forked from openshift/origin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
types.go
163 lines (136 loc) · 8.57 KB
/
types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
package v1
import (
"k8s.io/kubernetes/pkg/api/unversioned"
kapi "k8s.io/kubernetes/pkg/api/v1"
"k8s.io/kubernetes/pkg/util/intstr"
)
// Route encapsulates the inputs needed to connect an alias to endpoints.
type Route struct {
unversioned.TypeMeta `json:",inline"`
// Standard object's metadata.
kapi.ObjectMeta `json:"metadata,omitempty"`
// Spec is the desired state of the route
Spec RouteSpec `json:"spec" description:"desired state of the route"`
// Status is the current state of the route
Status RouteStatus `json:"status" description:"current state of the route"`
}
// RouteList is a collection of Routes.
type RouteList struct {
unversioned.TypeMeta `json:",inline"`
// Standard object's metadata.
unversioned.ListMeta `json:"metadata,omitempty"`
// Items is a list of routes
Items []Route `json:"items" description:"list of routes"`
}
// RouteSpec describes the route the user wishes to exist.
type RouteSpec struct {
// Ports are the ports that the user wishes to expose.
//Ports []RoutePort `json:"ports,omitempty"`
// Host is an alias/DNS that points to the service. Optional
// Must follow DNS952 subdomain conventions.
Host string `json:"host" description:"optional: alias/dns that points to the service, must follow DNS 952 subdomain conventions"`
// Path that the router watches for, to route traffic for to the service. Optional
Path string `json:"path,omitempty" description:"optional: path that the router watches to route traffic to the service"`
// To is an object the route points to. Only the Service kind is allowed, and it will
// be defaulted to Service.
To kapi.ObjectReference `json:"to" description:"an object the route points to. only the service kind is allowed, and it will be defaulted to a service."`
// If specified, the port to be used by the router. Most routers will use all
// endpoints exposed by the service by default - set this value to instruct routers
// which port to use.
Port *RoutePort `json:"port,omitempty" description:"port that should be used by the router; this is a hint to control which pod endpoint port is used; if empty routers may use all endpoints and ports"`
// TLS provides the ability to configure certificates and termination for the route
TLS *TLSConfig `json:"tls,omitempty" description:"provides the ability to configure certificates and termination for the route"`
}
// RoutePort defines a port mapping from a router to an endpoint in the service endpoints.
type RoutePort struct {
// The target port on pods selected by the service this route points to.
// If this is a string, it will be looked up as a named port in the target
// endpoints port list. Required
TargetPort intstr.IntOrString `json:"targetPort" description:"the target port on the endpoints for the service; if this is a string must match the named port, if an integer, must match the port number"`
}
// RouteStatus provides relevant info about the status of a route, including which routers
// acknowledge it.
type RouteStatus struct {
// Ingress describes the places where the route may be exposed. The list of
// ingress points may contain duplicate Host or RouterName values. Routes
// are considered live once they are `Ready`
Ingress []RouteIngress `json:"ingress" description:"traffic reaches this route via these ingress paths"`
}
// RouteIngress holds information about the places where a route is exposed
type RouteIngress struct {
// Host is the host string under which the route is exposed; this value is required
Host string `json:"host,omitempty" description:"the host name this route is exposed to by the specified router"`
// Name is a name chosen by the router to identify itself; this value is required
RouterName string `json:"routerName,omitempty" description:"the name of the router exposing this route"`
// Conditions is the state of the route, may be empty.
Conditions []RouteIngressCondition `json:"conditions,omitempty" description:"the conditions that apply to this router" patchStrategy:"merge" patchMergeKey:"type"`
}
// RouteIngressConditionType is a valid value for RouteCondition
type RouteIngressConditionType string
// These are valid conditions of pod.
const (
// RouteAdmitted means the route is able to service requests for the provided Host
RouteAdmitted RouteIngressConditionType = "Admitted"
// TODO: add other route condition types
)
// RouteIngressCondition contains details for the current condition of this pod.
// TODO: add LastTransitionTime, Reason, Message to match NodeCondition api.
type RouteIngressCondition struct {
// Type is the type of the condition.
// Currently only Ready.
Type RouteIngressConditionType `json:"type" description:"the type of the condition"`
// Status is the status of the condition.
// Can be True, False, Unknown.
Status kapi.ConditionStatus `json:"status" description:"status is the status of the condition; True, False, or Unknown"`
// (brief) reason for the condition's last transition, and is usually a machine and human
// readable constant
Reason string `json:"reason,omitempty" description:"brief reason for the condition's last transition, machine readable constant"`
// Human readable message indicating details about last transition.
Message string `json:"message,omitempty" description:"human readable message indicating details about this condition"`
// RFC 3339 date and time when this condition last transitioned
LastTransitionTime *unversioned.Time `json:"lastTransitionTime,omitempty" description:"the last time at which this condition transitioned to the current status"`
}
// RouterShard has information of a routing shard and is used to
// generate host names and routing table entries when a routing shard is
// allocated for a specific route.
// Caveat: This is WIP and will likely undergo modifications when sharding
// support is added.
type RouterShard struct {
// ShardName uniquely identifies a router shard in the "set" of
// routers used for routing traffic to the services.
ShardName string `json:"shardName" description:"uniquely identifies a router shard in the set of routers used for routing traffic to the services"`
// DNSSuffix for the shard ala: shard-1.v3.openshift.com
DNSSuffix string `json:"dnsSuffix" description:"DNS suffix for the shard (i.e. shard-1.v3.openshift.com)"`
}
// TLSConfig defines config used to secure a route and provide termination
type TLSConfig struct {
// Termination indicates termination type.
Termination TLSTerminationType `json:"termination" description:"indicates termination type"`
// Certificate provides certificate contents
Certificate string `json:"certificate,omitempty" description:"provides certificate contents"`
// Key provides key file contents
Key string `json:"key,omitempty" description:"provides key file contents"`
// CACertificate provides the cert authority certificate contents
CACertificate string `json:"caCertificate,omitempty" description:"provides the cert authority certificate contents"`
// DestinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt
// termination this file should be provided in order to have routers use it for health checks on the secure connection
DestinationCACertificate string `json:"destinationCACertificate,omitempty" description:"provides the contents of the ca certificate of the final destination. When using re-encrypt termination this file should be provided in order to have routers use it for health checks on the secure connection"`
// InsecureEdgeTerminationPolicy indicates the desired behavior for
// insecure connections to an edge-terminated route:
// disable, allow or redirect
InsecureEdgeTerminationPolicy InsecureEdgeTerminationPolicyType `json:"insecureEdgeTerminationPolicy,omitempty" description:"indicates desired behavior for insecure connections to an edge-terminated route. If not set, insecure connections will not be allowed"`
}
// TLSTerminationType dictates where the secure communication will stop
// TODO: Reconsider this type in v2
type TLSTerminationType string
// InsecureEdgeTerminationPolicyType dictates the behavior of insecure
// connections to an edge-terminated route.
type InsecureEdgeTerminationPolicyType string
const (
// TLSTerminationEdge terminate encryption at the edge router.
TLSTerminationEdge TLSTerminationType = "edge"
// TLSTerminationPassthrough terminate encryption at the destination, the destination is responsible for decrypting traffic
TLSTerminationPassthrough TLSTerminationType = "passthrough"
// TLSTerminationReencrypt terminate encryption at the edge router and re-encrypt it with a new certificate supplied by the destination
TLSTerminationReencrypt TLSTerminationType = "reencrypt"
)