Documentation
¶
Index ¶
- Constants
- type API
- type APIAccess
- type APICollection
- type APIGateway
- type APIPortal
- type APIService
- type APIServiceBackendPort
- type AccessControlPolicy
- type AccessControlPolicyAPIKey
- type AccessControlPolicyAPIKeyKey
- type AccessControlPolicyBasicAuth
- type AccessControlPolicyJWT
- type AccessControlPolicyOAuthIntro
- type AccessControlPolicyOIDC
- type AccessControlPolicyOIDCGoogle
- type AuthSession
- type AuthStateCookie
- type ClientConfig
- type ClientConfigAuth
- type Cluster
- type EdgeIngress
- type EdgeIngressACP
- type EdgeIngressService
- type EdgeIngressStatus
- type Fetcher
- type Ingress
- type IngressMeta
- type IngressRoute
- type IngressRouteTLS
- type OpenAPISpec
- type OpenAPISpecLocation
- type ResourceMeta
- type Route
- type RouteService
- type SecretReference
- type Service
- type TLSOptionRef
- type TokenSource
Constants ¶
const ( ResourceKindIngressRoute = "IngressRoute" ResourceKindTraefikService = "TraefikService" ResourceKindTLSOption = "TLSOption" )
Supported Traefik CRD kinds.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type API ¶ added in v1.2.0
type API struct {
Name string `json:"name"`
Namespace string `json:"namespace"`
Labels map[string]string `json:"labels,omitempty"`
PathPrefix string `json:"pathPrefix"`
Service APIService `json:"service"`
}
API holds the definition of an API configuration.
type APIAccess ¶ added in v1.2.0
type APIAccess struct {
Name string `json:"name"`
Labels map[string]string `json:"labels,omitempty"`
Groups []string `json:"groups"`
APISelector *metav1.LabelSelector `json:"apiSelector"`
APICollectionSelector *metav1.LabelSelector `json:"apiCollectionSelector"`
}
APIAccess holds the definition of an APIAccess configuration.
type APICollection ¶ added in v1.2.0
type APICollection struct {
Name string `json:"name"`
Labels map[string]string `json:"labels,omitempty"`
PathPrefix string `json:"pathPrefix,omitempty"`
APISelector metav1.LabelSelector `json:"apiSelector"`
}
APICollection holds the definition of an APICollection resource.
type APIGateway ¶ added in v1.2.0
type APIGateway struct {
Name string `json:"name"`
Labels map[string]string `json:"labels,omitempty"`
APIAccesses []string `json:"apiAccesses,omitempty"`
CustomDomains []string `json:"customDomains,omitempty"`
HubDomain string `json:"hubDomain"`
}
APIGateway holds the definition of an APIGateway resource.
type APIPortal ¶ added in v1.2.0
type APIPortal struct {
Name string `json:"name"`
Description string `json:"description,omitempty"`
APIGateway string `json:"apiGateway"`
CustomDomains []string `json:"customDomains,omitempty"`
HubDomain string `json:"hubDomain"`
}
APIPortal holds the definition of an APIPortal configuration.
type APIService ¶ added in v1.2.0
type APIService struct {
Name string `json:"name"`
Port APIServiceBackendPort `json:"port"`
OpenAPISpec OpenAPISpec `json:"openApiSpec,omitempty"`
}
APIService configures the service to exposed on the edge.
type APIServiceBackendPort ¶ added in v1.2.0
APIServiceBackendPort is the service port being referenced.
type AccessControlPolicy ¶
type AccessControlPolicy struct {
Name string `json:"name"`
Method string `json:"method"`
JWT *AccessControlPolicyJWT `json:"jwt,omitempty"`
APIKey *AccessControlPolicyAPIKey `json:"apiKey,omitempty"`
BasicAuth *AccessControlPolicyBasicAuth `json:"basicAuth,omitempty"`
OIDC *AccessControlPolicyOIDC `json:"oidc,omitempty"`
OIDCGoogle *AccessControlPolicyOIDCGoogle `json:"oidcGoogle,omitempty"`
OAuthIntro *AccessControlPolicyOAuthIntro `json:"oAuthIntro,omitempty"`
}
AccessControlPolicy describes an Access Control Policy configured within a cluster.
type AccessControlPolicyAPIKey ¶ added in v1.2.0
type AccessControlPolicyAPIKey struct {
KeySource TokenSource `json:"keySource,omitempty"`
Keys []AccessControlPolicyAPIKeyKey `json:"keys,omitempty"`
ForwardHeaders map[string]string `json:"forwardHeaders,omitempty"`
}
AccessControlPolicyAPIKey describes the settings for APIKey authentication within an access control policy.
type AccessControlPolicyAPIKeyKey ¶ added in v1.2.0
type AccessControlPolicyAPIKeyKey struct {
ID string `json:"id"`
Metadata map[string]string `json:"metadata"`
Value string `json:"value"` // Redacted.
}
AccessControlPolicyAPIKeyKey defines an API key.
type AccessControlPolicyBasicAuth ¶
type AccessControlPolicyBasicAuth struct {
Users string `json:"users,omitempty"` // Redacted.
Realm string `json:"realm,omitempty"`
StripAuthorizationHeader bool `json:"stripAuthorizationHeader,omitempty"`
ForwardUsernameHeader string `json:"forwardUsernameHeader,omitempty"`
}
AccessControlPolicyBasicAuth holds the HTTP basic authentication configuration.
type AccessControlPolicyJWT ¶
type AccessControlPolicyJWT struct {
SigningSecret string `json:"signingSecret,omitempty"`
SigningSecretBase64Encoded bool `json:"signingSecretBase64Encoded"`
PublicKey string `json:"publicKey,omitempty"`
JWKsFile string `json:"jwksFile,omitempty"`
JWKsURL string `json:"jwksUrl,omitempty"`
StripAuthorizationHeader bool `json:"stripAuthorizationHeader,omitempty"`
ForwardHeaders map[string]string `json:"forwardHeaders,omitempty"`
TokenQueryKey string `json:"tokenQueryKey,omitempty"`
Claims string `json:"claims,omitempty"`
}
AccessControlPolicyJWT describes the settings for JWT authentication within an access control policy.
type AccessControlPolicyOAuthIntro ¶ added in v1.2.0
type AccessControlPolicyOAuthIntro struct {
ClientConfig ClientConfig `json:"clientConfig,omitempty"`
TokenSource TokenSource `json:"tokenSource,omitempty"`
Claims string `json:"claims,omitempty"`
ForwardHeaders map[string]string `json:"forwardHeaders,omitempty"`
}
AccessControlPolicyOAuthIntro holds the OAuth 2.0 token introspection configuration.
type AccessControlPolicyOIDC ¶ added in v0.6.0
type AccessControlPolicyOIDC struct {
Issuer string `json:"issuer,omitempty"`
ClientID string `json:"clientId,omitempty"`
Secret *SecretReference `json:"secret,omitempty"`
RedirectURL string `json:"redirectUrl,omitempty"`
LogoutURL string `json:"logoutUrl,omitempty"`
Scopes []string `json:"scopes,omitempty"`
AuthParams map[string]string `json:"authParams,omitempty"`
StateCookie *AuthStateCookie `json:"stateCookie,omitempty"`
Session *AuthSession `json:"session,omitempty"`
ForwardHeaders map[string]string `json:"forwardHeaders,omitempty"`
Claims string `json:"claims,omitempty"`
}
AccessControlPolicyOIDC holds the OIDC configuration.
type AccessControlPolicyOIDCGoogle ¶ added in v0.6.0
type AccessControlPolicyOIDCGoogle struct {
ClientID string `json:"clientId,omitempty"`
Secret *SecretReference `json:"secret,omitempty"`
RedirectURL string `json:"redirectUrl,omitempty"`
LogoutURL string `json:"logoutUrl,omitempty"`
AuthParams map[string]string `json:"authParams,omitempty"`
StateCookie *AuthStateCookie `json:"stateCookie,omitempty"`
Session *AuthSession `json:"session,omitempty"`
ForwardHeaders map[string]string `json:"forwardHeaders,omitempty"`
Emails []string `json:"emails,omitempty"`
}
AccessControlPolicyOIDCGoogle holds the Google OIDC configuration.
type AuthSession ¶ added in v0.6.0
type AuthSession struct {
Path string `json:"path,omitempty"`
Domain string `json:"domain,omitempty"`
SameSite string `json:"sameSite,omitempty"`
Secure bool `json:"secure,omitempty"`
Refresh *bool `json:"refresh,omitempty"`
}
AuthSession carries session and session cookie configuration.
type AuthStateCookie ¶ added in v0.6.0
type AuthStateCookie struct {
Path string `json:"path,omitempty"`
Domain string `json:"domain,omitempty"`
SameSite string `json:"sameSite,omitempty"`
Secure bool `json:"secure,omitempty"`
}
AuthStateCookie carries the state cookie configuration.
type ClientConfig ¶ added in v1.2.0
type ClientConfig struct {
httpclient.Config
URL string `json:"url,omitempty"`
Auth ClientConfigAuth `json:"auth,omitempty"`
Headers map[string]string `json:"headers,omitempty"`
TokenTypeHint string `json:"tokenTypeHint,omitempty"`
}
ClientConfig configures the HTTP client of the OAuth 2.0 Token Introspection ACP handler.
type ClientConfigAuth ¶ added in v1.2.0
type ClientConfigAuth struct {
Kind string `json:"kind"`
Secret SecretReference `json:"secret"`
}
ClientConfigAuth configures authentication to the Authorization Server.
type Cluster ¶
type Cluster struct {
Ingresses map[string]*Ingress `json:"ingresses"`
IngressRoutes map[string]*IngressRoute `json:"ingressRoutes"`
Services map[string]*Service `json:"services"`
AccessControlPolicies map[string]*AccessControlPolicy `json:"accessControlPolicies"`
EdgeIngresses map[string]*EdgeIngress `json:"edgeIngresses"`
APIs map[string]*API `json:"apis"`
APIAccesses map[string]*APIAccess `json:"apiAccesses"`
APICollections map[string]*APICollection `json:"apiCollections"`
APIPortals map[string]*APIPortal `json:"apiPortals"`
APIGateways map[string]*APIGateway `json:"apiGateways"`
}
Cluster describes a Cluster.
type EdgeIngress ¶ added in v0.6.0
type EdgeIngress struct {
Name string `json:"name"`
Namespace string `json:"namespace"`
Status EdgeIngressStatus `json:"status"`
Service EdgeIngressService `json:"service"`
ACP *EdgeIngressACP `json:"acp,omitempty"`
}
EdgeIngress holds the definition of an EdgeIngress configuration.
type EdgeIngressACP ¶ added in v0.6.0
type EdgeIngressACP struct {
Name string `json:"name"`
}
EdgeIngressACP configures the ACP to use on the Ingress.
type EdgeIngressService ¶ added in v0.6.0
EdgeIngressService configures the service to exposed on the edge.
type EdgeIngressStatus ¶ added in v0.6.0
type EdgeIngressStatus string
EdgeIngressStatus is the exposition status of an edge ingress.
const ( EdgeIngressStatusUp EdgeIngressStatus = "up" EdgeIngressStatusDown EdgeIngressStatus = "down" )
Possible value of the EdgeIngressStatus.
type Fetcher ¶
type Fetcher struct {
// contains filtered or unexported fields
}
Fetcher fetches Kubernetes resources and converts them into a filtered and simplified state.
func NewFetcher ¶
func NewFetcher(ctx context.Context, clientSet clientset.Interface, traefikClientSet traefikclientset.Interface, hubClientSet hubclientset.Interface) (*Fetcher, error)
NewFetcher creates a new Fetcher.
func (*Fetcher) FetchState ¶
FetchState assembles a cluster state from Kubernetes resources.
type Ingress ¶
type Ingress struct {
ResourceMeta
IngressMeta
IngressClassName *string `json:"ingressClassName,omitempty"`
TLS []netv1.IngressTLS `json:"tls,omitempty"`
Rules []netv1.IngressRule `json:"rules,omitempty"`
DefaultBackend *netv1.IngressBackend `json:"defaultBackend,omitempty"`
Services []string `json:"services,omitempty"`
}
Ingress describes an Kubernetes Ingress.
type IngressMeta ¶
type IngressMeta struct {
Annotations map[string]string `json:"annotations,omitempty"`
Labels map[string]string `json:"labels,omitempty"`
}
IngressMeta represents the common Ingress metadata properties.
type IngressRoute ¶
type IngressRoute struct {
ResourceMeta
IngressMeta
TLS *IngressRouteTLS `json:"tls,omitempty"`
Routes []Route `json:"routes,omitempty"`
Services []string `json:"services,omitempty"`
}
IngressRoute describes a Traefik IngressRoute.
type IngressRouteTLS ¶
type IngressRouteTLS struct {
Domains []traefikv1alpha1.Domain `json:"domains,omitempty"`
SecretName string `json:"secretName,omitempty"`
Options *TLSOptionRef `json:"options,omitempty"`
}
IngressRouteTLS represents a simplified Traefik IngressRoute TLS configuration.
type OpenAPISpec ¶ added in v1.2.0
type OpenAPISpec struct {
URL string `json:"url,omitempty"`
Path string `json:"path,omitempty"`
Port *APIServiceBackendPort `json:"port,omitempty"`
Protocol string `json:"protocol,omitempty"`
}
OpenAPISpec defines the OpenAPI spec of an API.
type OpenAPISpecLocation ¶ added in v1.2.0
OpenAPISpecLocation describes the location of an OpenAPI specification.
type ResourceMeta ¶
type ResourceMeta struct {
Kind string `json:"kind"`
Group string `json:"group"`
Name string `json:"name"`
Namespace string `json:"namespace"`
}
ResourceMeta represents the metadata which identify a Kubernetes resource.
type Route ¶
type Route struct {
Match string `json:"match"`
Services []RouteService `json:"services,omitempty"`
}
Route represents a Traefik IngressRoute route.
type RouteService ¶
type RouteService struct {
Namespace string `json:"namespace"`
Name string `json:"name"`
PortName string `json:"portName,omitempty"`
PortNumber int32 `json:"portNumber,omitempty"`
}
RouteService represents a Kubernetes service targeted by a Traefik IngressRoute route.
type SecretReference ¶ added in v0.6.0
type SecretReference struct {
Name string `json:"name"`
Namespace string `json:"namespace,omitempty"`
}
SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace.
type Service ¶
type Service struct {
Name string `json:"name"`
Namespace string `json:"namespace"`
Type corev1.ServiceType `json:"type"`
Annotations map[string]string `json:"annotations,omitempty"`
ExternalIPs []string `json:"externalIPs,omitempty"`
ExternalPorts []int `json:"externalPorts,omitempty"`
}
Service describes a Service.
type TLSOptionRef ¶
type TLSOptionRef struct {
Name string `json:"name"`
Namespace string `json:"namespace,omitempty"`
}
TLSOptionRef references TLSOptions.
type TokenSource ¶ added in v1.2.0
type TokenSource struct {
Header string `json:"header,omitempty"`
HeaderAuthScheme string `json:"headerAuthScheme,omitempty"`
Query string `json:"query,omitempty"`
Cookie string `json:"cookie,omitempty"`
}
TokenSource describes where to find a token in an HTTP request.
Source Files