v1beta1

package
Version: v0.0.0-...-56e15b1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 27, 2021 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Overview

+k8s:deepcopy-gen=package,register +k8s:conversion-gen=voyagermesh.dev/voyager/apis/voyager +k8s:openapi-gen=true +k8s:defaulter-gen=TypeMeta +groupName=voyager.appscode.com

Index

Constants

View Source
const (
	EngressKey = "ingress.appscode.com"

	APISchema        = EngressKey + "/" + "api-schema" // APISchema = {APIGroup}/{APIVersion}
	APISchemaEngress = voyager.GroupName + "/v1beta1"
	APISchemaIngress = "extensions/v1beta1"

	VoyagerPrefix = "voyager-"

	// LB stats options
	StatsOn          = EngressKey + "/" + "stats"
	StatsPort        = EngressKey + "/" + "stats-port"
	StatsSecret      = EngressKey + "/" + "stats-secret-name"
	StatsServiceName = EngressKey + "/" + "stats-service-name"
	DefaultStatsPort = 56789

	LBTypeHostPort     = "HostPort"
	LBTypeNodePort     = "NodePort"
	LBTypeLoadBalancer = "LoadBalancer" // default
	LBTypeInternal     = "Internal"
	LBType             = EngressKey + "/" + "type"

	// Replicas specify # of HAProxy pods run (default 1)
	Replicas = EngressKey + "/" + "replicas"

	// IP to be assigned to cloud load balancer
	LoadBalancerIP = EngressKey + "/" + "load-balancer-ip" // IP or empty

	// BackendWeight is the weight value of a Pod that was
	// addressed by the Endpoint, this weight will be added to server backend.
	// Traffic will be forwarded according to there weight.
	BackendWeight = EngressKey + "/" + "backend-weight"

	// https://github.com/voyagermesh/voyager/issues/103
	// ServiceAnnotations is user provided annotations map that will be
	// applied to the service of that LoadBalancer.
	// ex: "ingress.appscode.com/annotations-service": {"key": "val"}
	ServiceAnnotations        = EngressKey + "/" + "annotations-service"
	LastAppliedAnnotationKeys = EngressKey + "/" + "last-applied-annotation-keys"

	// PodAnnotations is user provided annotations map that will be
	// applied to the Pods (Deployment/ DaemonSet) of that LoadBalancer.
	// ex: "ingress.appscode.com/annotations-pod": {"key": "val"}
	PodAnnotations = EngressKey + "/" + "annotations-pod"

	// Preserves source IP for LoadBalancer type ingresses. The actual configuration
	// generated depends on the underlying cloud provider.
	//
	// - gce, gke, azure: Sets "ExternalTrafficPolicy" to "Local" for HAProxy services.
	// Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
	//
	// - aws: Enables accept-proxy.
	// Enforces the use of the PROXY protocol over any connection accepted by any of
	// the sockets declared on the same line. Versions 1 and 2 of the PROXY protocol
	// are supported and correctly detected. The PROXY protocol dictates the layer
	// 3/4 addresses of the incoming connection to be used everywhere an address is
	// used, with the only exception of "tcp-request connection" rules which will
	// only see the real connection address. Logs will reflect the addresses
	// indicated in the protocol, unless it is violated, in which case the real
	// address will still be used.  This keyword combined with support from external
	// components can be used as an efficient and reliable alternative to the
	// X-Forwarded-For mechanism which is not always reliable and not even always
	// usable. See also "tcp-request connection expect-proxy" for a finer-grained
	// setting of which client is allowed to use the protocol.
	// Ref: https://github.com/kubernetes/kubernetes/blob/release-1.5/pkg/cloudprovider/providers/aws/aws.go#L79
	KeepSourceIP = EngressKey + "/" + "keep-source-ip"

	// https://github.com/voyagermesh/voyager/issues/1128
	HealthCheckNodeport = EngressKey + "/" + "health-check-nodeport"

	// Enforces the use of the PROXY protocol over any connection accepted by HAProxy.
	AcceptProxy = EngressKey + "/" + "accept-proxy"

	// Enforces use of the PROXY protocol over any connection established to this server.
	// Possible values are "v1", "v2", "v2-ssl" and "v2-ssl-cn"
	SendProxy = EngressKey + "/" + "send-proxy"

	// Annotations applied to resources offshoot from an ingress
	OriginAPISchema = EngressKey + "/" + "origin-api-schema" // APISchema = {APIGroup}/{APIVersion}
	OriginName      = EngressKey + "/" + "origin-name"

	// https://github.com/voyagermesh/voyager/issues/280
	// Supports all valid timeout option for defaults section of HAProxy
	// https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4.2-timeout%20check
	// expects a json encoded map
	// ie: "ingress.appscode.com/default-timeout": {"client": "5s"}
	//
	// If the annotation is not set default values used to config defaults section will be:
	//
	// timeout  connect         5s
	// timeout  client          50s
	// timeout  client-fin      50s
	// timeout  server          50s
	// timeout  tunnel          50s
	DefaultsTimeOut = EngressKey + "/" + "default-timeout"

	// Defines the maximum time allowed to perform a clean soft-stop.
	// https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#hard-stop-after
	HardStopAfter        = EngressKey + "/" + "hard-stop-after"
	DefaultHardStopAfter = "30s"

	// https://github.com/voyagermesh/voyager/issues/343
	// Supports all valid options for defaults section of HAProxy config
	// https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4.2-option%20abortonclose
	// from the list from here
	// expects a json encoded map
	// ie: "ingress.appscode.com/default-option": '{"http-keep-alive": "true", "dontlognull": "true", "clitcpka": "false"}'
	// This will be appended in the defaults section of HAProxy as
	//
	//   option http-keep-alive
	//   option dontlognull
	//   no option clitcpka
	//
	DefaultsOption = EngressKey + "/" + "default-option"

	// Available Options:
	//
	// ssl: https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#5.2-ssl
	// 		Creates a TLS/SSL socket when connecting to this server in order to cipher/decipher the traffic.
	//   	If verify not set the following error may occurred:
	//    		[/etc/haproxy/haproxy.cfg:49] verify is enabled by default but no CA file specified.
	//    		If you're running on a LAN where you're certain to trust the server's certificate,
	//    		please set an explicit 'verify none' statement on the 'server' line, or use
	//    		'ssl-server-verify none' in the global section to disable server-side verifications by default.
	//
	// verify [none|required]: https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#5.2-verify
	//   	Sets HAProxy‘s behavior regarding the certificated presented by the server:
	//     		- none : Doesn’t verify the certificate of the server
	//     		- required (default value) : TLS handshake is aborted if the validation of the certificate presented by the server returns an error.
	//
	// verifyhost <hostname>: https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#5.2-verifyhost
	//    	Sets a <hostname> to look for in the Subject and SubjectAlternateNames fields provided in the
	//    	certificate sent by the server. If <hostname> can’t be found, then the TLS handshake is aborted.
	//    	This only applies when verify required is configured.
	//
	// Example: ingress.appscode.com/backend-tls: "ssl verify none"
	//
	// If this annotation is not set HAProxy will connect to backend as http.
	// This value should not be set if the backend do not support https resolution.
	BackendTLSOptions = EngressKey + "/backend-tls"

	// Specify a method to stick clients to origins across requests.
	// Only supported value is "cookie".
	// Annotations could  be applied to either Ingress or backend Service
	// If applied to Ingress, all the backend connections would be sticky
	// If applied to Service and Ingress do not have this annotation only
	// connection to that backend service will be sticky.
	IngressAffinity = EngressKey + "/affinity"
	// When affinity is set to "cookie", the name of the cookie to use.
	IngressAffinitySessionCookieName = EngressKey + "/session-cookie-name"
	// When affinity is set to "cookie", the hash algorithm used: md5, sha, index.
	IngressAffinitySessionCookieHash = EngressKey + "/session-cookie-hash"

	// Basic Auth: Follows ingress controller standard
	// https://github.com/kubernetes/ingress/tree/master/examples/auth/basic/haproxy
	// HAProxy Ingress read user and password from auth file stored on secrets, one
	// user and password per line.
	// Each line of the auth file should have:
	// user and insecure password separated with a pair of colons: <username>::<plain-text-passwd>; or
	// user and an encrypted password separated with colons: <username>:<encrypted-passwd>
	// Secret name, realm and type are configured with annotations in the ingress
	// Auth can only be applied to HTTP backends.
	// Only supported type is basic
	AuthType = EngressKey + "/auth-type"

	// an optional string with authentication realm
	AuthRealm = EngressKey + "/auth-realm"

	// name of the auth secret
	AuthSecret = EngressKey + "/auth-secret"

	// Name of secret for TLS client certification validation.
	AuthTLSSecret = EngressKey + "/auth-tls-secret"

	// The page that user should be redirected in case of Auth error
	AuthTLSErrorPage = EngressKey + "/auth-tls-error-page"

	// Enables verification of client certificates.
	AuthTLSVerifyClient = EngressKey + "/auth-tls-verify-client"

	// Enables CORS headers in response.
	// Setting this annotations in ingress will add CORS headers to all HTTP
	// frontend. If we need to add cors headers only on specific frontend we can also
	// configure this using FrontendRules for specific frontend.
	// http://blog.nasrulhazim.com/2017/07/haproxy-setting-up-cors/
	CORSEnabled          = EngressKey + "/enable-cors"
	CORSAllowedMethods   = EngressKey + "/cors-allow-methods"
	CORSAllowedHeaders   = EngressKey + "/cors-allow-headers"
	CORSAllowedOrigin    = EngressKey + "/cors-allow-origin"
	CORSAllowCredentials = EngressKey + "/cors-allow-credentials"

	// Maximum http request body size. This returns the advertised length of the HTTP request's body in bytes. It
	// will represent the advertised Content-Length header
	// http://cbonte.github.io/haproxy-dconv/1.7/configuration.html#7.3.6-req.body_size
	//
	ProxyBodySize = EngressKey + "/proxy-body-size"

	// Pass TLS connections directly to backend; do not offload.
	SSLPassthrough = EngressKey + "/ssl-passthrough"

	EnableHSTS = EngressKey + "/hsts"
	// This specifies the time (in seconds) the browser should connect to the server using the HTTPS connection.
	// https://blog.stackpath.com/glossary/hsts/
	HSTSMaxAge  = EngressKey + "/hsts-max-age"
	HSTSPreload = EngressKey + "/hsts-preload"
	// If specified, this HSTS rule applies to all of the site's subdomains as well.
	HSTSIncludeSubDomains = EngressKey + "/hsts-include-subdomains"

	WhitelistSourceRange = EngressKey + "/whitelist-source-range"
	MaxConnections       = EngressKey + "/max-connections"

	// https://github.com/voyagermesh/voyager/issues/552
	UseNodePort      = EngressKey + "/use-node-port"
	SSLRedirect      = EngressKey + "/ssl-redirect"
	ForceSSLRedirect = EngressKey + "/force-ssl-redirect"

	// https://github.com/voyagermesh/voyager/issues/525
	ErrorFiles = EngressKey + "/errorfiles"

	// Limit requests per second per IP address
	// http://cbonte.github.io/haproxy-dconv/1.8/configuration.html#7.3.3-sc_conn_rate
	// https://serverfault.com/a/679172/349346
	// https://discourse.haproxy.org/t/solved-how-to-configure-basic-ddos-protection-when-behind-aws-elb-x-forwarded-for/932
	// https://www.haproxy.com/blog/use-a-load-balancer-as-a-first-row-of-defense-against-ddos/
	LimitRPS = EngressKey + "/limit-rps"
	// Limit requests per minute per IP address
	LimitRPM = EngressKey + "/limit-rpm"

	// http://cbonte.github.io/haproxy-dconv/1.8/configuration.html#7.3.3-src_conn_cur
	// https://www.haproxy.com/blog/use-a-load-balancer-as-a-first-row-of-defense-against-ddos/
	LimitConnection = EngressKey + "/limit-connection"

	// https://github.com/voyagermesh/voyager/issues/683
	// https://www.haproxy.com/documentation/aloha/7-0/haproxy/healthchecks/
	CheckHealth     = EngressKey + "/" + "check"
	CheckHealthPort = EngressKey + "/" + "check-port"

	// https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/rewrite/README.md
	RewriteTarget = EngressKey + "/" + "rewrite-target"

	// Workload controller to use run HAProxy pods
	WorkloadKind = EngressKey + "/" + "workload-kind"

	// ref: https://github.com/voyagermesh/voyager/issues/1054
	NodeSelector = EngressKey + "/" + "node-selector"
	Tolerations  = EngressKey + "/" + "tolerations"

	// https://github.com/voyagermesh/voyager/issues/1210
	// http://cbonte.github.io/haproxy-dconv/1.8/configuration.html#agent-check
	AgentPort     = EngressKey + "/" + "agent-port"
	AgentInterval = EngressKey + "/" + "agent-interval"
)
View Source
const (
	ACMEUserEmail        = "ACME_EMAIL"
	ACMEUserPrivatekey   = "ACME_USER_PRIVATE_KEY"
	ACMERegistrationData = "ACME_REGISTRATION_DATA"
	ACMEServerURL        = "ACME_SERVER_URL"
)
View Source
const (
	// ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md#cors-related
	CORSDefaultAllowedMethods = "GET,PUT,POST,DELETE,PATCH,OPTIONS"
	CORSDefaultAllowedHeaders = "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization"
)
View Source
const (
	ProviderMinikube = "minikube"
	ProviderAWS      = "aws"
	ProviderGCE      = "gce"
	ProviderGKE      = "gke"
	ProviderAzure    = "azure"
	ProviderAKS      = "aks"
	ProviderACS      = "acs"
	ProviderHTTP     = "http"
)
View Source
const (
	/*
		// https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#5.3
			resolvers mydns
			  nameserver dns1 10.0.0.1:53
			  nameserver dns2 10.0.0.2:53
			  resolve_retries       3
			  timeout retry         1s
			  hold other           30s
			  hold refused         30s
			  hold nx              30s
			  hold timeout         30s
			  hold valid           10s
	*/
	UseDNSResolver         = EngressKey + "/" + "use-dns-resolver"          // Bool
	DNSResolverNameservers = EngressKey + "/" + "dns-resolver-nameservers"  // ["", ""]
	DNSResolverCheckHealth = EngressKey + "/" + "dns-resolver-check-health" // bool
	DNSResolverRetries     = EngressKey + "/" + "dns-resolver-retries"      // int
	DNSResolverTimeout     = EngressKey + "/" + "dns-resolver-timeout"      // {"event":"time","event":"time"}
	DNSResolverHold        = EngressKey + "/" + "dns-resolver-hold"         // {"status":"period","status":"period"}
)
View Source
const (
	ResourceKindIngress = "Ingress"
	ResourceIngress     = "ingress"
	ResourceIngresses   = "ingresses"
)
View Source
const (
	StatsPortName             = "stats"
	ExporterPortName          = "http"
	DefaultExporterPortNumber = 56790
)
View Source
const (
	MatchAll = "*"
)

Variables

View Source
var (
	DNSResolverHoldKeys    = sets.NewString("nx", "other", "refused", "timeout", "valid", "obsolete")
	DNSResolverTimeoutKeys = sets.NewString("resolve", "retry")
)
View Source
var (
	// TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api.
	// localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes.
	SchemeBuilder runtime.SchemeBuilder

	AddToScheme = localSchemeBuilder.AddToScheme
)
View Source
var SchemeGroupVersion = schema.GroupVersion{Group: voyager.GroupName, Version: "v1beta1"}

Functions

func ProxyProtocolCommand

func ProxyProtocolCommand(version string) string

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type AuthOption

type AuthOption struct {
	Basic *BasicAuth `json:"basic,omitempty"`
	TLS   *TLSAuth   `json:"tls,omitempty"`
	OAuth []OAuth    `json:"oauth,omitempty"`
}

func (*AuthOption) DeepCopy

func (in *AuthOption) DeepCopy() *AuthOption

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthOption.

func (*AuthOption) DeepCopyInto

func (in *AuthOption) DeepCopyInto(out *AuthOption)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BasicAuth

type BasicAuth struct {
	SecretName string `json:"secretName,omitempty"`
	Realm      string `json:"realm,omitempty"`
}

func (*BasicAuth) DeepCopy

func (in *BasicAuth) DeepCopy() *BasicAuth

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BasicAuth.

func (*BasicAuth) DeepCopyInto

func (in *BasicAuth) DeepCopyInto(out *BasicAuth)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DNSResolver

type DNSResolver struct {
	Name        string
	NameServer  []string          `json:"nameserver"`
	CheckHealth bool              `json:"checkHealth"`
	Retries     int               `json:"retries"`
	Timeout     map[string]string `json:"timeout"`
	Hold        map[string]string `json:"hold"`
}

func DNSResolverForService

func DNSResolverForService(svc core.Service) (useDNSResolver bool, resolver *DNSResolver, err error)

func (*DNSResolver) DeepCopy

func (in *DNSResolver) DeepCopy() *DNSResolver

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSResolver.

func (*DNSResolver) DeepCopyInto

func (in *DNSResolver) DeepCopyInto(out *DNSResolver)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FrontendRule

type FrontendRule struct {
	// Port indicates the frontend port where HAProxy is listening for connection
	Port intstr.IntOrString `json:"port,omitempty"`
	// Serialized rules
	Rules []string `json:"rules,omitempty"`

	Auth *AuthOption `json:"auth,omitempty"`
}

func (*FrontendRule) DeepCopy

func (in *FrontendRule) DeepCopy() *FrontendRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FrontendRule.

func (*FrontendRule) DeepCopyInto

func (in *FrontendRule) DeepCopyInto(out *FrontendRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTPIngressBackend

type HTTPIngressBackend struct {
	IngressBackend `json:",inline,omitempty"`

	// Path rewrite rules with haproxy formatted regex.
	//
	// Deprecated: Use backendRule, will be removed.
	RewriteRules []string `json:"rewriteRules,omitempty"`

	// Header rules to modifies the header.
	//
	// Deprecated: Use backendRule, will be removed.
	HeaderRules []string `json:"headerRules,omitempty"`
}

func (*HTTPIngressBackend) DeepCopy

func (in *HTTPIngressBackend) DeepCopy() *HTTPIngressBackend

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressBackend.

func (*HTTPIngressBackend) DeepCopyInto

func (in *HTTPIngressBackend) DeepCopyInto(out *HTTPIngressBackend)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTPIngressPath

type HTTPIngressPath struct {
	// Path is a extended POSIX regex as defined by IEEE Std 1003.1,
	// (i.e this follows the egrep/unix syntax, not the perl syntax)
	// matched against the path of an incoming request. Currently it can
	// contain characters disallowed from the conventional "path"
	// part of a URL as defined by RFC 3986. Paths must begin with
	// a '/'. If unspecified, the path defaults to a catch all sending
	// traffic to the backend.
	Path string `json:"path,omitempty"`

	// Backend defines the referenced service endpoint to which the traffic
	// will be forwarded to.
	Backend HTTPIngressBackend `json:"backend,omitempty"`
}

HTTPIngressPath associates a path regex with a backend. Incoming urls matching the path are forwarded to the backend.

func (*HTTPIngressPath) DeepCopy

func (in *HTTPIngressPath) DeepCopy() *HTTPIngressPath

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressPath.

func (*HTTPIngressPath) DeepCopyInto

func (in *HTTPIngressPath) DeepCopyInto(out *HTTPIngressPath)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTPIngressRuleValue

type HTTPIngressRuleValue struct {
	// The network address to listen HTTP(s) connections on.
	Address string `json:"address,omitempty"`

	// port to listen http(s) connections.
	Port intstr.IntOrString `json:"port,omitempty"`

	// Set noTLS = true to force plain text. Else, auto detect like present
	NoTLS bool `json:"noTLS,omitempty"`

	// Specifies the node port of the referenced service.
	NodePort intstr.IntOrString `json:"nodePort,omitempty"`

	// Application-Layer Protocol Negotiation (ALPN) is a Transport Layer Security (TLS)
	// extension for application layer protocol negotiation. ALPN allows the application
	// layer to negotiate which protocol should be performed over a secure connection in a
	// manner which avoids additional round trips and which is independent of the application
	// layer protocols. It is used by HTTP/2.
	// If provided a list of alpn will be added to port as alpn option1,option2,...
	// If SecretName is Provided this secret will be used to terminate SSL with alpn options.
	// If Secret name is not provided backend server is responsible for handling SSL.
	// Note that, the order of the options indicates the preference
	// If the ALPN list contains "h2",  "option http-use-htx" will be added to enable HTX mode
	// https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#option%20http-use-htx
	// https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#alpn
	ALPN []string `json:"alpn,omitempty"`

	// HTTP protocol to use
	// If the Proto contains "h2",  "option http-use-htx" will be added to enable HTX mode
	// https://www.haproxy.com/blog/haproxy-1-9-2-adds-grpc-support/
	Proto string `json:"proto,omitempty"`

	// A collection of paths that map requests to backends.
	Paths []HTTPIngressPath `json:"paths"`
}

HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http://<host>/<path>?<searchpart> -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.

func (*HTTPIngressRuleValue) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressRuleValue.

func (*HTTPIngressRuleValue) DeepCopyInto

func (in *HTTPIngressRuleValue) DeepCopyInto(out *HTTPIngressRuleValue)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Ingress

type Ingress struct {
	metav1.TypeMeta `json:",inline"`
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              IngressSpec   `json:"spec,omitempty"`
	Status            IngressStatus `json:"status,omitempty"`
}

+kubebuilder:object:root=true +kubebuilder:resource:path=ingresses,singular=ingress,shortName=ing,categories={networking,appscode,all} +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Hosts",type="string",JSONPath=".spec.rules[0].host" +kubebuilder:printcolumn:name="LOAD_BALANCER_IP",type="string",JSONPath=".status.loadBalancer.ingress" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"

func NewEngressFromIngress

func NewEngressFromIngress(ing interface{}) (*Ingress, error)

func (Ingress) APISchema

func (r Ingress) APISchema() string

func (Ingress) AcceptProxy

func (r Ingress) AcceptProxy() bool

func (Ingress) AllowCORSCred

func (r Ingress) AllowCORSCred() bool

func (Ingress) AllowedCORSHeaders

func (r Ingress) AllowedCORSHeaders() string

func (Ingress) AllowedCORSMethods

func (r Ingress) AllowedCORSMethods() string

func (Ingress) AllowedCORSOrigin

func (r Ingress) AllowedCORSOrigin() string

func (Ingress) AuthRealm

func (r Ingress) AuthRealm() string

func (Ingress) AuthSecretName

func (r Ingress) AuthSecretName() string

func (Ingress) AuthTLSErrorPage

func (r Ingress) AuthTLSErrorPage() string

func (Ingress) AuthTLSSecret

func (r Ingress) AuthTLSSecret() string

func (Ingress) AuthTLSVerifyClient

func (r Ingress) AuthTLSVerifyClient() TLSAuthVerifyOption

func (Ingress) BackendServices

func (r Ingress) BackendServices() map[string]metav1.ObjectMeta

func (Ingress) BasicAuthEnabled

func (r Ingress) BasicAuthEnabled() bool

func (Ingress) CustomResourceDefinition

func (r Ingress) CustomResourceDefinition() *apiextensions.CustomResourceDefinition

func (*Ingress) DeepCopy

func (in *Ingress) DeepCopy() *Ingress

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ingress.

func (*Ingress) DeepCopyInto

func (in *Ingress) DeepCopyInto(out *Ingress)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Ingress) DeepCopyObject

func (in *Ingress) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (Ingress) EnableCORS

func (r Ingress) EnableCORS() bool

func (Ingress) EnableHSTS

func (r Ingress) EnableHSTS() bool

func (Ingress) ErrorFilesConfigMapName

func (r Ingress) ErrorFilesConfigMapName() string

func (Ingress) FindTLSSecret

func (r Ingress) FindTLSSecret(h string) (*LocalTypedReference, bool)

func (Ingress) ForceSSLRedirect

func (r Ingress) ForceSSLRedirect() bool

func (Ingress) HAProxyOptions

func (r Ingress) HAProxyOptions() map[string]bool

func (Ingress) HSTSIncludeSubDomains

func (r Ingress) HSTSIncludeSubDomains() bool

func (Ingress) HSTSMaxAge

func (r Ingress) HSTSMaxAge() int

func (Ingress) HSTSPreload

func (r Ingress) HSTSPreload() bool

func (Ingress) HardStopAfter

func (r Ingress) HardStopAfter() string

func (Ingress) HasBackendService

func (r Ingress) HasBackendService(name, namespace string) bool

func (Ingress) HasChanged

func (r Ingress) HasChanged(o Ingress) (bool, error)

func (Ingress) HealthCheckNodeport

func (r Ingress) HealthCheckNodeport() int

func (Ingress) IsKeepSourceChanged

func (r Ingress) IsKeepSourceChanged(o Ingress, cloudProvider string) bool

func (Ingress) IsLoadBalancerSourceRangeChanged

func (r Ingress) IsLoadBalancerSourceRangeChanged(o Ingress) bool

func (Ingress) IsPortChanged

func (r Ingress) IsPortChanged(o Ingress, cloudProvider string) bool

func (Ingress) IsStatsChanged

func (r Ingress) IsStatsChanged(o Ingress) bool

func (Ingress) IsStatsSecretChanged

func (r Ingress) IsStatsSecretChanged(o Ingress) bool

func (Ingress) IsValid

func (r Ingress) IsValid(cloudProvider string) error

func (Ingress) KeepSourceIP

func (r Ingress) KeepSourceIP() bool

func (Ingress) LBType

func (r Ingress) LBType() string

func (Ingress) LimitConnections

func (r Ingress) LimitConnections() int

func (Ingress) LimitRPM

func (r Ingress) LimitRPM() int

func (Ingress) LimitRPS

func (r Ingress) LimitRPS() int

func (Ingress) LoadBalancerIP

func (r Ingress) LoadBalancerIP() net.IP

func (Ingress) MaxConnections

func (r Ingress) MaxConnections() int

func (*Ingress) Migrate

func (r *Ingress) Migrate()

func (Ingress) ObjectReference

func (r Ingress) ObjectReference() *core.ObjectReference

func (Ingress) OffshootLabels

func (r Ingress) OffshootLabels() map[string]string

func (Ingress) OffshootName

func (r Ingress) OffshootName() string

func (Ingress) OffshootSelector

func (r Ingress) OffshootSelector() map[string]string

func (Ingress) PodPorts

func (r Ingress) PodPorts() []int

func (Ingress) PodsAnnotations

func (r Ingress) PodsAnnotations() (map[string]string, bool)

func (Ingress) PortMappings

func (r Ingress) PortMappings(cloudProvider string) (map[int]Target, error)

PortMappings contains a map of Service Port to HAProxy port (svc.Port -> {svc.TargetPort, svc.NodePort}). HAProxy pods binds to the target ports. Service ports are used to open loadbalancer/firewall. Usually target port == service port with one exception for LoadBalancer type service in AWS. If AWS cert manager is used then a 443 -> 80 port mapping is added.

func (Ingress) ProtoWithALPN

func (r Ingress) ProtoWithALPN() error

check if both alpn and proto specified in the same rule/backend

func (Ingress) ProxyBodySize

func (r Ingress) ProxyBodySize() string

func (Ingress) Replicas

func (r Ingress) Replicas() int32

func (Ingress) RewriteTarget

func (r Ingress) RewriteTarget() string

func (Ingress) SSLPassthrough

func (r Ingress) SSLPassthrough() bool

func (Ingress) SSLRedirect

func (r Ingress) SSLRedirect() bool

func (Ingress) ServiceAnnotations

func (r Ingress) ServiceAnnotations(provider string) (map[string]string, bool)

func (Ingress) ShouldHandleIngress

func (r Ingress) ShouldHandleIngress(ingressClass string) bool

if ingressClass == "voyager", then only handle ingress that has voyager annotation if ingressClass == "", then handle no annotation or voyager annotation

func (Ingress) Stats

func (r Ingress) Stats() bool

func (Ingress) StatsAccessor

func (r Ingress) StatsAccessor() mona.StatsAccessor

func (Ingress) StatsLabels

func (r Ingress) StatsLabels() map[string]string

func (Ingress) StatsPort

func (r Ingress) StatsPort() int

func (Ingress) StatsSecretName

func (r Ingress) StatsSecretName() string

func (Ingress) StatsServiceName

func (r Ingress) StatsServiceName() string

func (Ingress) Sticky

func (r Ingress) Sticky() bool

func (Ingress) StickySessionCookieHashType

func (r Ingress) StickySessionCookieHashType() string

func (Ingress) StickySessionCookieName

func (r Ingress) StickySessionCookieName() string

func (Ingress) SupportsLBType

func (r Ingress) SupportsLBType(cloudProvider string) bool

func (Ingress) Timeouts

func (r Ingress) Timeouts() map[string]string

func (Ingress) UseHTX

func (r Ingress) UseHTX() bool

check any alpn/proto contains "h2"

func (Ingress) UseNodePort

func (r Ingress) UseNodePort() bool

func (Ingress) UseTLSForRule

func (r Ingress) UseTLSForRule(rule IngressRule) bool

func (Ingress) UsesAuthSecret

func (r Ingress) UsesAuthSecret(namespace, name string) bool

func (Ingress) WhitelistSourceRange

func (r Ingress) WhitelistSourceRange() string

func (Ingress) WorkloadKind

func (r Ingress) WorkloadKind() string

type IngressBackend

type IngressBackend struct {
	// User can specify backend name for using it with custom acl
	// Otherwise it will be generated
	Name string `json:"name,omitempty"`

	// Host names to forward traffic to. If empty traffic will be
	// forwarded to all subsets instance.
	// If set only matched hosts will get the traffic.
	// This is an handy way to send traffic to Specific
	// StatefulSet pod.
	// IE. Setting [web-0] will send traffic to only web-0 host
	// for this StatefulSet, https://kubernetes.io/docs/tasks/stateful-application/basic-stateful-set/#creating-a-statefulset
	HostNames []string `json:"hostNames,omitempty"`

	// Specifies the name of the referenced service.
	ServiceName string `json:"serviceName,omitempty"`

	// Specifies the port of the referenced service.
	ServicePort intstr.IntOrString `json:"servicePort,omitempty"`

	// Serialized HAProxy rules to apply on server backend including
	// request, response or header rewrite. acls also can be used.
	// https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#1
	BackendRules []string `json:"backendRules,omitempty"`

	// Application-Layer Protocol Negotiation (ALPN) is a Transport Layer Security (TLS)
	// extension for application layer protocol negotiation. ALPN allows the application
	// layer to negotiate which protocol should be performed over a secure connection in a
	// manner which avoids additional round trips and which is independent of the application
	// layer protocols. It is used by HTTP/2.
	// If provided a list of alpn will be added to port as alpn option1,option2,...
	// If SecretName is Provided this secret will be used to terminate SSL with alpn options.
	// If Secret name is not provided backend server is responsible for handling SSL.
	// Note that, the order of the options indicates the preference
	// If the ALPN list contains "h2",  "option http-use-htx" will be added to enable HTX mode
	// https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#option%20http-use-htx
	// https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#alpn
	ALPN []string `json:"alpn,omitempty"`

	// HTTP protocol to use
	// If the Proto contains "h2",  "option http-use-htx" will be added to enable HTX mode
	// https://www.haproxy.com/blog/haproxy-1-9-2-adds-grpc-support/
	Proto string `json:"proto,omitempty"`

	// Define the load balancing algorithm to be used in a backend.
	// https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#balance
	LoadBalanceOn string `json:"loadBalanceOn,omitempty"`
}

IngressBackend describes all endpoints for a given service and port.

func (*IngressBackend) DeepCopy

func (in *IngressBackend) DeepCopy() *IngressBackend

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressBackend.

func (*IngressBackend) DeepCopyInto

func (in *IngressBackend) DeepCopyInto(out *IngressBackend)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (IngressBackend) ParseALPNOptions

func (r IngressBackend) ParseALPNOptions() string

type IngressList

type IngressList struct {
	metav1.TypeMeta `json:",inline"`
	// Standard object's metadata.
	// More info: http://releases.k8s.io/release-1.2/docs/devel/api-conventions.md#metadata
	metav1.ListMeta `json:"metadata,omitempty"`

	// Items is the list of Ingress.
	Items []Ingress `json:"items"`
}

IngressList is a collection of Ingress.

func (*IngressList) DeepCopy

func (in *IngressList) DeepCopy() *IngressList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressList.

func (*IngressList) DeepCopyInto

func (in *IngressList) DeepCopyInto(out *IngressList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IngressList) DeepCopyObject

func (in *IngressList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IngressRef

type IngressRef struct {
	APISchema string `json:"apiSchema"`
	Name      string `json:"name"`
	Namespace string `json:"namespace"`
}

func (*IngressRef) DeepCopy

func (in *IngressRef) DeepCopy() *IngressRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRef.

func (*IngressRef) DeepCopyInto

func (in *IngressRef) DeepCopyInto(out *IngressRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IngressRule

type IngressRule struct {
	// Host is the fully qualified domain name of a network host, as defined
	// by RFC 3986. Note the following deviations from the "host" part of the
	// URI as defined in the RFC:
	// 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the
	//	  IP in the Spec of the parent Ingress.
	// 2. The `:` delimiter is not respected because ports are not allowed.
	//	  Currently the port of an Ingress is implicitly :80 for http and
	//	  :443 for https.
	// Both these may change in the future.
	// Incoming requests are matched against the host before the IngressRuleValue.
	// If the host is unspecified, the Ingress routes all traffic based on the
	// specified IngressRuleValue.
	Host string `json:"host,omitempty"`
	// IngressRuleValue represents a rule to route requests for this IngressRule.
	// If unspecified, the rule defaults to a http catch-all. Whether that sends
	// just traffic matching the host to the default backend or all traffic to the
	// default backend, is left to the controller fulfilling the Ingress. Http and TCP are
	// currently supported IngressRuleValue.
	IngressRuleValue `json:",inline,omitempty"`
}

IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.

func (*IngressRule) DeepCopy

func (in *IngressRule) DeepCopy() *IngressRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRule.

func (*IngressRule) DeepCopyInto

func (in *IngressRule) DeepCopyInto(out *IngressRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (IngressRule) GetHost

func (r IngressRule) GetHost() string

unify wildcard-host into empty-host, this will ease template rendering paths under empty-host and wildcard-host will be merged but TLS will be matched separately

func (IngressRule) ParseALPNOptions

func (r IngressRule) ParseALPNOptions() string

type IngressRuleValue

type IngressRuleValue struct {
	HTTP *HTTPIngressRuleValue `json:"http,omitempty"`

	TCP *TCPIngressRuleValue `json:"tcp,omitempty"`
}

IngressRuleValue represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. Currently mixing different types of rules in a single Ingress is disallowed, so exactly one of the following must be set.

func (*IngressRuleValue) DeepCopy

func (in *IngressRuleValue) DeepCopy() *IngressRuleValue

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRuleValue.

func (*IngressRuleValue) DeepCopyInto

func (in *IngressRuleValue) DeepCopyInto(out *IngressRuleValue)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IngressSpec

type IngressSpec struct {
	// A default backend capable of servicing requests that don't match any
	// rule. At least one of 'backend' or 'rules' must be specified. This field
	// is optional to allow the loadbalancer controller or defaulting logic to
	// specify a global default.
	Backend *HTTPIngressBackend `json:"backend,omitempty"`

	// TLS is the TLS configuration. Currently the Ingress only supports a single TLS
	// port, 443, and assumes TLS termination. If multiple members of this
	// list specify different hosts, they will be multiplexed on the same
	// port according to the hostname specified through the SNI TLS extension.
	TLS []IngressTLS `json:"tls,omitempty"`

	// Config volumes are used to mount any secret or configmap into HAProxy pods.
	ConfigVolumes []VolumeSource `json:"configVolumes,omitempty"`

	// Frontend rules specifies a set of rules that should be applied in
	// HAProxy frontend configuration. The set of keywords are from here
	// https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4.1
	// Only frontend sections can be applied here. It is up to user to
	// provide valid set of rules.
	// This allows acls or other options in frontend sections in HAProxy config.
	// Frontend rules will be mapped with Ingress Rules according to port.
	FrontendRules []FrontendRule `json:"frontendRules,omitempty"`

	// A list of host rules used to configure the Ingress. If unspecified, or
	// no rule matches, all traffic is sent to the default backend.
	Rules []IngressRule `json:"rules,omitempty"`

	// Optional: If specified and supported by the platform, this will restrict traffic through the cloud-provider
	// load-balancer will be restricted to the specified client IPs. This field will be ignored if the
	// cloud-provider does not support the feature.
	// https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/
	LoadBalancerSourceRanges []string `json:"loadBalancerSourceRanges,omitempty"`

	// Compute Resources required by the sidecar container.
	Resources core.ResourceRequirements `json:"resources,omitempty"`

	// NodeSelector is a selector which must be true for the pod to fit on a node.
	// Selector which must match a node's labels for the pod to be scheduled on that node.
	// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`

	// If specified, the pod's scheduling constraints
	// +optional
	Affinity *core.Affinity `json:"affinity,omitempty"`

	// If specified, the pod will be dispatched by specified scheduler.
	// If not specified, the pod will be dispatched by default scheduler.
	// +optional
	SchedulerName string `json:"schedulerName,omitempty"`

	// If specified, the pod's tolerations.
	// +optional
	Tolerations []core.Toleration `json:"tolerations,omitempty"`

	// ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec.
	// If specified, these secrets will be passed to individual puller implementations for them to use. For example,
	// in the case of docker, only DockerConfig type secrets are honored.
	// More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod
	// +optional
	ImagePullSecrets []core.LocalObjectReference `json:"imagePullSecrets,omitempty"`

	// If specified, indicates the pod's priority. "system-node-critical" and
	// "system-cluster-critical" are two special keywords which indicate the
	// highest priorities with the former being the highest priority. Any other
	// name must be defined by creating a PriorityClass object with that name.
	// If not specified, the pod priority will be default or zero if there is no
	// default.
	// +optional
	PriorityClassName string `json:"priorityClassName,omitempty"`
	// The priority value. Various system components use this field to find the
	// priority of the pod. When Priority Admission Controller is enabled, it
	// prevents users from setting this field. The admission controller populates
	// this field from PriorityClassName.
	// The higher the value, the higher the priority.
	// +optional
	Priority *int32 `json:"priority,omitempty"`

	// SecurityContext holds pod-level security attributes and common container settings.
	// Optional: Defaults to empty.  See type description for default values of each field.
	// +optional
	SecurityContext *core.PodSecurityContext `json:"securityContext,omitempty"`

	// externalIPs is a list of IP addresses for which nodes in the cluster
	// will also accept traffic for this service.  These IPs are not managed by
	// Kubernetes.  The user is responsible for ensuring that traffic arrives
	// at a node with this IP.  A common example is external load-balancers
	// that are not part of the Kubernetes system.
	// +optional
	ExternalIPs []string `json:"externalIPs,omitempty"`

	// Periodic probe of container liveness.
	// Container will be restarted if the probe fails.
	// Cannot be updated.
	// +optional
	LivenessProbe *core.Probe `json:"livenessProbe,omitempty"`

	// Periodic probe of container service readiness.
	// Container will be removed from service endpoints if the probe fails.
	// Cannot be updated.
	// +optional
	ReadinessProbe *core.Probe `json:"readinessProbe,omitempty"`

	// Set this value longer than the expected cleanup time for your process.
	// Defaults to 30 seconds.
	// +optional
	TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty"`
}

IngressSpec describes the Ingress the user wishes to exist.

func (*IngressSpec) DeepCopy

func (in *IngressSpec) DeepCopy() *IngressSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressSpec.

func (*IngressSpec) DeepCopyInto

func (in *IngressSpec) DeepCopyInto(out *IngressSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IngressStatus

type IngressStatus struct {
	// observedGeneration is the most recent generation observed for this resource. It corresponds to the
	// resource's generation, which is updated on mutation by the API Server.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`

	// LoadBalancer contains the current status of the load-balancer.
	LoadBalancer core.LoadBalancerStatus `json:"loadBalancer,omitempty"`
}

IngressStatus describe the current state of the Ingress.

func (*IngressStatus) DeepCopy

func (in *IngressStatus) DeepCopy() *IngressStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressStatus.

func (*IngressStatus) DeepCopyInto

func (in *IngressStatus) DeepCopyInto(out *IngressStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IngressTLS

type IngressTLS struct {
	// Hosts are a list of hosts included in the TLS certificate. The values in
	// this list must match the name/s used in the tlsSecret. Defaults to the
	// wildcard host setting for the loadbalancer controller fulfilling this
	// Ingress, if left unspecified.
	Hosts []string `json:"hosts,omitempty"`
	// SecretName is the name of the secret used to terminate SSL traffic on 443.
	// Field is left optional to allow SSL routing based on SNI hostname alone.
	// If the SNI host in a listener conflicts with the "Host" header field used
	// by an IngressRule, the SNI host is used for termination and value of the
	// Host header is used for routing.
	// Deprecated
	SecretName string `json:"secretName,omitempty"`

	// Ref to used tls termination.
	Ref *LocalTypedReference `json:"ref,omitempty"`
}

IngressTLS describes the transport layer security associated with an Ingress.

func (*IngressTLS) DeepCopy

func (in *IngressTLS) DeepCopy() *IngressTLS

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressTLS.

func (*IngressTLS) DeepCopyInto

func (in *IngressTLS) DeepCopyInto(out *IngressTLS)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalTypedReference

type LocalTypedReference struct {
	// Kind of the referent.
	// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
	// +optional
	Kind string `json:"kind,omitempty" protobuf:"bytes,1,opt,name=kind"`
	// Name of the referent.
	// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
	// +optional
	Name string `json:"name,omitempty" protobuf:"bytes,3,opt,name=name"`
	// API version of the referent.
	// +optional
	APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,5,opt,name=apiVersion"`
}

LocalTypedReference contains enough information to let you inspect or modify the referred object.

func (*LocalTypedReference) DeepCopy

func (in *LocalTypedReference) DeepCopy() *LocalTypedReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalTypedReference.

func (*LocalTypedReference) DeepCopyInto

func (in *LocalTypedReference) DeepCopyInto(out *LocalTypedReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OAuth

type OAuth struct {
	Host        string   `json:"host,omitempty"`
	AuthBackend string   `json:"authBackend,omitempty"`
	AuthPath    string   `json:"authPath,omitempty"`
	SigninPath  string   `json:"signinPath,omitempty"`
	Paths       []string `json:"paths,omitempty"`
}

func (*OAuth) DeepCopy

func (in *OAuth) DeepCopy() *OAuth

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth.

func (*OAuth) DeepCopyInto

func (in *OAuth) DeepCopyInto(out *OAuth)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Paths

type Paths map[string]indices

+k8s:openapi-gen=false

func (Paths) DeepCopy

func (in Paths) DeepCopy() Paths

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Paths.

func (Paths) DeepCopyInto

func (in Paths) DeepCopyInto(out *Paths)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyProtocolVersion

type ProxyProtocolVersion string

type TCPIngressRuleValue

type TCPIngressRuleValue struct {
	// The network address to listen TCP connections on.
	Address string `json:"address,omitempty"`

	// port to listen tcp connections.
	Port intstr.IntOrString `json:"port,omitempty"`

	// Set noTLS = true to force plain text. Else, auto detect like present
	NoTLS bool `json:"noTLS,omitempty"`

	// Specifies the node port of the referenced service.
	NodePort intstr.IntOrString `json:"nodePort,omitempty"`

	// Backend to forward the requests.
	Backend IngressBackend `json:"backend,omitempty"`

	// Application-Layer Protocol Negotiation (ALPN) is a Transport Layer Security (TLS)
	// extension for application layer protocol negotiation. ALPN allows the application
	// layer to negotiate which protocol should be performed over a secure connection in a
	// manner which avoids additional round trips and which is independent of the application
	// layer protocols. It is used by HTTP/2.
	// If provided a list of alpn will be added to port as alpn option1,option2,...
	// If SecretName is Provided this secret will be used to terminate SSL with alpn options.
	// If Secret name is not provided backend server is responsible for handling SSL.
	// Note that, the order of the options indicates the preference
	// If the ALPN list contains "h2",  "option http-use-htx" will be added to enable HTX mode
	// https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#option%20http-use-htx
	// https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#alpn
	ALPN []string `json:"alpn,omitempty"`

	// HTTP protocol to use
	// If the Proto contains "h2",  "option http-use-htx" will be added to enable HTX mode
	// https://www.haproxy.com/blog/haproxy-1-9-2-adds-grpc-support/
	Proto string `json:"proto,omitempty"`
}

func (*TCPIngressRuleValue) DeepCopy

func (in *TCPIngressRuleValue) DeepCopy() *TCPIngressRuleValue

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPIngressRuleValue.

func (*TCPIngressRuleValue) DeepCopyInto

func (in *TCPIngressRuleValue) DeepCopyInto(out *TCPIngressRuleValue)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TLSAuth

type TLSAuth struct {
	SecretName   string              `json:"secretName,omitempty"`
	VerifyClient TLSAuthVerifyOption `json:"verifyClient,omitempty"`
	Headers      map[string]string   `json:"headers,omitempty"`
	ErrorPage    string              `json:"errorPage,omitempty"`
}

func (*TLSAuth) DeepCopy

func (in *TLSAuth) DeepCopy() *TLSAuth

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSAuth.

func (*TLSAuth) DeepCopyInto

func (in *TLSAuth) DeepCopyInto(out *TLSAuth)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TLSAuthVerifyOption

type TLSAuthVerifyOption string
const (
	TLSAuthVerifyOptional TLSAuthVerifyOption = "optional"
	TLSAuthVerifyRequired TLSAuthVerifyOption = "required"
)

type Target

type Target struct {
	PodPort  int
	NodePort int
}

func (*Target) DeepCopy

func (in *Target) DeepCopy() *Target

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Target.

func (*Target) DeepCopyInto

func (in *Target) DeepCopyInto(out *Target)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type VolumeSource

type VolumeSource struct {
	Name string `json:"name,omitempty"`
	// Secret represents a secret that should populate this volume.
	// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
	// +optional
	Secret *core.SecretVolumeSource `json:"secret,omitempty"`
	// ConfigMap represents a configMap that should populate this volume
	// +optional
	ConfigMap *core.ConfigMapVolumeSource `json:"configMap,omitempty"`
	// Items for all in one resources secrets, configmaps, and downward API
	// +optional
	Projected *core.ProjectedVolumeSource `json:"projected,omitempty"`
	// Path within the container at which the volume should be mounted.  Must
	// not contain ':'.
	MountPath string `json:"mountPath"`
}

Represents the source of a volume to mount. Only one of its members may be specified.

func (*VolumeSource) DeepCopy

func (in *VolumeSource) DeepCopy() *VolumeSource

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeSource.

func (*VolumeSource) DeepCopyInto

func (in *VolumeSource) DeepCopyInto(out *VolumeSource)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL