networking

package
v0.0.0-...-48fd99c Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 1, 2024 License: Apache-2.0 Imports: 7 Imported by: 65

Documentation

Index

Constants

View Source
const (
	// ServiceHTTPPort is the port that we setup our Serving and Activator K8s services for
	// HTTP/1 endpoints.
	ServiceHTTPPort = 80

	// ServiceHTTP2Port is the port that we setup our Serving and Activator K8s services for
	// HTTP/2 endpoints.
	ServiceHTTP2Port = 81

	// ServiceHTTPSPort is the port that we setup our Serving and Activator K8s services for
	// HTTPS endpoints.
	ServiceHTTPSPort = 443

	// ServicePortNameHTTP1 is the name of the external port of the service for HTTP/1.1
	ServicePortNameHTTP1 = "http"

	// ServicePortNameH2C is the name of the external port of the service for HTTP/2
	ServicePortNameH2C = "http2"

	// ServicePortNameHTTPS is the name of the external port of the service for HTTPS
	ServicePortNameHTTPS = "https"
)

The ports we setup on our services.

View Source
const (
	// GroupName is the name for the networking API group.
	GroupName = "networking.internal.knative.dev"

	// CertifcateUIDLabelKey is used to specify a label selector for informers listing ingress secrets.
	CertificateUIDLabelKey = GroupName + "/certificate-uid"

	// IngressLabelKey is the label key attached to underlying network programming
	// resources to indicate which Ingress triggered their creation.
	IngressLabelKey = GroupName + "/ingress"

	// OriginSecretNameLabelKey is the label key attached to the TLS secret to indicate
	// the name of the origin secret that the TLS secret is copied from.
	OriginSecretNameLabelKey = GroupName + "/originSecretName"

	// OriginSecretNamespaceLabelKey is the label key attached to the TLS secret
	// to indicate the namespace of the origin secret that the TLS secret is copied from.
	OriginSecretNamespaceLabelKey = GroupName + "/originSecretNamespace"

	// RolloutAnnotationKey is the annotation key for storing
	// the rollout state in the Annotations of the Kingress or Route.Status.
	RolloutAnnotationKey = GroupName + "/rollout"
)
View Source
const (
	// PublicGroupName is the name for the public networking API group
	PublicGroupName = "networking.knative.dev"

	// CertificateClassAnnotationKey is the annotation for the
	// explicit class of Certificate that a particular resource has
	// opted into. For example,
	//
	//    networking.knative.dev/certificate.class: some-network-impl
	//
	// This uses a different domain because unlike the resource, it is
	// user-facing.
	//
	// The parent resource may use its own annotations to choose the
	// annotation value for the Certificate it uses.  Based on such
	// value a different reconciliation logic may be used (for examples,
	// Cert-Manager-based Certificate will reconcile into a Cert-Manager Certificate).
	CertificateClassAnnotationKey = PublicGroupName + "/certificate.class"

	// CertificateClassAnnotationAltKey is an alternative casing to CertificateClassAnnotationKey
	//
	// This annotation is meant to be applied to Knative Services or Routes. Serving
	// will translate this to original casing for better compatibility with different
	// certificate providers
	CertificateClassAnnotationAltKey = PublicGroupName + "/certificate-class"

	// DisableAutoTLSAnnotationKey is the annotation key attached to a Knative Service/DomainMapping
	// to indicate that AutoTLS should not be enabled for it.
	// Deprecated: use DisableExternalDomainTLSAnnotationKey instead.
	DisableAutoTLSAnnotationKey = PublicGroupName + "/disableAutoTLS"

	// DisableAutoTLSAnnotationAltKey is an alternative casing to DisableAutoTLSAnnotationKey
	// Deprecated: use DisableExternalDomainTLSAnnotationKey instead.
	DisableAutoTLSAnnotationAltKey = PublicGroupName + "/disable-auto-tls"

	// DisableExternalDomainTLSAnnotationKey is the annotation key attached to a Knative Service/DomainMapping
	// to indicate that external-domain-tls should not be enabled for it.
	DisableExternalDomainTLSAnnotationKey = PublicGroupName + "/disable-external-domain-tls"

	// HTTPOptionAnnotationKey is the annotation key attached to a Knative Service/DomainMapping
	// to indicate the HTTP option of it.
	HTTPOptionAnnotationKey = PublicGroupName + "/httpOption"

	// HTTPProtocolAnnotationKey is an alternative to HTTPOptionAnnotationKey
	HTTPProtocolAnnotationKey = PublicGroupName + "/http-protocol"

	// IngressClassAnnotationKey is the annotation for the
	// explicit class of Ingress that a particular resource has
	// opted into. For example,
	//
	//    networking.knative.dev/ingress.class: some-network-impl
	//
	// This uses a different domain because unlike the resource, it is
	// user-facing.
	//
	// The parent resource may use its own annotations to choose the
	// annotation value for the Ingress it uses.  Based on such
	// value a different reconciliation logic may be used (for examples,
	// Istio-based Ingress will reconcile into a VirtualService).
	IngressClassAnnotationKey = PublicGroupName + "/ingress.class"

	// IngressClassAnnotationAltKey is an alternative casing to IngressClassAnnotationKey
	//
	// This annotation is meant to be applied to Knative Services or Routes. Serving
	// will translate this to original casing for better compatibility with different
	// ingress providers
	IngressClassAnnotationAltKey = PublicGroupName + "/ingress-class"

	// WildcardCertDomainLabelKey is the label key attached to a certificate to indicate the
	// domain for which it was issued.
	WildcardCertDomainLabelKey = PublicGroupName + "/wildcardDomain"

	// VisibilityLabelKey is the label to indicate visibility of Route
	// and KServices.  It can be an annotation too but since users are
	// already using labels for domain, it probably best to keep this
	// consistent.
	VisibilityLabelKey = PublicGroupName + "/visibility"

	// CertificateTypeLabelKey is the label to indicate the type of Knative certificate
	// used for Knative Serving encryption functionality. Corresponding values are defined in config.CertificateType.
	CertificateTypeLabelKey = PublicGroupName + "/certificate-type"

	// TrustBundleLabelKey is the label to indicate that a ConfigMap should be considered
	// as a trust-bundle containing a list of CA certificates to trust by Knative components.
	// The actual value is not important, this label is used as a filter on informers.
	TrustBundleLabelKey = PublicGroupName + "/trust-bundle"
)

Variables

View Source
var (
	// DefaultRetryCount will be set if Attempts not specified.
	DefaultRetryCount = 3

	IngressClassAnnotation = kmap.KeyPriority{
		IngressClassAnnotationKey,
		IngressClassAnnotationAltKey,
	}

	CertificateClassAnnotation = kmap.KeyPriority{
		CertificateClassAnnotationKey,
		CertificateClassAnnotationAltKey,
	}

	// Deprecated: use DisableExternalDomainTLSAnnotation instead.
	DisableAutoTLSAnnotation = DisableExternalDomainTLSAnnotation

	DisableExternalDomainTLSAnnotation = kmap.KeyPriority{

		DisableAutoTLSAnnotationKey,
		DisableAutoTLSAnnotationAltKey,

		DisableExternalDomainTLSAnnotationKey,
	}

	HTTPProtocolAnnotation = kmap.KeyPriority{
		HTTPOptionAnnotationKey,
		HTTPProtocolAnnotationKey,
	}
)

Pseudo-constants

View Source
var (
	// AppProtocolH2C is the name of the external port of the service for HTTP/2, from https://github.com/kubernetes/enhancements/tree/master/keps/sig-network/3726-standard-application-protocols#new-standard-protocols
	AppProtocolH2C = "kubernetes.io/h2c"
)
View Source
var GetDisableAutoTLS = GetDisableExternalDomainTLS

Deprecated: use GetDisableExternalDomainTLS instead.

Functions

func AppProtocol

func AppProtocol(proto ProtocolType) *string

AppProtocol returns the value for app level protocol based on the ProtocolType

func GetCertificateClass

func GetCertificateClass(annotations map[string]string) (val string)

func GetDisableExternalDomainTLS

func GetDisableExternalDomainTLS(annotations map[string]string) (val string)

func GetHTTPProtocol

func GetHTTPProtocol(annotations map[string]string) (val string)

func GetIngressClass

func GetIngressClass(annotations map[string]string) (val string)

func NamespacedObjectReferenceMask

func NamespacedObjectReferenceMask(in *corev1.ObjectReference) *corev1.ObjectReference

NamespacedObjectReferenceMask performs a _shallow_ copy of the Kubernetes ObjectReference object to a new Kubernetes ObjectReference object bringing over only the fields allowed in the Knative API. This does not validate the contents or the bounds of the provided fields.

func ServicePort

func ServicePort(proto ProtocolType) int

ServicePort chooses the service (load balancer) port for the public service.

func ServicePortName

func ServicePortName(proto ProtocolType) string

ServicePortName returns the port for the app level protocol.

func ValidateAnnotations

func ValidateAnnotations(annotations map[string]string) (errs *apis.FieldError)

ValidateAnnotations validates that `annotations` in `metadata` stanza of the resources is correct.

func ValidateNamespacedObjectReference

func ValidateNamespacedObjectReference(p *corev1.ObjectReference) *apis.FieldError

Types

type ProtocolType

type ProtocolType string

ProtocolType is an enumeration of the supported application-layer protocols See also: https://github.com/knative/serving/blob/main/docs/runtime-contract.md#protocols-and-ports

const (
	// ProtocolHTTP1 maps to HTTP/1.1.
	ProtocolHTTP1 ProtocolType = "http1"
	// ProtocolH2C maps to HTTP/2 with Prior Knowledge.
	ProtocolH2C ProtocolType = "h2c"
)

func (ProtocolType) Validate

Validate validates that ProtocolType has a correct enum value.

Directories

Path Synopsis
+k8s:deepcopy-gen=package +groupName=networking.internal.knative.dev
+k8s:deepcopy-gen=package +groupName=networking.internal.knative.dev

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL