Documentation
¶
Index ¶
- Constants
- Variables
- func CreateBasic(serverURL, clusterName, userName string, caName string) *clientcmdapi.Config
- func CreateCertAndKeyFilesWithCA(caCert *x509.Certificate, caKey crypto.Signer)
- func NewCertAndKey(caCert *x509.Certificate, caKey crypto.Signer, keyType EncryptionAlgorithmType) (*x509.Certificate, crypto.Signer, error)
- func NewPrivateKey(keyType EncryptionAlgorithmType) (crypto.Signer, error)
- func NewSelfSignedCACert(commonName string, organization []string, key crypto.Signer) (*x509.Certificate, error)
- func NewSignedCert(commandName string, organization []string, key crypto.Signer, ...) (*x509.Certificate, error)
- func TryCreateApiServerCert()
- func TryCreateCACertAndKeyFiles()
- func TryCreateKubeConfig()
- func TryLoadCertAndKeyFromDisk(pkiPath, name string) (*x509.Certificate, crypto.Signer, error)
- func TryLoadCertChainFromDisk(pkiPath, name string) (*x509.Certificate, []*x509.Certificate, error)
- type EncryptionAlgorithmType
Constants ¶
View Source
const ( DefaultCommonName = "kubecraft" DefaultUserName = "admin" DefaultOrganization = "kubecraft" OutDir = "pki" DefaultKubeConfigFileName = "kubeconfig" DefaultPkiPath = OutDir DefaultApiServerCertName = "apiserver" )
View Source
const ( // PrivateKeyBlockType is a possible value for pem.Block.Type. PrivateKeyBlockType = "PRIVATE KEY" // PublicKeyBlockType is a possible value for pem.Block.Type. PublicKeyBlockType = "PUBLIC KEY" // CertificateBlockType is a possible value for pem.Block.Type. CertificateBlockType = "CERTIFICATE" // RSAPrivateKeyBlockType is a possible value for pem.Block.Type. RSAPrivateKeyBlockType = "RSA PRIVATE KEY" // ECPrivateKeyBlockType is a possible value for pem.Block.Type. ECPrivateKeyBlockType = "EC PRIVATE KEY" )
Variables ¶
View Source
var ( ApiServerCertFile = pathForCert(DefaultPkiPath, DefaultApiServerCertName) ApiServerKeyFile = pathForKey(DefaultPkiPath, DefaultApiServerCertName) )
Functions ¶
func CreateBasic ¶
func CreateBasic(serverURL, clusterName, userName string, caName string) *clientcmdapi.Config
func CreateCertAndKeyFilesWithCA ¶
func CreateCertAndKeyFilesWithCA(caCert *x509.Certificate, caKey crypto.Signer)
func NewCertAndKey ¶
func NewCertAndKey(caCert *x509.Certificate, caKey crypto.Signer, keyType EncryptionAlgorithmType) (*x509.Certificate, crypto.Signer, error)
func NewPrivateKey ¶
func NewPrivateKey(keyType EncryptionAlgorithmType) (crypto.Signer, error)
func NewSelfSignedCACert ¶
func NewSignedCert ¶
func NewSignedCert(commandName string, organization []string, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer, isCA bool) (*x509.Certificate, error)
copyd from kubeadm
func TryCreateApiServerCert ¶
func TryCreateApiServerCert()
func TryCreateCACertAndKeyFiles ¶
func TryCreateCACertAndKeyFiles()
func TryCreateKubeConfig ¶
func TryCreateKubeConfig()
func TryLoadCertChainFromDisk ¶
func TryLoadCertChainFromDisk(pkiPath, name string) (*x509.Certificate, []*x509.Certificate, error)
Types ¶
type EncryptionAlgorithmType ¶
type EncryptionAlgorithmType string
const ( // EncryptionAlgorithmECDSAP256 defines the ECDSA encryption algorithm type with curve P256. EncryptionAlgorithmECDSAP256 EncryptionAlgorithmType = "ECDSA-P256" // EncryptionAlgorithmRSA2048 defines the RSA encryption algorithm type with key size 2048 bits. EncryptionAlgorithmRSA2048 EncryptionAlgorithmType = "RSA-2048" // EncryptionAlgorithmRSA3072 defines the RSA encryption algorithm type with key size 3072 bits. EncryptionAlgorithmRSA3072 EncryptionAlgorithmType = "RSA-3072" // EncryptionAlgorithmRSA4096 defines the RSA encryption algorithm type with key size 4096 bits. EncryptionAlgorithmRSA4096 EncryptionAlgorithmType = "RSA-4096" )
Source Files
Click to show internal directories.
Click to hide internal directories.