Documentation
¶
Overview ¶
+k8s:deepcopy-gen=package Package network holds the typed objects that define the schemas for configuring the knative/serving networking layer.
Index ¶
Constants ¶
View Source
const ( // ConfigName is the name of the configmap containing all // customizations for networking features. ConfigMapName = "config-network" // DefaultDomainTemplate is the default golang template to use when // constructing the Knative Route's Domain(host) DefaultDomainTemplate = "{{.Name}}.{{.Namespace}}.{{.Domain}}" // DefaultTagTemplate is the default golang template to use when // constructing the Knative Route's tag names. DefaultTagTemplate = "{{.Tag}}-{{.Name}}" // IstioIngressClassName value for specifying knative's Istio // Ingress reconciler. IstioIngressClassName = "istio.ingress.networking.knative.dev" // CertManagerCertificateClassName value for specifying Knative's Cert-Manager // Certificate reconciler. CertManagerCertificateClassName = "cert-manager.certificate.networking.knative.dev" // ServingRoutingCertName is the name of secret contains certificates for Routing data in serving // system namespace. (Used by Ingress GWs and Activator) ServingRoutingCertName = "routing-serving-certs" )
View Source
const ( // AutocreateClusterDomainClaimsKey is the key for the // AutocreateClusterDomainClaims property. AutocreateClusterDomainClaimsKey = "autocreate-cluster-domain-claims" // AutoTLSKey is the name of the configuration entry // that specifies enabling auto-TLS or not. // Deprecated: please use ExternalDomainTLSKey. AutoTLSKey = "auto-tls" // ExternalDomainTLSKey is the name of the configuration entry // that specifies if external-domain-tls is enabled or not. ExternalDomainTLSKey = "external-domain-tls" // ClusterLocalDomainTLSKey is the name of the configuration entry // that specifies if cluster-local-domain-tls is enabled or not. ClusterLocalDomainTLSKey = "cluster-local-domain-tls" // DefaultCertificateClassKey is the name of the configuration entry // that specifies the default Certificate. DefaultCertificateClassKey = "certificate-class" // DefaultExternalSchemeKey is the config for defining the scheme of external URLs. DefaultExternalSchemeKey = "default-external-scheme" // DefaultIngressClassKey is the name of the configuration entry // that specifies the default Ingress. DefaultIngressClassKey = "ingress-class" // DomainTemplateKey is the name of the configuration entry that // specifies the golang template string to use to construct the // Knative service's DNS name. DomainTemplateKey = "domain-template" // EnableMeshPodAddressabilityKey is the config for enabling pod addressability in mesh. EnableMeshPodAddressabilityKey = "enable-mesh-pod-addressability" // HTTPProtocolKey is the name of the configuration entry that // specifies the HTTP endpoint behavior of Knative ingress. HTTPProtocolKey = "http-protocol" // MeshCompatibilityModeKey is the config for selecting the mesh compatibility mode. MeshCompatibilityModeKey = "mesh-compatibility-mode" // NamespaceWildcardCertSelectorKey is the name of the configuration // entry that specifies a LabelSelector to control which namespaces // have a wildcard certificate provisioned for them. NamespaceWildcardCertSelectorKey = "namespace-wildcard-cert-selector" // RolloutDurationKey is the name of the configuration entry // that specifies the default duration of the configuration rollout. RolloutDurationKey = "rollout-duration" // TagTemplateKey is the name of the configuration entry that // specifies the golang template string to use to construct the // hostname for a Route's tag. TagTemplateKey = "tag-template" // InternalEncryptionKey is the name of the configuration whether // internal traffic is encrypted or not. // Deprecated: please use SystemInternalTLSKey. InternalEncryptionKey = "internal-encryption" // SystemInternalTLSKey is the name of the configuration whether // traffic between Knative system components is encrypted or not. SystemInternalTLSKey = "system-internal-tls" )
Config Keys
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertificateType ¶
type CertificateType string
CertificateType indicates the type of Knative Certificate.
const ( // CertificateSystemInternal defines a certificate used for `system-internal-tls`. CertificateSystemInternal CertificateType = "system-internal" // CertificateClusterLocalDomain defines a certificate used for `cluster-local-domain-tls`. CertificateClusterLocalDomain CertificateType = "cluster-local-domain" // CertificateExternalDomain defines a cerificate used for `external-domain-tls`. CertificateExternalDomain CertificateType = "external-domain" )
type Config ¶
type Config struct {
// DefaultIngressClass specifies the default Ingress class.
DefaultIngressClass string
// DomainTemplate is the golang text template to use to generate the
// Route's domain (host) for the Service.
DomainTemplate string
// TagTemplate is the golang text template to use to generate the
// Route's tag hostnames.
TagTemplate string
// AutoTLS specifies if auto-TLS is enabled or not.
// Deprecated: please use ExternalDomainTLS instead.
AutoTLS bool
// ExternalDomainTLS specifies if external-domain-tls is enabled or not.
ExternalDomainTLS bool
// HTTPProtocol specifics the behavior of HTTP endpoint of Knative
// ingress.
HTTPProtocol HTTPProtocol
// DefaultCertificateClass specifies the default Certificate class.
DefaultCertificateClass string
// NamespaceWildcardCertSelector specifies the set of namespaces which should
// have wildcard certificates provisioned for the Knative Services within.
// Defaults to empty (selecting no namespaces). If set to an exclude rule like:
// “`
// matchExpressions:
// key: "kubernetes.io/metadata.name"
// operator: "NotIn"
// values: ["kube-system"]
// “`
// This can be used to enbale wildcard certs in all non-system namespaces
NamespaceWildcardCertSelector *metav1.LabelSelector
// RolloutDurationSecs specifies the default duration for the rollout.
RolloutDurationSecs int
// AutocreateClusterDomainClaims specifies whether cluster-wide DomainClaims
// should be automatically created (and deleted) as needed when a
// DomainMapping is reconciled. If this is false, the
// cluster administrator is responsible for pre-creating ClusterDomainClaims
// and delegating them to namespaces via their spec.Namespace field.
AutocreateClusterDomainClaims bool
// EnableMeshPodAddressability specifies whether networking plugins will add
// additional information to deployed applications to make their pods directl
// accessible via their IPs even if mesh is enabled and thus direct-addressability
// is usually not possible.
// Consumers like Knative Serving can use this setting to adjust their behavior
// accordingly, i.e. to drop fallback solutions for non-pod-addressable systems.
EnableMeshPodAddressability bool
// MeshCompatibilityMode specifies whether consumers, such as Knative Serving, should
// attempt to directly contact pods via their IP (most efficient), or should
// use the Cluster IP (less efficient, but needed if mesh is enabled unless
// the EnableMeshPodAddressability option is enabled).
MeshCompatibilityMode MeshCompatibilityMode
// DefaultExternalScheme defines the scheme used in external URLs if AutoTLS is
// not enabled. Defaults to "http".
DefaultExternalScheme string
// InternalEncryption specifies whether internal traffic is encrypted or not.
// Deprecated: please use SystemInternalTLSKey instead.
InternalEncryption bool
// SystemInternalTLS specifies whether knative internal traffic is encrypted or not.
SystemInternalTLS EncryptionConfig
// ClusterLocalDomainTLS specifies whether cluster-local traffic is encrypted or not.
ClusterLocalDomainTLS EncryptionConfig
}
Config contains the networking configuration defined in the network config map.
func NewConfigFromConfigMap ¶
NewConfigFromConfigMap returns a Config for the given configmap
func NewConfigFromMap ¶
NewConfigFromMap creates a Config from the supplied data.
func (*Config) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Config.
func (*Config) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Config) GetDomainTemplate ¶
GetDomainTemplate returns the golang Template from the config map or panics (the value is validated during CM validation and at this point guaranteed to be parseable).
func (*Config) GetTagTemplate ¶
GetTagTemplate returns the go template for the route tag.
func (*Config) InternalTLSEnabled ¶
InternalTLSEnabled returns whether InternalEncryption is enabled or not. Deprecated: please use SystemInternalTLSEnabled()
func (*Config) SystemInternalTLSEnabled ¶
SystemInternalTLSEnabled returns whether SystemInternalTLS is enabled or not.
type DomainTemplateValues ¶
type DomainTemplateValues struct {
Name string
Namespace string
Domain string
Annotations map[string]string
Labels map[string]string
}
DomainTemplateValues are the available properties people can choose from in their Route's "DomainTemplate" golang template sting. We could add more over time - e.g. RevisionName if we thought that might be of interest to people.
func (*DomainTemplateValues) DeepCopy ¶
func (in *DomainTemplateValues) DeepCopy() *DomainTemplateValues
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainTemplateValues.
func (*DomainTemplateValues) DeepCopyInto ¶
func (in *DomainTemplateValues) DeepCopyInto(out *DomainTemplateValues)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type EncryptionConfig ¶
type EncryptionConfig string
EncryptionConfig indicates the encryption configuration used for TLS connections.
const ( // EncryptionDisabled - TLS not used. EncryptionDisabled EncryptionConfig = "disabled" // EncryptionEnabled - TLS used. The client verifies the servers certificate. EncryptionEnabled EncryptionConfig = "enabled" )
type HTTPProtocol ¶
type HTTPProtocol string
HTTPProtocol indicates a type of HTTP endpoint behavior that Knative ingress could take.
const ( // HTTPEnabled represents HTTP protocol is enabled in Knative ingress. HTTPEnabled HTTPProtocol = "enabled" // HTTPDisabled represents HTTP protocol is disabled in Knative ingress. HTTPDisabled HTTPProtocol = "disabled" // HTTPRedirected represents HTTP connection is redirected to HTTPS in Knative ingress. HTTPRedirected HTTPProtocol = "redirected" )
type MeshCompatibilityMode ¶
type MeshCompatibilityMode string
MeshCompatibilityMode is one of enabled (always use ClusterIP), disabled (always use Pod IP), or auto (try PodIP, and fall back to ClusterIP if mesh is detected).
const ( // MeshCompatibilityModeEnabled instructs consumers of network plugins, such as // Knative Serving, to use ClusterIP when connecting to pods. This is // required when mesh is enabled (unless EnableMeshPodAddressability is set), // but is less efficient. MeshCompatibilityModeEnabled MeshCompatibilityMode = "enabled" // MeshCompatibilityModeDisabled instructs consumers of network plugins, such as // Knative Serving, to connect to individual Pod IPs. This is most efficient, // but will only work with mesh enabled when EnableMeshPodAddressability is // used. MeshCompatibilityModeDisabled MeshCompatibilityMode = "disabled" // MeshCompatibilityModeAuto instructs consumers of network plugins, such as // Knative Serving, to heuristically determine whether to connect using the // Cluster IP, or to ocnnect to individual Pod IPs. This is most efficient, // determine whether mesh is enabled, and fall back from Direct Pod IP // communication to Cluster IP as needed. MeshCompatibilityModeAuto MeshCompatibilityMode = "auto" )
type TagTemplateValues ¶
TagTemplateValues are the available properties people can choose from in their Route's "TagTemplate" golang template sting.
func (*TagTemplateValues) DeepCopy ¶
func (in *TagTemplateValues) DeepCopy() *TagTemplateValues
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TagTemplateValues.
func (*TagTemplateValues) DeepCopyInto ¶
func (in *TagTemplateValues) DeepCopyInto(out *TagTemplateValues)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files
Click to show internal directories.
Click to hide internal directories.