Documentation
¶
Index ¶
Constants ¶
View Source
const ( // OperatorLabelPrefix is the common label prefix used by the operator OperatorLabelPrefix = "gateway-operator.konghq.com/" // OperatorAnnotationPrefix is the common annotation prefix used by the operator OperatorAnnotationPrefix = OperatorLabelPrefix // GatewayOperatorManagedByLabel is the label that is used for objects which // were created by this operator. // The value associated with this label indicated what component is controlling // the resource that has this label set, e.g. controlplane. GatewayOperatorManagedByLabel = OperatorLabelPrefix + "managed-by" // GatewayOperatorManagedByNameLabel is the label that is used for objects which // were created by this operator. // The value set for this label is the name of the object that is controlling // the resource that has this label set. // This can be used e.g. as a link between a managing object and the managed object // specifying when there's a cross namespace reference which is disallowed by the // Kubernetes API. GatewayOperatorManagedByNameLabel = OperatorLabelPrefix + "managed-by-name" // GatewayOperatorManagedByNamespaceLabel is the label that is used for objects which // were created by this operator. // The value set for this label is the namespace of the object that is controlling // the resource that has this label set. // This can be used e.g. as a link between a managing object and the managed object // specifying when there's a cross namespace reference which is disallowed by the // Kubernetes API. GatewayOperatorManagedByNamespaceLabel = OperatorLabelPrefix + "managed-by-namespace" // GatewayOperatorOwnerUIDControlPlane is the label that is used for objects // to indicate a ControlPlane resource is the owner of the object. // The value set for this label is the UID of the ControlPlane resource that // owns the object. GatewayOperatorOwnerUIDControlPlane = OperatorLabelPrefix + "controlplane-owner-uid" // GatewayManagedLabelValue indicates that the object's lifecycle is managed by // the gateway controller. GatewayManagedLabelValue = "gateway" // ServiceSecretLabel is a label that is added to operator related Service // Secrets to designate which Service this particular Secret it used by. ServiceSecretLabel = OperatorLabelPrefix + "service-secret" // OperatorLabelSelector is a label name that is used for operator resources // as a label selector key. // Used with e.g. DataPlane's status.selector field. OperatorLabelSelector = OperatorLabelPrefix + "selector" // ControlPlaneServiceLabel is a Service's label that is used to indicate which kind of Service it is. ControlPlaneServiceLabel = OperatorLabelPrefix + "service" // SecretUsedByServiceLabel is a Secret's label that is used to indicate which Service kind is using the Secret. SecretUsedByServiceLabel = OperatorLabelPrefix + "secret-used-by-service" // ControlPlaneServiceKindAdmin is the value for SecretUsedByServiceLabel or ControlPlaneServiceLabel that // is used to indicate that a Service is an admin service. ControlPlaneServiceKindAdmin = "admin" // ControlPlaneServiceKindWebhook is the value for the SecretUsedByServiceLabel or ControlPlaneServiceLabel // that is used to indicate that a Service is a webhook service. ControlPlaneServiceKindWebhook = "webhook" // CertPurposeLabel indicates the purpose of a certificate. CertPurposeLabel = OperatorLabelPrefix + "cert-purpose" )
View Source
const ( // ClusterCertificateVolume is the name of the volume that holds the certificate // and keys which are used for serving traffic and ControlPlane and DataPlane communication. ClusterCertificateVolume = "cluster-certificate" // ClusterCertificateVolumeMountPath holds the path where cluster certificate // volume will be mounted. ClusterCertificateVolumeMountPath = "/var/cluster-certificate" // TLSCRT is the filename for the tls.crt. TLSCRT = "tls.crt" // TLSKey is the filename for the tls.key. TLSKey = "tls.key" // CACRT is the filename for the ca.crt. CACRT = "ca.crt" // TLSCRTPath is the full path for the tls.crt file. TLSCRTPath = ClusterCertificateVolumeMountPath + "/" + TLSCRT // TLSKeyPath is the full path for the tls.key file. TLSKeyPath = ClusterCertificateVolumeMountPath + "/" + TLSKey // TLSCACRTPath is the full path for the ca.crt file. TLSCACRTPath = ClusterCertificateVolumeMountPath + "/" + CACRT // CertFieldSecret is the field name in Kubernetes secret - WebhookCertificateConfigSecretName. CertFieldSecret = "cert" // KeyFieldSecret is the field name in Kubernetes secret - WebhookCertificateConfigSecretName. KeyFieldSecret = "key" // CAFieldSecret is the field name in Kubernetes secret - WebhookCertificateConfigSecretName. CAFieldSecret = "ca" // KongClusterCertVolume is the name of the volume that holds the certificate the enables // communication between Kong and Konnect. KongClusterCertVolume = "kong-cluster-cert" // KongClusterCertVolumeMountPath holds the path where the Kong Cluster certificate // volume will be mounted. KongClusterCertVolumeMountPath = "/etc/secrets/kong-cluster-cert" )
View Source
const ( // WebhookCertificateConfigBaseImage is the image to use by the certificate config Jobs. WebhookCertificateConfigBaseImage = "registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.3.0" // WebhookCertificateConfigShellImage is the image to use by the certificate config Jobs. WebhookCertificateConfigShellImage = "busybox" // WebhookName is the ValidatingWebhookConfiguration name. WebhookName = "gateway-operator-validation.konghq.com" // WebhookCertificateConfigSecretName is the name of the secret containing the webhook certificate. WebhookCertificateConfigSecretName = "gateway-operator-webhook-certs" // WebhookCertificateConfigName is the name given to the resources related by the certificate config Jobs. WebhookCertificateConfigName = "gateway-operator-admission" // WebhookCertificateConfigLabelvalue is the default label for all the resources related // to the certificate config Jobs. WebhookCertificateConfigLabelvalue = "gateway-operator-certificate-config" // WebhookServiceName is the name of the service that exposes the validating webhook WebhookServiceName = "gateway-operator-validating-webhook" )
View Source
const ( // ClusterCertEnvKey is the environment variable name for the cluster certificate. ClusterCertEnvKey = "KONG_CLUSTER_CERT" // ClusterCertKeyEnvKey is the environment variable name for the cluster certificate key. ClusterCertKeyEnvKey = "KONG_CLUSTER_CERT_KEY" // RouterFlavorEnvKey is the environment variable name for the Kong router flavor. RouterFlavorEnvKey = "KONG_ROUTER_FLAVOR" )
View Source
const ( // DefaultKonnectSyncPeriod is the default sync period for Konnect entities. DefaultKonnectSyncPeriod = time.Minute // DefaultKonnectMaxConcurrentReconciles is the default max concurrent reconciles for Konnect entities. DefaultKonnectMaxConcurrentReconciles = uint(8) )
View Source
const ( // DefaultControlPlaneBaseImage is the base container image that can be used // by default for a ControlPlane resource if all other attempts to dynamically // decide an image fail. DefaultControlPlaneBaseImage = "kong/kubernetes-ingress-controller" // DefaultControlPlaneImage is the default container image that can be used if // all other attempts to dynamically decide the default image fail. DefaultControlPlaneImage = DefaultControlPlaneBaseImage + ":" + versions.DefaultControlPlaneVersion // ControlPlaneControllerContainerName is the name of the ingress controller container in a ControlPlane Deployment. ControlPlaneControllerContainerName = "controller" // DataPlaneInitRetryDelay is the time delay between every attempt (on controller startup) // to connect to the Kong Admin API. It needs to be customized to 5 seconds to avoid // the ControlPlane crash due to DataPlane slow starts. DataPlaneInitRetryDelay = "5s" )
View Source
const ( // ControlPlaneAdmissionWebhookPortName is the name of the port on which the control plane admission webhook listens. ControlPlaneAdmissionWebhookPortName = "webhook" // ControlPlaneAdmissionWebhookListenPort is the port on which the control plane admission webhook listens. ControlPlaneAdmissionWebhookListenPort = 8080 // ControlPlaneAdmissionWebhookEnvVarValue is the default value for the admission webhook env var. ControlPlaneAdmissionWebhookEnvVarValue = "0.0.0.0:8080" // ControlPlaneAdmissionWebhookVolumeName is the name of the volume that holds the certificate that's used // for serving the admission webhook in control plane. ControlPlaneAdmissionWebhookVolumeName = "admission-webhook-certificate" // ControlPlaneAdmissionWebhookVolumeMountPath is the path where the admission webhook certificate will be mounted. ControlPlaneAdmissionWebhookVolumeMountPath = "/admission-webhook" )
View Source
const ( // DataPlaneManagedLabelValue indicates that an object's lifecycle is managed // by the dataplane controller. DataPlaneManagedLabelValue = "dataplane" // DataPlaneServiceTypeLabel is the label that is used for the services created by // the DataPlane controller to expose the DataPlane deployment. DataPlaneServiceTypeLabel = "gateway-operator.konghq.com/dataplane-service-type" // DataPlaneServiceStateLabel indicates the state of a DataPlane service. // Useful for progressive rollouts. DataPlaneServiceStateLabel = "gateway-operator.konghq.com/dataplane-service-state" // DataPlaneDeploymentStateLabel indicates the state of a DataPlane deployment. // Useful for progressive rollouts. DataPlaneDeploymentStateLabel = "gateway-operator.konghq.com/dataplane-deployment-state" // AnnotationLastAppliedAnnotations is the annotation key to store the last annotations // of a DataPlane-owned object (e.g. Ingress `Service`) applied by the DataPlane controller. // It allows the controller to decide which annotations are outdated compared to the DataPlane spec and // shall be removed. This guarantees no interference with annotations from other sources (e.g. users). AnnotationLastAppliedAnnotations = "gateway-operator.konghq.com/last-applied-annotations" // DataPlanePodStateLabel indicates the state of a DataPlane Pod. // Useful for progressive rollouts. DataPlanePodStateLabel = "gateway-operator.konghq.com/dataplane-pod-state" // DataPlaneStateLabelValuePreview indicates that a DataPlane resource is // a "preview" resource. // This is used in: // - the "preview" Service that is available to access the "preview" DataPlane Pods. // - the "preview" Deployment wraps the "preview" DataPlane Pods. DataPlaneStateLabelValuePreview = "preview" // DataPlaneStateLabelValueLive indicates that a DataPlane resource is // a "live" resource. // This is used in: // - the "live" Service that is available to access the "live" DataPlane Pods. // - the "live" Deployment wraps the "live" DataPlane Pods. DataPlaneStateLabelValueLive = "live" // DataPlaneAdminServiceLabelValue indicates that the service is intended to expose the // DataPlane admin API. DataPlaneAdminServiceLabelValue ServiceType = "admin" // DataPlaneIngressServiceLabelValue indicates that the service is intended to expose the // DataPlane proxy. DataPlaneIngressServiceLabelValue ServiceType = "ingress" )
View Source
const ( // DefaultDataPlaneBaseImage is the base container image that can be used // by default for a DataPlane resource if all other attempts to dynamically // decide an image fail. DefaultDataPlaneBaseImage = "kong" // DefaultDataPlaneBaseEnterpriseImage is the enterprise base container image. DefaultDataPlaneBaseEnterpriseImage = "kong/kong-gateway" // DefaultDataPlaneTag is the base container image tag that can be used // by default for a DataPlane resource if all other attempts to dynamically // decide an image tag fail. DefaultDataPlaneTag = "3.9" // renovate: datasource=docker depName=kong/kong-gateway // DefaultDataPlaneImage is the default container image that can be used if // all other attempts to dynamically decide the default image fail. DefaultDataPlaneImage = DefaultDataPlaneBaseImage + ":" + DefaultDataPlaneTag // DefaultDataPlaneEnterpriseImage is the default enterprise container image that can be used if // all other attempts to dynamically decide the default image fail. DefaultDataPlaneEnterpriseImage = DefaultDataPlaneBaseEnterpriseImage + ":" + DefaultDataPlaneTag // ServiceSelectorOverrideAnnotation is used on the dataplane to override the Selector // of both the admin and proxy services. // The value of such an annotation is to be intended as a comma-separated list of // key=value selectors, so that it is possible to add multiple selectors to the same // service. // // Example: // gateway-operator.konghq.com/service-selector-override: "key1=value,key2=value2" ServiceSelectorOverrideAnnotation = "gateway-operator.konghq.com/service-selector-override" // DataPlaneProxyContainerName is the name of the Kong proxy container DataPlaneProxyContainerName = "proxy" // DataPlaneStatusEndpoint is the endpoint to use for DataPlane readiness probe. DataPlaneStatusEndpoint = "/status" // DataPlaneStatusReadyEndpoint is the endpoint to use for DataPlane readiness probe // in the context of managed gateways. DataPlaneStatusReadyEndpoint = "/status/ready" )
View Source
const ( // DefaultHTTPPort is the default port used for HTTP ingress network traffic // from outside clusters. DefaultHTTPPort = 80 // DefaultHTTPSPort is the default port used for HTTPS ingress network traffic // from outside clusters. DefaultHTTPSPort = 443 // DataPlaneAdminAPIPort is the port that the dataplane uses for Admin API. DataPlaneAdminAPIPort = 8444 // DataPlaneProxyPort is the port that the dataplane uses for HTTP. DataPlaneProxyPort = 8000 // DataPlaneProxySSLPort is the port that the dataplane uses for HTTPS. DataPlaneProxySSLPort = 8443 // DataPlaneMetricsPort is the port that the dataplane uses for metrics. DataPlaneMetricsPort = 8100 // DataPlaneStatusPort is the port that the dataplane uses for status. DataPlaneStatusPort = 8100 )
View Source
const ( // DataPlaneAdminServicePortName is the port name of the DataPlane admin service. DataPlaneAdminServicePortName = "admin" // DataPlanePODDNSDiscoveryStrategy is DNS strategy to use when creating Gateway's Admin API addresses. DataPlaneServiceDNSDiscoveryStrategy = "service" )
----------------------------------------------------------------------------- Consts - DataPlane Services parameters -----------------------------------------------------------------------------
View Source
const ( // KongPluginInstallationManagedLabelValue indicates that an object's lifecycle is managed by the // KongPluginInstallation controller. KongPluginInstallationManagedLabelValue = "kong-plugin-installation" // AnnotationMappedToKongPluginInstallation is the annotation key used to store the name of the KongPluginInstallation // that maps to particular ConfigMap. AnnotationMappedToKongPluginInstallation = OperatorLabelPrefix + "mapped-to-kong-plugin-installation" // AnnotationKongPluginInstallationGenerationInternal is the annotation key used to store KongPluginInstallation // and its generation, internal usage to re-trigger deployment when KongPluginInstallation changes. AnnotationKongPluginInstallationGenerationInternal = OperatorLabelPrefix + "kong-plugin-installation-generation" )
View Source
const ( // CleanupPluginBindingFinalizer is the finalizer that is attached to entities that // are referenced as targets by managed KongPluginBindings (binding instances created // by the controller out of entities' konghq.com/plugins annotations). // This finalizer is used by the controller to be sure that whenever an entity is deleted, // all the targeting managed KongPluginBindings are deleted as well. CleanupPluginBindingFinalizer = "gateway.konghq.com/cleanup-plugin-binding" // PluginInUseFinalizer is the finalizer attached to KongPlugin resources that are // properly referenced by KongPluginBindings. // It avoids that KongPlugins get deleted when KongPluginBindings are still referencing them. PluginInUseFinalizer = "gateway.konghq.com/plugin-in-use" // KonnectExtensionSecretInUseFinalizer is the finalizer added to the secret // referenced by KonnectExtension to ensure that the secret is not deleted // when in use by an active KonnectExtension. KonnectExtensionSecretInUseFinalizer = "gateway.konghq.com/secret-in-use" )
View Source
const ( // SecretProvisioningLabelKey is the label key used to store the provisioning method // of the secret resource. SecretProvisioningLabelKey = "gateway.konghq.com/secret-provisioning" // SecretProvisioningAutomaticLabelValue indicates that the secret resource is // automatically provisioned by the controller. SecretProvisioningAutomaticLabelValue = "automatic" // KonnectExtensionManagedByLabelValue indicates that an object's lifecycle is managed // by the KonnectExtension controller. KonnectExtensionManagedByLabelValue = "konnect-extension" )
View Source
const ( // AnnotationSpecHash is the annotation used to store the hash of the spec // in the owner object. // This is used to detect changes in the spec of the owner object and to prevent // unnecessary updates to the child objects when enforce-config is set to false. // One exemplar use case for this is AKS where Admission Enforcer mutates // ControlPlane's ValidatingWebhookConfiguration. AnnotationSpecHash = "gateway-operator.konghq.com/spec-hash" )
View Source
const ( // ControlPlaneManagedLabelValue indicates that an object's lifecycle is managed // by the controlplane controller. ControlPlaneManagedLabelValue = "controlplane" )
View Source
const (
// ControlPlanePrefix is used as a name prefix to generate controlplane-owned objects' name.
ControlPlanePrefix = "controlplane"
)
View Source
const ( // DataPlaneCertificateIDAnnotationKey is the label key used to store the certificate IDs // associated with the secret resource. Since multiple Konnect Certificates can be // created out of a single secret, this label is used to store the certificate ID // of all the certificates created out of the secret, separated by commas. // Example: konnect.konghq.com/certificate-ids: "xxxxxx,yyyyyy,zzzzzz" DataPlaneCertificateIDAnnotationKey = "konnect.konghq.com/certificate-ids" )
View Source
const ( // DataPlaneOwnedWaitForOwnerFinalizer is the finalizer added to resources owned by a DataPlane // to ensure that the resources are not deleted before the DataPlane is deleted. DataPlaneOwnedWaitForOwnerFinalizer = "gateway-operator.konghq.com/wait-for-owner" )
View Source
const (
// DataPlanePrefix is used as a name prefix to generate dataplane-owned objects' name
DataPlanePrefix = "dataplane"
)
View Source
const ( // EnvVarKongDatabase is the environment variable name to specify database // backend used for dataplane(Kong gateway). Currently only DBLess mode // (empty, or "off") is supported. EnvVarKongDatabase = "KONG_DATABASE" )
View Source
const ( // ExtensionInUseFinalizer is the finalizer added to KonnectExtension // to ensure that the resources are not deleted when in use by a dataplane. ExtensionInUseFinalizer = "gateway-operator.konghq.com/extension-in-use" )
View Source
const (
// KonnectExtensionPrefix is used as a name prefix to generate KonnectExtension-owned objects' name
KonnectExtensionPrefix = "konnect-extension"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type RouterFlavor ¶ added in v1.5.0
type RouterFlavor string
RouterFlavor represents the flavor of the Kong router. ref: https://docs.konghq.com/gateway/latest/reference/configuration/#router_flavor
const ( // RouterFlavorTraditionalCompatible is the traditional compatible router flavor. RouterFlavorTraditionalCompatible RouterFlavor = "traditional_compatible" // RouterFlavorExpressions is the expressions router flavor. RouterFlavorExpressions RouterFlavor = "expressions" // DefaultRouterFlavor is the default router flavor. DefaultRouterFlavor = RouterFlavorExpressions )
type ServiceType ¶
type ServiceType string
ServiceType is a re-typing of string to be used to distinguish between proxy and admin service
Source Files
Click to show internal directories.
Click to hide internal directories.