorServiceOpt(dataplane *operatorv1beta1.DataPlane) ServiceOpt

labelSelectorFromDataPlaneStatusSelectorServiceOpt returns a ServiceOpt function which will set Service's selector based on provided DataPlane's Status selector field.

func ServicePortsFromDataPlaneIngressOpt 

func ServicePortsFromDataPlaneIngressOpt(dataplane *operatorv1beta1.DataPlane) ServiceOpt

ServicePortsFromDataPlaneIngressOpt is a helper to translate the DataPlane service ports field into actual service ports.

func ServiceWithLabel 

func ServiceWithLabel(k, v string) ServiceOpt

ServiceWithLabel adds a label to a Service.

type ValidatingWebhookConfigurationBuilder 

type ValidatingWebhookConfigurationBuilder struct {
	// contains filtered or unexported fields
}

ValidatingWebhookConfigurationBuilder is a helper to generate a ValidatingWebhookConfiguration.

func NewValidatingWebhookConfigurationBuilder 

func NewValidatingWebhookConfigurationBuilder(webhookName string) *ValidatingWebhookConfigurationBuilder

NewValidatingWebhookConfigurationBuilder returns builder for ValidatingWebhookConfiguration. Check method to learn more about the default values and available options.

func (*ValidatingWebhookConfigurationBuilder) Build 

func (v *ValidatingWebhookConfigurationBuilder) Build() *admissionregistrationv1.ValidatingWebhookConfiguration

Build returns the ValidatingWebhookConfiguration.

func (*ValidatingWebhookConfigurationBuilder) WithCABundle 

func (v *ValidatingWebhookConfigurationBuilder) WithCABundle(caBundle []byte) *ValidatingWebhookConfigurationBuilder

WithCABundle sets the CA bundle.

func (*ValidatingWebhookConfigurationBuilder) WithClientConfigKubernetesService 

func (v *ValidatingWebhookConfigurationBuilder) WithClientConfigKubernetesService(svc k8stypes.NamespacedName) *ValidatingWebhookConfigurationBuilder

WithClientConfigKubernetesService sets the client config to use a Kubernetes service.

func (*ValidatingWebhookConfigurationBuilder) WithClientConfigURL 

func (v *ValidatingWebhookConfigurationBuilder) WithClientConfigURL(url string) *ValidatingWebhookConfigurationBuilder

WithClientConfigURL sets the client config to use a URL.

func (*ValidatingWebhookConfigurationBuilder) WithScopeAllNamespaces 

func (v *ValidatingWebhookConfigurationBuilder) WithScopeAllNamespaces() *ValidatingWebhookConfigurationBuilder

WithScopeAll sets the scope for all namespaces (default for the builder is namespace code).

Source Files

View all Source files

Directories

Path Synopsis
This file is generated by /hack/generators/kic/role-generator.
 This file is generated by /hack/generators/kic/role-generator.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.