sidecarcontrol

package
v1.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 14, 2023 License: Apache-2.0 Imports: 36 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	SidecarSetKindName = "kruise.io/sidecarset-name"

	// SidecarSetHashAnnotation represents the key of a sidecarSet hash
	SidecarSetHashAnnotation = "kruise.io/sidecarset-hash"
	// SidecarSetHashWithoutImageAnnotation represents the key of a sidecarset hash without images of sidecar
	SidecarSetHashWithoutImageAnnotation = "kruise.io/sidecarset-hash-without-image"

	// SidecarSetListAnnotation represent sidecarset list that injected pods
	SidecarSetListAnnotation = "kruise.io/sidecarset-injected-list"

	// SidecarEnvKey specifies the environment variable which record a container as injected
	SidecarEnvKey = "IS_INJECTED"

	// SidecarsetInplaceUpdateStateKey records the state of inplace-update.
	// The value of annotation is SidecarsetInplaceUpdateStateKey.
	SidecarsetInplaceUpdateStateKey string = "kruise.io/sidecarset-inplace-update-state"
)
View Source 
const (
	// record which hot upgrade container is working currently
	SidecarSetWorkingHotUpgradeContainer = "kruise.io/sidecarset-working-hotupgrade-container"

	// sidecar container version in container env(SIDECARSET_VERSION)
	SidecarSetVersionEnvKey = "SIDECARSET_VERSION"
	// container version env in the other sidecar container of the same hotupgrade sidecar(SIDECARSET_VERSION_ALT)
	SidecarSetVersionAltEnvKey = "SIDECARSET_VERSION_ALT"
)
View Source 
const ControllerRevisionHashLabel = "controller.kubernetes.io/hash"

ControllerRevisionHashLabel is the label used to indicate the hash value of a ControllerRevision's Data.

Variables

View Source 
var (
	RevisionAdapterImpl = &revisionAdapterImpl{}
)
View Source 
var (
	// SidecarIgnoredNamespaces specifies the namespaces where Pods won't get injected
	// SidecarIgnoredNamespaces = []string{"kube-system", "kube-public"}
	// SubPathExprEnvReg format: $(ODD_NAME)、$(POD_NAME)...
	SubPathExprEnvReg, _ = regexp.Compile(`\$\(([-._a-zA-Z][-._a-zA-Z0-9]*)\)`)
)

Functions

func ControllerRevisionName 

func ControllerRevisionName(prefix string, hash string) string

ControllerRevisionName returns the Name for a ControllerRevision in the form prefix-hash. If the length of prefix is greater than 223 bytes, it is truncated to allow for a name that is no larger than 253 bytes.

func ConvertDownwardAPIFieldLabel 

func ConvertDownwardAPIFieldLabel(version, label, value string) (string, string, error)

code lifted from https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/core/pods/helpers.go ConvertDownwardAPIFieldLabel converts the specified downward API field label and its value in the pod of the specified version to the internal version, and returns the converted label and value. This function returns an error if the conversion fails.

func DeepHashObject 

func DeepHashObject(hasher hash.Hash, objectToWrite interface{})

DeepHashObject writes specified object to hash using the spew library which follows pointers and prints actual values of the nested objects ensuring the hash does not change when a pointer changes.

func ExtractContainerNameFromFieldPath 

func ExtractContainerNameFromFieldPath(fs *corev1.ObjectFieldSelector, pod *corev1.Pod) (string, error)

func GetHotUpgradeContainerName 

func GetHotUpgradeContainerName(name string) (string, string)

return format: mesh-1, mesh-2

func GetInjectedVolumeMountsAndEnvs 

func GetInjectedVolumeMountsAndEnvs(control SidecarControl, sidecarContainer *appsv1alpha1.SidecarContainer, pod *corev1.Pod) ([]corev1.VolumeMount, []corev1.EnvVar)

func GetPodHotUpgradeContainers 

func GetPodHotUpgradeContainers(sidecarName string, pod *corev1.Pod) (workContainer, otherContainer string)

GetPodHotUpgradeContainers return two hot upgrade sidecar containers workContainer: currently working sidecar container, record in pod annotations[kruise.io/sidecarset-working-hotupgrade-container] otherContainer:

  1. empty container
  2. when in hot upgrading process, the older sidecar container

func GetPodHotUpgradeInfoInAnnotations 

func GetPodHotUpgradeInfoInAnnotations(pod *corev1.Pod) map[string]string

which hot upgrade sidecar container is working now format: sidecarset.spec.container[x].name -> pod.spec.container[x].name for example: mesh -> mesh-1, envoy -> envoy-2

func GetPodSidecarSetControllerRevision 

func GetPodSidecarSetControllerRevision(sidecarSetName string, pod metav1.Object) string

func GetPodSidecarSetRevision 

func GetPodSidecarSetRevision(sidecarSetName string, pod metav1.Object) string

func GetPodSidecarSetVersionAltAnnotation 

func GetPodSidecarSetVersionAltAnnotation(cName string) string

func GetPodSidecarSetVersionAnnotation 

func GetPodSidecarSetVersionAnnotation(cName string) string

only used in hot upgrade container cName format: mesh-1, mesh-2

func GetPodSidecarSetWithoutImageRevision 

func GetPodSidecarSetWithoutImageRevision(sidecarSetName string, pod metav1.Object) string

func GetPodsSortFunc 

func GetPodsSortFunc(pods []*corev1.Pod, waitUpdateIndexes []int) func(i, j int) bool

func GetRevisionSelector 

func GetRevisionSelector(s *appsv1alpha1.SidecarSet) labels.Selector

func GetSidecarContainersInPod 

func GetSidecarContainersInPod(sidecarSet *appsv1alpha1.SidecarSet) sets.String

func GetSidecarSetRevision 

func GetSidecarSetRevision(sidecarSet *appsv1alpha1.SidecarSet) string

func GetSidecarSetWithoutImageRevision 

func GetSidecarSetWithoutImageRevision(sidecarSet *appsv1alpha1.SidecarSet) string

func GetSidecarTransferEnvs 

func GetSidecarTransferEnvs(sidecarContainer *appsv1alpha1.SidecarContainer, pod *corev1.Pod) (injectedEnvs []corev1.EnvVar)

func HashControllerRevision 

func HashControllerRevision(revision *apps.ControllerRevision, probe *int32) string

HashControllerRevision hashes the contents of revision's Data using FNV hashing. If probe is not nil, the byte value of probe is added written to the hash as well. The returned hash will be a safe encoded string to avoid bad words.

func IsActivePod 

func IsActivePod(pod *corev1.Pod) bool

IsActivePod determines the pod whether need be injected and updated

func IsHotUpgradeContainer 

func IsHotUpgradeContainer(sidecarContainer *appsv1alpha1.SidecarContainer) bool

whether sidecar container update strategy is HotUpdate

func IsInjectedSidecarContainerInPod 

func IsInjectedSidecarContainerInPod(container *corev1.Container) bool

func IsPodConsistentWithSidecarSet 

func IsPodConsistentWithSidecarSet(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet) bool

func IsPodInjectedSidecarSet 

func IsPodInjectedSidecarSet(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet) bool

func IsPodSidecarUpdated 

func IsPodSidecarUpdated(sidecarSet *appsv1alpha1.SidecarSet, pod *corev1.Pod) bool

whether this pod has been updated based on the latest sidecarSet

func IsSharePodVolumeMounts 

func IsSharePodVolumeMounts(container *appsv1alpha1.SidecarContainer) bool

func IsSidecarContainerUpdateCompleted 

func IsSidecarContainerUpdateCompleted(pod *v1.Pod, sidecarSets, containers sets.String) bool

isContainerInplaceUpdateCompleted checks whether imageID in container status has been changed since in-place update. If the imageID in containerStatuses has not been changed, we assume that kubelet has not updated containers in Pod.

func MockSidecarSetForRevision 

func MockSidecarSetForRevision(set *appsv1alpha1.SidecarSet) metav1.Object

func NewControllerRevision 

func NewControllerRevision(parent metav1.Object,
	parentKind schema.GroupVersionKind,
	templateLabels map[string]string,
	data runtime.RawExtension,
	revision int64,
	collisionCount *int32) (*apps.ControllerRevision, error)

NewControllerRevision returns a ControllerRevision with a ControllerRef pointing to parent and indicating that parent is of parentKind. The ControllerRevision has labels matching template labels, contains Data equal to data, and has a Revision equal to revision. The collisionCount is used when creating the name of the ControllerRevision so the name is likely unique. If the returned error is nil, the returned ControllerRevision is valid. If the returned error is not nil, the returned ControllerRevision is invalid for use.

func NewRevision 

func NewRevision(s *appsv1alpha1.SidecarSet, namespace string, revision int64, collisionCount *int32) (
	*apps.ControllerRevision, error,
)

func NextRevision 

func NextRevision(revisions []*apps.ControllerRevision) int64

NextRevision finds the next valid revision number based on revisions. If the length of revisions is 0 this is 1. Otherwise, it is 1 greater than the largest revision's Revision. This method assumes that revisions has been sorted by Revision.

func PatchPodMetadata 

func PatchPodMetadata(originMetadata *metav1.ObjectMeta, patches []appsv1alpha1.SidecarSetPatchPodMetadata) (skip bool, err error)

PatchPodMetadata patch pod annotations and labels

func PodMatchedSidecarSet 

func PodMatchedSidecarSet(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet) (bool, error)

PodMatchSidecarSet determines if pod match Selector of sidecar.

func SidecarSetHash 

func SidecarSetHash(sidecarSet *appsv1alpha1.SidecarSet) (string, error)

SidecarSetHash returns a hash of the SidecarSet. The Containers are taken into account.

func SidecarSetHashWithoutImage 

func SidecarSetHashWithoutImage(sidecarSet *appsv1alpha1.SidecarSet) (string, error)

SidecarSetHashWithoutImage calculates sidecars's container hash without its image we use this to determine if the sidecar reconcile needs to update a pod image

func SidecarSetMutatingPod 

func SidecarSetMutatingPod(pod, oldPod *corev1.Pod, sidecarSets []*appsv1alpha1.SidecarSet, control SidecarControl) (skip bool, err error)

mutate pod based on SidecarSet Object

func SortControllerRevisions 

func SortControllerRevisions(revisions []*apps.ControllerRevision)

SortControllerRevisions sorts revisions by their Revision.

func UpdatePodSidecarSetHash 

func UpdatePodSidecarSetHash(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet)

UpdatePodSidecarSetHash when sidecarSet in-place update sidecar container, Update sidecarSet hash in Pod annotations[kruise.io/sidecarset-hash]

Types

type HistoryControl 

type HistoryControl interface {
	CreateControllerRevision(parent metav1.Object, revision *apps.ControllerRevision, collisionCount *int32) (*apps.ControllerRevision, error)
	ListSidecarSetControllerRevisions(sidecarSet *appsv1alpha1.SidecarSet) ([]*apps.ControllerRevision, error)
	UpdateControllerRevision(revision *apps.ControllerRevision, newRevision int64) (*apps.ControllerRevision, error)
	DeleteControllerRevision(revision *apps.ControllerRevision) error
	GetHistorySidecarSet(sidecarSet *appsv1alpha1.SidecarSet, revisionInfo *appsv1alpha1.SidecarSetInjectRevision) (*appsv1alpha1.SidecarSet, error)
	GetSuitableRevisionSidecarSet(sidecarSet *appsv1alpha1.SidecarSet, oldPod, newPod *v1.Pod) (*appsv1alpha1.SidecarSet, error)
}

func NewHistoryControl 

func NewHistoryControl(client clientset.Interface, indexer cache.Indexer, namespace string) HistoryControl

NewHistoryControl new history control indexer is controllerRevision indexer If you need CreateControllerRevision function, you must set parameter client If you need GetHistorySidecarSet and GetSuitableRevisionSidecarSet function, you must set parameter indexer Parameter namespace is required

type SidecarControl 

type SidecarControl interface {
	//*****inject portion*****//
	// whether need inject the volumeMount into container
	// when ShareVolumePolicy is enabled, the sidecar container will share the other container's VolumeMounts in the pod(don't contains the injected sidecar container).
	// You can reimplement the function NeedToInjectVolumeMount to filter out some of the volumes that don't need to be shared
	NeedToInjectVolumeMount(volumeMount v1.VolumeMount) bool
	// when update pod, judge whether inject sidecar container into pod
	// one can customize validation to allow sidecar addition after pod creation, and reimplement NeedToInjectInUpdatedPod to enable such injection in sidecarset
	NeedToInjectInUpdatedPod(pod, oldPod *v1.Pod, sidecarContainer *appsv1alpha1.SidecarContainer, injectedEnvs []v1.EnvVar,
		injectedMounts []v1.VolumeMount) (needInject bool, existSidecars []*appsv1alpha1.SidecarContainer, existVolumes []v1.Volume)
	// IsPodAvailabilityChanged check whether pod changed on updating trigger re-inject sidecar container
	// For update pod injection sidecar container scenario, this method can filter out many invalid update events, thus improving the overall webhook performance.
	IsPodAvailabilityChanged(pod, oldPod *v1.Pod) bool

	//*****upgrade portion*****//
	// IsPodStateConsistent indicates whether pod.spec and pod.status are consistent after updating the sidecar containers
	IsPodStateConsistent(pod *v1.Pod, sidecarSet *appsv1alpha1.SidecarSet, sidecarContainers sets.String) bool
	// IsPodReady indicates whether pod is fully ready
	// 1. pod.Status.Phase == v1.PodRunning
	// 2. pod.condition PodReady == true
	// 3. whether empty sidecar container is HotUpgradeEmptyImage
	IsPodReady(pod *v1.Pod, sidecarSet *appsv1alpha1.SidecarSet) bool
	// upgrade pod sidecar container to sidecarSet latest version
	// if container==nil means no change, no need to update, otherwise need to update
	UpgradeSidecarContainer(sidecarContainer *appsv1alpha1.SidecarContainer, pod *v1.Pod, sidecarSet *appsv1alpha1.SidecarSet) *v1.Container
	// When upgrading the pod sidecar container, you need to record some in-place upgrade information in pod annotations,
	// which is needed by the sidecarset controller to determine whether the upgrade is completed.
	UpdatePodAnnotationsInUpgrade(changedContainers []string, pod *v1.Pod, sidecarSet *appsv1alpha1.SidecarSet)
	// Is sidecarset can upgrade pods,
	// In Kubernetes native scenarios, only Container Image upgrades are allowed
	// When modifying other fields of the container, e.g. volumemounts, the sidecarSet will not depart to upgrade the sidecar container logic in-place,
	// and needs to be done by rebuilding the pod
	IsSidecarSetUpgradable(pod *v1.Pod, sidecarSet *appsv1alpha1.SidecarSet) bool

	// FindContainerToHotUpgrade
	FindContainerToHotUpgrade(sidecarContainer *appsv1alpha1.SidecarContainer, pod *v1.Pod, sidecarSet *appsv1alpha1.SidecarSet) (string, string)

	GetSuitableRevisionSidecarSet(sidecarSet *appsv1alpha1.SidecarSet, oldPod, newPod *v1.Pod) (*appsv1alpha1.SidecarSet, error)
}

func NewCommonControl 

func NewCommonControl(indexer cache.Indexer, namespace string) SidecarControl

NewCommonControl new sidecarSet control indexer is controllerRevision indexer If you need GetSuitableRevisionSidecarSet function, you must set indexer, namespace parameters otherwise you don't need to set any parameters

type SidecarSetUpgradeSpec 

type SidecarSetUpgradeSpec struct {
	UpdateTimestamp              metav1.Time `json:"updateTimestamp"`
	SidecarSetHash               string      `json:"hash"`
	SidecarSetName               string      `json:"sidecarSetName"`
	SidecarList                  []string    `json:"sidecarList"`                  // sidecarSet container list
	SidecarSetControllerRevision string      `json:"controllerRevision,omitempty"` // sidecarSet controllerRevision name
}

func GetPodSidecarSetUpgradeSpecInAnnotations 

func GetPodSidecarSetUpgradeSpecInAnnotations(sidecarSetName, annotationKey string, pod metav1.Object) SidecarSetUpgradeSpec

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.