k8s

package

v1.0.1 Latest Latest Go to latest Published: Jan 18, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ksong0xd/groupcache

Links

Open Source Insights

README ¶

groupcache/k8s

groupcache/k8s introduces the mechanism to dynamically manage the list of peers of the group cache based on the registered services.

setup

The groupcache/k8s relies on a configuration that the endpoints of the groupcache participants are under a single kubernetes Service.

Also, k8s package requires to have the following parameters:

the pod IP address of itself; it can be specified through an environment variable with fieldRef
the port number for the groupcache.

The initialization code will be:

m, err := k8s.NewPeersManager(
    ctx,
    client,
    serviceName,
    namespace,
    port,
    fmt.Sprintf("%s:%d", self, port),
)

Note that the client is a kubernetes client, which would be typically obtained through InClusterConfig.

By default, the peers manager will set up non-TLS connection among peers, but you could specify connection options by adding extra groupcache.GRPCPoolOption parameters.

NewPeersManager sets up a gRPC peer-picker and also watches endpoint slices to update the peers when changes happen. After the peers manager is created, all you will have to do is to set up a groupcache.Group and combine it with your application code.

See ./example/cmd/main.go for an example.

permissions

This package observes EndpointSlice to produce the list of peers, but it is not allowed by default. You will have to set up a service account, role, and rolebinding for that.

The service account doesn't need any specific content.

apiVersion: v1
kind: ServiceAccount
metadata:
  name: <name>

The role will specify the consumption of endpoint slices, and role-binding will bind the role and the service account.

---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: <name>
rules:
- apiGroups: ["discovery.k8s.io"]
  resources: ["endpointslices"]
  verbs: ["get", "watch", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: <name>
subjects:
- kind: ServiceAccount
  name: <service-account name>
roleRef:
  kind: Role
  name: <role name>
  apiGroup: rbac.authorization.k8s.io

Finally your workload (e.g. podTemplate spec in deployment) needs to specify the service account.

spec:
  containers:
    ...
  serviceAccount: <service-account name>

Documentation ¶

Overview ¶

package k8s provides the utility to use groupcache under kubernetes. See README.md for the details.

Index ¶

type PeersManager
- func NewPeersManager(ctx context.Context, client kubernetes.Interface, serviceName string, ...) (*PeersManager, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type PeersManager ¶

type PeersManager struct {
	// contains filtered or unexported fields
}

func NewPeersManager ¶

func NewPeersManager(
	ctx context.Context,
	client kubernetes.Interface,
	serviceName string,
	namespace string,
	port int,
	self string,
	opts ...groupcache.GRPCPoolOption,
) (*PeersManager, error)

func (*PeersManager) OnAdd ¶

func (pm *PeersManager) OnAdd(obj any, isInInitialList bool)

func (*PeersManager) OnDelete ¶

func (pm *PeersManager) OnDelete(obj any)

func (*PeersManager) OnUpdate ¶

func (pm *PeersManager) OnUpdate(oldObj, newObj any)

func (*PeersManager) Stop ¶

func (pm *PeersManager) Stop()

Source Files ¶

View all Source files

k8s.go

Directories ¶

Path	Synopsis
example
cmd

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL