Documentation
¶
Index ¶
- Constants
- Variables
- func AppProtocol(proto ProtocolType) *string
- func GetCertificateClass(annotations map[string]string) (val string)
- func GetDisableExternalDomainTLS(annotations map[string]string) (val string)
- func GetHTTPProtocol(annotations map[string]string) (val string)
- func GetIngressClass(annotations map[string]string) (val string)
- func NamespacedObjectReferenceMask(in *corev1.ObjectReference) *corev1.ObjectReference
- func ServicePort(proto ProtocolType) int
- func ServicePortName(proto ProtocolType) string
- func ValidateAnnotations(annotations map[string]string) (errs *apis.FieldError)
- func ValidateNamespacedObjectReference(p *corev1.ObjectReference) *apis.FieldError
- type ProtocolType
Constants ¶
const ( // ServiceHTTPPort is the port that we setup our Serving and Activator K8s services for // HTTP/1 endpoints. ServiceHTTPPort = 80 // ServiceHTTP2Port is the port that we setup our Serving and Activator K8s services for // HTTP/2 endpoints. ServiceHTTP2Port = 81 // ServiceHTTPSPort is the port that we setup our Serving and Activator K8s services for // HTTPS endpoints. ServiceHTTPSPort = 443 // ServicePortNameHTTP1 is the name of the external port of the service for HTTP/1.1 ServicePortNameHTTP1 = "http" // ServicePortNameH2C is the name of the external port of the service for HTTP/2 ServicePortNameH2C = "http2" // ServicePortNameHTTPS is the name of the external port of the service for HTTPS ServicePortNameHTTPS = "https" )
The ports we setup on our services.
const ( // GroupName is the name for the networking API group. GroupName = "networking.internal.knative.dev" // CertifcateUIDLabelKey is used to specify a label selector for informers listing ingress secrets. CertificateUIDLabelKey = GroupName + "/certificate-uid" // IngressLabelKey is the label key attached to underlying network programming // resources to indicate which Ingress triggered their creation. IngressLabelKey = GroupName + "/ingress" // OriginSecretNameLabelKey is the label key attached to the TLS secret to indicate // the name of the origin secret that the TLS secret is copied from. OriginSecretNameLabelKey = GroupName + "/originSecretName" // OriginSecretNamespaceLabelKey is the label key attached to the TLS secret // to indicate the namespace of the origin secret that the TLS secret is copied from. OriginSecretNamespaceLabelKey = GroupName + "/originSecretNamespace" // RolloutAnnotationKey is the annotation key for storing // the rollout state in the Annotations of the Kingress or Route.Status. RolloutAnnotationKey = GroupName + "/rollout" )
const ( // PublicGroupName is the name for the public networking API group PublicGroupName = "networking.knative.dev" // CertificateClassAnnotationKey is the annotation for the // explicit class of Certificate that a particular resource has // opted into. For example, // // networking.knative.dev/certificate.class: some-network-impl // // This uses a different domain because unlike the resource, it is // user-facing. // // The parent resource may use its own annotations to choose the // annotation value for the Certificate it uses. Based on such // value a different reconciliation logic may be used (for examples, // Cert-Manager-based Certificate will reconcile into a Cert-Manager Certificate). CertificateClassAnnotationKey = PublicGroupName + "/certificate.class" // CertificateClassAnnotationAltKey is an alternative casing to CertificateClassAnnotationKey // // This annotation is meant to be applied to Knative Services or Routes. Serving // will translate this to original casing for better compatibility with different // certificate providers CertificateClassAnnotationAltKey = PublicGroupName + "/certificate-class" // DisableAutoTLSAnnotationKey is the annotation key attached to a Knative Service/DomainMapping // to indicate that AutoTLS should not be enabled for it. // Deprecated: use DisableExternalDomainTLSAnnotationKey instead. DisableAutoTLSAnnotationKey = PublicGroupName + "/disableAutoTLS" // DisableAutoTLSAnnotationAltKey is an alternative casing to DisableAutoTLSAnnotationKey // Deprecated: use DisableExternalDomainTLSAnnotationKey instead. DisableAutoTLSAnnotationAltKey = PublicGroupName + "/disable-auto-tls" // DisableExternalDomainTLSAnnotationKey is the annotation key attached to a Knative Service/DomainMapping // to indicate that external-domain-tls should not be enabled for it. DisableExternalDomainTLSAnnotationKey = PublicGroupName + "/disable-external-domain-tls" // HTTPOptionAnnotationKey is the annotation key attached to a Knative Service/DomainMapping // to indicate the HTTP option of it. HTTPOptionAnnotationKey = PublicGroupName + "/httpOption" // HTTPProtocolAnnotationKey is an alternative to HTTPOptionAnnotationKey HTTPProtocolAnnotationKey = PublicGroupName + "/http-protocol" // IngressClassAnnotationKey is the annotation for the // explicit class of Ingress that a particular resource has // opted into. For example, // // networking.knative.dev/ingress.class: some-network-impl // // This uses a different domain because unlike the resource, it is // user-facing. // // The parent resource may use its own annotations to choose the // annotation value for the Ingress it uses. Based on such // value a different reconciliation logic may be used (for examples, // Istio-based Ingress will reconcile into a VirtualService). IngressClassAnnotationKey = PublicGroupName + "/ingress.class" // IngressClassAnnotationAltKey is an alternative casing to IngressClassAnnotationKey // // This annotation is meant to be applied to Knative Services or Routes. Serving // will translate this to original casing for better compatibility with different // ingress providers IngressClassAnnotationAltKey = PublicGroupName + "/ingress-class" // WildcardCertDomainLabelKey is the label key attached to a certificate to indicate the // domain for which it was issued. WildcardCertDomainLabelKey = PublicGroupName + "/wildcardDomain" // VisibilityLabelKey is the label to indicate visibility of Route // and KServices. It can be an annotation too but since users are // already using labels for domain, it probably best to keep this // consistent. VisibilityLabelKey = PublicGroupName + "/visibility" // CertificateTypeLabelKey is the label to indicate the type of Knative certificate // used for Knative Serving encryption functionality. Corresponding values are defined in config.CertificateType. CertificateTypeLabelKey = PublicGroupName + "/certificate-type" // TrustBundleLabelKey is the label to indicate that a ConfigMap should be considered // as a trust-bundle containing a list of CA certificates to trust by Knative components. // The actual value is not important, this label is used as a filter on informers. TrustBundleLabelKey = PublicGroupName + "/trust-bundle" )
Variables ¶
var ( // DefaultRetryCount will be set if Attempts not specified. DefaultRetryCount = 3 IngressClassAnnotation = kmap.KeyPriority{ IngressClassAnnotationKey, IngressClassAnnotationAltKey, } CertificateClassAnnotation = kmap.KeyPriority{ CertificateClassAnnotationKey, CertificateClassAnnotationAltKey, } // Deprecated: use DisableExternalDomainTLSAnnotation instead. DisableAutoTLSAnnotation = DisableExternalDomainTLSAnnotation DisableExternalDomainTLSAnnotation = kmap.KeyPriority{ DisableAutoTLSAnnotationKey, DisableAutoTLSAnnotationAltKey, DisableExternalDomainTLSAnnotationKey, } HTTPProtocolAnnotation = kmap.KeyPriority{ HTTPOptionAnnotationKey, HTTPProtocolAnnotationKey, } )
Pseudo-constants
var AppProtocolH2C = "kubernetes.io/h2c"
AppProtocolH2C is the name of the external port of the service for HTTP/2, from https://github.com/kubernetes/enhancements/tree/master/keps/sig-network/3726-standard-application-protocols#new-standard-protocols
var GetDisableAutoTLS = GetDisableExternalDomainTLS
Deprecated: use GetDisableExternalDomainTLS instead.
Functions ¶
func AppProtocol ¶
func AppProtocol(proto ProtocolType) *string
AppProtocol returns the value for app level protocol based on the ProtocolType
func GetCertificateClass ¶
func GetHTTPProtocol ¶
func GetIngressClass ¶
func NamespacedObjectReferenceMask ¶
func NamespacedObjectReferenceMask(in *corev1.ObjectReference) *corev1.ObjectReference
NamespacedObjectReferenceMask performs a _shallow_ copy of the Kubernetes ObjectReference object to a new Kubernetes ObjectReference object bringing over only the fields allowed in the Knative API. This does not validate the contents or the bounds of the provided fields.
func ServicePort ¶
func ServicePort(proto ProtocolType) int
ServicePort chooses the service (load balancer) port for the public service.
func ServicePortName ¶
func ServicePortName(proto ProtocolType) string
ServicePortName returns the port for the app level protocol.
func ValidateAnnotations ¶
func ValidateAnnotations(annotations map[string]string) (errs *apis.FieldError)
ValidateAnnotations validates that `annotations` in `metadata` stanza of the resources is correct.
func ValidateNamespacedObjectReference ¶
func ValidateNamespacedObjectReference(p *corev1.ObjectReference) *apis.FieldError
Types ¶
type ProtocolType ¶
type ProtocolType string
ProtocolType is an enumeration of the supported application-layer protocols See also: https://github.com/knative/serving/blob/main/docs/runtime-contract.md#protocols-and-ports
const ( // ProtocolHTTP1 maps to HTTP/1.1. ProtocolHTTP1 ProtocolType = "http1" // ProtocolH2C maps to HTTP/2 with Prior Knowledge. ProtocolH2C ProtocolType = "h2c" )
func (ProtocolType) Validate ¶
func (p ProtocolType) Validate(context.Context) *apis.FieldError
Validate validates that ProtocolType has a correct enum value.