keyring

package
v0.0.0-...-331d270 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 20, 2024 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Overview

Package keyring provides methods for accessing keyrings for Ceph daemons stored securely in Kubernetes secrets. It also provides methods for creating keyrings with desired permissions which are stored persistently and a special subset of methods for the Ceph admin keyring.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ApplyClusterMetadataToSecret

func ApplyClusterMetadataToSecret(c *cephclient.ClusterInfo, secretName string, context *clusterd.Context, annotation v1.AnnotationsSpec) error

Types

type AdminStore

type AdminStore struct {
	// contains filtered or unexported fields
}

An AdminStore is a specialized derivative of the SecretStore helper for storing the Ceph cluster admin keyring as a Kubernetes secret.

func (*AdminStore) CreateOrUpdate

func (a *AdminStore) CreateOrUpdate(c *cephclient.ClusterInfo, context *clusterd.Context, annotation v1.AnnotationsSpec) error

CreateOrUpdate creates or updates the admin keyring secret with cluster information.

type SecretStore

type SecretStore struct {
	// contains filtered or unexported fields
}

SecretStore is a helper to store Ceph daemon keyrings as Kubernetes secrets.

func GetSecretStore

func GetSecretStore(context *clusterd.Context, clusterInfo *client.ClusterInfo, ownerInfo *k8sutil.OwnerInfo) *SecretStore

GetSecretStore returns a new SecretStore struct.

func (*SecretStore) Admin

func (s *SecretStore) Admin() *AdminStore

Admin returns the special Admin keyring store type.

func (*SecretStore) CreateOrUpdate

func (k *SecretStore) CreateOrUpdate(resourceName string, keyring string) error

CreateOrUpdate creates or updates the keyring secret for the resource with the keyring specified. WARNING: Do not use "rook-ceph-admin" as the resource name; conflicts with the AdminStore.

func (*SecretStore) CreateSecret

func (k *SecretStore) CreateSecret(secret *v1.Secret) error

CreateSecret creates or update a kubernetes secret

func (*SecretStore) Delete

func (k *SecretStore) Delete(resourceName string) error

Delete deletes the keyring secret for the resource.

func (*SecretStore) GenerateKey

func (k *SecretStore) GenerateKey(user string, access []string) (string, error)

GenerateKey generates a key for a Ceph user with the given access permissions. It returns the key generated on success. Ceph will always return the most up-to-date key for a daemon, and the key usually does not change.

type VolumeBuilder

type VolumeBuilder struct{}

VolumeBuilder is a helper for creating Kubernetes pod volumes with content sourced by keyrings stored in the SecretStore.

func Volume

func Volume() *VolumeBuilder

Volume returns a VolumeBuilder.

func (*VolumeBuilder) Admin

func (v *VolumeBuilder) Admin() v1.Volume

Admin returns a kubernetes pod volume whose content is sourced by the SecretStore admin keyring.

func (*VolumeBuilder) CrashCollector

func (v *VolumeBuilder) CrashCollector() v1.Volume

CrashCollector returns a kubernetes pod volume whose content is sourced by the SecretStore crash collector keyring.

func (*VolumeBuilder) Exporter

func (v *VolumeBuilder) Exporter() v1.Volume

Exporter returns a kubernetes pod volume whose content is sourced by the SecretStore exporter keyring.

func (*VolumeBuilder) Resource

func (v *VolumeBuilder) Resource(resourceName string) v1.Volume

Resource returns a Kubernetes pod volume whose content is sourced by the keyring created for the resource using a SecretStore.

type VolumeMountBuilder

type VolumeMountBuilder struct{}

VolumeMountBuilder is a helper for creating Kubernetes container volume mounts that mount the keyring content from VolumeBuilder volumes.

func VolumeMount

func VolumeMount() *VolumeMountBuilder

VolumeMount returns a VolumeMountBuilder.

func (*VolumeMountBuilder) Admin

Admin returns a Kubernetes container volume mount that mounts the content from the matching VolumeBuilder Admin volume.

func (*VolumeMountBuilder) AdminKeyringFilePath

func (*VolumeMountBuilder) AdminKeyringFilePath() string

AdminKeyringFilePath returns the full path to the admin keyring file within a container.

func (*VolumeMountBuilder) CrashCollector

func (*VolumeMountBuilder) CrashCollector() v1.VolumeMount

CrashCollector returns a Kubernetes container volume mount that mounts the content from the matching VolumeBuilder Crash Collector volume.

func (*VolumeMountBuilder) CrashCollectorKeyringFilePath

func (*VolumeMountBuilder) CrashCollectorKeyringFilePath() string

CrashCollectorKeyringFilePath returns the full path to the admin keyring file within a container.

func (*VolumeMountBuilder) Exporter

func (*VolumeMountBuilder) Exporter() v1.VolumeMount

Exporter returns a Kubernetes container volume mount that mounts the content from the matching VolumeBuilder Exporter volume.

func (*VolumeMountBuilder) ExporterKeyringFilePath

func (*VolumeMountBuilder) ExporterKeyringFilePath() string

ExporterKeyringFilePath returns the full path to the admin keyring file within a container.

func (*VolumeMountBuilder) KeyringFilePath

func (*VolumeMountBuilder) KeyringFilePath() string

KeyringFilePath returns the full path to the regular keyring file within a container.

func (*VolumeMountBuilder) Resource

func (*VolumeMountBuilder) Resource(resourceName string) v1.VolumeMount

Resource returns a Kubernetes container volume mount that mounts the content from the matching VolumeBuilder Resource volume for the same resource.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL