controllers

package
v2.13.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 20, 2026 License: Apache-2.0 Imports: 72 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	// CreatedMeshServiceReason is added to an event when
	// a new MeshService is successfully created.
	CreatedMeshServiceReason = "CreatedMeshService"
	// UpdatedMeshServiceReason is added to an event when
	// an existing MeshService is successfully updated.
	UpdatedMeshServiceReason = "UpdatedMeshService"
	// FailedToGenerateMeshServiceReason is added to an event when
	// a MeshService cannot be generated.
	FailedToGenerateMeshServiceReason = "FailedToGenerateMeshService"
	IgnoredUnsupportedPortReason      = "IgnoredUnsupportedPort"
)
View Source 
const (
	// CreatedKumaDataplaneReason is added to an event when
	// a new Dataplane is successfully created.
	CreatedKumaDataplaneReason = "CreatedKumaDataplane"
	// UpdatedKumaDataplaneReason is added to an event when
	// an existing Dataplane is successfully updated.
	UpdatedKumaDataplaneReason = "UpdatedKumaDataplane"
	// FailedToGenerateKumaDataplaneReason is added to an event when
	// a Dataplane cannot be generated or is not valid.
	FailedToGenerateKumaDataplaneReason = "FailedToGenerateKumaDataplane"
)
View Source 
const (
	// MultipleMeshesDetectedReason is a Kubernetes event type, used when
	// dataplanes in multiple meshes reference the same workload.
	MultipleMeshesDetectedReason = "MultipleMeshesDetected"
)

Variables

View Source 
var NodePortAddressPriority = []kube_core.NodeAddressType{
	kube_core.NodeExternalIP,
	kube_core.NodeInternalIP,
}

List of priority for picking IP when Service that selects ingress is of type NodePort We first try to find ExternalIP and then InternalIP. ExternalIP will be available in public clouds like GCP, but not on Kind or Minikube. On the other hand, on Kind with multizone, there is a connectivity between clusters using InternalIP. Technically there is a risk that we will pick InternalIP and other cluster will try to access it without connectivity between them. However, in most cases, LoadBalancer will be used anyways, therefore we accept this risk.

Functions

func DataplaneToMeshMapper 

func DataplaneToMeshMapper(l logr.Logger, ns string, resourceConverter k8s_common.Converter) kube_handler.MapFunc

func DataplaneToWorkloadMapper added in v2.13.0 

func DataplaneToWorkloadMapper(l logr.Logger) kube_handler.MapFunc

func EndpointSliceToPodsMapper added in v2.10.9 

func EndpointSliceToPodsMapper(l logr.Logger, client kube_client.Client) kube_handler.MapFunc

func EndpointSliceToServicesMapper added in v2.10.9 

func EndpointSliceToServicesMapper(l logr.Logger, client kube_client.Client) kube_handler.MapFunc

func ExternalServiceToConfigMapsMapper 

func ExternalServiceToConfigMapsMapper(l logr.Logger, ns string) kube_handler.MapFunc

func GatewayToInstanceMapper 

func GatewayToInstanceMapper(l logr.Logger, client kube_client.Client) kube_handler.MapFunc

GatewayToInstanceMapper maps a MeshGateway object to MeshGatewayInstance objects by using the service tag to list GatewayInstances with a matching index. The index is set up on MeshGatewayInstance in SetupWithManager and holds the service tag from the MeshGatewayInstance tags.

func InboundTagsForPod 

func InboundTagsForPod(zone string, pod *kube_core.Pod, name string, nodeLabels map[string]string) map[string]string

func InboundTagsForService 

func InboundTagsForService(zone string, pod *kube_core.Pod, svc *kube_core.Service, svcPort *kube_core.ServicePort, nodeLabels map[string]string) map[string]string

func KubeHosts 

func KubeHosts(
	ctx context.Context,
	client kube_client.Client,
	manager resources_manager.ReadOnlyResourceManager,
	mesh string,
) (*vips.VirtualOutboundMeshView, error)

func MeshGatewayRouteToMeshMapper 

func MeshGatewayRouteToMeshMapper(client kube_client.Reader, l logr.Logger, ns string, resourceConverter k8s_common.Converter) kube_handler.MapFunc

func MeshGatewayToMeshMapper 

func MeshGatewayToMeshMapper(client kube_client.Reader, l logr.Logger, ns string, resourceConverter k8s_common.Converter) kube_handler.MapFunc

func MeshToAllMeshServices added in v2.10.9 

func MeshToAllMeshServices(l logr.Logger, client kube_client.Client) kube_handler.MapFunc

func MeshToPodsMapper added in v2.12.4 

func MeshToPodsMapper(l logr.Logger, client kube_client.Client) kube_handler.MapFunc

func MetricsAggregateFor 

func MetricsAggregateFor(pod *kube_core.Pod) ([]*mesh_proto.PrometheusAggregateMetricsConfig, error)

func MetricsFor 

func MetricsFor(pod *kube_core.Pod) (*mesh_proto.MetricsBackend, error)

func NamespaceToServiceMapper 

func NamespaceToServiceMapper(l logr.Logger, client kube_client.Client) kube_handler.MapFunc

func PodToServicesMapper added in v2.13.0 

func PodToServicesMapper(l logr.Logger, client kube_client.Client) kube_handler.MapFunc

func ProbesFor 

func ProbesFor(pod *kube_core.Pod) (*mesh_proto.Dataplane_Probes, error)

func ProtocolTagFor 

func ProtocolTagFor(svc *kube_core.Service, svcPort *kube_core.ServicePort) string

ProtocolTagFor infers service protocol from a `<port>.service.kuma.io/protocol` annotation or `appProtocol`.

func ServiceToConfigMapsMapper 

func ServiceToConfigMapsMapper(client kube_client.Reader, l logr.Logger, systemNamespace string) kube_handler.MapFunc

func ServiceToPodsMapper 

func ServiceToPodsMapper(l logr.Logger, client kube_client.Client) kube_handler.MapFunc

func VirtualOutboundToConfigMapsMapper 

func VirtualOutboundToConfigMapsMapper(l logr.Logger, ns string) kube_handler.MapFunc

func ZoneIngressToMeshMapper 

func ZoneIngressToMeshMapper(l logr.Logger, ns string, resourceConverter k8s_common.Converter) kube_handler.MapFunc

Types

type CniNodeTaintReconciler 

type CniNodeTaintReconciler struct {
	kube_client.Client
	Log logr.Logger

	CniApp       string
	CniNamespace string
}

func (*CniNodeTaintReconciler) Reconcile 

func (r *CniNodeTaintReconciler) Reconcile(ctx context.Context, req kube_ctrl.Request) (kube_ctrl.Result, error)

func (*CniNodeTaintReconciler) SetupWithManager 

func (r *CniNodeTaintReconciler) SetupWithManager(mgr kube_ctrl.Manager) error

type ConfigMapReconciler 

type ConfigMapReconciler struct {
	kube_client.Client
	kube_record.EventRecorder
	Scheme              *kube_runtime.Scheme
	Log                 logr.Logger
	ResourceManager     manager.ResourceManager
	ResourceConverter   k8s_common.Converter
	VIPsAllocator       *dns.VIPsAllocator
	SystemNamespace     string
	KubeOutboundsAsVIPs bool
}

ConfigMapReconciler reconciles a ConfigMap object

func (*ConfigMapReconciler) Reconcile 

func (r *ConfigMapReconciler) Reconcile(ctx context.Context, req kube_ctrl.Request) (kube_ctrl.Result, error)

func (*ConfigMapReconciler) SetupWithManager 

func (r *ConfigMapReconciler) SetupWithManager(mgr kube_ctrl.Manager) error

type CreateOrDeletePredicate 

type CreateOrDeletePredicate struct {
	predicate.Funcs
}

func (CreateOrDeletePredicate) Create 

func (p CreateOrDeletePredicate) Create(e event.CreateEvent) bool

func (CreateOrDeletePredicate) Delete 

func (p CreateOrDeletePredicate) Delete(e event.DeleteEvent) bool

type Endpoint 

type Endpoint struct {
	Address  string
	Port     uint32
	Instance string
}

type EndpointsByService 

type EndpointsByService map[string][]Endpoint

func (EndpointsByService) Services 

func (e EndpointsByService) Services() []string

type GatewayAnnotationChangedPredicate added in v2.13.0 

type GatewayAnnotationChangedPredicate struct {
	predicate.Funcs
}

func (GatewayAnnotationChangedPredicate) Update added in v2.13.0 

func (p GatewayAnnotationChangedPredicate) Update(e event.UpdateEvent) bool

type GatewayInstanceReconciler 

type GatewayInstanceReconciler struct {
	K8sVersion *kube_version.Info
	kube_client.Client
	Log logr.Logger

	Scheme          *kube_runtime.Scheme
	Converter       k8s_common.Converter
	ProxyFactory    *containers.DataplaneProxyFactory
	ResourceManager manager.ResourceManager
}

GatewayInstanceReconciler reconciles a MeshGatewayInstance object.

func (*GatewayInstanceReconciler) Reconcile 

func (r *GatewayInstanceReconciler) Reconcile(ctx context.Context, req kube_ctrl.Request) (kube_ctrl.Result, error)

Reconcile handles ensuring both a Service and a Deployment exist for an instance as well as setting the status.

func (*GatewayInstanceReconciler) SetupWithManager 

func (r *GatewayInstanceReconciler) SetupWithManager(mgr kube_ctrl.Manager) error

type InboundConverter 

type InboundConverter struct {
	NameExtractor    NameExtractor
	NodeGetter       kube_client.Reader
	NodeLabelsToCopy []string
}

func (*InboundConverter) InboundInterfacesFor 

func (i *InboundConverter) InboundInterfacesFor(ctx context.Context, zone string, pod *kube_core.Pod, services []*kube_core.Service) ([]*mesh_proto.Dataplane_Networking_Inbound, error)

InboundInterfacesFor should be used when MeshService mode is Exclusive. This function deduplicates inbounds by address and port. Since MeshService does not need tags we can safely deduplicate inbounds

func (*InboundConverter) LegacyInboundInterfacesFor deprecated added in v2.11.8 

func (i *InboundConverter) LegacyInboundInterfacesFor(ctx context.Context, zone string, pod *kube_core.Pod, services []*kube_core.Service) ([]*mesh_proto.Dataplane_Networking_Inbound, error)

Deprecated: LegacyInboundInterfacesFor is currently only used for delegated gateway and Mesh without MeshService exclusive to not change order of inbounds. For gateway we pick first inbound to take tags from. Delegated gateway identity relies on this. For Dataplanes when MeshService is disabled we base identity and routing on inbound tags TODO: We should revisit this when we rework identity. More in https://github.com/kumahq/kuma/issues/3339

type MeshReconciler 

type MeshReconciler struct {
	ResourceManager            manager.ResourceManager
	Log                        logr.Logger
	Extensions                 context.Context
	CreateMeshRoutingResources bool
	K8sStore                   bool
	CaManagers                 core_ca.Managers
	SystemNamespace            string
}

MeshReconciler creates default resources for created Mesh and ensures that CA was created

func (*MeshReconciler) Reconcile 

func (r *MeshReconciler) Reconcile(ctx context.Context, req kube_ctrl.Request) (kube_ctrl.Result, error)

func (*MeshReconciler) SetupWithManager 

func (r *MeshReconciler) SetupWithManager(mgr kube_ctrl.Manager) error

type MeshServiceExclusivePredicate added in v2.12.4 

type MeshServiceExclusivePredicate struct {
	predicate.Funcs
}

func (MeshServiceExclusivePredicate) Update added in v2.12.4 

func (p MeshServiceExclusivePredicate) Update(e event.UpdateEvent) bool

type MeshServiceReconciler 

type MeshServiceReconciler struct {
	kube_client.Client
	kube_record.EventRecorder
	Log               logr.Logger
	Scheme            *kube_runtime.Scheme
	ResourceConverter k8s_common.Converter
}

MeshServiceReconciler reconciles a MeshService object

func (*MeshServiceReconciler) Reconcile 

func (r *MeshServiceReconciler) Reconcile(ctx context.Context, req kube_ctrl.Request) (kube_ctrl.Result, error)

func (*MeshServiceReconciler) SetupWithManager 

func (r *MeshServiceReconciler) SetupWithManager(mgr kube_ctrl.Manager) error

type NameExtractor 

type NameExtractor struct {
	ReplicaSetGetter kube_client.Reader
	JobGetter        kube_client.Reader
}

func (*NameExtractor) Name 

func (n *NameExtractor) Name(ctx context.Context, pod *kube_core.Pod) (string, string, error)

type NamespaceReconciler 

type NamespaceReconciler struct {
	kube_client.Client
	Log logr.Logger

	CNIEnabled bool
}

NamespaceReconciler reconciles a Namespace object

func (*NamespaceReconciler) Reconcile 

func (r *NamespaceReconciler) Reconcile(ctx context.Context, req kube_ctrl.Request) (kube_ctrl.Result, error)

Reconcile is in charge of creating NetworkAttachmentDefinition if CNI enabled and namespace has label 'kuma.io/sidecar-injection: enabled'

func (*NamespaceReconciler) SetupWithManager 

func (r *NamespaceReconciler) SetupWithManager(mgr kube_ctrl.Manager) error

type PodConverter 

type PodConverter struct {
	ServiceGetter       kube_client.Reader
	NodeGetter          kube_client.Reader
	ResourceConverter   k8s_common.Converter
	InboundConverter    InboundConverter
	Zone                string
	SystemNamespace     string
	Mode                config_core.CpMode
	KubeOutboundsAsVIPs bool
	WorkloadLabels      []string
}

func (*PodConverter) BuiltinGatewayDataplane 

func (p *PodConverter) BuiltinGatewayDataplane(
	pod *kube_core.Pod,
	tags map[string]string,
) (*mesh_proto.Dataplane, error)

func (*PodConverter) EgressFor 

func (p *PodConverter) EgressFor(
	ctx context.Context,
	zoneEgress *mesh_proto.ZoneEgress,
	pod *kube_core.Pod,
	services []*kube_core.Service,
) error

func (*PodConverter) GatewayByDeploymentFor 

func (p *PodConverter) GatewayByDeploymentFor(ctx context.Context, clusterName string, pod *kube_core.Pod, services []*kube_core.Service) (*mesh_proto.Dataplane_Networking_Gateway, error)

func (*PodConverter) GatewayByServiceFor 

func (p *PodConverter) GatewayByServiceFor(ctx context.Context, clusterName string, pod *kube_core.Pod, services []*kube_core.Service) (*mesh_proto.Dataplane_Networking_Gateway, error)

func (*PodConverter) IngressFor 

func (p *PodConverter) IngressFor(
	ctx context.Context, zoneIngress *mesh_proto.ZoneIngress, pod *kube_core.Pod, services []*kube_core.Service,
) error

func (*PodConverter) OutboundInterfacesFor 

func (p *PodConverter) OutboundInterfacesFor(
	ctx context.Context,
	pod *kube_core.Pod,
	others []*mesh_k8s.Dataplane,
	reachableServices []string,
) ([]*mesh_proto.Dataplane_Networking_Outbound, error)

func (*PodConverter) PodToDataplane 

func (p *PodConverter) PodToDataplane(
	ctx context.Context,
	dataplane *mesh_k8s.Dataplane,
	pod *kube_core.Pod,
	services []*kube_core.Service,
	others []*mesh_k8s.Dataplane,
	mesh *core_mesh.MeshResource,
) error

func (*PodConverter) PodToEgress 

func (p *PodConverter) PodToEgress(ctx context.Context, zoneEgress *mesh_k8s.ZoneEgress, pod *kube_core.Pod, services []*kube_core.Service) error

func (*PodConverter) PodToIngress 

func (p *PodConverter) PodToIngress(ctx context.Context, zoneIngress *mesh_k8s.ZoneIngress, pod *kube_core.Pod, services []*kube_core.Service) error

type PodReconciler 

type PodReconciler struct {
	kube_client.Client
	kube_record.EventRecorder
	Scheme                       *kube_runtime.Scheme
	Log                          logr.Logger
	PodConverter                 PodConverter
	ResourceConverter            k8s_common.Converter
	SystemNamespace              string
	IgnoredServiceSelectorLabels []string
}

PodReconciler reconciles a Pod object

func (*PodReconciler) Reconcile 

func (r *PodReconciler) Reconcile(ctx context.Context, req kube_ctrl.Request) (kube_ctrl.Result, error)

func (*PodReconciler) SetupWithManager 

func (r *PodReconciler) SetupWithManager(mgr kube_ctrl.Manager, maxConcurrentReconciles int) error

type PodStatusReconciler 

type PodStatusReconciler struct {
	kube_client.Client
	kube_record.EventRecorder
	Scheme            *kube_runtime.Scheme
	ResourceManager   manager.ResourceManager
	Log               logr.Logger
	ResourceConverter k8s_common.Converter
	EnvoyAdminClient  admin.EnvoyAdminClient
}

PodStatusReconciler tracks pods status changes and signals kuma-dp when it has to complete but only when Kuma isn't using the SidecarContainer feature

func (*PodStatusReconciler) Reconcile 

func (r *PodStatusReconciler) Reconcile(ctx context.Context, req kube_ctrl.Request) (kube_ctrl.Result, error)

func (*PodStatusReconciler) SetupWithManager 

func (r *PodStatusReconciler) SetupWithManager(mgr kube_ctrl.Manager) error

type ReachableBackendRef added in v2.10.9 

type ReachableBackendRef struct {
	Kind      string            `json:"kind,omitempty"`
	Name      *string           `json:"name,omitempty"`
	Namespace *string           `json:"namespace,omitempty"`
	Port      *uint32           `json:"port,omitempty"`
	Labels    map[string]string `json:"labels,omitempty"`
}

type ReachableBackendRefs added in v2.10.9 

type ReachableBackendRefs struct {
	Refs []*ReachableBackendRef `json:"refs,omitempty"`
}

type ServiceReconciler 

type ServiceReconciler struct {
	kube_client.Client
	Log logr.Logger
}

ServiceReconciler reconciles a Service object

func (*ServiceReconciler) Reconcile 

func (r *ServiceReconciler) Reconcile(ctx context.Context, req kube_ctrl.Request) (kube_ctrl.Result, error)

Reconcile is in charge of injecting "ingress.kubernetes.io/service-upstream" annotation to the Services that are in Kuma enabled namespaces

func (*ServiceReconciler) SetupWithManager 

func (r *ServiceReconciler) SetupWithManager(mgr kube_ctrl.Manager) error

type WorkloadReconciler added in v2.13.0 

type WorkloadReconciler struct {
	kube_client.Client
	kube_record.EventRecorder
	Log logr.Logger
}

WorkloadReconciler reconciles Workload resources based on Dataplane labels

func (*WorkloadReconciler) Reconcile added in v2.13.0 

func (r *WorkloadReconciler) Reconcile(ctx context.Context, req kube_ctrl.Request) (kube_ctrl.Result, error)

func (*WorkloadReconciler) SetupWithManager added in v2.13.0 

func (r *WorkloadReconciler) SetupWithManager(mgr kube_ctrl.Manager) error

Source Files

View all Source files

Directories

Path Synopsis
attachment
common
referencegrants
This file lives in a dedicated "metadata" subpackage, because the Origin type/values are imported by many components (generators, plugins, controllers, hooks, etc.).
 This file lives in a dedicated "metadata" subpackage, because the Origin type/values are imported by many components (generators, plugins, controllers, hooks, etc.).

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.