istio: istio.io/istio/galley/pkg/config/analysis/analyzers/util Index | Files

package util

import "istio.io/istio/galley/pkg/config/analysis/analyzers/util"

Index

Package Files

config.go constants.go exportto.go find_errorline_utils.go hosts.go in_mesh.go service_lookup.go

Constants

const (
    DefaultKubernetesDomain   = "svc." + constants.DefaultKubernetesDomain
    ExportToNamespaceLocal    = "."
    ExportToAllNamespaces     = "*"
    IstioProxyName            = "istio-proxy"
    MeshGateway               = "mesh"
    Wildcard                  = "*"
    MeshConfigName            = "istio"
    InjectionLabelName        = "istio-injection"
    InjectionLabelEnableValue = "enabled"
)
const (

    // Path for host in VirtualService.
    // Required parameters: route rule, route rule index, route index.
    DestinationHost = "{.spec.%s[%d].route[%d].destination.host}"

    // Path for mirror host in VirtualService.
    // Required parameters: http index.
    MirrorHost = "{.spec.http[%d].mirror.host}"

    // Path for VirtualService gateway.
    // Required parameters: gateway index.
    VSGateway = "{.spec.gateways[%d]}"

    // Path for regex match of uri, scheme, method and authority.
    // Required parameters: http index, match index, where to match.
    URISchemeMethodAuthorityRegexMatch = "{.spec.http[%d].match[%d].%s.regex}"

    // Path for regex match of headers and queryParams.
    // Required parameters: http index, match index, where to match, match key.
    HeaderAndQueryParamsRegexMatch = "{.spec.http[%d].match[%d].%s.%s.regex}"

    // Path for regex match of allowOrigins.
    // Required parameters: http index, allowOrigins index.
    AllowOriginsRegexMatch = "{.spec.http[%d].corsPolicy.allowOrigins[%d].regex}"

    // Path for workload selector.
    // Required parameters: selector label.
    WorkloadSelector = "{.spec.workloadSelector.labels.%s}"

    // Path for port from ports collections.
    // Required parameters: port index.
    PortInPorts = "{.spec.ports[%d].port}"

    // Path for fromRegistry in the mesh networks.
    // Required parameters: network name, endPoint index.
    FromRegistry = "{.networks.%s.endpoints[%d]}"

    // Path for the image in the container.
    // Required parameters: container index.
    ImageInContainer = "{.spec.containers[%d].image}"

    // Path for namespace in metadata.
    // Required parameters: none.
    MetadataNamespace = "{.metadata.namespace}"

    // Path for name in metadata.
    // Required parameters: none.
    MetadataName = "{.metadata.name}"

    // Path for namespace in authorizationPolicy.
    // Required parameters: rule index, from index, namespace index.
    AuthorizationPolicyNameSpace = "{.spec.rules[%d].from[%d].source.namespaces[%d]}"

    // Path for annotation.
    // Required parameters: annotation name.
    Annotation = "{.metadata.annotations.%s}"

    // Path for selector in Gateway.
    // Required parameters: selector label.
    GatewaySelector = "{.spec.selector.%s}"

    // Path for credentialName.
    // Required parameters: server index.
    CredentialName = "{.spec.servers[%d].tls.credentialName}"
)

Variables

var (
    SystemNamespaces = []string{"kube-system", "kube-public", "kube-node-lease", "local-path-storage"}
)

Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#viewing-namespaces "kube-system": The namespace for objects created by the Kubernetes system. "kube-public": This namespace is mostly reserved for cluster usage. "kube-node-lease": This namespace for the lease objects associated with each node

which improves the performance of the node heartbeats as the cluster scales.

"local-path-storage": Dynamically provisioning persistent local storage with Kubernetes.

used with Kind cluster: https://github.com/rancher/local-path-provisioner

func ConvertHostToFQDN Uses

func ConvertHostToFQDN(namespace resource.Namespace, host string) string

ConvertHostToFQDN returns the given host as a FQDN, if it isn't already.

func DeploymentInMesh Uses

func DeploymentInMesh(r *resource.Instance, c analysis.Context) bool

DeploymentinMesh returns true if deployment is in the service mesh (has sidecar)

func ErrorLine Uses

func ErrorLine(r *resource.Instance, path string) (line int, found bool)

ErrorLine returns the line number of the input path key in the resource

func ExtractLabelFromSelectorString Uses

func ExtractLabelFromSelectorString(s string) string

ExtractLabelFromSelectorString returns the label of the match in the k8s labels.Selector

func GetDestinationHost Uses

func GetDestinationHost(sourceNs resource.Namespace, host string, serviceEntryHosts map[ScopedFqdn]*v1alpha3.ServiceEntry) *v1alpha3.ServiceEntry

func GetFullNameFromFQDN Uses

func GetFullNameFromFQDN(fqdn string) resource.FullName

GetFullNameFromFQDN tries to parse namespace and name from a fqdn. Empty strings are returned if either namespace or name cannot be parsed.

func GetResourceNameFromHost Uses

func GetResourceNameFromHost(defaultNamespace resource.Namespace, host string) resource.FullName

GetResourceNameFromHost figures out the resource.FullName to look up from the provided host string We need to handle two possible formats: short name and FQDN https://istio.io/docs/reference/config/networking/v1alpha3/virtual-service/#Destination

func InitServiceEntryHostMap Uses

func InitServiceEntryHostMap(ctx analysis.Context) map[ScopedFqdn]*v1alpha3.ServiceEntry

func IsExportToAllNamespaces Uses

func IsExportToAllNamespaces(exportTos []string) bool

IsExportToAllNamespaces returns true if export to applies to all namespaces and false if it is set to namespace local.

func IsIncluded Uses

func IsIncluded(slice []string, term string) bool

IsIncluded check if the term exists in a slice of string

func IsIstioControlPlane Uses

func IsIstioControlPlane(r *resource.Instance) bool

IsIstioControlPlane returns true for resources that are part of the Istio control plane

func IsSystemNamespace Uses

func IsSystemNamespace(ns resource.Namespace) bool

IsSystemNamespace returns true for system namespaces

func PodInMesh Uses

func PodInMesh(r *resource.Instance, c analysis.Context) bool

PodInMesh returns true if a Pod is in the service mesh (has sidecar)

type ScopedFqdn Uses

type ScopedFqdn string

func NewScopedFqdn Uses

func NewScopedFqdn(scope string, namespace resource.Namespace, host string) ScopedFqdn

NewScopedFqdn converts the passed host to FQDN if needed and applies the passed scope.

func (ScopedFqdn) GetScopeAndFqdn Uses

func (s ScopedFqdn) GetScopeAndFqdn() (string, string)

GetScopeAndFqdn splits ScopedFqdn back to scope namespace and fqdn parts

func (ScopedFqdn) InScopeOf Uses

func (s ScopedFqdn) InScopeOf(ns string) bool

InScopeOf returns true if ns is in the scope of ScopedFqdn

Package util imports 10 packages (graph) and is imported by 13 packages. Updated 2020-10-30. Refresh now. Tools for package owners.