The highest tagged major version is
Documentation
¶
Index ¶
- Constants
- Variables
- func ConfigureInstallNamespaces(clientset *kubernetes.Clientset, installationName, pgoNamespace string, ...) error
- func CreateNamespaceAndRBAC(clientset *kubernetes.Clientset, ...) error
- func DeleteNamespace(clientset *kubernetes.Clientset, ...) error
- func GetNamespaceList(clientset *kubernetes.Clientset, namespaceOperatingMode NamespaceOperatingMode, ...) ([]string, error)
- func GetNamespaces(clientset *kubernetes.Clientset, installationName string) []string
- func UpdateNamespaceAndRBAC(clientset *kubernetes.Clientset, ...) error
- func ValidateNamespaceNames(namespace ...string) error
- func WatchingNamespace(clientset *kubernetes.Clientset, requestedNS, installationName string) bool
- type NamespaceOperatingMode
- type PgoBackrestRole
- type PgoBackrestRoleBinding
- type PgoBackrestServiceAccount
- type PgoDefaultServiceAccount
- type PgoPgRole
- type PgoPgRoleBinding
- type PgoPgServiceAccount
- type PgoTargetRole
- type PgoTargetRoleBinding
- type PgoTargetServiceAccount
Constants ¶
const OPERATOR_SERVICE_ACCOUNT = "postgres-operator"
const PGO_BACKREST_ROLE = "pgo-backrest-role"
const PGO_BACKREST_ROLE_BINDING = "pgo-backrest-role-binding"
const PGO_BACKREST_SERVICE_ACCOUNT = "pgo-backrest"
const PGO_DEFAULT_SERVICE_ACCOUNT = "pgo-default"
const PGO_PG_ROLE = "pgo-pg-role"
const PGO_PG_ROLE_BINDING = "pgo-pg-role-binding"
const PGO_PG_SERVICE_ACCOUNT = "pgo-pg"
const PGO_TARGET_ROLE = "pgo-target-role"
const PGO_TARGET_ROLE_BINDING = "pgo-target-role-binding"
const PGO_TARGET_SERVICE_ACCOUNT = "pgo-target"
Variables ¶
var ( // ErrInvalidNamespaceName defines the error that is thrown when a namespace does not meet the // requirements for naming set by Kubernetes ErrInvalidNamespaceName = errors.New(validation.RegexError(dns1123ErrMsg, dns1123Fmt, "my-name", "123-abc")) )
Functions ¶
func ConfigureInstallNamespaces ¶
func ConfigureInstallNamespaces(clientset *kubernetes.Clientset, installationName, pgoNamespace string, namespaceNames []string) error
ConfigureInstallNamespaces is responsible for properly configuring up any namespaces provided for the installation of the Operator. This includes creating or updating those namespaces so they can be utilized by the Operator to deploy PG clusters.
func CreateNamespaceAndRBAC ¶
func CreateNamespaceAndRBAC(clientset *kubernetes.Clientset, installationName, pgoNamespace, createdBy, newNs string) error
CreateNamespaceAndRBAC creates a new namespace that is owned by the Operator, while then installing the required RBAC within that namespace as required to be utilized with the current Operator install.
func DeleteNamespace ¶
func DeleteNamespace(clientset *kubernetes.Clientset, installationName, pgoNamespace, deletedBy, ns string) error
DeleteNamespace deletes the namespace specified.
func GetNamespaceList ¶
func GetNamespaceList(clientset *kubernetes.Clientset, namespaceOperatingMode NamespaceOperatingMode, installationName, pgoNamespace string) ([]string, error)
GetNamespaceList returns a list of namespaces for the current Operator install. This inlcudes first obtaining any namespaces from the NAMESPACE env var, and then if the namespace operating mode permits, also querying the Kube cluster in order to obtain any other namespaces that are part of the install, but not included in the env var. If no namespaces are identified via either of these methods, then the the PGO namespaces is returned as the default namespace.
func GetNamespaces ¶
func GetNamespaces(clientset *kubernetes.Clientset, installationName string) []string
func UpdateNamespaceAndRBAC ¶
func UpdateNamespaceAndRBAC(clientset *kubernetes.Clientset, installationName, pgoNamespace, updatedBy, ns string) error
UpdateNamespaceAndRBAC updates a new namespace to be owned by the Operator, while then installing (or re-installing) the required RBAC within that namespace as required to be utilized with the current Operator install.
func ValidateNamespaceNames ¶
ValidateNamespaceNames validates one or more namespace names to ensure they are valid per Kubernetes naming requirements.
func WatchingNamespace ¶
func WatchingNamespace(clientset *kubernetes.Clientset, requestedNS, installationName string) bool
Types ¶
type NamespaceOperatingMode ¶
type NamespaceOperatingMode string
NamespaceOperatingMode defines the different namespace operating modes for the Operator
const ( // NamespaceOperatingModeDynamic enables full dynamic namespace capabilities, in which the // Operator can create, delete and update any namespaces within the Kubernetes cluster, while // then also having the ability to create the roles, role bindings and service accounts within // those namespaces as required for the Operator to create PG clusters. Additionally, while in // this mode the Operator can listen for namespace events (e.g. namespace additions, updates // and deletions), and then create or remove controllers for various namespaces as those // namespaces are added or removed from the Kubernetes cluster. NamespaceOperatingModeDynamic NamespaceOperatingMode = "dynamic" // NamespaceOperatingModeReadOnly allows the Operator to listen for namespace events within the // Kubernetetes cluster, and then create and run and/or remove controllers as namespaces are // added and deleted. However, while in this mode the Operator is unable to create, delete or // update namespaces, nor can it create the RBAC it requires in any of those namespaces to // create PG clusters. Therefore, while in a "readonly" mode namespaces must be // pre-configured with the proper RBAC, since the Operator cannot create the RBAC itself. NamespaceOperatingModeReadOnly NamespaceOperatingMode = "readonly" // NamespaceOperatingModeDisabled causes namespace capabilities to be disabled altogether. In // this mode the Operator will simply attempt to work with the target namespaces specified // during installation. If no target namespaces are specified, then it will be configured to // work within the namespace in which the Operator is deployed. NamespaceOperatingModeDisabled NamespaceOperatingMode = "disabled" )
func GetNamespaceOperatingMode ¶
func GetNamespaceOperatingMode(clientset *kubernetes.Clientset) (NamespaceOperatingMode, error)
GetNamespaceOperatingMode is responsible for returning the proper namespace operating mode for the current Operator install. This is done by submitting a SubjectAccessReview in the local Kubernetes cluster to determine whether or not certain cluster-level privileges have been assigned to the Operator Service Account. Based on the privileges identified, one of the a the proper NamespaceOperatingMode will be returned as applicable for those privileges (please see the various NamespaceOperatingMode types for a detailed explanation of each operating mode).
type PgoBackrestRole ¶
type PgoBackrestRole struct {
TargetNamespace string
}
pgo-backrest-role.json
type PgoBackrestRoleBinding ¶
type PgoBackrestRoleBinding struct {
TargetNamespace string
}
pgo-backrest-role-binding.json
type PgoBackrestServiceAccount ¶
type PgoBackrestServiceAccount struct {
TargetNamespace string
}
pgo-backrest-sa.json
type PgoDefaultServiceAccount ¶
type PgoDefaultServiceAccount struct {
TargetNamespace string
}
pgo-default-sa.json
type PgoPgRoleBinding ¶
type PgoPgRoleBinding struct {
TargetNamespace string
}
pgo-pg-role-binding.json
type PgoPgServiceAccount ¶
type PgoPgServiceAccount struct {
TargetNamespace string
}
pgo-pg-sa.json
type PgoTargetRoleBinding ¶
pgo-target-role-binding.json
type PgoTargetServiceAccount ¶
type PgoTargetServiceAccount struct {
TargetNamespace string
}
pgo-target-sa.json
Source Files