...

Package flowcontrol

import "k8s.io/kubernetes/pkg/apis/flowcontrol"
Overview
Index
Subdirectories

Overview ▾

Package flowcontrol provides api definitions for the "flowcontrol.apiserver.k8s.io" api group.

Index ▾

Constants
Variables
func Kind(kind string) schema.GroupKind
func Resource(resource string) schema.GroupResource
type ConditionStatus
type ExemptPriorityLevelConfiguration
    func (in *ExemptPriorityLevelConfiguration) DeepCopy() *ExemptPriorityLevelConfiguration
    func (in *ExemptPriorityLevelConfiguration) DeepCopyInto(out *ExemptPriorityLevelConfiguration)
type FlowDistinguisherMethod
    func (in *FlowDistinguisherMethod) DeepCopy() *FlowDistinguisherMethod
    func (in *FlowDistinguisherMethod) DeepCopyInto(out *FlowDistinguisherMethod)
type FlowDistinguisherMethodType
type FlowSchema
    func (in *FlowSchema) DeepCopy() *FlowSchema
    func (in *FlowSchema) DeepCopyInto(out *FlowSchema)
    func (in *FlowSchema) DeepCopyObject() runtime.Object
type FlowSchemaCondition
    func (in *FlowSchemaCondition) DeepCopy() *FlowSchemaCondition
    func (in *FlowSchemaCondition) DeepCopyInto(out *FlowSchemaCondition)
type FlowSchemaConditionType
type FlowSchemaList
    func (in *FlowSchemaList) DeepCopy() *FlowSchemaList
    func (in *FlowSchemaList) DeepCopyInto(out *FlowSchemaList)
    func (in *FlowSchemaList) DeepCopyObject() runtime.Object
type FlowSchemaSpec
    func (in *FlowSchemaSpec) DeepCopy() *FlowSchemaSpec
    func (in *FlowSchemaSpec) DeepCopyInto(out *FlowSchemaSpec)
type FlowSchemaStatus
    func (in *FlowSchemaStatus) DeepCopy() *FlowSchemaStatus
    func (in *FlowSchemaStatus) DeepCopyInto(out *FlowSchemaStatus)
type GroupSubject
    func (in *GroupSubject) DeepCopy() *GroupSubject
    func (in *GroupSubject) DeepCopyInto(out *GroupSubject)
type LimitResponse
    func (in *LimitResponse) DeepCopy() *LimitResponse
    func (in *LimitResponse) DeepCopyInto(out *LimitResponse)
type LimitResponseType
type LimitedPriorityLevelConfiguration
    func (in *LimitedPriorityLevelConfiguration) DeepCopy() *LimitedPriorityLevelConfiguration
    func (in *LimitedPriorityLevelConfiguration) DeepCopyInto(out *LimitedPriorityLevelConfiguration)
type NonResourcePolicyRule
    func (in *NonResourcePolicyRule) DeepCopy() *NonResourcePolicyRule
    func (in *NonResourcePolicyRule) DeepCopyInto(out *NonResourcePolicyRule)
type PolicyRulesWithSubjects
    func (in *PolicyRulesWithSubjects) DeepCopy() *PolicyRulesWithSubjects
    func (in *PolicyRulesWithSubjects) DeepCopyInto(out *PolicyRulesWithSubjects)
type PriorityLevelConfiguration
    func (in *PriorityLevelConfiguration) DeepCopy() *PriorityLevelConfiguration
    func (in *PriorityLevelConfiguration) DeepCopyInto(out *PriorityLevelConfiguration)
    func (in *PriorityLevelConfiguration) DeepCopyObject() runtime.Object
type PriorityLevelConfigurationCondition
    func (in *PriorityLevelConfigurationCondition) DeepCopy() *PriorityLevelConfigurationCondition
    func (in *PriorityLevelConfigurationCondition) DeepCopyInto(out *PriorityLevelConfigurationCondition)
type PriorityLevelConfigurationConditionType
type PriorityLevelConfigurationList
    func (in *PriorityLevelConfigurationList) DeepCopy() *PriorityLevelConfigurationList
    func (in *PriorityLevelConfigurationList) DeepCopyInto(out *PriorityLevelConfigurationList)
    func (in *PriorityLevelConfigurationList) DeepCopyObject() runtime.Object
type PriorityLevelConfigurationReference
    func (in *PriorityLevelConfigurationReference) DeepCopy() *PriorityLevelConfigurationReference
    func (in *PriorityLevelConfigurationReference) DeepCopyInto(out *PriorityLevelConfigurationReference)
type PriorityLevelConfigurationSpec
    func (in *PriorityLevelConfigurationSpec) DeepCopy() *PriorityLevelConfigurationSpec
    func (in *PriorityLevelConfigurationSpec) DeepCopyInto(out *PriorityLevelConfigurationSpec)
type PriorityLevelConfigurationStatus
    func (in *PriorityLevelConfigurationStatus) DeepCopy() *PriorityLevelConfigurationStatus
    func (in *PriorityLevelConfigurationStatus) DeepCopyInto(out *PriorityLevelConfigurationStatus)
type PriorityLevelEnablement
type QueuingConfiguration
    func (in *QueuingConfiguration) DeepCopy() *QueuingConfiguration
    func (in *QueuingConfiguration) DeepCopyInto(out *QueuingConfiguration)
type ResourcePolicyRule
    func (in *ResourcePolicyRule) DeepCopy() *ResourcePolicyRule
    func (in *ResourcePolicyRule) DeepCopyInto(out *ResourcePolicyRule)
type ServiceAccountSubject
    func (in *ServiceAccountSubject) DeepCopy() *ServiceAccountSubject
    func (in *ServiceAccountSubject) DeepCopyInto(out *ServiceAccountSubject)
type Subject
    func (in *Subject) DeepCopy() *Subject
    func (in *Subject) DeepCopyInto(out *Subject)
type SubjectKind
type UserSubject
    func (in *UserSubject) DeepCopy() *UserSubject
    func (in *UserSubject) DeepCopyInto(out *UserSubject)

Package files

doc.go register.go types.go zz_generated.deepcopy.go

Constants

These are valid wildcards.

const (
    APIGroupAll    = "*"
    ResourceAll    = "*"
    VerbAll        = "*"
    NonResourceAll = "*"
    NameAll        = "*"

    NamespaceEvery = "*" // matches every particular namespace
)

System preset priority level names

const (
    PriorityLevelConfigurationNameExempt   = "exempt"
    PriorityLevelConfigurationNameCatchAll = "catch-all"
    FlowSchemaNameExempt                   = "exempt"
    FlowSchemaNameCatchAll                 = "catch-all"
)

Conditions

const (
    FlowSchemaConditionDangling = "Dangling"

    PriorityLevelConfigurationConditionConcurrencyShared = "ConcurrencyShared"
)

Constants used by api validation.

const (
    FlowSchemaMaxMatchingPrecedence int32 = 10000
)

GroupName is the name of api group

const GroupName = "flowcontrol.apiserver.k8s.io"

Variables

var (
    // SchemeBuilder installs the api group to a scheme
    SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
    // AddToScheme adds api to a scheme
    AddToScheme = SchemeBuilder.AddToScheme
)

SchemeGroupVersion is group version used to register these objects

var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}

func Kind

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns a Group qualified GroupKind

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

type ConditionStatus

ConditionStatus is the status of the condition.

type ConditionStatus string

These are valid condition statuses. "ConditionTrue" means a resource is in the condition. "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes can't decide if a resource is in the condition or not. In the future, we could add other intermediate conditions, e.g. ConditionDegraded.

const (
    ConditionTrue    ConditionStatus = "True"
    ConditionFalse   ConditionStatus = "False"
    ConditionUnknown ConditionStatus = "Unknown"
)

type ExemptPriorityLevelConfiguration

ExemptPriorityLevelConfiguration describes the configurable aspects of the handling of exempt requests. In the mandatory exempt configuration object the values in the fields here can be modified by authorized users, unlike the rest of the `spec`.

type ExemptPriorityLevelConfiguration struct {
    // `nominalConcurrencyShares` (NCS) contributes to the computation of the
    // NominalConcurrencyLimit (NominalCL) of this level.
    // This is the number of execution seats nominally reserved for this priority level.
    // This DOES NOT limit the dispatching from this priority level
    // but affects the other priority levels through the borrowing mechanism.
    // The server's concurrency limit (ServerCL) is divided among all the
    // priority levels in proportion to their NCS values:
    //
    // NominalCL(i)  = ceil( ServerCL * NCS(i) / sum_ncs )
    // sum_ncs = sum[priority level k] NCS(k)
    //
    // Bigger numbers mean a larger nominal concurrency limit,
    // at the expense of every other priority level.
    // This field has a default value of zero.
    // +optional
    NominalConcurrencyShares *int32
    // `lendablePercent` prescribes the fraction of the level's NominalCL that
    // can be borrowed by other priority levels.  This value of this
    // field must be between 0 and 100, inclusive, and it defaults to 0.
    // The number of seats that other levels can borrow from this level, known
    // as this level's LendableConcurrencyLimit (LendableCL), is defined as follows.
    //
    // LendableCL(i) = round( NominalCL(i) * lendablePercent(i)/100.0 )
    //
    // +optional
    LendablePercent *int32
}

func (*ExemptPriorityLevelConfiguration) DeepCopy

func (in *ExemptPriorityLevelConfiguration) DeepCopy() *ExemptPriorityLevelConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExemptPriorityLevelConfiguration.

func (*ExemptPriorityLevelConfiguration) DeepCopyInto

func (in *ExemptPriorityLevelConfiguration) DeepCopyInto(out *ExemptPriorityLevelConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FlowDistinguisherMethod

FlowDistinguisherMethod specifies the method of a flow distinguisher.

type FlowDistinguisherMethod struct {
    // `type` is the type of flow distinguisher method
    // The supported types are "ByUser" and "ByNamespace".
    // Required.
    Type FlowDistinguisherMethodType
}

func (*FlowDistinguisherMethod) DeepCopy

func (in *FlowDistinguisherMethod) DeepCopy() *FlowDistinguisherMethod

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlowDistinguisherMethod.

func (*FlowDistinguisherMethod) DeepCopyInto

func (in *FlowDistinguisherMethod) DeepCopyInto(out *FlowDistinguisherMethod)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FlowDistinguisherMethodType

FlowDistinguisherMethodType is the type of flow distinguisher method

type FlowDistinguisherMethodType string

These are valid flow-distinguisher methods.

const (
    // FlowDistinguisherMethodByUserType specifies that the flow distinguisher is the username in the request.
    // This type is used to provide some insulation between users.
    FlowDistinguisherMethodByUserType FlowDistinguisherMethodType = "ByUser"

    // FlowDistinguisherMethodByNamespaceType specifies that the flow distinguisher is the namespace of the
    // object that the request acts upon. If the object is not namespaced, or if the request is a non-resource
    // request, then the distinguisher will be the empty string. An example usage of this type is to provide
    // some insulation between tenants in a situation where there are multiple tenants and each namespace
    // is dedicated to a tenant.
    FlowDistinguisherMethodByNamespaceType FlowDistinguisherMethodType = "ByNamespace"
)

type FlowSchema

FlowSchema defines the schema of a group of flows. Note that a flow is made up of a set of inbound API requests with similar attributes and is identified by a pair of strings: the name of the FlowSchema and a "flow distinguisher".

type FlowSchema struct {
    metav1.TypeMeta
    // `metadata` is the standard object's metadata.
    // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    // +optional
    metav1.ObjectMeta
    // `spec` is the specification of the desired behavior of a FlowSchema.
    // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    // +optional
    Spec FlowSchemaSpec
    // `status` is the current status of a FlowSchema.
    // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    // +optional
    Status FlowSchemaStatus
}

func (*FlowSchema) DeepCopy

func (in *FlowSchema) DeepCopy() *FlowSchema

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlowSchema.

func (*FlowSchema) DeepCopyInto

func (in *FlowSchema) DeepCopyInto(out *FlowSchema)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*FlowSchema) DeepCopyObject

func (in *FlowSchema) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type FlowSchemaCondition

FlowSchemaCondition describes conditions for a FlowSchema.

type FlowSchemaCondition struct {
    // `type` is the type of the condition.
    // Required.
    Type FlowSchemaConditionType
    // `status` is the status of the condition.
    // Can be True, False, Unknown.
    // Required.
    Status ConditionStatus
    // `lastTransitionTime` is the last time the condition transitioned from one status to another.
    LastTransitionTime metav1.Time
    // `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
    Reason string
    // `message` is a human-readable message indicating details about last transition.
    Message string
}

func (*FlowSchemaCondition) DeepCopy

func (in *FlowSchemaCondition) DeepCopy() *FlowSchemaCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlowSchemaCondition.

func (*FlowSchemaCondition) DeepCopyInto

func (in *FlowSchemaCondition) DeepCopyInto(out *FlowSchemaCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FlowSchemaConditionType

FlowSchemaConditionType is a valid value for FlowSchemaStatusCondition.Type

type FlowSchemaConditionType string

type FlowSchemaList

FlowSchemaList is a list of FlowSchema objects.

type FlowSchemaList struct {
    metav1.TypeMeta
    // `metadata` is the standard list metadata.
    // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    // +optional
    metav1.ListMeta

    // `items` is a list of FlowSchemas.
    Items []FlowSchema
}

func (*FlowSchemaList) DeepCopy

func (in *FlowSchemaList) DeepCopy() *FlowSchemaList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlowSchemaList.

func (*FlowSchemaList) DeepCopyInto

func (in *FlowSchemaList) DeepCopyInto(out *FlowSchemaList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*FlowSchemaList) DeepCopyObject

func (in *FlowSchemaList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type FlowSchemaSpec

FlowSchemaSpec describes how the FlowSchema's specification looks like.

type FlowSchemaSpec struct {
    // `priorityLevelConfiguration` should reference a PriorityLevelConfiguration in the cluster. If the reference cannot
    // be resolved, the FlowSchema will be ignored and marked as invalid in its status.
    // Required.
    PriorityLevelConfiguration PriorityLevelConfigurationReference
    // `matchingPrecedence` is used to choose among the FlowSchemas that match a given request. The chosen
    // FlowSchema is among those with the numerically lowest (which we take to be logically highest)
    // MatchingPrecedence.  Each MatchingPrecedence value must be ranged in [1,10000].
    // Note that if the precedence is not specified, it will be set to 1000 as default.
    // +optional
    MatchingPrecedence int32
    // `distinguisherMethod` defines how to compute the flow distinguisher for requests that match this schema.
    // `nil` specifies that the distinguisher is disabled and thus will always be the empty string.
    // +optional
    DistinguisherMethod *FlowDistinguisherMethod
    // `rules` describes which requests will match this flow schema. This FlowSchema matches a request if and only if
    // at least one member of rules matches the request.
    // if it is an empty slice, there will be no requests matching the FlowSchema.
    // +listType=set
    // +optional
    Rules []PolicyRulesWithSubjects
}

func (*FlowSchemaSpec) DeepCopy

func (in *FlowSchemaSpec) DeepCopy() *FlowSchemaSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlowSchemaSpec.

func (*FlowSchemaSpec) DeepCopyInto

func (in *FlowSchemaSpec) DeepCopyInto(out *FlowSchemaSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FlowSchemaStatus

FlowSchemaStatus represents the current state of a FlowSchema.

type FlowSchemaStatus struct {
    // `conditions` is a list of the current states of FlowSchema.
    // +listType=map
    // +listMapKey=type
    // +patchMergeKey=type
    // +patchStrategy=merge
    // +optional
    Conditions []FlowSchemaCondition
}

func (*FlowSchemaStatus) DeepCopy

func (in *FlowSchemaStatus) DeepCopy() *FlowSchemaStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlowSchemaStatus.

func (*FlowSchemaStatus) DeepCopyInto

func (in *FlowSchemaStatus) DeepCopyInto(out *FlowSchemaStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GroupSubject

GroupSubject holds detailed information for group-kind subject.

type GroupSubject struct {
    // name is the user group that matches, or "*" to match all user groups.
    // See https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go for some
    // well-known group names.
    // Required.
    Name string
}

func (*GroupSubject) DeepCopy

func (in *GroupSubject) DeepCopy() *GroupSubject

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSubject.

func (*GroupSubject) DeepCopyInto

func (in *GroupSubject) DeepCopyInto(out *GroupSubject)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LimitResponse

LimitResponse defines how to handle requests that can not be executed right now. +union

type LimitResponse struct {
    // `type` is "Queue" or "Reject".
    // "Queue" means that requests that can not be executed upon arrival
    // are held in a queue until they can be executed or a queuing limit
    // is reached.
    // "Reject" means that requests that can not be executed upon arrival
    // are rejected.
    // Required.
    // +unionDiscriminator
    Type LimitResponseType

    // `queuing` holds the configuration parameters for queuing.
    // This field may be non-empty only if `type` is `"Queue"`.
    // +optional
    Queuing *QueuingConfiguration
}

func (*LimitResponse) DeepCopy

func (in *LimitResponse) DeepCopy() *LimitResponse

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LimitResponse.

func (*LimitResponse) DeepCopyInto

func (in *LimitResponse) DeepCopyInto(out *LimitResponse)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LimitResponseType

LimitResponseType identifies how a Limited priority level handles a request that can not be executed right now

type LimitResponseType string

Supported limit responses.

const (
    // LimitResponseTypeQueue means that requests that can not be executed right now are queued until they can be executed or a queuing limit is hit
    LimitResponseTypeQueue LimitResponseType = "Queue"

    // LimitResponseTypeReject means that requests that can not be executed right now are rejected
    LimitResponseTypeReject LimitResponseType = "Reject"
)

type LimitedPriorityLevelConfiguration

LimitedPriorityLevelConfiguration specifies how to handle requests that are subject to limits. It addresses two issues:

type LimitedPriorityLevelConfiguration struct {
    // `nominalConcurrencyShares` (NCS) contributes to the computation of the
    // NominalConcurrencyLimit (NominalCL) of this level.
    // This is the number of execution seats available at this priority level.
    // This is used both for requests dispatched from this priority level
    // as well as requests dispatched from other priority levels
    // borrowing seats from this level.
    // The server's concurrency limit (ServerCL) is divided among the
    // Limited priority levels in proportion to their NCS values:
    //
    // NominalCL(i)  = ceil( ServerCL * NCS(i) / sum_ncs )
    // sum_ncs = sum[priority level k] NCS(k)
    //
    // Bigger numbers mean a larger nominal concurrency limit,
    // at the expense of every other priority level.
    // This field has a default value of 30.
    //
    // Setting this field to zero supports the construction of a
    // "jail" for this priority level that is used to hold some request(s)
    //
    // +optional
    NominalConcurrencyShares int32

    // `limitResponse` indicates what to do with requests that can not be executed right now
    LimitResponse LimitResponse

    // `lendablePercent` prescribes the fraction of the level's NominalCL that
    // can be borrowed by other priority levels. The value of this
    // field must be between 0 and 100, inclusive, and it defaults to 0.
    // The number of seats that other levels can borrow from this level, known
    // as this level's LendableConcurrencyLimit (LendableCL), is defined as follows.
    //
    // LendableCL(i) = round( NominalCL(i) * lendablePercent(i)/100.0 )
    //
    // +optional
    LendablePercent *int32

    // `borrowingLimitPercent`, if present, configures a limit on how many
    // seats this priority level can borrow from other priority levels.
    // The limit is known as this level's BorrowingConcurrencyLimit
    // (BorrowingCL) and is a limit on the total number of seats that this
    // level may borrow at any one time.
    // This field holds the ratio of that limit to the level's nominal
    // concurrency limit. When this field is non-nil, it must hold a
    // non-negative integer and the limit is calculated as follows.
    //
    // BorrowingCL(i) = round( NominalCL(i) * borrowingLimitPercent(i)/100.0 )
    //
    // The value of this field can be more than 100, implying that this
    // priority level can borrow a number of seats that is greater than
    // its own nominal concurrency limit (NominalCL).
    // When this field is left `nil`, the limit is effectively infinite.
    // +optional
    BorrowingLimitPercent *int32
}

func (*LimitedPriorityLevelConfiguration) DeepCopy

func (in *LimitedPriorityLevelConfiguration) DeepCopy() *LimitedPriorityLevelConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LimitedPriorityLevelConfiguration.

func (*LimitedPriorityLevelConfiguration) DeepCopyInto

func (in *LimitedPriorityLevelConfiguration) DeepCopyInto(out *LimitedPriorityLevelConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NonResourcePolicyRule

NonResourcePolicyRule is a predicate that matches non-resource requests according to their verb and the target non-resource URL. A NonResourcePolicyRule matches a request if and only if both (a) at least one member of verbs matches the request and (b) at least one member of nonResourceURLs matches the request.

type NonResourcePolicyRule struct {
    // `verbs` is a list of matching verbs and may not be empty.
    // "*" matches all verbs. If it is present, it must be the only entry.
    // +listType=set
    // Required.
    Verbs []string
    // `nonResourceURLs` is a set of url prefixes that a user should have access to and may not be empty.
    // For example:
    //   - "/healthz" is legal
    //   - "/hea*" is illegal
    //   - "/hea" is legal but matches nothing
    //   - "/hea/*" also matches nothing
    //   - "/healthz/*" matches all per-component health checks.
    // "*" matches all non-resource urls. if it is present, it must be the only entry.
    // +listType=set
    // Required.
    NonResourceURLs []string
}

func (*NonResourcePolicyRule) DeepCopy

func (in *NonResourcePolicyRule) DeepCopy() *NonResourcePolicyRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NonResourcePolicyRule.

func (*NonResourcePolicyRule) DeepCopyInto

func (in *NonResourcePolicyRule) DeepCopyInto(out *NonResourcePolicyRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyRulesWithSubjects

PolicyRulesWithSubjects prescribes a test that applies to a request to an apiserver. The test considers the subject making the request, the verb being requested, and the resource to be acted upon. This PolicyRulesWithSubjects matches a request if and only if both (a) at least one member of subjects matches the request and (b) at least one member of resourceRules or nonResourceRules matches the request.

type PolicyRulesWithSubjects struct {
    // subjects is the list of normal user, serviceaccount, or group that this rule cares about.
    // There must be at least one member in this slice.
    // A slice that includes both the system:authenticated and system:unauthenticated user groups matches every request.
    // +listType=set
    // Required.
    Subjects []Subject
    // `resourceRules` is a slice of ResourcePolicyRules that identify matching requests according to their verb and the
    // target resource.
    // At least one of `resourceRules` and `nonResourceRules` has to be non-empty.
    // +listType=set
    // +optional
    ResourceRules []ResourcePolicyRule
    // `nonResourceRules` is a list of NonResourcePolicyRules that identify matching requests according to their verb
    // and the target non-resource URL.
    // +listType=set
    // +optional
    NonResourceRules []NonResourcePolicyRule
}

func (*PolicyRulesWithSubjects) DeepCopy

func (in *PolicyRulesWithSubjects) DeepCopy() *PolicyRulesWithSubjects

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRulesWithSubjects.

func (*PolicyRulesWithSubjects) DeepCopyInto

func (in *PolicyRulesWithSubjects) DeepCopyInto(out *PolicyRulesWithSubjects)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PriorityLevelConfiguration

PriorityLevelConfiguration represents the configuration of a priority level.

type PriorityLevelConfiguration struct {
    metav1.TypeMeta
    // `metadata` is the standard object's metadata.
    // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    // +optional
    metav1.ObjectMeta
    // `spec` is the specification of the desired behavior of a "request-priority".
    // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    // +optional
    Spec PriorityLevelConfigurationSpec
    // `status` is the current status of a "request-priority".
    // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    // +optional
    Status PriorityLevelConfigurationStatus
}

func (*PriorityLevelConfiguration) DeepCopy

func (in *PriorityLevelConfiguration) DeepCopy() *PriorityLevelConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityLevelConfiguration.

func (*PriorityLevelConfiguration) DeepCopyInto

func (in *PriorityLevelConfiguration) DeepCopyInto(out *PriorityLevelConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PriorityLevelConfiguration) DeepCopyObject

func (in *PriorityLevelConfiguration) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PriorityLevelConfigurationCondition

PriorityLevelConfigurationCondition defines the condition of priority level.

type PriorityLevelConfigurationCondition struct {
    // `type` is the type of the condition.
    // Required.
    Type PriorityLevelConfigurationConditionType
    // `status` is the status of the condition.
    // Can be True, False, Unknown.
    // Required.
    Status ConditionStatus
    // `lastTransitionTime` is the last time the condition transitioned from one status to another.
    LastTransitionTime metav1.Time
    // `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
    Reason string
    // `message` is a human-readable message indicating details about last transition.
    Message string
}

func (*PriorityLevelConfigurationCondition) DeepCopy

func (in *PriorityLevelConfigurationCondition) DeepCopy() *PriorityLevelConfigurationCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityLevelConfigurationCondition.

func (*PriorityLevelConfigurationCondition) DeepCopyInto

func (in *PriorityLevelConfigurationCondition) DeepCopyInto(out *PriorityLevelConfigurationCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PriorityLevelConfigurationConditionType

PriorityLevelConfigurationConditionType is a valid value for PriorityLevelConfigurationStatusCondition.Type

type PriorityLevelConfigurationConditionType string

type PriorityLevelConfigurationList

PriorityLevelConfigurationList is a list of PriorityLevelConfiguration objects.

type PriorityLevelConfigurationList struct {
    metav1.TypeMeta
    // `metadata` is the standard object's metadata.
    // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    // +optional
    metav1.ListMeta
    // `items` is a list of request-priorities.
    Items []PriorityLevelConfiguration
}

func (*PriorityLevelConfigurationList) DeepCopy

func (in *PriorityLevelConfigurationList) DeepCopy() *PriorityLevelConfigurationList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityLevelConfigurationList.

func (*PriorityLevelConfigurationList) DeepCopyInto

func (in *PriorityLevelConfigurationList) DeepCopyInto(out *PriorityLevelConfigurationList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PriorityLevelConfigurationList) DeepCopyObject

func (in *PriorityLevelConfigurationList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PriorityLevelConfigurationReference

PriorityLevelConfigurationReference contains information that points to the "request-priority" being used.

type PriorityLevelConfigurationReference struct {
    // `name` is the name of the priority level configuration being referenced
    // Required.
    Name string
}

func (*PriorityLevelConfigurationReference) DeepCopy

func (in *PriorityLevelConfigurationReference) DeepCopy() *PriorityLevelConfigurationReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityLevelConfigurationReference.

func (*PriorityLevelConfigurationReference) DeepCopyInto

func (in *PriorityLevelConfigurationReference) DeepCopyInto(out *PriorityLevelConfigurationReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PriorityLevelConfigurationSpec

PriorityLevelConfigurationSpec specifies the configuration of a priority level. +union

type PriorityLevelConfigurationSpec struct {
    // `type` indicates whether this priority level is subject to
    // limitation on request execution.  A value of `"Exempt"` means
    // that requests of this priority level are not subject to a limit
    // (and thus are never queued) and do not detract from the
    // capacity made available to other priority levels.  A value of
    // `"Limited"` means that (a) requests of this priority level
    // _are_ subject to limits and (b) some of the server's limited
    // capacity is made available exclusively to this priority level.
    // Required.
    // +unionDiscriminator
    Type PriorityLevelEnablement

    // `limited` specifies how requests are handled for a Limited priority level.
    // This field must be non-empty if and only if `type` is `"Limited"`.
    // +optional
    Limited *LimitedPriorityLevelConfiguration

    // `exempt` specifies how requests are handled for an exempt priority level.
    // This field MUST be empty if `type` is `"Limited"`.
    // This field MAY be non-empty if `type` is `"Exempt"`.
    // If empty and `type` is `"Exempt"` then the default values
    // for `ExemptPriorityLevelConfiguration` apply.
    // +optional
    Exempt *ExemptPriorityLevelConfiguration
}

func (*PriorityLevelConfigurationSpec) DeepCopy

func (in *PriorityLevelConfigurationSpec) DeepCopy() *PriorityLevelConfigurationSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityLevelConfigurationSpec.

func (*PriorityLevelConfigurationSpec) DeepCopyInto

func (in *PriorityLevelConfigurationSpec) DeepCopyInto(out *PriorityLevelConfigurationSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PriorityLevelConfigurationStatus

PriorityLevelConfigurationStatus represents the current state of a "request-priority".

type PriorityLevelConfigurationStatus struct {
    // `conditions` is the current state of "request-priority".
    // +listType=map
    // +listMapKey=type
    // +patchMergeKey=type
    // +patchStrategy=merge
    // +optional
    Conditions []PriorityLevelConfigurationCondition
}

func (*PriorityLevelConfigurationStatus) DeepCopy

func (in *PriorityLevelConfigurationStatus) DeepCopy() *PriorityLevelConfigurationStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityLevelConfigurationStatus.

func (*PriorityLevelConfigurationStatus) DeepCopyInto

func (in *PriorityLevelConfigurationStatus) DeepCopyInto(out *PriorityLevelConfigurationStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PriorityLevelEnablement

PriorityLevelEnablement indicates whether limits on execution are enabled for the priority level

type PriorityLevelEnablement string

Supported priority level enablement values.

const (
    // PriorityLevelEnablementExempt means that requests are not subject to limits
    PriorityLevelEnablementExempt PriorityLevelEnablement = "Exempt"

    // PriorityLevelEnablementLimited means that requests are subject to limits
    PriorityLevelEnablementLimited PriorityLevelEnablement = "Limited"
)

type QueuingConfiguration

QueuingConfiguration holds the configuration parameters for queuing

type QueuingConfiguration struct {
    // `queues` is the number of queues for this priority level. The
    // queues exist independently at each apiserver. The value must be
    // positive.  Setting it to 1 effectively precludes
    // shufflesharding and thus makes the distinguisher method of
    // associated flow schemas irrelevant.  This field has a default
    // value of 64.
    // +optional
    Queues int32

    // `handSize` is a small positive number that configures the
    // shuffle sharding of requests into queues.  When enqueuing a request
    // at this priority level the request's flow identifier (a string
    // pair) is hashed and the hash value is used to shuffle the list
    // of queues and deal a hand of the size specified here.  The
    // request is put into one of the shortest queues in that hand.
    // `handSize` must be no larger than `queues`, and should be
    // significantly smaller (so that a few heavy flows do not
    // saturate most of the queues).  See the user-facing
    // documentation for more extensive guidance on setting this
    // field.  This field has a default value of 8.
    // +optional
    HandSize int32

    // `queueLengthLimit` is the maximum number of requests allowed to
    // be waiting in a given queue of this priority level at a time;
    // excess requests are rejected.  This value must be positive.  If
    // not specified, it will be defaulted to 50.
    // +optional
    QueueLengthLimit int32
}

func (*QueuingConfiguration) DeepCopy

func (in *QueuingConfiguration) DeepCopy() *QueuingConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueuingConfiguration.

func (*QueuingConfiguration) DeepCopyInto

func (in *QueuingConfiguration) DeepCopyInto(out *QueuingConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ResourcePolicyRule

ResourcePolicyRule is a predicate that matches some resource requests, testing the request's verb and the target resource. A ResourcePolicyRule matches a resource request if and only if: (a) at least one member of verbs matches the request, (b) at least one member of apiGroups matches the request, (c) at least one member of resources matches the request, and (d) least one member of namespaces matches the request.

type ResourcePolicyRule struct {
    // `verbs` is a list of matching verbs and may not be empty.
    // "*" matches all verbs and, if present, must be the only entry.
    // +listType=set
    // Required.
    Verbs []string

    // `apiGroups` is a list of matching API groups and may not be empty.
    // "*" matches all API groups and, if present, must be the only entry.
    // +listType=set
    // Required.
    APIGroups []string

    // `resources` is a list of matching resources (i.e., lowercase
    // and plural) with, if desired, subresource.  For example, [
    // "services", "nodes/status" ].  This list may not be empty.
    // "*" matches all resources and, if present, must be the only entry.
    // Required.
    // +listType=set
    Resources []string

    // `clusterScope` indicates whether to match requests that do not
    // specify a namespace (which happens either because the resource
    // is not namespaced or the request targets all namespaces).
    // If this field is omitted or false then the `namespaces` field
    // must contain a non-empty list.
    // +optional
    ClusterScope bool

    // `namespaces` is a list of target namespaces that restricts
    // matches.  A request that specifies a target namespace matches
    // only if either (a) this list contains that target namespace or
    // (b) this list contains "*".  Note that "*" matches any
    // specified namespace but does not match a request that _does
    // not specify_ a namespace (see the `clusterScope` field for
    // that).
    // This list may be empty, but only if `clusterScope` is true.
    // +optional
    // +listType=set
    Namespaces []string
}

func (*ResourcePolicyRule) DeepCopy

func (in *ResourcePolicyRule) DeepCopy() *ResourcePolicyRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourcePolicyRule.

func (*ResourcePolicyRule) DeepCopyInto

func (in *ResourcePolicyRule) DeepCopyInto(out *ResourcePolicyRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServiceAccountSubject

ServiceAccountSubject holds detailed information for service-account-kind subject.

type ServiceAccountSubject struct {
    // `namespace` is the namespace of matching ServiceAccount objects.
    // Required.
    Namespace string
    // `name` is the name of matching ServiceAccount objects, or "*" to match regardless of name.
    // Required.
    Name string
}

func (*ServiceAccountSubject) DeepCopy

func (in *ServiceAccountSubject) DeepCopy() *ServiceAccountSubject

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccountSubject.

func (*ServiceAccountSubject) DeepCopyInto

func (in *ServiceAccountSubject) DeepCopyInto(out *ServiceAccountSubject)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Subject

Subject matches the originator of a request, as identified by the request authentication system. There are three ways of matching an originator; by user, group, or service account. +union

type Subject struct {
    // `kind` indicates which one of the other fields is non-empty.
    // Required
    // +unionDiscriminator
    Kind SubjectKind
    // `user` matches based on username.
    // +optional
    User *UserSubject
    // `group` matches based on user group name.
    // +optional
    Group *GroupSubject
    // `serviceAccount` matches ServiceAccounts.
    // +optional
    ServiceAccount *ServiceAccountSubject
}

func (*Subject) DeepCopy

func (in *Subject) DeepCopy() *Subject

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Subject.

func (*Subject) DeepCopyInto

func (in *Subject) DeepCopyInto(out *Subject)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SubjectKind

SubjectKind is the kind of subject.

type SubjectKind string

Supported subject's kinds.

const (
    SubjectKindUser           SubjectKind = "User"
    SubjectKindGroup          SubjectKind = "Group"
    SubjectKindServiceAccount SubjectKind = "ServiceAccount"
)

type UserSubject

UserSubject holds detailed information for user-kind subject.

type UserSubject struct {
    // `name` is the username that matches, or "*" to match all usernames.
    // Required.
    Name string
}

func (*UserSubject) DeepCopy

func (in *UserSubject) DeepCopy() *UserSubject

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserSubject.

func (*UserSubject) DeepCopyInto

func (in *UserSubject) DeepCopyInto(out *UserSubject)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Subdirectories

Name Synopsis
..
fuzzer
install Package install installs the experimental API group, making it available as an option to all of the API encoding/decoding machinery.
internalbootstrap
util
v1
v1beta1
v1beta2
v1beta3
validation