-
Notifications
You must be signed in to change notification settings - Fork 0
/
types.go
207 lines (172 loc) · 7.83 KB
/
types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
package route
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/util/intstr"
"k8s.io/kubernetes/pkg/apis/core"
)
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// Route encapsulates the inputs needed to connect an alias to endpoints.
type Route struct {
metav1.TypeMeta
metav1.ObjectMeta
// Spec is the desired behavior of the route
Spec RouteSpec
// Status describes the current observed state of the route
Status RouteStatus
}
// RouteSpec describes the desired behavior of a route.
type RouteSpec struct {
// Host is an alias/DNS that points to the service. Optional
// Must follow DNS952 subdomain conventions.
Host string
// Path that the router watches for, to route traffic for to the service. Optional
Path string
// Objects that the route points to. Only the Service kind is allowed, and it will
// be defaulted to Service.
To RouteTargetReference
// Alternate objects that the route may want to point to. Use the 'weight' field to
// determine which ones of the several get more emphasis
AlternateBackends []RouteTargetReference
// If specified, the port to be used by the router. Most routers will use all
// endpoints exposed by the service by default - set this value to instruct routers
// which port to use.
Port *RoutePort
//TLS provides the ability to configure certificates and termination for the route
TLS *TLSConfig
// Wildcard policy if any for the route.
// Currently only 'Subdomain' or 'None' is allowed.
WildcardPolicy WildcardPolicyType
}
// RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service'
// kind is allowed. Use 'weight' field to emphasize one over others.
type RouteTargetReference struct {
Kind string
Name string
Weight *int32
}
// RoutePort defines a port mapping from a router to an endpoint in the service endpoints.
type RoutePort struct {
// The target port on pods selected by the service this route points to.
// If this is a string, it will be looked up as a named port in the target
// endpoints port list. Required
TargetPort intstr.IntOrString
}
// RouteStatus provides relevant info about the status of a route, including which routers
// acknowledge it.
type RouteStatus struct {
// Ingress describes the places where the route may be exposed. The list of
// ingress points may contain duplicate Host or RouterName values. Routes
// are considered live once they are `Ready`
Ingress []RouteIngress
}
// RouteIngress holds information about the places where a route is exposed
type RouteIngress struct {
// Host is the host string under which the route is exposed; this value is required
Host string
// Name is a name chosen by the router to identify itself; this value is required
RouterName string
// Conditions is the state of the route, may be empty.
Conditions []RouteIngressCondition
// Wildcard policy is the wildcard policy that was allowed where this route is exposed.
WildcardPolicy WildcardPolicyType
// CanonicalHostname is an external host name for the router; this value is optional
RouterCanonicalHostname string
}
// RouteIngressConditionType is a valid value for RouteCondition
type RouteIngressConditionType string
// These are valid conditions of pod.
const (
// RouteAdmitted means the route is able to service requests for the provided Host
RouteAdmitted RouteIngressConditionType = "Admitted"
// RouteExtendedValidationFailed means the route configuration failed an extended validation check.
RouteExtendedValidationFailed RouteIngressConditionType = "ExtendedValidationFailed"
// TODO: add other route condition types
)
// RouteIngressCondition contains details for the current condition of this pod.
// TODO: add LastTransitionTime, Reason, Message to match NodeCondition api.
type RouteIngressCondition struct {
// Type is the type of the condition.
// Currently only Ready.
Type RouteIngressConditionType
// Status is the status of the condition.
// Can be True, False, Unknown.
Status core.ConditionStatus
// (brief) reason for the condition's last transition, and is usually a machine and human
// readable constant
Reason string
// Human readable message indicating details about last transition.
Message string
// RFC 3339 date and time at which the object was acknowledged by the router.
// This may be before the router exposes the route
LastTransitionTime *metav1.Time
}
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// RouteList is a collection of Routes.
type RouteList struct {
metav1.TypeMeta
metav1.ListMeta
// Items is a list of routes
Items []Route
}
// RouterShard has information of a routing shard and is used to
// generate host names and routing table entries when a routing shard is
// allocated for a specific route.
type RouterShard struct {
// ShardName uniquely identifies a router shard in the "set" of
// routers used for routing traffic to the services.
ShardName string
// DNSSuffix for the shard ala: shard-1.v3.openshift.com
DNSSuffix string
}
// TLSConfig defines config used to secure a route and provide termination
type TLSConfig struct {
// Termination indicates termination type.
Termination TLSTerminationType
// Certificate provides certificate contents
Certificate string
// Key provides key file contents
Key string
// CACertificate provides the cert authority certificate contents
CACertificate string
// DestinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt
// termination this file should be provided in order to have routers use it for health checks on the secure connection
DestinationCACertificate string
// InsecureEdgeTerminationPolicy indicates the desired behavior for
// insecure connections to an edge-terminated route:
// disable, allow or redirect
InsecureEdgeTerminationPolicy InsecureEdgeTerminationPolicyType
}
// TLSTerminationType dictates where the secure communication will stop
// TODO: Reconsider this type in v2
type TLSTerminationType string
// InsecureEdgeTerminationPolicyType dictates the behavior of insecure
// connections to an edge-terminated route.
type InsecureEdgeTerminationPolicyType string
const (
// TLSTerminationEdge terminate encryption at the edge router.
TLSTerminationEdge TLSTerminationType = "edge"
// TLSTerminationPassthrough terminate encryption at the destination, the destination is responsible for decrypting traffic
TLSTerminationPassthrough TLSTerminationType = "passthrough"
// TLSTerminationReencrypt terminate encryption at the edge router and re-encrypt it with a new certificate supplied by the destination
TLSTerminationReencrypt TLSTerminationType = "reencrypt"
// InsecureEdgeTerminationPolicyNone disables insecure connections for an edge-terminated route.
InsecureEdgeTerminationPolicyNone InsecureEdgeTerminationPolicyType = "None"
// InsecureEdgeTerminationPolicyAllow allows insecure connections for an edge-terminated route.
InsecureEdgeTerminationPolicyAllow InsecureEdgeTerminationPolicyType = "Allow"
// InsecureEdgeTerminationPolicyRedirect redirects insecure connections for an edge-terminated route.
// As an example, for routers that support HTTP and HTTPS, the
// insecure HTTP connections will be redirected to use HTTPS.
InsecureEdgeTerminationPolicyRedirect InsecureEdgeTerminationPolicyType = "Redirect"
)
// WildcardPolicyType indicates the type of wildcard support needed by routes.
type WildcardPolicyType string
const (
// WildcardPolicyNone indicates no wildcard support is needed.
WildcardPolicyNone WildcardPolicyType = "None"
// WildcardPolicySubdomain indicates the host needs wildcard support for the subdomain.
// Example: With host = "www.acme.test", indicates that the router
// should support requests for *.acme.test
// Note that this will not match acme.test only *.acme.test
WildcardPolicySubdomain WildcardPolicyType = "Subdomain"
)