loadbalancers

package
v1.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 16, 2018 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source
const (

	// DefaultHost is the host used if none is specified. It is a valid value
	// for the "Host" field recognized by GCE.
	DefaultHost = "*"

	// DefaultPath is the path used if none is specified. It is a valid path
	// recognized by GCE.
	DefaultPath = "/*"

	// Every target https proxy accepts upto 10 ssl certificates.
	TargetProxyCertLimit = 10
)

Variables

This section is empty.

Functions

func GCEResourceName

func GCEResourceName(ingAnnotations map[string]string, resourceName string) string

GCEResourceName retrieves the name of the gce resource created for this Ingress, of the given resource type, by inspecting the map of ingress annotations.

func GetCertHash added in v1.1.0

func GetCertHash(contents string) string

func GetLBAnnotations

func GetLBAnnotations(l7 *L7, existing map[string]string, backendPool backends.BackendPool) map[string]string

GetLBAnnotations returns the annotations of an l7. This includes it's current status.

Types

type FakeLoadBalancers

type FakeLoadBalancers struct {
	Fw    []*compute.ForwardingRule
	Um    []*compute.UrlMap
	Tp    []*compute.TargetHttpProxy
	Tps   []*compute.TargetHttpsProxy
	IP    []*compute.Address
	Certs []*compute.SslCertificate
	// contains filtered or unexported fields
}

FakeLoadBalancers is a type that fakes out the loadbalancer interface.

func NewFakeLoadBalancers

func NewFakeLoadBalancers(name string, namer *utils.Namer) *FakeLoadBalancers

NewFakeLoadBalancers creates a fake cloud client. Name is the name inserted into the selfLink of the associated resources for testing. eg: forwardingRule.SelfLink == k8-fw-name.

func (*FakeLoadBalancers) CheckURLMap

func (f *FakeLoadBalancers) CheckURLMap(l7 *L7, expectedMap map[string]utils.FakeIngressRuleValueMap) error

CheckURLMap checks the URL map.

func (*FakeLoadBalancers) CreateGlobalForwardingRule

func (f *FakeLoadBalancers) CreateGlobalForwardingRule(rule *compute.ForwardingRule) error

CreateGlobalForwardingRule fakes forwarding rule creation.

func (*FakeLoadBalancers) CreateSslCertificate

func (f *FakeLoadBalancers) CreateSslCertificate(cert *compute.SslCertificate) (*compute.SslCertificate, error)

CreateSslCertificate fakes out certificate creation.

func (*FakeLoadBalancers) CreateTargetHttpProxy

func (f *FakeLoadBalancers) CreateTargetHttpProxy(proxy *compute.TargetHttpProxy) error

CreateTargetHttpProxy fakes creating a target http proxy.

func (*FakeLoadBalancers) CreateTargetHttpsProxy

func (f *FakeLoadBalancers) CreateTargetHttpsProxy(proxy *compute.TargetHttpsProxy) error

CreateTargetHttpsProxy fakes creating a target http proxy.

func (*FakeLoadBalancers) CreateUrlMap

func (f *FakeLoadBalancers) CreateUrlMap(urlMap *compute.UrlMap) error

CreateUrlMap fakes url-map creation.

func (*FakeLoadBalancers) DeleteGlobalAddress

func (f *FakeLoadBalancers) DeleteGlobalAddress(name string) error

DeleteGlobalAddress fakes out static IP deletion.

func (*FakeLoadBalancers) DeleteGlobalForwardingRule

func (f *FakeLoadBalancers) DeleteGlobalForwardingRule(name string) error

DeleteGlobalForwardingRule fakes deleting a global forwarding rule.

func (*FakeLoadBalancers) DeleteSslCertificate

func (f *FakeLoadBalancers) DeleteSslCertificate(name string) error

DeleteSslCertificate fakes out certificate deletion.

func (*FakeLoadBalancers) DeleteTargetHttpProxy

func (f *FakeLoadBalancers) DeleteTargetHttpProxy(name string) error

DeleteTargetHttpProxy fakes deleting a target http proxy.

func (*FakeLoadBalancers) DeleteTargetHttpsProxy

func (f *FakeLoadBalancers) DeleteTargetHttpsProxy(name string) error

DeleteTargetHttpsProxy fakes deleting a target http proxy.

func (*FakeLoadBalancers) DeleteUrlMap

func (f *FakeLoadBalancers) DeleteUrlMap(name string) error

DeleteUrlMap fakes url-map deletion.

func (*FakeLoadBalancers) FWName

func (f *FakeLoadBalancers) FWName(https bool) string

FWName returns the name of the firewall given the protocol.

TODO: There is some duplication between these functions and the name mungers in loadbalancer file.

func (*FakeLoadBalancers) GetForwardingRulesWithIPs

func (f *FakeLoadBalancers) GetForwardingRulesWithIPs(ip []string) (fwRules []*compute.ForwardingRule)

GetForwardingRulesWithIPs returns all forwarding rules that match the given ips.

func (*FakeLoadBalancers) GetGlobalAddress

func (f *FakeLoadBalancers) GetGlobalAddress(name string) (*compute.Address, error)

GetGlobalAddress fakes out static IP retrieval.

func (*FakeLoadBalancers) GetGlobalForwardingRule

func (f *FakeLoadBalancers) GetGlobalForwardingRule(name string) (*compute.ForwardingRule, error)

GetGlobalForwardingRule returns a fake forwarding rule.

func (*FakeLoadBalancers) GetSslCertificate

func (f *FakeLoadBalancers) GetSslCertificate(name string) (*compute.SslCertificate, error)

GetSslCertificate fakes out getting ssl certs.

func (*FakeLoadBalancers) GetTargetHttpProxy

func (f *FakeLoadBalancers) GetTargetHttpProxy(name string) (*compute.TargetHttpProxy, error)

GetTargetHttpProxy fakes getting target http proxies from the cloud.

func (*FakeLoadBalancers) GetTargetHttpsProxy

func (f *FakeLoadBalancers) GetTargetHttpsProxy(name string) (*compute.TargetHttpsProxy, error)

GetTargetHttpsProxy fakes getting target http proxies from the cloud.

func (*FakeLoadBalancers) GetUrlMap

func (f *FakeLoadBalancers) GetUrlMap(name string) (*compute.UrlMap, error)

GetUrlMap fakes getting url maps from the cloud.

func (*FakeLoadBalancers) ListGlobalForwardingRules

func (f *FakeLoadBalancers) ListGlobalForwardingRules() ([]*compute.ForwardingRule, error)

func (*FakeLoadBalancers) ListSslCertificates added in v1.1.0

func (f *FakeLoadBalancers) ListSslCertificates() ([]*compute.SslCertificate, error)

func (*FakeLoadBalancers) ListUrlMaps added in v1.1.0

func (f *FakeLoadBalancers) ListUrlMaps() ([]*compute.UrlMap, error)

ListUrlMaps fakes getting url maps from the cloud.

func (*FakeLoadBalancers) ReserveGlobalAddress

func (f *FakeLoadBalancers) ReserveGlobalAddress(addr *compute.Address) error

ReserveGlobalAddress fakes out static IP reservation.

func (*FakeLoadBalancers) SetProxyForGlobalForwardingRule

func (f *FakeLoadBalancers) SetProxyForGlobalForwardingRule(forwardingRuleName, proxyLink string) error

SetProxyForGlobalForwardingRule fakes setting a global forwarding rule.

func (*FakeLoadBalancers) SetSslCertificateForTargetHttpsProxy

func (f *FakeLoadBalancers) SetSslCertificateForTargetHttpsProxy(proxy *compute.TargetHttpsProxy, SSLCerts []*compute.SslCertificate) error

SetSslCertificateForTargetHttpsProxy fakes out setting certificates.

func (*FakeLoadBalancers) SetUrlMapForTargetHttpProxy

func (f *FakeLoadBalancers) SetUrlMapForTargetHttpProxy(proxy *compute.TargetHttpProxy, urlMap *compute.UrlMap) error

SetUrlMapForTargetHttpProxy fakes setting an url-map for a target http proxy.

func (*FakeLoadBalancers) SetUrlMapForTargetHttpsProxy

func (f *FakeLoadBalancers) SetUrlMapForTargetHttpsProxy(proxy *compute.TargetHttpsProxy, urlMap *compute.UrlMap) error

SetUrlMapForTargetHttpsProxy fakes setting an url-map for a target http proxy.

func (*FakeLoadBalancers) String

func (f *FakeLoadBalancers) String() string

String is the string method for FakeLoadBalancers.

func (*FakeLoadBalancers) TPName

func (f *FakeLoadBalancers) TPName(https bool) string

func (*FakeLoadBalancers) UMName

func (f *FakeLoadBalancers) UMName() string

func (*FakeLoadBalancers) UpdateUrlMap

func (f *FakeLoadBalancers) UpdateUrlMap(urlMap *compute.UrlMap) error

UpdateUrlMap fakes updating url-maps.

type L7

type L7 struct {
	Name string
	// contains filtered or unexported fields
}

L7 represents a single L7 loadbalancer.

func (*L7) Cleanup

func (l *L7) Cleanup() error

Cleanup deletes resources specific to this l7 in the right order. forwarding rule -> target proxy -> url map This leaves backends and health checks, which are shared across loadbalancers.

func (*L7) GetIP

func (l *L7) GetIP() string

GetIP returns the ip associated with the forwarding rule for this l7.

func (*L7) UpdateUrlMap

func (l *L7) UpdateUrlMap(ingressRules utils.GCEURLMap) error

UpdateUrlMap translates the given hostname: endpoint->port mapping into a gce url map.

HostRule: Conceptually contains all PathRules for a given host. PathMatcher: Associates a path rule with a host rule. Mostly an optimization. PathRule: Maps a single path regex to a backend.

The GCE url map allows multiple hosts to share url->backend mappings without duplication, eg:

Host: foo(PathMatcher1), bar(PathMatcher1,2)
PathMatcher1:
  /a -> b1
  /b -> b2
PathMatcher2:
  /c -> b1

This leads to a lot of complexity in the common case, where all we want is a mapping of host->{/path: backend}.

Consider some alternatives:

  1. Using a single backend per PathMatcher: Host: foo(PathMatcher1,3) bar(PathMatcher1,2,3) PathMatcher1: /a -> b1 PathMatcher2: /c -> b1 PathMatcher3: /b -> b2
  2. Using a single host per PathMatcher: Host: foo(PathMatcher1) PathMatcher1: /a -> b1 /b -> b2 Host: bar(PathMatcher2) PathMatcher2: /a -> b1 /b -> b2 /c -> b1

In the context of kubernetes services, 2 makes more sense, because we rarely want to lookup backends (service:nodeport). When a service is deleted, we need to find all host PathMatchers that have the backend and remove the mapping. When a new path is added to a host (happens more frequently than service deletion) we just need to lookup the 1 pathmatcher of the host.

func (*L7) UrlMap

func (l *L7) UrlMap() *compute.UrlMap

UrlMap returns the UrlMap associated with the L7 load balancer.

type L7RuntimeInfo

type L7RuntimeInfo struct {
	// Name is the name of a loadbalancer.
	Name string
	// IP is the desired ip of the loadbalancer, eg from a staticIP.
	IP string
	// TLS are the tls certs to use in termination.
	TLS []*TLSCerts
	// TLSName is the name of the preshared cert to use. Multiple certs can be specified as a comma-separated string
	TLSName string
	// AllowHTTP will not setup :80, if TLS is nil and AllowHTTP is set,
	// no loadbalancer is created.
	AllowHTTP bool
	// The name of a Global Static IP. If specified, the IP associated with
	// this name is used in the Forwarding Rules for this loadbalancer.
	StaticIPName string
}

L7RuntimeInfo is info passed to this module from the controller runtime.

func (*L7RuntimeInfo) String

func (l *L7RuntimeInfo) String() string

String returns the load balancer name

type L7s

type L7s struct {
	// contains filtered or unexported fields
}

L7s implements LoadBalancerPool.

func (*L7s) Add

func (l *L7s) Add(ri *L7RuntimeInfo) (err error)

Add gets or creates a loadbalancer. If the loadbalancer already exists, it checks that its edges are valid.

func (*L7s) Delete

func (l *L7s) Delete(name string) error

Delete deletes a loadbalancer by name.

func (*L7s) GC

func (l *L7s) GC(names []string) error

GC garbage collects loadbalancers not in the input list.

func (*L7s) GLBCDefaultBackend

func (l *L7s) GLBCDefaultBackend() *compute.BackendService

GLBCDefaultBackend returns the BackendService used when no path rules match.

func (*L7s) Get

func (l *L7s) Get(name string) (*L7, error)

Get returns the loadbalancer by name.

func (*L7s) Namer

func (l *L7s) Namer() *utils.Namer

Namer returns the namer associated with the L7s.

func (*L7s) Shutdown

func (l *L7s) Shutdown() error

Shutdown logs whether or not the pool is empty.

func (*L7s) Sync

func (l *L7s) Sync(lbs []*L7RuntimeInfo) error

Sync loadbalancers with the given runtime info from the controller.

type LoadBalancerPool

type LoadBalancerPool interface {
	Get(name string) (*L7, error)
	Add(ri *L7RuntimeInfo) error
	Delete(name string) error
	Sync(ri []*L7RuntimeInfo) error
	GC(names []string) error
	Shutdown() error
}

LoadBalancerPool is an interface to manage the cloud resources associated with a gce loadbalancer.

func NewLoadBalancerPool

func NewLoadBalancerPool(
	cloud LoadBalancers,
	defaultBackendPool backends.BackendPool,
	defaultBackendNodePort backends.ServicePort, namer *utils.Namer) LoadBalancerPool

NewLoadBalancerPool returns a new loadbalancer pool.

  • cloud: implements LoadBalancers. Used to sync L7 loadbalancer resources with the cloud.
  • defaultBackendPool: a BackendPool used to manage the GCE BackendService for the default backend.
  • defaultBackendNodePort: The nodePort of the Kubernetes service representing the default backend.

type LoadBalancers

type LoadBalancers interface {
	// Forwarding Rules
	GetGlobalForwardingRule(name string) (*compute.ForwardingRule, error)
	CreateGlobalForwardingRule(rule *compute.ForwardingRule) error
	DeleteGlobalForwardingRule(name string) error
	SetProxyForGlobalForwardingRule(fw, proxy string) error
	ListGlobalForwardingRules() ([]*compute.ForwardingRule, error)

	// UrlMaps
	GetUrlMap(name string) (*compute.UrlMap, error)
	CreateUrlMap(urlMap *compute.UrlMap) error
	UpdateUrlMap(urlMap *compute.UrlMap) error
	DeleteUrlMap(name string) error
	ListUrlMaps() ([]*compute.UrlMap, error)

	// TargetProxies
	GetTargetHttpProxy(name string) (*compute.TargetHttpProxy, error)
	CreateTargetHttpProxy(proxy *compute.TargetHttpProxy) error
	DeleteTargetHttpProxy(name string) error
	SetUrlMapForTargetHttpProxy(proxy *compute.TargetHttpProxy, urlMap *compute.UrlMap) error

	// TargetHttpsProxies
	GetTargetHttpsProxy(name string) (*compute.TargetHttpsProxy, error)
	CreateTargetHttpsProxy(proxy *compute.TargetHttpsProxy) error
	DeleteTargetHttpsProxy(name string) error
	SetUrlMapForTargetHttpsProxy(proxy *compute.TargetHttpsProxy, urlMap *compute.UrlMap) error
	SetSslCertificateForTargetHttpsProxy(proxy *compute.TargetHttpsProxy, SSLCerts []*compute.SslCertificate) error

	// SslCertificates
	GetSslCertificate(name string) (*compute.SslCertificate, error)
	ListSslCertificates() ([]*compute.SslCertificate, error)
	CreateSslCertificate(certs *compute.SslCertificate) (*compute.SslCertificate, error)
	DeleteSslCertificate(name string) error

	ReserveGlobalAddress(addr *compute.Address) error
	GetGlobalAddress(name string) (*compute.Address, error)
	DeleteGlobalAddress(name string) error
}

LoadBalancers is an interface for managing all the gce resources needed by L7 loadbalancers. We don't have individual pools for each of these resources because none of them are usable (or acquirable) stand-alone, unlinke backends and instance groups. The dependency graph: ForwardingRule -> UrlMaps -> TargetProxies

type TLSCerts

type TLSCerts struct {
	// Key is private key.
	Key string
	// Cert is a public key.
	Cert string
	// Chain is a certificate chain.
	Chain string
	Name  string
	// md5 hash(first 8 bytes) of the cert contents
	CertHash string
}

TLSCerts encapsulates .pem encoded TLS information.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL