Documentation
¶
Index ¶
- Constants
- func GenerateSignedCertKey(cfg *CertCfg, parentCA CertKeyInterface) (*rsa.PrivateKey, *x509.Certificate, error)
- func GenerateSignedCertificate(caKey *rsa.PrivateKey, caCert *x509.Certificate, cfg *CertCfg) (*rsa.PrivateKey, *x509.Certificate, error)
- func PrivateKey() (*rsa.PrivateKey, error)
- func SignedCertificate(cfg *CertCfg, csr *x509.CertificateRequest, key *rsa.PrivateKey, ...) (*x509.Certificate, error)
- type AdminInternalClient
- type AdminKubeConfigSignerCertKey
- type CertCfg
- type CertKey
- type CertKeyInterface
- type Config
- type InstallConfig
- type KubeadminPasswordData
- type Networking
- type RootCA
- type SelfSignedCertKey
- type SignedCertKey
Constants ¶
const ( // OneDay sets the validity of a cert to 24 hours. OneDay = time.Hour * 24 // OneYear sets the validity of a cert to 1 year. OneYear = OneDay * 365 // TenYears sets the validity of a cert to 10 years. TenYears = OneYear * 10 )
Variables ¶
This section is empty.
Functions ¶
func GenerateSignedCertKey ¶
func GenerateSignedCertKey(cfg *CertCfg, parentCA CertKeyInterface) (*rsa.PrivateKey, *x509.Certificate, error)
Generate generates a cert/key pair signed by the specified parent CA. see signedcertkey
func GenerateSignedCertificate ¶
func GenerateSignedCertificate(caKey *rsa.PrivateKey, caCert *x509.Certificate, cfg *CertCfg) (*rsa.PrivateKey, *x509.Certificate, error)
GenerateSignedCertificate generate a key and cert defined by CertCfg and signed by CA.
func PrivateKey ¶
func PrivateKey() (*rsa.PrivateKey, error)
PrivateKey generates an RSA Private key and returns the value
func SignedCertificate ¶
func SignedCertificate( cfg *CertCfg, csr *x509.CertificateRequest, key *rsa.PrivateKey, caCert *x509.Certificate, caKey *rsa.PrivateKey, ) (*x509.Certificate, error)
SignedCertificate creates a new X.509 certificate based on a template.
Types ¶
type AdminInternalClient ¶
type AdminInternalClient struct {
// contains filtered or unexported fields
}
AdminInternalClient is the asset for the admin kubeconfig.
type AdminKubeConfigSignerCertKey ¶
type AdminKubeConfigSignerCertKey struct {
SelfSignedCertKey
}
type CertCfg ¶
type CertCfg struct {
DNSNames []string
IPAddresses []net.IP
KeyUsages x509.KeyUsage
ExtKeyUsages []x509.ExtKeyUsage
Subject pkix.Name
Validity time.Duration
}
CertCfg contains all needed fields to configure a new certificate
type CertKey ¶
CertKey contains the private key and the cert. See openshift/installer/pkg/asset/tls/certkey.go
type CertKeyInterface ¶
type CertKeyInterface interface {
// Cert returns the certificate.
Cert() []byte
// Key returns the private key.
Key() []byte
}
CertKeyInterface contains a private key and the associated cert. See openshift/installer/pkg/asset/tls/tls.go
type Config ¶
type Config struct {
// Networking is the configuration for the pod network provider in
// the cluster.
*Networking `json:"networking,omitempty"`
}
InstallConfig is the configuration for an OpenShift install.
type InstallConfig ¶
type InstallConfig struct {
Config *Config `json:"config"`
}
InstallConfig generates the install-config.yaml file.
type KubeadminPasswordData ¶
type KubeadminPasswordData struct {
Password string
}
See github.com/openshift/installer/pkg/asset/password
type Networking ¶
type Networking struct {
// NetworkType is the type of network to install. The default is OpenShiftSDN
NetworkType string `json:"networkType,omitempty"`
}
Networking defines the pod network provider in the cluster.
type RootCA ¶
type RootCA struct {
SelfSignedCertKey
}
RootCA contains the private key and the cert that's self-signed as the root CA.
type SelfSignedCertKey ¶
type SelfSignedCertKey struct {
CertKey
}
SelfSignedCertKey contains the private key and the cert that's self-signed.
type SignedCertKey ¶
type SignedCertKey struct {
CertKey
}
SignedCertKey contains the private key and the cert that's signed by the parent CA.
Source Files