github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-05 07:27:21 +00:00
Code Issues Projects Releases Wiki Activity

AWS: Add support for load balancer source ranges

Browse Source 
This refactors #21431 to pull a lot of the code into cloudprovider so it
can be reused by AWS.

It also changes the name of the annotation to be non-GCE specific:
service.beta.kubernetes.io/load-balancer-source-ranges

Fix #21651
This commit is contained in:
Justin Santa Barbara
2016-02-24 10:49:34 -05:00
parent cbf2b269ad
commit 49e1149227
6 changed files with 133 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
pkg/cloudprovider/cloud.go
View File

@@ -26,6 +26,20 @@ import (
"k8s.io/kubernetes/pkg/types"
)
const (
// The value of a LBAnnotationAllowSourceRange annotation determines
// the source IP ranges to allow to access a service exposed as
// type=LoadBalancer (when accesssed through the LoadBalancer created
// by the cloud provider).
//
// It should be a comma-separated list of CIDRs, e.g. `0.0.0.0/0` to
// allow full access (the default) or `18.0.0.0/8,56.0.0.0/8` to allow
// access only from the CIDRs currently allocated to MIT & the USPS.
//
// Not all cloud providers support this annotation, though AWS & GCE do.
LBAnnotationAllowSourceRange = "service.beta.kubernetes.io/load-balancer-source-ranges"
)
// Interface is an abstract, pluggable interface for cloud providers.
type Interface interface {
// LoadBalancer returns a balancer interface. Also returns true if the interface is supported, false otherwise.
@@ -84,7 +98,7 @@ type LoadBalancer interface {
// if so, what its status is.
GetLoadBalancer(name, region string) (status *api.LoadBalancerStatus, exists bool, err error)
// EnsureLoadBalancer creates a new load balancer 'name', or updates the existing one. Returns the status of the balancer
EnsureLoadBalancer(name, region string, loadBalancerIP net.IP, ports []*api.ServicePort, hosts []string, serviceName types.NamespacedName, affinityType api.ServiceAffinity, annotations ServiceAnnotation) (*api.LoadBalancerStatus, error)
EnsureLoadBalancer(name, region string, loadBalancerIP net.IP, ports []*api.ServicePort, hosts []string, serviceName types.NamespacedName, affinityType api.ServiceAffinity, annotations map[string]string) (*api.LoadBalancerStatus, error)
// UpdateLoadBalancer updates hosts under the specified load balancer.
UpdateLoadBalancer(name, region string, hosts []string) error
// EnsureLoadBalancerDeleted deletes the specified load balancer if it
@@ -160,10 +174,3 @@ type Zones interface {
// GetZone returns the Zone containing the current failure zone and locality region that the program is running in
GetZone() (Zone, error)
}
type ServiceAnnotation map[string]string
func (s ServiceAnnotation) GetValue(key string) (string, bool) {
val, ok := s[key]
return val, ok
}