ambient

package
v0.0.0-...-dc26732 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 20, 2025 License: Apache-2.0 Imports: 65 Imported by: 0

Documentation

Overview

Copyright Istio Authors

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

nolint: gocritic

nolint: gocritic

nolint: gocritic

nolint: gocritic

nolint: gocritic

nolint: gocritic

Index

Constants

View Source 
const (
	MultiClusterSecretLabel = "istio/multiCluster"
)

Variables

This section is empty.

Functions

func AppendNonNil 

func AppendNonNil[T any](data []T, i *T) []T

func FindPortName 

func FindPortName(pod *v1.Pod, name string) (int32, bool)

func GetPodCondition 

func GetPodCondition(status *v1.PodStatus, conditionType v1.PodConditionType) (int, *v1.PodCondition)

func GetPodConditionFromList 

func GetPodConditionFromList(conditions []v1.PodCondition, conditionType v1.PodConditionType) (int, *v1.PodCondition)

GetPodConditionFromList extracts the provided condition from the given list of condition and returns the index of the condition and the condition. Returns -1 and nil if the condition is not present.

func GetPodReadyCondition 

func GetPodReadyCondition(status v1.PodStatus) *v1.PodCondition

func GlobalMergedWorkloadServicesCollection 

func GlobalMergedWorkloadServicesCollection(
	localCluster *multicluster.Cluster,
	localServiceInfos krt.Collection[model.ServiceInfo],
	localWaypoints krt.Collection[Waypoint],
	clusters krt.Collection[*multicluster.Cluster],
	localServiceEntries krt.Collection[*networkingclient.ServiceEntry],
	globalServices krt.Collection[krt.Collection[*v1.Service]],
	servicesByCluster krt.Index[cluster.ID, krt.Collection[*v1.Service]],
	globalWaypoints krt.Collection[krt.Collection[Waypoint]],
	waypointsByCluster krt.Index[cluster.ID, krt.Collection[Waypoint]],
	globalNamespaces krt.Collection[krt.Collection[*v1.Namespace]],
	namespacesByCluster krt.Index[cluster.ID, krt.Collection[*v1.Namespace]],
	meshConfig krt.Singleton[MeshConfig],
	globalNetworks networkCollections,
	domainSuffix string,
	opts krt.OptionsBuilder,
) krt.Collection[krt.Collection[krt.ObjectWithCluster[model.ServiceInfo]]]

func GlobalNodesCollection 

func GlobalNodesCollection(
	nodes krt.Collection[krt.Collection[krt.ObjectWithCluster[*v1.Node]]],
	opts ...krt.CollectionOption,
) krt.Collection[krt.Collection[krt.ObjectWithCluster[Node]]]

func GlobalWaypointsCollection 

func GlobalWaypointsCollection(
	localCluster *multicluster.Cluster,
	localWaypoints krt.Collection[Waypoint],
	clusters krt.Collection[*multicluster.Cluster],
	gatewayClasses krt.Collection[*v1beta1.GatewayClass],
	globalNetworks networkCollections,
	opts krt.OptionsBuilder,
) krt.Collection[krt.Collection[Waypoint]]

func IsPodReady 

func IsPodReady(pod *v1.Pod) bool

IsPodReady is copied from kubernetes/pkg/api/v1/pod/utils.go

func IsPodReadyConditionTrue 

func IsPodReadyConditionTrue(status v1.PodStatus) bool

IsPodReadyConditionTrue returns true if a pod is ready; false otherwise.

func LabelSelectorAsSelector 

func LabelSelectorAsSelector(ps *meshapi.LabelSelector) (labels.Selector, error)

LabelSelectorAsSelector converts a mesh api LabelSelector to a labels.Selector.

func MakeSource 

func MakeSource(o controllers.Object) model.TypedObject

MakeSource is a helper to turn an Object into a model.TypedObject.

func MergedGlobalWorkloadsCollection 

func MergedGlobalWorkloadsCollection(
	localCluster *multicluster.Cluster,
	localWaypoints krt.Collection[Waypoint],
	localNodeLocalities krt.Collection[Node],
	clusters krt.Collection[*multicluster.Cluster],
	workloadEntries krt.Collection[*networkingclient.WorkloadEntry],
	serviceEntries krt.Collection[*networkingclient.ServiceEntry],
	globalNodes krt.Collection[krt.Collection[krt.ObjectWithCluster[Node]]],
	nodesByCluster krt.Index[cluster.ID, krt.Collection[krt.ObjectWithCluster[Node]]],
	meshConfig krt.Singleton[MeshConfig],
	localAuthorizationPolicies krt.Collection[model.WorkloadAuthorization],
	localPeerAuths krt.Collection[*securityclient.PeerAuthentication],
	globalWaypoints krt.Collection[krt.Collection[Waypoint]],
	waypointsByCluster krt.Index[cluster.ID, krt.Collection[Waypoint]],
	localWorkloadServices krt.Collection[model.ServiceInfo],
	globalWorkloadServices krt.Collection[krt.Collection[krt.ObjectWithCluster[model.ServiceInfo]]],
	globalWorkloadServicesByCluster krt.Index[cluster.ID, krt.Collection[krt.ObjectWithCluster[model.ServiceInfo]]],
	globalNetworks networkCollections,
	localClusterID cluster.ID,
	flags FeatureFlags,
	domainSuffix string,
	opts krt.OptionsBuilder,
) krt.Collection[model.WorkloadInfo]

func NodesCollection 

func NodesCollection(nodes krt.Collection[*v1.Node], opts ...krt.CollectionOption) krt.Collection[Node]

NodesCollection maps a node to it's locality. In many environments, nodes change frequently causing excessive recomputation of workloads. By making an intermediate collection we can reduce the times we need to trigger dependants (locality should ~never change).

func PolicyCollections 

func PolicyCollections(
	authzPolicies krt.Collection[*securityclient.AuthorizationPolicy],
	peerAuths krt.Collection[*securityclient.PeerAuthentication],
	meshConfig krt.Singleton[MeshConfig],
	waypoints krt.Collection[Waypoint],
	opts krt.OptionsBuilder,
	flags FeatureFlags,
) (krt.Collection[model.WorkloadAuthorization], krt.Collection[model.WorkloadAuthorization])

func PushXds 

func PushXds[T any](xds model.XDSUpdater, f func(T) model.ConfigKey) func(events []krt.Event[T])

func PushXdsAddress 

func PushXdsAddress[T any](xds model.XDSUpdater, f func(T) string) func(events []krt.Event[T])

func RegisterEdsShim 

func RegisterEdsShim(
	xdsUpdater model.XDSUpdater,
	Workloads krt.Collection[model.WorkloadInfo],
	Namespaces krt.Collection[model.NamespaceInfo],
	WorkloadsByServiceKey krt.Index[string, model.WorkloadInfo],
	Services krt.Collection[model.ServiceInfo],
	ServicesByAddress krt.Index[networkAddress, model.ServiceInfo],
	opts krt.OptionsBuilder,
)

RegisterEdsShim handles triggering xDS events when Envoy EDS needs to change. Most of ambient index works to build `workloadapi` types - Workload, Service, etc. Envoy uses a different API, with different relationships between types. To ensure Envoy are updated properly on changes, we compute this information. Currently, this is only used to trigger events. Ideally, the information we are using in Envoy and the event trigger are using the same data directly.

func ReportWaypointAttachmentDenied 

func ReportWaypointAttachmentDenied(waypoint string) *model.StatusMessage

func ReportWaypointIsNotReady 

func ReportWaypointIsNotReady(waypoint string) *model.StatusMessage

func ReportWaypointUnsupportedTrafficType 

func ReportWaypointUnsupportedTrafficType(waypoint string, ttype string) *model.StatusMessage

func WaypointPolicyStatusCollection 

func WaypointPolicyStatusCollection(
	authzPolicies krt.Collection[*securityclient.AuthorizationPolicy],
	waypoints krt.Collection[Waypoint],
	services krt.Collection[*corev1.Service],
	serviceEntries krt.Collection[*networkingclient.ServiceEntry],
	gatewayClasses krt.Collection[*v1beta1.GatewayClass],
	meshConfig krt.Singleton[MeshConfig],
	namespaces krt.Collection[*corev1.Namespace],
	opts krt.OptionsBuilder,
) krt.Collection[model.WaypointPolicyStatus]

Types

type ACTION 

type ACTION int
const (
	Add ACTION = iota
	Update
)

func (ACTION) String 

func (a ACTION) String() string

type ClusterNetwork 

type ClusterNetwork struct {
	ClusterID cluster.ID
	Network   network.ID
}

func (ClusterNetwork) ResourceName 

func (c ClusterNetwork) ResourceName() string

type ClusteredNamespace 

type ClusteredNamespace struct {
	ClusterID cluster.ID
	Namespace string
}

type FeatureFlags 

type FeatureFlags struct {
	DefaultAllowFromWaypoint              bool
	EnableK8SServiceSelectWorkloadEntries bool
}

type InboundBinding 

type InboundBinding struct {
	Port     uint32
	Protocol workloadapi.ApplicationTunnel_Protocol
}

type Index 

type Index interface {
	Lookup(key string) []model.AddressInfo
	All() []model.AddressInfo
	AllLocalNetworkGlobalServices(key model.WaypointKey) []model.ServiceInfo
	WorkloadsForWaypoint(key model.WaypointKey) []model.WorkloadInfo
	ServicesForWaypoint(key model.WaypointKey) []model.ServiceInfo
	Run(stop <-chan struct{})
	HasSynced() bool
	model.AmbientIndexes
}

func New 

func New(options Options) Index

type MeshConfig 

type MeshConfig = meshwatcher.MeshConfigResource

type NamespaceHostname 

type NamespaceHostname struct {
	Namespace string
	Hostname  string
}

func (NamespaceHostname) String 

func (n NamespaceHostname) String() string

type NetworkGateway 

type NetworkGateway struct {
	model.NetworkGateway
	Source types.NamespacedName
}

func LookupAllNetworkGateway 

func LookupAllNetworkGateway(
	ctx krt.HandlerContext,
	networkGateways krt.Collection[NetworkGateway],
) []NetworkGateway

func LookupNetworkGateway 

func LookupNetworkGateway(
	ctx krt.HandlerContext,
	id network.ID,
	networkGateways krt.Collection[NetworkGateway],
	gatewaysByNetwork krt.Index[network.ID, NetworkGateway],
) []NetworkGateway

func (NetworkGateway) ResourceName 

func (n NetworkGateway) ResourceName() string

type Node 

type Node struct {
	Name     string
	Locality *workloadapi.Locality
}

func (Node) Equals 

func (n Node) Equals(o Node) bool

func (Node) ResourceName 

func (n Node) ResourceName() string

type Options 

type Options struct {
	Client kubeclient.Client

	Revision        string
	SystemNamespace string
	DomainSuffix    string
	ClusterID       cluster.ID
	IsConfigCluster bool
	XDSUpdater      model.XDSUpdater
	StatusNotifier  *activenotifier.ActiveNotifier
	Flags           FeatureFlags

	MeshConfig meshwatcher.WatcherCollection

	Debugger                    *krt.DebugHandler
	ClientBuilder               multicluster.ClientBuilder
	RemoteClientConfigOverrides []func(*rest.Config)
}

type TargetRef 

type TargetRef struct {
	Kind      string
	Namespace string
	Name      string
	UID       types.UID
}

TargetRef is a subset of the Kubernetes ObjectReference which has some fields we don't care about

func (TargetRef) String 

func (t TargetRef) String() string

type Waypoint 

type Waypoint struct {
	krt.Named

	// Addresses this Waypoint is reachable by. For stock Istio waypoints, this
	// is usually the hostname. There will always be at least one address in this
	// list.
	Address *workloadapi.GatewayAddress

	// DefaultBinding for an inbound zTunnel to use to connect to a Waypoint it captures.
	// This is applied to the Workloads that are instances of the current Waypoint.
	DefaultBinding *InboundBinding

	// TrafficType controls whether Service or Workload can reference this
	// waypoint. Must be one of "all", "service", "workload".
	TrafficType string

	// ServiceAccounts from instances of the waypoint.
	// This only handles Pods. If we wish to support non-pod waypoints, we'll
	// want to index ServiceEntry/WorkloadEntry or possibly allow specifying
	// the ServiceAccounts directly on a Gateway resource.
	ServiceAccounts []string
	AllowedRoutes   WaypointSelector
}

func (Waypoint) AllowsAttachmentFromNamespace 

func (w Waypoint) AllowsAttachmentFromNamespace(namespace *v1.Namespace) bool

func (Waypoint) AllowsAttachmentFromNamespaceOrLookup 

func (w Waypoint) AllowsAttachmentFromNamespaceOrLookup(ctx krt.HandlerContext, Namespaces krt.Collection[*v1.Namespace], namespace string) bool

func (Waypoint) Equals 

func (w Waypoint) Equals(other Waypoint) bool

func (*Waypoint) GetAddress 

func (w *Waypoint) GetAddress() *workloadapi.GatewayAddress

GetAddress is a nil-safe traversal method for Waypoint

func (Waypoint) ResourceName 

func (w Waypoint) ResourceName() string

type WaypointSelector 

type WaypointSelector struct {
	FromNamespaces v1beta1.FromNamespaces
	Selector       labels.Selector
}

func (WaypointSelector) Equals 

func (w WaypointSelector) Equals(other WaypointSelector) bool

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.