catalog

package
v0.0.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 16, 2020 License: MIT Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	//HTTPTraffic specifies HTTP Traffic Policy
	HTTPTraffic = "HTTPRouteGroup"

	//HostHeaderKey specifies the host header key
	HostHeaderKey = "host"
)

Variables

This section is empty.

Functions

func GetPodFromCertificate 

func GetPodFromCertificate(cn certificate.CommonName, kubeClient kubernetes.Interface) (*v1.Pod, error)

GetPodFromCertificate returns the Kubernetes Pod object for a given certificate.

func NewCertCommonNameWithProxyID 

func NewCertCommonNameWithProxyID(proxyUUID, serviceAccount, namespace string) certificate.CommonName

NewCertCommonNameWithProxyID returns a newly generated CommonName for a certificate of the form: <ProxyID>.<serviceAccount>.<namespace>

Types

type MeshCatalog 

type MeshCatalog struct {
	// contains filtered or unexported fields
}

MeshCatalog is the struct for the service catalog

func NewFakeMeshCatalog 

func NewFakeMeshCatalog(kubeClient kubernetes.Interface) *MeshCatalog

NewFakeMeshCatalog creates a new struct implementing catalog.MeshCataloger interface used for testing.

func NewMeshCatalog 

func NewMeshCatalog(kubeClient kubernetes.Interface, meshSpec smi.MeshSpec, certManager certificate.Manager, ingressMonitor ingress.Monitor, stop <-chan struct{}, cfg configurator.Configurator, endpointsProviders ...endpoint.Provider) *MeshCatalog

NewMeshCatalog creates a new service catalog

func (*MeshCatalog) ExpectProxy 

func (mc *MeshCatalog) ExpectProxy(cn certificate.CommonName)

ExpectProxy catalogs the fact that a certificate was issued for an Envoy proxy and this is expected to connect to XDS.

func (*MeshCatalog) GetCertificateForService 

func (mc *MeshCatalog) GetCertificateForService(nsService service.NamespacedService) (certificate.Certificater, error)

GetCertificateForService returns the certificate the given proxy uses for mTLS to the XDS server.

func (*MeshCatalog) GetDomainForService 

func (mc *MeshCatalog) GetDomainForService(nsService service.NamespacedService, routeHeaders map[string]string) (string, error)

GetDomainForService returns the domain name of a service

func (*MeshCatalog) GetIngressRoutePoliciesPerDomain 

func (mc *MeshCatalog) GetIngressRoutePoliciesPerDomain(service service.NamespacedService) (map[string][]trafficpolicy.Route, error)

GetIngressRoutePoliciesPerDomain returns the route policies per domain associated with an ingress service

func (*MeshCatalog) GetIngressWeightedCluster 

func (mc *MeshCatalog) GetIngressWeightedCluster(svc service.NamespacedService) (service.WeightedCluster, error)

GetIngressWeightedCluster returns the weighted cluster for an ingress service

func (*MeshCatalog) GetServiceForServiceAccount 

func (mc *MeshCatalog) GetServiceForServiceAccount(sa service.NamespacedServiceAccount) (service.NamespacedService, error)

GetServiceForServiceAccount returns a service corresponding to a service account

func (*MeshCatalog) GetServiceFromEnvoyCertificate 

func (mc *MeshCatalog) GetServiceFromEnvoyCertificate(cn certificate.CommonName) (*service.NamespacedService, error)

GetServiceFromEnvoyCertificate returns the single service given Envoy is a member of based on the certificate provided, which is a cert issued to an Envoy for XDS communication (not Envoy-to-Envoy).

func (*MeshCatalog) GetWeightedClusterForService 

func (mc *MeshCatalog) GetWeightedClusterForService(nsService service.NamespacedService) (service.WeightedCluster, error)

GetWeightedClusterForService returns the weighted cluster for a given service

func (*MeshCatalog) IsIngressService 

func (mc *MeshCatalog) IsIngressService(service service.NamespacedService) (bool, error)

IsIngressService returns a boolean indicating if the service is a backend for an ingress resource

func (*MeshCatalog) ListAllowedInboundServices 

func (mc *MeshCatalog) ListAllowedInboundServices(destinationService service.NamespacedService) ([]service.NamespacedService, error)

ListAllowedInboundServices lists the inbound services allowed to connect to the given service.

func (*MeshCatalog) ListAllowedOutboundServices 

func (mc *MeshCatalog) ListAllowedOutboundServices(sourceService service.NamespacedService) ([]service.NamespacedService, error)

ListAllowedOutboundServices lists the services the given service is allowed outbound connections to.

func (*MeshCatalog) ListConnectedProxies 

func (mc *MeshCatalog) ListConnectedProxies() map[certificate.CommonName]*envoy.Proxy

ListConnectedProxies lists the Envoy proxies already connected and the time they first connected.

func (*MeshCatalog) ListDisconnectedProxies 

func (mc *MeshCatalog) ListDisconnectedProxies() map[certificate.CommonName]time.Time

ListDisconnectedProxies lists the Envoy proxies disconnected and the time last seen.

func (*MeshCatalog) ListEndpointsForService 

func (mc *MeshCatalog) ListEndpointsForService(svc service.Name) ([]endpoint.Endpoint, error)

ListEndpointsForService returns the list of provider endpoints corresponding to a service

func (*MeshCatalog) ListExpectedProxies 

func (mc *MeshCatalog) ListExpectedProxies() map[certificate.CommonName]time.Time

ListExpectedProxies lists the Envoy proxies yet to connect and the time their XDS certificate was issued.

func (*MeshCatalog) ListSMIPolicies 

func (mc *MeshCatalog) ListSMIPolicies() ([]*split.TrafficSplit, []service.WeightedService, []service.NamespacedServiceAccount, []*spec.HTTPRouteGroup, []*target.TrafficTarget, []*corev1.Service)

ListSMIPolicies returns all policies OSM is aware of.

func (*MeshCatalog) ListTrafficPolicies 

func (mc *MeshCatalog) ListTrafficPolicies(service service.NamespacedService) ([]trafficpolicy.TrafficTarget, error)

ListTrafficPolicies returns all the traffic policies for a given service that Envoy proxy should be aware of.

func (*MeshCatalog) RegisterNewEndpoint 

func (mc *MeshCatalog) RegisterNewEndpoint(smi.ClientIdentity)

RegisterNewEndpoint adds a newly connected Envoy proxy to the list of self-announced endpoints for a service.

func (*MeshCatalog) RegisterProxy 

func (mc *MeshCatalog) RegisterProxy(p *envoy.Proxy)

RegisterProxy implements MeshCatalog and registers a newly connected proxy.

func (*MeshCatalog) UnregisterProxy 

func (mc *MeshCatalog) UnregisterProxy(p *envoy.Proxy)

UnregisterProxy unregisters the given proxy from the catalog.

type MeshCataloger 

type MeshCataloger interface {

	// ListTrafficPolicies returns all the traffic policies for a given service that Envoy proxy should be aware of.
	ListTrafficPolicies(service.NamespacedService) ([]trafficpolicy.TrafficTarget, error)

	// ListAllowedInboundServices lists the inbound services allowed to connect to the given service.
	ListAllowedInboundServices(service.NamespacedService) ([]service.NamespacedService, error)

	// ListAllowedOutboundServices lists the services the given service is allowed outbound connections to.
	ListAllowedOutboundServices(service.NamespacedService) ([]service.NamespacedService, error)

	// ListSMIPolicies lists SMI policies.
	ListSMIPolicies() ([]*split.TrafficSplit, []service.WeightedService, []service.NamespacedServiceAccount, []*spec.HTTPRouteGroup, []*target.TrafficTarget, []*corev1.Service)

	// ListEndpointsForService returns the list of provider endpoints corresponding to a service
	ListEndpointsForService(service.Name) ([]endpoint.Endpoint, error)

	// GetCertificateForService returns the SSL Certificate for the given service.
	// This certificate will be used for service-to-service mTLS.
	GetCertificateForService(service.NamespacedService) (certificate.Certificater, error)

	// ExpectProxy catalogs the fact that a certificate was issued for an Envoy proxy and this is expected to connect to XDS.
	ExpectProxy(certificate.CommonName)

	// GetServiceFromEnvoyCertificate returns the single service given Envoy is a member of based on the certificate provided, which is a cert issued to an Envoy for XDS communication (not Envoy-to-Envoy).
	GetServiceFromEnvoyCertificate(certificate.CommonName) (*service.NamespacedService, error)

	// RegisterProxy registers a newly connected proxy with the service mesh catalog.
	RegisterProxy(*envoy.Proxy)

	// UnregisterProxy unregisters an existing proxy from the service mesh catalog
	UnregisterProxy(*envoy.Proxy)

	// GetServiceForServiceAccount returns the service corresponding to a service account
	GetServiceForServiceAccount(service.NamespacedServiceAccount) (service.NamespacedService, error)

	//GetDomainForService returns the domain name of a service
	GetDomainForService(service service.NamespacedService, routeHeaders map[string]string) (string, error)

	//GetWeightedClusterForService returns the weighted cluster for a service
	GetWeightedClusterForService(service service.NamespacedService) (service.WeightedCluster, error)

	// IsIngressService returns a boolean indicating if the service is a backend for an ingress resource
	IsIngressService(service.NamespacedService) (bool, error)

	// GetIngressRoutePoliciesPerDomain returns the route policies per domain associated with an ingress service
	GetIngressRoutePoliciesPerDomain(service.NamespacedService) (map[string][]trafficpolicy.Route, error)

	// GetIngressWeightedCluster returns the weighted cluster for an ingress service
	GetIngressWeightedCluster(service.NamespacedService) (service.WeightedCluster, error)
}

MeshCataloger is the mechanism by which the Service Mesh controller discovers all Envoy proxies connected to the catalog.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.