From bb4d3fee7aed2919ede1078c5abd8c39ae145ba8 Mon Sep 17 00:00:00 2001 From: zryfish Date: Fri, 5 Jun 2020 14:51:05 +0800 Subject: [PATCH] add component status to cluster status (#2160) --- Makefile | 2 +- .../crds/cluster.kubesphere.io_clusters.yaml | 173 ++ .../devops.kubesphere.io_devopsprojects.yaml | 2 +- .../crds/devops.kubesphere.io_pipelines.yaml | 2 +- .../devops.kubesphere.io_s2ibinaries.yaml | 2 +- .../devops.kubesphere.io_s2ibuilders.yaml | 2 +- ...ops.kubesphere.io_s2ibuildertemplates.yaml | 2 +- config/crds/devops.kubesphere.io_s2iruns.yaml | 2 +- ...phere.io_federatedclusterrolebindings.yaml | 125 ++ ...ubesphere.io_namespacenetworkpolicies.yaml | 52 +- ...icemesh.kubesphere.io_servicepolicies.yaml | 1605 +++++++++++++++++ .../servicemesh.kubesphere.io_strategies.yaml | 1166 ++++++++++++ .../servicemesh_v1alpha2_servicepolicy.yaml | 863 --------- .../crds/servicemesh_v1alpha2_strategy.yaml | 787 -------- pkg/apis/cluster/v1alpha1/cluster_types.go | 5 + .../cluster/v1alpha1/zz_generated.deepcopy.go | 9 +- .../network/v1alpha1/zz_generated.deepcopy.go | 14 +- .../v1alpha2/zz_generated.deepcopy.go | 2 +- .../tenant/v1alpha1/zz_generated.deepcopy.go | 2 +- .../tenant/v1alpha2/zz_generated.deepcopy.go | 2 +- pkg/apiserver/config/config.go | 6 +- pkg/apiserver/dispatch/dispatch.go | 25 + pkg/client/clientset/versioned/clientset.go | 2 +- pkg/client/clientset/versioned/doc.go | 2 +- .../versioned/fake/clientset_generated.go | 2 +- pkg/client/clientset/versioned/fake/doc.go | 2 +- .../clientset/versioned/fake/register.go | 2 +- pkg/client/clientset/versioned/scheme/doc.go | 2 +- .../clientset/versioned/scheme/register.go | 2 +- .../typed/cluster/v1alpha1/cluster.go | 2 +- .../typed/cluster/v1alpha1/cluster_client.go | 2 +- .../versioned/typed/cluster/v1alpha1/doc.go | 2 +- .../typed/cluster/v1alpha1/fake/doc.go | 2 +- .../cluster/v1alpha1/fake/fake_cluster.go | 2 +- .../v1alpha1/fake/fake_cluster_client.go | 2 +- .../cluster/v1alpha1/generated_expansion.go | 2 +- .../typed/devops/v1alpha1/devops_client.go | 2 +- .../versioned/typed/devops/v1alpha1/doc.go | 2 +- .../typed/devops/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_devops_client.go | 2 +- .../devops/v1alpha1/fake/fake_s2ibinary.go | 2 +- .../devops/v1alpha1/fake/fake_s2ibuilder.go | 2 +- .../v1alpha1/fake/fake_s2ibuildertemplate.go | 2 +- .../typed/devops/v1alpha1/fake/fake_s2irun.go | 2 +- .../devops/v1alpha1/generated_expansion.go | 2 +- .../typed/devops/v1alpha1/s2ibinary.go | 2 +- .../typed/devops/v1alpha1/s2ibuilder.go | 2 +- .../devops/v1alpha1/s2ibuildertemplate.go | 2 +- .../versioned/typed/devops/v1alpha1/s2irun.go | 2 +- .../typed/devops/v1alpha3/devops_client.go | 2 +- .../typed/devops/v1alpha3/devopsproject.go | 2 +- .../versioned/typed/devops/v1alpha3/doc.go | 2 +- .../typed/devops/v1alpha3/fake/doc.go | 2 +- .../v1alpha3/fake/fake_devops_client.go | 2 +- .../v1alpha3/fake/fake_devopsproject.go | 2 +- .../devops/v1alpha3/fake/fake_pipeline.go | 2 +- .../devops/v1alpha3/generated_expansion.go | 2 +- .../typed/devops/v1alpha3/pipeline.go | 2 +- .../versioned/typed/iam/v1alpha2/doc.go | 2 +- .../versioned/typed/iam/v1alpha2/fake/doc.go | 2 +- .../iam/v1alpha2/fake/fake_globalrole.go | 2 +- .../v1alpha2/fake/fake_globalrolebinding.go | 2 +- .../iam/v1alpha2/fake/fake_iam_client.go | 2 +- .../typed/iam/v1alpha2/fake/fake_user.go | 2 +- .../iam/v1alpha2/fake/fake_workspacerole.go | 2 +- .../fake/fake_workspacerolebinding.go | 2 +- .../typed/iam/v1alpha2/generated_expansion.go | 2 +- .../typed/iam/v1alpha2/globalrole.go | 2 +- .../typed/iam/v1alpha2/globalrolebinding.go | 2 +- .../typed/iam/v1alpha2/iam_client.go | 2 +- .../versioned/typed/iam/v1alpha2/user.go | 2 +- .../typed/iam/v1alpha2/workspacerole.go | 2 +- .../iam/v1alpha2/workspacerolebinding.go | 2 +- .../versioned/typed/network/v1alpha1/doc.go | 2 +- .../typed/network/v1alpha1/fake/doc.go | 2 +- .../fake/fake_namespacenetworkpolicy.go | 2 +- .../v1alpha1/fake/fake_network_client.go | 2 +- .../network/v1alpha1/generated_expansion.go | 2 +- .../v1alpha1/namespacenetworkpolicy.go | 2 +- .../typed/network/v1alpha1/network_client.go | 2 +- .../typed/servicemesh/v1alpha2/doc.go | 2 +- .../typed/servicemesh/v1alpha2/fake/doc.go | 2 +- .../v1alpha2/fake/fake_servicemesh_client.go | 2 +- .../v1alpha2/fake/fake_servicepolicy.go | 2 +- .../v1alpha2/fake/fake_strategy.go | 2 +- .../v1alpha2/generated_expansion.go | 2 +- .../v1alpha2/servicemesh_client.go | 2 +- .../servicemesh/v1alpha2/servicepolicy.go | 2 +- .../typed/servicemesh/v1alpha2/strategy.go | 2 +- .../versioned/typed/tenant/v1alpha1/doc.go | 2 +- .../typed/tenant/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_tenant_client.go | 2 +- .../tenant/v1alpha1/fake/fake_workspace.go | 2 +- .../tenant/v1alpha1/generated_expansion.go | 2 +- .../typed/tenant/v1alpha1/tenant_client.go | 2 +- .../typed/tenant/v1alpha1/workspace.go | 2 +- .../versioned/typed/tenant/v1alpha2/doc.go | 2 +- .../typed/tenant/v1alpha2/fake/doc.go | 2 +- .../v1alpha2/fake/fake_tenant_client.go | 2 +- .../v1alpha2/fake/fake_workspacetemplate.go | 2 +- .../tenant/v1alpha2/generated_expansion.go | 2 +- .../typed/tenant/v1alpha2/tenant_client.go | 2 +- .../tenant/v1alpha2/workspacetemplate.go | 2 +- .../externalversions/cluster/interface.go | 2 +- .../cluster/v1alpha1/cluster.go | 2 +- .../cluster/v1alpha1/interface.go | 2 +- .../externalversions/devops/interface.go | 2 +- .../devops/v1alpha1/interface.go | 2 +- .../devops/v1alpha1/s2ibinary.go | 2 +- .../devops/v1alpha1/s2ibuilder.go | 2 +- .../devops/v1alpha1/s2ibuildertemplate.go | 2 +- .../devops/v1alpha1/s2irun.go | 2 +- .../devops/v1alpha3/devopsproject.go | 2 +- .../devops/v1alpha3/interface.go | 2 +- .../devops/v1alpha3/pipeline.go | 2 +- .../informers/externalversions/factory.go | 2 +- .../informers/externalversions/generic.go | 2 +- .../externalversions/iam/interface.go | 2 +- .../iam/v1alpha2/globalrole.go | 2 +- .../iam/v1alpha2/globalrolebinding.go | 2 +- .../iam/v1alpha2/interface.go | 2 +- .../externalversions/iam/v1alpha2/user.go | 2 +- .../iam/v1alpha2/workspacerole.go | 2 +- .../iam/v1alpha2/workspacerolebinding.go | 2 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../externalversions/network/interface.go | 2 +- .../network/v1alpha1/interface.go | 2 +- .../v1alpha1/namespacenetworkpolicy.go | 2 +- .../externalversions/servicemesh/interface.go | 2 +- .../servicemesh/v1alpha2/interface.go | 2 +- .../servicemesh/v1alpha2/servicepolicy.go | 2 +- .../servicemesh/v1alpha2/strategy.go | 2 +- .../externalversions/tenant/interface.go | 2 +- .../tenant/v1alpha1/interface.go | 2 +- .../tenant/v1alpha1/workspace.go | 2 +- .../tenant/v1alpha2/interface.go | 2 +- .../tenant/v1alpha2/workspacetemplate.go | 2 +- .../listers/cluster/v1alpha1/cluster.go | 2 +- .../cluster/v1alpha1/expansion_generated.go | 2 +- .../devops/v1alpha1/expansion_generated.go | 2 +- .../listers/devops/v1alpha1/s2ibinary.go | 2 +- .../listers/devops/v1alpha1/s2ibuilder.go | 2 +- .../devops/v1alpha1/s2ibuildertemplate.go | 2 +- pkg/client/listers/devops/v1alpha1/s2irun.go | 2 +- .../listers/devops/v1alpha3/devopsproject.go | 2 +- .../devops/v1alpha3/expansion_generated.go | 2 +- .../listers/devops/v1alpha3/pipeline.go | 2 +- .../iam/v1alpha2/expansion_generated.go | 2 +- pkg/client/listers/iam/v1alpha2/globalrole.go | 2 +- .../listers/iam/v1alpha2/globalrolebinding.go | 2 +- pkg/client/listers/iam/v1alpha2/user.go | 2 +- .../listers/iam/v1alpha2/workspacerole.go | 2 +- .../iam/v1alpha2/workspacerolebinding.go | 2 +- .../network/v1alpha1/expansion_generated.go | 2 +- .../v1alpha1/namespacenetworkpolicy.go | 2 +- .../v1alpha2/expansion_generated.go | 2 +- .../servicemesh/v1alpha2/servicepolicy.go | 2 +- .../listers/servicemesh/v1alpha2/strategy.go | 2 +- .../tenant/v1alpha1/expansion_generated.go | 2 +- .../listers/tenant/v1alpha1/workspace.go | 2 +- .../tenant/v1alpha2/expansion_generated.go | 2 +- .../tenant/v1alpha2/workspacetemplate.go | 2 +- pkg/controller/cluster/cluster_controller.go | 190 +- 163 files changed, 3431 insertions(+), 1889 deletions(-) create mode 100644 config/crds/cluster.kubesphere.io_clusters.yaml create mode 100644 config/crds/iam.kubesphere.io_federatedclusterrolebindings.yaml create mode 100644 config/crds/servicemesh.kubesphere.io_servicepolicies.yaml create mode 100644 config/crds/servicemesh.kubesphere.io_strategies.yaml delete mode 100644 config/crds/servicemesh_v1alpha2_servicepolicy.yaml delete mode 100644 config/crds/servicemesh_v1alpha2_strategy.yaml diff --git a/Makefile b/Makefile index 64a297d9..012aae22 100644 --- a/Makefile +++ b/Makefile @@ -58,7 +58,7 @@ vet: generate # Generate manifests e.g. CRD, RBAC etc. manifests: - go run ./vendor/sigs.k8s.io/controller-tools/cmd/controller-gen/main.go object:headerFile=./hack/boilerplate.go.txt paths=./pkg/apis/... rbac:roleName=controller-perms ${CRD_OPTIONS} output:crd:artifacts:config=config/crd/bases + go run ./vendor/sigs.k8s.io/controller-tools/cmd/controller-gen/main.go object:headerFile=./hack/boilerplate.go.txt paths=./pkg/apis/... rbac:roleName=controller-perms ${CRD_OPTIONS} output:crd:artifacts:config=config/crds deploy: manifests kubectl apply -f config/crds diff --git a/config/crds/cluster.kubesphere.io_clusters.yaml b/config/crds/cluster.kubesphere.io_clusters.yaml new file mode 100644 index 00000000..4834fb08 --- /dev/null +++ b/config/crds/cluster.kubesphere.io_clusters.yaml @@ -0,0 +1,173 @@ + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: (devel) + creationTimestamp: null + name: clusters.cluster.kubesphere.io +spec: + additionalPrinterColumns: + - JSONPath: .spec.joinFederation + name: Federated + type: boolean + - JSONPath: .spec.provider + name: Provider + type: string + - JSONPath: .spec.enable + name: Active + type: boolean + - JSONPath: .status.kubernetesVersion + name: Version + type: string + group: cluster.kubesphere.io + names: + kind: Cluster + listKind: ClusterList + plural: clusters + singular: cluster + scope: Cluster + subresources: {} + validation: + openAPIV3Schema: + description: Cluster is the schema for the clusters API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + connection: + description: Connection holds info to connect to the member cluster + properties: + kubeconfig: + description: KubeConfig content used to connect to cluster api server + Should provide this field explicitly if connection type is direct. + Will be populated by ks-proxy if connection type is proxy. + format: byte + type: string + kubernetesAPIEndpoint: + description: 'Kubernetes API Server endpoint. Example: https://10.10.0.1:6443 + Should provide this field explicitly if connection type is direct. + Will be populated by ks-apiserver if connection type is proxy.' + type: string + kubernetesAPIServerPort: + description: KubeAPIServerPort is the port which listens for forwarding + kube-apiserver traffic Only applicable when connection type is + proxy. + type: integer + kubesphereAPIEndpoint: + description: 'KubeSphere API Server endpoint. Example: http://10.10.0.11:8080 + Should provide this field explicitly if connection type is direct. + Will be populated by ks-apiserver if connection type is proxy.' + type: string + kubesphereAPIServerPort: + description: KubeSphereAPIServerPort is the port which listens for + forwarding kubesphere apigateway traffic Only applicable when + connection type is proxy. + type: integer + token: + description: Token used by agents of member cluster to connect to + host cluster proxy. This field is populated by apiserver only + if connection type is proxy. + type: string + type: + description: type defines how host cluster will connect to host + cluster ConnectionTypeDirect means direct connection, this requires kubeconfig + and kubesphere apiserver endpoint provided ConnectionTypeProxy + means using kubesphere proxy, no kubeconfig or kubesphere apiserver + endpoint required + type: string + type: object + enable: + description: Desired state of the cluster + type: boolean + joinFederation: + description: Join cluster as a kubefed cluster + type: boolean + provider: + description: Provider of the cluster, this field is just for description + type: string + type: object + status: + properties: + conditions: + description: Represents the latest available observations of a cluster's + current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of the condition + type: string + required: + - status + - type + type: object + type: array + configz: + additionalProperties: + type: boolean + description: Configz is status of components enabled in the member cluster. + This is synchronized with member cluster every amount of time, like + 5 minutes. + type: object + kubernetesVersion: + description: GitVersion of the kubernetes cluster, this field is populated + by cluster controller + type: string + nodeCount: + description: Count of the kubernetes cluster nodes This field may not + reflect the instant status of the cluster. + type: integer + region: + description: Region is the name of the region in which all of the nodes + in the cluster exist. e.g. 'us-east1'. + type: string + zones: + description: Zones are the names of availability zones in which the + nodes of the cluster exist, e.g. 'us-east1-a'. + items: + type: string + type: array + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/config/crds/devops.kubesphere.io_devopsprojects.yaml b/config/crds/devops.kubesphere.io_devopsprojects.yaml index d5efd628..e0e6e0cd 100644 --- a/config/crds/devops.kubesphere.io_devopsprojects.yaml +++ b/config/crds/devops.kubesphere.io_devopsprojects.yaml @@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: (unknown) + controller-gen.kubebuilder.io/version: (devel) creationTimestamp: null name: devopsprojects.devops.kubesphere.io spec: diff --git a/config/crds/devops.kubesphere.io_pipelines.yaml b/config/crds/devops.kubesphere.io_pipelines.yaml index e6e28277..1d3df2fa 100644 --- a/config/crds/devops.kubesphere.io_pipelines.yaml +++ b/config/crds/devops.kubesphere.io_pipelines.yaml @@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: (unknown) + controller-gen.kubebuilder.io/version: (devel) creationTimestamp: null name: pipelines.devops.kubesphere.io spec: diff --git a/config/crds/devops.kubesphere.io_s2ibinaries.yaml b/config/crds/devops.kubesphere.io_s2ibinaries.yaml index 1c0dba8b..01658d5f 100644 --- a/config/crds/devops.kubesphere.io_s2ibinaries.yaml +++ b/config/crds/devops.kubesphere.io_s2ibinaries.yaml @@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: (unknown) + controller-gen.kubebuilder.io/version: (devel) creationTimestamp: null name: s2ibinaries.devops.kubesphere.io spec: diff --git a/config/crds/devops.kubesphere.io_s2ibuilders.yaml b/config/crds/devops.kubesphere.io_s2ibuilders.yaml index cdd428f6..54df7a1c 100644 --- a/config/crds/devops.kubesphere.io_s2ibuilders.yaml +++ b/config/crds/devops.kubesphere.io_s2ibuilders.yaml @@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: (unknown) + controller-gen.kubebuilder.io/version: (devel) creationTimestamp: null name: s2ibuilders.devops.kubesphere.io spec: diff --git a/config/crds/devops.kubesphere.io_s2ibuildertemplates.yaml b/config/crds/devops.kubesphere.io_s2ibuildertemplates.yaml index 69d21089..50f0a4fe 100644 --- a/config/crds/devops.kubesphere.io_s2ibuildertemplates.yaml +++ b/config/crds/devops.kubesphere.io_s2ibuildertemplates.yaml @@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: (unknown) + controller-gen.kubebuilder.io/version: (devel) creationTimestamp: null name: s2ibuildertemplates.devops.kubesphere.io spec: diff --git a/config/crds/devops.kubesphere.io_s2iruns.yaml b/config/crds/devops.kubesphere.io_s2iruns.yaml index af43f1f1..492908cd 100644 --- a/config/crds/devops.kubesphere.io_s2iruns.yaml +++ b/config/crds/devops.kubesphere.io_s2iruns.yaml @@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: (unknown) + controller-gen.kubebuilder.io/version: (devel) creationTimestamp: null name: s2iruns.devops.kubesphere.io spec: diff --git a/config/crds/iam.kubesphere.io_federatedclusterrolebindings.yaml b/config/crds/iam.kubesphere.io_federatedclusterrolebindings.yaml new file mode 100644 index 00000000..8e08f25c --- /dev/null +++ b/config/crds/iam.kubesphere.io_federatedclusterrolebindings.yaml @@ -0,0 +1,125 @@ + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: (devel) + creationTimestamp: null + name: federatedclusterrolebindings.iam.kubesphere.io +spec: + group: iam.kubesphere.io + names: + kind: FederatedClusterRoleBinding + listKind: FederatedClusterRoleBindingList + plural: federatedclusterrolebindings + singular: federatedclusterrolebinding + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + placement: + properties: + clusterSelector: + properties: + matchLabels: + additionalProperties: + type: string + type: object + type: object + clusters: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + type: object + template: + properties: + roleRef: + description: RoleRef contains information that points to the role + being used + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - apiGroup + - kind + - name + type: object + subjects: + items: + description: Subject contains a reference to the object or user + identities a role binding applies to. This can either hold + a direct API object reference, or a value for non-objects such + as user and group names. + properties: + apiGroup: + description: APIGroup holds the API group of the referenced + subject. Defaults to "" for ServiceAccount subjects. Defaults + to "rbac.authorization.k8s.io" for User and Group subjects. + type: string + kind: + description: Kind of object being referenced. Values defined + by this API group are "User", "Group", and "ServiceAccount". + If the Authorizer does not recognized the kind value, the + Authorizer should report an error. + type: string + name: + description: Name of the object being referenced. + type: string + namespace: + description: Namespace of the referenced object. If the object + kind is non-namespace, such as "User" or "Group", and this + value is not empty the Authorizer should report an error. + type: string + required: + - kind + - name + type: object + type: array + required: + - roleRef + type: object + required: + - placement + - template + type: object + required: + - spec + type: object + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/config/crds/network.kubesphere.io_namespacenetworkpolicies.yaml b/config/crds/network.kubesphere.io_namespacenetworkpolicies.yaml index 36ce1b4e..e827a6e9 100644 --- a/config/crds/network.kubesphere.io_namespacenetworkpolicies.yaml +++ b/config/crds/network.kubesphere.io_namespacenetworkpolicies.yaml @@ -1,3 +1,4 @@ + --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition @@ -10,12 +11,12 @@ spec: group: network.kubesphere.io names: categories: - - networking + - networking kind: NamespaceNetworkPolicy listKind: NamespaceNetworkPolicyList plural: namespacenetworkpolicies shortNames: - - nsnp + - nsnp singular: namespacenetworkpolicy scope: Namespaced validation: @@ -36,7 +37,8 @@ spec: metadata: type: object spec: - description: NetworkPolicySpec provides the specification of a NetworkPolicy + description: NamespaceNetworkPolicySpec provides the specification of a + NamespaceNetworkPolicy properties: egress: description: List of egress rules to be applied to the selected pods. @@ -66,8 +68,8 @@ spec: properties: port: anyOf: - - type: integer - - type: string + - type: integer + - type: string description: The port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. @@ -108,21 +110,14 @@ spec: type: string type: array required: - - cidr + - cidr type: object namespace: - description: "Selects Namespaces using cluster-scoped labels. - This field follows standard label selector semantics; - if present but empty, it selects all namespaces. \n If - PodSelector is also set, then the NetworkPolicyPeer as - a whole selects the Pods matching PodSelector in the Namespaces - selected by NamespaceSelector. Otherwise it selects all - Pods in the Namespaces selected by NamespaceSelector." properties: name: type: string required: - - name + - name type: object service: properties: @@ -131,8 +126,8 @@ spec: namespace: type: string required: - - name - - namespace + - name + - namespace type: object type: object type: array @@ -182,21 +177,14 @@ spec: type: string type: array required: - - cidr + - cidr type: object namespace: - description: "Selects Namespaces using cluster-scoped labels. - This field follows standard label selector semantics; - if present but empty, it selects all namespaces. \n If - PodSelector is also set, then the NetworkPolicyPeer as - a whole selects the Pods matching PodSelector in the Namespaces - selected by NamespaceSelector. Otherwise it selects all - Pods in the Namespaces selected by NamespaceSelector." properties: name: type: string required: - - name + - name type: object service: properties: @@ -205,8 +193,8 @@ spec: namespace: type: string required: - - name - - namespace + - name + - namespace type: object type: object type: array @@ -224,8 +212,8 @@ spec: properties: port: anyOf: - - type: integer - - type: string + - type: integer + - type: string description: The port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. @@ -260,9 +248,9 @@ spec: type: object version: v1alpha1 versions: - - name: v1alpha1 - served: true - storage: true + - name: v1alpha1 + served: true + storage: true status: acceptedNames: kind: "" diff --git a/config/crds/servicemesh.kubesphere.io_servicepolicies.yaml b/config/crds/servicemesh.kubesphere.io_servicepolicies.yaml new file mode 100644 index 00000000..252260dc --- /dev/null +++ b/config/crds/servicemesh.kubesphere.io_servicepolicies.yaml @@ -0,0 +1,1605 @@ + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: (devel) + creationTimestamp: null + name: servicepolicies.servicemesh.kubesphere.io +spec: + group: servicemesh.kubesphere.io + names: + kind: ServicePolicy + listKind: ServicePolicyList + plural: servicepolicies + singular: servicepolicy + scope: Namespaced + validation: + openAPIV3Schema: + description: ServicePolicy is the Schema for the servicepolicies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServicePolicySpec defines the desired state of ServicePolicy + properties: + selector: + description: Label selector for destination rules. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + template: + description: Template used to create a destination rule + properties: + metadata: + description: Metadata of the virtual services created from this + template + type: object + spec: + description: Spec indicates the behavior of a destination rule. + properties: + export_to: + description: "A list of namespaces to which this destination + rule is exported. The resolution of a destination rule to + apply to a service occurs in the context of a hierarchy of + namespaces. Exporting a destination rule allows it to be included + in the resolution hierarchy for services in other namespaces. + This feature provides a mechanism for service owners and mesh + administrators to control the visibility of destination rules + across namespace boundaries. \n If no namespaces are specified + then the destination rule is exported to all namespaces by + default. \n The value \".\" is reserved and defines an export + to the same namespace that the destination rule is declared + in. Similarly, the value \"*\" is reserved and defines an + export to all namespaces. \n NOTE: in the current release, + the `exportTo` value is restricted to \".\" or \"*\" (i.e., + the current namespace or all namespaces)." + items: + type: string + type: array + host: + description: "The name of a service from the service registry. + Service names are looked up from the platform's service registry + (e.g., Kubernetes services, Consul services, etc.) and from + the hosts declared by [ServiceEntries](https://istio.io/docs/reference/config/networking/service-entry/#ServiceEntry). + Rules defined for services that do not exist in the service + registry will be ignored. \n *Note for Kubernetes users*: + When short names are used (e.g. \"reviews\" instead of \"reviews.default.svc.cluster.local\"), + Istio will interpret the short name based on the namespace + of the rule, not the service. A rule in the \"default\" namespace + containing a host \"reviews\" will be interpreted as \"reviews.default.svc.cluster.local\", + irrespective of the actual namespace associated with the reviews + service. _To avoid potential misconfigurations, it is recommended + to always use fully qualified domain names over short names._ + \n Note that the host field applies to both HTTP and TCP services." + type: string + subsets: + description: One or more named sets that represent individual + versions of a service. Traffic policies can be overridden + at subset level. + items: + description: "A subset of endpoints of a service. Subsets + can be used for scenarios like A/B testing, or routing to + a specific version of a service. Refer to [VirtualService](https://istio.io/docs/reference/config/networking/virtual-service/#VirtualService) + documentation for examples of using subsets in these scenarios. + In addition, traffic policies defined at the service-level + can be overridden at a subset-level. The following rule + uses a round robin load balancing policy for all traffic + going to a subset named testversion that is composed of + endpoints (e.g., pods) with labels (version:v3). \n ```yaml + apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule + metadata: name: bookinfo-ratings spec: host: ratings.prod.svc.cluster.local + \ trafficPolicy: loadBalancer: simple: LEAST_CONN + \ subsets: - name: testversion labels: version: + v3 trafficPolicy: loadBalancer: simple: + ROUND_ROBIN ``` \n **Note:** Policies specified for subsets + will not take effect until a route rule explicitly sends + traffic to this subset. \n One or more labels are typically + required to identify the subset destination, however, when + the corresponding DestinationRule represents a host that + supports multiple SNI hosts (e.g., an egress gateway), a + subset without labels may be meaningful. In this case a + traffic policy with [TLSSettings](#TLSSettings) can be used + to identify a specific SNI host corresponding to the named + subset." + properties: + labels: + additionalProperties: + type: string + description: Labels apply a filter over the endpoints + of a service in the service registry. See route rules + for examples of usage. + type: object + name: + description: Name of the subset. The service name and + the subset name can be used for traffic splitting in + a route rule. + type: string + traffic_policy: + description: Traffic policies that apply to this subset. + Subsets inherit the traffic policies specified at the + DestinationRule level. Settings specified at the subset + level will override the corresponding settings specified + at the DestinationRule level. + properties: + connection_pool: + description: Settings controlling the volume of connections + to an upstream service + properties: + http: + description: HTTP connection pool settings. + properties: + h2_upgrade_policy: + description: Specify if http1.1 connection + should be upgraded to http2 for the associated + destination. + format: int32 + type: integer + http1_max_pending_requests: + description: Maximum number of pending HTTP + requests to a destination. Default 2^32-1. + format: int32 + type: integer + http2_max_requests: + description: Maximum number of requests to + a backend. Default 2^32-1. + format: int32 + type: integer + idle_timeout: + description: The idle timeout for upstream + connection pool connections. The idle timeout + is defined as the period in which there + are no active requests. If not set, there + is no idle timeout. When the idle timeout + is reached the connection will be closed. + Note that request based timeouts mean that + HTTP/2 PINGs will not keep the connection + alive. Applies to both HTTP1.1 and HTTP2 + connections. + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span + of time. Durations less than one second + are represented with a 0 `seconds` field + and a positive or negative `nanos` field. + For durations of one second or more, + a non-zero value for the `nanos` field + must be of the same sign as the `seconds` + field. Must be from -999,999,999 to + +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span + of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + max_requests_per_connection: + description: Maximum number of requests per + connection to a backend. Setting this parameter + to 1 disables keep alive. Default 0, meaning + "unlimited", up to 2^29. + format: int32 + type: integer + max_retries: + description: Maximum number of retries that + can be outstanding to all hosts in a cluster + at a given time. Defaults to 2^32-1. + format: int32 + type: integer + type: object + tcp: + description: Settings common to both HTTP and + TCP upstream connections. + properties: + connect_timeout: + description: TCP connection timeout. + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span + of time. Durations less than one second + are represented with a 0 `seconds` field + and a positive or negative `nanos` field. + For durations of one second or more, + a non-zero value for the `nanos` field + must be of the same sign as the `seconds` + field. Must be from -999,999,999 to + +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span + of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + max_connections: + description: Maximum number of HTTP1 /TCP + connections to a destination host. Default + 2^32-1. + format: int32 + type: integer + tcp_keepalive: + description: If set then set SO_KEEPALIVE + on the socket to enable TCP Keepalives. + properties: + interval: + description: The time duration between + keep-alive probes. Default is to use + the OS level configuration (unless overridden, + Linux defaults to 75s.) + properties: + nanos: + description: Signed fractions of a + second at nanosecond resolution + of the span of time. Durations less + than one second are represented + with a 0 `seconds` field and a positive + or negative `nanos` field. For durations + of one second or more, a non-zero + value for the `nanos` field must + be of the same sign as the `seconds` + field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the + span of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + probes: + description: Maximum number of keepalive + probes to send without response before + deciding the connection is dead. Default + is to use the OS level configuration + (unless overridden, Linux defaults to + 9.) + format: int32 + type: integer + time: + description: The time duration a connection + needs to be idle before keep-alive probes + start being sent. Default is to use + the OS level configuration (unless overridden, + Linux defaults to 7200s (ie 2 hours.) + properties: + nanos: + description: Signed fractions of a + second at nanosecond resolution + of the span of time. Durations less + than one second are represented + with a 0 `seconds` field and a positive + or negative `nanos` field. For durations + of one second or more, a non-zero + value for the `nanos` field must + be of the same sign as the `seconds` + field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the + span of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + type: object + type: object + type: object + load_balancer: + description: Settings controlling the load balancer + algorithms. + type: object + outlier_detection: + description: Settings controlling eviction of unhealthy + hosts from the load balancing pool + properties: + base_ejection_time: + description: 'Minimum ejection duration. A host + will remain ejected for a period equal to the + product of minimum ejection duration and the + number of times the host has been ejected. This + technique allows the system to automatically + increase the ejection period for unhealthy upstream + servers. format: 1h/1m/1s/1ms. MUST BE >=1ms. + Default is 30s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span of + time. Durations less than one second are + represented with a 0 `seconds` field and + a positive or negative `nanos` field. For + durations of one second or more, a non-zero + value for the `nanos` field must be of the + same sign as the `seconds` field. Must be + from -999,999,999 to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of + time. Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + consecutive_errors: + description: Number of errors before a host is + ejected from the connection pool. Defaults to + 5. When the upstream host is accessed over HTTP, + a 502, 503, or 504 return code qualifies as + an error. When the upstream host is accessed + over an opaque TCP connection, connect timeouts + and connection error/failure events qualify + as an error. + format: int32 + type: integer + interval: + description: 'Time interval between ejection sweep + analysis. format: 1h/1m/1s/1ms. MUST BE >=1ms. + Default is 10s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span of + time. Durations less than one second are + represented with a 0 `seconds` field and + a positive or negative `nanos` field. For + durations of one second or more, a non-zero + value for the `nanos` field must be of the + same sign as the `seconds` field. Must be + from -999,999,999 to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of + time. Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + max_ejection_percent: + description: Maximum % of hosts in the load balancing + pool for the upstream service that can be ejected. + Defaults to 10%. + format: int32 + type: integer + min_health_percent: + description: Outlier detection will be enabled + as long as the associated load balancing pool + has at least min_health_percent hosts in healthy + mode. When the percentage of healthy hosts in + the load balancing pool drops below this threshold, + outlier detection will be disabled and the proxy + will load balance across all hosts in the pool + (healthy and unhealthy). The threshold can be + disabled by setting it to 0%. The default is + 0% as it's not typically applicable in k8s environments + with few pods per service. + format: int32 + type: integer + type: object + port_level_settings: + description: Traffic policies specific to individual + ports. Note that port level settings will override + the destination-level settings. Traffic settings + specified at the destination-level will not be inherited + when overridden by port-level settings, i.e. default + values will be applied to fields omitted in port-level + traffic policies. + items: + description: Traffic policies that apply to specific + ports of the service + properties: + connection_pool: + description: Settings controlling the volume + of connections to an upstream service + properties: + http: + description: HTTP connection pool settings. + properties: + h2_upgrade_policy: + description: Specify if http1.1 connection + should be upgraded to http2 for the + associated destination. + format: int32 + type: integer + http1_max_pending_requests: + description: Maximum number of pending + HTTP requests to a destination. Default + 2^32-1. + format: int32 + type: integer + http2_max_requests: + description: Maximum number of requests + to a backend. Default 2^32-1. + format: int32 + type: integer + idle_timeout: + description: The idle timeout for upstream + connection pool connections. The idle + timeout is defined as the period in + which there are no active requests. + If not set, there is no idle timeout. + When the idle timeout is reached the + connection will be closed. Note that + request based timeouts mean that HTTP/2 + PINGs will not keep the connection + alive. Applies to both HTTP1.1 and + HTTP2 connections. + properties: + nanos: + description: Signed fractions of + a second at nanosecond resolution + of the span of time. Durations + less than one second are represented + with a 0 `seconds` field and a + positive or negative `nanos` field. + For durations of one second or + more, a non-zero value for the + `nanos` field must be of the same + sign as the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of + the span of time. Must be from + -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds + are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object + max_requests_per_connection: + description: Maximum number of requests + per connection to a backend. Setting + this parameter to 1 disables keep + alive. Default 0, meaning "unlimited", + up to 2^29. + format: int32 + type: integer + max_retries: + description: Maximum number of retries + that can be outstanding to all hosts + in a cluster at a given time. Defaults + to 2^32-1. + format: int32 + type: integer + type: object + tcp: + description: Settings common to both HTTP + and TCP upstream connections. + properties: + connect_timeout: + description: TCP connection timeout. + properties: + nanos: + description: Signed fractions of + a second at nanosecond resolution + of the span of time. Durations + less than one second are represented + with a 0 `seconds` field and a + positive or negative `nanos` field. + For durations of one second or + more, a non-zero value for the + `nanos` field must be of the same + sign as the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of + the span of time. Must be from + -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds + are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object + max_connections: + description: Maximum number of HTTP1 + /TCP connections to a destination + host. Default 2^32-1. + format: int32 + type: integer + tcp_keepalive: + description: If set then set SO_KEEPALIVE + on the socket to enable TCP Keepalives. + properties: + interval: + description: The time duration between + keep-alive probes. Default is + to use the OS level configuration + (unless overridden, Linux defaults + to 75s.) + properties: + nanos: + description: Signed fractions + of a second at nanosecond + resolution of the span of + time. Durations less than + one second are represented + with a 0 `seconds` field and + a positive or negative `nanos` + field. For durations of one + second or more, a non-zero + value for the `nanos` field + must be of the same sign as + the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds + of the span of time. Must + be from -315,576,000,000 to + +315,576,000,000 inclusive. + Note: these bounds are computed + from: 60 sec/min * 60 min/hr + * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + probes: + description: Maximum number of keepalive + probes to send without response + before deciding the connection + is dead. Default is to use the + OS level configuration (unless + overridden, Linux defaults to + 9.) + format: int32 + type: integer + time: + description: The time duration a + connection needs to be idle before + keep-alive probes start being + sent. Default is to use the OS + level configuration (unless overridden, + Linux defaults to 7200s (ie 2 + hours.) + properties: + nanos: + description: Signed fractions + of a second at nanosecond + resolution of the span of + time. Durations less than + one second are represented + with a 0 `seconds` field and + a positive or negative `nanos` + field. For durations of one + second or more, a non-zero + value for the `nanos` field + must be of the same sign as + the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds + of the span of time. Must + be from -315,576,000,000 to + +315,576,000,000 inclusive. + Note: these bounds are computed + from: 60 sec/min * 60 min/hr + * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + type: object + type: object + type: object + load_balancer: + description: Settings controlling the load balancer + algorithms. + type: object + outlier_detection: + description: Settings controlling eviction of + unhealthy hosts from the load balancing pool + properties: + base_ejection_time: + description: 'Minimum ejection duration. + A host will remain ejected for a period + equal to the product of minimum ejection + duration and the number of times the host + has been ejected. This technique allows + the system to automatically increase the + ejection period for unhealthy upstream + servers. format: 1h/1m/1s/1ms. MUST BE + >=1ms. Default is 30s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span + of time. Durations less than one second + are represented with a 0 `seconds` + field and a positive or negative `nanos` + field. For durations of one second + or more, a non-zero value for the + `nanos` field must be of the same + sign as the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the + span of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * + 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + consecutive_errors: + description: Number of errors before a host + is ejected from the connection pool. Defaults + to 5. When the upstream host is accessed + over HTTP, a 502, 503, or 504 return code + qualifies as an error. When the upstream + host is accessed over an opaque TCP connection, + connect timeouts and connection error/failure + events qualify as an error. + format: int32 + type: integer + interval: + description: 'Time interval between ejection + sweep analysis. format: 1h/1m/1s/1ms. + MUST BE >=1ms. Default is 10s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span + of time. Durations less than one second + are represented with a 0 `seconds` + field and a positive or negative `nanos` + field. For durations of one second + or more, a non-zero value for the + `nanos` field must be of the same + sign as the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the + span of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * + 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + max_ejection_percent: + description: Maximum % of hosts in the load + balancing pool for the upstream service + that can be ejected. Defaults to 10%. + format: int32 + type: integer + min_health_percent: + description: Outlier detection will be enabled + as long as the associated load balancing + pool has at least min_health_percent hosts + in healthy mode. When the percentage of + healthy hosts in the load balancing pool + drops below this threshold, outlier detection + will be disabled and the proxy will load + balance across all hosts in the pool (healthy + and unhealthy). The threshold can be disabled + by setting it to 0%. The default is 0% + as it's not typically applicable in k8s + environments with few pods per service. + format: int32 + type: integer + type: object + port: + description: Specifies the number of a port + on the destination service on which this policy + is being applied. + properties: + number: + description: Valid port number + format: int32 + type: integer + type: object + tls: + description: TLS related settings for connections + to the upstream service. + properties: + ca_certificates: + description: 'OPTIONAL: The path to the + file containing certificate authority + certificates to use in verifying a presented + server certificate. If omitted, the proxy + will not verify the server''s certificate. + Should be empty if mode is `ISTIO_MUTUAL`.' + type: string + client_certificate: + description: REQUIRED if mode is `MUTUAL`. + The path to the file holding the client-side + TLS certificate to use. Should be empty + if mode is `ISTIO_MUTUAL`. + type: string + mode: + description: Indicates whether connections + to this port should be secured using TLS. + The value of this field determines how + TLS is enforced. + format: int32 + type: integer + private_key: + description: REQUIRED if mode is `MUTUAL`. + The path to the file holding the client's + private key. Should be empty if mode is + `ISTIO_MUTUAL`. + type: string + sni: + description: SNI string to present to the + server during TLS handshake. + type: string + subject_alt_names: + description: A list of alternate names to + verify the subject identity in the certificate. + If specified, the proxy will verify that + the server certificate's subject alt name + matches one of the specified values. If + specified, this list overrides the value + of subject_alt_names from the ServiceEntry. + items: + type: string + type: array + type: object + type: object + type: array + tls: + description: TLS related settings for connections + to the upstream service. + properties: + ca_certificates: + description: 'OPTIONAL: The path to the file containing + certificate authority certificates to use in + verifying a presented server certificate. If + omitted, the proxy will not verify the server''s + certificate. Should be empty if mode is `ISTIO_MUTUAL`.' + type: string + client_certificate: + description: REQUIRED if mode is `MUTUAL`. The + path to the file holding the client-side TLS + certificate to use. Should be empty if mode + is `ISTIO_MUTUAL`. + type: string + mode: + description: Indicates whether connections to + this port should be secured using TLS. The value + of this field determines how TLS is enforced. + format: int32 + type: integer + private_key: + description: REQUIRED if mode is `MUTUAL`. The + path to the file holding the client's private + key. Should be empty if mode is `ISTIO_MUTUAL`. + type: string + sni: + description: SNI string to present to the server + during TLS handshake. + type: string + subject_alt_names: + description: A list of alternate names to verify + the subject identity in the certificate. If + specified, the proxy will verify that the server + certificate's subject alt name matches one of + the specified values. If specified, this list + overrides the value of subject_alt_names from + the ServiceEntry. + items: + type: string + type: array + type: object + type: object + type: object + type: array + traffic_policy: + description: Traffic policies to apply (load balancing policy, + connection pool sizes, outlier detection). + properties: + connection_pool: + description: Settings controlling the volume of connections + to an upstream service + properties: + http: + description: HTTP connection pool settings. + properties: + h2_upgrade_policy: + description: Specify if http1.1 connection should + be upgraded to http2 for the associated destination. + format: int32 + type: integer + http1_max_pending_requests: + description: Maximum number of pending HTTP requests + to a destination. Default 2^32-1. + format: int32 + type: integer + http2_max_requests: + description: Maximum number of requests to a backend. + Default 2^32-1. + format: int32 + type: integer + idle_timeout: + description: The idle timeout for upstream connection + pool connections. The idle timeout is defined + as the period in which there are no active requests. + If not set, there is no idle timeout. When the + idle timeout is reached the connection will be + closed. Note that request based timeouts mean + that HTTP/2 PINGs will not keep the connection + alive. Applies to both HTTP1.1 and HTTP2 connections. + properties: + nanos: + description: Signed fractions of a second at + nanosecond resolution of the span of time. + Durations less than one second are represented + with a 0 `seconds` field and a positive or + negative `nanos` field. For durations of one + second or more, a non-zero value for the `nanos` + field must be of the same sign as the `seconds` + field. Must be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of + time. Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day * + 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + max_requests_per_connection: + description: Maximum number of requests per connection + to a backend. Setting this parameter to 1 disables + keep alive. Default 0, meaning "unlimited", up + to 2^29. + format: int32 + type: integer + max_retries: + description: Maximum number of retries that can + be outstanding to all hosts in a cluster at a + given time. Defaults to 2^32-1. + format: int32 + type: integer + type: object + tcp: + description: Settings common to both HTTP and TCP upstream + connections. + properties: + connect_timeout: + description: TCP connection timeout. + properties: + nanos: + description: Signed fractions of a second at + nanosecond resolution of the span of time. + Durations less than one second are represented + with a 0 `seconds` field and a positive or + negative `nanos` field. For durations of one + second or more, a non-zero value for the `nanos` + field must be of the same sign as the `seconds` + field. Must be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of + time. Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day * + 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + max_connections: + description: Maximum number of HTTP1 /TCP connections + to a destination host. Default 2^32-1. + format: int32 + type: integer + tcp_keepalive: + description: If set then set SO_KEEPALIVE on the + socket to enable TCP Keepalives. + properties: + interval: + description: The time duration between keep-alive + probes. Default is to use the OS level configuration + (unless overridden, Linux defaults to 75s.) + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span of + time. Durations less than one second are + represented with a 0 `seconds` field and + a positive or negative `nanos` field. + For durations of one second or more, a + non-zero value for the `nanos` field must + be of the same sign as the `seconds` field. + Must be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span + of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: these + bounds are computed from: 60 sec/min * + 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + probes: + description: Maximum number of keepalive probes + to send without response before deciding the + connection is dead. Default is to use the + OS level configuration (unless overridden, + Linux defaults to 9.) + format: int32 + type: integer + time: + description: The time duration a connection + needs to be idle before keep-alive probes + start being sent. Default is to use the OS + level configuration (unless overridden, Linux + defaults to 7200s (ie 2 hours.) + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span of + time. Durations less than one second are + represented with a 0 `seconds` field and + a positive or negative `nanos` field. + For durations of one second or more, a + non-zero value for the `nanos` field must + be of the same sign as the `seconds` field. + Must be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span + of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: these + bounds are computed from: 60 sec/min * + 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + type: object + type: object + type: object + load_balancer: + description: Settings controlling the load balancer algorithms. + type: object + outlier_detection: + description: Settings controlling eviction of unhealthy + hosts from the load balancing pool + properties: + base_ejection_time: + description: 'Minimum ejection duration. A host will + remain ejected for a period equal to the product of + minimum ejection duration and the number of times + the host has been ejected. This technique allows the + system to automatically increase the ejection period + for unhealthy upstream servers. format: 1h/1m/1s/1ms. + MUST BE >=1ms. Default is 30s.' + properties: + nanos: + description: Signed fractions of a second at nanosecond + resolution of the span of time. Durations less + than one second are represented with a 0 `seconds` + field and a positive or negative `nanos` field. + For durations of one second or more, a non-zero + value for the `nanos` field must be of the same + sign as the `seconds` field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of time. + Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + consecutive_errors: + description: Number of errors before a host is ejected + from the connection pool. Defaults to 5. When the + upstream host is accessed over HTTP, a 502, 503, or + 504 return code qualifies as an error. When the upstream + host is accessed over an opaque TCP connection, connect + timeouts and connection error/failure events qualify + as an error. + format: int32 + type: integer + interval: + description: 'Time interval between ejection sweep analysis. + format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s.' + properties: + nanos: + description: Signed fractions of a second at nanosecond + resolution of the span of time. Durations less + than one second are represented with a 0 `seconds` + field and a positive or negative `nanos` field. + For durations of one second or more, a non-zero + value for the `nanos` field must be of the same + sign as the `seconds` field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of time. + Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + max_ejection_percent: + description: Maximum % of hosts in the load balancing + pool for the upstream service that can be ejected. + Defaults to 10%. + format: int32 + type: integer + min_health_percent: + description: Outlier detection will be enabled as long + as the associated load balancing pool has at least + min_health_percent hosts in healthy mode. When the + percentage of healthy hosts in the load balancing + pool drops below this threshold, outlier detection + will be disabled and the proxy will load balance across + all hosts in the pool (healthy and unhealthy). The + threshold can be disabled by setting it to 0%. The + default is 0% as it's not typically applicable in + k8s environments with few pods per service. + format: int32 + type: integer + type: object + port_level_settings: + description: Traffic policies specific to individual ports. + Note that port level settings will override the destination-level + settings. Traffic settings specified at the destination-level + will not be inherited when overridden by port-level settings, + i.e. default values will be applied to fields omitted + in port-level traffic policies. + items: + description: Traffic policies that apply to specific ports + of the service + properties: + connection_pool: + description: Settings controlling the volume of connections + to an upstream service + properties: + http: + description: HTTP connection pool settings. + properties: + h2_upgrade_policy: + description: Specify if http1.1 connection + should be upgraded to http2 for the associated + destination. + format: int32 + type: integer + http1_max_pending_requests: + description: Maximum number of pending HTTP + requests to a destination. Default 2^32-1. + format: int32 + type: integer + http2_max_requests: + description: Maximum number of requests to + a backend. Default 2^32-1. + format: int32 + type: integer + idle_timeout: + description: The idle timeout for upstream + connection pool connections. The idle timeout + is defined as the period in which there + are no active requests. If not set, there + is no idle timeout. When the idle timeout + is reached the connection will be closed. + Note that request based timeouts mean that + HTTP/2 PINGs will not keep the connection + alive. Applies to both HTTP1.1 and HTTP2 + connections. + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span + of time. Durations less than one second + are represented with a 0 `seconds` field + and a positive or negative `nanos` field. + For durations of one second or more, + a non-zero value for the `nanos` field + must be of the same sign as the `seconds` + field. Must be from -999,999,999 to + +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span + of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + max_requests_per_connection: + description: Maximum number of requests per + connection to a backend. Setting this parameter + to 1 disables keep alive. Default 0, meaning + "unlimited", up to 2^29. + format: int32 + type: integer + max_retries: + description: Maximum number of retries that + can be outstanding to all hosts in a cluster + at a given time. Defaults to 2^32-1. + format: int32 + type: integer + type: object + tcp: + description: Settings common to both HTTP and + TCP upstream connections. + properties: + connect_timeout: + description: TCP connection timeout. + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span + of time. Durations less than one second + are represented with a 0 `seconds` field + and a positive or negative `nanos` field. + For durations of one second or more, + a non-zero value for the `nanos` field + must be of the same sign as the `seconds` + field. Must be from -999,999,999 to + +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span + of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + max_connections: + description: Maximum number of HTTP1 /TCP + connections to a destination host. Default + 2^32-1. + format: int32 + type: integer + tcp_keepalive: + description: If set then set SO_KEEPALIVE + on the socket to enable TCP Keepalives. + properties: + interval: + description: The time duration between + keep-alive probes. Default is to use + the OS level configuration (unless overridden, + Linux defaults to 75s.) + properties: + nanos: + description: Signed fractions of a + second at nanosecond resolution + of the span of time. Durations less + than one second are represented + with a 0 `seconds` field and a positive + or negative `nanos` field. For durations + of one second or more, a non-zero + value for the `nanos` field must + be of the same sign as the `seconds` + field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the + span of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + probes: + description: Maximum number of keepalive + probes to send without response before + deciding the connection is dead. Default + is to use the OS level configuration + (unless overridden, Linux defaults to + 9.) + format: int32 + type: integer + time: + description: The time duration a connection + needs to be idle before keep-alive probes + start being sent. Default is to use + the OS level configuration (unless overridden, + Linux defaults to 7200s (ie 2 hours.) + properties: + nanos: + description: Signed fractions of a + second at nanosecond resolution + of the span of time. Durations less + than one second are represented + with a 0 `seconds` field and a positive + or negative `nanos` field. For durations + of one second or more, a non-zero + value for the `nanos` field must + be of the same sign as the `seconds` + field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the + span of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + type: object + type: object + type: object + load_balancer: + description: Settings controlling the load balancer + algorithms. + type: object + outlier_detection: + description: Settings controlling eviction of unhealthy + hosts from the load balancing pool + properties: + base_ejection_time: + description: 'Minimum ejection duration. A host + will remain ejected for a period equal to the + product of minimum ejection duration and the + number of times the host has been ejected. This + technique allows the system to automatically + increase the ejection period for unhealthy upstream + servers. format: 1h/1m/1s/1ms. MUST BE >=1ms. + Default is 30s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span of + time. Durations less than one second are + represented with a 0 `seconds` field and + a positive or negative `nanos` field. For + durations of one second or more, a non-zero + value for the `nanos` field must be of the + same sign as the `seconds` field. Must be + from -999,999,999 to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of + time. Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + consecutive_errors: + description: Number of errors before a host is + ejected from the connection pool. Defaults to + 5. When the upstream host is accessed over HTTP, + a 502, 503, or 504 return code qualifies as + an error. When the upstream host is accessed + over an opaque TCP connection, connect timeouts + and connection error/failure events qualify + as an error. + format: int32 + type: integer + interval: + description: 'Time interval between ejection sweep + analysis. format: 1h/1m/1s/1ms. MUST BE >=1ms. + Default is 10s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span of + time. Durations less than one second are + represented with a 0 `seconds` field and + a positive or negative `nanos` field. For + durations of one second or more, a non-zero + value for the `nanos` field must be of the + same sign as the `seconds` field. Must be + from -999,999,999 to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of + time. Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + max_ejection_percent: + description: Maximum % of hosts in the load balancing + pool for the upstream service that can be ejected. + Defaults to 10%. + format: int32 + type: integer + min_health_percent: + description: Outlier detection will be enabled + as long as the associated load balancing pool + has at least min_health_percent hosts in healthy + mode. When the percentage of healthy hosts in + the load balancing pool drops below this threshold, + outlier detection will be disabled and the proxy + will load balance across all hosts in the pool + (healthy and unhealthy). The threshold can be + disabled by setting it to 0%. The default is + 0% as it's not typically applicable in k8s environments + with few pods per service. + format: int32 + type: integer + type: object + port: + description: Specifies the number of a port on the + destination service on which this policy is being + applied. + properties: + number: + description: Valid port number + format: int32 + type: integer + type: object + tls: + description: TLS related settings for connections + to the upstream service. + properties: + ca_certificates: + description: 'OPTIONAL: The path to the file containing + certificate authority certificates to use in + verifying a presented server certificate. If + omitted, the proxy will not verify the server''s + certificate. Should be empty if mode is `ISTIO_MUTUAL`.' + type: string + client_certificate: + description: REQUIRED if mode is `MUTUAL`. The + path to the file holding the client-side TLS + certificate to use. Should be empty if mode + is `ISTIO_MUTUAL`. + type: string + mode: + description: Indicates whether connections to + this port should be secured using TLS. The value + of this field determines how TLS is enforced. + format: int32 + type: integer + private_key: + description: REQUIRED if mode is `MUTUAL`. The + path to the file holding the client's private + key. Should be empty if mode is `ISTIO_MUTUAL`. + type: string + sni: + description: SNI string to present to the server + during TLS handshake. + type: string + subject_alt_names: + description: A list of alternate names to verify + the subject identity in the certificate. If + specified, the proxy will verify that the server + certificate's subject alt name matches one of + the specified values. If specified, this list + overrides the value of subject_alt_names from + the ServiceEntry. + items: + type: string + type: array + type: object + type: object + type: array + tls: + description: TLS related settings for connections to the + upstream service. + properties: + ca_certificates: + description: 'OPTIONAL: The path to the file containing + certificate authority certificates to use in verifying + a presented server certificate. If omitted, the proxy + will not verify the server''s certificate. Should + be empty if mode is `ISTIO_MUTUAL`.' + type: string + client_certificate: + description: REQUIRED if mode is `MUTUAL`. The path + to the file holding the client-side TLS certificate + to use. Should be empty if mode is `ISTIO_MUTUAL`. + type: string + mode: + description: Indicates whether connections to this port + should be secured using TLS. The value of this field + determines how TLS is enforced. + format: int32 + type: integer + private_key: + description: REQUIRED if mode is `MUTUAL`. The path + to the file holding the client's private key. Should + be empty if mode is `ISTIO_MUTUAL`. + type: string + sni: + description: SNI string to present to the server during + TLS handshake. + type: string + subject_alt_names: + description: A list of alternate names to verify the + subject identity in the certificate. If specified, + the proxy will verify that the server certificate's + subject alt name matches one of the specified values. + If specified, this list overrides the value of subject_alt_names + from the ServiceEntry. + items: + type: string + type: array + type: object + type: object + type: object + type: object + type: object + status: + description: ServicePolicyStatus defines the observed state of ServicePolicy + properties: + completionTime: + description: Represents time when the strategy was completed. It is + represented in RFC3339 form and is in UTC. + format: date-time + type: string + conditions: + description: The latest available observations of an object's current + state. + items: + description: StrategyCondition describes current state of a strategy. + properties: + lastProbeTime: + description: Last time the condition was checked. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transit from one status to + another + format: date-time + type: string + message: + description: Human readable message indicating details about last + transition. + type: string + reason: + description: reason for the condition's last transition + type: string + status: + description: Status of the condition, one of True, False, Unknown + type: string + type: + description: Type of strategy condition, Complete or Failed. + type: string + type: object + type: array + startTime: + description: Represents time when the strategy was acknowledged by the + controller. It is represented in RFC3339 form and is in UTC. + format: date-time + type: string + type: object + type: object + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/config/crds/servicemesh.kubesphere.io_strategies.yaml b/config/crds/servicemesh.kubesphere.io_strategies.yaml new file mode 100644 index 00000000..a02650a3 --- /dev/null +++ b/config/crds/servicemesh.kubesphere.io_strategies.yaml @@ -0,0 +1,1166 @@ + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: (devel) + creationTimestamp: null + name: strategies.servicemesh.kubesphere.io +spec: + additionalPrinterColumns: + - JSONPath: .spec.type + description: type of strategy + name: Type + type: string + - JSONPath: .spec.template.spec.hosts + description: destination hosts + name: Hosts + type: string + - JSONPath: .metadata.creationTimestamp + description: 'CreationTimestamp is a timestamp representing the server time when + this object was created. It is not guaranteed to be set in happens-before order + across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for + lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata' + name: Age + type: date + group: servicemesh.kubesphere.io + names: + kind: Strategy + listKind: StrategyList + plural: strategies + singular: strategy + scope: Namespaced + subresources: {} + validation: + openAPIV3Schema: + description: Strategy is the Schema for the strategies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: StrategySpec defines the desired state of Strategy + properties: + governor: + description: Governor version, the version takes control of all incoming + traffic label version value + type: string + principal: + description: Principal version, the one as reference version label version + value + type: string + selector: + description: Label selector for virtual services. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + strategyPolicy: + description: strategy policy, how the strategy will be applied by the + strategy controller + type: string + template: + description: Template describes the virtual service that will be created. + properties: + metadata: + description: Metadata of the virtual services created from this + template + type: object + spec: + description: Spec indicates the behavior of a virtual service. + properties: + export_to: + description: "A list of namespaces to which this virtual service + is exported. Exporting a virtual service allows it to be used + by sidecars and gateways defined in other namespaces. This + feature provides a mechanism for service owners and mesh administrators + to control the visibility of virtual services across namespace + boundaries. \n If no namespaces are specified then the virtual + service is exported to all namespaces by default. \n The value + \".\" is reserved and defines an export to the same namespace + that the virtual service is declared in. Similarly the value + \"*\" is reserved and defines an export to all namespaces. + \n NOTE: in the current release, the `exportTo` value is restricted + to \".\" or \"*\" (i.e., the current namespace or all namespaces)." + items: + type: string + type: array + gateways: + description: The names of gateways and sidecars that should + apply these routes. A single VirtualService is used for sidecars + inside the mesh as well as for one or more gateways. The selection + condition imposed by this field can be overridden using the + source field in the match conditions of protocol-specific + routes. The reserved word `mesh` is used to imply all the + sidecars in the mesh. When this field is omitted, the default + gateway (`mesh`) will be used, which would apply the rule + to all sidecars in the mesh. If a list of gateway names is + provided, the rules will apply only to the gateways. To apply + the rules to both gateways and sidecars, specify `mesh` as + one of the gateway names. + items: + type: string + type: array + hosts: + description: "The destination hosts to which traffic is being + sent. Could be a DNS name with wildcard prefix or an IP address. + \ Depending on the platform, short-names can also be used + instead of a FQDN (i.e. has no dots in the name). In such + a scenario, the FQDN of the host would be derived based on + the underlying platform. \n A single VirtualService can be + used to describe all the traffic properties of the corresponding + hosts, including those for multiple HTTP and TCP ports. Alternatively, + the traffic properties of a host can be defined using more + than one VirtualService, with certain caveats. Refer to the + [Operations Guide](https://istio.io/docs/ops/traffic-management/deploy-guidelines/#multiple-virtual-services-and-destination-rules-for-the-same-host) + for details. \n *Note for Kubernetes users*: When short names + are used (e.g. \"reviews\" instead of \"reviews.default.svc.cluster.local\"), + Istio will interpret the short name based on the namespace + of the rule, not the service. A rule in the \"default\" namespace + containing a host \"reviews\" will be interpreted as \"reviews.default.svc.cluster.local\", + irrespective of the actual namespace associated with the reviews + service. _To avoid potential misconfigurations, it is recommended + to always use fully qualified domain names over short names._ + \n The hosts field applies to both HTTP and TCP services. + Service inside the mesh, i.e., those found in the service + registry, must always be referred to using their alphanumeric + names. IP addresses are allowed only for services defined + via the Gateway." + items: + type: string + type: array + http: + description: An ordered list of route rules for HTTP traffic. + HTTP routes will be applied to platform service ports named + 'http-*'/'http2-*'/'grpc-*', gateway ports with protocol HTTP/HTTP2/GRPC/ + TLS-terminated-HTTPS and service entry ports using HTTP/HTTP2/GRPC + protocols. The first rule matching an incoming request is + used. + items: + description: Describes match conditions and actions for routing + HTTP/1.1, HTTP2, and gRPC traffic. See VirtualService for + usage examples. + properties: + append_headers: + additionalProperties: + type: string + description: $hide_from_docs + type: object + append_request_headers: + additionalProperties: + type: string + description: $hide_from_docs + type: object + append_response_headers: + additionalProperties: + type: string + description: $hide_from_docs + type: object + cors_policy: + description: Cross-Origin Resource Sharing policy (CORS). + Refer to [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) + for further details about cross origin resource sharing. + properties: + allow_credentials: + description: Indicates whether the caller is allowed + to send the actual request (not the preflight) using + credentials. Translates to `Access-Control-Allow-Credentials` + header. + properties: + value: + description: The bool value. + type: boolean + type: object + allow_headers: + description: List of HTTP headers that can be used + when requesting the resource. Serialized to Access-Control-Allow-Headers + header. + items: + type: string + type: array + allow_methods: + description: List of HTTP methods allowed to access + the resource. The content will be serialized into + the Access-Control-Allow-Methods header. + items: + type: string + type: array + allow_origin: + description: The list of origins that are allowed + to perform CORS requests. The content will be serialized + into the Access-Control-Allow-Origin header. Wildcard + * will allow all origins. + items: + type: string + type: array + expose_headers: + description: A white list of HTTP headers that the + browsers are allowed to access. Serialized into + Access-Control-Expose-Headers header. + items: + type: string + type: array + max_age: + description: Specifies how long the results of a preflight + request can be cached. Translates to the `Access-Control-Max-Age` + header. + properties: + nanos: + description: Signed fractions of a second at nanosecond + resolution of the span of time. Durations less + than one second are represented with a 0 `seconds` + field and a positive or negative `nanos` field. + For durations of one second or more, a non-zero + value for the `nanos` field must be of the same + sign as the `seconds` field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of time. + Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object + type: object + fault: + description: Fault injection policy to apply on HTTP traffic + at the client side. Note that timeouts or retries will + not be enabled when faults are enabled on the client + side. + properties: + abort: + description: Abort Http request attempts and return + error codes back to downstream service, giving the + impression that the upstream service is faulty. + properties: + percent: + description: Percentage of requests to be aborted + with the error code provided (0-100). Use of + integer `percent` value is deprecated. Use the + double `percentage` field instead. + format: int32 + type: integer + percentage: + description: Percentage of requests to be aborted + with the error code provided. + properties: + value: {} + type: object + type: object + delay: + description: Delay requests before forwarding, emulating + various failures such as network issues, overloaded + upstream service, etc. + properties: + percent: + description: Percentage of requests on which the + delay will be injected (0-100). Use of integer + `percent` value is deprecated. Use the double + `percentage` field instead. + format: int32 + type: integer + percentage: + description: Percentage of requests on which the + delay will be injected. + properties: + value: {} + type: object + type: object + type: object + headers: + description: Header manipulation rules + properties: + request: + description: Header manipulation rules to apply before + forwarding a request to the destination service + properties: + add: + additionalProperties: + type: string + description: Append the given values to the headers + specified by keys (will create a comma-separated + list of values) + type: object + remove: + description: Remove a the specified headers + items: + type: string + type: array + set: + additionalProperties: + type: string + description: Overwrite the headers specified by + key with the given values + type: object + type: object + response: + description: Header manipulation rules to apply before + returning a response to the caller + properties: + add: + additionalProperties: + type: string + description: Append the given values to the headers + specified by keys (will create a comma-separated + list of values) + type: object + remove: + description: Remove a the specified headers + items: + type: string + type: array + set: + additionalProperties: + type: string + description: Overwrite the headers specified by + key with the given values + type: object + type: object + type: object + match: + description: Match conditions to be satisfied for the + rule to be activated. All conditions inside a single + match block have AND semantics, while the list of match + blocks have OR semantics. The rule is matched if any + one of the match blocks succeed. + items: + description: "HttpMatchRequest specifies a set of criterion + to be met in order for the rule to be applied to the + HTTP request. For example, the following restricts + the rule to match only requests where the URL path + starts with /ratings/v2/ and the request contains + a custom `end-user` header with value `jason`. \n + ```yaml apiVersion: networking.istio.io/v1alpha3 kind: + VirtualService metadata: name: ratings-route spec: + \ hosts: - ratings.prod.svc.cluster.local http: + \ - match: - headers: end-user: exact: + jason uri: prefix: \"/ratings/v2/\" + \ ignoreUriCase: true route: - destination: + \ host: ratings.prod.svc.cluster.local ``` + \n HTTPMatchRequest CANNOT be empty." + properties: + authority: + description: "HTTP Authority values are case-sensitive + and formatted as follows: \n - `exact: \"value\"` + for exact string match \n - `prefix: \"value\"` + for prefix-based match \n - `regex: \"value\"` + for ECMAscript style regex-based match" + type: object + gateways: + description: $hide_from_docs + items: + type: string + type: array + headers: + description: "The header keys must be lowercase + and use hyphen as the separator, e.g. _x-request-id_. + \n Header values are case-sensitive and formatted + as follows: \n - `exact: \"value\"` for exact + string match \n - `prefix: \"value\"` for prefix-based + match \n - `regex: \"value\"` for ECMAscript style + regex-based match \n **Note:** The keys `uri`, + `scheme`, `method`, and `authority` will be ignored." + ignore_uri_case: + description: "Flag to specify whether the URI matching + should be case-insensitive. \n **Note:** The case + will be ignored only in the case of `exact` and + `prefix` URI matches." + type: boolean + method: + description: "HTTP Method values are case-sensitive + and formatted as follows: \n - `exact: \"value\"` + for exact string match \n - `prefix: \"value\"` + for prefix-based match \n - `regex: \"value\"` + for ECMAscript style regex-based match" + type: object + name: + description: The name assigned to a match. The match's + name will be concatenated with the parent route's + name and will be logged in the access logs for + requests matching this route. + type: string + port: + description: Specifies the ports on the host that + is being addressed. Many services only expose + a single port or label ports with the protocols + they support, in these cases it is not required + to explicitly select the port. + format: int32 + type: integer + query_params: + description: "Query parameters for matching. \n + Ex: - For a query parameter like \"?key=true\", + the map key would be \"key\" and the string + match could be defined as `exact: \"true\"`. - + For a query parameter like \"?key\", the map key + would be \"key\" and the string match could + be defined as `exact: \"\"`. - For a query parameter + like \"?key=123\", the map key would be \"key\" + and the string match could be defined as `regex: + \"\\d+$\"`. Note that this configuration will + only match values like \"123\" but not \"a123\" + or \"123a\". \n **Note:** `prefix` matching is + currently not supported." + scheme: + description: "URI Scheme values are case-sensitive + and formatted as follows: \n - `exact: \"value\"` + for exact string match \n - `prefix: \"value\"` + for prefix-based match \n - `regex: \"value\"` + for ECMAscript style regex-based match" + type: object + source_labels: + additionalProperties: + type: string + description: One or more labels that constrain the + applicability of a rule to workloads with the + given labels. If the VirtualService has a list + of gateways specified at the top, it must include + the reserved gateway `mesh` for this field to + be applicable. + type: object + uri: + description: "URI to match values are case-sensitive + and formatted as follows: \n - `exact: \"value\"` + for exact string match \n - `prefix: \"value\"` + for prefix-based match \n - `regex: \"value\"` + for ECMAscript style regex-based match \n **Note:** + Case-insensitive matching could be enabled via + the `ignore_uri_case` flag." + type: object + type: object + type: array + mirror: + description: Mirror HTTP traffic to a another destination + in addition to forwarding the requests to the intended + destination. Mirrored traffic is on a best effort basis + where the sidecar/gateway will not wait for the mirrored + cluster to respond before returning the response from + the original destination. Statistics will be generated + for the mirrored destination. + properties: + host: + description: "The name of a service from the service + registry. Service names are looked up from the platform's + service registry (e.g., Kubernetes services, Consul + services, etc.) and from the hosts declared by [ServiceEntry](https://istio.io/docs/reference/config/networking/service-entry/#ServiceEntry). + Traffic forwarded to destinations that are not found + in either of the two, will be dropped. \n *Note + for Kubernetes users*: When short names are used + (e.g. \"reviews\" instead of \"reviews.default.svc.cluster.local\"), + Istio will interpret the short name based on the + namespace of the rule, not the service. A rule in + the \"default\" namespace containing a host \"reviews + will be interpreted as \"reviews.default.svc.cluster.local\", + irrespective of the actual namespace associated + with the reviews service. _To avoid potential misconfigurations, + it is recommended to always use fully qualified + domain names over short names._" + type: string + port: + description: Specifies the port on the host that is + being addressed. If a service exposes only a single + port it is not required to explicitly select the + port. + properties: + number: + description: Valid port number + format: int32 + type: integer + type: object + subset: + description: The name of a subset within the service. + Applicable only to services within the mesh. The + subset must be defined in a corresponding DestinationRule. + type: string + type: object + mirror_percent: + description: Percentage of the traffic to be mirrored + by the `mirror` field. If this field is absent, all + the traffic (100%) will be mirrored. Max value is 100. + properties: + value: + description: The uint32 value. + format: int32 + type: integer + type: object + name: + description: The name assigned to the route for debugging + purposes. The route's name will be concatenated with + the match's name and will be logged in the access logs + for requests matching this route/match. + type: string + redirect: + description: A http rule can either redirect or forward + (default) traffic. If traffic passthrough option is + specified in the rule, route/redirect will be ignored. + The redirect primitive can be used to send a HTTP 301 + redirect to a different URI or Authority. + properties: + authority: + description: On a redirect, overwrite the Authority/Host + portion of the URL with this value. + type: string + redirect_code: + description: On a redirect, Specifies the HTTP status + code to use in the redirect response. The default + response code is MOVED_PERMANENTLY (301). + format: int32 + type: integer + uri: + description: On a redirect, overwrite the Path portion + of the URL with this value. Note that the entire + path will be replaced, irrespective of the request + URI being matched as an exact path or prefix. + type: string + type: object + remove_request_headers: + description: $hide_from_docs + items: + type: string + type: array + remove_response_headers: + description: $hide_from_docs + items: + type: string + type: array + retries: + description: Retry policy for HTTP requests. + properties: + attempts: + description: Number of retries for a given request. + The interval between retries will be determined + automatically (25ms+). Actual number of retries + attempted depends on the httpReqTimeout. + format: int32 + type: integer + per_try_timeout: + description: 'Timeout per retry attempt for a given + request. format: 1h/1m/1s/1ms. MUST BE >=1ms.' + properties: + nanos: + description: Signed fractions of a second at nanosecond + resolution of the span of time. Durations less + than one second are represented with a 0 `seconds` + field and a positive or negative `nanos` field. + For durations of one second or more, a non-zero + value for the `nanos` field must be of the same + sign as the `seconds` field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of time. + Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object + retry_on: + description: Specifies the conditions under which + retry takes place. One or more policies can be specified + using a ‘,’ delimited list. See the [retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on) + and [gRPC retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on) + for more details. + type: string + type: object + rewrite: + description: Rewrite HTTP URIs and Authority headers. + Rewrite cannot be used with Redirect primitive. Rewrite + will be performed before forwarding. + properties: + authority: + description: rewrite the Authority/Host header with + this value. + type: string + uri: + description: rewrite the path (or the prefix) portion + of the URI with this value. If the original URI + was matched based on prefix, the value provided + in this field will replace the corresponding matched + prefix. + type: string + type: object + route: + description: A http rule can either redirect or forward + (default) traffic. The forwarding target can be one + of several versions of a service (see glossary in beginning + of document). Weights associated with the service version + determine the proportion of traffic it receives. + items: + description: "Each routing rule is associated with one + or more service versions (see glossary in beginning + of document). Weights associated with the version + determine the proportion of traffic it receives. For + example, the following rule will route 25% of traffic + for the \"reviews\" service to instances with the + \"v2\" tag and the remaining traffic (i.e., 75%) to + \"v1\". \n ```yaml apiVersion: networking.istio.io/v1alpha3 + kind: VirtualService metadata: name: reviews-route + spec: hosts: - reviews.prod.svc.cluster.local + \ http: - route: - destination: host: + reviews.prod.svc.cluster.local subset: v2 + \ weight: 25 - destination: host: + reviews.prod.svc.cluster.local subset: v1 + \ weight: 75 ``` \n And the associated DestinationRule + \n ```yaml apiVersion: networking.istio.io/v1alpha3 + kind: DestinationRule metadata: name: reviews-destination + spec: host: reviews.prod.svc.cluster.local subsets: + \ - name: v1 labels: version: v1 - name: + v2 labels: version: v2 ``` \n Traffic can + also be split across two entirely different services + without having to define new subsets. For example, + the following rule forwards 25% of traffic to reviews.com + to dev.reviews.com \n ```yaml apiVersion: networking.istio.io/v1alpha3 + kind: VirtualService metadata: name: reviews-route-two-domains + spec: hosts: - reviews.com http: - route: + \ - destination: host: dev.reviews.com + \ weight: 25 - destination: host: + reviews.com weight: 75 ```" + properties: + append_request_headers: + additionalProperties: + type: string + description: Use of `append_request_headers` is + deprecated. Use the `headers` field instead. + type: object + append_response_headers: + additionalProperties: + type: string + description: Use of `append_response_headers` is + deprecated. Use the `headers` field instead. + type: object + destination: + description: Destination uniquely identifies the + instances of a service to which the request/connection + should be forwarded to. + properties: + host: + description: "The name of a service from the + service registry. Service names are looked + up from the platform's service registry (e.g., + Kubernetes services, Consul services, etc.) + and from the hosts declared by [ServiceEntry](https://istio.io/docs/reference/config/networking/service-entry/#ServiceEntry). + Traffic forwarded to destinations that are + not found in either of the two, will be dropped. + \n *Note for Kubernetes users*: When short + names are used (e.g. \"reviews\" instead of + \"reviews.default.svc.cluster.local\"), Istio + will interpret the short name based on the + namespace of the rule, not the service. A + rule in the \"default\" namespace containing + a host \"reviews will be interpreted as \"reviews.default.svc.cluster.local\", + irrespective of the actual namespace associated + with the reviews service. _To avoid potential + misconfigurations, it is recommended to always + use fully qualified domain names over short + names._" + type: string + port: + description: Specifies the port on the host + that is being addressed. If a service exposes + only a single port it is not required to explicitly + select the port. + properties: + number: + description: Valid port number + format: int32 + type: integer + type: object + subset: + description: The name of a subset within the + service. Applicable only to services within + the mesh. The subset must be defined in a + corresponding DestinationRule. + type: string + type: object + headers: + description: Header manipulation rules + properties: + request: + description: Header manipulation rules to apply + before forwarding a request to the destination + service + properties: + add: + additionalProperties: + type: string + description: Append the given values to + the headers specified by keys (will create + a comma-separated list of values) + type: object + remove: + description: Remove a the specified headers + items: + type: string + type: array + set: + additionalProperties: + type: string + description: Overwrite the headers specified + by key with the given values + type: object + type: object + response: + description: Header manipulation rules to apply + before returning a response to the caller + properties: + add: + additionalProperties: + type: string + description: Append the given values to + the headers specified by keys (will create + a comma-separated list of values) + type: object + remove: + description: Remove a the specified headers + items: + type: string + type: array + set: + additionalProperties: + type: string + description: Overwrite the headers specified + by key with the given values + type: object + type: object + type: object + remove_request_headers: + description: Use of `remove_request_headers` is + deprecated. Use the `headers` field instead. + items: + type: string + type: array + remove_response_headers: + description: Use of `remove_response_header` is + deprecated. Use the `headers` field instead. + items: + type: string + type: array + weight: + description: The proportion of traffic to be forwarded + to the service version. (0-100). Sum of weights + across destinations SHOULD BE == 100. If there + is only one destination in a rule, the weight + value is assumed to be 100. + format: int32 + type: integer + type: object + type: array + timeout: + description: Timeout for HTTP requests. + properties: + nanos: + description: Signed fractions of a second at nanosecond + resolution of the span of time. Durations less than + one second are represented with a 0 `seconds` field + and a positive or negative `nanos` field. For durations + of one second or more, a non-zero value for the + `nanos` field must be of the same sign as the `seconds` + field. Must be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of time. + Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + websocket_upgrade: + description: Deprecated. Websocket upgrades are done automatically + starting from Istio 1.0. $hide_from_docs + type: boolean + type: object + type: array + tcp: + description: An ordered list of route rules for opaque TCP traffic. + TCP routes will be applied to any port that is not a HTTP + or TLS port. The first rule matching an incoming request is + used. + items: + description: "Describes match conditions and actions for routing + TCP traffic. The following routing rule forwards traffic + arriving at port 27017 for mongo.prod.svc.cluster.local + to another Mongo server on port 5555. \n ```yaml apiVersion: + networking.istio.io/v1alpha3 kind: VirtualService metadata: + \ name: bookinfo-Mongo spec: hosts: - mongo.prod.svc.cluster.local + \ tcp: - match: - port: 27017 route: - destination: + \ host: mongo.backup.svc.cluster.local port: + \ number: 5555 ```" + properties: + match: + description: Match conditions to be satisfied for the + rule to be activated. All conditions inside a single + match block have AND semantics, while the list of match + blocks have OR semantics. The rule is matched if any + one of the match blocks succeed. + items: + description: L4 connection match attributes. Note that + L4 connection matching support is incomplete. + properties: + destination_subnets: + description: IPv4 or IPv6 ip addresses of destination + with optional subnet. E.g., a.b.c.d/xx form or + just a.b.c.d. + items: + type: string + type: array + gateways: + description: Names of gateways where the rule should + be applied to. Gateway names at the top of the + VirtualService (if any) are overridden. The gateway + match is independent of sourceLabels. + items: + type: string + type: array + port: + description: Specifies the port on the host that + is being addressed. Many services only expose + a single port or label ports with the protocols + they support, in these cases it is not required + to explicitly select the port. + format: int32 + type: integer + source_labels: + additionalProperties: + type: string + description: One or more labels that constrain the + applicability of a rule to workloads with the + given labels. If the VirtualService has a list + of gateways specified at the top, it should include + the reserved gateway `mesh` in order for this + field to be applicable. + type: object + source_subnet: + description: IPv4 or IPv6 ip address of source with + optional subnet. E.g., a.b.c.d/xx form or just + a.b.c.d $hide_from_docs + type: string + type: object + type: array + route: + description: The destination to which the connection should + be forwarded to. + items: + description: L4 routing rule weighted destination. + properties: + destination: + description: Destination uniquely identifies the + instances of a service to which the request/connection + should be forwarded to. + properties: + host: + description: "The name of a service from the + service registry. Service names are looked + up from the platform's service registry (e.g., + Kubernetes services, Consul services, etc.) + and from the hosts declared by [ServiceEntry](https://istio.io/docs/reference/config/networking/service-entry/#ServiceEntry). + Traffic forwarded to destinations that are + not found in either of the two, will be dropped. + \n *Note for Kubernetes users*: When short + names are used (e.g. \"reviews\" instead of + \"reviews.default.svc.cluster.local\"), Istio + will interpret the short name based on the + namespace of the rule, not the service. A + rule in the \"default\" namespace containing + a host \"reviews will be interpreted as \"reviews.default.svc.cluster.local\", + irrespective of the actual namespace associated + with the reviews service. _To avoid potential + misconfigurations, it is recommended to always + use fully qualified domain names over short + names._" + type: string + port: + description: Specifies the port on the host + that is being addressed. If a service exposes + only a single port it is not required to explicitly + select the port. + properties: + number: + description: Valid port number + format: int32 + type: integer + type: object + subset: + description: The name of a subset within the + service. Applicable only to services within + the mesh. The subset must be defined in a + corresponding DestinationRule. + type: string + type: object + weight: + description: The proportion of traffic to be forwarded + to the service version. If there is only one destination + in a rule, all traffic will be routed to it irrespective + of the weight. + format: int32 + type: integer + type: object + type: array + type: object + type: array + tls: + description: 'An ordered list of route rule for non-terminated + TLS & HTTPS traffic. Routing is typically performed using + the SNI value presented by the ClientHello message. TLS routes + will be applied to platform service ports named ''https-*'', + ''tls-*'', unterminated gateway ports using HTTPS/TLS protocols + (i.e. with "passthrough" TLS mode) and service entry ports + using HTTPS/TLS protocols. The first rule matching an incoming + request is used. NOTE: Traffic ''https-*'' or ''tls-*'' ports + without associated virtual service will be treated as opaque + TCP traffic.' + items: + description: "Describes match conditions and actions for routing + unterminated TLS traffic (TLS/HTTPS) The following routing + rule forwards unterminated TLS traffic arriving at port + 443 of gateway called \"mygateway\" to internal services + in the mesh based on the SNI value. \n ```yaml apiVersion: + networking.istio.io/v1alpha3 kind: VirtualService metadata: + \ name: bookinfo-sni spec: hosts: - \"*.bookinfo.com\" + \ gateways: - mygateway tls: - match: - port: + 443 sniHosts: - login.bookinfo.com route: + \ - destination: host: login.prod.svc.cluster.local + \ - match: - port: 443 sniHosts: - reviews.bookinfo.com + \ route: - destination: host: reviews.prod.svc.cluster.local + ```" + properties: + match: + description: Match conditions to be satisfied for the + rule to be activated. All conditions inside a single + match block have AND semantics, while the list of match + blocks have OR semantics. The rule is matched if any + one of the match blocks succeed. + items: + description: TLS connection match attributes. + properties: + destination_subnets: + description: IPv4 or IPv6 ip addresses of destination + with optional subnet. E.g., a.b.c.d/xx form or + just a.b.c.d. + items: + type: string + type: array + gateways: + description: Names of gateways where the rule should + be applied to. Gateway names at the top of the + VirtualService (if any) are overridden. The gateway + match is independent of sourceLabels. + items: + type: string + type: array + port: + description: Specifies the port on the host that + is being addressed. Many services only expose + a single port or label ports with the protocols + they support, in these cases it is not required + to explicitly select the port. + format: int32 + type: integer + sni_hosts: + description: SNI (server name indicator) to match + on. Wildcard prefixes can be used in the SNI value, + e.g., *.com will match foo.example.com as well + as example.com. An SNI value must be a subset + (i.e., fall within the domain) of the corresponding + virtual serivce's hosts. + items: + type: string + type: array + source_labels: + additionalProperties: + type: string + description: One or more labels that constrain the + applicability of a rule to workloads with the + given labels. If the VirtualService has a list + of gateways specified at the top, it should include + the reserved gateway `mesh` in order for this + field to be applicable. + type: object + source_subnet: + description: IPv4 or IPv6 ip address of source with + optional subnet. E.g., a.b.c.d/xx form or just + a.b.c.d $hide_from_docs + type: string + type: object + type: array + route: + description: The destination to which the connection should + be forwarded to. + items: + description: L4 routing rule weighted destination. + properties: + destination: + description: Destination uniquely identifies the + instances of a service to which the request/connection + should be forwarded to. + properties: + host: + description: "The name of a service from the + service registry. Service names are looked + up from the platform's service registry (e.g., + Kubernetes services, Consul services, etc.) + and from the hosts declared by [ServiceEntry](https://istio.io/docs/reference/config/networking/service-entry/#ServiceEntry). + Traffic forwarded to destinations that are + not found in either of the two, will be dropped. + \n *Note for Kubernetes users*: When short + names are used (e.g. \"reviews\" instead of + \"reviews.default.svc.cluster.local\"), Istio + will interpret the short name based on the + namespace of the rule, not the service. A + rule in the \"default\" namespace containing + a host \"reviews will be interpreted as \"reviews.default.svc.cluster.local\", + irrespective of the actual namespace associated + with the reviews service. _To avoid potential + misconfigurations, it is recommended to always + use fully qualified domain names over short + names._" + type: string + port: + description: Specifies the port on the host + that is being addressed. If a service exposes + only a single port it is not required to explicitly + select the port. + properties: + number: + description: Valid port number + format: int32 + type: integer + type: object + subset: + description: The name of a subset within the + service. Applicable only to services within + the mesh. The subset must be defined in a + corresponding DestinationRule. + type: string + type: object + weight: + description: The proportion of traffic to be forwarded + to the service version. If there is only one destination + in a rule, all traffic will be routed to it irrespective + of the weight. + format: int32 + type: integer + type: object + type: array + type: object + type: array + type: object + type: object + type: + description: Strategy type + type: string + type: object + status: + description: StrategyStatus defines the observed state of Strategy + properties: + completionTime: + description: Represents time when the strategy was completed. It is + represented in RFC3339 form and is in UTC. + format: date-time + type: string + conditions: + description: The latest available observations of an object's current + state. + items: + description: StrategyCondition describes current state of a strategy. + properties: + lastProbeTime: + description: Last time the condition was checked. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transit from one status to + another + format: date-time + type: string + message: + description: Human readable message indicating details about last + transition. + type: string + reason: + description: reason for the condition's last transition + type: string + status: + description: Status of the condition, one of True, False, Unknown + type: string + type: + description: Type of strategy condition, Complete or Failed. + type: string + type: object + type: array + startTime: + description: Represents time when the strategy was acknowledged by the + controller. It is represented in RFC3339 form and is in UTC. + format: date-time + type: string + type: object + type: object + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/config/crds/servicemesh_v1alpha2_servicepolicy.yaml b/config/crds/servicemesh_v1alpha2_servicepolicy.yaml deleted file mode 100644 index 845381e3..00000000 --- a/config/crds/servicemesh_v1alpha2_servicepolicy.yaml +++ /dev/null @@ -1,863 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: servicepolicies.servicemesh.kubesphere.io -spec: - group: servicemesh.kubesphere.io - names: - kind: ServicePolicy - plural: servicepolicies - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - selector: - description: Label selector for destination rules. - type: object - template: - description: Template used to create a destination rule - properties: - spec: - description: Spec indicates the behavior of a destination rule. - properties: - host: - description: 'REQUIRED. The name of a service from the service - registry. Service names are looked up from the platform''s - service registry (e.g., Kubernetes services, Consul services, - etc.) and from the hosts declared by [ServiceEntries](#ServiceEntry). - Rules defined for services that do not exist in the service - registry will be ignored. *Note for Kubernetes users*: When - short names are used (e.g. "reviews" instead of "reviews.default.svc.cluster.local"), - Istio will interpret the short name based on the namespace - of the rule, not the service. A rule in the "default" namespace - containing a host "reviews will be interpreted as "reviews.default.svc.cluster.local", - irrespective of the actual namespace associated with the reviews - service. _To avoid potential misconfigurations, it is recommended - to always use fully qualified domain names over short names._ Note - that the host field applies to both HTTP and TCP services.' - type: string - subsets: - description: One or more named sets that represent individual - versions of a service. Traffic policies can be overridden - at subset level. - items: - properties: - labels: - description: REQUIRED. Labels apply a filter over the - endpoints of a service in the service registry. See - route rules for examples of usage. - type: object - name: - description: REQUIRED. Name of the subset. The service - name and the subset name can be used for traffic splitting - in a route rule. - type: string - trafficPolicy: - description: Traffic policies that apply to this subset. - Subsets inherit the traffic policies specified at the - DestinationRule level. Settings specified at the subset - level will override the corresponding settings specified - at the DestinationRule level. - properties: - connectionPool: - description: Settings controlling the volume of connections - to an upstream service - properties: - http: - description: HTTP connection pool settings. - properties: - http1MaxPendingRequests: - description: Maximum number of pending HTTP - requests to a destination. Default 1024. - format: int32 - type: integer - http2MaxRequests: - description: Maximum number of requests to - a backend. Default 1024. - format: int32 - type: integer - maxRequestsPerConnection: - description: Maximum number of requests per - connection to a backend. Setting this parameter - to 1 disables keep alive. - format: int32 - type: integer - maxRetries: - description: Maximum number of retries that - can be outstanding to all hosts in a cluster - at a given time. Defaults to 3. - format: int32 - type: integer - type: object - tcp: - description: Settings common to both HTTP and - TCP upstream connections. - properties: - connectTimeout: - description: TCP connection timeout. - type: string - maxConnections: - description: Maximum number of HTTP1 /TCP - connections to a destination host. - format: int32 - type: integer - type: object - type: object - loadBalancer: - description: Settings controlling the load balancer - algorithms. - properties: - consistentHash: - properties: - httpCookie: - description: Hash based on HTTP cookie. - properties: - name: - description: REQUIRED. Name of the cookie. - type: string - path: - description: Path to set for the cookie. - type: string - ttl: - description: REQUIRED. Lifetime of the - cookie. - type: string - required: - - name - - ttl - type: object - httpHeaderName: - description: 'It is required to specify exactly - one of the fields as hash key: HttpHeaderName, - HttpCookie, or UseSourceIP. Hash based on - a specific HTTP header.' - type: string - minimumRingSize: - description: The minimum number of virtual - nodes to use for the hash ring. Defaults - to 1024. Larger ring sizes result in more - granular load distributions. If the number - of hosts in the load balancing pool is larger - than the ring size, each host will be assigned - a single virtual node. - format: int64 - type: integer - useSourceIp: - description: Hash based on the source IP address. - type: boolean - type: object - simple: - description: 'It is required to specify exactly - one of the fields: Simple or ConsistentHash' - type: string - type: object - outlierDetection: - description: Settings controlling eviction of unhealthy - hosts from the load balancing pool - properties: - baseEjectionTime: - description: 'Minimum ejection duration. A host - will remain ejected for a period equal to the - product of minimum ejection duration and the - number of times the host has been ejected. This - technique allows the system to automatically - increase the ejection period for unhealthy upstream - servers. format: 1h/1m/1s/1ms. MUST BE >=1ms. - Default is 30s.' - type: string - consecutiveErrors: - description: Number of errors before a host is - ejected from the connection pool. Defaults to - 5. When the upstream host is accessed over HTTP, - a 5xx return code qualifies as an error. When - the upstream host is accessed over an opaque - TCP connection, connect timeouts and connection - error/failure events qualify as an error. - format: int32 - type: integer - interval: - description: 'Time interval between ejection sweep - analysis. format: 1h/1m/1s/1ms. MUST BE >=1ms. - Default is 10s.' - type: string - maxEjectionPercent: - description: Maximum % of hosts in the load balancing - pool for the upstream service that can be ejected. - Defaults to 10%. - format: int32 - type: integer - type: object - portLevelSettings: - description: Traffic policies specific to individual - ports. Note that port level settings will override - the destination-level settings. Traffic settings - specified at the destination-level will not be inherited - when overridden by port-level settings, i.e. default - values will be applied to fields omitted in port-level - traffic policies. - items: - properties: - connectionPool: - description: Settings controlling the volume - of connections to an upstream service - properties: - http: - description: HTTP connection pool settings. - properties: - http1MaxPendingRequests: - description: Maximum number of pending - HTTP requests to a destination. Default - 1024. - format: int32 - type: integer - http2MaxRequests: - description: Maximum number of requests - to a backend. Default 1024. - format: int32 - type: integer - maxRequestsPerConnection: - description: Maximum number of requests - per connection to a backend. Setting - this parameter to 1 disables keep - alive. - format: int32 - type: integer - maxRetries: - description: Maximum number of retries - that can be outstanding to all hosts - in a cluster at a given time. Defaults - to 3. - format: int32 - type: integer - type: object - tcp: - description: Settings common to both HTTP - and TCP upstream connections. - properties: - connectTimeout: - description: TCP connection timeout. - type: string - maxConnections: - description: Maximum number of HTTP1 - /TCP connections to a destination - host. - format: int32 - type: integer - type: object - type: object - loadBalancer: - description: Settings controlling the load balancer - algorithms. - properties: - consistentHash: - properties: - httpCookie: - description: Hash based on HTTP cookie. - properties: - name: - description: REQUIRED. Name of the - cookie. - type: string - path: - description: Path to set for the - cookie. - type: string - ttl: - description: REQUIRED. Lifetime - of the cookie. - type: string - required: - - name - - ttl - type: object - httpHeaderName: - description: 'It is required to specify - exactly one of the fields as hash - key: HttpHeaderName, HttpCookie, or - UseSourceIP. Hash based on a specific - HTTP header.' - type: string - minimumRingSize: - description: The minimum number of virtual - nodes to use for the hash ring. Defaults - to 1024. Larger ring sizes result - in more granular load distributions. - If the number of hosts in the load - balancing pool is larger than the - ring size, each host will be assigned - a single virtual node. - format: int64 - type: integer - useSourceIp: - description: Hash based on the source - IP address. - type: boolean - type: object - simple: - description: 'It is required to specify - exactly one of the fields: Simple or ConsistentHash' - type: string - type: object - outlierDetection: - description: Settings controlling eviction of - unhealthy hosts from the load balancing pool - properties: - baseEjectionTime: - description: 'Minimum ejection duration. - A host will remain ejected for a period - equal to the product of minimum ejection - duration and the number of times the host - has been ejected. This technique allows - the system to automatically increase the - ejection period for unhealthy upstream - servers. format: 1h/1m/1s/1ms. MUST BE - >=1ms. Default is 30s.' - type: string - consecutiveErrors: - description: Number of errors before a host - is ejected from the connection pool. Defaults - to 5. When the upstream host is accessed - over HTTP, a 5xx return code qualifies - as an error. When the upstream host is - accessed over an opaque TCP connection, - connect timeouts and connection error/failure - events qualify as an error. - format: int32 - type: integer - interval: - description: 'Time interval between ejection - sweep analysis. format: 1h/1m/1s/1ms. - MUST BE >=1ms. Default is 10s.' - type: string - maxEjectionPercent: - description: Maximum % of hosts in the load - balancing pool for the upstream service - that can be ejected. Defaults to 10%. - format: int32 - type: integer - type: object - port: - description: Specifies the port name or number - of a port on the destination service on which - this policy is being applied. Names must - comply with DNS label syntax (rfc1035) and - therefore cannot collide with numbers. If - there are multiple ports on a service with - the same protocol the names should be of the - form -. - properties: - name: - description: Valid port name - type: string - number: - description: Valid port number - format: int32 - type: integer - type: object - tls: - description: TLS related settings for connections - to the upstream service. - properties: - caCertificates: - description: 'OPTIONAL: The path to the - file containing certificate authority - certificates to use in verifying a presented - server certificate. If omitted, the proxy - will not verify the server''s certificate. - Should be empty if mode is `ISTIO_MUTUAL`.' - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. - The path to the file holding the client-side - TLS certificate to use. Should be empty - if mode is `ISTIO_MUTUAL`. - type: string - mode: - description: 'REQUIRED: Indicates whether - connections to this port should be secured - using TLS. The value of this field determines - how TLS is enforced.' - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. - The path to the file holding the client's - private key. Should be empty if mode is - `ISTIO_MUTUAL`. - type: string - sni: - description: SNI string to present to the - server during TLS handshake. Should be - empty if mode is `ISTIO_MUTUAL`. - type: string - subjectAltNames: - description: A list of alternate names to - verify the subject identity in the certificate. - If specified, the proxy will verify that - the server certificate's subject alt name - matches one of the specified values. Should - be empty if mode is `ISTIO_MUTUAL`. - items: - type: string - type: array - required: - - mode - type: object - required: - - port - type: object - type: array - tls: - description: TLS related settings for connections - to the upstream service. - properties: - caCertificates: - description: 'OPTIONAL: The path to the file containing - certificate authority certificates to use in - verifying a presented server certificate. If - omitted, the proxy will not verify the server''s - certificate. Should be empty if mode is `ISTIO_MUTUAL`.' - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. The - path to the file holding the client-side TLS - certificate to use. Should be empty if mode - is `ISTIO_MUTUAL`. - type: string - mode: - description: 'REQUIRED: Indicates whether connections - to this port should be secured using TLS. The - value of this field determines how TLS is enforced.' - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. The - path to the file holding the client's private - key. Should be empty if mode is `ISTIO_MUTUAL`. - type: string - sni: - description: SNI string to present to the server - during TLS handshake. Should be empty if mode - is `ISTIO_MUTUAL`. - type: string - subjectAltNames: - description: A list of alternate names to verify - the subject identity in the certificate. If - specified, the proxy will verify that the server - certificate's subject alt name matches one of - the specified values. Should be empty if mode - is `ISTIO_MUTUAL`. - items: - type: string - type: array - required: - - mode - type: object - type: object - required: - - name - - labels - type: object - type: array - trafficPolicy: - description: Traffic policies to apply (load balancing policy, - connection pool sizes, outlier detection). - properties: - connectionPool: - description: Settings controlling the volume of connections - to an upstream service - properties: - http: - description: HTTP connection pool settings. - properties: - http1MaxPendingRequests: - description: Maximum number of pending HTTP requests - to a destination. Default 1024. - format: int32 - type: integer - http2MaxRequests: - description: Maximum number of requests to a backend. - Default 1024. - format: int32 - type: integer - maxRequestsPerConnection: - description: Maximum number of requests per connection - to a backend. Setting this parameter to 1 disables - keep alive. - format: int32 - type: integer - maxRetries: - description: Maximum number of retries that can - be outstanding to all hosts in a cluster at a - given time. Defaults to 3. - format: int32 - type: integer - type: object - tcp: - description: Settings common to both HTTP and TCP upstream - connections. - properties: - connectTimeout: - description: TCP connection timeout. - type: string - maxConnections: - description: Maximum number of HTTP1 /TCP connections - to a destination host. - format: int32 - type: integer - type: object - type: object - loadBalancer: - description: Settings controlling the load balancer algorithms. - properties: - consistentHash: - properties: - httpCookie: - description: Hash based on HTTP cookie. - properties: - name: - description: REQUIRED. Name of the cookie. - type: string - path: - description: Path to set for the cookie. - type: string - ttl: - description: REQUIRED. Lifetime of the cookie. - type: string - required: - - name - - ttl - type: object - httpHeaderName: - description: 'It is required to specify exactly - one of the fields as hash key: HttpHeaderName, - HttpCookie, or UseSourceIP. Hash based on a specific - HTTP header.' - type: string - minimumRingSize: - description: The minimum number of virtual nodes - to use for the hash ring. Defaults to 1024. Larger - ring sizes result in more granular load distributions. - If the number of hosts in the load balancing pool - is larger than the ring size, each host will be - assigned a single virtual node. - format: int64 - type: integer - useSourceIp: - description: Hash based on the source IP address. - type: boolean - type: object - simple: - description: 'It is required to specify exactly one - of the fields: Simple or ConsistentHash' - type: string - type: object - outlierDetection: - description: Settings controlling eviction of unhealthy - hosts from the load balancing pool - properties: - baseEjectionTime: - description: 'Minimum ejection duration. A host will - remain ejected for a period equal to the product of - minimum ejection duration and the number of times - the host has been ejected. This technique allows the - system to automatically increase the ejection period - for unhealthy upstream servers. format: 1h/1m/1s/1ms. - MUST BE >=1ms. Default is 30s.' - type: string - consecutiveErrors: - description: Number of errors before a host is ejected - from the connection pool. Defaults to 5. When the - upstream host is accessed over HTTP, a 5xx return - code qualifies as an error. When the upstream host - is accessed over an opaque TCP connection, connect - timeouts and connection error/failure events qualify - as an error. - format: int32 - type: integer - interval: - description: 'Time interval between ejection sweep analysis. - format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s.' - type: string - maxEjectionPercent: - description: Maximum % of hosts in the load balancing - pool for the upstream service that can be ejected. - Defaults to 10%. - format: int32 - type: integer - type: object - portLevelSettings: - description: Traffic policies specific to individual ports. - Note that port level settings will override the destination-level - settings. Traffic settings specified at the destination-level - will not be inherited when overridden by port-level settings, - i.e. default values will be applied to fields omitted - in port-level traffic policies. - items: - properties: - connectionPool: - description: Settings controlling the volume of connections - to an upstream service - properties: - http: - description: HTTP connection pool settings. - properties: - http1MaxPendingRequests: - description: Maximum number of pending HTTP - requests to a destination. Default 1024. - format: int32 - type: integer - http2MaxRequests: - description: Maximum number of requests to - a backend. Default 1024. - format: int32 - type: integer - maxRequestsPerConnection: - description: Maximum number of requests per - connection to a backend. Setting this parameter - to 1 disables keep alive. - format: int32 - type: integer - maxRetries: - description: Maximum number of retries that - can be outstanding to all hosts in a cluster - at a given time. Defaults to 3. - format: int32 - type: integer - type: object - tcp: - description: Settings common to both HTTP and - TCP upstream connections. - properties: - connectTimeout: - description: TCP connection timeout. - type: string - maxConnections: - description: Maximum number of HTTP1 /TCP - connections to a destination host. - format: int32 - type: integer - type: object - type: object - loadBalancer: - description: Settings controlling the load balancer - algorithms. - properties: - consistentHash: - properties: - httpCookie: - description: Hash based on HTTP cookie. - properties: - name: - description: REQUIRED. Name of the cookie. - type: string - path: - description: Path to set for the cookie. - type: string - ttl: - description: REQUIRED. Lifetime of the - cookie. - type: string - required: - - name - - ttl - type: object - httpHeaderName: - description: 'It is required to specify exactly - one of the fields as hash key: HttpHeaderName, - HttpCookie, or UseSourceIP. Hash based on - a specific HTTP header.' - type: string - minimumRingSize: - description: The minimum number of virtual - nodes to use for the hash ring. Defaults - to 1024. Larger ring sizes result in more - granular load distributions. If the number - of hosts in the load balancing pool is larger - than the ring size, each host will be assigned - a single virtual node. - format: int64 - type: integer - useSourceIp: - description: Hash based on the source IP address. - type: boolean - type: object - simple: - description: 'It is required to specify exactly - one of the fields: Simple or ConsistentHash' - type: string - type: object - outlierDetection: - description: Settings controlling eviction of unhealthy - hosts from the load balancing pool - properties: - baseEjectionTime: - description: 'Minimum ejection duration. A host - will remain ejected for a period equal to the - product of minimum ejection duration and the - number of times the host has been ejected. This - technique allows the system to automatically - increase the ejection period for unhealthy upstream - servers. format: 1h/1m/1s/1ms. MUST BE >=1ms. - Default is 30s.' - type: string - consecutiveErrors: - description: Number of errors before a host is - ejected from the connection pool. Defaults to - 5. When the upstream host is accessed over HTTP, - a 5xx return code qualifies as an error. When - the upstream host is accessed over an opaque - TCP connection, connect timeouts and connection - error/failure events qualify as an error. - format: int32 - type: integer - interval: - description: 'Time interval between ejection sweep - analysis. format: 1h/1m/1s/1ms. MUST BE >=1ms. - Default is 10s.' - type: string - maxEjectionPercent: - description: Maximum % of hosts in the load balancing - pool for the upstream service that can be ejected. - Defaults to 10%. - format: int32 - type: integer - type: object - port: - description: Specifies the port name or number of - a port on the destination service on which this - policy is being applied. Names must comply with - DNS label syntax (rfc1035) and therefore cannot - collide with numbers. If there are multiple ports - on a service with the same protocol the names should - be of the form -. - properties: - name: - description: Valid port name - type: string - number: - description: Valid port number - format: int32 - type: integer - type: object - tls: - description: TLS related settings for connections - to the upstream service. - properties: - caCertificates: - description: 'OPTIONAL: The path to the file containing - certificate authority certificates to use in - verifying a presented server certificate. If - omitted, the proxy will not verify the server''s - certificate. Should be empty if mode is `ISTIO_MUTUAL`.' - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. The - path to the file holding the client-side TLS - certificate to use. Should be empty if mode - is `ISTIO_MUTUAL`. - type: string - mode: - description: 'REQUIRED: Indicates whether connections - to this port should be secured using TLS. The - value of this field determines how TLS is enforced.' - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. The - path to the file holding the client's private - key. Should be empty if mode is `ISTIO_MUTUAL`. - type: string - sni: - description: SNI string to present to the server - during TLS handshake. Should be empty if mode - is `ISTIO_MUTUAL`. - type: string - subjectAltNames: - description: A list of alternate names to verify - the subject identity in the certificate. If - specified, the proxy will verify that the server - certificate's subject alt name matches one of - the specified values. Should be empty if mode - is `ISTIO_MUTUAL`. - items: - type: string - type: array - required: - - mode - type: object - required: - - port - type: object - type: array - tls: - description: TLS related settings for connections to the - upstream service. - properties: - caCertificates: - description: 'OPTIONAL: The path to the file containing - certificate authority certificates to use in verifying - a presented server certificate. If omitted, the proxy - will not verify the server''s certificate. Should - be empty if mode is `ISTIO_MUTUAL`.' - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. The path - to the file holding the client-side TLS certificate - to use. Should be empty if mode is `ISTIO_MUTUAL`. - type: string - mode: - description: 'REQUIRED: Indicates whether connections - to this port should be secured using TLS. The value - of this field determines how TLS is enforced.' - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. The path - to the file holding the client's private key. Should - be empty if mode is `ISTIO_MUTUAL`. - type: string - sni: - description: SNI string to present to the server during - TLS handshake. Should be empty if mode is `ISTIO_MUTUAL`. - type: string - subjectAltNames: - description: A list of alternate names to verify the - subject identity in the certificate. If specified, - the proxy will verify that the server certificate's - subject alt name matches one of the specified values. - Should be empty if mode is `ISTIO_MUTUAL`. - items: - type: string - type: array - required: - - mode - type: object - type: object - required: - - host - type: object - type: object - type: object - status: - type: object - version: v1alpha2 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/servicemesh_v1alpha2_strategy.yaml b/config/crds/servicemesh_v1alpha2_strategy.yaml deleted file mode 100644 index 16bfac10..00000000 --- a/config/crds/servicemesh_v1alpha2_strategy.yaml +++ /dev/null @@ -1,787 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: strategies.servicemesh.kubesphere.io -spec: - additionalPrinterColumns: - - JSONPath: .spec.type - description: type of strategy - name: Type - type: string - - JSONPath: .spec.template.spec.hosts - description: destination hosts - name: Hosts - type: string - - JSONPath: .metadata.creationTimestamp - description: 'CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for - lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata' - name: Age - type: date - group: servicemesh.kubesphere.io - names: - kind: Strategy - plural: strategies - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - governor: - description: Governor version, the version takes control of all incoming - traffic label version value - type: string - principal: - description: Principal version, the one as reference version label version - value - type: string - selector: - description: Label selector for virtual services. - type: object - strategyPolicy: - description: strategy policy, how the strategy will be applied by the - strategy controller - type: string - template: - description: Template describes the virtual service that will be created. - properties: - metadata: - description: Metadata of the virtual services created from this - template - type: object - spec: - description: Spec indicates the behavior of a virtual service. - properties: - gateways: - description: The names of gateways and sidecars that should - apply these routes. A single VirtualService is used for sidecars - inside the mesh as well as for one or more gateways. The selection - condition imposed by this field can be overridden using the - source field in the match conditions of HTTP/TCP routes. The - reserved word "mesh" is used to imply all the sidecars in - the mesh. When this field is omitted, the default gateway - ("mesh") will be used, which would apply the rule to all sidecars - in the mesh. If a list of gateway names is provided, the rules - will apply only to the gateways. To apply the rules to both - gateways and sidecars, specify "mesh" as one of the gateway - names. - items: - type: string - type: array - hosts: - description: REQUIRED. The destination address for traffic captured - by this virtual service. Could be a DNS name with wildcard - prefix or a CIDR prefix. Depending on the platform, short-names - can also be used instead of a FQDN (i.e. has no dots in the - name). In such a scenario, the FQDN of the host would be derived - based on the underlying platform. For example on Kubernetes, - when hosts contains a short name, Istio will interpret the - short name based on the namespace of the rule. Thus, when - a client namespace applies a rule in the "default" namespace - containing a name "reviews, Istio will setup routes to the - "reviews.default.svc.cluster.local" service. However, if a - different name such as "reviews.sales.svc.cluster.local" is - used, it would be treated as a FQDN during virtual host matching. - In Consul, a plain service name would be resolved to the FQDN - "reviews.service.consul". Note that the hosts field applies - to both HTTP and TCP services. Service inside the mesh, i.e., - those found in the service registry, must always be referred - to using their alphanumeric names. IP addresses or CIDR prefixes - are allowed only for services defined via the Gateway. - items: - type: string - type: array - http: - description: An ordered list of route rules for HTTP traffic. - The first rule matching an incoming request is used. - items: - properties: - appendHeaders: - description: Additional HTTP headers to add before forwarding - a request to the destination service. - type: object - corsPolicy: - description: Cross-Origin Resource Sharing policy - properties: - allowCredentials: - description: Indicates whether the caller is allowed - to send the actual request (not the preflight) using - credentials. Translates to Access-Control-Allow-Credentials - header. - type: boolean - allowHeaders: - description: List of HTTP headers that can be used - when requesting the resource. Serialized to Access-Control-Allow-Methods - header. - items: - type: string - type: array - allowMethods: - description: List of HTTP methods allowed to access - the resource. The content will be serialized into - the Access-Control-Allow-Methods header. - items: - type: string - type: array - allowOrigin: - description: The list of origins that are allowed - to perform CORS requests. The content will be serialized - into the Access-Control-Allow-Origin header. Wildcard - * will allow all origins. - items: - type: string - type: array - exposeHeaders: - description: A white list of HTTP headers that the - browsers are allowed to access. Serialized into - Access-Control-Expose-Headers header. - items: - type: string - type: array - maxAge: - description: Specifies how long the the results of - a preflight request can be cached. Translates to - the Access-Control-Max-Age header. - type: string - type: object - fault: - description: Fault injection policy to apply on HTTP traffic. - properties: - abort: - description: Abort Http request attempts and return - error codes back to downstream service, giving the - impression that the upstream service is faulty. - properties: - httpStatus: - description: REQUIRED. HTTP status code to use - to abort the Http request. - format: int64 - type: integer - percent: - description: Percentage of requests to be aborted - with the error code provided (0-100). - format: int64 - type: integer - required: - - httpStatus - type: object - delay: - description: Delay requests before forwarding, emulating - various failures such as network issues, overloaded - upstream service, etc. - properties: - exponentialDelay: - description: (-- Add a delay (based on an exponential - function) before forwarding the request. mean - delay needed to derive the exponential delay - values --) - type: string - fixedDelay: - description: 'REQUIRED. Add a fixed delay before - forwarding the request. Format: 1h/1m/1s/1ms. - MUST be >=1ms.' - type: string - percent: - description: Percentage of requests on which the - delay will be injected (0-100). - format: int64 - type: integer - required: - - fixedDelay - type: object - type: object - match: - description: Match conditions to be satisfied for the - rule to be activated. All conditions inside a single - match block have AND semantics, while the list of match - blocks have OR semantics. The rule is matched if any - one of the match blocks succeed. - items: - properties: - authority: - description: 'HTTP Authority values are case-sensitive - and formatted as follows: - `exact: "value"` - for exact string match - `prefix: "value"` for - prefix-based match - `regex: "value"` for ECMAscript - style regex-based match' - properties: - exact: - description: exact string match - type: string - prefix: - description: prefix-based match - type: string - regex: - description: ECMAscript style regex-based match - type: string - suffix: - description: suffix-based match. - type: string - type: object - gateways: - description: Names of gateways where the rule should - be applied to. Gateway names at the top of the - VirtualService (if any) are overridden. The gateway - match is independent of sourceLabels. - items: - type: string - type: array - headers: - description: 'The header keys must be lowercase - and use hyphen as the separator, e.g. _x-request-id_. Header - values are case-sensitive and formatted as follows: - - `exact: "value"` for exact string match - `prefix: - "value"` for prefix-based match - `regex: "value"` - for ECMAscript style regex-based match **Note:** - The keys `uri`, `scheme`, `method`, and `authority` - will be ignored.' - type: object - method: - description: 'HTTP Method values are case-sensitive - and formatted as follows: - `exact: "value"` - for exact string match - `prefix: "value"` for - prefix-based match - `regex: "value"` for ECMAscript - style regex-based match' - properties: - exact: - description: exact string match - type: string - prefix: - description: prefix-based match - type: string - regex: - description: ECMAscript style regex-based match - type: string - suffix: - description: suffix-based match. - type: string - type: object - port: - description: Specifies the ports on the host that - is being addressed. Many services only expose - a single port or label ports with the protocols - they support, in these cases it is not required - to explicitly select the port. - format: int32 - type: integer - scheme: - description: 'URI Scheme values are case-sensitive - and formatted as follows: - `exact: "value"` - for exact string match - `prefix: "value"` for - prefix-based match - `regex: "value"` for ECMAscript - style regex-based match' - properties: - exact: - description: exact string match - type: string - prefix: - description: prefix-based match - type: string - regex: - description: ECMAscript style regex-based match - type: string - suffix: - description: suffix-based match. - type: string - type: object - sourceLabels: - description: One or more labels that constrain the - applicability of a rule to workloads with the - given labels. If the VirtualService has a list - of gateways specified at the top, it should include - the reserved gateway `mesh` in order for this - field to be applicable. - type: object - uri: - description: 'URI to match values are case-sensitive - and formatted as follows: - `exact: "value"` - for exact string match - `prefix: "value"` for - prefix-based match - `regex: "value"` for ECMAscript - style regex-based match' - properties: - exact: - description: exact string match - type: string - prefix: - description: prefix-based match - type: string - regex: - description: ECMAscript style regex-based match - type: string - suffix: - description: suffix-based match. - type: string - type: object - type: object - type: array - mirror: - description: Mirror HTTP traffic to a another destination - in addition to forwarding the requests to the intended - destination. Mirrored traffic is on a best effort basis - where the sidecar/gateway will not wait for the mirrored - cluster to respond before returning the response from - the original destination. Statistics will be generated - for the mirrored destination. - properties: - host: - description: 'REQUIRED. The name of a service from - the service registry. Service names are looked up - from the platform''s service registry (e.g., Kubernetes - services, Consul services, etc.) and from the hosts - declared by [ServiceEntry](#ServiceEntry). Traffic - forwarded to destinations that are not found in - either of the two, will be dropped. *Note for Kubernetes - users*: When short names are used (e.g. "reviews" - instead of "reviews.default.svc.cluster.local"), - Istio will interpret the short name based on the - namespace of the rule, not the service. A rule in - the "default" namespace containing a host "reviews - will be interpreted as "reviews.default.svc.cluster.local", - irrespective of the actual namespace associated - with the reviews service. _To avoid potential misconfigurations, - it is recommended to always use fully qualified - domain names over short names._' - type: string - port: - description: Specifies the port on the host that is - being addressed. If a service exposes only a single - port it is not required to explicitly select the - port. - properties: - name: - description: Valid port name - type: string - number: - description: Valid port number - format: int32 - type: integer - type: object - subset: - description: The name of a subset within the service. - Applicable only to services within the mesh. The - subset must be defined in a corresponding DestinationRule. - type: string - required: - - host - type: object - redirect: - description: A http rule can either redirect or forward - (default) traffic. If traffic passthrough option is - specified in the rule, route/redirect will be ignored. - The redirect primitive can be used to send a HTTP 302 - redirect to a different URI or Authority. - properties: - authority: - description: On a redirect, overwrite the Authority/Host - portion of the URL with this value. - type: string - uri: - description: On a redirect, overwrite the Path portion - of the URL with this value. Note that the entire - path will be replaced, irrespective of the request - URI being matched as an exact path or prefix. - type: string - type: object - removeResponseHeaders: - description: Http headers to remove before returning the - response to the caller - type: object - retries: - description: Retry policy for HTTP requests. - properties: - attempts: - description: REQUIRED. Number of retries for a given - request. The interval between retries will be determined - automatically (25ms+). Actual number of retries - attempted depends on the httpReqTimeout. - format: int64 - type: integer - perTryTimeout: - description: 'Timeout per retry attempt for a given - request. format: 1h/1m/1s/1ms. MUST BE >=1ms.' - type: string - required: - - attempts - - perTryTimeout - type: object - rewrite: - description: Rewrite HTTP URIs and Authority headers. - Rewrite cannot be used with Redirect primitive. Rewrite - will be performed before forwarding. - properties: - authority: - description: rewrite the Authority/Host header with - this value. - type: string - uri: - description: rewrite the path (or the prefix) portion - of the URI with this value. If the original URI - was matched based on prefix, the value provided - in this field will replace the corresponding matched - prefix. - type: string - type: object - route: - description: A http rule can either redirect or forward - (default) traffic. The forwarding target can be one - of several versions of a service (see glossary in beginning - of document). Weights associated with the service version - determine the proportion of traffic it receives. - items: - properties: - destination: - description: REQUIRED. Destination uniquely identifies - the instances of a service to which the request/connection - should be forwarded to. - properties: - host: - description: 'REQUIRED. The name of a service - from the service registry. Service names are - looked up from the platform''s service registry - (e.g., Kubernetes services, Consul services, - etc.) and from the hosts declared by [ServiceEntry](#ServiceEntry). - Traffic forwarded to destinations that are - not found in either of the two, will be dropped. *Note - for Kubernetes users*: When short names are - used (e.g. "reviews" instead of "reviews.default.svc.cluster.local"), - Istio will interpret the short name based - on the namespace of the rule, not the service. - A rule in the "default" namespace containing - a host "reviews will be interpreted as "reviews.default.svc.cluster.local", - irrespective of the actual namespace associated - with the reviews service. _To avoid potential - misconfigurations, it is recommended to always - use fully qualified domain names over short - names._' - type: string - port: - description: Specifies the port on the host - that is being addressed. If a service exposes - only a single port it is not required to explicitly - select the port. - properties: - name: - description: Valid port name - type: string - number: - description: Valid port number - format: int32 - type: integer - type: object - subset: - description: The name of a subset within the - service. Applicable only to services within - the mesh. The subset must be defined in a - corresponding DestinationRule. - type: string - required: - - host - type: object - weight: - description: REQUIRED. The proportion of traffic - to be forwarded to the service version. (0-100). - Sum of weights across destinations SHOULD BE == - 100. If there is only destination in a rule, the - weight value is assumed to be 100. - format: int64 - type: integer - required: - - destination - - weight - type: object - type: array - timeout: - description: Timeout for HTTP requests. - type: string - websocketUpgrade: - description: Indicates that a HTTP/1.1 client connection - to this particular route should be allowed (and expected) - to upgrade to a WebSocket connection. The default is - false. Istio's reference sidecar implementation (Envoy) - expects the first request to this route to contain the - WebSocket upgrade headers. Otherwise, the request will - be rejected. Note that Websocket allows secondary protocol - negotiation which may then be subject to further routing - rules based on the protocol selected. - type: boolean - type: object - type: array - tcp: - description: An ordered list of route rules for TCP traffic. - The first rule matching an incoming request is used. - items: - properties: - match: - description: Match conditions to be satisfied for the - rule to be activated. All conditions inside a single - match block have AND semantics, while the list of match - blocks have OR semantics. The rule is matched if any - one of the match blocks succeed. - items: - properties: - destinationSubnets: - description: IPv4 or IPv6 ip address of destination - with optional subnet. E.g., a.b.c.d/xx form or - just a.b.c.d. - items: - type: string - type: array - gateways: - description: Names of gateways where the rule should - be applied to. Gateway names at the top of the - VirtualService (if any) are overridden. The gateway - match is independent of sourceLabels. - items: - type: string - type: array - port: - description: Specifies the port on the host that - is being addressed. Many services only expose - a single port or label ports with the protocols - they support, in these cases it is not required - to explicitly select the port. - format: int64 - type: integer - sourceLabels: - description: One or more labels that constrain the - applicability of a rule to workloads with the - given labels. If the VirtualService has a list - of gateways specified at the top, it should include - the reserved gateway `mesh` in order for this - field to be applicable. - type: object - type: object - type: array - route: - description: The destinations to which the connection - should be forwarded to. Weights must add to 100%. - items: - properties: - destination: - description: REQUIRED. Destination uniquely identifies - the instances of a service to which the request/connection - should be forwarded to. - properties: - host: - description: 'REQUIRED. The name of a service - from the service registry. Service names are - looked up from the platform''s service registry - (e.g., Kubernetes services, Consul services, - etc.) and from the hosts declared by [ServiceEntry](#ServiceEntry). - Traffic forwarded to destinations that are - not found in either of the two, will be dropped. *Note - for Kubernetes users*: When short names are - used (e.g. "reviews" instead of "reviews.default.svc.cluster.local"), - Istio will interpret the short name based - on the namespace of the rule, not the service. - A rule in the "default" namespace containing - a host "reviews will be interpreted as "reviews.default.svc.cluster.local", - irrespective of the actual namespace associated - with the reviews service. _To avoid potential - misconfigurations, it is recommended to always - use fully qualified domain names over short - names._' - type: string - port: - description: Specifies the port on the host - that is being addressed. If a service exposes - only a single port it is not required to explicitly - select the port. - properties: - name: - description: Valid port name - type: string - number: - description: Valid port number - format: int32 - type: integer - type: object - subset: - description: The name of a subset within the - service. Applicable only to services within - the mesh. The subset must be defined in a - corresponding DestinationRule. - type: string - required: - - host - type: object - weight: - description: REQUIRED. The proportion of traffic - to be forwarded to the service version. (0-100). - Sum of weights across destinations SHOULD BE == - 100. If there is only destination in a rule, the - weight value is assumed to be 100. - format: int64 - type: integer - required: - - destination - - weight - type: object - type: array - required: - - match - - route - type: object - type: array - tls: - items: - properties: - match: - description: REQUIRED. Match conditions to be satisfied - for the rule to be activated. All conditions inside - a single match block have AND semantics, while the list - of match blocks have OR semantics. The rule is matched - if any one of the match blocks succeed. - items: - properties: - destinationSubnets: - description: IPv4 or IPv6 ip addresses of destination - with optional subnet. E.g., a.b.c.d/xx form or - just a.b.c.d. - items: - type: string - type: array - gateways: - description: Names of gateways where the rule should - be applied to. Gateway names at the top of the - VirtualService (if any) are overridden. The gateway - match is independent of sourceLabels. - items: - type: string - type: array - port: - description: Specifies the port on the host that - is being addressed. Many services only expose - a single port or label ports with the protocols - they support, in these cases it is not required - to explicitly select the port. - format: int64 - type: integer - sniHosts: - description: REQUIRED. SNI (server name indicator) - to match on. Wildcard prefixes can be used in - the SNI value, e.g., *.com will match foo.example.com - as well as example.com. An SNI value must be a - subset (i.e., fall within the domain) of the corresponding - virtual service's hosts - items: - type: string - type: array - sourceLabels: - description: One or more labels that constrain the - applicability of a rule to workloads with the - given labels. If the VirtualService has a list - of gateways specified at the top, it should include - the reserved gateway `mesh` in order for this - field to be applicable. - type: object - required: - - sniHosts - type: object - type: array - route: - description: The destination to which the connection should - be forwarded to. - items: - properties: - destination: - description: REQUIRED. Destination uniquely identifies - the instances of a service to which the request/connection - should be forwarded to. - properties: - host: - description: 'REQUIRED. The name of a service - from the service registry. Service names are - looked up from the platform''s service registry - (e.g., Kubernetes services, Consul services, - etc.) and from the hosts declared by [ServiceEntry](#ServiceEntry). - Traffic forwarded to destinations that are - not found in either of the two, will be dropped. *Note - for Kubernetes users*: When short names are - used (e.g. "reviews" instead of "reviews.default.svc.cluster.local"), - Istio will interpret the short name based - on the namespace of the rule, not the service. - A rule in the "default" namespace containing - a host "reviews will be interpreted as "reviews.default.svc.cluster.local", - irrespective of the actual namespace associated - with the reviews service. _To avoid potential - misconfigurations, it is recommended to always - use fully qualified domain names over short - names._' - type: string - port: - description: Specifies the port on the host - that is being addressed. If a service exposes - only a single port it is not required to explicitly - select the port. - properties: - name: - description: Valid port name - type: string - number: - description: Valid port number - format: int32 - type: integer - type: object - subset: - description: The name of a subset within the - service. Applicable only to services within - the mesh. The subset must be defined in a - corresponding DestinationRule. - type: string - required: - - host - type: object - weight: - description: REQUIRED. The proportion of traffic - to be forwarded to the service version. (0-100). - Sum of weights across destinations SHOULD BE == - 100. If there is only destination in a rule, the - weight value is assumed to be 100. - format: int64 - type: integer - required: - - destination - - weight - type: object - type: array - required: - - match - - route - type: object - type: array - required: - - hosts - type: object - type: object - type: - description: Strategy type - type: string - type: object - status: - type: object - version: v1alpha2 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/pkg/apis/cluster/v1alpha1/cluster_types.go b/pkg/apis/cluster/v1alpha1/cluster_types.go index 44715d96..1914e22d 100644 --- a/pkg/apis/cluster/v1alpha1/cluster_types.go +++ b/pkg/apis/cluster/v1alpha1/cluster_types.go @@ -128,6 +128,11 @@ type ClusterStatus struct { // Region is the name of the region in which all of the nodes in the cluster exist. e.g. 'us-east1'. // +optional Region *string `json:"region,omitempty"` + + // Configz is status of components enabled in the member cluster. This is synchronized with member cluster + // every amount of time, like 5 minutes. + // +optional + Configz map[string]bool `json:"configz,omitempty"` } // +genclient diff --git a/pkg/apis/cluster/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/cluster/v1alpha1/zz_generated.deepcopy.go index a5d35bd8..cf99c414 100644 --- a/pkg/apis/cluster/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/cluster/v1alpha1/zz_generated.deepcopy.go @@ -1,7 +1,7 @@ // +build !ignore_autogenerated /* -Copyright 2019 The KubeSphere authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -136,6 +136,13 @@ func (in *ClusterStatus) DeepCopyInto(out *ClusterStatus) { *out = new(string) **out = **in } + if in.Configz != nil { + in, out := &in.Configz, &out.Configz + *out = make(map[string]bool, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterStatus. diff --git a/pkg/apis/network/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/network/v1alpha1/zz_generated.deepcopy.go index 770ebc77..3eb86a60 100644 --- a/pkg/apis/network/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/network/v1alpha1/zz_generated.deepcopy.go @@ -1,7 +1,7 @@ // +build !ignore_autogenerated /* -Copyright 2019 The KubeSphere authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -16,12 +16,12 @@ See the License for the specific language governing permissions and limitations under the License. */ -// Code generated by deepcopy-gen. DO NOT EDIT. +// Code generated by controller-gen. DO NOT EDIT. package v1alpha1 import ( - v1 "k8s.io/api/networking/v1" + "k8s.io/api/networking/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -31,7 +31,6 @@ func (in *NamespaceNetworkPolicy) DeepCopyInto(out *NamespaceNetworkPolicy) { out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceNetworkPolicy. @@ -64,7 +63,6 @@ func (in *NamespaceNetworkPolicyList) DeepCopyInto(out *NamespaceNetworkPolicyLi (*in)[i].DeepCopyInto(&(*out)[i]) } } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceNetworkPolicyList. @@ -107,7 +105,6 @@ func (in *NamespaceNetworkPolicySpec) DeepCopyInto(out *NamespaceNetworkPolicySp *out = make([]v1.PolicyType, len(*in)) copy(*out, *in) } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceNetworkPolicySpec. @@ -123,7 +120,6 @@ func (in *NamespaceNetworkPolicySpec) DeepCopy() *NamespaceNetworkPolicySpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NamespaceSelector) DeepCopyInto(out *NamespaceSelector) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceSelector. @@ -153,7 +149,6 @@ func (in *NetworkPolicyEgressRule) DeepCopyInto(out *NetworkPolicyEgressRule) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyEgressRule. @@ -183,7 +178,6 @@ func (in *NetworkPolicyIngressRule) DeepCopyInto(out *NetworkPolicyIngressRule) (*in)[i].DeepCopyInto(&(*out)[i]) } } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyIngressRule. @@ -214,7 +208,6 @@ func (in *NetworkPolicyPeer) DeepCopyInto(out *NetworkPolicyPeer) { *out = new(ServiceSelector) **out = **in } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPeer. @@ -230,7 +223,6 @@ func (in *NetworkPolicyPeer) DeepCopy() *NetworkPolicyPeer { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ServiceSelector) DeepCopyInto(out *ServiceSelector) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceSelector. diff --git a/pkg/apis/servicemesh/v1alpha2/zz_generated.deepcopy.go b/pkg/apis/servicemesh/v1alpha2/zz_generated.deepcopy.go index c5a810aa..c9cdd094 100644 --- a/pkg/apis/servicemesh/v1alpha2/zz_generated.deepcopy.go +++ b/pkg/apis/servicemesh/v1alpha2/zz_generated.deepcopy.go @@ -1,7 +1,7 @@ // +build !ignore_autogenerated /* -Copyright 2019 The KubeSphere authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/apis/tenant/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/tenant/v1alpha1/zz_generated.deepcopy.go index f489cb6d..08f7c800 100644 --- a/pkg/apis/tenant/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/tenant/v1alpha1/zz_generated.deepcopy.go @@ -1,7 +1,7 @@ // +build !ignore_autogenerated /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/apis/tenant/v1alpha2/zz_generated.deepcopy.go b/pkg/apis/tenant/v1alpha2/zz_generated.deepcopy.go index 8a3346ee..cc1c0456 100644 --- a/pkg/apis/tenant/v1alpha2/zz_generated.deepcopy.go +++ b/pkg/apis/tenant/v1alpha2/zz_generated.deepcopy.go @@ -1,7 +1,7 @@ // +build !ignore_autogenerated /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/apiserver/config/config.go b/pkg/apiserver/config/config.go index e11746a7..2425e24b 100644 --- a/pkg/apiserver/config/config.go +++ b/pkg/apiserver/config/config.go @@ -94,10 +94,8 @@ type Config struct { MultiClusterOptions *multicluster.Options `json:"multicluster,omitempty" yaml:"multicluster,omitempty" mapstructure:"multicluster"` EventsOptions *eventsclient.Options `json:"events,omitempty" yaml:"events,omitempty" mapstructure:"events"` AuditingOptions *auditingclient.Options `json:"auditing,omitempty" yaml:"auditing,omitempty" mapstructure:"auditing"` - // Options used for enabling components, not actually used now. Once we switch Alerting/Notification API to kubesphere, - // we can add these options to kubesphere command lines - AlertingOptions *alerting.Options `json:"alerting,omitempty" yaml:"alerting,omitempty" mapstructure:"alerting"` - NotificationOptions *notification.Options `json:"notification,omitempty" yaml:"notification,omitempty" mapstructure:"notification"` + AlertingOptions *alerting.Options `json:"alerting,omitempty" yaml:"alerting,omitempty" mapstructure:"alerting"` + NotificationOptions *notification.Options `json:"notification,omitempty" yaml:"notification,omitempty" mapstructure:"notification"` } // newConfig creates a default non-empty Config diff --git a/pkg/apiserver/dispatch/dispatch.go b/pkg/apiserver/dispatch/dispatch.go index 32165dc2..d80f7556 100644 --- a/pkg/apiserver/dispatch/dispatch.go +++ b/pkg/apiserver/dispatch/dispatch.go @@ -20,6 +20,7 @@ import ( "fmt" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/util/net" "k8s.io/apimachinery/pkg/util/proxy" "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" "k8s.io/client-go/rest" @@ -174,6 +175,21 @@ func (c *clusterDispatch) getInnerCluster(name string) *innerCluster { return nil } +// copy from https://github.com/kubernetes/apimachinery/blob/master/pkg/util/proxy/dial.go +func supportsHTTP11(nextProtos []string) bool { + if len(nextProtos) == 0 { + return true + } + + for _, proto := range nextProtos { + if proto == "http/1.1" { + return true + } + } + + return false +} + func (c *clusterDispatch) updateInnerClusters(obj interface{}) { cluster := obj.(*clusterv1alpha1.Cluster) @@ -205,6 +221,15 @@ func (c *clusterDispatch) updateInnerClusters(obj interface{}) { transport, err := rest.TransportFor(clusterConfig) if err != nil { klog.Errorf("Create transport failed, %v", err) + return + } + + tlsConfig, err := net.TLSClientConfig(transport) + if err == nil { + // since http2 doesn't support websocket, we need to disable http2 when using websocket + if supportsHTTP11(tlsConfig.NextProtos) { + tlsConfig.NextProtos = []string{"http/1.1"} + } } c.mutex.Lock() diff --git a/pkg/client/clientset/versioned/clientset.go b/pkg/client/clientset/versioned/clientset.go index edba09d3..7e84ccd3 100644 --- a/pkg/client/clientset/versioned/clientset.go +++ b/pkg/client/clientset/versioned/clientset.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/doc.go b/pkg/client/clientset/versioned/doc.go index d1f15b52..446c7b50 100644 --- a/pkg/client/clientset/versioned/doc.go +++ b/pkg/client/clientset/versioned/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/fake/clientset_generated.go b/pkg/client/clientset/versioned/fake/clientset_generated.go index 851fade5..097e6231 100644 --- a/pkg/client/clientset/versioned/fake/clientset_generated.go +++ b/pkg/client/clientset/versioned/fake/clientset_generated.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/fake/doc.go b/pkg/client/clientset/versioned/fake/doc.go index f3e875b2..89d75efb 100644 --- a/pkg/client/clientset/versioned/fake/doc.go +++ b/pkg/client/clientset/versioned/fake/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/fake/register.go b/pkg/client/clientset/versioned/fake/register.go index 048678ca..a13e057b 100644 --- a/pkg/client/clientset/versioned/fake/register.go +++ b/pkg/client/clientset/versioned/fake/register.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/scheme/doc.go b/pkg/client/clientset/versioned/scheme/doc.go index e3923c98..5421e6d1 100644 --- a/pkg/client/clientset/versioned/scheme/doc.go +++ b/pkg/client/clientset/versioned/scheme/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/scheme/register.go b/pkg/client/clientset/versioned/scheme/register.go index d459a58d..3df91bba 100644 --- a/pkg/client/clientset/versioned/scheme/register.go +++ b/pkg/client/clientset/versioned/scheme/register.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/cluster.go b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/cluster.go index e91401d6..e77bb3bd 100644 --- a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/cluster.go +++ b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/cluster.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/cluster_client.go b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/cluster_client.go index e5d2f0d8..f180849d 100644 --- a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/cluster_client.go +++ b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/cluster_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/doc.go b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/doc.go index 211cbcb7..76927874 100644 --- a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/doc.go +++ b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/doc.go b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/doc.go index 8d523a0e..7e36dbca 100644 --- a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/fake_cluster.go b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/fake_cluster.go index a80e111e..9c62f1ef 100644 --- a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/fake_cluster.go +++ b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/fake_cluster.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/fake_cluster_client.go b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/fake_cluster_client.go index fd51b108..26875884 100644 --- a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/fake_cluster_client.go +++ b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/fake_cluster_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/generated_expansion.go b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/generated_expansion.go index 1ef0e6e2..dce2be32 100644 --- a/pkg/client/clientset/versioned/typed/cluster/v1alpha1/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/cluster/v1alpha1/generated_expansion.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/devops_client.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/devops_client.go index e83552f8..fba4a48b 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/devops_client.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/devops_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/doc.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/doc.go index 211cbcb7..76927874 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/doc.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/doc.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/doc.go index 8d523a0e..7e36dbca 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_devops_client.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_devops_client.go index f8d91bf3..41027f5a 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_devops_client.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_devops_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2ibinary.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2ibinary.go index a731c5f9..23109cb8 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2ibinary.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2ibinary.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2ibuilder.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2ibuilder.go index 95fefbb6..53452344 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2ibuilder.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2ibuilder.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2ibuildertemplate.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2ibuildertemplate.go index e966ea9e..e3ab60c4 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2ibuildertemplate.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2ibuildertemplate.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2irun.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2irun.go index 7aa08daf..f3a96e42 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2irun.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake/fake_s2irun.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/generated_expansion.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/generated_expansion.go index 780f87ea..a336b2dd 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/generated_expansion.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2ibinary.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2ibinary.go index 5ec2cdcf..92cee87a 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2ibinary.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2ibinary.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2ibuilder.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2ibuilder.go index d81dcf60..8f20ff84 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2ibuilder.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2ibuilder.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2ibuildertemplate.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2ibuildertemplate.go index e9547b2b..47913c0e 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2ibuildertemplate.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2ibuildertemplate.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2irun.go b/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2irun.go index 5bb5a4a4..842a19b0 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2irun.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha1/s2irun.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha3/devops_client.go b/pkg/client/clientset/versioned/typed/devops/v1alpha3/devops_client.go index 5458b620..b5e14aa2 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha3/devops_client.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha3/devops_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha3/devopsproject.go b/pkg/client/clientset/versioned/typed/devops/v1alpha3/devopsproject.go index 39d5d9dc..a37f1840 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha3/devopsproject.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha3/devopsproject.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha3/doc.go b/pkg/client/clientset/versioned/typed/devops/v1alpha3/doc.go index d4c6516d..5b88b65c 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha3/doc.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha3/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/doc.go b/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/doc.go index 8d523a0e..7e36dbca 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/fake_devops_client.go b/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/fake_devops_client.go index 41f4215a..d4632894 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/fake_devops_client.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/fake_devops_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/fake_devopsproject.go b/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/fake_devopsproject.go index 88bccb4a..19b4e799 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/fake_devopsproject.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/fake_devopsproject.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/fake_pipeline.go b/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/fake_pipeline.go index 057ad3c3..03bc7866 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/fake_pipeline.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha3/fake/fake_pipeline.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha3/generated_expansion.go b/pkg/client/clientset/versioned/typed/devops/v1alpha3/generated_expansion.go index 15e67e7c..81d33255 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha3/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha3/generated_expansion.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/devops/v1alpha3/pipeline.go b/pkg/client/clientset/versioned/typed/devops/v1alpha3/pipeline.go index 8bb99cd4..889946d9 100644 --- a/pkg/client/clientset/versioned/typed/devops/v1alpha3/pipeline.go +++ b/pkg/client/clientset/versioned/typed/devops/v1alpha3/pipeline.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/doc.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/doc.go index 8af33123..f6328297 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/doc.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/doc.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/doc.go index 8d523a0e..7e36dbca 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_globalrole.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_globalrole.go index d3741221..1cb1b462 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_globalrole.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_globalrole.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_globalrolebinding.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_globalrolebinding.go index ac91cbd0..7de587b9 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_globalrolebinding.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_globalrolebinding.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_iam_client.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_iam_client.go index 94547392..07bbfce0 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_iam_client.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_iam_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_user.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_user.go index b8ca5569..ccb40d4a 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_user.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_user.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_workspacerole.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_workspacerole.go index 4c7e98f5..df13a7cf 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_workspacerole.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_workspacerole.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_workspacerolebinding.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_workspacerolebinding.go index 78dc1b01..e53909e4 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_workspacerolebinding.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/fake/fake_workspacerolebinding.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/generated_expansion.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/generated_expansion.go index 68d328a6..a181b36b 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/generated_expansion.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/globalrole.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/globalrole.go index 3d699ef8..e6aae385 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/globalrole.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/globalrole.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/globalrolebinding.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/globalrolebinding.go index e52c0ebe..9e66166a 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/globalrolebinding.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/globalrolebinding.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/iam_client.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/iam_client.go index 489b71b0..d4cd2003 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/iam_client.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/iam_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/user.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/user.go index f229fca4..de5466a9 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/user.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/user.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/workspacerole.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/workspacerole.go index 32bb08aa..8d0e8188 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/workspacerole.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/workspacerole.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/iam/v1alpha2/workspacerolebinding.go b/pkg/client/clientset/versioned/typed/iam/v1alpha2/workspacerolebinding.go index 67729258..2905affe 100644 --- a/pkg/client/clientset/versioned/typed/iam/v1alpha2/workspacerolebinding.go +++ b/pkg/client/clientset/versioned/typed/iam/v1alpha2/workspacerolebinding.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/network/v1alpha1/doc.go b/pkg/client/clientset/versioned/typed/network/v1alpha1/doc.go index 211cbcb7..76927874 100644 --- a/pkg/client/clientset/versioned/typed/network/v1alpha1/doc.go +++ b/pkg/client/clientset/versioned/typed/network/v1alpha1/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/network/v1alpha1/fake/doc.go b/pkg/client/clientset/versioned/typed/network/v1alpha1/fake/doc.go index 8d523a0e..7e36dbca 100644 --- a/pkg/client/clientset/versioned/typed/network/v1alpha1/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/network/v1alpha1/fake/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/network/v1alpha1/fake/fake_namespacenetworkpolicy.go b/pkg/client/clientset/versioned/typed/network/v1alpha1/fake/fake_namespacenetworkpolicy.go index e00aca45..03ce5dd4 100644 --- a/pkg/client/clientset/versioned/typed/network/v1alpha1/fake/fake_namespacenetworkpolicy.go +++ b/pkg/client/clientset/versioned/typed/network/v1alpha1/fake/fake_namespacenetworkpolicy.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/network/v1alpha1/fake/fake_network_client.go b/pkg/client/clientset/versioned/typed/network/v1alpha1/fake/fake_network_client.go index e18393d4..ecc3bfdf 100644 --- a/pkg/client/clientset/versioned/typed/network/v1alpha1/fake/fake_network_client.go +++ b/pkg/client/clientset/versioned/typed/network/v1alpha1/fake/fake_network_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/network/v1alpha1/generated_expansion.go b/pkg/client/clientset/versioned/typed/network/v1alpha1/generated_expansion.go index 8a6dca54..f36b84a7 100644 --- a/pkg/client/clientset/versioned/typed/network/v1alpha1/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/network/v1alpha1/generated_expansion.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/network/v1alpha1/namespacenetworkpolicy.go b/pkg/client/clientset/versioned/typed/network/v1alpha1/namespacenetworkpolicy.go index ebe8da05..81042c42 100644 --- a/pkg/client/clientset/versioned/typed/network/v1alpha1/namespacenetworkpolicy.go +++ b/pkg/client/clientset/versioned/typed/network/v1alpha1/namespacenetworkpolicy.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/network/v1alpha1/network_client.go b/pkg/client/clientset/versioned/typed/network/v1alpha1/network_client.go index 22d5b9ef..bbaa1221 100644 --- a/pkg/client/clientset/versioned/typed/network/v1alpha1/network_client.go +++ b/pkg/client/clientset/versioned/typed/network/v1alpha1/network_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/doc.go b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/doc.go index 8af33123..f6328297 100644 --- a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/doc.go +++ b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/doc.go b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/doc.go index 8d523a0e..7e36dbca 100644 --- a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/fake_servicemesh_client.go b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/fake_servicemesh_client.go index 611785c3..f00c6656 100644 --- a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/fake_servicemesh_client.go +++ b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/fake_servicemesh_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/fake_servicepolicy.go b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/fake_servicepolicy.go index ff24c494..c879d47e 100644 --- a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/fake_servicepolicy.go +++ b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/fake_servicepolicy.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/fake_strategy.go b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/fake_strategy.go index e83e9f4f..285e7e77 100644 --- a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/fake_strategy.go +++ b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake/fake_strategy.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/generated_expansion.go b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/generated_expansion.go index 804800a2..74da4f62 100644 --- a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/generated_expansion.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/servicemesh_client.go b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/servicemesh_client.go index b8354a54..99196f1b 100644 --- a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/servicemesh_client.go +++ b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/servicemesh_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/servicepolicy.go b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/servicepolicy.go index 98078c3f..06062dae 100644 --- a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/servicepolicy.go +++ b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/servicepolicy.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/strategy.go b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/strategy.go index c8549c6e..54d10077 100644 --- a/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/strategy.go +++ b/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/strategy.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/doc.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/doc.go index 211cbcb7..76927874 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/doc.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/doc.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/doc.go index 8d523a0e..7e36dbca 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_tenant_client.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_tenant_client.go index 9d7fb8eb..9168d723 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_tenant_client.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_tenant_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_workspace.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_workspace.go index c9e93566..94f1d0d1 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_workspace.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_workspace.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/generated_expansion.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/generated_expansion.go index c7d3f38c..2c0edda5 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/generated_expansion.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/tenant_client.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/tenant_client.go index d1fe163d..75e1d077 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/tenant_client.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/tenant_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/workspace.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/workspace.go index a3bf5526..258159ac 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/workspace.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/workspace.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/doc.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/doc.go index 8af33123..f6328297 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/doc.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/fake/doc.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/fake/doc.go index 8d523a0e..7e36dbca 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/fake/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/fake/fake_tenant_client.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/fake/fake_tenant_client.go index 1fc79112..3e86c8a6 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/fake/fake_tenant_client.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/fake/fake_tenant_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/fake/fake_workspacetemplate.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/fake/fake_workspacetemplate.go index 5706cc89..af99e59e 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/fake/fake_workspacetemplate.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/fake/fake_workspacetemplate.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/generated_expansion.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/generated_expansion.go index a9f9f502..45696961 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/generated_expansion.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/tenant_client.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/tenant_client.go index e84520c9..f8dd43c7 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/tenant_client.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/tenant_client.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/workspacetemplate.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/workspacetemplate.go index 9fe5cd79..de4006a5 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha2/workspacetemplate.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha2/workspacetemplate.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/cluster/interface.go b/pkg/client/informers/externalversions/cluster/interface.go index e34756d5..27005312 100644 --- a/pkg/client/informers/externalversions/cluster/interface.go +++ b/pkg/client/informers/externalversions/cluster/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/cluster/v1alpha1/cluster.go b/pkg/client/informers/externalversions/cluster/v1alpha1/cluster.go index 77d9a2a6..b2b09562 100644 --- a/pkg/client/informers/externalversions/cluster/v1alpha1/cluster.go +++ b/pkg/client/informers/externalversions/cluster/v1alpha1/cluster.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/cluster/v1alpha1/interface.go b/pkg/client/informers/externalversions/cluster/v1alpha1/interface.go index ebb3bbbe..83d2ee61 100644 --- a/pkg/client/informers/externalversions/cluster/v1alpha1/interface.go +++ b/pkg/client/informers/externalversions/cluster/v1alpha1/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/devops/interface.go b/pkg/client/informers/externalversions/devops/interface.go index 723171c0..72e6cc27 100644 --- a/pkg/client/informers/externalversions/devops/interface.go +++ b/pkg/client/informers/externalversions/devops/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/devops/v1alpha1/interface.go b/pkg/client/informers/externalversions/devops/v1alpha1/interface.go index 626124d0..27dbf5a7 100644 --- a/pkg/client/informers/externalversions/devops/v1alpha1/interface.go +++ b/pkg/client/informers/externalversions/devops/v1alpha1/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/devops/v1alpha1/s2ibinary.go b/pkg/client/informers/externalversions/devops/v1alpha1/s2ibinary.go index fa67f97b..c7d86ed8 100644 --- a/pkg/client/informers/externalversions/devops/v1alpha1/s2ibinary.go +++ b/pkg/client/informers/externalversions/devops/v1alpha1/s2ibinary.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/devops/v1alpha1/s2ibuilder.go b/pkg/client/informers/externalversions/devops/v1alpha1/s2ibuilder.go index 55b775fd..a45a5842 100644 --- a/pkg/client/informers/externalversions/devops/v1alpha1/s2ibuilder.go +++ b/pkg/client/informers/externalversions/devops/v1alpha1/s2ibuilder.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/devops/v1alpha1/s2ibuildertemplate.go b/pkg/client/informers/externalversions/devops/v1alpha1/s2ibuildertemplate.go index 89958029..92e2a7b5 100644 --- a/pkg/client/informers/externalversions/devops/v1alpha1/s2ibuildertemplate.go +++ b/pkg/client/informers/externalversions/devops/v1alpha1/s2ibuildertemplate.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/devops/v1alpha1/s2irun.go b/pkg/client/informers/externalversions/devops/v1alpha1/s2irun.go index 6025fda1..78c94db2 100644 --- a/pkg/client/informers/externalversions/devops/v1alpha1/s2irun.go +++ b/pkg/client/informers/externalversions/devops/v1alpha1/s2irun.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/devops/v1alpha3/devopsproject.go b/pkg/client/informers/externalversions/devops/v1alpha3/devopsproject.go index 8be637df..39aa2265 100644 --- a/pkg/client/informers/externalversions/devops/v1alpha3/devopsproject.go +++ b/pkg/client/informers/externalversions/devops/v1alpha3/devopsproject.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/devops/v1alpha3/interface.go b/pkg/client/informers/externalversions/devops/v1alpha3/interface.go index cdb37eae..fd3318fd 100644 --- a/pkg/client/informers/externalversions/devops/v1alpha3/interface.go +++ b/pkg/client/informers/externalversions/devops/v1alpha3/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/devops/v1alpha3/pipeline.go b/pkg/client/informers/externalversions/devops/v1alpha3/pipeline.go index 644e2658..9f78ff18 100644 --- a/pkg/client/informers/externalversions/devops/v1alpha3/pipeline.go +++ b/pkg/client/informers/externalversions/devops/v1alpha3/pipeline.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/factory.go b/pkg/client/informers/externalversions/factory.go index b801b541..86664940 100644 --- a/pkg/client/informers/externalversions/factory.go +++ b/pkg/client/informers/externalversions/factory.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/generic.go b/pkg/client/informers/externalversions/generic.go index 278e9d5a..71d7a202 100644 --- a/pkg/client/informers/externalversions/generic.go +++ b/pkg/client/informers/externalversions/generic.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/iam/interface.go b/pkg/client/informers/externalversions/iam/interface.go index e2313ee5..df6253cd 100644 --- a/pkg/client/informers/externalversions/iam/interface.go +++ b/pkg/client/informers/externalversions/iam/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/iam/v1alpha2/globalrole.go b/pkg/client/informers/externalversions/iam/v1alpha2/globalrole.go index 0b0d3f11..48abffc5 100644 --- a/pkg/client/informers/externalversions/iam/v1alpha2/globalrole.go +++ b/pkg/client/informers/externalversions/iam/v1alpha2/globalrole.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/iam/v1alpha2/globalrolebinding.go b/pkg/client/informers/externalversions/iam/v1alpha2/globalrolebinding.go index 3781cf7d..16c1b6f3 100644 --- a/pkg/client/informers/externalversions/iam/v1alpha2/globalrolebinding.go +++ b/pkg/client/informers/externalversions/iam/v1alpha2/globalrolebinding.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/iam/v1alpha2/interface.go b/pkg/client/informers/externalversions/iam/v1alpha2/interface.go index 92e92c54..ea29ff8a 100644 --- a/pkg/client/informers/externalversions/iam/v1alpha2/interface.go +++ b/pkg/client/informers/externalversions/iam/v1alpha2/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/iam/v1alpha2/user.go b/pkg/client/informers/externalversions/iam/v1alpha2/user.go index 7e7679f1..1af7d1e4 100644 --- a/pkg/client/informers/externalversions/iam/v1alpha2/user.go +++ b/pkg/client/informers/externalversions/iam/v1alpha2/user.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/iam/v1alpha2/workspacerole.go b/pkg/client/informers/externalversions/iam/v1alpha2/workspacerole.go index 10b31e9d..d1cf4c62 100644 --- a/pkg/client/informers/externalversions/iam/v1alpha2/workspacerole.go +++ b/pkg/client/informers/externalversions/iam/v1alpha2/workspacerole.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/iam/v1alpha2/workspacerolebinding.go b/pkg/client/informers/externalversions/iam/v1alpha2/workspacerolebinding.go index 9d5faf32..24c443b3 100644 --- a/pkg/client/informers/externalversions/iam/v1alpha2/workspacerolebinding.go +++ b/pkg/client/informers/externalversions/iam/v1alpha2/workspacerolebinding.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go b/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go index 1f337ed4..e8a38dc4 100644 --- a/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/network/interface.go b/pkg/client/informers/externalversions/network/interface.go index 2d307e4a..874e56fd 100644 --- a/pkg/client/informers/externalversions/network/interface.go +++ b/pkg/client/informers/externalversions/network/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/network/v1alpha1/interface.go b/pkg/client/informers/externalversions/network/v1alpha1/interface.go index 2155792d..8312b972 100644 --- a/pkg/client/informers/externalversions/network/v1alpha1/interface.go +++ b/pkg/client/informers/externalversions/network/v1alpha1/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/network/v1alpha1/namespacenetworkpolicy.go b/pkg/client/informers/externalversions/network/v1alpha1/namespacenetworkpolicy.go index 263a9bb8..27ab896e 100644 --- a/pkg/client/informers/externalversions/network/v1alpha1/namespacenetworkpolicy.go +++ b/pkg/client/informers/externalversions/network/v1alpha1/namespacenetworkpolicy.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/servicemesh/interface.go b/pkg/client/informers/externalversions/servicemesh/interface.go index c7cdc74d..fcf1fb42 100644 --- a/pkg/client/informers/externalversions/servicemesh/interface.go +++ b/pkg/client/informers/externalversions/servicemesh/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/servicemesh/v1alpha2/interface.go b/pkg/client/informers/externalversions/servicemesh/v1alpha2/interface.go index 90988591..93c6e32b 100644 --- a/pkg/client/informers/externalversions/servicemesh/v1alpha2/interface.go +++ b/pkg/client/informers/externalversions/servicemesh/v1alpha2/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/servicemesh/v1alpha2/servicepolicy.go b/pkg/client/informers/externalversions/servicemesh/v1alpha2/servicepolicy.go index 65382070..36626b99 100644 --- a/pkg/client/informers/externalversions/servicemesh/v1alpha2/servicepolicy.go +++ b/pkg/client/informers/externalversions/servicemesh/v1alpha2/servicepolicy.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/servicemesh/v1alpha2/strategy.go b/pkg/client/informers/externalversions/servicemesh/v1alpha2/strategy.go index 179b379e..51e02645 100644 --- a/pkg/client/informers/externalversions/servicemesh/v1alpha2/strategy.go +++ b/pkg/client/informers/externalversions/servicemesh/v1alpha2/strategy.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/tenant/interface.go b/pkg/client/informers/externalversions/tenant/interface.go index 08a114d7..7fa70a28 100644 --- a/pkg/client/informers/externalversions/tenant/interface.go +++ b/pkg/client/informers/externalversions/tenant/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/tenant/v1alpha1/interface.go b/pkg/client/informers/externalversions/tenant/v1alpha1/interface.go index 991da0bb..83ca80fc 100644 --- a/pkg/client/informers/externalversions/tenant/v1alpha1/interface.go +++ b/pkg/client/informers/externalversions/tenant/v1alpha1/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/tenant/v1alpha1/workspace.go b/pkg/client/informers/externalversions/tenant/v1alpha1/workspace.go index 8428201a..da155ac9 100644 --- a/pkg/client/informers/externalversions/tenant/v1alpha1/workspace.go +++ b/pkg/client/informers/externalversions/tenant/v1alpha1/workspace.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/tenant/v1alpha2/interface.go b/pkg/client/informers/externalversions/tenant/v1alpha2/interface.go index c6eae9ee..672cbd42 100644 --- a/pkg/client/informers/externalversions/tenant/v1alpha2/interface.go +++ b/pkg/client/informers/externalversions/tenant/v1alpha2/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/tenant/v1alpha2/workspacetemplate.go b/pkg/client/informers/externalversions/tenant/v1alpha2/workspacetemplate.go index 93a34771..a75f0146 100644 --- a/pkg/client/informers/externalversions/tenant/v1alpha2/workspacetemplate.go +++ b/pkg/client/informers/externalversions/tenant/v1alpha2/workspacetemplate.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/cluster/v1alpha1/cluster.go b/pkg/client/listers/cluster/v1alpha1/cluster.go index 01a5fc07..15f095b2 100644 --- a/pkg/client/listers/cluster/v1alpha1/cluster.go +++ b/pkg/client/listers/cluster/v1alpha1/cluster.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/cluster/v1alpha1/expansion_generated.go b/pkg/client/listers/cluster/v1alpha1/expansion_generated.go index 8e079552..48105ea2 100644 --- a/pkg/client/listers/cluster/v1alpha1/expansion_generated.go +++ b/pkg/client/listers/cluster/v1alpha1/expansion_generated.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/devops/v1alpha1/expansion_generated.go b/pkg/client/listers/devops/v1alpha1/expansion_generated.go index 3dabf847..f2046983 100644 --- a/pkg/client/listers/devops/v1alpha1/expansion_generated.go +++ b/pkg/client/listers/devops/v1alpha1/expansion_generated.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/devops/v1alpha1/s2ibinary.go b/pkg/client/listers/devops/v1alpha1/s2ibinary.go index 9c8a880d..28fbf5a7 100644 --- a/pkg/client/listers/devops/v1alpha1/s2ibinary.go +++ b/pkg/client/listers/devops/v1alpha1/s2ibinary.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/devops/v1alpha1/s2ibuilder.go b/pkg/client/listers/devops/v1alpha1/s2ibuilder.go index ccead0a2..e446bd2e 100644 --- a/pkg/client/listers/devops/v1alpha1/s2ibuilder.go +++ b/pkg/client/listers/devops/v1alpha1/s2ibuilder.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/devops/v1alpha1/s2ibuildertemplate.go b/pkg/client/listers/devops/v1alpha1/s2ibuildertemplate.go index 06e794a0..9bcc0784 100644 --- a/pkg/client/listers/devops/v1alpha1/s2ibuildertemplate.go +++ b/pkg/client/listers/devops/v1alpha1/s2ibuildertemplate.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/devops/v1alpha1/s2irun.go b/pkg/client/listers/devops/v1alpha1/s2irun.go index 1cd11628..10f3c621 100644 --- a/pkg/client/listers/devops/v1alpha1/s2irun.go +++ b/pkg/client/listers/devops/v1alpha1/s2irun.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/devops/v1alpha3/devopsproject.go b/pkg/client/listers/devops/v1alpha3/devopsproject.go index 265a9274..15308105 100644 --- a/pkg/client/listers/devops/v1alpha3/devopsproject.go +++ b/pkg/client/listers/devops/v1alpha3/devopsproject.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/devops/v1alpha3/expansion_generated.go b/pkg/client/listers/devops/v1alpha3/expansion_generated.go index 28698a07..74bb62c1 100644 --- a/pkg/client/listers/devops/v1alpha3/expansion_generated.go +++ b/pkg/client/listers/devops/v1alpha3/expansion_generated.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/devops/v1alpha3/pipeline.go b/pkg/client/listers/devops/v1alpha3/pipeline.go index 7194c412..a9a9baf3 100644 --- a/pkg/client/listers/devops/v1alpha3/pipeline.go +++ b/pkg/client/listers/devops/v1alpha3/pipeline.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/iam/v1alpha2/expansion_generated.go b/pkg/client/listers/iam/v1alpha2/expansion_generated.go index 81164a3b..7b7e0520 100644 --- a/pkg/client/listers/iam/v1alpha2/expansion_generated.go +++ b/pkg/client/listers/iam/v1alpha2/expansion_generated.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/iam/v1alpha2/globalrole.go b/pkg/client/listers/iam/v1alpha2/globalrole.go index 0cc49a30..f4b7a788 100644 --- a/pkg/client/listers/iam/v1alpha2/globalrole.go +++ b/pkg/client/listers/iam/v1alpha2/globalrole.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/iam/v1alpha2/globalrolebinding.go b/pkg/client/listers/iam/v1alpha2/globalrolebinding.go index d5682c4b..df1fd3fa 100644 --- a/pkg/client/listers/iam/v1alpha2/globalrolebinding.go +++ b/pkg/client/listers/iam/v1alpha2/globalrolebinding.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/iam/v1alpha2/user.go b/pkg/client/listers/iam/v1alpha2/user.go index 30ff479e..1454fe64 100644 --- a/pkg/client/listers/iam/v1alpha2/user.go +++ b/pkg/client/listers/iam/v1alpha2/user.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/iam/v1alpha2/workspacerole.go b/pkg/client/listers/iam/v1alpha2/workspacerole.go index d96b2afb..7edaaf02 100644 --- a/pkg/client/listers/iam/v1alpha2/workspacerole.go +++ b/pkg/client/listers/iam/v1alpha2/workspacerole.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/iam/v1alpha2/workspacerolebinding.go b/pkg/client/listers/iam/v1alpha2/workspacerolebinding.go index fcf112d2..20f83a34 100644 --- a/pkg/client/listers/iam/v1alpha2/workspacerolebinding.go +++ b/pkg/client/listers/iam/v1alpha2/workspacerolebinding.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/network/v1alpha1/expansion_generated.go b/pkg/client/listers/network/v1alpha1/expansion_generated.go index 681ea94b..0b3ad7ac 100644 --- a/pkg/client/listers/network/v1alpha1/expansion_generated.go +++ b/pkg/client/listers/network/v1alpha1/expansion_generated.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/network/v1alpha1/namespacenetworkpolicy.go b/pkg/client/listers/network/v1alpha1/namespacenetworkpolicy.go index 78af4f5c..02709fb2 100644 --- a/pkg/client/listers/network/v1alpha1/namespacenetworkpolicy.go +++ b/pkg/client/listers/network/v1alpha1/namespacenetworkpolicy.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/servicemesh/v1alpha2/expansion_generated.go b/pkg/client/listers/servicemesh/v1alpha2/expansion_generated.go index b85dad0a..90593056 100644 --- a/pkg/client/listers/servicemesh/v1alpha2/expansion_generated.go +++ b/pkg/client/listers/servicemesh/v1alpha2/expansion_generated.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/servicemesh/v1alpha2/servicepolicy.go b/pkg/client/listers/servicemesh/v1alpha2/servicepolicy.go index ef510917..7ad24d42 100644 --- a/pkg/client/listers/servicemesh/v1alpha2/servicepolicy.go +++ b/pkg/client/listers/servicemesh/v1alpha2/servicepolicy.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/servicemesh/v1alpha2/strategy.go b/pkg/client/listers/servicemesh/v1alpha2/strategy.go index aeb3fa73..b47894bc 100644 --- a/pkg/client/listers/servicemesh/v1alpha2/strategy.go +++ b/pkg/client/listers/servicemesh/v1alpha2/strategy.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/tenant/v1alpha1/expansion_generated.go b/pkg/client/listers/tenant/v1alpha1/expansion_generated.go index f97f7fdb..7ebef402 100644 --- a/pkg/client/listers/tenant/v1alpha1/expansion_generated.go +++ b/pkg/client/listers/tenant/v1alpha1/expansion_generated.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/tenant/v1alpha1/workspace.go b/pkg/client/listers/tenant/v1alpha1/workspace.go index 0bf6a461..ab79a1c1 100644 --- a/pkg/client/listers/tenant/v1alpha1/workspace.go +++ b/pkg/client/listers/tenant/v1alpha1/workspace.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/tenant/v1alpha2/expansion_generated.go b/pkg/client/listers/tenant/v1alpha2/expansion_generated.go index 27e8cd81..516de116 100644 --- a/pkg/client/listers/tenant/v1alpha2/expansion_generated.go +++ b/pkg/client/listers/tenant/v1alpha2/expansion_generated.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/tenant/v1alpha2/workspacetemplate.go b/pkg/client/listers/tenant/v1alpha2/workspacetemplate.go index de1c8ee0..29a7a5d3 100644 --- a/pkg/client/listers/tenant/v1alpha2/workspacetemplate.go +++ b/pkg/client/listers/tenant/v1alpha2/workspacetemplate.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The KubeSphere Authors. +Copyright 2020 The KubeSphere Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/controller/cluster/cluster_controller.go b/pkg/controller/cluster/cluster_controller.go index 27c7781f..390967d5 100644 --- a/pkg/controller/cluster/cluster_controller.go +++ b/pkg/controller/cluster/cluster_controller.go @@ -1,9 +1,11 @@ package cluster import ( + "encoding/json" "fmt" v1 "k8s.io/api/core/v1" apiextv1b1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + "k8s.io/apimachinery/pkg/api/equality" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" @@ -25,8 +27,10 @@ import ( clusterinformer "kubesphere.io/kubesphere/pkg/client/informers/externalversions/cluster/v1alpha1" clusterlister "kubesphere.io/kubesphere/pkg/client/listers/cluster/v1alpha1" "math/rand" + "net/http" "reflect" fedv1b1 "sigs.k8s.io/kubefed/pkg/apis/core/v1beta1" + "sync" "time" ) @@ -52,9 +56,28 @@ const ( kubespherePort = 80 defaultAgentNamespace = "kubesphere-system" + + // proxy format + proxyFormat = "%s/api/v1/namespaces/kubesphere-system/services/:ks-apiserver:80/proxy/%s" ) -type ClusterController struct { +// ClusterData stores cluster client +type clusterData struct { + + // cached rest.Config + config *rest.Config + + // cached kubernetes client, rebuild once cluster changed + client kubernetes.Interface + + // cached kubeconfig + cachedKubeconfig []byte + + // cached transport, used to proxy kubesphere version request + transport http.RoundTripper +} + +type clusterController struct { eventBroadcaster record.EventBroadcaster eventRecorder record.EventRecorder @@ -69,6 +92,10 @@ type ClusterController struct { queue workqueue.RateLimitingInterface workerLoopPeriod time.Duration + + mu sync.RWMutex + + clusterMap map[string]*clusterData } func NewClusterController( @@ -76,7 +103,7 @@ func NewClusterController( config *rest.Config, clusterInformer clusterinformer.ClusterInformer, clusterClient clusterclient.ClusterInterface, -) *ClusterController { +) *clusterController { broadcaster := record.NewBroadcaster() broadcaster.StartLogging(func(format string, args ...interface{}) { @@ -85,7 +112,7 @@ func NewClusterController( broadcaster.StartRecordingToSink(&corev1.EventSinkImpl{Interface: client.CoreV1().Events("")}) recorder := broadcaster.NewRecorder(scheme.Scheme, v1.EventSource{Component: "cluster-controller"}) - c := &ClusterController{ + c := &clusterController{ eventBroadcaster: broadcaster, eventRecorder: recorder, client: client, @@ -93,6 +120,7 @@ func NewClusterController( clusterClient: clusterClient, queue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "cluster"), workerLoopPeriod: time.Second, + clusterMap: make(map[string]*clusterData), } c.clusterLister = clusterInformer.Lister() @@ -114,11 +142,11 @@ func NewClusterController( return c } -func (c *ClusterController) Start(stopCh <-chan struct{}) error { - return c.Run(5, stopCh) +func (c *clusterController) Start(stopCh <-chan struct{}) error { + return c.Run(3, stopCh) } -func (c *ClusterController) Run(workers int, stopCh <-chan struct{}) error { +func (c *clusterController) Run(workers int, stopCh <-chan struct{}) error { defer utilruntime.HandleCrash() defer c.queue.ShutDown() @@ -133,16 +161,22 @@ func (c *ClusterController) Run(workers int, stopCh <-chan struct{}) error { go wait.Until(c.worker, c.workerLoopPeriod, stopCh) } + go wait.Until(func() { + if err := c.syncStatus(); err != nil { + klog.Errorf("Error periodically sync cluster status, %v", err) + } + }, 5*time.Minute, stopCh) + <-stopCh return nil } -func (c *ClusterController) worker() { +func (c *clusterController) worker() { for c.processNextItem() { } } -func (c *ClusterController) processNextItem() bool { +func (c *clusterController) processNextItem() bool { key, quit := c.queue.Get() if quit { return false @@ -155,7 +189,59 @@ func (c *ClusterController) processNextItem() bool { return true } -func (c *ClusterController) syncCluster(key string) error { +func buildClusterData(kubeconfig []byte) (*clusterData, error) { + // prepare for + clientConfig, err := clientcmd.NewClientConfigFromBytes(kubeconfig) + if err != nil { + klog.Errorf("Unable to create client config from kubeconfig bytes, %#v", err) + return nil, err + } + + clusterConfig, err := clientConfig.ClientConfig() + if err != nil { + klog.Errorf("Failed to get client config, %#v", err) + return nil, err + } + + transport, err := rest.TransportFor(clusterConfig) + if err != nil { + klog.Errorf("Failed to create transport, %#v", err) + return nil, err + } + + clientSet, err := kubernetes.NewForConfig(clusterConfig) + if err != nil { + klog.Errorf("Failed to create ClientSet from config, %#v", err) + return nil, err + } + + return &clusterData{ + cachedKubeconfig: kubeconfig, + config: clusterConfig, + client: clientSet, + transport: transport, + }, nil +} + +func (c *clusterController) syncStatus() error { + clusters, err := c.clusterLister.List(labels.Everything()) + if err != nil { + return err + } + + for _, cluster := range clusters { + key, err := cache.MetaNamespaceKeyFunc(cluster) + if err != nil { + return err + } + + c.queue.AddRateLimited(key) + } + + return nil +} + +func (c *clusterController) syncCluster(key string) error { startTime := time.Now() _, name, err := cache.SplitMetaNamespaceKey(key) @@ -333,37 +419,27 @@ func (c *ClusterController) syncCluster(key string) error { return nil } - var clientSet kubernetes.Interface - var clusterConfig *rest.Config - - // prepare for - clientConfig, err := clientcmd.NewClientConfigFromBytes(cluster.Spec.Connection.KubeConfig) - if err != nil { - klog.Errorf("Unable to create client config from kubeconfig bytes, %#v", err) - return err - } - - clusterConfig, err = clientConfig.ClientConfig() - if err != nil { - klog.Errorf("Failed to get client config, %#v", err) - return err - } - - clientSet, err = kubernetes.NewForConfig(clusterConfig) - if err != nil { - klog.Errorf("Failed to create ClientSet from config, %#v", err) - return err + c.mu.Lock() + clusterDt, ok := c.clusterMap[cluster.Name] + if !ok || clusterDt == nil || !equality.Semantic.DeepEqual(clusterDt.cachedKubeconfig, cluster.Spec.Connection.KubeConfig) { + clusterDt, err = buildClusterData(cluster.Spec.Connection.KubeConfig) + if err != nil { + c.mu.Unlock() + return err + } + c.clusterMap[cluster.Name] = clusterDt } + c.mu.Unlock() if !cluster.Spec.JoinFederation { // trying to unJoin federation - err = c.unJoinFederation(clusterConfig, cluster.Name) + err = c.unJoinFederation(clusterDt.config, cluster.Name) if err != nil { klog.Errorf("Failed to unJoin federation for cluster %s, error %v", cluster.Name, err) c.eventRecorder.Event(cluster, v1.EventTypeWarning, "UnJoinFederation", err.Error()) return err } } else { // join federation - _, err = c.joinFederation(clusterConfig, cluster.Name, cluster.Labels) + _, err = c.joinFederation(clusterDt.config, cluster.Name, cluster.Labels) if err != nil { klog.Errorf("Failed to join federation for cluster %s, error %v", cluster.Name, err) c.eventRecorder.Event(cluster, v1.EventTypeWarning, "JoinFederation", err.Error()) @@ -390,10 +466,10 @@ func (c *ClusterController) syncCluster(key string) error { cluster.Spec.Connection.Type == clusterv1alpha1.ConnectionTypeDirect { if len(cluster.Spec.Connection.KubernetesAPIEndpoint) == 0 { - cluster.Spec.Connection.KubernetesAPIEndpoint = clusterConfig.Host + cluster.Spec.Connection.KubernetesAPIEndpoint = clusterDt.config.Host } - version, err := clientSet.Discovery().ServerVersion() + version, err := clusterDt.client.Discovery().ServerVersion() if err != nil { klog.Errorf("Failed to get kubernetes version, %#v", err) return err @@ -401,7 +477,7 @@ func (c *ClusterController) syncCluster(key string) error { cluster.Status.KubernetesVersion = version.GitVersion - nodes, err := clientSet.CoreV1().Nodes().List(metav1.ListOptions{}) + nodes, err := clusterDt.client.CoreV1().Nodes().List(metav1.ListOptions{}) if err != nil { klog.Errorf("Failed to get cluster nodes, %#v", err) return err @@ -409,6 +485,11 @@ func (c *ClusterController) syncCluster(key string) error { cluster.Status.NodeCount = len(nodes.Items) + configz, err := c.tryToFetchKubeSphereComponents(clusterDt.config.Host, clusterDt.transport) + if err == nil { + cluster.Status.Configz = configz + } + clusterReadyCondition := clusterv1alpha1.ClusterCondition{ Type: clusterv1alpha1.ClusterReady, Status: v1.ConditionTrue, @@ -432,7 +513,34 @@ func (c *ClusterController) syncCluster(key string) error { return nil } -func (c *ClusterController) addCluster(obj interface{}) { +func (c *clusterController) tryToFetchKubeSphereComponents(host string, transport http.RoundTripper) (map[string]bool, error) { + client := http.Client{ + Transport: transport, + Timeout: 5 * time.Second, + } + + response, err := client.Get(fmt.Sprintf(proxyFormat, host, "kapis/config.kubesphere.io/v1alpha2/configs/configz")) + if err != nil { + klog.V(4).Infof("Failed to get kubesphere components, error %v", err) + return nil, err + } + + if response.StatusCode != http.StatusOK { + klog.V(4).Infof("Response status code isn't 200.") + return nil, fmt.Errorf("response code %d", response.StatusCode) + } + + configz := make(map[string]bool) + decoder := json.NewDecoder(response.Body) + err = decoder.Decode(&configz) + if err != nil { + klog.V(4).Infof("Decode error %v", err) + return nil, err + } + return configz, nil +} + +func (c *clusterController) addCluster(obj interface{}) { cluster := obj.(*clusterv1alpha1.Cluster) key, err := cache.MetaNamespaceKeyFunc(obj) @@ -444,7 +552,7 @@ func (c *ClusterController) addCluster(obj interface{}) { c.queue.Add(key) } -func (c *ClusterController) handleErr(err error, key interface{}) { +func (c *clusterController) handleErr(err error, key interface{}) { if err == nil { c.queue.Forget(key) return @@ -472,7 +580,7 @@ func isConditionTrue(cluster *clusterv1alpha1.Cluster, conditionType clusterv1al // updateClusterCondition updates condition in cluster conditions using giving condition // adds condition if not existed -func (c *ClusterController) updateClusterCondition(cluster *clusterv1alpha1.Cluster, condition clusterv1alpha1.ClusterCondition) { +func (c *clusterController) updateClusterCondition(cluster *clusterv1alpha1.Cluster, condition clusterv1alpha1.ClusterCondition) { if cluster.Status.Conditions == nil { cluster.Status.Conditions = make([]clusterv1alpha1.ClusterCondition, 0) } @@ -509,7 +617,7 @@ func isHostCluster(cluster *clusterv1alpha1.Cluster) bool { // joinFederation joins a cluster into federation clusters. // return nil error if kubefed cluster already exists. -func (c *ClusterController) joinFederation(clusterConfig *rest.Config, joiningClusterName string, labels map[string]string) (*fedv1b1.KubeFedCluster, error) { +func (c *clusterController) joinFederation(clusterConfig *rest.Config, joiningClusterName string, labels map[string]string) (*fedv1b1.KubeFedCluster, error) { return joinClusterForNamespace(c.hostConfig, clusterConfig, @@ -525,7 +633,7 @@ func (c *ClusterController) joinFederation(clusterConfig *rest.Config, joiningCl } // unJoinFederation unjoins a cluster from federation control plane. -func (c *ClusterController) unJoinFederation(clusterConfig *rest.Config, unjoiningClusterName string) error { +func (c *clusterController) unJoinFederation(clusterConfig *rest.Config, unjoiningClusterName string) error { return unjoinCluster(c.hostConfig, clusterConfig, kubefedNamespace, @@ -537,7 +645,7 @@ func (c *ClusterController) unJoinFederation(clusterConfig *rest.Config, unjoini // allocatePort find a available port between [portRangeMin, portRangeMax] in maximumRetries // TODO: only works with handful clusters -func (c *ClusterController) allocatePort() (uint16, error) { +func (c *clusterController) allocatePort() (uint16, error) { rand.Seed(time.Now().UnixNano()) clusters, err := c.clusterLister.List(labels.Everything()) @@ -568,7 +676,7 @@ func (c *ClusterController) allocatePort() (uint16, error) { } // generateToken returns a random 32-byte string as token -func (c *ClusterController) generateToken() string { +func (c *clusterController) generateToken() string { rand.Seed(time.Now().UnixNano()) b := make([]byte, 32) rand.Read(b) -- GitLab