controllers

package
v0.0.0-...-ee20d44 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 22, 2024 License: Apache-2.0 Imports: 36 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AnnotationInjectOAuth             = "notebooks.opendatahub.io/inject-oauth"
	AnnotationServiceMesh             = "opendatahub.io/service-mesh"
	AnnotationValueReconciliationLock = "odh-notebook-controller-lock"
	AnnotationLogoutUrl               = "notebooks.opendatahub.io/oauth-logout-url"
)
View Source 
const (
	NotebookOAuthPort = 8443
	NotebookPort      = 8888
)
View Source 
const (
	OAuthServicePort     = 443
	OAuthServicePortName = "oauth-proxy"
	OAuthProxyImage      = "registry.redhat.io/openshift4/ose-oauth-proxy:latest"
)

Variables

This section is empty.

Functions

func CheckAndMountCACertBundle 

func CheckAndMountCACertBundle(ctx context.Context, cli client.Client, notebook *nbv1.Notebook, log logr.Logger) error

CheckAndMountCACertBundle checks if the odh-trusted-ca-bundle ConfigMap is present

func CompareNotebookNetworkPolicies 

func CompareNotebookNetworkPolicies(np1 netv1.NetworkPolicy, np2 netv1.NetworkPolicy) bool

CompareNotebookNetworkPolicies checks if two services are equal, if not return false

func CompareNotebookRoutes 

func CompareNotebookRoutes(r1 routev1.Route, r2 routev1.Route) bool

CompareNotebookRoutes checks if two routes are equal, if not return false

func CompareNotebookServiceAccounts 

func CompareNotebookServiceAccounts(sa1 corev1.ServiceAccount, sa2 corev1.ServiceAccount) bool

CompareNotebookServiceAccounts checks if two service accounts are equal, if not return false

func CompareNotebookServices 

func CompareNotebookServices(s1 corev1.Service, s2 corev1.Service) bool

CompareNotebookServices checks if two services are equal, if not return false

func CompareNotebooks 

func CompareNotebooks(nb1 nbv1.Notebook, nb2 nbv1.Notebook) bool

CompareNotebooks checks if two notebooks are equal, if not return false.

func InjectCertConfig 

func InjectCertConfig(notebook *nbv1.Notebook, configMapName string) error

func InjectOAuthProxy 

func InjectOAuthProxy(notebook *nbv1.Notebook, oauth OAuthConfig) error

InjectOAuthProxy injects the OAuth proxy sidecar container in the Notebook spec

func InjectReconciliationLock 

func InjectReconciliationLock(meta *metav1.ObjectMeta) error

InjectReconciliationLock injects the kubeflow notebook controller culling stop annotation to explicitly start the notebook pod when the ODH notebook controller finishes the reconciliation. Otherwise, a race condition may happen while mounting the notebook service account pull secret into the pod.

The ODH notebook controller will remove this annotation when the first reconciliation is completed (see RemoveReconciliationLock).

func NewNotebookNetworkPolicy 

func NewNotebookNetworkPolicy(notebook *nbv1.Notebook) *netv1.NetworkPolicy

NewNotebookNetworkPolicy defines the desired network policy for Notebook port

func NewNotebookOAuthRoute 

func NewNotebookOAuthRoute(notebook *nbv1.Notebook) *routev1.Route

NewNotebookOAuthRoute defines the desired OAuth route object

func NewNotebookOAuthSecret 

func NewNotebookOAuthSecret(notebook *nbv1.Notebook) *corev1.Secret

NewNotebookOAuthSecret defines the desired OAuth secret object

func NewNotebookOAuthService 

func NewNotebookOAuthService(notebook *nbv1.Notebook) *corev1.Service

NewNotebookOAuthService defines the desired OAuth service object

func NewNotebookRoute 

func NewNotebookRoute(notebook *nbv1.Notebook) *routev1.Route

NewNotebookRoute defines the desired route object

func NewNotebookServiceAccount 

func NewNotebookServiceAccount(notebook *nbv1.Notebook) *corev1.ServiceAccount

NewNotebookServiceAccount defines the desired service account object

func NewOAuthNetworkPolicy 

func NewOAuthNetworkPolicy(notebook *nbv1.Notebook) *netv1.NetworkPolicy

NewOAuthNetworkPolicy defines the desired OAuth Network Policy

func OAuthInjectionIsEnabled 

func OAuthInjectionIsEnabled(meta metav1.ObjectMeta) bool

OAuthInjectionIsEnabled returns true if the oauth sidecar injection annotation is present in the notebook.

func ReconciliationLockIsEnabled 

func ReconciliationLockIsEnabled(meta metav1.ObjectMeta) bool

ReconciliationLockIsEnabled returns true if the reconciliation lock annotation is present in the notebook.

func ServiceMeshIsEnabled 

func ServiceMeshIsEnabled(meta metav1.ObjectMeta) bool

ServiceMeshIsEnabled returns true if the notebook should be part of the service mesh.

Types

type NotebookWebhook 

type NotebookWebhook struct {
	Log         logr.Logger
	Client      client.Client
	Decoder     *admission.Decoder
	OAuthConfig OAuthConfig
}

NotebookWebhook holds the webhook configuration.

func (*NotebookWebhook) Handle 

func (w *NotebookWebhook) Handle(ctx context.Context, req admission.Request) admission.Response

Handle transforms the Notebook objects.

func (*NotebookWebhook) InjectDecoder 

func (w *NotebookWebhook) InjectDecoder(d *admission.Decoder) error

InjectDecoder injects the decoder.

type OAuthConfig 

type OAuthConfig struct {
	ProxyImage string
}

type OpenshiftNotebookReconciler 

type OpenshiftNotebookReconciler struct {
	client.Client
	Scheme *runtime.Scheme
	Log    logr.Logger
}

OpenshiftNotebookReconciler holds the controller configuration.

func (*OpenshiftNotebookReconciler) CreateNotebookCertConfigMap 

func (r *OpenshiftNotebookReconciler) CreateNotebookCertConfigMap(notebook *nbv1.Notebook,
	ctx context.Context) error

createNotebookCertConfigMap creates a ConfigMap workbench-trusted-ca-bundle that contains the root certificates from the ConfigMap odh-trusted-ca-bundle and the self-signed certificates from the ConfigMap kube-root-ca.crt The ConfigMap workbench-trusted-ca-bundle is used by the notebook to trust the root and self-signed certificates.

func (*OpenshiftNotebookReconciler) IsConfigMapDeleted 

func (r *OpenshiftNotebookReconciler) IsConfigMapDeleted(notebook *nbv1.Notebook, ctx context.Context) bool

IsConfigMapDeleted check if configmap is deleted and the notebook is using the configmap as a volume

func (*OpenshiftNotebookReconciler) Reconcile 

func (r *OpenshiftNotebookReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile performs the reconciling of the Openshift objects for a Kubeflow Notebook.

func (*OpenshiftNotebookReconciler) ReconcileAllNetworkPolicies 

func (r *OpenshiftNotebookReconciler) ReconcileAllNetworkPolicies(notebook *nbv1.Notebook, ctx context.Context) error

ReconcileAllNetworkPolicies will manage the network policies reconciliation required by the notebook.

func (*OpenshiftNotebookReconciler) ReconcileOAuthRoute 

func (r *OpenshiftNotebookReconciler) ReconcileOAuthRoute(
	notebook *nbv1.Notebook, ctx context.Context) error

ReconcileOAuthRoute will manage the creation, update and deletion of the OAuth route when the notebook is reconciled.

func (*OpenshiftNotebookReconciler) ReconcileOAuthSecret 

func (r *OpenshiftNotebookReconciler) ReconcileOAuthSecret(notebook *nbv1.Notebook, ctx context.Context) error

ReconcileOAuthSecret will manage the OAuth secret reconciliation required by the notebook OAuth proxy

func (*OpenshiftNotebookReconciler) ReconcileOAuthService 

func (r *OpenshiftNotebookReconciler) ReconcileOAuthService(notebook *nbv1.Notebook, ctx context.Context) error

ReconcileOAuthService will manage the OAuth service reconciliation required by the notebook OAuth proxy

func (*OpenshiftNotebookReconciler) ReconcileOAuthServiceAccount 

func (r *OpenshiftNotebookReconciler) ReconcileOAuthServiceAccount(notebook *nbv1.Notebook, ctx context.Context) error

ReconcileOAuthServiceAccount will manage the service account reconciliation required by the notebook OAuth proxy

func (*OpenshiftNotebookReconciler) ReconcileRoute 

func (r *OpenshiftNotebookReconciler) ReconcileRoute(
	notebook *nbv1.Notebook, ctx context.Context) error

ReconcileRoute will manage the creation, update and deletion of the TLS route when the notebook is reconciled

func (*OpenshiftNotebookReconciler) RemoveReconciliationLock 

func (r *OpenshiftNotebookReconciler) RemoveReconciliationLock(notebook *nbv1.Notebook,
	ctx context.Context) error

RemoveReconciliationLock waits until the image pull secret is mounted in the notebook service account to remove the reconciliation lock annotation.

func (*OpenshiftNotebookReconciler) SetupWithManager 

func (r *OpenshiftNotebookReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager sets up the controller with the Manager.

func (*OpenshiftNotebookReconciler) UnsetNotebookCertConfig 

func (r *OpenshiftNotebookReconciler) UnsetNotebookCertConfig(notebook *nbv1.Notebook, ctx context.Context) error

UnsetEnvVars removes the environment variables from the notebook container

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.