Documentation
¶
Overview ¶
Package dag provides a data model, in the form of a directed acyclic graph, of the relationship between Kubernetes Ingress, Service, and Secret objects.
Package dag provides a data model, in the form of a directed acyclic graph, of the relationship between Kubernetes Ingress, Service, and Secret objects.
Index ¶
Constants ¶
const ( StatusValid = "valid" StatusInvalid = "invalid" StatusOrphaned = "orphaned" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Builder ¶
type Builder struct {
KubernetesCache
// ExternalInsecurePort is the port that HTTP
// requests will arrive at the ELB or NAT that
// presents Envoy at the edge network.
// If not supplied, defaults to 80.
ExternalInsecurePort int
// ExternalSecurePort is the port that HTTPS
// requests will arrive at the ELB or NAT that
// presents Envoy at the edge network.
// If not supplied, defaults to 443.
ExternalSecurePort int
}
A Builder builds a *DAGs
type DAG ¶
type DAG struct {
// contains filtered or unexported fields
}
A DAG represents a directed acylic graph of objects representing the relationship between Kubernetes Ingress objects, the backend Services, and Secret objects. The DAG models these relationships as Roots and Vertices.
type HTTPService ¶ added in v0.8.0
type HTTPService struct {
TCPService
// Protocol is the layer 7 protocol of this service
// One of "", "h2", or "h2c".
Protocol string
}
HTTPService represents a Kuberneres Service object which speaks HTTP/1.1 or HTTP/2.0.
type KubernetesCache ¶
type KubernetesCache struct {
// IngressRouteRootNamespaces specifies the namespaces where root
// IngressRoutes can be defined. If empty, roots can be defined in any
// namespace.
IngressRouteRootNamespaces []string
// contains filtered or unexported fields
}
A KubernetesCache holds Kubernetes objects and associated configuration and produces DAG values.
func (*KubernetesCache) Insert ¶
func (kc *KubernetesCache) Insert(obj interface{})
Insert inserts obj into the KubernetesCache. If an object with a matching type, name, and namespace exists, it will be overwritten.
func (*KubernetesCache) Remove ¶
func (kc *KubernetesCache) Remove(obj interface{})
Remove removes obj from the KubernetesCache. If no object with a matching type, name, and namespace exists in the DAG, no action is taken.
type Listener ¶ added in v0.10.0
type Listener struct {
// Address is the TCP address to listen on.
// If blank 0.0.0.0, or ::/0 for IPv6, is assumed.
Address string
// Port is the TCP port to listen on.
Port int
VirtualHosts map[string]Vertex
}
A Listener represents a TCP socket that accepts incoming connections.
type Route ¶
type Route struct {
Prefix string
// Should this route generate a 301 upgrade if accessed
// over HTTP?
HTTPSUpgrade bool
// Is this a websocket route?
// TODO(dfc) this should go on the service
Websocket bool
// A timeout applied to requests on this route.
// A timeout of zero implies "use envoy's default"
// A timeout of -1 represents "infinity"
// TODO(dfc) should this move to service?
Timeout time.Duration
// RetryOn specifies the conditions under which retry takes place.
// If empty, retries will not be performed.
RetryOn string
// NumRetries specifies the allowed number of retries.
// Ignored if RetryOn is blank, or defaults to 1 if RetryOn is set.
NumRetries int
// PerTryTimeout specifies the timeout per retry attempt.
// Ignored if RetryOn is blank.
PerTryTimeout time.Duration
// Indicates that during forwarding, the matched prefix (or path) should be swapped with this value
PrefixRewrite string
// contains filtered or unexported fields
}
type Secret ¶
type Secret struct {
Object *v1.Secret
}
Secret represents a K8s Secret for TLS usage as a DAG Vertex. A Secret is a leaf in the DAG.
type SecureVirtualHost ¶
type SecureVirtualHost struct {
VirtualHost
// TLS minimum protocol version. Defaults to auth.TlsParameters_TLS_AUTO
MinProtoVersion auth.TlsParameters_TlsProtocol
// The cert and key for this host.
*Secret
}
A SecureVirtualHost represents a HTTP host protected by TLS.
func (*SecureVirtualHost) Visit ¶
func (s *SecureVirtualHost) Visit(f func(Vertex))
type Status ¶
type Status struct {
Object *ingressroutev1.IngressRoute
Status string
Description string
Vhost string
}
Status contains the status for an IngressRoute (valid / invalid / orphan, etc)
type TCPProxy ¶ added in v0.8.0
type TCPProxy struct {
// Services to proxy decrypted traffic to.
Services []*TCPService
}
TCPProxy represents a cluster of TCP endpoints.
type TCPService ¶ added in v0.8.0
type TCPService struct {
Name, Namespace string
*v1.ServicePort
Weight int
// The load balancer type to use when picking a host in the cluster.
// See https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/cds.proto#envoy-api-enum-cluster-lbpolicy
LoadBalancerStrategy string
// Max connections is maximum number of connections
// that Envoy will make to the upstream cluster.
MaxConnections int
// MaxPendingRequests is maximum number of pending
// requests that Envoy will allow to the upstream cluster.
MaxPendingRequests int
// MaxRequests is the maximum number of parallel requests that
// Envoy will make to the upstream cluster.
MaxRequests int
// MaxRetries is the maximum number of parallel retries that
// Envoy will allow to the upstream cluster.
MaxRetries int
HealthCheck *ingressroutev1.HealthCheck
}
TCPService represents a Kuberentes Service that speaks TCP. That's all we know.
func (*TCPService) Visit ¶ added in v0.8.0
func (s *TCPService) Visit(func(Vertex))
type VirtualHost ¶
type VirtualHost struct {
// Name is the fully qualified domain name of a network host,
// as defined by RFC 3986.
Name string
// Service to TCP proxy all incoming connections.
*TCPProxy
// contains filtered or unexported fields
}
A VirtualHost represents a named L4/L7 service.
func (*VirtualHost) Visit ¶
func (v *VirtualHost) Visit(f func(Vertex))
Source Files