controller

package
v0.4.0-rc1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 5, 2025 License: Apache-2.0 Imports: 58 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// FilterConfigKeyInSecret is the key to store the filter config in the secret.
	FilterConfigKeyInSecret = "filter-config.yaml" //nolint: gosec

)

Variables

View Source 
var Scheme = runtime.NewScheme()

Scheme contains the necessary schemes for the AI Gateway.

This is exported for testing purposes.

Functions

func ApplyIndexing 

func ApplyIndexing(ctx context.Context, indexer func(ctx context.Context, obj client.Object, field string, extractValue client.IndexerFunc) error) error

ApplyIndexing applies indexing to the given indexer. This is exported for testing purposes.

func FilterConfigSecretPerGatewayName added in v0.2.0 

func FilterConfigSecretPerGatewayName(gwName, gwNamespace string) string

func NewSecretController 

func NewSecretController(client client.Client, kubeClient kubernetes.Interface,
	logger logr.Logger, backendSecurityPolicyEventChan chan event.GenericEvent,
) reconcile.TypedReconciler[reconcile.Request]

NewSecretController creates a new reconcile.TypedReconciler[reconcile.Request] for corev1.Secret.

func ParseExtraEnvVars added in v0.3.0 

func ParseExtraEnvVars(s string) ([]corev1.EnvVar, error)

ParseExtraEnvVars parses semicolon-separated key=value pairs into a list of environment variables. The input delimiter is a semicolon (';') to allow values to contain commas without escaping. Example: "OTEL_SERVICE_NAME=ai-gateway;OTEL_TRACES_EXPORTER=otlp".

func ParseImagePullSecrets added in v0.4.0 

func ParseImagePullSecrets(s string) ([]corev1.LocalObjectReference, error)

ParseImagePullSecrets parses semicolon-separated secret names into a list of LocalObjectReference objects for image pull secrets. Example: "my-registry-secret;another-secret".

func StartControllers 

func StartControllers(ctx context.Context, mgr manager.Manager, config *rest.Config, logger logr.Logger, options Options) (err error)

StartControllers starts the controllers for the AI Gateway. This blocks until the manager is stopped.

Note: this is tested with envtest, hence the test exists outside of this package. See /tests/controller_test.go.

func TypedControllerBuilderForCRD added in v0.2.0 

func TypedControllerBuilderForCRD(mgr ctrl.Manager, obj client.Object) *ctrl.Builder

TypedControllerBuilderForCRD returns a new controller builder for the given CRD object type.

This is to share the common logic for setting up a controller for a given object type.

Exported for testing purposes in tests/controller_test.go.

Types

type AIBackendController 

type AIBackendController struct {
	// contains filtered or unexported fields
}

AIBackendController implements reconcile.TypedReconciler for aigv1a1.AIServiceBackend.

Exported for testing purposes.

func NewAIServiceBackendController 

func NewAIServiceBackendController(client client.Client, kube kubernetes.Interface, logger logr.Logger, aiGatewayRouteChan chan event.GenericEvent) *AIBackendController

NewAIServiceBackendController creates a new reconcile.TypedReconciler for aigv1a1.AIServiceBackend.

func (*AIBackendController) Reconcile 

func (c *AIBackendController) Reconcile(ctx context.Context, req reconcile.Request) (reconcile.Result, error)

Reconcile implements the reconcile.TypedReconciler for aigv1a1.AIServiceBackend.

type AIGatewayRouteController 

type AIGatewayRouteController struct {
	// contains filtered or unexported fields
}

AIGatewayRouteController implements reconcile.TypedReconciler.

This handles the AIGatewayRoute resource and creates the necessary resources for the external process.

Exported for testing purposes.

func NewAIGatewayRouteController 

func NewAIGatewayRouteController(
	client client.Client, kube kubernetes.Interface, logger logr.Logger,
	gatewayEventChan chan event.GenericEvent,
	rootPrefix string,
) *AIGatewayRouteController

NewAIGatewayRouteController creates a new reconcile.TypedReconciler[reconcile.Request] for the AIGatewayRoute resource.

func (*AIGatewayRouteController) Reconcile 

func (c *AIGatewayRouteController) Reconcile(ctx context.Context, req reconcile.Request) (reconcile.Result, error)

Reconcile implements reconcile.TypedReconciler.

type BackendSecurityPolicyController 

type BackendSecurityPolicyController struct {
	// contains filtered or unexported fields
}

BackendSecurityPolicyController implements reconcile.TypedReconciler for aigv1a1.BackendSecurityPolicy.

Exported for testing purposes.

func NewBackendSecurityPolicyController 

func NewBackendSecurityPolicyController(client client.Client, kube kubernetes.Interface, logger logr.Logger, aiServiceBackendEventChan chan event.GenericEvent) *BackendSecurityPolicyController

func (*BackendSecurityPolicyController) Reconcile 

func (c *BackendSecurityPolicyController) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.Result, err error)

Reconcile implements the reconcile.TypedReconciler for aigv1a1.BackendSecurityPolicy.

type GatewayController added in v0.2.0 

type GatewayController struct {
	// contains filtered or unexported fields
}

GatewayController implements reconcile.TypedReconciler for gwapiv1.Gateway.

func NewGatewayController added in v0.2.0 

func NewGatewayController(
	client client.Client, kube kubernetes.Interface, logger logr.Logger,
	extProcImage string, standAlone bool, uuidFn func() string, extProcAsSideCar bool,
) *GatewayController

NewGatewayController creates a new reconcile.TypedReconciler for gwapiv1.Gateway.

extProcImage is the image of the external processor sidecar container which will be used to check if the pods of the gateway deployment need to be rolled out.

func (*GatewayController) Reconcile added in v0.2.0 

func (c *GatewayController) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile implements the reconcile.Reconciler for gwapiv1.Gateway.

type InferencePoolController added in v0.3.0 

type InferencePoolController struct {
	// contains filtered or unexported fields
}

InferencePoolController implements reconcile.TypedReconciler for gwaiev1.InferencePool.

This handles the InferencePool resource and updates its status based on associated Gateways.

Exported for testing purposes.

func NewInferencePoolController added in v0.3.0 

func NewInferencePoolController(
	client client.Client, kube kubernetes.Interface, logger logr.Logger,
) *InferencePoolController

NewInferencePoolController creates a new reconcile.TypedReconciler for gwaiev1.InferencePool.

func (*InferencePoolController) Reconcile added in v0.3.0 

func (c *InferencePoolController) Reconcile(ctx context.Context, req reconcile.Request) (reconcile.Result, error)

Reconcile implements the reconcile.TypedReconciler for gwaiev1.InferencePool.

type MCPRouteController added in v0.4.0 

type MCPRouteController struct {
	// contains filtered or unexported fields
}

MCPRouteController implements reconcile.TypedReconciler.

This handles the MCPRoute resource and creates the necessary resources for the external process.

Exported for testing purposes.

func NewMCPRouteController added in v0.4.0 

func NewMCPRouteController(
	client client.Client, kube kubernetes.Interface, logger logr.Logger,
	gatewayEventChan chan event.GenericEvent,
) *MCPRouteController

NewMCPRouteController creates a new reconcile.TypedReconciler[reconcile.Request] for the MCPRoute resource.

func (*MCPRouteController) Reconcile added in v0.4.0 

func (c *MCPRouteController) Reconcile(ctx context.Context, req reconcile.Request) (reconcile.Result, error)

Reconcile implements reconcile.TypedReconciler.

type OAuthAuthServerMetadata added in v0.4.0 

type OAuthAuthServerMetadata struct {
	Issuer                                             string   `json:"issuer"`
	AuthorizationEndpoint                              string   `json:"authorization_endpoint"`
	TokenEndpoint                                      string   `json:"token_endpoint"`
	JwksURI                                            string   `json:"jwks_uri"`
	RegistrationEndpoint                               string   `json:"registration_endpoint,omitempty"`
	ScopesSupported                                    []string `json:"scopes_supported,omitempty"`
	ResponseTypesSupported                             []string `json:"response_types_supported,omitempty"`
	ResponseModesSupported                             []string `json:"response_modes_supported,omitempty"`
	GrantTypesSupported                                []string `json:"grant_types_supported,omitempty"`
	TokenEndpointAuthMethodsSupported                  []string `json:"token_endpoint_auth_methods_supported,omitempty"`
	TokenEndpointAuthSigningAlgValuesSupported         []string `json:"token_endpoint_auth_signing_alg_values_supported,omitempty"`
	ServiceDocumentation                               string   `json:"service_documentation,omitempty"`
	UILocalesSupported                                 []string `json:"ui_locales_supported,omitempty"`
	OPPolicyURI                                        string   `json:"op_policy_uri,omitempty"`
	OPTosURI                                           string   `json:"op_tos_uri,omitempty"`
	RevocationEndpoint                                 string   `json:"revocation_endpoint,omitempty"`
	RevocationEndpointAuthMethodsSupported             []string `json:"revocation_endpoint_auth_methods_supported,omitempty"`
	RevocationEndpointAuthSigningAlgValuesSupported    []string `json:"revocation_endpoint_auth_signing_alg_values_supported,omitempty"`
	IntrospectionEndpoint                              string   `json:"introspection_endpoint,omitempty"`
	IntrospectionEndpointAuthMethodsSupported          []string `json:"introspection_endpoint_auth_methods_supported,omitempty"`
	IntrospectionEndpointAuthSigningAlgValuesSupported []string `json:"introspection_endpoint_auth_signing_alg_values_supported,omitempty"`
	CodeChallengeMethodsSupported                      []string `json:"code_challenge_methods_supported,omitempty"`
}

OAuthAuthServerMetadata represents the OAuth authorization server metadata response from the /.well-known/oauth-authorization-server endpoint as defined in RFC 8414. https://datatracker.ietf.org/doc/html/rfc8414#section-2

type Options 

type Options struct {
	// ExtProcLogLevel is the log level for the external processor, e.g., debug, info, warn, or error.
	ExtProcLogLevel string
	// ExtProcImage is the image for the external processor set on Deployment.
	ExtProcImage string
	// ExtProcImagePullPolicy is the image pull policy for the external processor set on Deployment.
	ExtProcImagePullPolicy corev1.PullPolicy
	// EnableLeaderElection enables leader election for the controller manager.
	// Enabling this ensures there is only one active controller manager.
	EnableLeaderElection bool
	// UDSPath is the path to the UDS socket for the external processor.
	UDSPath string
	// DisableMutatingWebhook disables the mutating webhook for the Gateway for testing purposes.
	DisableMutatingWebhook bool
	// MetricsRequestHeaderAttributes is the comma-separated key-value pairs for mapping HTTP request headers to Otel metric attributes.
	MetricsRequestHeaderAttributes string
	// TracingRequestHeaderAttributes is the comma-separated key-value pairs for mapping HTTP request headers to otel span attributes.
	TracingRequestHeaderAttributes string
	// RootPrefix is the root prefix for all the routes handled by the AI Gateway.
	RootPrefix string
	// ExtProcExtraEnvVars is the semicolon-separated key=value pairs for extra environment variables in extProc container.
	ExtProcExtraEnvVars string
	// ExtProcImagePullSecrets is the semicolon-separated list of image pull secret names for extProc container.
	ExtProcImagePullSecrets string
	// ExtProcMaxRecvMsgSize is the maximum message size in bytes that the gRPC server can receive for extProc.
	ExtProcMaxRecvMsgSize int
	// MCPSessionEncryptionSeed is the seed used to derive the encryption key for MCP session encryption.
	MCPSessionEncryptionSeed string
}

Options defines the program configurable options that may be passed on the command line.

type ReferenceGrantController added in v0.4.0 

type ReferenceGrantController struct {
	// contains filtered or unexported fields
}

ReferenceGrantController implements reconcile.TypedReconciler for ReferenceGrant.

This controller watches ReferenceGrant resources and triggers reconciliation of affected AIGatewayRoutes when grants are created, updated, or deleted.

Exported for testing purposes.

func NewReferenceGrantController added in v0.4.0 

func NewReferenceGrantController(
	c client.Client,
	logger logr.Logger,
	aiGatewayRouteChan chan event.GenericEvent,
) *ReferenceGrantController

NewReferenceGrantController creates a new reconcile.TypedReconciler for ReferenceGrant.

func (*ReferenceGrantController) Reconcile added in v0.4.0 

func (c *ReferenceGrantController) Reconcile(ctx context.Context, req reconcile.Request) (reconcile.Result, error)

Reconcile implements the reconcile.TypedReconciler for ReferenceGrant.

Source Files

View all Source files

Directories

Path Synopsis
Package rotators provides credential rotation implementations.
 Package rotators provides credential rotation implementations.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.