kubernetes

package
v0.0.0-...-8778e57 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 25, 2022 License: Apache-2.0 Imports: 46 Imported by: 5

Documentation

Index

Constants

View Source 
const (
	KubesharkResourcesPrefix   = "ks-"
	ApiServerPodName           = KubesharkResourcesPrefix + "hub"
	ClusterRoleBindingName     = KubesharkResourcesPrefix + "cluster-role-binding"
	ClusterRoleName            = KubesharkResourcesPrefix + "cluster-role"
	K8sAllNamespaces           = ""
	RoleBindingName            = KubesharkResourcesPrefix + "role-binding"
	RoleName                   = KubesharkResourcesPrefix + "role"
	ServiceAccountName         = KubesharkResourcesPrefix + "service-account"
	TapperDaemonSetName        = KubesharkResourcesPrefix + "worker-daemon-set"
	TapperPodName              = KubesharkResourcesPrefix + "worker"
	ConfigMapName              = KubesharkResourcesPrefix + "config"
	MinKubernetesServerVersion = "1.16.0"
)
View Source 
const (
	LabelPrefixApp           = "app.kubernetes.io/"
	LabelManagedBy           = LabelPrefixApp + "managed-by"
	LabelCreatedBy           = LabelPrefixApp + "created-by"
	LabelValueKubeshark      = "kubeshark"
	LabelValueKubesharkCLI   = "kubeshark-cli"
	LabelValueKubesharkAgent = "kubeshark-agent"
)
View Source 
const (
	EventAdded    = watch.Added
	EventModified = watch.Modified
	EventDeleted  = watch.Deleted
	EventBookmark = watch.Bookmark
	EventError    = watch.Error
)

Variables

This section is empty.

Functions

func FilteredWatch 

func FilteredWatch(ctx context.Context, watcherCreator WatchCreator, targetNamespaces []string, filterer EventFilterer) (<-chan *WatchEvent, <-chan error)

func GetLocalhostOnPort 

func GetLocalhostOnPort(port uint16) string

func GetNodeHostToTappedPodsMap 

func GetNodeHostToTappedPodsMap(tappedPods []core.Pod) shared.NodeToPodsMap

func GetPodInfosForPods 

func GetPodInfosForPods(pods []core.Pod) []*shared.PodInfo

func IsPodRunning 

func IsPodRunning(pod *core.Pod) bool

func NewPortForward 

func NewPortForward(kubernetesProvider *Provider, namespace string, podRegex *regexp.Regexp, srcPort uint16, dstPort uint16, ctx context.Context, cancel context.CancelFunc) (*portforward.PortForwarder, error)

func StartProxy 

func StartProxy(kubernetesProvider *Provider, proxyHost string, srcPort uint16, dstPort uint16, kubesharkNamespace string, kubesharkServiceName string, cancel context.CancelFunc) (*http.Server, error)

func ValidateKubernetesVersion 

func ValidateKubernetesVersion(serverVersionSemVer *semver.SemVersion) error

Types

type ApiServerOptions 

type ApiServerOptions struct {
	Namespace             string
	PodName               string
	PodImage              string
	KratosImage           string
	KetoImage             string
	ServiceAccountName    string
	IsNamespaceRestricted bool
	MaxEntriesDBSizeBytes int64
	Resources             shared.Resources
	ImagePullPolicy       core.PullPolicy
	LogLevel              logging.Level
	Profiler              bool
}

type ClusterBehindProxyError 

type ClusterBehindProxyError struct{}

func (*ClusterBehindProxyError) Error 

func (e *ClusterBehindProxyError) Error() string

ClusterBehindProxyError implements the Error interface.

type EventFilterer 

type EventFilterer interface {
	Filter(*WatchEvent) (bool, error)
}

type EventWatchHelper 

type EventWatchHelper struct {
	NameRegexFilter *regexp.Regexp
	Kind            string
	// contains filtered or unexported fields
}

func NewEventWatchHelper 

func NewEventWatchHelper(kubernetesProvider *Provider, NameRegexFilter *regexp.Regexp, kind string) *EventWatchHelper

func (*EventWatchHelper) Filter 

func (wh *EventWatchHelper) Filter(wEvent *WatchEvent) (bool, error)

Implements the EventFilterer Interface

func (*EventWatchHelper) NewWatcher 

func (wh *EventWatchHelper) NewWatcher(ctx context.Context, namespace string) (watch.Interface, error)

Implements the WatchCreator Interface

type InvalidObjectType 

type InvalidObjectType struct {
	RequestedType reflect.Type
}

func (*InvalidObjectType) Error 

func (iot *InvalidObjectType) Error() string

Implements the error interface

type K8sTapManagerError 

type K8sTapManagerError struct {
	OriginalError    error
	TapManagerReason K8sTapManagerErrorReason
}

func (*K8sTapManagerError) Error 

func (e *K8sTapManagerError) Error() string

K8sTapManagerError implements the Error interface.

type K8sTapManagerErrorReason 

type K8sTapManagerErrorReason string
const (
	TapManagerTapperUpdateError K8sTapManagerErrorReason = "TAPPER_UPDATE_ERROR"
	TapManagerPodWatchError     K8sTapManagerErrorReason = "POD_WATCH_ERROR"
	TapManagerPodListError      K8sTapManagerErrorReason = "POD_LIST_ERROR"
)

type KubesharkTapperSyncer 

type KubesharkTapperSyncer struct {
	CurrentlyTappedPods []core.Pod

	TapPodChangesOut       chan TappedPodChangeEvent
	TapperStatusChangedOut chan shared.TapperStatus
	ErrorOut               chan K8sTapManagerError
	// contains filtered or unexported fields
}

KubesharkTapperSyncer uses a k8s pod watch to update tapper daemonsets when targeted pods are removed or created

func CreateAndStartKubesharkTapperSyncer 

func CreateAndStartKubesharkTapperSyncer(ctx context.Context, kubernetesProvider *Provider, config TapperSyncerConfig, startTime time.Time) (*KubesharkTapperSyncer, error)

type PodWatchHelper 

type PodWatchHelper struct {
	NameRegexFilter *regexp.Regexp
	// contains filtered or unexported fields
}

func NewPodWatchHelper 

func NewPodWatchHelper(kubernetesProvider *Provider, NameRegexFilter *regexp.Regexp) *PodWatchHelper

func (*PodWatchHelper) Filter 

func (wh *PodWatchHelper) Filter(wEvent *WatchEvent) (bool, error)

Implements the EventFilterer Interface

func (*PodWatchHelper) NewWatcher 

func (wh *PodWatchHelper) NewWatcher(ctx context.Context, namespace string) (watch.Interface, error)

Implements the WatchCreator Interface

type Provider 

type Provider struct {
	// contains filtered or unexported fields
}

func NewProvider 

func NewProvider(kubeConfigPath string, contextName string) (*Provider, error)

func NewProviderInCluster 

func NewProviderInCluster() (*Provider, error)

NewProviderInCluster Used in another repo that calls this function

func (*Provider) ApplyKubesharkTapperDaemonSet 

func (provider *Provider) ApplyKubesharkTapperDaemonSet(ctx context.Context, namespace string, daemonSetName string, podImage string, tapperPodName string, apiServerPodIp string, nodeNames []string, serviceAccountName string, resources shared.Resources, imagePullPolicy core.PullPolicy, kubesharkApiFilteringOptions api.TrafficFilteringOptions, logLevel logging.Level, serviceMesh bool, tls bool, maxLiveStreams int) error

func (*Provider) BuildApiServerPod 

func (provider *Provider) BuildApiServerPod(opts *ApiServerOptions, mountVolumeClaim bool, volumeClaimName string, createAuthContainer bool) (*core.Pod, error)

func (*Provider) BuildFrontPod 

func (provider *Provider) BuildFrontPod(opts *ApiServerOptions, mountVolumeClaim bool, volumeClaimName string, createAuthContainer bool) (*core.Pod, error)

func (*Provider) CanI 

func (provider *Provider) CanI(ctx context.Context, namespace string, resource string, verb string, group string) (bool, error)

func (*Provider) CreateConfigMap 

func (provider *Provider) CreateConfigMap(ctx context.Context, namespace string, configMapName string, serializedKubesharkConfig string) error

func (*Provider) CreateKubesharkRBAC 

func (provider *Provider) CreateKubesharkRBAC(ctx context.Context, namespace string, serviceAccountName string, clusterRoleName string, clusterRoleBindingName string, version string, resources []string) error

func (*Provider) CreateKubesharkRBACNamespaceRestricted 

func (provider *Provider) CreateKubesharkRBACNamespaceRestricted(ctx context.Context, namespace string, serviceAccountName string, roleName string, roleBindingName string, version string) error

func (*Provider) CreateNamespace 

func (provider *Provider) CreateNamespace(ctx context.Context, name string) (*core.Namespace, error)

func (*Provider) CreatePod 

func (provider *Provider) CreatePod(ctx context.Context, namespace string, podSpec *core.Pod) (*core.Pod, error)

func (*Provider) CreateService 

func (provider *Provider) CreateService(ctx context.Context, namespace string, serviceName string, appLabelValue string, targetPort int, port int32, nodePort int32) (*core.Service, error)

func (*Provider) CurrentNamespace 

func (provider *Provider) CurrentNamespace() (string, error)

func (*Provider) DoesClusterRoleBindingExist 

func (provider *Provider) DoesClusterRoleBindingExist(ctx context.Context, name string) (bool, error)

func (*Provider) DoesClusterRoleExist 

func (provider *Provider) DoesClusterRoleExist(ctx context.Context, name string) (bool, error)

func (*Provider) DoesConfigMapExist 

func (provider *Provider) DoesConfigMapExist(ctx context.Context, namespace string, name string) (bool, error)

func (*Provider) DoesNamespaceExist 

func (provider *Provider) DoesNamespaceExist(ctx context.Context, name string) (bool, error)

func (*Provider) DoesRoleBindingExist 

func (provider *Provider) DoesRoleBindingExist(ctx context.Context, namespace string, name string) (bool, error)

func (*Provider) DoesRoleExist 

func (provider *Provider) DoesRoleExist(ctx context.Context, namespace string, name string) (bool, error)

func (*Provider) DoesServiceAccountExist 

func (provider *Provider) DoesServiceAccountExist(ctx context.Context, namespace string, name string) (bool, error)

func (*Provider) DoesServiceExist 

func (provider *Provider) DoesServiceExist(ctx context.Context, namespace string, name string) (bool, error)

func (*Provider) GetKubernetesVersion 

func (provider *Provider) GetKubernetesVersion() (*semver.SemVersion, error)

func (*Provider) GetNamespaceEvents 

func (provider *Provider) GetNamespaceEvents(ctx context.Context, namespace string) (string, error)

func (*Provider) GetPod 

func (provider *Provider) GetPod(ctx context.Context, namespaces string, podName string) (*core.Pod, error)

func (*Provider) GetPodLogs 

func (provider *Provider) GetPodLogs(ctx context.Context, namespace string, podName string, containerName string) (string, error)

func (*Provider) ListAllNamespaces 

func (provider *Provider) ListAllNamespaces(ctx context.Context) ([]core.Namespace, error)

func (*Provider) ListAllPodsMatchingRegex 

func (provider *Provider) ListAllPodsMatchingRegex(ctx context.Context, regex *regexp.Regexp, namespaces []string) ([]core.Pod, error)

func (*Provider) ListAllRunningPodsMatchingRegex 

func (provider *Provider) ListAllRunningPodsMatchingRegex(ctx context.Context, regex *regexp.Regexp, namespaces []string) ([]core.Pod, error)

func (*Provider) ListManagedClusterRoleBindings 

func (provider *Provider) ListManagedClusterRoleBindings(ctx context.Context) (*rbac.ClusterRoleBindingList, error)

func (*Provider) ListManagedClusterRoles 

func (provider *Provider) ListManagedClusterRoles(ctx context.Context) (*rbac.ClusterRoleList, error)

func (*Provider) ListManagedRoleBindings 

func (provider *Provider) ListManagedRoleBindings(ctx context.Context, namespace string) (*rbac.RoleBindingList, error)

func (*Provider) ListManagedRoles 

func (provider *Provider) ListManagedRoles(ctx context.Context, namespace string) (*rbac.RoleList, error)

func (*Provider) ListManagedServiceAccounts 

func (provider *Provider) ListManagedServiceAccounts(ctx context.Context, namespace string) (*core.ServiceAccountList, error)

func (*Provider) ListPodsByAppLabel 

func (provider *Provider) ListPodsByAppLabel(ctx context.Context, namespaces string, labelName string) ([]core.Pod, error)

func (*Provider) RemoveClusterRole 

func (provider *Provider) RemoveClusterRole(ctx context.Context, name string) error

func (*Provider) RemoveClusterRoleBinding 

func (provider *Provider) RemoveClusterRoleBinding(ctx context.Context, name string) error

func (*Provider) RemoveConfigMap 

func (provider *Provider) RemoveConfigMap(ctx context.Context, namespace string, configMapName string) error

func (*Provider) RemoveDaemonSet 

func (provider *Provider) RemoveDaemonSet(ctx context.Context, namespace string, daemonSetName string) error

func (*Provider) RemoveNamespace 

func (provider *Provider) RemoveNamespace(ctx context.Context, name string) error

func (*Provider) RemovePod 

func (provider *Provider) RemovePod(ctx context.Context, namespace string, podName string) error

func (*Provider) RemoveRole 

func (provider *Provider) RemoveRole(ctx context.Context, namespace string, name string) error

func (*Provider) RemoveRoleBinding 

func (provider *Provider) RemoveRoleBinding(ctx context.Context, namespace string, name string) error

func (*Provider) RemoveService 

func (provider *Provider) RemoveService(ctx context.Context, namespace string, serviceName string) error

func (*Provider) RemoveServiceAccount 

func (provider *Provider) RemoveServiceAccount(ctx context.Context, namespace string, name string) error

func (*Provider) ResetKubesharkTapperDaemonSet 

func (provider *Provider) ResetKubesharkTapperDaemonSet(ctx context.Context, namespace string, daemonSetName string, podImage string, tapperPodName string) error

func (*Provider) ValidateNotProxy 

func (provider *Provider) ValidateNotProxy() error

ValidateNotProxy We added this after a customer tried to run kubeshark from lens, which used len's kube config, which have cluster server configuration, which points to len's local proxy. The workaround was to use the user's local default kube config. For now - we are blocking the option to run kubeshark through a proxy to k8s server

func (*Provider) WaitUtilNamespaceDeleted 

func (provider *Provider) WaitUtilNamespaceDeleted(ctx context.Context, name string) error

type TappedPodChangeEvent 

type TappedPodChangeEvent struct {
	Added   []core.Pod
	Removed []core.Pod
}

type TapperSyncerConfig 

type TapperSyncerConfig struct {
	TargetNamespaces              []string
	PodFilterRegex                regexp.Regexp
	KubesharkResourcesNamespace   string
	AgentImage                    string
	TapperResources               shared.Resources
	ImagePullPolicy               core.PullPolicy
	LogLevel                      logging.Level
	KubesharkApiFilteringOptions  api.TrafficFilteringOptions
	KubesharkServiceAccountExists bool
	ServiceMesh                   bool
	Tls                           bool
	MaxLiveStreams                int
}

type WatchCreator 

type WatchCreator interface {
	NewWatcher(ctx context.Context, namespace string) (watch.Interface, error)
}

type WatchEvent 

type WatchEvent watch.Event

func (*WatchEvent) ToError 

func (we *WatchEvent) ToError() error

func (*WatchEvent) ToEvent 

func (we *WatchEvent) ToEvent() (*eventsv1.Event, error)

func (*WatchEvent) ToPod 

func (we *WatchEvent) ToPod() (*corev1.Pod, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.