k8sconfig

package
v0.0.0-...-45a9bcf Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 3, 2024 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Overview

Package k8sconfig is a compliance submodule that is able to parse the Kubernetes components configurations and export it as a log.

!!! This is a generated file: regenerate with go run ./pkg/compliance/tools/k8s_types_generator/main.go !!!

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type K8SKubeconfig

type K8SKubeconfig struct {
	Clusters       map[string]*K8sKubeconfigCluster `json:"clusters"`
	Users          map[string]*K8sKubeconfigUser    `json:"users"`
	Contexts       map[string]*K8sKubeconfigContext `json:"contexts"`
	CurrentContext string                           `json:"currentContext"`
}

k8SKubeconfigSource is used to parse the kubeconfig files. It is not exported as-is, and used to build K8sKubeconfig. https://github.com/kubernetes/kubernetes/blob/ad18954259eae3db51bac2274ed4ca7304b923c4/staging/src/k8s.io/client-go/tools/clientcmd/api/types.go#LL31C1-L55C2

type K8sAdmissionConfigFileMeta

type K8sAdmissionConfigFileMeta struct {
	Path    string                          `json:"path"`
	User    string                          `json:"user,omitempty"`
	Group   string                          `json:"group,omitempty"`
	Mode    uint32                          `json:"mode,omitempty"`
	Plugins []*K8sAdmissionPluginConfigMeta `json:"plugins"`
}

https://github.com/kubernetes/kubernetes/blob/6356023cb42d681b7ad0e6d14d1652247d75b797/staging/src/k8s.io/apiserver/pkg/apis/apiserver/types.go#L30

type K8sAdmissionPluginConfigMeta

type K8sAdmissionPluginConfigMeta struct {
	Name          string      `json:"name"`
	Configuration interface{} `json:"configuration,omitempty"`
}

https://github.com/kubernetes/kubernetes/blob/6356023cb42d681b7ad0e6d14d1652247d75b797/staging/src/k8s.io/apiserver/pkg/apis/apiserver/types.go#L30

type K8sCertFileMeta

type K8sCertFileMeta struct {
	Path        string `json:"path"`
	User        string `json:"user,omitempty"`
	Group       string `json:"group,omitempty"`
	Mode        uint32 `json:"mode,omitempty"`
	DirUser     string `json:"dirUser,omitempty"`
	DirGroup    string `json:"dirGroup,omitempty"`
	DirMode     uint32 `json:"dirMode,omitempty"`
	Certificate struct {
		Fingerprint    string     `json:"fingerprint,omitempty"`
		SerialNumber   string     `json:"serialNumber,omitempty"`
		SubjectKeyId   string     `json:"subjectKeyId,omitempty"`
		AuthorityKeyId string     `json:"authorityKeyId,omitempty"`
		CommonName     string     `json:"commonName,omitempty"`
		Organization   []string   `json:"organization,omitempty"`
		DNSNames       []string   `json:"dnsNames,omitempty"`
		IPAddresses    []net.IP   `json:"ipAddresses,omitempty"`
		NotAfter       *time.Time `json:"notAfter,omitempty"`
		NotBefore      *time.Time `json:"notBefore,omitempty"`
	} `json:"certificate"`
}

type K8sConfigFileMeta

type K8sConfigFileMeta struct {
	Path    string      `json:"path"`
	User    string      `json:"user,omitempty"`
	Group   string      `json:"group,omitempty"`
	Mode    uint32      `json:"mode,omitempty"`
	Content interface{} `json:"content,omitempty" jsonschema:"type=object"`
}

type K8sDirMeta

type K8sDirMeta struct {
	Path  string `json:"path"`
	User  string `json:"user,omitempty"`
	Group string `json:"group,omitempty"`
	Mode  uint32 `json:"mode,omitempty"`
}

type K8sEncryptionProviderConfigFileMeta

type K8sEncryptionProviderConfigFileMeta struct {
	Path      string `json:"path,omitempty"`
	User      string `json:"user,omitempty"`
	Group     string `json:"group,omitempty"`
	Mode      uint32 `json:"mode,omitempty"`
	Resources []struct {
		Resources []string `yaml:"resources" json:"resources"`
		Providers []struct {
			AESGCM    *K8sEncryptionProviderKeysSource `yaml:"aesgcm,omitempty" json:"aesgcm,omitempty"`
			AESCBC    *K8sEncryptionProviderKeysSource `yaml:"aescbc,omitempty" json:"aescbc,omitempty"`
			Secretbox *K8sEncryptionProviderKeysSource `yaml:"secretbox,omitempty" json:"secretbox,omitempty"`
			Identity  *struct{}                        `yaml:"identity,omitempty" json:"identity,omitempty"`
			KMS       *K8sEncryptionProviderKMSSource  `yaml:"kms,omitempty" json:"kms,omitempty"`
		} `yaml:"providers" json:"providers"`
	} `yaml:"resources" json:"resources"`
}

https://github.com/kubernetes/kubernetes/blob/e1ad9bee5bba8fbe85a6bf6201379ce8b1a611b1/staging/src/k8s.io/apiserver/pkg/apis/config/types.go#L70

type K8sEncryptionProviderKMSSource

type K8sEncryptionProviderKMSSource struct {
	Name      string `yaml:"name" json:"name"`
	Endpoint  string `yaml:"endpoint" json:"endpoint"`
	CacheSize int    `yaml:"cachesize" json:"cachesize"`
	Timeout   string `yaml:"timeout" json:"timeout"`
}

https://github.com/kubernetes/kubernetes/blob/e1ad9bee5bba8fbe85a6bf6201379ce8b1a611b1/staging/src/k8s.io/apiserver/pkg/apis/config/types.go#L70

type K8sEncryptionProviderKeysSource

type K8sEncryptionProviderKeysSource struct {
	Keys []struct {
		Name string `yaml:"name" json:"name"`
	} `yaml:"keys" json:"keys"`
}

https://github.com/kubernetes/kubernetes/blob/e1ad9bee5bba8fbe85a6bf6201379ce8b1a611b1/staging/src/k8s.io/apiserver/pkg/apis/config/types.go#L70

type K8sEtcdConfig

type K8sEtcdConfig struct {
	AutoTls            *bool             `json:"auto-tls,omitempty"`              // versions: v3.5.10, v3.4.28, v3.3.17, v3.2.32
	CertFile           *K8sCertFileMeta  `json:"cert-file,omitempty"`             // versions: v3.5.10, v3.4.28, v3.3.17, v3.2.32
	ClientCertAuth     *bool             `json:"client-cert-auth,omitempty"`      // versions: v3.5.10, v3.4.28, v3.3.17, v3.2.32
	DataDir            *K8sDirMeta       `json:"data-dir,omitempty"`              // versions: v3.5.10, v3.4.28, v3.3.17, v3.2.32
	KeyFile            *K8sKeyFileMeta   `json:"key-file,omitempty"`              // versions: v3.5.10, v3.4.28, v3.3.17, v3.2.32
	PeerAutoTls        *bool             `json:"peer-auto-tls,omitempty"`         // versions: v3.5.10, v3.4.28, v3.3.17, v3.2.32
	PeerCertFile       *K8sCertFileMeta  `json:"peer-cert-file,omitempty"`        // versions: v3.5.10, v3.4.28, v3.3.17, v3.2.32
	PeerClientCertAuth *bool             `json:"peer-client-cert-auth,omitempty"` // versions: v3.5.10, v3.4.28, v3.3.17, v3.2.32
	PeerKeyFile        *K8sKeyFileMeta   `json:"peer-key-file,omitempty"`         // versions: v3.5.10, v3.4.28, v3.3.17, v3.2.32
	PeerTrustedCaFile  *K8sCertFileMeta  `json:"peer-trusted-ca-file,omitempty"`  // versions: v3.5.10, v3.4.28, v3.3.17, v3.2.32
	TlsMinVersion      *string           `json:"tls-min-version,omitempty"`       // versions: v3.5.10, v3.4.28
	TrustedCaFile      *K8sCertFileMeta  `json:"trusted-ca-file,omitempty"`       // versions: v3.5.10, v3.4.28, v3.3.17, v3.2.32
	SkippedFlags       map[string]string `json:"skippedFlags,omitempty"`
}

type K8sKeyFileMeta

type K8sKeyFileMeta struct {
	Path  string `json:"path"`
	User  string `json:"user,omitempty"`
	Group string `json:"group,omitempty"`
	Mode  uint32 `json:"mode,omitempty"`
}

type K8sKubeApiserverConfig

type K8sKubeApiserverConfig struct {
	AdmissionControlConfigFile      *K8sAdmissionConfigFileMeta          `json:"admission-control-config-file,omitempty"`      // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AllowPrivileged                 *bool                                `json:"allow-privileged,omitempty"`                   // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AnonymousAuth                   *bool                                `json:"anonymous-auth,omitempty"`                     // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AuditLogMaxage                  *int                                 `json:"audit-log-maxage,omitempty"`                   // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AuditLogMaxbackup               *int                                 `json:"audit-log-maxbackup,omitempty"`                // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AuditLogMaxsize                 *int                                 `json:"audit-log-maxsize,omitempty"`                  // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AuditLogPath                    *string                              `json:"audit-log-path,omitempty"`                     // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AuditPolicyFile                 *K8sConfigFileMeta                   `json:"audit-policy-file,omitempty"`                  // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AuthorizationMode               []string                             `json:"authorization-mode,omitempty"`                 // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	BindAddress                     *string                              `json:"bind-address,omitempty"`                       // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ClientCaFile                    *K8sCertFileMeta                     `json:"client-ca-file,omitempty"`                     // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	DisableAdmissionPlugins         []string                             `json:"disable-admission-plugins,omitempty"`          // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	EnableAdmissionPlugins          []string                             `json:"enable-admission-plugins,omitempty"`           // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	EnableBootstrapTokenAuth        *bool                                `json:"enable-bootstrap-token-auth,omitempty"`        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	EncryptionProviderConfig        *K8sEncryptionProviderConfigFileMeta `json:"encryption-provider-config,omitempty"`         // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	EtcdCafile                      *K8sCertFileMeta                     `json:"etcd-cafile,omitempty"`                        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	EtcdCertfile                    *K8sCertFileMeta                     `json:"etcd-certfile,omitempty"`                      // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	EtcdKeyfile                     *K8sKeyFileMeta                      `json:"etcd-keyfile,omitempty"`                       // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	FeatureGates                    *string                              `json:"feature-gates,omitempty"`                      // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	KubeletCertificateAuthority     *K8sCertFileMeta                     `json:"kubelet-certificate-authority,omitempty"`      // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	KubeletClientCertificate        *K8sCertFileMeta                     `json:"kubelet-client-certificate,omitempty"`         // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	KubeletClientKey                *K8sKeyFileMeta                      `json:"kubelet-client-key,omitempty"`                 // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	Profiling                       *bool                                `json:"profiling,omitempty"`                          // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ProxyClientCertFile             *K8sCertFileMeta                     `json:"proxy-client-cert-file,omitempty"`             // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ProxyClientKeyFile              *K8sKeyFileMeta                      `json:"proxy-client-key-file,omitempty"`              // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestTimeout                  *time.Duration                       `json:"request-timeout,omitempty"`                    // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderAllowedNames       []string                             `json:"requestheader-allowed-names,omitempty"`        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderClientCaFile       *K8sCertFileMeta                     `json:"requestheader-client-ca-file,omitempty"`       // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderExtraHeadersPrefix []string                             `json:"requestheader-extra-headers-prefix,omitempty"` // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderGroupHeaders       []string                             `json:"requestheader-group-headers,omitempty"`        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderUsernameHeaders    []string                             `json:"requestheader-username-headers,omitempty"`     // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	SecurePort                      *int                                 `json:"secure-port,omitempty"`                        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ServiceAccountIssuer            *string                              `json:"service-account-issuer,omitempty"`             // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ServiceAccountKeyFile           *K8sKeyFileMeta                      `json:"service-account-key-file,omitempty"`           // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ServiceAccountLookup            *bool                                `json:"service-account-lookup,omitempty"`             // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ServiceAccountSigningKeyFile    *K8sKeyFileMeta                      `json:"service-account-signing-key-file,omitempty"`   // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ServiceClusterIpRange           *string                              `json:"service-cluster-ip-range,omitempty"`           // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsCertFile                     *K8sCertFileMeta                     `json:"tls-cert-file,omitempty"`                      // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsCipherSuites                 []string                             `json:"tls-cipher-suites,omitempty"`                  // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsMinVersion                   *string                              `json:"tls-min-version,omitempty"`                    // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsPrivateKeyFile               *K8sKeyFileMeta                      `json:"tls-private-key-file,omitempty"`               // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TokenAuthFile                   *K8sTokenFileMeta                    `json:"token-auth-file,omitempty"`                    // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	SkippedFlags                    map[string]string                    `json:"skippedFlags,omitempty"`
}

type K8sKubeControllerManagerConfig

type K8sKubeControllerManagerConfig struct {
	AuthenticationKubeconfig        *K8sKubeconfigMeta `json:"authentication-kubeconfig,omitempty"`          // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AuthorizationKubeconfig         *string            `json:"authorization-kubeconfig,omitempty"`           // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	BindAddress                     *string            `json:"bind-address,omitempty"`                       // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ClientCaFile                    *K8sCertFileMeta   `json:"client-ca-file,omitempty"`                     // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ClusterSigningCertFile          *K8sCertFileMeta   `json:"cluster-signing-cert-file,omitempty"`          // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ClusterSigningKeyFile           *K8sKeyFileMeta    `json:"cluster-signing-key-file,omitempty"`           // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	FeatureGates                    *string            `json:"feature-gates,omitempty"`                      // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	Kubeconfig                      *K8sKubeconfigMeta `json:"kubeconfig,omitempty"`                         // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	Profiling                       *bool              `json:"profiling,omitempty"`                          // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderAllowedNames       []string           `json:"requestheader-allowed-names,omitempty"`        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderClientCaFile       *K8sCertFileMeta   `json:"requestheader-client-ca-file,omitempty"`       // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderExtraHeadersPrefix []string           `json:"requestheader-extra-headers-prefix,omitempty"` // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderGroupHeaders       []string           `json:"requestheader-group-headers,omitempty"`        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderUsernameHeaders    []string           `json:"requestheader-username-headers,omitempty"`     // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RootCaFile                      *K8sCertFileMeta   `json:"root-ca-file,omitempty"`                       // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	SecurePort                      *int               `json:"secure-port,omitempty"`                        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ServiceAccountPrivateKeyFile    *K8sKeyFileMeta    `json:"service-account-private-key-file,omitempty"`   // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ServiceClusterIpRange           *string            `json:"service-cluster-ip-range,omitempty"`           // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TerminatedPodGcThreshold        *int               `json:"terminated-pod-gc-threshold,omitempty"`        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsCertFile                     *K8sCertFileMeta   `json:"tls-cert-file,omitempty"`                      // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsCipherSuites                 []string           `json:"tls-cipher-suites,omitempty"`                  // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsMinVersion                   *string            `json:"tls-min-version,omitempty"`                    // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsPrivateKeyFile               *K8sKeyFileMeta    `json:"tls-private-key-file,omitempty"`               // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	UseServiceAccountCredentials    *bool              `json:"use-service-account-credentials,omitempty"`    // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	SkippedFlags                    map[string]string  `json:"skippedFlags,omitempty"`
}

type K8sKubeProxyConfig

type K8sKubeProxyConfig struct {
	Config           *K8sConfigFileMeta `json:"config,omitempty"`            // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	BindAddress      *string            `json:"bind-address,omitempty"`      // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	FeatureGates     *string            `json:"feature-gates,omitempty"`     // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	HostnameOverride *string            `json:"hostname-override,omitempty"` // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	Kubeconfig       *K8sKubeconfigMeta `json:"kubeconfig,omitempty"`        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	Profiling        *bool              `json:"profiling,omitempty"`         // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	SkippedFlags     map[string]string  `json:"skippedFlags,omitempty"`
}

type K8sKubeSchedulerConfig

type K8sKubeSchedulerConfig struct {
	Config                          *K8sConfigFileMeta `json:"config,omitempty"`                             // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AuthenticationKubeconfig        *K8sKubeconfigMeta `json:"authentication-kubeconfig,omitempty"`          // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AuthorizationKubeconfig         *string            `json:"authorization-kubeconfig,omitempty"`           // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	BindAddress                     *string            `json:"bind-address,omitempty"`                       // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ClientCaFile                    *K8sCertFileMeta   `json:"client-ca-file,omitempty"`                     // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	FeatureGates                    *string            `json:"feature-gates,omitempty"`                      // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	Kubeconfig                      *K8sKubeconfigMeta `json:"kubeconfig,omitempty"`                         // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	Profiling                       *bool              `json:"profiling,omitempty"`                          // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderAllowedNames       []string           `json:"requestheader-allowed-names,omitempty"`        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderClientCaFile       *K8sCertFileMeta   `json:"requestheader-client-ca-file,omitempty"`       // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderExtraHeadersPrefix []string           `json:"requestheader-extra-headers-prefix,omitempty"` // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderGroupHeaders       []string           `json:"requestheader-group-headers,omitempty"`        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RequestheaderUsernameHeaders    []string           `json:"requestheader-username-headers,omitempty"`     // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	SecurePort                      *int               `json:"secure-port,omitempty"`                        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsCertFile                     *K8sCertFileMeta   `json:"tls-cert-file,omitempty"`                      // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsCipherSuites                 []string           `json:"tls-cipher-suites,omitempty"`                  // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsMinVersion                   *string            `json:"tls-min-version,omitempty"`                    // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsPrivateKeyFile               *K8sKeyFileMeta    `json:"tls-private-key-file,omitempty"`               // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	SkippedFlags                    map[string]string  `json:"skippedFlags,omitempty"`
}

type K8sKubeconfigCluster

type K8sKubeconfigCluster struct {
	Server                string           `json:"server"`
	TLSServerName         string           `json:"tlsServerName,omitempty"`
	InsecureSkipTLSVerify bool             `json:"insecureSkipTlsVerify,omitempty"`
	CertificateAuthority  *K8sCertFileMeta `json:"certificateAuthority,omitempty"`
	ProxyURL              string           `json:"proxyUrl,omitempty"`
	DisableCompression    bool             `json:"disableCompression,omitempty"`
}

k8SKubeconfigSource is used to parse the kubeconfig files. It is not exported as-is, and used to build K8sKubeconfig. https://github.com/kubernetes/kubernetes/blob/ad18954259eae3db51bac2274ed4ca7304b923c4/staging/src/k8s.io/client-go/tools/clientcmd/api/types.go#LL31C1-L55C2

type K8sKubeconfigContext

type K8sKubeconfigContext struct {
	Cluster   string `json:"cluster"`
	User      string `json:"user"`
	Namespace string `json:"namespace,omitempty"`
}

k8SKubeconfigSource is used to parse the kubeconfig files. It is not exported as-is, and used to build K8sKubeconfig. https://github.com/kubernetes/kubernetes/blob/ad18954259eae3db51bac2274ed4ca7304b923c4/staging/src/k8s.io/client-go/tools/clientcmd/api/types.go#LL31C1-L55C2

type K8sKubeconfigMeta

type K8sKubeconfigMeta struct {
	Path       string         `json:"path"`
	User       string         `json:"user,omitempty"`
	Group      string         `json:"group,omitempty"`
	Mode       uint32         `json:"mode,omitempty"`
	Kubeconfig *K8SKubeconfig `json:"kubeconfig,omitempty"`
}

type K8sKubeconfigUser

type K8sKubeconfigUser struct {
	UseToken    bool `json:"useToken"`
	UsePassword bool `json:"usePassword"`
	Exec        struct {
		APIVersion string   `json:"apiVersion,omitempty"`
		Command    string   `json:"command,omitempty"`
		Args       []string `json:"args,omitempty"`
	} `json:"exec,omitempty"`
	ClientCertificate *K8sCertFileMeta `json:"clientCertificate,omitempty"`
	ClientKey         *K8sKeyFileMeta  `json:"clientKey,omitempty"`
}

k8SKubeconfigSource is used to parse the kubeconfig files. It is not exported as-is, and used to build K8sKubeconfig. https://github.com/kubernetes/kubernetes/blob/ad18954259eae3db51bac2274ed4ca7304b923c4/staging/src/k8s.io/client-go/tools/clientcmd/api/types.go#LL31C1-L55C2

type K8sKubeletConfig

type K8sKubeletConfig struct {
	Config                         *K8sConfigFileMeta `json:"config,omitempty"`                            // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	Address                        *string            `json:"address,omitempty"`                           // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AnonymousAuth                  *bool              `json:"anonymous-auth,omitempty"`                    // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	AuthorizationMode              *string            `json:"authorization-mode,omitempty"`                // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ClientCaFile                   *K8sCertFileMeta   `json:"client-ca-file,omitempty"`                    // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	EventBurst                     *int               `json:"event-burst,omitempty"`                       // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	EventQps                       *int               `json:"event-qps,omitempty"`                         // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	FeatureGates                   *string            `json:"feature-gates,omitempty"`                     // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	HostnameOverride               *string            `json:"hostname-override,omitempty"`                 // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ImageCredentialProviderBinDir  *K8sDirMeta        `json:"image-credential-provider-bin-dir,omitempty"` // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ImageCredentialProviderConfig  *K8sConfigFileMeta `json:"image-credential-provider-config,omitempty"`  // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	Kubeconfig                     *K8sKubeconfigMeta `json:"kubeconfig,omitempty"`                        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	MakeIptablesUtilChains         *bool              `json:"make-iptables-util-chains,omitempty"`         // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	MaxPods                        *int               `json:"max-pods,omitempty"`                          // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	PodMaxPids                     *int               `json:"pod-max-pids,omitempty"`                      // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ProtectKernelDefaults          *bool              `json:"protect-kernel-defaults,omitempty"`           // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	ReadOnlyPort                   *int               `json:"read-only-port,omitempty"`                    // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RotateCertificates             *bool              `json:"rotate-certificates,omitempty"`               // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	RotateServerCertificates       *bool              `json:"rotate-server-certificates,omitempty"`        // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	StreamingConnectionIdleTimeout *time.Duration     `json:"streaming-connection-idle-timeout,omitempty"` // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsCertFile                    *K8sCertFileMeta   `json:"tls-cert-file,omitempty"`                     // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsCipherSuites                []string           `json:"tls-cipher-suites,omitempty"`                 // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsMinVersion                  *string            `json:"tls-min-version,omitempty"`                   // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	TlsPrivateKeyFile              *K8sKeyFileMeta    `json:"tls-private-key-file,omitempty"`              // versions: v1.28.4, v1.27.3, v1.26.6, v1.25.11, v1.24.15
	SkippedFlags                   map[string]string  `json:"skippedFlags,omitempty"`
}

type K8sManagedEnvConfig

type K8sManagedEnvConfig struct {
	Name     string      `json:"name"`
	Metadata interface{} `json:"metadata"`
}

type K8sNodeConfig

type K8sNodeConfig struct {
	Version            string               `json:"version"`
	ManagedEnvironment *K8sManagedEnvConfig `json:"managedEnvironment,omitempty"`
	KubeletService     *K8sConfigFileMeta   `json:"kubeletService,omitempty"`
	AdminKubeconfig    *K8sKubeconfigMeta   `json:"adminKubeconfig,omitempty"`
	Components         struct {
		Etcd                  *K8sEtcdConfig                  `json:"etcd,omitempty"`
		KubeApiserver         *K8sKubeApiserverConfig         `json:"kubeApiserver,omitempty"`
		KubeControllerManager *K8sKubeControllerManagerConfig `json:"kubeControllerManager,omitempty"`
		Kubelet               *K8sKubeletConfig               `json:"kubelet,omitempty"`
		KubeProxy             *K8sKubeProxyConfig             `json:"kubeProxy,omitempty"`
		KubeScheduler         *K8sKubeSchedulerConfig         `json:"kubeScheduler,omitempty"`
	} `json:"components"`
	Manifests struct {
		Etcd                 *K8sConfigFileMeta `json:"etcd,omitempty"`
		KubeContollerManager *K8sConfigFileMeta `json:"kubeControllerManager,omitempty"`
		KubeApiserver        *K8sConfigFileMeta `json:"kubeApiserver,omitempty"`
		KubeScheduler        *K8sConfigFileMeta `json:"kubeScheduler,omitempty"`
	} `json:"manifests"`
	Errors []string `json:"errors,omitempty"`
}

func LoadConfiguration

func LoadConfiguration(ctx context.Context, hostroot string) (string, *K8sNodeConfig)

LoadConfiguration extracts a complete summary of all current Kubernetes node configuration. It does so by first looking at the running processes, looking up for Kubernetes related processes. For each component's process that were find, it collects the command line flags and associated files. The knowledge of each components specificities is based on the k8s_types_generator.go utility that encodes every relevant flags specificities (see types_generated.go).

type K8sTokenFileMeta

type K8sTokenFileMeta struct {
	Path  string `json:"path"`
	User  string `json:"user,omitempty"`
	Group string `json:"group,omitempty"`
	Mode  uint32 `json:"mode,omitempty"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL