resources

package
v1.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 22, 2025 License: Apache-2.0 Imports: 38 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DefaultControlPlaneCPURequest is the default ControlPlane CPU request.
	DefaultControlPlaneCPURequest = "100m"
	// DefaultControlPlaneCPULimit is the default ControlPlane CPU limit.
	DefaultControlPlaneCPULimit = "200m"

	// DefaultControlPlaneMemoryRequest is the default ControlPlane memory request.
	DefaultControlPlaneMemoryRequest = "20Mi"
	// DefaultControlPlaneMemoryLimit is the default ControlPlane memory limit.
	DefaultControlPlaneMemoryLimit = "100Mi"
)
View Source 
const (
	// DefaultDataPlaneCPURequest is the default DataPlane CPU request.
	DefaultDataPlaneCPURequest = "100m"
	// DefaultDataPlaneCPULimit is the default DataPlane CPU limit.
	DefaultDataPlaneCPULimit = "1000m"

	// DefaultDataPlaneMemoryRequest is the default DataPlane memory request.
	DefaultDataPlaneMemoryRequest = "20Mi"
	// DefaultDataPlaneMemoryLimit is the default DataPlane memory limit.
	DefaultDataPlaneMemoryLimit = "1000Mi"
)
View Source 
const DefaultDataPlaneIngressServiceType = corev1.ServiceTypeLoadBalancer

DefaultDataPlaneIngressServiceType is the default Service type for a DataPlane.

Variables

View Source 
var DefaultDataPlaneIngressServicePorts = []corev1.ServicePort{
	{
		Name:       "http",
		Protocol:   corev1.ProtocolTCP,
		Port:       consts.DefaultHTTPPort,
		TargetPort: intstr.FromInt(consts.DataPlaneProxyPort),
	},
	{
		Name:       "https",
		Protocol:   corev1.ProtocolTCP,
		Port:       consts.DefaultHTTPSPort,
		TargetPort: intstr.FromInt(consts.DataPlaneProxySSLPort),
	},
}

DefaultDataPlaneIngressServicePorts returns the default ServicePorts for a DataPlane.

View Source 
var ErrControlPlaneVersionNotSupported = fmt.Errorf("version not supported")

Functions

func AnnotateConfigMapWithKongPluginInstallation added in v1.4.0 

func AnnotateConfigMapWithKongPluginInstallation(cm *corev1.ConfigMap, kpi operatorv1alpha1.KongPluginInstallation)

AnnotateConfigMapWithKongPluginInstallation ensures that annotation that maps particular ConfigMap with KongPluginInstallation based which it's been populated. Annotation value is in the form `Namespace/Name` of the KongPluginInstallation.

func AnnotateObjWithHash added in v1.5.0 

func AnnotateObjWithHash[T any](
	obj client.Object,
	toHash T,
) error

AnnotateObjWithHash sets the hash of the provided toHash object in the provided obj's annotations.

func CalculateHash added in v1.5.0 

func CalculateHash[T any](
	obj T,
) (string, error)

CalculateHash calculates the hash of the given object. It returns the hash as a string.

func ClusterCertificateVolume 

func ClusterCertificateVolume(certSecretName string) corev1.Volume

ClusterCertificateVolume returns a volume holding a cluster certificate given a Secret holding a certificate.

func ClusterCertificateVolumeMount 

func ClusterCertificateVolumeMount() corev1.VolumeMount

ClusterCertificateVolumeMount returns a volume mount for the cluster certificate.

func ClusterRoleBindingContainsServiceAccount 

func ClusterRoleBindingContainsServiceAccount(existingClusterRoleBinding *rbacv1.ClusterRoleBinding, namespace string, serviceAccountName string) bool

ClusterRoleBindingContainsServiceAccount returns true if the subjects of the ClusterRoleBinding contains given service account.

func CompareClusterRoleName 

func CompareClusterRoleName(existingClusterRoleBinding *rbacv1.ClusterRoleBinding, clusterRoleName string) bool

CompareClusterRoleName compares RoleRef in ClusterRoleBinding with given cluster role name. It returns true if the referenced role is the cluster role with the given name.

func CompareRoleName added in v1.6.0 

func CompareRoleName(existingRoleBinding *rbacv1.RoleBinding, roleName string) bool

CompareRoleName compares RoleRef in RoleBinding with given cluster role name. It returns true if the referenced role is the cluster role with the given name.

func DefaultControlPlaneResources 

func DefaultControlPlaneResources() *corev1.ResourceRequirements

DefaultControlPlaneResources generates a ResourceRequirements with the ControlPlane defaults.

func DefaultDataPlaneResources 

func DefaultDataPlaneResources() *corev1.ResourceRequirements

DefaultDataPlaneResources generates a ResourceRequirements with the DataPlane defaults.

func EnsureNetworkPolicyIsUpdated 

func EnsureNetworkPolicyIsUpdated(
	existing *v1.NetworkPolicy,
	generated *v1.NetworkPolicy,
) bool

EnsureNetworkPolicyIsUpdated checks if the provided network policy needs an update. It comes to a decision by comparing the provided policies' specs. It returns a boolean which indicates whether we need to perform an update. Note that the provided existing policy is updated in place.

func GenerateControlPlaneContainer 

func GenerateControlPlaneContainer(params GenerateContainerForControlPlaneParams) corev1.Container

GenerateControlPlaneContainer generates a control plane container.

func GenerateControlPlaneProbe 

func GenerateControlPlaneProbe(endpoint string, port intstr.IntOrString) *corev1.Probe

GenerateControlPlaneProbe generates a controlplane probe that uses the specified endpoint. This is currently used both for readiness and liveness.

func GenerateDataPlaneContainer 

func GenerateDataPlaneContainer(image string) corev1.Container

GenerateDataPlaneContainer generates a DataPlane container.

func GenerateDataPlaneReadinessProbe 

func GenerateDataPlaneReadinessProbe(endpoint string) *corev1.Probe

GenerateDataPlaneReadinessProbe generates a dataplane probe that uses the specified endpoint.

func GenerateHPAForDataPlane 

func GenerateHPAForDataPlane(dataplane *operatorv1beta1.DataPlane, deploymentName string) (
	*autoscalingv2.HorizontalPodAutoscaler, error,
)

GenerateHPAForDataPlane generate an HPA for the given DataPlane. The provided deploymentName is the name of the Deployment that the HPA will target using its ScaleTargetRef.

func GenerateNewAdminServiceForDataPlane 

func GenerateNewAdminServiceForDataPlane(dataplane *operatorv1beta1.DataPlane, opts ...ServiceOpt) (*corev1.Service, error)

GenerateNewAdminServiceForDataPlane is a helper to generate the headless dataplane admin service

func GenerateNewAdmissionWebhookServiceForControlPlane 

func GenerateNewAdmissionWebhookServiceForControlPlane(cp *operatorv1beta1.ControlPlane) (*corev1.Service, error)

GenerateNewAdmissionWebhookServiceForControlPlane is a helper to generate the admission webhook service for a control plane.

func GenerateNewClusterRoleBindingForControlPlane 

func GenerateNewClusterRoleBindingForControlPlane(namespace, controlplaneName, serviceAccountName, clusterRoleName string) *rbacv1.ClusterRoleBinding

GenerateNewClusterRoleBindingForControlPlane is a helper to generate a ClusterRoleBinding resource to bind roles to the service account used by the controlplane deployment.

func GenerateNewClusterRoleForControlPlane 

func GenerateNewClusterRoleForControlPlane(controlplaneName string, image string, validateControlPlaneImage bool) (*rbacv1.ClusterRole, error)

GenerateNewClusterRoleForControlPlane is a helper function that extract the version from the tag, and returns the ClusterRole with all the needed permissions.

func GenerateNewDeploymentForControlPlane 

func GenerateNewDeploymentForControlPlane(params GenerateNewDeploymentForControlPlaneParams) (*appsv1.Deployment, error)

GenerateNewDeploymentForControlPlane generates a new Deployment for the ControlPlane

func GenerateNewIngressServiceForDataPlane 

func GenerateNewIngressServiceForDataPlane(dataplane *operatorv1beta1.DataPlane, opts ...ServiceOpt) (*corev1.Service, error)

GenerateNewIngressServiceForDataPlane is a helper to generate the dataplane ingress service

func GenerateNewRoleBindingForControlPlane added in v1.6.0 

func GenerateNewRoleBindingForControlPlane(
	cp *operatorv1beta1.ControlPlane,
	serviceAccountName string,
	roleNN k8stypes.NamespacedName,
) *rbacv1.RoleBinding

GenerateNewRoleBindingForControlPlane is a helper to generate a RoleBinding resource to bind roles to the service account used by the controlplane deployment.

func GenerateNewRoleForControlPlane added in v1.6.0 

func GenerateNewRoleForControlPlane(
	cp *operatorv1beta1.ControlPlane, namespace string, rules []rbacv1.PolicyRule,
) *rbacv1.Role

GenerateNewRoleForControlPlane generates a new Role in provided namespace for provided ControlPlane.

func GenerateNewServiceAccountForControlPlane 

func GenerateNewServiceAccountForControlPlane(namespace, controlplaneName string) *corev1.ServiceAccount

GenerateNewServiceAccountForControlPlane is a helper to generate a ServiceAccount to be used by the controlplane deployment.

func GenerateNewTLSSecret 

func GenerateNewTLSSecret[
	T interface {
		ControlPlaneOrDataPlaneOrKonnectExtension
		client.Object
	},
](
	owner T, opts ...SecretOpt,
) *corev1.Secret

GenerateNewTLSSecret is a helper to generate a TLS Secret to be used for mutual TLS. It accepts a list of options that can change the generated Secret.

func GeneratePodDisruptionBudgetForDataPlane added in v1.4.0 

func GeneratePodDisruptionBudgetForDataPlane(dataplane *operatorv1beta1.DataPlane) (*policyv1.PodDisruptionBudget, error)

GeneratePodDisruptionBudgetForDataPlane generates a PodDisruptionBudget for the given DataPlane.

func GenerateValidatingWebhookConfigurationForControlPlane 

func GenerateValidatingWebhookConfigurationForControlPlane(webhookName string, image string, validateControlPlaneImage bool, clientConfig admregv1.WebhookClientConfig) (*admregv1.ValidatingWebhookConfiguration, error)

GenerateValidatingWebhookConfigurationForControlPlane generates a ValidatingWebhookConfiguration for a control plane based on the control plane version. It also overrides all webhooks' client configurations with the provided service details.

func GetDataPlaneIngressServiceName added in v1.5.0 

func GetDataPlaneIngressServiceName(dataPlane *operatorv1beta1.DataPlane) string

GetDataPlaneIngressServiceName fetches the specified name of ingress service of dataplane. If the service name is not specified, it returns an empty string.

func GetManagedLabelForOwner 

func GetManagedLabelForOwner(owner metav1.Object) client.MatchingLabels

GetManagedLabelForOwner returns the managed-by labels for the provided owner.

func IsContainerResourceEmpty 

func IsContainerResourceEmpty(resources corev1.ResourceRequirements) bool

IsContainerResourceEmpty determines if the provided resource requirements is effectively "empty" in that all fields are unset.

func LabelObjectAsControlPlaneManaged 

func LabelObjectAsControlPlaneManaged(obj metav1.Object)

LabelObjectAsControlPlaneManaged ensures that labels are set on the provided object to signal that it's owned by a ControlPlane resource and that its lifecycle is managed by this operator.

func LabelObjectAsDataPlaneManaged 

func LabelObjectAsDataPlaneManaged(obj metav1.Object)

LabelObjectAsDataPlaneManaged ensures that labels are set on the provided object to signal that it's owned by a DataPlane resource and that its lifecycle is managed by this operator.

func LabelObjectAsKongPluginInstallationManaged added in v1.4.0 

func LabelObjectAsKongPluginInstallationManaged(obj metav1.Object)

LabelObjectAsKongPluginInstallationManaged ensures that labels are set on the provided object to signal that it's owned by a KongPluginInstallation resource and that its lifecycle is managed by this operator.

func LabelObjectAsKonnectExtensionManaged added in v1.5.0 

func LabelObjectAsKonnectExtensionManaged(obj metav1.Object)

LabelObjectAsKonnectExtensionManaged ensures that labels are set on the provided object to signal that it's owned by a KonnectExtension resource and that its lifecycle is managed by this operator.

func ResourceRequirementsEqual 

func ResourceRequirementsEqual(a corev1.ResourceRequirements, b corev1.ResourceRequirements) bool

ResourceRequirementsEqual compares two corev1.ResourceRequirements. It is needed because sometimes we get objects with '1000m' and sometimes with '1' set as values and while those 2 are "different", they are the same in value.

func RoleBindingContainsServiceAccount added in v1.6.0 

func RoleBindingContainsServiceAccount(existingRoleBinding *rbacv1.RoleBinding, namespace string, serviceAccountName string) bool

RoleBindingContainsServiceAccount returns true if the subjects of the RoleBinding contains given service account.

func SecretWithLabel 

func SecretWithLabel(k, v string) func(s *corev1.Secret)

SecretWithLabel adds a label to a Secret.

func SetDefaultsContainer 

func SetDefaultsContainer(c *corev1.Container)

SetDefaultsContainer sets defaults in the provided Container.

func SetDefaultsPodTemplateSpec 

func SetDefaultsPodTemplateSpec(pts *corev1.PodTemplateSpec)

SetDefaultsPodTemplateSpec sets defaults in the provided PodTemplateSpec. This is useful for setting defaults in patches, where the defaults are not applied and we end up with structs that are filled with "zero default values".

The reason for this is that native Kubernetes structs (e.g. `Pod`) define their default values in comments and are applied in the SetDefaults_* functions. To prevent situations where users use fields from the PodTemplateSpec which imply usage of other fields which do not have zero values as defaults (e.g. probe timeouts or SecretVolumeSource default mode) we need to apply the defaults to the patch.

func SetDefaultsVolume 

func SetDefaultsVolume(v *corev1.Volume)

SetDefaultsVolume sets defaults in the provided Volume.

func SpecHashMatchesAnnotation added in v1.6.0 

func SpecHashMatchesAnnotation[T any](
	spec T,
	obj client.Object,
) (bool, error)

SpecHashMatchesAnnotation calculates the hash of the given spec and returns boolean indicating whether the hash matches the one in the annotations of the given object.

func StrategicMergePatchPodTemplateSpec 

func StrategicMergePatchPodTemplateSpec(base, patch *corev1.PodTemplateSpec) (*corev1.PodTemplateSpec, error)

StrategicMergePatchPodTemplateSpec adds patches to base using a strategic merge patch and iterating by container name, failing on the first error

func WithAnnotation added in v1.5.0 

func WithAnnotation[T client.Object](k, v string) func(d T)

WithAnnotation adds an annotation to an object.

Types

type ControlPlaneOrDataPlaneOrKonnectExtension added in v1.5.0 

type ControlPlaneOrDataPlaneOrKonnectExtension interface {
	*operatorv1beta1.ControlPlane | *operatorv1beta1.DataPlane | *konnectv1alpha1.KonnectExtension
}

ControlPlaneOrDataPlaneOrKonnectExtension is a type that can be either a ControlPlane, a DataPlane or a KonnectExtension. It is used to infer the types that can own secret resources.

type Deployment 

type Deployment appsv1.Deployment

Deployment is a wrapper for appsv1.Deployment. It provides additional methods to modify parts of the Deployment, such as to add a Volume or set an environment variable. These "With" methods do not return errors to allow chaining, and may no-op if target subsection is not available or overwrite existing conflicting configuration. If the presence of existing configuration is uncertain, you must check before invoking them.

func ApplyDeploymentUserPatches 

func ApplyDeploymentUserPatches(
	deployment *Deployment,
	podTemplateSpec *corev1.PodTemplateSpec,
) (*Deployment, error)

ApplyDeploymentUserPatches applies user PodTemplateSpec patches to a Deployment. It returns the existing Deployment if there are no patches.

func GenerateNewDeploymentForDataPlane 

func GenerateNewDeploymentForDataPlane(
	dataplane *operatorv1beta1.DataPlane,
	dataplaneImage string,
	opts ...DeploymentOpt,
) (*Deployment, error)

GenerateNewDeploymentForDataPlane generates a new Deployment for the DataPlane

func (*Deployment) Unwrap 

func (d *Deployment) Unwrap() *appsv1.Deployment

func (*Deployment) WithEnvVar 

func (d *Deployment) WithEnvVar(v corev1.EnvVar, container string) *Deployment

WithEnvVar sets an environment variable in a container. It overwrites any existing environment variable with the same name. It takes no action if the container does not exist.

func (*Deployment) WithVolume 

func (d *Deployment) WithVolume(v corev1.Volume) *Deployment

WithVolume appends a volume to a Deployment. It overwrites any existing Volume with the same name.

func (*Deployment) WithVolumeMount 

func (d *Deployment) WithVolumeMount(v corev1.VolumeMount, container string) *Deployment

WithVolumeMount appends a volume mount to a Deployment's container. It overwrites any existing VolumeMount with the same path. It takes no action if the container does not exist.

type DeploymentOpt 

type DeploymentOpt func(*appsv1.Deployment)

DeploymentOpt is an option for Deployment generators.

type GenerateContainerForControlPlaneParams added in v1.3.0 

type GenerateContainerForControlPlaneParams struct {
	Image string
	// AdmissionWebhookCertSecretName is the name of the Secret that holds the certificate for the admission webhook.
	// If this is nil, the admission webhook will not be enabled.
	AdmissionWebhookCertSecretName *string
}

GenerateContainerForControlPlaneParams is a parameter struct for GenerateControlPlaneContainer function.

type GenerateNewDeploymentForControlPlaneParams 

type GenerateNewDeploymentForControlPlaneParams struct {
	ControlPlane                   *operatorv1beta1.ControlPlane
	ControlPlaneImage              string
	ServiceAccountName             string
	AdminMTLSCertSecretName        string
	AdmissionWebhookCertSecretName string
	// WatchNamespaces contains the namespaces to watch for resources.
	// If not nil, the controller will only watch for resources in the specified namespaces.
	// This list has been verified (and possibly filtered down) by inspecting
	// the WatchNamespaces from the spec for ReferenceGrants in these namespaces.
	// If a namespace did not have a ReferenceGrant, it will not be in this list.
	WatchNamespaces []string
}

GenerateNewDeploymentForControlPlaneParams is a parameter struct for GenerateNewDeploymentForControlPlane function.

type SecretOpt 

type SecretOpt func(*corev1.Secret)

SecretOpt is an option function for a Secret.

type ServiceOpt 

type ServiceOpt func(*corev1.Service)

ServiceOpt is an option function for a Service.

func LabelSelectorFromDataPlaneStatusSelectorServiceOpt 

func LabelSelectorFromDataPlaneStatusSelectorServiceOpt(dataplane *operatorv1beta1.DataPlane) ServiceOpt

LabelSelectorFromDataPlaneStatusSelectorServiceOpt returns a ServiceOpt function which will set Service's selector based on provided DataPlane's Status selector field.

func ServicePortsFromDataPlaneIngressOpt 

func ServicePortsFromDataPlaneIngressOpt(dataplane *operatorv1beta1.DataPlane) ServiceOpt

ServicePortsFromDataPlaneIngressOpt is a helper to translate the DataPlane service ports field into actual service ports.

func ServiceWithLabel 

func ServiceWithLabel(k, v string) ServiceOpt

ServiceWithLabel adds a label to a Service.

Source Files

View all Source files

Directories

Path Synopsis
This file is generated by /hack/generators/kic/role-generator.
 This file is generated by /hack/generators/kic/role-generator.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.