Documentation ¶
Index ¶
- Constants
- Variables
- func AS3NameFormatter(name string) string
- func DeepEqualJSON(decl1, decl2 as3Declaration) bool
- func JoinBigipPath(partition, objName string) string
- type Agent
- type AgentParams
- type CRInformer
- type CRManager
- func (crMgr *CRManager) ProcessAssociatedExternalDNS(hostnames []string)
- func (crMgr *CRManager) ProcessNodeUpdate(obj interface{}, err error)
- func (crMgr *CRManager) SetupNodePolling(nodePollInterval int, nodeLabelSelector string, vxlanMode string, ...) error
- func (crMgr *CRManager) Start()
- func (crMgr *CRManager) Stop()
- type CustomProfile
- type CustomProfileStore
- type DNSConfig
- type DataGroupNamespaceMap
- type GSLBPool
- type GTMParams
- type IRule
- type IRulesMap
- type InternalDataGroup
- type InternalDataGroupMap
- type InternalDataGroupRecord
- type InternalDataGroupRecords
- type Member
- type Monitor
- type Monitors
- type NSInformer
- type NameRef
- type Node
- type ObjectDependencies
- type ObjectDependency
- type ObjectDependencyMap
- type Params
- type Policies
- type Policy
- type Pool
- type Pools
- type PostManager
- type PostParams
- type ProfileRef
- type ProfileRefs
- type ResourceConfig
- type ResourceConfigMap
- type ResourceConfigWrapper
- type ResourceConfigs
- type Resources
- type Rule
- type Rules
- type SecretKey
- type ServiceAddress
- type ServiceTypeLBHealthMonitor
- type Services
- type SourceAddrTranslation
- type Virtual
- type Virtuals
- type WideIP
- type WideIPs
Constants ¶
const ( // DefaultCustomResourceLabel is a label used for F5 Custom Resources. DefaultCustomResourceLabel = "f5cr in (true)" // VirtualServer is a F5 Custom Resource Kind. VirtualServer = "VirtualServer" // TLSProfile is a F5 Custom Resource Kind TLSProfile = "TLSProfile" // IngressLink is a Custom Resource used by both F5 and Nginx IngressLink = "IngressLink" // TransportServer is a F5 Custom Resource Kind TransportServer = "TransportServer" // ExternalDNS is a F5 Customr Resource Kind ExternalDNS = "ExternalDNS" // IPAM is a F5 Customr Resource Kind IPAM = "IPAM" // Service is a k8s native Service Resource. Service = "Service" // Endpoints is a k8s native Endpoint Resource. Endpoints = "Endpoints" // Namespace is k8s namespace Namespace = "Namespace" NodePortMode = "nodeport" PolicyControlForward = "forwarding" // Namespace for IPAM CRD IPAMNamespace = "kube-system" // TLS Terminations TLSEdge = "edge" TLSReencrypt = "reencrypt" TLSPassthrough = "passthrough" TLSRedirectInsecure = "redirect" TLSAllowInsecure = "allow" TLSNoInsecure = "none" // HTTP Events for LTM Policy HTTPRequest = "HTTPRequest" TLSClientHello = "TLSClientHello" LBServiceIPAMLabelAnnotation = "cis.f5.com/ipamLabel" HealthMonitorAnnotation = "cis.f5.com/health" )
const ( DEFAULT_MODE string = "tcp" DEFAULT_BALANCE string = "round-robin" DEFAULT_HTTP_PORT int32 = 80 DEFAULT_HTTPS_PORT int32 = 443 DEFAULT_SNAT string = "auto" // Constants for CustomProfile.Type as defined in CCCL CustomProfileAll string = "all" CustomProfileClient string = "clientside" CustomProfileServer string = "serverside" // Constants for CustomProfile.PeerCertMode PeerCertRequired = "require" PeerCertIgnored = "ignore" PeerCertDefault = PeerCertIgnored // Constants HttpRedirectIRuleName = "http_redirect_irule" // Constants HttpRedirectNoHostIRuleName = "http_redirect_irule_nohost" // Internal data group for https redirect HttpsRedirectDgName = "https_redirect_dg" TLSIRuleName = "tls_irule" )
const ( // reference for profiles stored in BIG-IP BIGIP = "bigip" // reference for profiles stores as secrets in k8s cluster Secret = "secret" )
constants for TLS references
const ( NotEnabled = iota InvalidInput NotRequested Requested Allocated )
const AbDeploymentDgName = "ab_deployment_dg"
Internal data group for ab deployment routes.
const EdgeHostsDgName = "ssl_edge_servername_dg"
Internal data group for edge termination.
const EdgeServerSslDgName = "ssl_edge_serverssl_dg"
Internal data group for edge termination that maps the host name to the false. This will help Irule to understand ssl should be disabled on serverside.
const ReencryptHostsDgName = "ssl_reencrypt_servername_dg"
Internal data group for reencrypt termination.
const ReencryptServerSslDgName = "ssl_reencrypt_serverssl_dg"
Internal data group for reencrypt termination that maps the host name to the server ssl profile.
const RuleDep = "Rule"
RuleDep defines the rule for choosing a service from multiple services in VirtualServer, mainly by path.
Variables ¶
var DEFAULT_PARTITION string
var K8SCoreServices = [...]string{"kube-dns", "kube-scheduler", "kube-controller-manager", "docker-registry", "kubernetes", "registry-console", "router", "kubelet", "console", "alertmanager-main", "alertmanager-operated", "cluster-monitoring-operator", "grafana", "kube-state-metrics", "node-exporter", "prometheus-k8s", "prometheus-operated", "prometheus-operatorwebconsole"}
Functions ¶
func AS3NameFormatter ¶
AS3NameFormatter formarts resources names according to AS3 convention TODO: Should we use this? Or this will be done in agent?
func DeepEqualJSON ¶
func DeepEqualJSON(decl1, decl2 as3Declaration) bool
func JoinBigipPath ¶
Types ¶
type Agent ¶
type Agent struct { *PostManager Partition string ConfigWriter writer.Writer EventChan chan interface{} PythonDriverPID int // contains filtered or unexported fields }
func NewAgent ¶
func NewAgent(params AgentParams) *Agent
func (*Agent) PostConfig ¶
func (agent *Agent) PostConfig(config ResourceConfigWrapper)
func (Agent) PostGTMConfig ¶
func (agent Agent) PostGTMConfig(config ResourceConfigWrapper)
type AgentParams ¶
type CRInformer ¶
type CRInformer struct {
// contains filtered or unexported fields
}
CRInformer defines the structure of Custom Resource Informer
type CRManager ¶
type CRManager struct { Partition string Agent *Agent ControllerMode string UseNodeInternal bool SSLContext map[string]*v1.Secret TeemData *teem.TeemsData // contains filtered or unexported fields }
CRManager defines the structure of Custom Resource Manager
func NewCRManager ¶
NewCRManager creates a new CRManager Instance.
func (*CRManager) ProcessAssociatedExternalDNS ¶
func (*CRManager) ProcessNodeUpdate ¶
Check for a change in Node state
func (*CRManager) SetupNodePolling ¶
type CustomProfile ¶
type CustomProfile struct { Name string `json:"name"` Partition string `json:"-"` Context string `json:"context"` // 'clientside', 'serverside', or 'all' Cert string `json:"cert"` Key string `json:"key"` ServerName string `json:"serverName,omitempty"` SNIDefault bool `json:"sniDefault,omitempty"` PeerCertMode string `json:"peerCertMode,omitempty"` CAFile string `json:"caFile,omitempty"` }
SSL Profile loaded from Secret or Route object
func NewCustomProfile ¶
func NewCustomProfile( profile ProfileRef, cert, key, serverName string, sni bool, peerCertMode, caFile string, ) CustomProfile
type CustomProfileStore ¶
type CustomProfileStore struct { sync.Mutex Profs map[SecretKey]CustomProfile }
Store of CustomProfiles
func NewCustomProfiles ¶
func NewCustomProfiles() *CustomProfileStore
NewCustomProfiles is a Constructor for CustomProfiles
type DataGroupNamespaceMap ¶
type DataGroupNamespaceMap map[string]*InternalDataGroup
type IRule ¶
type IRule struct { Name string `json:"name"` Partition string `json:"-"` Code string `json:"apiAnonymous"` }
iRules
type InternalDataGroup ¶
type InternalDataGroup struct { Name string `json:"name"` Partition string `json:"-"` Records InternalDataGroupRecords `json:"records"` }
func (*InternalDataGroup) AddOrUpdateRecord ¶
func (idg *InternalDataGroup) AddOrUpdateRecord(name, data string) bool
func (*InternalDataGroup) RemoveRecord ¶
func (idg *InternalDataGroup) RemoveRecord(name string) bool
type InternalDataGroupMap ¶
type InternalDataGroupMap map[NameRef]DataGroupNamespaceMap
type InternalDataGroupRecord ¶
type InternalDataGroupRecords ¶
type InternalDataGroupRecords []InternalDataGroupRecord
func (InternalDataGroupRecords) Len ¶
func (slice InternalDataGroupRecords) Len() int
func (InternalDataGroupRecords) Less ¶
func (slice InternalDataGroupRecords) Less(i, j int) bool
func (InternalDataGroupRecords) Swap ¶
func (slice InternalDataGroupRecords) Swap(i, j int)
type Monitor ¶
type Monitor struct { Name string `json:"name"` Partition string `json:"-"` Interval int `json:"interval,omitempty"` Type string `json:"type,omitempty"` Send string `json:"send,omitempty"` Recv string `json:"recv"` Timeout int `json:"timeout,omitempty"` TargetPort int32 `json:"targetPort,omitempty"` }
Monitor is Pool health monitor
type NSInformer ¶
type NSInformer struct {
// contains filtered or unexported fields
}
type ObjectDependencies ¶
type ObjectDependencies map[ObjectDependency]int
ObjectDependencies contains each dependency and its use count (usually 1)
type ObjectDependency ¶
ObjectDependency TODO => dep can be replaced with internal DS rqkey ObjectDependency identifies a K8s Object
type ObjectDependencyMap ¶
type ObjectDependencyMap map[ObjectDependency]ObjectDependencies
ObjectDependencyMap key is a VirtualServer and the value is a map of other objects it depends on - typically services.
type Params ¶
type Params struct { Config *rest.Config Namespaces []string NamespaceLabel string Partition string Agent *Agent ControllerMode string VXLANName string VXLANMode string UseNodeInternal bool NodePollInterval int NodeLabelSelector string IPAM bool DefaultRouteDomain int }
Params defines parameters
type Policy ¶
type Policy struct { Name string `json:"name"` Partition string `json:"-"` SubPath string `json:"subPath,omitempty"` Controls []string `json:"controls,omitempty"` Description string `json:"description,omitempty"` Legacy bool `json:"legacy,omitempty"` Requires []string `json:"requires,omitempty"` Rules Rules `json:"rules,omitempty"` Strategy string `json:"strategy,omitempty"` }
Policy Virtual policy
type Pool ¶
type Pool struct { Name string `json:"name"` Partition string `json:"-"` ServiceName string `json:"-"` ServicePort int32 `json:"-"` Members []Member `json:"members"` NodeMemberLabel string `json:"-"` MonitorNames []string `json:"monitors,omitempty"` }
Pool config
type PostManager ¶
type PostManager struct { PostParams // contains filtered or unexported fields }
func NewPostManager ¶
func NewPostManager(params PostParams) *PostManager
func (*PostManager) GetBigipAS3Version ¶
func (postMgr *PostManager) GetBigipAS3Version() error
GetBigipAS3Version ...
func (*PostManager) Write ¶
func (postMgr *PostManager) Write( data string, partitions []string, )
Write sets activeConfig with the latest config received, so that configWorker can use latest configuration Write enqueues postChan to unblock configWorker, which gets blocked on postChan
type PostParams ¶
type ProfileRef ¶
type ProfileRef struct { Name string `json:"name"` Partition string `json:"partition"` Context string `json:"context"` // 'clientside', 'serverside', or 'all' // Used as reference to which Namespace/Ingress this profile came from // (for deletion purposes) Namespace string `json:"-"` }
ProfileRef is a Reference to pre-existing profiles
func ConvertStringToProfileRef ¶
func ConvertStringToProfileRef(profileName, context, ns string) ProfileRef
ConvertStringToProfileRef converts strings to profile references
type ProfileRefs ¶
type ProfileRefs []ProfileRef
ProfileRefs is a list of ProfileRef
func (ProfileRefs) Len ¶
func (slice ProfileRefs) Len() int
func (ProfileRefs) Less ¶
func (slice ProfileRefs) Less(i, j int) bool
func (ProfileRefs) Swap ¶
func (slice ProfileRefs) Swap(i, j int)
type ResourceConfig ¶
type ResourceConfig struct { MetaData metaData `json:"-"` Virtual Virtual `json:"virtual,omitempty"` Pools Pools `json:"pools,omitempty"` Policies Policies `json:"policies,omitempty"` Monitors []Monitor `json:"monitors,omitempty"` ServiceAddress []ServiceAddress `json:"serviceAddress,omitempty"` IRulesMap IRulesMap IntDgMap InternalDataGroupMap // contains filtered or unexported fields }
ResourceConfig is a Config for a single VirtualServer.
func (*ResourceConfig) FindPolicy ¶
func (rc *ResourceConfig) FindPolicy(controlType string) *Policy
FindPolicy gets the information of a policy
func (*ResourceConfig) GetName ¶
func (cfg *ResourceConfig) GetName() string
func (*ResourceConfig) SetPolicy ¶
func (rc *ResourceConfig) SetPolicy(policy Policy)
SetPolicy sets a policy
type ResourceConfigMap ¶
type ResourceConfigMap map[string]*ResourceConfig
ResourceConfigMap key is resource name, value is pointer to config. May be shared.
type ResourceConfigWrapper ¶
type ResourceConfigWrapper struct {
// contains filtered or unexported fields
}
type ResourceConfigs ¶
type ResourceConfigs []*ResourceConfig
ResourceConfigs is group of ResourceConfig
func (ResourceConfigs) GetAllPoolMembers ¶
func (rcs ResourceConfigs) GetAllPoolMembers() []Member
type Resources ¶
Resources is Map of Resource configs
func (*Resources) GetAllResources ¶
func (rs *Resources) GetAllResources() ResourceConfigs
GetAllResources is list of all resource configs
type Rule ¶
type Rule struct { Name string `json:"name"` FullURI string `json:"-"` Ordinal int `json:"ordinal,omitempty"` Actions []*action `json:"actions,omitempty"` Conditions []*condition `json:"conditions,omitempty"` }
Rule config for a Policy
type ServiceAddress ¶
type ServiceAddress struct { ArpEnabled bool `json:"arpEnabled,omitempty"` ICMPEcho string `json:"icmpEcho,omitempty"` RouteAdvertisement string `json:"routeAdvertisement,omitempty"` TrafficGroup string `json:"trafficGroup,omitempty"` SpanningEnabled bool `json:"spanningEnabled,omitempty"` }
ServiceAddress Service IP address definition (BIG-IP virtual-address).
type ServiceTypeLBHealthMonitor ¶
type ServiceTypeLBHealthMonitor struct { Interval int `json:"interval"` Timeout int `json:"timeout"` }
This is the format for each item in the health monitor annotation used in the ServiceType LB objects.
type SourceAddrTranslation ¶
SourceAddrTranslation is Virtual Server Source Address Translation
type Virtual ¶
type Virtual struct { Name string `json:"name"` PoolName string `json:"pool,omitempty"` Partition string `json:"-"` Destination string `json:"destination"` Enabled bool `json:"enabled"` IpProtocol string `json:"ipProtocol,omitempty"` SourceAddrTranslation SourceAddrTranslation `json:"sourceAddressTranslation,omitempty"` Policies []nameRef `json:"policies,omitempty"` Profiles ProfileRefs `json:"profiles,omitempty"` IRules []string `json:"rules,omitempty"` Description string `json:"description,omitempty"` VirtualAddress *virtualAddress `json:"-"` SNAT string `json:"snat,omitempty"` WAF string `json:"waf,omitempty"` Mode string `json:"mode,omitempty"` TranslateServerAddress bool `json:"translateServerAddress"` TranslateServerPort bool `json:"translateServerPort"` Source string `json:"source,omitempty"` AllowVLANs []string `json:"allowVlans,omitempty"` PersistenceMethods []string `json:"-"` }
Virtual server config
func (*Virtual) AddOrUpdateProfile ¶
func (v *Virtual) AddOrUpdateProfile(prof ProfileRef) bool
AddOrUpdateProfile updates profile to rsCfg
func (*Virtual) SetVirtualAddress ¶
SetVirtualAddress sets a VirtualAddress