Documentation ¶
Overview ¶
Package keyring provides methods for accessing keyrings for Ceph daemons stored securely in Kubernetes secrets. It also provides methods for creating keyrings with desired permissions which are stored persistently and a special subset of methods for the Ceph admin keyring.
Index ¶
- func ApplyClusterMetadataToSecret(c *cephclient.ClusterInfo, secretName string, context *clusterd.Context, ...) error
- type AdminStore
- type SecretStore
- func (s *SecretStore) Admin() *AdminStore
- func (k *SecretStore) CreateOrUpdate(resourceName string, keyring string) error
- func (k *SecretStore) CreateSecret(secret *v1.Secret) error
- func (k *SecretStore) Delete(resourceName string) error
- func (k *SecretStore) GenerateKey(user string, access []string) (string, error)
- type VolumeBuilder
- type VolumeMountBuilder
- func (*VolumeMountBuilder) Admin() v1.VolumeMount
- func (*VolumeMountBuilder) AdminKeyringFilePath() string
- func (*VolumeMountBuilder) CrashCollector() v1.VolumeMount
- func (*VolumeMountBuilder) CrashCollectorKeyringFilePath() string
- func (*VolumeMountBuilder) Exporter() v1.VolumeMount
- func (*VolumeMountBuilder) ExporterKeyringFilePath() string
- func (*VolumeMountBuilder) KeyringFilePath() string
- func (*VolumeMountBuilder) Resource(resourceName string) v1.VolumeMount
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ApplyClusterMetadataToSecret ¶
func ApplyClusterMetadataToSecret(c *cephclient.ClusterInfo, secretName string, context *clusterd.Context, annotation v1.AnnotationsSpec) error
Types ¶
type AdminStore ¶
type AdminStore struct {
// contains filtered or unexported fields
}
An AdminStore is a specialized derivative of the SecretStore helper for storing the Ceph cluster admin keyring as a Kubernetes secret.
func (*AdminStore) CreateOrUpdate ¶
func (a *AdminStore) CreateOrUpdate(c *cephclient.ClusterInfo, context *clusterd.Context, annotation v1.AnnotationsSpec) error
CreateOrUpdate creates or updates the admin keyring secret with cluster information.
type SecretStore ¶
type SecretStore struct {
// contains filtered or unexported fields
}
SecretStore is a helper to store Ceph daemon keyrings as Kubernetes secrets.
func GetSecretStore ¶
func GetSecretStore(context *clusterd.Context, clusterInfo *client.ClusterInfo, ownerInfo *k8sutil.OwnerInfo) *SecretStore
GetSecretStore returns a new SecretStore struct.
func (*SecretStore) Admin ¶
func (s *SecretStore) Admin() *AdminStore
Admin returns the special Admin keyring store type.
func (*SecretStore) CreateOrUpdate ¶
func (k *SecretStore) CreateOrUpdate(resourceName string, keyring string) error
CreateOrUpdate creates or updates the keyring secret for the resource with the keyring specified. WARNING: Do not use "rook-ceph-admin" as the resource name; conflicts with the AdminStore.
func (*SecretStore) CreateSecret ¶
func (k *SecretStore) CreateSecret(secret *v1.Secret) error
CreateSecret creates or update a kubernetes secret
func (*SecretStore) Delete ¶
func (k *SecretStore) Delete(resourceName string) error
Delete deletes the keyring secret for the resource.
func (*SecretStore) GenerateKey ¶
func (k *SecretStore) GenerateKey(user string, access []string) (string, error)
GenerateKey generates a key for a Ceph user with the given access permissions. It returns the key generated on success. Ceph will always return the most up-to-date key for a daemon, and the key usually does not change.
type VolumeBuilder ¶
type VolumeBuilder struct{}
VolumeBuilder is a helper for creating Kubernetes pod volumes with content sourced by keyrings stored in the SecretStore.
func (*VolumeBuilder) Admin ¶
func (v *VolumeBuilder) Admin() v1.Volume
Admin returns a kubernetes pod volume whose content is sourced by the SecretStore admin keyring.
func (*VolumeBuilder) CrashCollector ¶
func (v *VolumeBuilder) CrashCollector() v1.Volume
CrashCollector returns a kubernetes pod volume whose content is sourced by the SecretStore crash collector keyring.
func (*VolumeBuilder) Exporter ¶
func (v *VolumeBuilder) Exporter() v1.Volume
Exporter returns a kubernetes pod volume whose content is sourced by the SecretStore exporter keyring.
type VolumeMountBuilder ¶
type VolumeMountBuilder struct{}
VolumeMountBuilder is a helper for creating Kubernetes container volume mounts that mount the keyring content from VolumeBuilder volumes.
func (*VolumeMountBuilder) Admin ¶
func (*VolumeMountBuilder) Admin() v1.VolumeMount
Admin returns a Kubernetes container volume mount that mounts the content from the matching VolumeBuilder Admin volume.
func (*VolumeMountBuilder) AdminKeyringFilePath ¶
func (*VolumeMountBuilder) AdminKeyringFilePath() string
AdminKeyringFilePath returns the full path to the admin keyring file within a container.
func (*VolumeMountBuilder) CrashCollector ¶
func (*VolumeMountBuilder) CrashCollector() v1.VolumeMount
CrashCollector returns a Kubernetes container volume mount that mounts the content from the matching VolumeBuilder Crash Collector volume.
func (*VolumeMountBuilder) CrashCollectorKeyringFilePath ¶
func (*VolumeMountBuilder) CrashCollectorKeyringFilePath() string
CrashCollectorKeyringFilePath returns the full path to the admin keyring file within a container.
func (*VolumeMountBuilder) Exporter ¶
func (*VolumeMountBuilder) Exporter() v1.VolumeMount
Exporter returns a Kubernetes container volume mount that mounts the content from the matching VolumeBuilder Exporter volume.
func (*VolumeMountBuilder) ExporterKeyringFilePath ¶
func (*VolumeMountBuilder) ExporterKeyringFilePath() string
ExporterKeyringFilePath returns the full path to the admin keyring file within a container.
func (*VolumeMountBuilder) KeyringFilePath ¶
func (*VolumeMountBuilder) KeyringFilePath() string
KeyringFilePath returns the full path to the regular keyring file within a container.
func (*VolumeMountBuilder) Resource ¶
func (*VolumeMountBuilder) Resource(resourceName string) v1.VolumeMount
Resource returns a Kubernetes container volume mount that mounts the content from the matching VolumeBuilder Resource volume for the same resource.