Documentation ¶
Index ¶
- Constants
- func DeployAdminConfig(ctx context.Context, kubeConfig, localConfigPath string) error
- func DeployCertificatesOnHost(ctx context.Context, host *hosts.Host, crtMap map[string]CertificatePKI, ...) error
- func DeployCertificatesOnPlaneHost(ctx context.Context, host *hosts.Host, ...) error
- func FetchCertificatesFromHost(ctx context.Context, extraHosts []*hosts.Host, host *hosts.Host, ...) (map[string]CertificatePKI, error)
- func GenerateRKECerts(ctx context.Context, rkeConfig v3.RancherKubernetesEngineConfig, ...) (map[string]CertificatePKI, error)
- func GenerateRKENodeCerts(ctx context.Context, rkeConfig v3.RancherKubernetesEngineConfig, ...) map[string]CertificatePKI
- func GenerateSignedCertAndKey(caCrt *x509.Certificate, caKey *rsa.PrivateKey, serverCrt bool, ...) (*x509.Certificate, *rsa.PrivateKey, error)
- func GetAltNames(cpHosts []*hosts.Host, clusterDomain string, KubernetesServiceIP net.IP) *cert.AltNames
- func GetCertPath(name string) string
- func GetCertTempPath(name string) string
- func GetConfigPath(name string) string
- func GetConfigTempPath(name string) string
- func GetEtcdCrtName(address string) string
- func GetKeyPath(name string) string
- func GetKeyTempPath(name string) string
- func GetKubeConfigX509WithData(kubernetesURL string, componentName string, cacrt string, crt string, ...) string
- func GetKubernetesServiceIP(serviceClusterRange string) (net.IP, error)
- func GetLocalKubeConfig(configPath, configDir string) string
- func RegenerateEtcdCertificate(ctx context.Context, crtMap map[string]CertificatePKI, etcdHost *hosts.Host, ...) (map[string]CertificatePKI, error)
- func RemoveAdminConfig(ctx context.Context, localConfigPath string)
- type CertificatePKI
Constants ¶
View Source
const ( CertPathPrefix = "/etc/kubernetes/ssl/" CertificatesServiceName = "certificates" CrtDownloaderContainer = "cert-deployer" CertFetcherContainer = "cert-fetcher" CertificatesSecretName = "k8s-certs" TempCertPath = "/etc/kubernetes/.tmp/" ClusterConfig = "cluster.yml" CACertName = "kube-ca" KubeAPICertName = "kube-apiserver" KubeControllerCertName = "kube-controller-manager" KubeSchedulerCertName = "kube-scheduler" KubeProxyCertName = "kube-proxy" KubeNodeCertName = "kube-node" EtcdCertName = "kube-etcd" EtcdClientCACertName = "kube-etcd-client-ca" EtcdClientCertName = "kube-etcd-client" KubeNodeCommonName = "system:node" KubeNodeOrganizationName = "system:nodes" KubeAdminCertName = "kube-admin" KubeAdminOrganizationName = "system:masters" KubeAdminConfigPrefix = "kube_config_" )
Variables ¶
This section is empty.
Functions ¶
func DeployAdminConfig ¶
func DeployCertificatesOnPlaneHost ¶ added in v0.1.1
func DeployCertificatesOnPlaneHost(ctx context.Context, host *hosts.Host, rkeConfig v3.RancherKubernetesEngineConfig, crtMap map[string]CertificatePKI, certDownloaderImage string, prsMap map[string]v3.PrivateRegistry) error
func GenerateRKECerts ¶ added in v0.1.2
func GenerateRKECerts(ctx context.Context, rkeConfig v3.RancherKubernetesEngineConfig, configPath, configDir string) (map[string]CertificatePKI, error)
func GenerateRKENodeCerts ¶ added in v0.1.2
func GenerateRKENodeCerts(ctx context.Context, rkeConfig v3.RancherKubernetesEngineConfig, nodeAddress string, certBundle map[string]CertificatePKI) map[string]CertificatePKI
func GenerateSignedCertAndKey ¶ added in v0.1.1
func GenerateSignedCertAndKey( caCrt *x509.Certificate, caKey *rsa.PrivateKey, serverCrt bool, commonName string, altNames *cert.AltNames, reusedKey *rsa.PrivateKey, orgs []string) (*x509.Certificate, *rsa.PrivateKey, error)
func GetAltNames ¶
func GetCertPath ¶ added in v0.1.1
func GetCertTempPath ¶ added in v0.1.1
func GetConfigPath ¶ added in v0.1.1
func GetConfigTempPath ¶ added in v0.1.1
func GetEtcdCrtName ¶ added in v0.1.1
func GetKeyPath ¶ added in v0.1.1
func GetKeyTempPath ¶ added in v0.1.1
func GetKubernetesServiceIP ¶ added in v0.1.2
func GetLocalKubeConfig ¶ added in v0.1.2
func RegenerateEtcdCertificate ¶ added in v0.1.1
func RemoveAdminConfig ¶
Types ¶
type CertificatePKI ¶
type CertificatePKI struct { Certificate *x509.Certificate Key *rsa.PrivateKey Config string Name string CommonName string OUName string EnvName string Path string KeyEnvName string KeyPath string ConfigEnvName string ConfigPath string }
func ToCertObject ¶ added in v0.1.1
func ToCertObject(componentName, commonName, ouName string, cert *x509.Certificate, key *rsa.PrivateKey) CertificatePKI
func (*CertificatePKI) CertToEnv ¶
func (c *CertificatePKI) CertToEnv() string
func (*CertificatePKI) ConfigToEnv ¶
func (c *CertificatePKI) ConfigToEnv() string
func (*CertificatePKI) KeyToEnv ¶
func (c *CertificatePKI) KeyToEnv() string
func (*CertificatePKI) ToEnv ¶
func (c *CertificatePKI) ToEnv() []string
Click to show internal directories.
Click to hide internal directories.