controller

package
v2.16.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 22, 2024 License: Apache-2.0 Imports: 56 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	KubernetesMode     ControllerMode = "kubernetes"
	OpenShiftMode      ControllerMode = "openshift"
	CustomResourceMode ControllerMode = "customresource"

	Create = "Create"
	Update = "Update"
	Delete = "Delete"

	// DefaultNativeResourceLabel is a label used for kubernetes/openshift Resources.
	DefaultNativeResourceLabel = "f5nr in (true)"

	Shared = "Shared"

	F5RouterName = "F5 BIG-IP"

	HTTP  = "http"
	HTTPS = "https"

	//OVN K8S CNI
	OVN_K8S                    = "ovn-k8s"
	OVNK8sNodeSubnetAnnotation = "k8s.ovn.org/node-subnets"
	OVNK8sNodeIPAnnotation     = "k8s.ovn.org/node-primary-ifaddr"
	//k8s.ovn.org/host-addresses is changed to k8s.ovn.org/host-cidrs in openshift 4.14
	OVNK8sNodeIPAnnotation2 = "k8s.ovn.org/host-addresses"
	OvnK8sNodeIPAnnotation3 = "k8s.ovn.org/host-cidrs"

	//Cilium CNI
	CILIUM_K8S                      = "cilium-k8s"
	CiliumK8sNodeSubnetAnnotation12 = "io.cilium.network.ipv4-pod-cidr"
	CiliumK8sNodeSubnetAnnotation13 = "network.cilium.io/ipv4-pod-cidr"
)
View Source 
const (
	// DefaultCustomResourceLabel is a label used for F5 Custom Resources.
	DefaultCustomResourceLabel = "f5cr in (true)"
	// VirtualServer is a F5 Custom Resource Kind.
	VirtualServer = "VirtualServer"
	// TLSProfile is a F5 Custom Resource Kind
	TLSProfile = "TLSProfile"
	// IngressLink is a Custom Resource used by both F5 and Nginx
	IngressLink = "IngressLink"
	// TransportServer is a F5 Custom Resource Kind
	TransportServer = "TransportServer"
	// ExternalDNS is a F5 Custom Resource Kind
	ExternalDNS = "ExternalDNS"
	// Policy is collection of BIG-IP profiles, LTM policies and iRules
	CustomPolicy = "CustomPolicy"
	// IPAM is a F5 Custom Resource Kind
	IPAM = "IPAM"
	// Service is a k8s native Service Resource.
	Service = "Service"
	//Pod  is a k8s native object
	Pod = "Pod"
	//Secret  is a k8s native object
	K8sSecret = "Secret"
	// Endpoints is a k8s native Endpoint Resource.
	Endpoints = "Endpoints"
	// Namespace is k8s namespace
	Namespace = "Namespace"
	// ConfigMap is k8s native ConfigMap resource
	ConfigMap = "ConfigMap"
	// Route is OpenShift Route
	Route = "Route"
	// Node update
	NodeUpdate = "Node"

	NodePort = "nodeport"
	Cluster  = "cluster"

	Local = "local"

	StandAloneCIS = "standalone"
	SecondaryCIS  = "secondary"
	PrimaryCIS    = "primary"
	// Namespace is k8s namespace
	HACIS = "HACIS"

	// Primary cluster health probe
	DefaultProbeInterval = 60
	DefaultRetryInterval = 15

	PolicyControlForward = "forwarding"
	// Namespace for IPAM CRD
	IPAMNamespace = "kube-system"

	// TLS Terminations
	TLSEdge             = "edge"
	AllowSourceRange    = "allowSourceRange"
	DefaultPool         = "defaultPool"
	TLSReencrypt        = "reencrypt"
	TLSPassthrough      = "passthrough"
	TLSRedirectInsecure = "redirect"
	TLSAllowInsecure    = "allow"
	TLSNoInsecure       = "none"

	LBServiceIPAMLabelAnnotation       = "cis.f5.com/ipamLabel"
	LBServiceIPAnnotation              = "cis.f5.com/ip"
	LBServiceHostAnnotation            = "cis.f5.com/host"
	HealthMonitorAnnotation            = "cis.f5.com/health"
	LBServicePolicyNameAnnotation      = "cis.f5.com/policyName"
	LegacyHealthMonitorAnnotation      = "virtual-server.f5.com/health"
	PodConcurrentConnectionsAnnotation = "virtual-server.f5.com/pod-concurrent-connections"

	//Antrea NodePortLocal support
	NPLPodAnnotation = "nodeportlocal.antrea.io"
	NPLSvcAnnotation = "nodeportlocal.antrea.io/enabled"
	NodePortLocal    = "nodeportlocal"
	Auto             = "auto"
)
View Source 
const (
	DEFAULT_MODE       string = "tcp"
	DEFAULT_BALANCE    string = "round-robin"
	DEFAULT_HTTP_PORT  int32  = 80
	DEFAULT_HTTPS_PORT int32  = 443
	DEFAULT_SNAT       string = "auto"

	// Constants for CustomProfile.Type as defined in CCCL
	CustomProfileAll    string = "all"
	CustomProfileClient string = "clientside"
	CustomProfileServer string = "serverside"

	// Constants for CustomProfile.PeerCertMode
	PeerCertRequired = "require"
	PeerCertIgnored  = "ignore"
	PeerCertDefault  = PeerCertIgnored

	// Constants
	HttpRedirectIRuleName = "http_redirect_irule"
	// Constants
	HttpRedirectNoHostIRuleName = "http_redirect_irule_nohost"
	// Internal data group for https redirect
	HttpsRedirectDgName = "https_redirect_dg"
	TLSIRuleName        = "tls_irule"
	ABPathIRuleName     = "ab_deployment_path_irule"
)
View Source 
const (
	// reference for profiles stored in BIG-IP
	BIGIP = "bigip"
	// reference for profiles stores as secrets in k8s cluster
	Secret = "secret"
	// refrence for profiles stored a mix of secret and bigip
	Hybrid = "hybrid"
	// reference for routes
	Certificate = "certificate"
	// reference for service“
	ServiceRef = "service"
)

constants for TLS references

View Source 
const (
	PolicySSLOption           = "policySSL"
	AnnotationSSLOption       = "annotation"
	RouteCertificateSSLOption = "routeCertificate"
	DefaultSSLOption          = "defaultSSL"
	InvalidSSLOption          = "invalid"
)

constants for SSL options

View Source 
const (
	Active          HAModeType      = "active-active"
	StandBy         HAModeType      = "active-standby"
	Ratio           HAModeType      = "ratio"
	None            AutoMonitorType = "none"
	ReadinessProbe  AutoMonitorType = "readiness-probe"
	ServiceEndpoint AutoMonitorType = "service-endpoint"
)
View Source 
const (
	SourceAddress      = "sourceAddress"
	DestinationAddress = "destinationAddress"
	CookieRewrite      = "cookieRewrite"
	CookieInsert       = "cookieInsert"
	CookiePassive      = "cookiePassive"
	CookieHash         = "cookieHash"
	Hash               = "hash"
	Carp               = "carp"
	Universal          = "universal"
	Disable            = "none"
)
View Source 
const (
	NotEnabled = iota
	InvalidInput
	NotRequested
	Requested
	Allocated
)
View Source 
const AbDeploymentDgName = "ab_deployment_dg"

Internal data group for ab deployment routes.

View Source 
const AllowSourceRangeDgName = "allowSourceRange"
View Source 
const DataGroupAllowSourceRangeType = "ip"

Allow Source Range

View Source 
const DataGroupType = "string"

Internal DataGroup Default Type

View Source 
const DefaultPoolsDgName = "default_pool_servername_dg"

Internal data group for default pool of a virtual server.

View Source 
const EdgeHostsDgName = "ssl_edge_servername_dg"

Internal data group for edge termination.

View Source 
const EdgeServerSslDgName = "ssl_edge_serverssl_dg"

Internal data group for edge termination that maps the host name to the false. This will help Irule to understand ssl should be disabled on serverside.

View Source 
const PassthroughHostsDgName = "ssl_passthrough_servername_dg"

Internal data group for passthrough termination.

View Source 
const ReencryptHostsDgName = "ssl_reencrypt_servername_dg"

Internal data group for reencrypt termination.

View Source 
const ReencryptServerSslDgName = "ssl_reencrypt_serverssl_dg"

Internal data group for reencrypt termination that maps the host name to the server ssl profile.

Variables

View Source 
var DEFAULT_GTM_PARTITION string
View Source 
var DEFAULT_PARTITION string
View Source 
var K8SCoreServices = map[string]bool{
	"kube-dns":                    true,
	"kube-scheduler":              true,
	"kube-controller-manager":     true,
	"kube-apiserver":              true,
	"docker-registry":             true,
	"kubernetes":                  true,
	"registry-console":            true,
	"router":                      true,
	"kubelet":                     true,
	"console":                     true,
	"alertmanager-main":           true,
	"alertmanager-operated":       true,
	"cluster-monitoring-operator": true,
	"kube-state-metrics":          true,
	"node-exporter":               true,
	"kube-proxy":                  true,
	"flannel":                     true,
	"etcd":                        true,
	"antrea":                      true,
}
View Source 
var OSCPCoreServices = map[string]bool{
	"openshift":                          true,
	"metrics":                            true,
	"api":                                true,
	"check-endpoints":                    true,
	"oauth-openshift":                    true,
	"cco-metrics":                        true,
	"machine-approver":                   true,
	"node-tuning-operator":               true,
	"performance-addon-operator-service": true,
	"cluster-storage-operator-metrics":   true,
	"csi-snapshot-controller-operator-metrics": true,
	"csi-snapshot-webhook":                     true,
	"cluster-version-operator":                 true,
	"downloads":                                true,
	"controller-manager":                       true,
	"dns-default":                              true,
	"image-registry-operator":                  true,
	"router-internal-default":                  true,
	"apiserver":                                true,
	"scheduler":                                true,
	"cluster-autoscaler-operator":              true,
	"cluster-baremetal-operator-service":       true,
	"cluster-baremetal-webhook-service":        true,
	"machine-api-controllers":                  true,
	"machine-api-operator":                     true,
	"machine-api-operator-webhook":             true,
	"machine-config-controller":                true,
	"machine-config-daemon":                    true,
	"certified-operators":                      true,
	"community-operators":                      true,
	"marketplace-operator-metrics":             true,
	"redhat-marketplace":                       true,
	"redhat-operators":                         true,
	"openshift-state-metrics":                  true,
	"telemeter-client":                         true,
	"thanos-querier":                           true,
	"multus-admission-controller":              true,
	"network-metrics-service":                  true,
	"network-check-source":                     true,
	"network-check-target":                     true,
	"catalog-operator-metrics":                 true,
	"olm-operator-metrics":                     true,
	"packageserver-service":                    true,
	"sdn":                                      true,
	"sdn-controller":                           true,
}

Functions

func AS3NameFormatter 

func AS3NameFormatter(name string) string

AS3NameFormatter formarts resources names according to AS3 convention TODO: Should we use this? Or this will be done in agent?

func DeepEqualJSON 

func DeepEqualJSON(decl1, decl2 as3Declaration) bool

func JoinBigipPath 

func JoinBigipPath(partition, objName string) string

Types

type Agent 

type Agent struct {
	*PostManager
	Partition    string
	ConfigWriter writer.Writer
	EventChan    chan interface{}

	PythonDriverPID int

	HttpAddress string
	EnableIPV6  bool

	HAMode         bool
	GTMPostManager *GTMPostManager
	// contains filtered or unexported fields
}

func NewAgent 

func NewAgent(params AgentParams) *Agent

func (*Agent) PostConfig 

func (agent *Agent) PostConfig(rsConfig ResourceConfigRequest)

func (*Agent) PostGTMConfig 

func (agent *Agent) PostGTMConfig(config ResourceConfigRequest)

func (*Agent) Stop 

func (agent *Agent) Stop()

type AgentParams 

type AgentParams struct {
	PostParams                      PostParams
	GTMParams                       PostParams
	PrimaryClusterHealthProbeParams PrimaryClusterHealthProbeParams
	// VxlnParams      VXLANParams
	Partition          string
	LogLevel           string
	VerifyInterval     int
	VXLANName          string
	PythonBaseDir      string
	UserAgent          string
	HttpAddress        string
	EnableIPV6         bool
	DisableARP         bool
	CCCLGTMAgent       bool
	StaticRoutingMode  bool
	SharedStaticRoutes bool
	MultiClusterMode   string
}

type AlternateBackend added in v2.13.0 

type AlternateBackend struct {
	Service          string `json:"service"`
	ServiceNamespace string `json:"serviceNamespace,omitempty"`
	Weight           int32  `json:"weight,omitempty"`
}

AlternateBackends lists backend svc of A/B

type AnalyticsProfiles added in v2.13.0 

type AnalyticsProfiles struct {
	HTTPAnalyticsProfile string `json:"http,omitempty"`
}

type AnnotationsUsed added in v2.12.0 

type AnnotationsUsed struct {
	WAF              bool
	AllowSourceRange bool
}

type AutoMonitorType added in v2.15.0 

type AutoMonitorType string

type BaseRouteConfig 

type BaseRouteConfig struct {
	TLSCipher               TLSCipher               `yaml:"tlsCipher"`
	DefaultTLS              DefaultSSLProfile       `yaml:"defaultTLS,omitempty"`
	DefaultRouteGroupConfig DefaultRouteGroupConfig `yaml:"defaultRouteGroup,omitempty"`
	AutoMonitor             AutoMonitorType         `yaml:"autoMonitor,omitempty"`
	AutoMonitorTimeout      int                     `yaml:"autoMonitorTimeout,omitempty"`
}

type BigIPSSLProfiles 

type BigIPSSLProfiles struct {
	// contains filtered or unexported fields
}

type CRInformer 

type CRInformer struct {
	// contains filtered or unexported fields
}

CRInformer defines the structure of Custom Resource Informer

type CacheIPAM added in v2.13.0 

type CacheIPAM struct {
	IPAM *ficV1.IPAM
	sync.Mutex
}

type ClusterDetails added in v2.14.0 

type ClusterDetails struct {
	ClusterName string                    `yaml:"clusterName"`
	Secret      string                    `yaml:"secret"`
	Ratio       *int                      `yaml:"ratio"`
	AdminState  clustermanager.AdminState `yaml:"adminState"`
}

type CommonInformer 

type CommonInformer struct {
	// contains filtered or unexported fields
}

type Controller 

type Controller struct {
	Partition      string
	Agent          *Agent
	PoolMemberType string

	UseNodeInternal bool

	TeemData *teem.TeemsData

	StaticRoutingMode   bool
	OrchestrationCNI    string
	StaticRouteNodeCIDR string
	// contains filtered or unexported fields
}

Controller defines the structure of K-Native and Custom Resource Controller

func NewController 

func NewController(params Params, startController bool) *Controller

NewController creates a new Controller Instance.

func (*Controller) CISHealthCheck added in v2.15.0 

func (ctlr *Controller) CISHealthCheck()

func (*Controller) CISHealthCheckHandler added in v2.15.0 

func (ctlr *Controller) CISHealthCheckHandler() http.Handler

func (*Controller) GetHostFromHostPath 

func (ctlr *Controller) GetHostFromHostPath(hostPath string) string

func (*Controller) GetPodsForService 

func (ctlr *Controller) GetPodsForService(namespace, serviceName, clusterName string, nplAnnotationRequired bool) []*v1.Pod

GetPodsForService returns podList with labels set to svc selector

func (*Controller) GetPoolBackends added in v2.13.0 

func (ctlr *Controller) GetPoolBackends(pool *cisapiv1.VSPool) []SvcBackendCxt

return the services associated with a virtualserver pool (svc names + weight)

func (*Controller) GetRouteBackends added in v2.14.0 

func (ctlr *Controller) GetRouteBackends(route *routeapi.Route, clusterSvcs []cisapiv1.MultiClusterServiceReference) []RouteBackendCxt

GetRouteBackends returns the services associated with a route (names + weight)

func (*Controller) GetService 

func (ctlr *Controller) GetService(namespace, serviceName string) *v1.Service

returns service obj with servicename

func (*Controller) GetServiceRouteWithoutHealthAnnotation 

func (ctlr *Controller) GetServiceRouteWithoutHealthAnnotation(svcKey MultiClusterServiceKey) *routeapi.Route

func (*Controller) GetServicesForPod 

func (ctlr *Controller) GetServicesForPod(pod *v1.Pod, clusterName string) *v1.Service

func (*Controller) HandlePathBasedABIRule 

func (ctlr *Controller) HandlePathBasedABIRule(
	rsCfg *ResourceConfig,
	vsHost string,
	tlsTerminationType string,
)

func (*Controller) ProcessAssociatedExternalDNS 

func (ctlr *Controller) ProcessAssociatedExternalDNS(hostnames []string)

func (*Controller) ProcessNodeUpdate 

func (ctlr *Controller) ProcessNodeUpdate(obj interface{}, clusterName string)

ProcessNodeUpdate Check for a change in Node state

func (*Controller) ProcessRouteEDNS 

func (ctlr *Controller) ProcessRouteEDNS(hosts []string)

func (*Controller) RemoveIPAMCRHostSpec 

func (ctlr *Controller) RemoveIPAMCRHostSpec(ipamCR *ficV1.IPAM, key string, index int) (res *ficV1.IPAM, err error)

func (*Controller) SetupNodeProcessing 

func (ctlr *Controller) SetupNodeProcessing(clusterName string) error

func (*Controller) Start 

func (ctlr *Controller) Start()

Start the Controller

func (*Controller) Stop 

func (ctlr *Controller) Stop()

Stop the Controller

func (*Controller) UpdatePoolHealthMonitors 

func (ctlr *Controller) UpdatePoolHealthMonitors(svcKey MultiClusterServiceKey)

UpdatePoolHealthMonitors we need to call this method on update of pod/ pool members update

func (*Controller) UpdatePoolMembersForNodeUpdate added in v2.14.0 

func (ctlr *Controller) UpdatePoolMembersForNodeUpdate(clusterName string)

func (*Controller) VerifyIPAMAssociatedHostGroupExists 

func (ctlr *Controller) VerifyIPAMAssociatedHostGroupExists(key string) bool

Get List of VirtualServers associated with the IPAM resource

type ControllerMode 

type ControllerMode string

type CustomProfile 

type CustomProfile struct {
	Name                 string `json:"name"`
	Partition            string `json:"-"`
	Context              string `json:"context"` // 'clientside', 'serverside', or 'all'
	Ciphers              string `json:"ciphers,omitempty"`
	CipherGroup          string `json:"cipherGroup,omitempty"`
	TLS1_3Enabled        bool   `json:"tls1_3Enabled"`
	ServerName           string `json:"serverName,omitempty"`
	SNIDefault           bool   `json:"sniDefault,omitempty"`
	PeerCertMode         string `json:"peerCertMode,omitempty"`
	CAFile               string `json:"caFile,omitempty"`
	ChainCA              string `json:"chainCA,omitempty"`
	Certificates         []certificate
	RenegotiationEnabled *bool `json:"renegotiationEnabled,omitempty"`
}

SSL Profile loaded from Secret or Route object

func NewCustomProfile 

func NewCustomProfile(
	profile ProfileRef,
	certificates []certificate,
	serverName string,
	sni bool,
	peerCertMode,
	caFile string,
	chainCA string,
	tlsCipher TLSCipher,
	renegotiation *bool,
) CustomProfile

type CustomProfileStore 

type CustomProfileStore struct {
	sync.Mutex
	Profs map[SecretKey]CustomProfile
}

Store of CustomProfiles

type DataGroupNamespaceMap 

type DataGroupNamespaceMap map[string]*InternalDataGroup

type DefaultRouteGroupConfig 

type DefaultRouteGroupConfig struct {
	BigIpPartition        string                 `yaml:"bigIpPartition"` // bigip Partition
	DefaultRouteGroupSpec ExtendedRouteGroupSpec `yaml:",inline"`
}

type DefaultSSLProfile 

type DefaultSSLProfile struct {
	ClientSSL string `yaml:"clientSSL,omitempty"`
	ServerSSL string `yaml:"serverSSL,omitempty"`
	Reference string `yaml:"reference,omitempty"`
}

type ExtendedRouteGroupConfig 

type ExtendedRouteGroupConfig struct {
	Namespace              string `yaml:"namespace"`      // Group Identifier
	NamespaceLabel         string `yaml:"namespaceLabel"` // Group Identifier
	BigIpPartition         string `yaml:"bigIpPartition"` // bigip Partition
	ExtendedRouteGroupSpec `yaml:",inline"`
}

type ExtendedRouteGroupSpec 

type ExtendedRouteGroupSpec struct {
	VServerName        string `yaml:"vserverName"`
	VServerAddr        string `yaml:"vserverAddr"`
	AllowOverride      string `yaml:"allowOverride"`
	Policy             string `yaml:"policyCR,omitempty"`
	HTTPServerPolicyCR string `yaml:"httpServerPolicyCR,omitempty"`
	Meta               Meta
}

type ExternalClusterConfig added in v2.14.0 

type ExternalClusterConfig struct {
	ClusterName string                    `yaml:"clusterName"`
	Secret      string                    `yaml:"secret"`
	Ratio       *int                      `yaml:"ratio"`
	AdminState  clustermanager.AdminState `yaml:"adminState"`
}

type GSLBPool 

type GSLBPool struct {
	Name           string    `json:"name"`
	RecordType     string    `json:"recordType"`
	LBMethod       string    `json:"LoadBalancingMode"`
	LBModeFallBack string    `json:"fallbackMode"`
	PriorityOrder  int       `json:"order"`
	Ratio          int       `json:"ratio"`
	Members        []string  `json:"members"`
	Monitors       []Monitor `json:"monitors,omitempty"`
	DataServer     string
}

type GTMConfig 

type GTMConfig map[string]GTMPartitionConfig

GTMConfig key is PartitionName

type GTMParams 

type GTMParams struct {
	GTMBigIpUsername string
	GTMBigIpPassword string
	GTMBigIpUrl      string
}

type GTMPartitionConfig 

type GTMPartitionConfig struct {
	// WideIPs: key is domainName, and value is WideIP
	WideIPs map[string]WideIP
}

type GTMPostManager added in v2.15.0 

type GTMPostManager struct {
	*PostManager
	Partition string
}

func NewGTMPostManager added in v2.15.0 

func NewGTMPostManager(params AgentParams) *GTMPostManager

func (*GTMPostManager) PostGTMConfig added in v2.15.0 

func (gtmPostManager *GTMPostManager) PostGTMConfig(rsConfig ResourceConfigRequest)

type HAClusterConfig added in v2.14.0 

type HAClusterConfig struct {
	//HAMode                 HAMode         `yaml:"mode"`
	PrimaryClusterEndPoint string         `yaml:"primaryEndPoint"`
	ProbeInterval          int            `yaml:"probeInterval"`
	RetryInterval          int            `yaml:"retryInterval"`
	PrimaryCluster         ClusterDetails `yaml:"primaryCluster"`
	SecondaryCluster       ClusterDetails `yaml:"secondaryCluster"`
}

type HAMode added in v2.14.0 

type HAMode struct {
	// type can be active-active, active-standby, ratio
	Type HAModeType `yaml:"type"`
}

type HAModeType added in v2.14.0 

type HAModeType string

type IRule 

type IRule struct {
	Name      string `json:"name"`
	Partition string `json:"-"`
	Code      string `json:"apiAnonymous"`
}

iRules

func NewIRule 

func NewIRule(name, partition, code string) *IRule

type IRulesMap 

type IRulesMap map[NameRef]*IRule

type InternalDataGroup 

type InternalDataGroup struct {
	Name      string                   `json:"name"`
	Partition string                   `json:"-"`
	Type      string                   `json:"-"`
	Records   InternalDataGroupRecords `json:"records"`
}

func (*InternalDataGroup) AddOrUpdateRecord 

func (idg *InternalDataGroup) AddOrUpdateRecord(name, data string) bool

func (*InternalDataGroup) RemoveRecord 

func (idg *InternalDataGroup) RemoveRecord(name string) bool

type InternalDataGroupMap 

type InternalDataGroupMap map[NameRef]DataGroupNamespaceMap

type InternalDataGroupRecord 

type InternalDataGroupRecord struct {
	Name string `json:"name"`
	Data string `json:"data"`
}

type InternalDataGroupRecords 

type InternalDataGroupRecords []InternalDataGroupRecord

func (InternalDataGroupRecords) Len 

func (slice InternalDataGroupRecords) Len() int

func (InternalDataGroupRecords) Less 

func (slice InternalDataGroupRecords) Less(i, j int) bool

func (InternalDataGroupRecords) Swap 

func (slice InternalDataGroupRecords) Swap(i, j int)

type LTMConfig 

type LTMConfig map[string]*PartitionConfig

LTMConfig contain partition based ResourceMap

func (LTMConfig) GetAllPoolMembers 

func (lc LTMConfig) GetAllPoolMembers() []PoolMember

type Meta 

type Meta struct {
	DependsOnTLS bool
}

type Monitor 

type Monitor struct {
	Name        string `json:"name"`
	Partition   string `json:"-"`
	Interval    int    `json:"interval,omitempty"`
	Type        string `json:"type,omitempty"`
	Send        string `json:"send,omitempty"`
	Recv        string `json:"recv"`
	Timeout     int    `json:"timeout,omitempty"`
	TargetPort  int32  `json:"targetPort,omitempty"`
	Path        string `json:"path,omitempty"`
	TimeUntilUp *int   `json:"timeUntilUp,omitempty"`
	SSLProfile  string `json:"sslProfile,omitempty"`
}

Monitor is Pool health monitor

type MonitorName 

type MonitorName struct {
	Name string `json:"name"`
	// Reference is used to link existing health monitor on bigip
	Reference string `json:"reference,omitempty"`
}

type Monitors 

type Monitors []Monitor

Monitors is slice of monitor

type MultiClusterPoolInformer added in v2.14.0 

type MultiClusterPoolInformer struct {
	// contains filtered or unexported fields
}

type MultiClusterResourceStore added in v2.14.0 

type MultiClusterResourceStore struct {
	sync.Mutex
	// contains filtered or unexported fields
}

type MultiClusterServiceConfig added in v2.14.0 

type MultiClusterServiceConfig struct {
	// contains filtered or unexported fields
}

type MultiClusterServiceKey added in v2.14.0 

type MultiClusterServiceKey struct {
	// contains filtered or unexported fields
}

type MultiPoolPersistence added in v2.15.0 

type MultiPoolPersistence struct {
	Method  string `json:"method,omitempty"`
	TimeOut int32  `json:"timeOut,omitempty"`
}

type NPLAnnoations 

type NPLAnnoations []NPLAnnotation

List of NPL annotations

type NPLAnnotation 

type NPLAnnotation struct {
	PodPort  int32  `json:"podPort"`
	NodeIP   string `json:"nodeIP"`
	NodePort int32  `json:"nodePort"`
}

NPL information from pod annotation

type NPLStore 

type NPLStore map[string]NPLAnnoations

key is namespace/pod. stores list of npl annotation on pod

type NRInformer 

type NRInformer struct {
	// contains filtered or unexported fields
}

NRInformer is informer context for Native Resources of Kubernetes/Openshift

type NSInformer 

type NSInformer struct {
	// contains filtered or unexported fields
}

type NameRef 

type NameRef struct {
	Name      string `json:"name"`
	Partition string `json:"partition"`
}

virtual server policy/profile reference

type Node 

type Node struct {
	Name   string
	Addr   string
	Labels map[string]string
}

type NodeInformer added in v2.14.0 

type NodeInformer struct {
	// contains filtered or unexported fields
}

type NodeList 

type NodeList []v1.Node

func (NodeList) Len 

func (nodes NodeList) Len() int

sort Nodes by Name

func (NodeList) Less 

func (nodes NodeList) Less(i, j int) bool

func (NodeList) Swap 

func (nodes NodeList) Swap(i, j int)

type Params 

type Params struct {
	Config                      *rest.Config
	Namespaces                  []string
	NamespaceLabel              string
	Partition                   string
	Agent                       *Agent
	PoolMemberType              string
	VXLANName                   string
	VXLANMode                   string
	CiliumTunnelName            string
	UseNodeInternal             bool
	NodePollInterval            int
	NodeLabelSelector           string
	ShareNodes                  bool
	IPAM                        bool
	IPAMClusterLabel            string
	DefaultRouteDomain          int
	Mode                        ControllerMode
	GlobalExtendedSpecConfigmap string
	RouteLabel                  string
	StaticRoutingMode           bool
	OrchestrationCNI            string
	StaticRouteNodeCIDR         string
	MultiClusterMode            string
}

Params defines parameters

type PartitionConfig 

type PartitionConfig struct {
	ResourceMap   ResourceMap
	Priority      *int
	PriorityMutex sync.RWMutex
}

PartitionConfig contains ResourceMap and priority of partition

type PersistMetaData added in v2.16.0 

type PersistMetaData struct {
	Name    string `json:"name,omitempty"`
	Netmask string `json:"netmask,omitempty"`
	Key     string `json:"key,omitempty"`
	Timeout int32  `json:"timeout,omitempty"`
	Expiry  string `json:"expiry,omitempty"`
	Offset  int32  `json:"offset,omitempty"`
	Length  int32  `json:"length,omitempty"`
}

type Policies 

type Policies []Policy

Policies is slice of policy

type Policy 

type Policy struct {
	Name        string   `json:"name"`
	Partition   string   `json:"-"`
	SubPath     string   `json:"subPath,omitempty"`
	Controls    []string `json:"controls,omitempty"`
	Description string   `json:"description,omitempty"`
	Legacy      bool     `json:"legacy,omitempty"`
	Requires    []string `json:"requires,omitempty"`
	Rules       Rules    `json:"rules,omitempty"`
	Strategy    string   `json:"strategy,omitempty"`
}

Policy Virtual policy

func (*Policy) AddRules 

func (pol *Policy) AddRules(rls *Rules)

type Pool 

type Pool struct {
	Name                 string                                  `json:"name"`
	Partition            string                                  `json:"-"`
	ServiceName          string                                  `json:"-"`
	ServiceNamespace     string                                  `json:"-"`
	ServicePort          intstr.IntOrString                      `json:"-"`
	Balance              string                                  `json:"loadBalancingMethod,omitempty"`
	Members              []PoolMember                            `json:"members"`
	NodeMemberLabel      string                                  `json:"-"`
	MonitorNames         []MonitorName                           `json:"monitors,omitempty"`
	MinimumMonitors      intstr.IntOrString                      `json:"minimumMonitors,omitempty"`
	ReselectTries        int32                                   `json:"reselectTries,omitempty"`
	ServiceDownAction    string                                  `json:"serviceDownAction,omitempty"`
	SlowRampTime         int32                                   `json:"slowRampTime,omitempty"`
	Weight               int32                                   `json:"weight,omitempty"`
	AlternateBackends    []AlternateBackend                      `json:"alternateBackends"`
	MultiClusterServices []cisapiv1.MultiClusterServiceReference `json:"_"`
	Cluster              string                                  `json:"-"`
	ConnectionLimit      int32                                   `json:"-"`
}

Pool config

type PoolIdentifier added in v2.14.0 

type PoolIdentifier struct {
	// contains filtered or unexported fields
}

type PoolMember 

type PoolMember struct {
	Address         string `json:"address"`
	Port            int32  `json:"port"`
	MemberType      string `json:"memberType"`
	SvcPort         int32  `json:"svcPort,omitempty"`
	Session         string `json:"session,omitempty"`
	AdminState      string `json:"adminState,omitempty"`
	ConnectionLimit int32  `json:"connectionLimit,omitempty"`
}

type PoolMemberCache 

type PoolMemberCache map[MultiClusterServiceKey]*poolMembersInfo

PoolMemberCache key is namespace/service

type Pools 

type Pools []Pool

Pools is slice of pool

type PostManager 

type PostManager struct {
	PostParams
	PrimaryClusterHealthProbeParams PrimaryClusterHealthProbeParams

	AS3VersionInfo as3VersionInfo
	// contains filtered or unexported fields
}

func NewPostManager 

func NewPostManager(params AgentParams, gtmPostMgr bool) *PostManager

func (*PostManager) GetAS3DeclarationFromBigIP added in v2.14.0 

func (postMgr *PostManager) GetAS3DeclarationFromBigIP() (map[string]interface{}, error)

func (*PostManager) GetBigipAS3Version 

func (postMgr *PostManager) GetBigipAS3Version() (string, string, string, error)

func (*PostManager) GetBigipRegKey 

func (postMgr *PostManager) GetBigipRegKey() (string, error)

GetBigipRegKey ...

func (*PostManager) IsBigIPAppServicesAvailable added in v2.15.0 

func (postMgr *PostManager) IsBigIPAppServicesAvailable() error

Method to verify if App Services are installed or CIS as3 version is compatible with BIG-IP, it will return with error if any one of the requirements are not met

type PostParams 

type PostParams struct {
	BIGIPUsername string
	BIGIPPassword string
	BIGIPURL      string
	TrustedCerts  string
	SSLInsecure   bool
	AS3PostDelay  int
	// Log the AS3 response body in Controller logs
	LogAS3Response    bool
	LogAS3Request     bool
	HTTPClientMetrics bool
}

type PrimaryClusterHealthProbeParams added in v2.14.0 

type PrimaryClusterHealthProbeParams struct {
	EndPoint     string
	EndPointType string
	// contains filtered or unexported fields
}

type ProcessedHostPath 

type ProcessedHostPath struct {
	sync.Mutex
	// contains filtered or unexported fields
}

Store of CustomProfiles

type ProfileHTTP2 added in v2.13.0 

type ProfileHTTP2 struct {
	Client string `json:"client,omitempty"`
	Server string `json:"server,omitempty"`
}

type ProfileRef 

type ProfileRef struct {
	Name      string `json:"name"`
	Partition string `json:"partition"`
	Context   string `json:"context"` // 'clientside', 'serverside', or 'all'
	// Used as reference to which Namespace/Ingress this profile came from
	// (for deletion purposes)
	Namespace    string `json:"-"`
	BigIPProfile bool   `json:"-"`
}

ProfileRef is a Reference to pre-existing profiles

func ConvertStringToProfileRef 

func ConvertStringToProfileRef(profileName, context, ns string) ProfileRef

ConvertStringToProfileRef converts strings to profile references

type ProfileRefs 

type ProfileRefs []ProfileRef

ProfileRefs is a list of ProfileRef

func (ProfileRefs) Len 

func (slice ProfileRefs) Len() int

func (ProfileRefs) Less 

func (slice ProfileRefs) Less(i, j int) bool

func (ProfileRefs) Swap 

func (slice ProfileRefs) Swap(i, j int)

type ProfileTCP 

type ProfileTCP struct {
	Client string `json:"client,omitempty"`
	Server string `json:"server,omitempty"`
}

type ResourceConfig 

type ResourceConfig struct {
	MetaData       metaData         `json:"-"`
	Virtual        Virtual          `json:"virtual,omitempty"`
	Pools          Pools            `json:"pools,omitempty"`
	Policies       Policies         `json:"policies,omitempty"`
	Monitors       []Monitor        `json:"monitors,omitempty"`
	ServiceAddress []ServiceAddress `json:"serviceAddress,omitempty"`
	IRulesMap      IRulesMap
	IntDgMap       InternalDataGroupMap
	// contains filtered or unexported fields
}

ResourceConfig contains a set of LTM resources to create a Virtual Server

func (*ResourceConfig) AddRuleToPolicy 

func (rsCfg *ResourceConfig) AddRuleToPolicy(policyName, partition string, rules *Rules)

func (*ResourceConfig) FindPolicy 

func (rc *ResourceConfig) FindPolicy(controlType string) *Policy

FindPolicy gets the information of a policy

func (*ResourceConfig) GetName 

func (cfg *ResourceConfig) GetName() string

func (*ResourceConfig) SetPolicy 

func (rc *ResourceConfig) SetPolicy(policy Policy)

SetPolicy sets a policy

type ResourceConfigRequest 

type ResourceConfigRequest struct {
	// contains filtered or unexported fields
}

type ResourceConfigs 

type ResourceConfigs []*ResourceConfig

ResourceConfigs is group of ResourceConfig

type ResourceMap 

type ResourceMap map[string]*ResourceConfig

ResourceMap key is resource name, value is pointer to config. May be shared.

type ResourceStore 

type ResourceStore struct {
	// contains filtered or unexported fields
}

ResourceStore contain processed LTM and GTM resource data

func NewResourceStore 

func NewResourceStore() *ResourceStore

NewResourceStore is Constructor for ResourceStore

func (*ResourceStore) Init 

func (rs *ResourceStore) Init()

Init is Receiver to initialize the object.

type RouteBackendCxt 

type RouteBackendCxt struct {
	Weight       float64
	Name         string
	Cluster      string
	SvcNamespace string
}

type Rule 

type Rule struct {
	Name       string       `json:"name"`
	FullURI    string       `json:"-"`
	Ordinal    int          `json:"ordinal,omitempty"`
	Actions    []*action    `json:"actions,omitempty"`
	Conditions []*condition `json:"conditions,omitempty"`
}

Rule config for a Policy

type Rules 

type Rules []*Rule

Rules is a slice of Rule

func (Rules) Len 

func (rules Rules) Len() int

func (Rules) Less 

func (rules Rules) Less(i, j int) bool

func (Rules) Swap 

func (rules Rules) Swap(i, j int)

type SecretKey 

type SecretKey struct {
	Name         string
	ResourceName string
}

type ServiceAddress 

type ServiceAddress struct {
	ArpEnabled         bool   `json:"arpEnabled,omitempty"`
	ICMPEcho           string `json:"icmpEcho,omitempty"`
	RouteAdvertisement string `json:"routeAdvertisement,omitempty"`
	TrafficGroup       string `json:"trafficGroup,omitempty"`
	SpanningEnabled    bool   `json:"spanningEnabled,omitempty"`
}

ServiceAddress Service IP address definition (BIG-IP virtual-address).

type ServiceTypeLBHealthMonitor 

type ServiceTypeLBHealthMonitor struct {
	Interval int `json:"interval"`
	Timeout  int `json:"timeout"`
}

This is the format for each item in the health monitor annotation used in the ServiceType LB objects.

type Services 

type Services []*v1.Service

func (Services) Len 

func (svcs Services) Len() int

sort services by timestamp

func (Services) Less 

func (svcs Services) Less(i, j int) bool

func (Services) Swap 

func (svcs Services) Swap(i, j int)

type SourceAddrTranslation 

type SourceAddrTranslation struct {
	Type string `json:"type"`
	Pool string `json:"pool,omitempty"`
}

SourceAddrTranslation is Virtual Server Source Address Translation

type SvcBackendCxt added in v2.13.0 

type SvcBackendCxt struct {
	Weight       float64
	Name         string
	SvcNamespace string `json:"svcNamespace,omitempty"`
	Cluster      string
}

type TLSCipher 

type TLSCipher struct {
	TLSVersion  string `yaml:"tlsVersion,omitempty"`
	Ciphers     string `yaml:"ciphers,omitempty"`
	CipherGroup string `yaml:"cipherGroup,omitempty"` // by default this is bigip reference
}

type TLSContext 

type TLSContext struct {
	// contains filtered or unexported fields
}

type TLSVersion 

type TLSVersion string
const (
	TLSVerion1_3 TLSVersion = "1.3"
)

type VSSpecProperties added in v2.12.0 

type VSSpecProperties struct {
	PoolWAF bool
}

type Virtual 

type Virtual struct {
	Name                       string                `json:"name"`
	PoolName                   string                `json:"pool,omitempty"`
	Partition                  string                `json:"-"`
	Destination                string                `json:"destination"`
	Enabled                    bool                  `json:"enabled"`
	IpProtocol                 string                `json:"ipProtocol,omitempty"`
	SourceAddrTranslation      SourceAddrTranslation `json:"sourceAddressTranslation,omitempty"`
	Policies                   []nameRef             `json:"policies,omitempty"`
	Profiles                   ProfileRefs           `json:"profiles,omitempty"`
	IRules                     []string              `json:"rules,omitempty"`
	Description                string                `json:"description,omitempty"`
	VirtualAddress             *virtualAddress       `json:"-"`
	AdditionalVirtualAddresses []string              `json:"additionalVirtualAddresses,omitempty"`
	SNAT                       string                `json:"snat,omitempty"`
	ConnectionMirroring        string                `json:"connectionMirroring,omitempty"`
	WAF                        string                `json:"waf,omitempty"`
	Firewall                   string                `json:"firewallPolicy,omitempty"`
	LogProfiles                []string              `json:"logProfiles,omitempty"`
	ProfileL4                  string                `json:"profileL4,omitempty"`
	ProfileMultiplex           string                `json:"profileMultiplex,omitempty"`
	ProfileWebSocket           string                `json:"profileWebSocket,omitempty"`
	ProfileDOS                 string                `json:"profileDOS,omitempty"`
	ProfileBotDefense          string                `json:"profileBotDefense,omitempty"`
	TCP                        ProfileTCP            `json:"tcp,omitempty"`
	HTTP2                      ProfileHTTP2          `json:"http2,omitempty"`
	Mode                       string                `json:"mode,omitempty"`
	TranslateServerAddress     bool                  `json:"translateServerAddress"`
	TranslateServerPort        bool                  `json:"translateServerPort"`
	Source                     string                `json:"source,omitempty"`
	AllowVLANs                 []string              `json:"allowVlans,omitempty"`
	PersistenceProfile         string                `json:"persistenceProfile,omitempty"`
	TLSTermination             string                `json:"-"`
	AllowSourceRange           []string              `json:"allowSourceRange,omitempty"`
	HttpMrfRoutingEnabled      *bool                 `json:"httpMrfRoutingEnabled,omitempty"`
	IpIntelligencePolicy       string                `json:"ipIntelligencePolicy,omitempty"`
	AutoLastHop                string                `json:"lastHop,omitempty"`
	AnalyticsProfiles          AnalyticsProfiles     `json:"analyticsProfiles,omitempty"`
	MultiPoolPersistence       MultiPoolPersistence  `json:"multiPoolPersistence,omitempty"`
	HTMLProfile                string                `json:"htmlProfile,omitempty"`
}

Virtual server config

func (*Virtual) AddIRule 

func (v *Virtual) AddIRule(ruleName string) bool

Adds an IRule reference to a Virtual object

func (*Virtual) AddOrUpdateProfile 

func (v *Virtual) AddOrUpdateProfile(prof ProfileRef) bool

AddOrUpdateProfile updates profile to rsCfg

func (*Virtual) SetVirtualAddress 

func (v *Virtual) SetVirtualAddress(bindAddr string, port int32)

SetVirtualAddress sets a VirtualAddress

type Virtuals 

type Virtuals []Virtual

Virtuals is slice of virtuals

type WideIP 

type WideIP struct {
	DomainName            string     `json:"name"`
	ClientSubnetPreferred *bool      `json:"clientSubnetPreferred,omitempty"`
	RecordType            string     `json:"recordType"`
	LBMethod              string     `json:"LoadBalancingMode"`
	PersistenceEnabled    bool       `json:"persistenceEnabled"`
	PersistCidrIPv4       uint8      `json:"persistCidrIpv4"`
	PersistCidrIPv6       uint8      `json:"persistCidrIpv6"`
	TTLPersistence        uint32     `json:"ttlPersistence"`
	Pools                 []GSLBPool `json:"pools"`
	UID                   string
}

type WideIPs 

type WideIPs struct {
	WideIPs []WideIP `json:"wideIPs"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.