controller

package
v0.0.0-...-f97a448 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 20, 2026 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// GlobalMachineSpecifiedConfigNamespace is the location for global
	// config.  In particular, the operator will put the configmap with the
	// CA certificate in this namespace.
	GlobalMachineSpecifiedConfigNamespace = "openshift-config-managed"

	// GlobalUserSpecifiedConfigNamespace is the namespace for configuring OpenShift.
	GlobalUserSpecifiedConfigNamespace = "openshift-config"

	// IngressOperatorOwnedAnnotation is the key for the annotation that
	// indicates that the ingress operator owns the annotated resource.
	// Note that this annotation is currently only intended to be added to
	// subscriptions, and only when creating a new subscription.
	IngressOperatorOwnedAnnotation = "ingress.operator.openshift.io/owned"

	// ControllerDeploymentLabel identifies a deployment as an ingress controller
	// deployment, and the value is the name of the owning ingress controller.
	ControllerDeploymentLabel = "ingresscontroller.operator.openshift.io/deployment-ingresscontroller"

	// ControllerDeploymentHashLabel identifies an ingress controller
	// deployment's generation.  This label is used for affinity, to
	// colocate replicas of different generations of the same ingress
	// controller, and for anti-affinity, to prevent colocation of replicas
	// of the same generation of the same ingress controller.
	ControllerDeploymentHashLabel = "ingresscontroller.operator.openshift.io/hash"

	// CanaryDaemonsetLabel identifies a daemonset as an ingress canary daemonset, and
	// the value is the name of the owning canary controller.
	CanaryDaemonSetLabel = "ingresscanary.operator.openshift.io/daemonset-ingresscanary"

	DefaultOperatorNamespace = "openshift-ingress-operator"
	DefaultOperandNamespace  = "openshift-ingress"

	// DefaultCanaryNamespace is the default namespace for
	// the ingress canary check resources.
	DefaultCanaryNamespace = "openshift-ingress-canary"

	// Remote worker label, used for node affinity of router deployment.
	// Router should not run on remote worker nodes
	RemoteWorkerLabel = "node.openshift.io/remote-worker"

	// OpenshiftOperatorNamespace is the default namespace for
	// the openshift operator resources.
	OpenshiftOperatorNamespace = "openshift-operators"

	// OpenShiftGatewayClassControllerName is the string by which a
	// gatewayclass identifies itself as belonging to OpenShift Istio.  If a
	// gatewayclass's spec.controllerName field is set to this value, then
	// the gatewayclass is ours.
	OpenShiftGatewayClassControllerName = "openshift.io/gateway-controller/v1"

	// OpenShiftDefaultGatewayClassName is the name of the default
	// gatewayclass that Istio creates when it is installed.
	OpenShiftDefaultGatewayClassName = "openshift-default"

	// OpenShiftGatewayCARootCertName is the name of the configmap with the
	// CA bundle that Istio creates for the Istio CR that this operator
	// creates.
	OpenShiftGatewayCARootCertName = "openshift-gw-ca-root-cert"

	// IstioRevLabelKey is the key for the gateway label that Istio checks
	// for to determine whether it should reconcile that gateway.
	IstioRevLabelKey = "istio.io/rev"

	GatewayClassIndexFieldName = "gatewayclassController"
)

Variables

This section is empty.

Functions

func CRLConfigMapName 

func CRLConfigMapName(ic *operatorv1.IngressController) types.NamespacedName

CRLConfigMapName returns the namespaced name for the CRL configmap.

func CanaryDaemonSetName 

func CanaryDaemonSetName() types.NamespacedName

func CanaryDaemonSetPodSelector 

func CanaryDaemonSetPodSelector(canaryControllerName string) *metav1.LabelSelector

func CanaryRouteName 

func CanaryRouteName() types.NamespacedName

func CanaryServiceName 

func CanaryServiceName() types.NamespacedName

func ClientCAConfigMapName 

func ClientCAConfigMapName(ic *operatorv1.IngressController) types.NamespacedName

ClientCAConfigMapName returns the namespaced name for the operator-managed client CA configmap, which is a copy of the user-managed configmap from the openshift-config namespace.

func DefaultIngressCertConfigMapName 

func DefaultIngressCertConfigMapName() types.NamespacedName

DefaultIngressCertConfigMapName returns the namespaced name for the default ingress cert configmap. The operator uses this configmap to publish the public key that golang clients can use to trust the default ingress wildcard serving cert.

func FeatureGateClusterConfigName 

func FeatureGateClusterConfigName() types.NamespacedName

FeatureGateClusterConfigName returns the namespaced name of the featuregates.config.openshift.io resource of the cluster.

func GatewayDNSRecordName 

func GatewayDNSRecordName(gateway *gatewayapiv1.Gateway, host string) types.NamespacedName

GatewayDNSRecordName returns the namespaced name for a DNSRecord CR associated with a Gateway. This CR is created in the Gateway's namespace and is named using the Gateway's name, listener's hashed host name, and the suffix "-wildcard".

func HttpErrorCodePageConfigMapName 

func HttpErrorCodePageConfigMapName(ic *operatorv1.IngressController) types.NamespacedName

HttpErrorCodePageConfigMapName returns the namespaced name for the errorpage configmap.

func InfrastructureClusterConfigName 

func InfrastructureClusterConfigName() types.NamespacedName

InfrastructureClusterConfigName returns the namespaced name of the infrastructure.config.openshift.io resource of the cluster.

func IngressClassName 

func IngressClassName(ingressControllerName string) types.NamespacedName

func IngressClusterConfigName 

func IngressClusterConfigName() types.NamespacedName

IngressClusterConfigName returns the namespaced name of the ingress.config.openshift.io resource for the operator.

func IngressClusterOperatorName 

func IngressClusterOperatorName() types.NamespacedName

IngressClusterOperatorName returns the namespaced name of the ClusterOperator resource for the operator.

func IngressControllerDeploymentLabel 

func IngressControllerDeploymentLabel(ic *operatorv1.IngressController) string

func IngressControllerDeploymentPodSelector 

func IngressControllerDeploymentPodSelector(ic *operatorv1.IngressController) *metav1.LabelSelector

func IngressControllerServiceMonitorName 

func IngressControllerServiceMonitorName(ic *operatorv1.IngressController) types.NamespacedName

func InternalIngressControllerServiceName 

func InternalIngressControllerServiceName(ic *operatorv1.IngressController) types.NamespacedName

func IstioName 

func IstioName(operandNamespace string) types.NamespacedName

IstioName returns the namespaced name for the Istio CR that the ingress operator creates when Gateway API is enabled.

func LoadBalancerServiceName 

func LoadBalancerServiceName(ic *operatorv1.IngressController) types.NamespacedName

func LoadBalancerServiceNameFromICName 

func LoadBalancerServiceNameFromICName(icName string) types.NamespacedName

func NodePortServiceName 

func NodePortServiceName(ic *operatorv1.IngressController) types.NamespacedName

func RouterCASecretName 

func RouterCASecretName(operatorNamespace string) types.NamespacedName

RouterCASecretName returns the namespaced name for the router CA secret. This secret holds the CA certificate that the operator will use to create default certificates for ingresscontrollers.

func RouterCertsGlobalSecretName 

func RouterCertsGlobalSecretName() types.NamespacedName

RouterCertsGlobalSecretName returns the namespaced name for the router certs secret. The operator uses this secret to publish the default certificates and their keys, so that the authentication operator can configure the OAuth server to use the same certificates.

func RouterDeploymentName 

func RouterDeploymentName(ci *operatorv1.IngressController) types.NamespacedName

RouterDeploymentName returns the namespaced name for the router deployment.

func RouterEffectiveDefaultCertificateSecretName 

func RouterEffectiveDefaultCertificateSecretName(ci *operatorv1.IngressController, namespace string) types.NamespacedName

RouterEffectiveDefaultCertificateSecretName returns the namespaced name for the in-use router default certificate secret.

func RouterOperatorGeneratedDefaultCertificateSecretName 

func RouterOperatorGeneratedDefaultCertificateSecretName(ci *operatorv1.IngressController, namespace string) types.NamespacedName

RouterOperatorGeneratedDefaultCertificateSecretName returns the namespaced name for the operator-generated router default certificate secret.

func RouterPodDisruptionBudgetName 

func RouterPodDisruptionBudgetName(ic *operatorv1.IngressController) types.NamespacedName

RouterPodDisruptionBudgetName returns the namespaced name for the router deployment's pod disruption budget.

func RsyslogConfigMapName 

func RsyslogConfigMapName(ic *operatorv1.IngressController) types.NamespacedName

RsyslogConfigMapName returns the namespaced name for the rsyslog configmap.

func ServiceCAConfigMapName 

func ServiceCAConfigMapName() types.NamespacedName

ServiceCAConfigMapName returns the namespaced name for the configmap with the service CA bundle.

func ServiceMeshOperatorSubscriptionName 

func ServiceMeshOperatorSubscriptionName() types.NamespacedName

ServiceMeshOperatorSubscriptionName returns the namespaced name for a Subscription CR to install the OpenShift Service Mesh Operator.

func WildcardDNSRecordName 

func WildcardDNSRecordName(ic *operatorv1.IngressController) types.NamespacedName

Types

This section is empty.

Source Files

View all Source files

Directories

Path Synopsis
The certificate controller is responsible for the following:
 The certificate controller is responsible for the following:
The certificate-publisher controller is responsible for publishing the certificate and key of the ingresscontroller for the cluster ingress domain to the "router-certs" secret in the "openshift-config-managed" namespace and for publishing the certificate for the default ingresscontroller to the "default-ingress-cert" configmap in the same namespace.
 The certificate-publisher controller is responsible for publishing the certificate and key of the ingresscontroller for the cluster ingress domain to the "router-certs" secret in the "openshift-config-managed" namespace and for publishing the certificate for the default ingresscontroller to the "default-ingress-cert" configmap in the same namespace.
test
util

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.