config

package
v0.9.6-rc.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 21, 2017 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Index

Constants

View Source 
const CacheFileExtension = "enc"
View Source 
const FingerprintFileExtension = "fingerprint"

Variables

This section is empty.

Functions

func AuthTokensFileExists added in v0.9.6 

func AuthTokensFileExists(dirname string) bool

func CreateRawAuthTokens added in v0.9.6 

func CreateRawAuthTokens(addBootstrapToken bool, dirname string) (bool, error)

func KubeletBootstrapTokenFromRecord added in v0.9.6 

func KubeletBootstrapTokenFromRecord(csvRecord []string) (string, error)

func RandomBootstrapTokenRecord added in v0.9.6 

func RandomBootstrapTokenRecord() (string, error)

func RandomKubeletBootstrapTokenString added in v0.9.6 

func RandomKubeletBootstrapTokenString(n int) (string, error)

func WithTrailingDot 

func WithTrailingDot(s string) string

Types

type Admission 

type Admission struct {
	PodSecurityPolicy PodSecurityPolicy `yaml:"podSecurityPolicy"`
}

type AuditLog 

type AuditLog struct {
	Enabled bool   `yaml:"enabled"`
	MaxAge  int    `yaml:"maxage"`
	LogPath string `yaml:"logpath"`
}

type Authentication 

type Authentication struct {
	Webhook Webhook `yaml:"webhook"`
}

type AwsEnvironment 

type AwsEnvironment struct {
	Enabled     bool              `yaml:"enabled"`
	Environment map[string]string `yaml:"environment"`
}

type AwsNodeLabels 

type AwsNodeLabels struct {
	Enabled bool `yaml:"enabled"`
}

type CachedEncryptor 

type CachedEncryptor struct {
	// contains filtered or unexported fields
}

func (CachedEncryptor) EncryptedBytes added in v0.9.6 

func (e CachedEncryptor) EncryptedBytes(raw []byte) ([]byte, error)

func (CachedEncryptor) EncryptedCredentialFromPath 

func (e CachedEncryptor) EncryptedCredentialFromPath(filePath string) (*EncryptedCredentialOnDisk, error)

type Cluster 

type Cluster struct {
	KubeClusterSettings    `yaml:",inline"`
	DeploymentSettings     `yaml:",inline"`
	DefaultWorkerSettings  `yaml:",inline"`
	ControllerSettings     `yaml:",inline"`
	EtcdSettings           `yaml:",inline"`
	FlannelSettings        `yaml:",inline"`
	AdminAPIEndpointName   string `yaml:"adminAPIEndpointName,omitempty"`
	ServiceCIDR            string `yaml:"serviceCIDR,omitempty"`
	CreateRecordSet        bool   `yaml:"createRecordSet,omitempty"`
	RecordSetTTL           int    `yaml:"recordSetTTL,omitempty"`
	TLSCADurationDays      int    `yaml:"tlsCADurationDays,omitempty"`
	TLSCertDurationDays    int    `yaml:"tlsCertDurationDays,omitempty"`
	HostedZoneID           string `yaml:"hostedZoneId,omitempty"`
	ProvidedEncryptService EncryptService
	// SSHAccessAllowedSourceCIDRs is network ranges of sources you'd like SSH accesses to be allowed from, in CIDR notation
	SSHAccessAllowedSourceCIDRs model.CIDRRanges       `yaml:"sshAccessAllowedSourceCIDRs,omitempty"`
	CustomSettings              map[string]interface{} `yaml:"customSettings,omitempty"`
	KubeResourcesAutosave       `yaml:"kubeResourcesAutosave,omitempty"`
}

func ClusterFromBytes 

func ClusterFromBytes(data []byte) (*Cluster, error)

ClusterFromBytes Necessary for unit tests, which store configs as hardcoded strings

func ClusterFromBytesWithEncryptService 

func ClusterFromBytesWithEncryptService(data []byte, encryptService EncryptService) (*Cluster, error)

func ClusterFromFile 

func ClusterFromFile(filename string) (*Cluster, error)

func NewDefaultCluster 

func NewDefaultCluster() *Cluster

func (*Cluster) AvailabilityZones 

func (c *Cluster) AvailabilityZones() []string

Returns the availability zones referenced by the cluster configuration

func (Cluster) Config 

func (c Cluster) Config() (*Config, error)

func (*Cluster) ConsumeDeprecatedKeys added in v0.9.6 

func (c *Cluster) ConsumeDeprecatedKeys()

func (*Cluster) EtcdCluster 

func (c *Cluster) EtcdCluster() derived.EtcdCluster

func (Cluster) EtcdIndexEnvVarName 

func (c Cluster) EtcdIndexEnvVarName() string

func (Cluster) EtcdNodeEnvFileName 

func (c Cluster) EtcdNodeEnvFileName() string

func (Cluster) ExternalDNSNames added in v0.9.6 

func (c Cluster) ExternalDNSNames() []string

ExternalDNSNames returns all the DNS names of Kubernetes API endpoints should be covered in the TLS cert for k8s API

func (*Cluster) Load 

func (c *Cluster) Load() error

func (Cluster) NestedStackName 

func (c Cluster) NestedStackName() string

NestedStackName returns a sanitized name of this control-plane which is usable as a valid cloudformation nested stack name

func (*Cluster) NewTLSAssetsOnDisk 

func (c *Cluster) NewTLSAssetsOnDisk(dir string, renderCredentialsOpts CredentialsOptions, caKey *rsa.PrivateKey, caCert *x509.Certificate) (*RawTLSAssetsOnDisk, error)

func (*Cluster) NewTLSAssetsOnMemory 

func (c *Cluster) NewTLSAssetsOnMemory(caKey *rsa.PrivateKey, caCert *x509.Certificate) (*RawTLSAssetsOnMemory, error)

func (*Cluster) NewTLSCA 

func (c *Cluster) NewTLSCA() (*rsa.PrivateKey, *x509.Certificate, error)

func (*Cluster) SetDefaults 

func (c *Cluster) SetDefaults()

func (Cluster) StackConfig 

func (c Cluster) StackConfig(opts StackTemplateOptions) (*StackConfig, error)

func (Cluster) StackName 

func (c Cluster) StackName() string

StackName returns the logical name of a CloudFormation stack resource in a root stack template This is not needed to be unique in an AWS account because the actual name of a nested stack is generated randomly by CloudFormation by including the logical name. This is NOT intended to be used to reference stack name from cloud-config as the target of awscli or cfn-bootstrap-tools commands e.g. `cfn-init` and `cfn-signal`

func (Cluster) StackNameEnvVarName 

func (c Cluster) StackNameEnvVarName() string

func (*Cluster) ValidateExistingVPC 

func (c *Cluster) ValidateExistingVPC(existingVPCCIDR string, existingSubnetCIDRS []string) error

Validates the an existing VPC and it's existing subnets do not conflict with this cluster configuration

type ClusterAutoscalerSupport 

type ClusterAutoscalerSupport struct {
	Enabled bool `yaml:"enabled"`
}

type CompactAuthTokens 

type CompactAuthTokens struct {
	// Encrypted -> gzip -> base64 encoded auth token file contents.
	Contents string

	// Encrypted -> gzip -> base64 encoded version of the Kubelet auth token.
	KubeletBootstrapToken string
}

func ReadOrCreateCompactAuthTokens 

func ReadOrCreateCompactAuthTokens(dirname string, kmsConfig KMSConfig) (*CompactAuthTokens, error)

func ReadOrCreateUnencryptedCompactAuthTokens added in v0.9.6 

func ReadOrCreateUnencryptedCompactAuthTokens(dirname string) (*CompactAuthTokens, error)

func (*CompactAuthTokens) HasTokens 

func (t *CompactAuthTokens) HasTokens() bool

type CompactTLSAssets 

type CompactTLSAssets struct {
	CACert         string
	CAKey          string
	APIServerCert  string
	APIServerKey   string
	WorkerCert     string
	WorkerKey      string
	AdminCert      string
	AdminKey       string
	EtcdCert       string
	EtcdClientCert string
	EtcdClientKey  string
	EtcdKey        string
}

PEM -> encrypted -> gzip -> base64 encoded TLS assets.

func ReadOrCreateCompactTLSAssets 

func ReadOrCreateCompactTLSAssets(tlsAssetsDir string, kmsConfig KMSConfig) (*CompactTLSAssets, error)

func ReadOrCreateUnencryptedCompactTLSAssets added in v0.9.6 

func ReadOrCreateUnencryptedCompactTLSAssets(tlsAssetsDir string) (*CompactTLSAssets, error)

type CompressedStackConfig 

type CompressedStackConfig struct {
	*StackConfig
}

func (*CompressedStackConfig) RenderStackTemplateAsBytes 

func (c *CompressedStackConfig) RenderStackTemplateAsBytes() ([]byte, error)

func (*CompressedStackConfig) RenderStackTemplateAsString 

func (c *CompressedStackConfig) RenderStackTemplateAsString() (string, error)

type ComputedDeploymentSettings 

type ComputedDeploymentSettings struct {
	AMI string
}

Part of configuration which can't be provided via user input but is computed from user input

type Config 

type Config struct {
	Cluster

	AdminAPIEndpoint derived.APIEndpoint
	APIEndpoints     derived.APIEndpoints

	EtcdNodes []derived.EtcdNode

	AuthTokensConfig *CompactAuthTokens
	TLSConfig        *CompactTLSAssets
}

func ConfigFromBytes 

func ConfigFromBytes(data []byte) (*Config, error)

func (*Config) AdminAPIEndpointURL added in v0.9.6 

func (c *Config) AdminAPIEndpointURL() string

AdminAPIEndpointURL is the url of the API endpoint which is written in kubeconfig and used to by admins

func (*Config) Etcdadm added in v0.9.6 

func (c *Config) Etcdadm() (string, error)

Etcdadm returns the content of the etcdadm script to be embedded into cloud-config-etcd

func (Config) InternetGatewayLogicalName 

func (c Config) InternetGatewayLogicalName() string

func (Config) InternetGatewayRef 

func (c Config) InternetGatewayRef() string

func (*Config) ManagedELBLogicalNames added in v0.9.6 

func (c *Config) ManagedELBLogicalNames() []string

ManageELBLogicalNames returns all the logical names of the cfn resources corresponding to ELBs managed by kube-aws for API endpoints

func (Config) VPCLogicalName 

func (c Config) VPCLogicalName() string

func (Config) VPCRef 

func (c Config) VPCRef() string

type ControllerSettings 

type ControllerSettings struct {
	model.Controller                   `yaml:"controller,omitempty"`
	DeprecatedControllerCount          *int    `yaml:"controllerCount,omitempty"`
	DeprecatedControllerCreateTimeout  *string `yaml:"controllerCreateTimeout,omitempty"`
	DeprecatedControllerInstanceType   *string `yaml:"controllerInstanceType,omitempty"`
	DeprecatedControllerRootVolumeType *string `yaml:"controllerRootVolumeType,omitempty"`
	DeprecatedControllerRootVolumeIOPS *int    `yaml:"controllerRootVolumeIOPS,omitempty"`
	DeprecatedControllerRootVolumeSize *int    `yaml:"controllerRootVolumeSize,omitempty"`
	DeprecatedControllerTenancy        *string `yaml:"controllerTenancy,omitempty"`
}

Part of configuration which is specific to controller nodes

func (ControllerSettings) ControllerCount 

func (c ControllerSettings) ControllerCount() int

func (ControllerSettings) ControllerCreateTimeout 

func (c ControllerSettings) ControllerCreateTimeout() string

func (ControllerSettings) ControllerInstanceType 

func (c ControllerSettings) ControllerInstanceType() string

func (ControllerSettings) ControllerRollingUpdateMinInstancesInService 

func (c ControllerSettings) ControllerRollingUpdateMinInstancesInService() int

func (ControllerSettings) ControllerRootVolumeIOPS 

func (c ControllerSettings) ControllerRootVolumeIOPS() int

func (ControllerSettings) ControllerRootVolumeSize 

func (c ControllerSettings) ControllerRootVolumeSize() int

func (ControllerSettings) ControllerRootVolumeType 

func (c ControllerSettings) ControllerRootVolumeType() string

func (ControllerSettings) ControllerTenancy 

func (c ControllerSettings) ControllerTenancy() string

func (ControllerSettings) MaxControllerCount 

func (c ControllerSettings) MaxControllerCount() int

func (ControllerSettings) MinControllerCount 

func (c ControllerSettings) MinControllerCount() int

func (ControllerSettings) Valid 

func (c ControllerSettings) Valid() error

type CredentialsOptions 

type CredentialsOptions struct {
	GenerateCA bool
	CaKeyPath  string
	CaCertPath string
}

type DefaultWorkerSettings 

type DefaultWorkerSettings struct {
	WorkerCount            int      `yaml:"workerCount,omitempty"`
	WorkerCreateTimeout    string   `yaml:"workerCreateTimeout,omitempty"`
	WorkerInstanceType     string   `yaml:"workerInstanceType,omitempty"`
	WorkerRootVolumeType   string   `yaml:"workerRootVolumeType,omitempty"`
	WorkerRootVolumeIOPS   int      `yaml:"workerRootVolumeIOPS,omitempty"`
	WorkerRootVolumeSize   int      `yaml:"workerRootVolumeSize,omitempty"`
	WorkerSpotPrice        string   `yaml:"workerSpotPrice,omitempty"`
	WorkerSecurityGroupIds []string `yaml:"workerSecurityGroupIds,omitempty"`
	WorkerTenancy          string   `yaml:"workerTenancy,omitempty"`
	WorkerTopologyPrivate  bool     `yaml:"workerTopologyPrivate,omitempty"`
}

Part of configuration which is specific to worker nodes

func (DefaultWorkerSettings) Valid 

func (c DefaultWorkerSettings) Valid() error

type DeploymentSettings 

type DeploymentSettings struct {
	ComputedDeploymentSettings
	ClusterName       string       `yaml:"clusterName,omitempty"`
	KeyName           string       `yaml:"keyName,omitempty"`
	Region            model.Region `yaml:",inline"`
	AvailabilityZone  string       `yaml:"availabilityZone,omitempty"`
	ReleaseChannel    string       `yaml:"releaseChannel,omitempty"`
	AmiId             string       `yaml:"amiId,omitempty"`
	VPCID             string       `yaml:"vpcId,omitempty"`
	InternetGatewayID string       `yaml:"internetGatewayId,omitempty"`
	RouteTableID      string       `yaml:"routeTableId,omitempty"`
	// Required for validations like e.g. if instance cidr is contained in vpc cidr
	VPCCIDR                string            `yaml:"vpcCIDR,omitempty"`
	InstanceCIDR           string            `yaml:"instanceCIDR,omitempty"`
	K8sVer                 string            `yaml:"kubernetesVersion,omitempty"`
	ContainerRuntime       string            `yaml:"containerRuntime,omitempty"`
	KMSKeyARN              string            `yaml:"kmsKeyArn,omitempty"`
	StackTags              map[string]string `yaml:"stackTags,omitempty"`
	Subnets                []model.Subnet    `yaml:"subnets,omitempty"`
	EIPAllocationIDs       []string          `yaml:"eipAllocationIDs,omitempty"`
	MapPublicIPs           bool              `yaml:"mapPublicIPs,omitempty"`
	ElasticFileSystemID    string            `yaml:"elasticFileSystemId,omitempty"`
	SharedPersistentVolume bool              `yaml:"sharedPersistentVolume,omitempty"`
	SSHAuthorizedKeys      []string          `yaml:"sshAuthorizedKeys,omitempty"`
	Addons                 model.Addons      `yaml:"addons"`
	Experimental           Experimental      `yaml:"experimental"`
	ManageCertificates     bool              `yaml:"manageCertificates,omitempty"`
	WaitSignal             WaitSignal        `yaml:"waitSignal"`

	// Images repository
	HyperkubeImage              model.Image `yaml:"hyperkubeImage,omitempty"`
	AWSCliImage                 model.Image `yaml:"awsCliImage,omitempty"`
	CalicoNodeImage             model.Image `yaml:"calicoNodeImage,omitempty"`
	CalicoCniImage              model.Image `yaml:"calicoCniImage,omitempty"`
	CalicoCtlImage              model.Image `yaml:"calicoCtlImage,omitempty"`
	CalicoPolicyControllerImage model.Image `yaml:"calicoPolicyControllerImage,omitempty"`
	ClusterAutoscalerImage      model.Image `yaml:"clusterAutoscalerImage,omitempty"`
	KubeDnsImage                model.Image `yaml:"kubeDnsImage,omitempty"`
	KubeDnsMasqImage            model.Image `yaml:"kubeDnsMasqImage,omitempty"`
	KubeReschedulerImage        model.Image `yaml:"kubeReschedulerImage,omitempty"`
	DnsMasqMetricsImage         model.Image `yaml:"dnsMasqMetricsImage,omitempty"`
	ExecHealthzImage            model.Image `yaml:"execHealthzImage,omitempty"`
	HeapsterImage               model.Image `yaml:"heapsterImage,omitempty"`
	AddonResizerImage           model.Image `yaml:"addonResizerImage,omitempty"`
	KubeDashboardImage          model.Image `yaml:"kubeDashboardImage,omitempty"`
	PauseImage                  model.Image `yaml:"pauseImage,omitempty"`
	FlannelImage                model.Image `yaml:"flannelImage,omitempty"`
}

Part of configuration which can be customized for each type/group of nodes(etcd/controller/worker/) by its nature.

Please beware that it is described as just "by its nature". Whether it can actually be customized or not depends on you use node pools or not. If you've chosen to create a single cluster including all the worker, controller, etcd nodes within a single cfn stack, you can't customize per group of nodes. If you've chosen to create e.g. a separate node pool for each type of worker nodes, you can customize per node pool.

Though it is highly configurable, it's basically users' responsibility to provide `correct` values if they're going beyond the defaults.

func (DeploymentSettings) AllSubnets 

func (s DeploymentSettings) AllSubnets() []model.Subnet

func (DeploymentSettings) AssetsEncryptionEnabled 

func (c DeploymentSettings) AssetsEncryptionEnabled() bool

func (DeploymentSettings) FindNATGatewayForPrivateSubnet 

func (c DeploymentSettings) FindNATGatewayForPrivateSubnet(s model.Subnet) (*model.NATGateway, error)

func (DeploymentSettings) FindSubnetMatching 

func (c DeploymentSettings) FindSubnetMatching(condition model.Subnet) model.Subnet

func (DeploymentSettings) NATGateways 

func (c DeploymentSettings) NATGateways() []model.NATGateway

func (DeploymentSettings) PrivateSubnets 

func (c DeploymentSettings) PrivateSubnets() []model.Subnet

func (DeploymentSettings) PublicSubnets 

func (c DeploymentSettings) PublicSubnets() []model.Subnet

func (DeploymentSettings) Valid 

func (c DeploymentSettings) Valid() (*DeploymentValidationResult, error)

type DeploymentValidationResult 

type DeploymentValidationResult struct {
	// contains filtered or unexported fields
}

type EncryptService 

type EncryptService interface {
	Encrypt(*kms.EncryptInput) (*kms.EncryptOutput, error)
}

type EncryptedAuthTokensOnDisk 

type EncryptedAuthTokensOnDisk struct {
	// Encrypted contents of the CSV file holding auth tokens.
	AuthTokens EncryptedCredentialOnDisk

	// Encrypted version of the Kubelet bootstrap token.
	KubeletBootstrapToken []byte
}

func ReadOrCreateEncryptedAuthTokens 

func ReadOrCreateEncryptedAuthTokens(dirname string, kmsConfig KMSConfig) (*EncryptedAuthTokensOnDisk, error)

func ReadOrEncryptAuthTokens 

func ReadOrEncryptAuthTokens(dirname string, encryptor CachedEncryptor) (*EncryptedAuthTokensOnDisk, error)

func (*EncryptedAuthTokensOnDisk) Compact 

func (r *EncryptedAuthTokensOnDisk) Compact() (*CompactAuthTokens, error)

type EncryptedCredentialOnDisk 

type EncryptedCredentialOnDisk struct {
	// contains filtered or unexported fields
}

The fact KMS encryption produces different ciphertexts for the same plaintext had been causing unnecessary node replacements(https://github.com/kubernetes-incubator/kube-aws/issues/107) Persist encrypted assets for caching purpose so that we can avoid that.

func EncryptedCredentialCacheFromPath 

func EncryptedCredentialCacheFromPath(filePath string) (*EncryptedCredentialOnDisk, error)

func EncryptedCredentialCacheFromRawCredential 

func EncryptedCredentialCacheFromRawCredential(raw *RawCredentialOnDisk, bytesEncryptionService bytesEncryptionService) (*EncryptedCredentialOnDisk, error)

func (*EncryptedCredentialOnDisk) Fingerprint 

func (c *EncryptedCredentialOnDisk) Fingerprint() string

func (*EncryptedCredentialOnDisk) Persist 

func (c *EncryptedCredentialOnDisk) Persist() error

func (*EncryptedCredentialOnDisk) String 

func (c *EncryptedCredentialOnDisk) String() string

type EncryptedTLSAssetsOnDisk 

type EncryptedTLSAssetsOnDisk struct {
	CACert         EncryptedCredentialOnDisk
	CAKey          EncryptedCredentialOnDisk
	APIServerCert  EncryptedCredentialOnDisk
	APIServerKey   EncryptedCredentialOnDisk
	WorkerCert     EncryptedCredentialOnDisk
	WorkerKey      EncryptedCredentialOnDisk
	AdminCert      EncryptedCredentialOnDisk
	AdminKey       EncryptedCredentialOnDisk
	EtcdCert       EncryptedCredentialOnDisk
	EtcdClientCert EncryptedCredentialOnDisk
	EtcdKey        EncryptedCredentialOnDisk
	EtcdClientKey  EncryptedCredentialOnDisk
}

Encrypted PEM encoded TLS assets

func ReadOrCreateEncryptedTLSAssets 

func ReadOrCreateEncryptedTLSAssets(tlsAssetsDir string, kmsConfig KMSConfig) (*EncryptedTLSAssetsOnDisk, error)

func ReadOrEncryptTLSAssets 

func ReadOrEncryptTLSAssets(dirname string, encryptor CachedEncryptor) (*EncryptedTLSAssetsOnDisk, error)

func (*EncryptedTLSAssetsOnDisk) Compact 

func (r *EncryptedTLSAssetsOnDisk) Compact() (*CompactTLSAssets, error)

func (*EncryptedTLSAssetsOnDisk) WriteToDir 

func (r *EncryptedTLSAssetsOnDisk) WriteToDir(dirname string) error

type EphemeralImageStorage 

type EphemeralImageStorage struct {
	Enabled    bool   `yaml:"enabled"`
	Disk       string `yaml:"disk"`
	Filesystem string `yaml:"filesystem"`
}

type EtcdSettings 

type EtcdSettings struct {
	model.Etcd                        `yaml:"etcd,omitempty"`
	DeprecatedEtcdCount               *int    `yaml:"etcdCount"`
	DeprecatedEtcdInstanceType        *string `yaml:"etcdInstanceType,omitempty"`
	DeprecatedEtcdRootVolumeSize      *int    `yaml:"etcdRootVolumeSize,omitempty"`
	DeprecatedEtcdRootVolumeType      *string `yaml:"etcdRootVolumeType,omitempty"`
	DeprecatedEtcdRootVolumeIOPS      *int    `yaml:"etcdRootVolumeIOPS,omitempty"`
	DeprecatedEtcdDataVolumeSize      *int    `yaml:"etcdDataVolumeSize,omitempty"`
	DeprecatedEtcdDataVolumeType      *string `yaml:"etcdDataVolumeType,omitempty"`
	DeprecatedEtcdDataVolumeIOPS      *int    `yaml:"etcdDataVolumeIOPS,omitempty"`
	DeprecatedEtcdDataVolumeEphemeral *bool   `yaml:"etcdDataVolumeEphemeral,omitempty"`
	DeprecatedEtcdDataVolumeEncrypted *bool   `yaml:"etcdDataVolumeEncrypted,omitempty"`
	DeprecatedEtcdTenancy             *string `yaml:"etcdTenancy,omitempty"`
}

Part of configuration which is specific to etcd nodes

func (EtcdSettings) EtcdCount 

func (e EtcdSettings) EtcdCount() int

func (EtcdSettings) EtcdDataVolumeEncrypted 

func (e EtcdSettings) EtcdDataVolumeEncrypted() bool

func (EtcdSettings) EtcdDataVolumeEphemeral 

func (e EtcdSettings) EtcdDataVolumeEphemeral() bool

func (EtcdSettings) EtcdDataVolumeIOPS 

func (e EtcdSettings) EtcdDataVolumeIOPS() int

func (EtcdSettings) EtcdDataVolumeSize 

func (e EtcdSettings) EtcdDataVolumeSize() int

func (EtcdSettings) EtcdDataVolumeType 

func (e EtcdSettings) EtcdDataVolumeType() string

func (EtcdSettings) EtcdInstanceType 

func (e EtcdSettings) EtcdInstanceType() string

func (EtcdSettings) EtcdRootVolumeIOPS 

func (e EtcdSettings) EtcdRootVolumeIOPS() int

func (EtcdSettings) EtcdRootVolumeSize 

func (e EtcdSettings) EtcdRootVolumeSize() int

func (EtcdSettings) EtcdRootVolumeType 

func (e EtcdSettings) EtcdRootVolumeType() string

func (EtcdSettings) EtcdTenancy 

func (e EtcdSettings) EtcdTenancy() string

func (EtcdSettings) Valid 

func (e EtcdSettings) Valid() error

Valid returns an error when there's any user error in the `etcd` settings

type Experimental 

type Experimental struct {
	Admission                   Admission                `yaml:"admission"`
	AuditLog                    AuditLog                 `yaml:"auditLog"`
	Authentication              Authentication           `yaml:"authentication"`
	AwsEnvironment              AwsEnvironment           `yaml:"awsEnvironment"`
	AwsNodeLabels               AwsNodeLabels            `yaml:"awsNodeLabels"`
	ClusterAutoscalerSupport    ClusterAutoscalerSupport `yaml:"clusterAutoscalerSupport"`
	TLSBootstrap                TLSBootstrap             `yaml:"tlsBootstrap"`
	EphemeralImageStorage       EphemeralImageStorage    `yaml:"ephemeralImageStorage"`
	Kube2IamSupport             Kube2IamSupport          `yaml:"kube2IamSupport,omitempty"`
	LoadBalancer                LoadBalancer             `yaml:"loadBalancer"`
	TargetGroup                 TargetGroup              `yaml:"targetGroup"`
	NodeDrainer                 NodeDrainer              `yaml:"nodeDrainer"`
	NodeLabels                  NodeLabels               `yaml:"nodeLabels"`
	Plugins                     Plugins                  `yaml:"plugins"`
	DisableSecurityGroupIngress bool                     `yaml:"disableSecurityGroupIngress"`
	NodeMonitorGracePeriod      string                   `yaml:"nodeMonitorGracePeriod"`
	Taints                      []Taint                  `yaml:"taints"`
	model.UnknownKeys           `yaml:",inline"`
}

func (Experimental) Valid 

func (c Experimental) Valid() error

type FlannelSettings 

type FlannelSettings struct {
	PodCIDR string `yaml:"podCIDR,omitempty"`
}

Part of configuration which is specific to flanneld

type InfrastructureValidationResult 

type InfrastructureValidationResult struct {
	// contains filtered or unexported fields
}

type KMSConfig 

type KMSConfig struct {
	Region         model.Region
	EncryptService EncryptService
	KMSKeyARN      string
}

type Kube2IamSupport 

type Kube2IamSupport struct {
	Enabled bool `yaml:"enabled"`
}

type KubeClusterSettings 

type KubeClusterSettings struct {
	APIEndpointConfigs model.APIEndpoints `yaml:"apiEndpoints,omitempty"`
	// Required by kubelet to locate the kube-apiserver
	ExternalDNSName string `yaml:"externalDNSName,omitempty"`
	// Required by kubelet to locate the cluster-internal dns hosted on controller nodes in the base cluster
	DNSServiceIP string `yaml:"dnsServiceIP,omitempty"`
	UseCalico    bool   `yaml:"useCalico,omitempty"`
}

Part of configuration which is shared between controller nodes and worker nodes. Its name is prefixed with `Kube` because it doesn't relate to etcd.

func (KubeClusterSettings) K8sNetworkPlugin 

func (c KubeClusterSettings) K8sNetworkPlugin() string

Required by kubelet to use the consistent network plugin with the base cluster

func (KubeClusterSettings) Valid 

func (c KubeClusterSettings) Valid() (*InfrastructureValidationResult, error)

type KubeResourcesAutosave added in v0.9.6 

type KubeResourcesAutosave struct {
	Enabled bool `yaml:"enabled"`
	S3Path  string
}

type LoadBalancer 

type LoadBalancer struct {
	Enabled          bool     `yaml:"enabled"`
	Names            []string `yaml:"names"`
	SecurityGroupIds []string `yaml:"securityGroupIds"`
}

type NodeDrainer 

type NodeDrainer struct {
	Enabled bool `yaml:"enabled"`
}

type NodeLabels 

type NodeLabels map[string]string

func (NodeLabels) Enabled 

func (l NodeLabels) Enabled() bool

func (NodeLabels) String 

func (l NodeLabels) String() string

Returns key=value pairs separated by ',' to be passed to kubelet's `--node-labels` flag

type Plugins 

type Plugins struct {
	Rbac Rbac `yaml:"rbac"`
}

type PodSecurityPolicy 

type PodSecurityPolicy struct {
	Enabled bool `yaml:"enabled"`
}

type RawAuthTokensOnDisk 

type RawAuthTokensOnDisk struct {
	// Contents of the CSV file holding auth tokens.
	AuthTokens RawCredentialOnDisk

	// Extracted from the auth tokens file
	KubeletBootstrapToken []byte
}

func ReadRawAuthTokens 

func ReadRawAuthTokens(dirname string) (*RawAuthTokensOnDisk, error)

func (*RawAuthTokensOnDisk) Compact 

func (r *RawAuthTokensOnDisk) Compact() (*CompactAuthTokens, error)

type RawAuthTokensOnMemory added in v0.9.6 

type RawAuthTokensOnMemory struct {
	// Contents of the CSV file holding auth tokens.
	Contents []byte
}

func NewAuthTokens 

func NewAuthTokens() RawAuthTokensOnMemory

func (RawAuthTokensOnMemory) WriteToDir added in v0.9.6 

func (r RawAuthTokensOnMemory) WriteToDir(dirname string) error

type RawCredentialOnDisk 

type RawCredentialOnDisk struct {
	// contains filtered or unexported fields
}

func RawCredentialFileFromPath 

func RawCredentialFileFromPath(filePath string) (*RawCredentialOnDisk, error)

func (*RawCredentialOnDisk) Fingerprint 

func (c *RawCredentialOnDisk) Fingerprint() string

func (*RawCredentialOnDisk) Persist 

func (c *RawCredentialOnDisk) Persist() error

func (*RawCredentialOnDisk) String 

func (c *RawCredentialOnDisk) String() string

type RawTLSAssetsOnDisk 

type RawTLSAssetsOnDisk struct {
	CACert         RawCredentialOnDisk
	CAKey          RawCredentialOnDisk
	APIServerCert  RawCredentialOnDisk
	APIServerKey   RawCredentialOnDisk
	WorkerCert     RawCredentialOnDisk
	WorkerKey      RawCredentialOnDisk
	AdminCert      RawCredentialOnDisk
	AdminKey       RawCredentialOnDisk
	EtcdCert       RawCredentialOnDisk
	EtcdClientCert RawCredentialOnDisk
	EtcdKey        RawCredentialOnDisk
	EtcdClientKey  RawCredentialOnDisk
}

PEM encoded TLS assets.

func ReadRawTLSAssets 

func ReadRawTLSAssets(dirname string) (*RawTLSAssetsOnDisk, error)

func (*RawTLSAssetsOnDisk) Compact 

func (r *RawTLSAssetsOnDisk) Compact() (*CompactTLSAssets, error)

type RawTLSAssetsOnMemory 

type RawTLSAssetsOnMemory struct {
	CACert         []byte
	CAKey          []byte
	APIServerCert  []byte
	APIServerKey   []byte
	WorkerCert     []byte
	WorkerKey      []byte
	AdminCert      []byte
	AdminKey       []byte
	EtcdCert       []byte
	EtcdClientCert []byte
	EtcdKey        []byte
	EtcdClientKey  []byte
}

PEM encoded TLS assets.

func (*RawTLSAssetsOnMemory) WriteToDir 

func (r *RawTLSAssetsOnMemory) WriteToDir(dirname string, includeCAKey bool) error

type Rbac 

type Rbac struct {
	Enabled bool `yaml:"enabled"`
}

type StackConfig 

type StackConfig struct {
	*Config
	StackTemplateOptions
	UserDataWorker        string
	UserDataController    string
	UserDataEtcd          string
	ControllerSubnetIndex int
}

func (*StackConfig) Compress 

func (c *StackConfig) Compress() (*CompressedStackConfig, error)

func (*StackConfig) EtcdSnapshotsS3Bucket added in v0.9.6 

func (c *StackConfig) EtcdSnapshotsS3Bucket() (string, error)

func (*StackConfig) EtcdSnapshotsS3Path 

func (c *StackConfig) EtcdSnapshotsS3Path() (string, error)

func (*StackConfig) EtcdSnapshotsS3Prefix 

func (c *StackConfig) EtcdSnapshotsS3Prefix() (string, error)

func (*StackConfig) UserDataControllerFileName 

func (c *StackConfig) UserDataControllerFileName() string

UserDataControllerFileName is used to upload and download userdata-controller-<fingerprint> files

func (*StackConfig) UserDataControllerS3Prefix 

func (c *StackConfig) UserDataControllerS3Prefix() (string, error)

UserDataControllerS3Prefix is the prefix prepended to all userdata-controller-<fingerprint> files uploaded to S3 Use this to author the IAM policy to provide controller nodes least required permissions for getting the files from S3

func (*StackConfig) UserDataControllerS3URI 

func (c *StackConfig) UserDataControllerS3URI() (string, error)

UserDataControllerS3URI is the URI to an userdata-controller-<fingerprint> file used to provision controller nodes Use this to run download the file by running e.g. `aws cp *return value of UserDataControllerS3URI* ./`

func (*StackConfig) UserDataEtcdFileName 

func (c *StackConfig) UserDataEtcdFileName() string

UserDataEtcdFileName is used to upload and download userdata-etcd-<fingerprint> files

func (*StackConfig) UserDataEtcdS3Prefix 

func (c *StackConfig) UserDataEtcdS3Prefix() (string, error)

UserDataEtcdS3Prefix is the prefix prepended to all userdata-etcd-<fingerprint> files uploaded to S3 Use this to author the IAM policy to provide etcd nodes least required permissions for getting the files from S3

func (*StackConfig) UserDataEtcdS3URI 

func (c *StackConfig) UserDataEtcdS3URI() (string, error)

UserDataEtcdS3URI is the URI to an userdata-etcd-<fingerprint> file used to provision etcd nodes Use this to run download the file by running e.g. `aws cp *return value of UserDataEtcdS3URI* ./`

func (*StackConfig) ValidateUserData 

func (c *StackConfig) ValidateUserData() error

type StackTemplateOptions 

type StackTemplateOptions struct {
	AssetsDir             string
	ControllerTmplFile    string
	EtcdTmplFile          string
	StackTemplateTmplFile string
	S3URI                 string
	PrettyPrint           bool
	SkipWait              bool
}

type TLSBootstrap added in v0.9.6 

type TLSBootstrap struct {
	Enabled bool `yaml:"enabled"`
}

type Taint 

type Taint struct {
	Key    string `yaml:"key"`
	Value  string `yaml:"value"`
	Effect string `yaml:"effect"`
}

func (Taint) String 

func (t Taint) String() string

type TargetGroup 

type TargetGroup struct {
	Enabled          bool     `yaml:"enabled"`
	Arns             []string `yaml:"arns"`
	SecurityGroupIds []string `yaml:"securityGroupIds"`
}

type WaitSignal 

type WaitSignal struct {
	// WaitSignal is enabled by default. If you'd like to explicitly disable it, set this to `false`.
	// Keeping this `nil` results in the WaitSignal to be enabled.
	EnabledOverride      *bool `yaml:"enabled"`
	MaxBatchSizeOverride *int  `yaml:"maxBatchSize"`
}

func (WaitSignal) Enabled 

func (s WaitSignal) Enabled() bool

func (WaitSignal) MaxBatchSize 

func (s WaitSignal) MaxBatchSize() int

type Webhook 

type Webhook struct {
	Enabled  bool   `yaml:"enabled"`
	CacheTTL string `yaml:"cacheTTL"`
	Config   string `yaml:"configBase64"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.