Documentation ¶
Overview ¶
Package origin provides objects for creating an OpenShift Origin server
Index ¶
- Variables
- func LegacyStorage(storage map[schema.GroupVersion]map[string]rest.Storage) map[string]rest.Storage
- func NewAuthenticator(options configapi.MasterConfig, privilegedLoopbackConfig *rest.Config, ...) (authenticator.Request, map[string]genericapiserver.PostStartHookFunc, error)
- func NewAuthorizer(informers InformerAccess, projectRequestDenyMessage string) authorizer.Authorizer
- func NewOAuthServerConfigFromMasterConfig(masterConfig *MasterConfig, listener net.Listener) (*oauthserver.OAuthServerConfig, error)
- func NewRuleResolver(informers rbacinformers.Interface) rbacregistryvalidation.AuthorizationRuleResolver
- func NewServiceProxyHandler(serviceName string, serviceNamespace string, serviceResolver ServiceResolver, ...) (*serviceProxyHandler, error)
- func NewSubjectLocator(informers rbacinformers.Interface) rbacauthorizer.SubjectLocator
- func PanicOnGRPCStuckThreads(interval time.Duration, stopCh <-chan struct{})
- func StartProfiler()
- func WithPatternPrefixHandler(handler http.Handler, patternHandler http.Handler, prefixes ...string) http.Handler
- type CompletedConfig
- type CompletedOpenshiftNonAPIConfig
- type GenericResourceInformer
- type InformerAccess
- type MasterConfig
- func (c *MasterConfig) AddPostStartHooks(server *apiserver.GenericAPIServer)
- func (c *MasterConfig) RouteAllocator() *routeallocationcontroller.RouteAllocationController
- func (c *MasterConfig) Run(stopCh <-chan struct{}) error
- func (c *MasterConfig) RunDNSServer()
- func (c *MasterConfig) RunKubeAPIServer(stopCh <-chan struct{}) error
- func (c *MasterConfig) RunOpenShift(stopCh <-chan struct{}) error
- type NonAPIExtraConfig
- type OpenshiftAPIConfig
- type OpenshiftAPIExtraConfig
- type OpenshiftAPIServer
- type OpenshiftNonAPIConfig
- type OpenshiftNonAPIServer
- type ServiceResolver
- type TooManyThreadsStuckHealth
Constants ¶
This section is empty.
Variables ¶
var GRPCThreadLimit = 0
Functions ¶
func LegacyStorage ¶
LegacyStorage returns a storage for locked legacy types.
func NewAuthenticator ¶
func NewAuthenticator( options configapi.MasterConfig, privilegedLoopbackConfig *rest.Config, informers InformerAccess, ) (authenticator.Request, map[string]genericapiserver.PostStartHookFunc, error)
func NewAuthorizer ¶
func NewAuthorizer(informers InformerAccess, projectRequestDenyMessage string) authorizer.Authorizer
func NewOAuthServerConfigFromMasterConfig ¶
func NewOAuthServerConfigFromMasterConfig(masterConfig *MasterConfig, listener net.Listener) (*oauthserver.OAuthServerConfig, error)
TODO this is taking a very large config for a small piece of it. The information must be broken up at some point so that we can run this in a pod. This is an indication of leaky abstraction because it spent too much time in openshift start
func NewRuleResolver ¶
func NewRuleResolver(informers rbacinformers.Interface) rbacregistryvalidation.AuthorizationRuleResolver
func NewServiceProxyHandler ¶
func NewServiceProxyHandler(serviceName string, serviceNamespace string, serviceResolver ServiceResolver, caBundle []byte, applicationDisplayName string) (*serviceProxyHandler, error)
NewServiceProxyHandler is a simple proxy that doesn't handle upgrades, passes headers directly through, and doesn't assert any identity.
func NewSubjectLocator ¶
func NewSubjectLocator(informers rbacinformers.Interface) rbacauthorizer.SubjectLocator
func PanicOnGRPCStuckThreads ¶
func StartProfiler ¶
func StartProfiler()
Types ¶
type CompletedConfig ¶
type CompletedConfig struct {
// contains filtered or unexported fields
}
func (CompletedConfig) New ¶
func (c CompletedConfig) New(delegationTarget genericapiserver.DelegationTarget) (*OpenshiftAPIServer, error)
type CompletedOpenshiftNonAPIConfig ¶
type CompletedOpenshiftNonAPIConfig struct {
// contains filtered or unexported fields
}
func (CompletedOpenshiftNonAPIConfig) New ¶
func (c CompletedOpenshiftNonAPIConfig) New(delegationTarget genericapiserver.DelegationTarget) (*OpenshiftNonAPIServer, error)
type GenericResourceInformer ¶
type GenericResourceInformer interface { ForResource(resource schema.GroupVersionResource) (kexternalinformers.GenericInformer, error) Start(stopCh <-chan struct{}) }
type InformerAccess ¶
type InformerAccess interface { GetInternalKubernetesInformers() kinternalinformers.SharedInformerFactory GetKubernetesInformers() kinformers.SharedInformerFactory GetOpenshiftAppInformers() appsinformer.SharedInformerFactory GetOpenshiftRouteInformers() routeinformer.SharedInformerFactory GetOpenshiftUserInformers() userinformer.SharedInformerFactory GetInternalOpenshiftAuthorizationInformers() authorizationinformer.SharedInformerFactory GetInternalOpenshiftBuildInformers() buildinformer.SharedInformerFactory GetInternalOpenshiftImageInformers() imageinformer.SharedInformerFactory GetInternalOpenshiftNetworkInformers() networkinformer.SharedInformerFactory GetInternalOpenshiftOauthInformers() oauthinformer.SharedInformerFactory GetInternalOpenshiftQuotaInformers() quotainformer.SharedInformerFactory GetInternalOpenshiftSecurityInformers() securityinformer.SharedInformerFactory GetInternalOpenshiftTemplateInformers() templateinformer.SharedInformerFactory ToGenericInformer() GenericResourceInformer Start(stopCh <-chan struct{}) }
func NewInformers ¶
func NewInformers(clientConfig *rest.Config) (InformerAccess, error)
NewInformers is only exposed for the build's integration testing until it can be fixed more appropriately.
type MasterConfig ¶
type MasterConfig struct { Options configapi.MasterConfig // RESTOptionsGetter provides access to storage and RESTOptions for a particular resource RESTOptionsGetter restoptions.Getter RuleResolver rbacregistryvalidation.AuthorizationRuleResolver SubjectLocator rbacauthorizer.SubjectLocator ProjectAuthorizationCache *projectauth.AuthorizationCache ProjectCache *projectcache.ProjectCache ClusterQuotaMappingController *clusterquotamapping.ClusterQuotaMappingController LimitVerifier imageadmission.LimitVerifier RESTMapper *restmapper.DeferredDiscoveryRESTMapper // RegistryHostnameRetriever retrieves the name of the integrated registry, or false if no such registry // is available. RegistryHostnameRetriever imageapi.RegistryHostnameRetriever // PrivilegedLoopbackClientConfig is the client configuration used to call OpenShift APIs from system components // To apply different access control to a system component, create a client config specifically for that component. PrivilegedLoopbackClientConfig restclient.Config // PrivilegedLoopbackKubernetesClientsetInternal is the client used to call Kubernetes APIs from system components, // built from KubeClientConfig. It should only be accessed via the *TestingClient() helper methods. To apply // different access control to a system component, create a separate client/config specifically for // that component. PrivilegedLoopbackKubernetesClientsetInternal kclientsetinternal.Interface // PrivilegedLoopbackKubernetesClientsetExternal is the client used to call Kubernetes APIs from system components, // built from KubeClientConfig. It should only be accessed via the *TestingClient() helper methods. To apply // different access control to a system component, create a separate client/config specifically for // that component. PrivilegedLoopbackKubernetesClientsetExternal kclientsetexternal.Interface AuditBackend audit.Backend // TODO inspect uses to eliminate them InternalKubeInformers kinternalinformers.SharedInformerFactory ClientGoKubeInformers kubeclientgoinformers.SharedInformerFactory AuthorizationInformers authorizationinformer.SharedInformerFactory RouteInformers routeinformer.SharedInformerFactory QuotaInformers quotainformer.SharedInformerFactory SecurityInformers securityinformer.SharedInformerFactory // contains filtered or unexported fields }
MasterConfig defines the required parameters for starting the OpenShift master
func BuildMasterConfig ¶ added in v0.3.3
func BuildMasterConfig( options configapi.MasterConfig, informers InformerAccess, ) (*MasterConfig, error)
BuildMasterConfig builds and returns the OpenShift master configuration based on the provided options
func (*MasterConfig) AddPostStartHooks ¶
func (c *MasterConfig) AddPostStartHooks(server *apiserver.GenericAPIServer)
func (*MasterConfig) RouteAllocator ¶ added in v0.4.2
func (c *MasterConfig) RouteAllocator() *routeallocationcontroller.RouteAllocationController
RouteAllocator returns a route allocation controller.
func (*MasterConfig) Run ¶ added in v0.2.1
func (c *MasterConfig) Run(stopCh <-chan struct{}) error
Run launches the OpenShift master by creating a kubernetes master, installing OpenShift APIs into it and then running it. TODO this method only exists to support the old openshift start path. It should be removed a little ways into 3.10.
func (*MasterConfig) RunDNSServer ¶ added in v0.4.2
func (c *MasterConfig) RunDNSServer()
RunDNSServer starts the DNS server
func (*MasterConfig) RunKubeAPIServer ¶
func (c *MasterConfig) RunKubeAPIServer(stopCh <-chan struct{}) error
func (*MasterConfig) RunOpenShift ¶
func (c *MasterConfig) RunOpenShift(stopCh <-chan struct{}) error
type NonAPIExtraConfig ¶
type NonAPIExtraConfig struct {
OAuthMetadata []byte
}
type OpenshiftAPIConfig ¶
type OpenshiftAPIConfig struct { GenericConfig *genericapiserver.RecommendedConfig ExtraConfig OpenshiftAPIExtraConfig }
func (*OpenshiftAPIConfig) Complete ¶
func (c *OpenshiftAPIConfig) Complete() completedConfig
Complete fills in any fields not set that are required to have valid data. It's mutating the receiver.
type OpenshiftAPIExtraConfig ¶
type OpenshiftAPIExtraConfig struct { KubeAPIServerClientConfig *restclient.Config KubeClientInternal kclientsetinternal.Interface KubeInternalInformers kinternalinformers.SharedInformerFactory KubeInformers kubeinformers.SharedInformerFactory QuotaInformers quotainformer.SharedInformerFactory SecurityInformers securityinformer.SharedInformerFactory // these are all required to build our storage RuleResolver rbacregistryvalidation.AuthorizationRuleResolver SubjectLocator rbacauthorizer.SubjectLocator // for Images LimitVerifier imageadmission.LimitVerifier // RegistryHostnameRetriever retrieves the internal and external hostname of // the integrated registry, or false if no such registry is available. RegistryHostnameRetriever imageapi.RegistryHostnameRetriever AllowedRegistriesForImport *configapi.AllowedRegistries MaxImagesBulkImportedPerRepository int AdditionalTrustedCA []byte RouteAllocator *routeallocationcontroller.RouteAllocationController ProjectAuthorizationCache *projectauth.AuthorizationCache ProjectCache *projectcache.ProjectCache ProjectRequestTemplate string ProjectRequestMessage string RESTMapper meta.RESTMapper // oauth API server ServiceAccountMethod configapi.GrantHandlerType ClusterQuotaMappingController *clusterquotamapping.ClusterQuotaMappingController // SCCStorage is actually created with a kubernetes restmapper options to have the correct prefix, // so we have to have it special cased here to point to the right spot. SCCStorage *sccstorage.REST }
func (*OpenshiftAPIExtraConfig) Validate ¶
func (c *OpenshiftAPIExtraConfig) Validate() error
Validate helps ensure that we build this config correctly, because there are lots of bits to remember for now
type OpenshiftAPIServer ¶
type OpenshiftAPIServer struct {
GenericAPIServer *genericapiserver.GenericAPIServer
}
OpenshiftAPIServer is only responsible for serving the APIs for Openshift It does NOT expose oauth, related oauth endpoints, or any kube APIs.
type OpenshiftNonAPIConfig ¶
type OpenshiftNonAPIConfig struct { GenericConfig *genericapiserver.RecommendedConfig ExtraConfig NonAPIExtraConfig }
func (*OpenshiftNonAPIConfig) Complete ¶
func (c *OpenshiftNonAPIConfig) Complete() completedOpenshiftNonAPIConfig
Complete fills in any fields not set that are required to have valid data. It's mutating the receiver.
type OpenshiftNonAPIServer ¶
type OpenshiftNonAPIServer struct {
GenericAPIServer *genericapiserver.GenericAPIServer
}
OpenshiftNonAPIServer serves non-API endpoints for openshift.
type ServiceResolver ¶
A ServiceResolver knows how to get a URL given a service.
type TooManyThreadsStuckHealth ¶
type TooManyThreadsStuckHealth struct {
// contains filtered or unexported fields
}
TooManyThreadsStuckHealth is a health checker that indicates when we have too many thread in a particular method. This condition usually indicates that we got stuck and we should restart ourselves
func NewGRPCStuckThreads ¶
func NewGRPCStuckThreads() *TooManyThreadsStuckHealth
func (*TooManyThreadsStuckHealth) Check ¶
func (h *TooManyThreadsStuckHealth) Check(req *http.Request) error
func (*TooManyThreadsStuckHealth) Count ¶
func (h *TooManyThreadsStuckHealth) Count() int
func (*TooManyThreadsStuckHealth) Name ¶
func (h *TooManyThreadsStuckHealth) Name() string