translator

package
v1.29.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 11, 2024 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DescriptionForDefaultHealthChecks            = "Default kubernetes L7 Loadbalancing health check."
	DescriptionForDefaultNEGHealthChecks         = "Default kubernetes L7 Loadbalancing health check for NEG."
	DescriptionForDefaultILBHealthChecks         = "Default kubernetes L7 Loadbalancing health check for ILB."
	DescriptionForDefaultXLBRegionalHealthChecks = "Default kubernetes L7 Loadbalancing health check for Regional XLB."
	DescriptionForHealthChecksFromReadinessProbe = "Kubernetes L7 health check generated with readiness probe settings."
	DescriptionForHealthChecksFromBackendConfig  = "Kubernetes L7 health check generated with BackendConfig CRD."
	DescriptionForTransparentHealthChecks        = "Kubernetes L7 transparent health check."
)

Variables

This section is empty.

Functions

func ApplyProbeSettingsToHC 

func ApplyProbeSettingsToHC(p *v1.Probe, hc *HealthCheck, spLogger klog.Logger)

ApplyProbeSettingsToHC takes the Pod healthcheck settings and applies it to the healthcheck.

TODO: what if the port changes? TODO: does not handle protocol?

func GetCertHash 

func GetCertHash(contents string) string

TODO(shance): find a way to unexport this

func OverwriteWithTHC added in v1.24.0 

func OverwriteWithTHC(hc *HealthCheck, port int64, spLogger klog.Logger)

OverwriteWithTHC applies the standard values for Transparent Health Checks.

func ToCompositeURLMap 

func ToCompositeURLMap(g *utils.GCEURLMap, namer namer.IngressFrontendNamer, key *meta.Key) *composite.UrlMap

ToCompositeURLMap translates the given hostname: endpoint->port mapping into a gce url map.

HostRule: Conceptually contains all PathRules for a given host. PathMatcher: Associates a path rule with a host rule. Mostly an optimization. PathRule: Maps a single path regex to a backend.

The GCE url map allows multiple hosts to share url->backend mappings without duplication, eg: 

Host: foo(PathMatcher1), bar(PathMatcher1,2)
PathMatcher1:
  /a -> b1
  /b -> b2
PathMatcher2:
  /c -> b1

This leads to a lot of complexity in the common case, where all we want is a mapping of host->{/path: backend}.

Consider some alternatives: 1. Using a single backend per PathMatcher: 

Host: foo(PathMatcher1,3) bar(PathMatcher1,2,3)
PathMatcher1:
  /a -> b1
PathMatcher2:
  /c -> b1
PathMatcher3:
  /b -> b2

2. Using a single host per PathMatcher: 

Host: foo(PathMatcher1)
PathMatcher1:
  /a -> b1
  /b -> b2
Host: bar(PathMatcher2)
PathMatcher2:
  /a -> b1
  /b -> b2
  /c -> b1

In the context of kubernetes services, 2 makes more sense, because we rarely want to lookup backends (service:nodeport). When a service is deleted, we need to find all host PathMatchers that have the backend and remove the mapping. When a new path is added to a host (happens more frequently than service deletion) we just need to lookup the 1 path matcher of the host.

Types

type Env 

type Env struct {
	// Ing is the Ingress we are translating.
	Ing *v1.Ingress
	// TODO(shance): this should be a map, similar to SecretsMap
	// FrontendConfig is the frontendconfig associated with the Ingress
	FrontendConfig *frontendconfigv1beta1.FrontendConfig
	// SecretsMap contains a mapping from Secret name to the actual resource.
	// It is assumed that the map contains resources from a single namespace.
	// This is the same namespace as the Ingress namespace.
	SecretsMap map[string]*api_v1.Secret
	// VIP is the IP address assigned to the Ingress. This could be a raw IP address in GCP or the
	// name of an Address resource.
	VIP        string
	Network    string
	Subnetwork string
	Region     string
	Project    string
}

Env contains all k8s & GCP configuration needed to perform the translation.

func NewEnv 

func NewEnv(ing *v1.Ingress, client kubernetes.Interface, vip, net, subnet string) (*Env, error)

NewEnv returns an Env for the given Ingress.

type HealthCheck 

type HealthCheck struct {
	ForNEG         bool
	ForILB         bool
	ForRegionalXLB bool

	// As the {HTTP, HTTPS, HTTP2} settings are identical, we maintain the
	// settings at the outer-level and copy into the appropriate struct
	// in the HealthCheck embedded struct (see `merge()`) when getting the
	// compute struct back.
	computealpha.HTTPHealthCheck
	computealpha.HealthCheck

	Service *v1.Service
	// contains filtered or unexported fields
}

HealthCheck is a wrapper for different versions of the compute struct. TODO(bowei): replace inner workings with composite.

func DefaultHealthCheck 

func DefaultHealthCheck(port int64, protocol annotations.AppProtocol, spLogger klog.Logger) *HealthCheck

DefaultHealthCheck simply returns the default health check.

func DefaultILBHealthCheck 

func DefaultILBHealthCheck(protocol annotations.AppProtocol, spLogger klog.Logger) *HealthCheck

func DefaultNEGHealthCheck 

func DefaultNEGHealthCheck(protocol annotations.AppProtocol, spLogger klog.Logger) *HealthCheck

DefaultNEGHealthCheck simply returns the default health check.

func DefaultXLBRegionalHealthCheck added in v1.26.0 

func DefaultXLBRegionalHealthCheck(protocol annotations.AppProtocol, spLogger klog.Logger) *HealthCheck

func NewHealthCheck 

func NewHealthCheck(hc *computealpha.HealthCheck) (*HealthCheck, error)

NewHealthCheck creates a HealthCheck which abstracts nested structs away

func (*HealthCheck) Protocol 

func (hc *HealthCheck) Protocol() annotations.AppProtocol

Protocol returns the type cased to AppProtocol

func (*HealthCheck) SetHealthcheckInfo added in v1.24.0 

func (hc *HealthCheck) SetHealthcheckInfo(ci healthcheck.ClusterInfo, si healthcheck.ServiceInfo, spLogger klog.Logger)

func (*HealthCheck) ToAlphaComputeHealthCheck 

func (hc *HealthCheck) ToAlphaComputeHealthCheck() (*computealpha.HealthCheck, error)

ToAlphaComputeHealthCheck returns a valid computealpha.HealthCheck object

func (*HealthCheck) ToBetaComputeHealthCheck 

func (hc *HealthCheck) ToBetaComputeHealthCheck() (*computebeta.HealthCheck, error)

ToBetaComputeHealthCheck returns a valid computebeta.HealthCheck object

func (*HealthCheck) ToComputeHealthCheck 

func (hc *HealthCheck) ToComputeHealthCheck() (*compute.HealthCheck, error)

ToComputeHealthCheck returns a valid compute.HealthCheck object

func (*HealthCheck) UpdateFromBackendConfig 

func (hc *HealthCheck) UpdateFromBackendConfig(c *backendconfigv1.HealthCheckConfig, hcLogger klog.Logger)

func (*HealthCheck) Version 

func (hc *HealthCheck) Version() meta.Version

Version returns the appropriate API version to handle the health check Use Beta API for NEG as PORT_SPECIFICATION is required, and HTTP2

type TLSCerts 

type TLSCerts struct {
	// Key is private key.
	Key string
	// Cert is a public key.
	Cert string
	// Chain is a certificate chain.
	Chain string
	Name  string
	// md5 hash(first 8 bytes) of the cert contents
	CertHash string
}

TLSCerts encapsulates .pem encoded TLS information. TODO(shance): Remove this intermediate representation

func ToTLSCerts 

func ToTLSCerts(env *Env) ([]*TLSCerts, []error)

type Translator 

type Translator struct {
	// IsL7ILB is true if the Ingress will be translated into an L7 ILB (as opposed to an XLB).
	IsL7ILB bool
	// IsL7XLBRegional is true if the Ingress will be translated into an L7 Regional XLB (as opposed to an XLB).
	IsL7XLBRegional bool
	// FrontendNamer generates names for frontend resources.
	FrontendNamer namer.IngressFrontendNamer
}

Translator implements the mapping between an Ingress and its corresponding GCE resources.

func NewTranslator 

func NewTranslator(isL7ILB bool, isL7XLBRegional bool, frontendNamer namer.IngressFrontendNamer) *Translator

NewTranslator returns a new Translator.

func (*Translator) ToCompositeForwardingRule 

func (t *Translator) ToCompositeForwardingRule(env *Env, protocol namer.NamerProtocol, version meta.Version, proxyLink, description, fwSubnet string) *composite.ForwardingRule

ToCompositeForwardingRule returns a composite.ForwardingRule of type HTTP or HTTPS.

func (*Translator) ToCompositeSSLCertificates added in v1.11.0 

func (t *Translator) ToCompositeSSLCertificates(env *Env, tlsName string, tls []*TLSCerts, version meta.Version) []*composite.SslCertificate

func (*Translator) ToCompositeTargetHttpProxy 

func (t *Translator) ToCompositeTargetHttpProxy(description string, version meta.Version, urlMapKey *meta.Key) *composite.TargetHttpProxy

func (*Translator) ToCompositeTargetHttpsProxy 

func (t *Translator) ToCompositeTargetHttpsProxy(env *Env, description string, version meta.Version, urlMapKey *meta.Key, sslCerts []*composite.SslCertificate) (*composite.TargetHttpsProxy, bool, error)

TODO(shance): find a way to remove the second return value for sslPolicySet. We currently need to this to maintain the behavior where we do not update the policy if the frontendconfig is empty/deleted

func (*Translator) ToRedirectUrlMap 

func (t *Translator) ToRedirectUrlMap(env *Env, version meta.Version) *composite.UrlMap

ToRedirectUrlMap returns the UrlMap used for HTTPS Redirects on a L7 ELB This function returns nil if no url map needs to be created

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.