sidecarcontrol

package
v1.6.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 3, 2024 License: Apache-2.0 Imports: 38 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	SidecarSetKindName = "kruise.io/sidecarset-name"

	// SidecarSetHashAnnotation represents the key of a sidecarSet hash
	SidecarSetHashAnnotation = "kruise.io/sidecarset-hash"
	// SidecarSetHashWithoutImageAnnotation represents the key of a sidecarset hash without images of sidecar
	SidecarSetHashWithoutImageAnnotation = "kruise.io/sidecarset-hash-without-image"

	// SidecarSetListAnnotation represent sidecarset list that injected pods
	SidecarSetListAnnotation = "kruise.io/sidecarset-injected-list"

	// SidecarEnvKey specifies the environment variable which record a container as injected
	SidecarEnvKey = "IS_INJECTED"

	// SidecarsetInplaceUpdateStateKey records the state of inplace-update.
	// The value of annotation is SidecarsetInplaceUpdateStateKey.
	SidecarsetInplaceUpdateStateKey string = "kruise.io/sidecarset-inplace-update-state"

	// SidecarSetUpgradable is a pod condition to indicate whether the pod's sidecarset is upgradable
	SidecarSetUpgradable corev1.PodConditionType = "SidecarSetUpgradable"
)
View Source 
const (
	// SidecarSetWorkingHotUpgradeContainer records which hot upgrade container is working currently
	SidecarSetWorkingHotUpgradeContainer = "kruise.io/sidecarset-working-hotupgrade-container"

	// SidecarSetVersionEnvKey is sidecar container version in container env(SIDECARSET_VERSION)
	SidecarSetVersionEnvKey = "SIDECARSET_VERSION"
	// SidecarSetVersionAltEnvKey is container version env in the other sidecar container of the same hotupgrade sidecar(SIDECARSET_VERSION_ALT)
	SidecarSetVersionAltEnvKey = "SIDECARSET_VERSION_ALT"
)

Variables

View Source 
var (
	// SidecarIgnoredNamespaces specifies the namespaces where Pods won't get injected
	// SidecarIgnoredNamespaces = []string{"kube-system", "kube-public"}
	// SubPathExprEnvReg format: $(ODD_NAME)、$(POD_NAME)...
	SubPathExprEnvReg, _ = regexp.Compile(`\$\(([-._a-zA-Z][-._a-zA-Z0-9]*)\)`)

	UpdateExpectations = expectations.NewUpdateExpectations(RevisionAdapterImpl)
)
View Source 
var (
	RevisionAdapterImpl = &revisionAdapterImpl{}
)

Functions

func ConvertDownwardAPIFieldLabel added in v0.10.2 

func ConvertDownwardAPIFieldLabel(version, label, value string) (string, string, error)

code lifted from https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/core/pods/helpers.go ConvertDownwardAPIFieldLabel converts the specified downward API field label and its value in the pod of the specified version to the internal version, and returns the converted label and value. This function returns an error if the conversion fails.

func ExtractContainerNameFromFieldPath added in v0.10.2 

func ExtractContainerNameFromFieldPath(fs *corev1.ObjectFieldSelector, pod *corev1.Pod) (string, error)

func FetchSidecarSetMatchedNamespace added in v1.4.0 

func FetchSidecarSetMatchedNamespace(c client.Client, sidecarSet *appsv1alpha1.SidecarSet) (sets.String, error)

FetchSidecarSetMatchedNamespace fetch sidecarSet matched namespaces

func GetHotUpgradeContainerName added in v0.9.0 

func GetHotUpgradeContainerName(name string) (string, string)

GetHotUpgradeContainerName returns format: mesh-1, mesh-2

func GetInjectedVolumeMountsAndEnvs 

func GetInjectedVolumeMountsAndEnvs(control SidecarControl, sidecarContainer *appsv1alpha1.SidecarContainer, pod *corev1.Pod) ([]corev1.VolumeMount, []corev1.EnvVar)

func GetPodHotUpgradeContainers added in v0.9.0 

func GetPodHotUpgradeContainers(sidecarName string, pod *corev1.Pod) (workContainer, otherContainer string)

GetPodHotUpgradeContainers return two hot upgrade sidecar containers workContainer: currently working sidecar container, record in pod annotations[kruise.io/sidecarset-working-hotupgrade-container] otherContainer:

  1. empty container
  2. when in hot upgrading process, the older sidecar container

func GetPodHotUpgradeInfoInAnnotations added in v0.9.0 

func GetPodHotUpgradeInfoInAnnotations(pod *corev1.Pod) map[string]string

GetPodHotUpgradeInfoInAnnotations checks which hot upgrade sidecar container is working now format: sidecarset.spec.container[x].name -> pod.spec.container[x].name for example: mesh -> mesh-1, envoy -> envoy-2

func GetPodSidecarSetControllerRevision added in v1.0.1 

func GetPodSidecarSetControllerRevision(sidecarSetName string, pod metav1.Object) string

func GetPodSidecarSetRevision 

func GetPodSidecarSetRevision(sidecarSetName string, pod metav1.Object) string

func GetPodSidecarSetVersionAltAnnotation added in v0.9.0 

func GetPodSidecarSetVersionAltAnnotation(cName string) string

func GetPodSidecarSetVersionAnnotation added in v0.9.0 

func GetPodSidecarSetVersionAnnotation(cName string) string

GetPodSidecarSetVersionAnnotation is only used in hot upgrade container cName format: mesh-1, mesh-2

func GetPodSidecarSetWithoutImageRevision 

func GetPodSidecarSetWithoutImageRevision(sidecarSetName string, pod metav1.Object) string

func GetPodsSortFunc 

func GetPodsSortFunc(pods []*corev1.Pod, waitUpdateIndexes []int) func(i, j int) bool

func GetSidecarContainersInPod 

func GetSidecarContainersInPod(sidecarSet *appsv1alpha1.SidecarSet) sets.String

func GetSidecarSetRevision 

func GetSidecarSetRevision(sidecarSet *appsv1alpha1.SidecarSet) string

func GetSidecarSetWithoutImageRevision 

func GetSidecarSetWithoutImageRevision(sidecarSet *appsv1alpha1.SidecarSet) string

func GetSidecarTransferEnvs 

func GetSidecarTransferEnvs(sidecarContainer *appsv1alpha1.SidecarContainer, pod *corev1.Pod) (injectedEnvs []corev1.EnvVar)

func IsActivePod 

func IsActivePod(pod *corev1.Pod) bool

IsActivePod determines the pod whether need be injected and updated

func IsHotUpgradeContainer added in v0.9.0 

func IsHotUpgradeContainer(sidecarContainer *appsv1alpha1.SidecarContainer) bool

IsHotUpgradeContainer indicates whether sidecar container update strategy is HotUpdate

func IsInjectedSidecarContainerInPod 

func IsInjectedSidecarContainerInPod(container *corev1.Container) bool

func IsPodConsistentWithSidecarSet added in v1.0.1 

func IsPodConsistentWithSidecarSet(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet) bool

func IsPodInjectedSidecarSet added in v1.0.1 

func IsPodInjectedSidecarSet(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet) bool

func IsPodSidecarUpdated 

func IsPodSidecarUpdated(sidecarSet *appsv1alpha1.SidecarSet, pod *corev1.Pod) bool

whether this pod has been updated based on the latest sidecarSet

func IsSelectorNamespace added in v1.4.0 

func IsSelectorNamespace(c client.Client, ns string, nsSelector *metav1.LabelSelector) bool

func IsSharePodVolumeMounts 

func IsSharePodVolumeMounts(container *appsv1alpha1.SidecarContainer) bool

func IsSidecarContainerUpdateCompleted added in v0.10.0 

func IsSidecarContainerUpdateCompleted(pod *v1.Pod, sidecarSets, containers sets.String) bool

isContainerInplaceUpdateCompleted checks whether imageID in container status has been changed since in-place update. If the imageID in containerStatuses has not been changed, we assume that kubelet has not updated containers in Pod.

func MockSidecarSetForRevision added in v1.3.0 

func MockSidecarSetForRevision(set *appsv1alpha1.SidecarSet) metav1.Object

func PatchPodMetadata added in v1.3.0 

func PatchPodMetadata(originMetadata *metav1.ObjectMeta, patches []appsv1alpha1.SidecarSetPatchPodMetadata) (skip bool, err error)

PatchPodMetadata patch pod annotations and labels

func PodMatchedSidecarSet 

func PodMatchedSidecarSet(c client.Client, pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet) (bool, error)

PodMatchSidecarSet determines if pod match Selector of sidecar.

func SidecarSetHash added in v1.3.0 

func SidecarSetHash(sidecarSet *appsv1alpha1.SidecarSet) (string, error)

SidecarSetHash returns a hash of the SidecarSet. The Containers are taken into account.

func SidecarSetHashWithoutImage added in v1.3.0 

func SidecarSetHashWithoutImage(sidecarSet *appsv1alpha1.SidecarSet) (string, error)

SidecarSetHashWithoutImage calculates sidecars's container hash without its image we use this to determine if the sidecar reconcile needs to update a pod image

func UpdatePodSidecarSetHash added in v1.3.0 

func UpdatePodSidecarSetHash(pod *corev1.Pod, sidecarSet *appsv1alpha1.SidecarSet)

UpdatePodSidecarSetHash when sidecarSet in-place update sidecar container, Update sidecarSet hash in Pod annotations[kruise.io/sidecarset-hash]

func ValidateSidecarSetPatchMetadataWhitelist added in v1.3.0 

func ValidateSidecarSetPatchMetadataWhitelist(c client.Client, sidecarSet *appsv1alpha1.SidecarSet) error

Types

type HistoryControl added in v1.0.1 

type HistoryControl interface {
	CreateControllerRevision(parent metav1.Object, revision *apps.ControllerRevision, collisionCount *int32) (*apps.ControllerRevision, error)
	NewRevision(s *appsv1alpha1.SidecarSet, namespace string, revision int64, collisionCount *int32) (*apps.ControllerRevision, error)
	NextRevision(revisions []*apps.ControllerRevision) int64
	GetRevisionSelector(s *appsv1alpha1.SidecarSet) labels.Selector
	GetHistorySidecarSet(sidecarSet *appsv1alpha1.SidecarSet, revisionInfo *appsv1alpha1.SidecarSetInjectRevision) (*appsv1alpha1.SidecarSet, error)
}

func NewHistoryControl added in v1.0.1 

func NewHistoryControl(client client.Client) HistoryControl

type SidecarControl 

type SidecarControl interface {
	//*****common*****//
	// get sidecarset
	GetSidecarset() *appsv1alpha1.SidecarSet
	// when sidecarSet is not active, it will not perform injections and upgrades process.
	// You can re-implement the function IsActiveSidecarSet to indicate that this sidecarSet is no longer working by adding some sidecarSet flags,
	// for example: sidecarSet.Annotations[sidecarset.kruise.io/disabled] = "true"
	IsActiveSidecarSet() bool

	//*****inject portion*****//
	// whether need inject the volumeMount into container
	// when ShareVolumePolicy is enabled, the sidecar container will share the other container's VolumeMounts in the pod(don't contains the injected sidecar container).
	// You can reimplement the function NeedToInjectVolumeMount to filter out some of the volumes that don't need to be shared
	NeedToInjectVolumeMount(volumeMount v1.VolumeMount) bool
	// when update pod, judge whether inject sidecar container into pod
	// one can customize validation to allow sidecar addition after pod creation, and reimplement NeedToInjectInUpdatedPod to enable such injection in sidecarset
	NeedToInjectInUpdatedPod(pod, oldPod *v1.Pod, sidecarContainer *appsv1alpha1.SidecarContainer, injectedEnvs []v1.EnvVar,
		injectedMounts []v1.VolumeMount) (needInject bool, existSidecars []*appsv1alpha1.SidecarContainer, existVolumes []v1.Volume)
	// IsPodAvailabilityChanged check whether pod changed on updating trigger re-inject sidecar container
	// For update pod injection sidecar container scenario, this method can filter out many invalid update events, thus improving the overall webhook performance.
	IsPodAvailabilityChanged(pod, oldPod *v1.Pod) bool

	//*****upgrade portion*****//
	// IsPodStateConsistent indicates whether pod.spec and pod.status are consistent after updating the sidecar containers
	IsPodStateConsistent(pod *v1.Pod, sidecarContainers sets.String) bool
	// IsPodReady indicates whether pod is fully ready
	// 1. pod.Status.Phase == v1.PodRunning
	// 2. pod.condition PodReady == true
	// 3. whether empty sidecar container is HotUpgradeEmptyImage
	IsPodReady(pod *v1.Pod) bool
	// upgrade pod sidecar container to sidecarSet latest version
	// if container==nil means no change, no need to update, otherwise need to update
	UpgradeSidecarContainer(sidecarContainer *appsv1alpha1.SidecarContainer, pod *v1.Pod) *v1.Container
	// When upgrading the pod sidecar container, you need to record some in-place upgrade information in pod annotations,
	// which is needed by the sidecarset controller to determine whether the upgrade is completed.
	UpdatePodAnnotationsInUpgrade(changedContainers []string, pod *v1.Pod)
	// Is sidecarset can upgrade pods,
	// In Kubernetes native scenarios, only Container Image upgrades are allowed
	// When modifying other fields of the container, e.g. volumemounts, the sidecarSet will not depart to upgrade the sidecar container logic in-place,
	// and needs to be done by rebuilding the pod
	// consistent indicates pod.spec and pod.status is consistent,
	// when pod.spec.image is v2 and pod.status.image is v1, then it is inconsistent.
	IsSidecarSetUpgradable(pod *v1.Pod) (canUpgrade, consistent bool)
}

func New 

func New(cs *appsv1alpha1.SidecarSet) SidecarControl

type SidecarSetUpgradeSpec 

type SidecarSetUpgradeSpec struct {
	UpdateTimestamp              metav1.Time `json:"updateTimestamp"`
	SidecarSetHash               string      `json:"hash"`
	SidecarSetName               string      `json:"sidecarSetName"`
	SidecarList                  []string    `json:"sidecarList"`                  // sidecarSet container list
	SidecarSetControllerRevision string      `json:"controllerRevision,omitempty"` // sidecarSet controllerRevision name
}

func GetPodSidecarSetUpgradeSpecInAnnotations added in v0.10.0 

func GetPodSidecarSetUpgradeSpecInAnnotations(sidecarSetName, annotationKey string, pod metav1.Object) SidecarSetUpgradeSpec

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.