README ¶
OpenShift Application Platform
OpenShift Origin is a distribution of Kubernetes optimized for continuous application development and multi-tenant deployment. OpenShift adds developer and operations-centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle maintenance for small and large teams.
Features:
- Easily build applications with integrated service discovery and persistent storage.
- Quickly and easily scale applications to handle periods of increased demand.
- Support for automatic high availability, load balancing, health checking, and failover.
- Push source code to your Git repository and automatically deploy containerized applications.
- Web console and command-line client for building and monitoring applications.
- Centralized administration and management of an entire stack, team, or organization.
- Create reusable templates for components of your system, and iteratively deploy them over time.
- Roll out modifications to software stacks to your entire organization in a controlled fashion.
- Integration with your existing authentication mechanisms, including LDAP, Active Directory, and public OAuth providers such as GitHub.
- Multi-tenancy support, including team and user isolation of containers, builds, and network communication.
- Allow developers to run containers securely with fine-grained controls in production.
- Limit, track, and manage the developers and teams on the platform.
- Integrated Docker registry, automatic edge load balancing, cluster logging, and integrated metrics.
Learn More:
- Public Documentation
- Our Trello Roadmap covers the epics and stories being worked on (click through to individual items)
For questions or feedback, reach us on IRC on #openshift-dev on Freenode or post to our mailing list.
Getting Started
Installation
If you have downloaded the client tools from the releases page, place the included binaries in your PATH.
- On any system with a Docker engine installed, you can run
oc cluster up
to get started immediately. Try it out now! - For a full cluster installation using Ansible, follow the Advanced Installation guide
- To build and run from source, see CONTRIBUTING.adoc
Concepts
OpenShift builds a developer-centric workflow around Docker containers and Kubernetes runtime concepts. An Image Stream lets you easily tag, import, and publish Docker images from the integrated registry. A Build Config allows you to launch Docker builds, build directly from source code, or trigger Jenkins Pipeline jobs whenever an image stream tag is updated. A Deployment Config allows you to redeploy whenever a new image becomes available. Routes make it trivial to expose your Kubernetes services via a public DNS name. As an administrator, you can enable your developers to request new Projects which come with predefined roles, quotas, and security controls to fairly divide access.
For more on the underlying concepts of OpenShift, please see the documentation site.
OpenShift API
The OpenShift API is located on each server at https://<host>:8443/oapi/v1
. These APIs are described via Swagger v1.2 at https://<host>:8443/swaggerapi/oapi/v1
. For more, see the API documentation.
Kubernetes
OpenShift embeds Kubernetes and extends it with security and other integrated concepts. An OpenShift Origin release corresponds to the Kubernetes distribution - for example, OpenShift 1.4 includes Kubernetes 1.4.
If you're looking for more information about using Kubernetes or the lower level concepts that Origin depends on, see the following:
What can I run on OpenShift?
OpenShift is designed to run any existing Docker images. Additionally, you can define builds that will produce new Docker images using a Dockerfile
.
For an easier experience running your source code, Source-to-Image (S2I) allows developers to simply provide an application source repository containing code to build and run. It works by combining an existing S2I-enabled Docker image with application source to produce a new runnable image for your application.
You can see the full list of Source-to-Image builder images and it's straightforward to create your own. Some of our available images include:
Your application image can be easily extended with a database service with our database images:
What sorts of security controls does OpenShift provide for containers?
OpenShift runs with the following security policy by default:
- Containers run as a non-root unique user that is separate from other system users
- They cannot access host resources, run privileged, or become root
- They are given CPU and memory limits defined by the system administrator
- Any persistent storage they access will be under a unique SELinux label, which prevents others from seeing their content
- These settings are per project, so containers in different projects cannot see each other by default
- Regular users can run Docker, source, and custom builds
- By default, Docker builds can (and often do) run as root. You can control who can create Docker builds through the
builds/docker
andbuilds/custom
policy resource.
- By default, Docker builds can (and often do) run as root. You can control who can create Docker builds through the
- Regular users and project admins cannot change their security quotas.
Many Docker containers expect to run as root (and therefore edit all the contents of the filesystem). The Image Author's guide gives recommendations on making your image more secure by default:
* Don't run as root
* Make directories you want to write to group-writable and owned by group id 0
* Set the net-bind capability on your executables if they need to bind to ports < 1024
If you are running your own cluster and want to run a container as root, you can grant that permission to the containers in your current project with the following command:
# Gives the default service account in the current project access to run as UID 0 (root)
oc adm add-scc-to-user anyuid -z default
See the security documentation more on confining applications.
Support for Kubernetes Alpha Features
Some features from upstream Kubernetes are not yet enabled in OpenShift, for reasons including supportability, security, or limitations in the upstream feature.
Kubernetes Definitions:
- Alpha
- The feature is available, but no guarantees are made about backwards compatibility or whether data is preserved when feature moves to Beta.
- The feature may have significant bugs and is suitable for testing and prototyping.
- The feature may be replaced or significantly redesigned in the future.
- No migration to Beta is generally provided other than documentation of the change.
- Beta
- The feature is available and generally agreed to solve the desired solution, but may need stabilization or additional feedback.
- The feature is potentially suitable for limited production use under constrained circumstances.
- The feature is unlikely to be replaced or removed, although it is still possible for feature changes that require migration.
OpenShift uses these terms in the same fashion as Kubernetes, and adds four more:
- Not Yet Secure
- Features which are not yet enabled because they have significant security or stability risks to the cluster
- Generally this applies to features which may allow escalation or denial-of-service behavior on the platform
- In some cases this is applied to new features which have not had time for full security review
- Potentially Insecure
- Features that require additional work to be properly secured in a multi-user environment
- These features are only enabled for cluster admins by default and we do not recommend enabling them for untrusted users
- We generally try to identify and fix these within 1 release of their availability
- Tech Preview
- Features that are considered unsupported for various reasons are known as 'tech preview' in our documentation
- Kubernetes Alpha and Beta features are considered tech preview, although occasionally some features will be graduated early
- Any tech preview feature is not supported in OpenShift Container Platform except through exemption
- Disabled Pending Migration
- These are features that are new in Kubernetes but which originated in OpenShift, and thus need migrations for existing users
- We generally try to minimize the impact of features introduced upstream to Kubernetes on OpenShift users by providing seamless migration for existing clusters.
- Generally these are addressed within 1 Kubernetes release
The list of features that qualify under these labels is described below, along with additional context for why.
Feature | Kubernetes | OpenShift | Justification |
---|---|---|---|
Third Party Resources | Alpha (1.4, 1.5) | Not Yet Secure | Third party resources are still under active development upstream. Known issues include failure to clean up resources in etcd, which may result in a denial of service attack against the cluster. We are considering enabling them for development environments only. |
Garbage Collection | Alpha (1.3) Beta (1.4, 1.5) |
Tech Preview (1.4, 1.5) | Garbage collection will automatically delete related resources on the server, and thus given the potential for data loss we are waiting for GC to graduate to beta and have a full release cycle of testing before enabling it in Origin. |
Stateful Sets | Alpha (1.3, 1.4) Beta (1.5) |
Tech Preview (1.3, 1.4, 1.5) | Stateful Sets are still being actively developed and no backwards compatibility is guaranteed until 1.5 is released. Starting in 1.5, Stateful Sets will be enabled by default and some backwards compatibility will be guaranteed. |
Init Containers | Alpha (1.3, 1.4) Beta(1.5) |
Tech Preview (1.3, 1.4, 1.5) | Init containers are properly secured, but will not be officially supported until 1.6. |
Federated Clusters | Alpha (1.3) Beta (1.4, 1.5) |
Tech Preview (1.3, 1.4, 1.5) | A Kubernetes federation server may be used against Origin clusters with the appropriate credentials today. Known issues include tenant support in federation and the ability to have consistent access control between federation and normal clusters. No Origin specific binary is being distributed for federation at this time. |
Deployment | Beta (1.3, 1.4, 1.5) | Tech Preview (1.3, 1.4, 1.5) | OpenShift launched with DeploymentConfigs, a more fully featured Deployment object. DeploymentConfigs are more appropriate for developer flows where you want to push code and have it automatically be deployed, and also provide more advanced hooks and custom deployments. Use Kubernetes Deployments when you are managing change outside of OpenShift. |
Replica Sets | Beta (1.3, 1.4, 1.5) | Tech Preview (1.3, 1.4, 1.5) | Replica Sets perform the same function as Replication Controllers, but have a more powerful label syntax. Both ReplicationControllers and ReplicaSets can be used. |
Ingress | Beta (1.2, 1.3, 1.4, 1.5) | Tech Preview (1.3, 1.4, 1.5) | OpenShift launched with Routes, a more full featured Ingress object. In 1.5, Ingress rules can be read by the router (disabled by default), but because Ingress objects reference secrets you must grant the routers a very level of access to your cluster to run with them. Future changes will likely reduce the security impact of enabling Ingress. |
PodSecurityPolicy | Beta (1.3, 1.4, 1.5) | Tech Preview (1.3, 1.4, 1.5) | OpenShift launched with SecurityContextConstraints, and then upstreamed them as PodSecurityPolicy. We plan to enable upstream PodSecurityPolicy so as to automatically migrate existing SecurityContextConstraints. PodSecurityPolicy has not yet completed a full security review, which will be part of the criteria for tech preview. SecurityContextConstraints are a superset of PodSecurityPolicy features. |
PodAntiAffinitySelectors | Beta (1.3, 1.4, 1.5) | Not Yet Secure (1.3) Tech Preview (1.4, 1.5) |
End users are not allowed to set PodAntiAffinitySelectors that are not the node name due to the possibility of attacking the scheduler via denial of service. |
NetworkPolicy | Beta (1.3, 1.4, 1.5) | Tech Preview (1.3, 1.4, 1.5) | Starting with 1.5, OpenShift SDN will expose an experimental mode that uses network policy to restrict access to pods. Future releases will expand this support. |
Please contact us if this list omits a feature supported in Kubernetes which does not run in Origin.
Contributing
You can develop locally on your host or with a virtual machine, or if you want to just try out Origin download the latest Linux server, or Windows and Mac OS X client pre-built binaries.
First, get up and running with the Contributing Guide.
All contributions are welcome - Origin uses the Apache 2 license and does not require any contributor agreement to submit patches. Please open issues for any bugs or problems you encounter, ask questions on the OpenShift IRC channel (#openshift-dev on freenode), or get involved in the Kubernetes project at the container runtime layer.
See HACKING.md for more details on developing on Origin including how different tests are setup.
If you want to run the test suite, make sure you have your environment set up, and from the origin
directory run:
# run the verifiers, unit tests, and command tests
$ make check
# run a command-line integration test suite
$ hack/test-cmd.sh
# run the integration server test suite
$ hack/test-integration.sh
# run the end-to-end test suite
$ hack/test-end-to-end.sh
# run all of the tests above
$ make test
You'll need etcd installed and on your path for the integration and end-to-end tests to run, and Docker must be installed to run the end-to-end tests. To install etcd you should be able to run:
$ hack/install-etcd.sh
Some of the components of Origin run as Docker images, including the builders and deployment tools in images/builder/docker/*
and images/deploy/*
. To build them locally run
$ hack/build-images.sh
To hack on the web console, check out the assets/README.md file for instructions on testing the console and building your changes.
Security Response
If you've found a security issue that you'd like to disclose confidentially please contact Red Hat's Product Security team. Details at https://access.redhat.com/security/team/contact
License
OpenShift is licensed under the Apache License, Version 2.0.
Documentation ¶
Overview ¶
This is the source repository for OpenShift Origin - the best way to build, manage, and deploy applications in the cloud. The OpenShift 3.0 codebase is based around Docker images and containers and the Kubernetes container management system.
Directories ¶
Path | Synopsis |
---|---|
Package cmd contains the executables for OpenShift 3.
|
Package cmd contains the executables for OpenShift 3. |
openshift
Package main contains the main executable for OpenShift 3 `openshift` which is an integrated client and server binary.
|
Package main contains the main executable for OpenShift 3 `openshift` which is an integrated client and server binary. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/cmd/controller-manager/app
Package app implements a server that runs the service catalog controllers.
|
Package app implements a server that runs the service catalog controllers. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/cmd/service-catalog
A binary that can morph into all of the other kubernetes service-catalog binaries.
|
A binary that can morph into all of the other kubernetes service-catalog binaries. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/contrib/pkg/brokerapi
Package brokerapi contains types that are used exclusively to talk to a backing open service broker API compatible API
|
Package brokerapi contains types that are used exclusively to talk to a backing open service broker API compatible API |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/contrib/pkg/brokerapi/fake
Package fake contains fake implementations of each of the CF broker APIs.
|
Package fake contains fake implementations of each of the CF broker APIs. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/apis/servicecatalog
Package servicecatalog contains all of the sources needed to make servicebrokers and their related service objects.
|
Package servicecatalog contains all of the sources needed to make servicebrokers and their related service objects. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/apis/servicecatalog/install
Package install registers the service-catalog API group
|
Package install registers the service-catalog API group |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/apis/servicecatalog/testapi
Package testapi provides a helper for retrieving the KUBE_TEST_API environment variable.
|
Package testapi provides a helper for retrieving the KUBE_TEST_API environment variable. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/apis/servicecatalog/v1beta1
Package v1beta1 defines all of the versioned (v1beta1) definitions of the service catalog model.
|
Package v1beta1 defines all of the versioned (v1beta1) definitions of the service catalog model. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/client/clientset_generated/clientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/client/clientset_generated/clientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/client/clientset_generated/clientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/client/clientset_generated/clientset/typed/servicecatalog/v1beta1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/client/clientset_generated/clientset/typed/servicecatalog/v1beta1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/client/clientset_generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/client/clientset_generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/client/clientset_generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/client/clientset_generated/internalclientset/typed/servicecatalog/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/client/clientset_generated/internalclientset/typed/servicecatalog/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
service-catalog/go/src/github.com/kubernetes-incubator/service-catalog/pkg/openapi
Package openapi exists to hold generated openapi code
|
Package openapi exists to hold generated openapi code |
Package examples contains sample applications for trying out the concepts in OpenShift 3.
|
Package examples contains sample applications for trying out the concepts in OpenShift 3. |
statefulsets/peer-finder
A small utility program to lookup hostnames of endpoints in a service.
|
A small utility program to lookup hostnames of endpoints in a service. |
images
|
|
Package pkg contains all of the libraries for OpenShift 3.
|
Package pkg contains all of the libraries for OpenShift 3. |
api
Package api includes all OpenShift-specific types used to communicate between the various parts of the OpenShift and the Kubernetes systems.
|
Package api includes all OpenShift-specific types used to communicate between the various parts of the OpenShift and the Kubernetes systems. |
api/latest
Package latest defines the default output serializations that code should use and imports the required schemas.
|
Package latest defines the default output serializations that code should use and imports the required schemas. |
api/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
apps
Package deploy contains logic for watching and synchronizing deployments from configuration.
|
Package deploy contains logic for watching and synchronizing deployments from configuration. |
apps/apis/apps
+groupName=apps.openshift.io Package api is the internal version of the API.
|
+groupName=apps.openshift.io Package api is the internal version of the API. |
apps/apis/apps/v1
+groupName=apps.openshift.io Package v1 is the v1 version of the API.
|
+groupName=apps.openshift.io Package v1 is the v1 version of the API. |
apps/cmd
Package cmd contains various interface implementations for command-line tools associated with deploymentconfigs.
|
Package cmd contains various interface implementations for command-line tools associated with deploymentconfigs. |
apps/controller
Package controller contains all the controllers which taken together implement the deployment system's behavior.
|
Package controller contains all the controllers which taken together implement the deployment system's behavior. |
apps/generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
apps/generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
apps/generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
apps/generated/internalclientset/typed/apps/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
apps/generated/internalclientset/typed/apps/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
apps/metrics/prometheus
Package prometheus contains code for injecting apps related metrics into the prometheus registry running in the openshift master
|
Package prometheus contains code for injecting apps related metrics into the prometheus registry running in the openshift master |
apps/registry/deployconfig
Package deployconfig provides Registry interface and its RESTStorage implementation for storing DeploymentConfig api objects.
|
Package deployconfig provides Registry interface and its RESTStorage implementation for storing DeploymentConfig api objects. |
apps/registry/deploylog
Package deploylog provides a Registry interface for retrieving deployment logs
|
Package deploylog provides a Registry interface for retrieving deployment logs |
apps/registry/rollback
Package rollback contains the code for generating DeploymentConfigs representing rollbacks as well as REST support for API clients.
|
Package rollback contains the code for generating DeploymentConfigs representing rollbacks as well as REST support for API clients. |
apps/strategy
Package strategy contains implementations of core deployment strategies.
|
Package strategy contains implementations of core deployment strategies. |
apps/strategy/support
Package support is a library of code useful to any strategy.
|
Package support is a library of code useful to any strategy. |
authorization/apis/authorization
+groupName=authorization.openshift.io Package api is the internal version of the API.
|
+groupName=authorization.openshift.io Package api is the internal version of the API. |
authorization/apis/authorization/v1
+groupName=authorization.openshift.io Package v1 is the v1 version of the API.
|
+groupName=authorization.openshift.io Package v1 is the v1 version of the API. |
authorization/generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
authorization/generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
authorization/generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
authorization/generated/internalclientset/typed/authorization/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
authorization/generated/internalclientset/typed/authorization/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
build
Package build contains the OpenShift build system.
|
Package build contains the OpenShift build system. |
build/admission
Package admission contains admission control plugins that work with builds or pods that are running builds.
|
Package admission contains admission control plugins that work with builds or pods that are running builds. |
build/apis/build
+groupName=build.openshift.io Package api is the internal version of the API.
|
+groupName=build.openshift.io Package api is the internal version of the API. |
build/apis/build/v1
+groupName=build.openshift.io Package v1 is the v1 version of the API.
|
+groupName=build.openshift.io Package v1 is the v1 version of the API. |
build/builder
Package builder contains builders for STI and Docker in OpenShift Origin
|
Package builder contains builders for STI and Docker in OpenShift Origin |
build/builder/cmd
Package cmd contains the main entry point for the docker and STI builders
|
Package cmd contains the main entry point for the docker and STI builders |
build/builder/cmd/dockercfg
Package dockercfg contains a command helper to read .dockercfg files
|
Package dockercfg contains a command helper to read .dockercfg files |
build/builder/cmd/scmauth
Package scmauth provides SCM authentication methods based on secret files
|
Package scmauth provides SCM authentication methods based on secret files |
build/builder/util/dockerfile
Package dockerfile has utilities that complement Docker's official Dockerfile parser.
|
Package dockerfile has utilities that complement Docker's official Dockerfile parser. |
build/cmd
Package cmd provides command helpers for builds
|
Package cmd provides command helpers for builds |
build/controller/build/defaults
Package defaults contains the BuildDefaults admission control plugin.
|
Package defaults contains the BuildDefaults admission control plugin. |
build/controller/build/defaults/api
Package api is the internal version of the API.
|
Package api is the internal version of the API. |
build/controller/build/defaults/api/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
build/controller/build/overrides
Package overrides contains the BuildOverrides admission control plugin.
|
Package overrides contains the BuildOverrides admission control plugin. |
build/controller/build/overrides/api
Package api is the internal version of the API.
|
Package api is the internal version of the API. |
build/controller/build/overrides/api/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
build/controller/build/pluginconfig/testing
Package testing contains types for tests.
|
Package testing contains types for tests. |
build/generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
build/generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
build/generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
build/generated/internalclientset/typed/build/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
build/generated/internalclientset/typed/build/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
build/generator
Package generator contains the code to generate Build from BuildConfig as well as REST support to help expose the generator from an API.
|
Package generator contains the code to generate Build from BuildConfig as well as REST support to help expose the generator from an API. |
build/metrics/prometheus
Package prometheus contains code for injecting build related metrics into the prometheus registry running in the openshift master
|
Package prometheus contains code for injecting build related metrics into the prometheus registry running in the openshift master |
build/util
Package util contains common functions that are used by the rest of the OpenShift build system.
|
Package util contains common functions that are used by the rest of the OpenShift build system. |
build/webhook
Package webhook contains code for managing and serving webhook services, providing post push events to trigger builds.
|
Package webhook contains code for managing and serving webhook services, providing post push events to trigger builds. |
build/webhook/bitbucket
Package bitbucket contains webhook.Plugin implementation of bitbucket webhooks according to https://confluence.atlassian.com/bitbucket/manage-webhooks-735643732.html
|
Package bitbucket contains webhook.Plugin implementation of bitbucket webhooks according to https://confluence.atlassian.com/bitbucket/manage-webhooks-735643732.html |
build/webhook/generic
Package generic contains webhook.Plugin implementation of a generic webhooks for use in testing and/or other ad/hoc usage
|
Package generic contains webhook.Plugin implementation of a generic webhooks for use in testing and/or other ad/hoc usage |
build/webhook/github
Package github contains webhook.Plugin implementation of github webhooks according to https://developer.github.com/webhooks/
|
Package github contains webhook.Plugin implementation of github webhooks according to https://developer.github.com/webhooks/ |
build/webhook/gitlab
Package gitlab contains webhook.Plugin implementation of gitlab webhooks according to https://docs.gitlab.com/ce/user/project/integrations/webhooks.html
|
Package gitlab contains webhook.Plugin implementation of gitlab webhooks according to https://docs.gitlab.com/ce/user/project/integrations/webhooks.html |
cmd/flagtypes
Package flagtypes provides types that implement the pflags.Value interface for converting command line flags to objects.
|
Package flagtypes provides types that implement the pflags.Value interface for converting command line flags to objects. |
cmd/infra/builder
Package builder contains commands for running a Source-to-Images or Docker build from within a container
|
Package builder contains commands for running a Source-to-Images or Docker build from within a container |
cmd/server/api
Package api is the internal version of the API.
|
Package api is the internal version of the API. |
cmd/server/api/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
cmd/server/api/v1/testing
Package testing contains types for tests.
|
Package testing contains types for tests. |
cmd/server/crypto/extensions
Package extensions defines cryptographic extensions for OpenShift.
|
Package extensions defines cryptographic extensions for OpenShift. |
cmd/server/election
Package election provides objects for managing the list of active masters via leases.
|
Package election provides objects for managing the list of active masters via leases. |
cmd/server/etcd
Package etcd provides objects for creating an embedded etcd server process.
|
Package etcd provides objects for creating an embedded etcd server process. |
cmd/server/kubernetes
Package kubernetes provides objects for starting the Kubernetes master and node code.
|
Package kubernetes provides objects for starting the Kubernetes master and node code. |
cmd/server/kubernetes/network/transport
Extracted from k8s.io/kubernetes/pkg/kubelet/certificate/transport.go, will be removed when openshift-sdn and the network components move out of the Kubelet.
|
Extracted from k8s.io/kubernetes/pkg/kubelet/certificate/transport.go, will be removed when openshift-sdn and the network components move out of the Kubelet. |
cmd/server/origin
Package app does all of the work necessary to create a Kubernetes APIServer by binding together the API, master and APIServer infrastructure.
|
Package app does all of the work necessary to create a Kubernetes APIServer by binding together the API, master and APIServer infrastructure. |
cmd/util
Package util provides utility functions for the cmd packages.
|
Package util provides utility functions for the cmd packages. |
controller
Package controller provides reusable support for controller implementations.
|
Package controller provides reusable support for controller implementations. |
git
Package git allows working with Git repositories
|
Package git allows working with Git repositories |
gitserver
Package gitserver provides a smart Git HTTP server that can also set and remove hooks.
|
Package gitserver provides a smart Git HTTP server that can also set and remove hooks. |
image
Package image provides support for images, image repositories, and image repository mappings, including RESTStorage implementations and registries.
|
Package image provides support for images, image repositories, and image repository mappings, including RESTStorage implementations and registries. |
image/admission/imagepolicy/api
Package api is the internal version of the API.
|
Package api is the internal version of the API. |
image/admission/imagepolicy/api/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
image/admission/imagequalify
Package imagequalify contains the OpenShift ImageQualify admission control plugin.
|
Package imagequalify contains the OpenShift ImageQualify admission control plugin. |
image/admission/imagequalify/api
Package api is the internal version of the API.
|
Package api is the internal version of the API. |
image/admission/imagequalify/api/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
image/apis/image
+groupName=image.openshift.io Package api is the internal version of the API.
|
+groupName=image.openshift.io Package api is the internal version of the API. |
image/apis/image/docker10
Package docker10 is the docker10 version of the API.
|
Package docker10 is the docker10 version of the API. |
image/apis/image/dockerpre012
Package dockerpre012 is the dockerpre012 version of the API.
|
Package dockerpre012 is the dockerpre012 version of the API. |
image/apis/image/v1
+groupName=image.openshift.io Package v1 is the v1 version of the API.
|
+groupName=image.openshift.io Package v1 is the v1 version of the API. |
image/generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
image/generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
image/generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
image/generated/internalclientset/typed/image/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
image/generated/internalclientset/typed/image/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
ingress/admission
This plugin supplements upstream Ingress admission validation It takes care of current Openshift specific constraints on Ingress resources
|
This plugin supplements upstream Ingress admission validation It takes care of current Openshift specific constraints on Ingress resources |
ingress/admission/api
Package api is the internal version of the API.
|
Package api is the internal version of the API. |
ingress/admission/api/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
network
Package network provides OpenShift-internal SDN-related APIs
|
Package network provides OpenShift-internal SDN-related APIs |
network/apis/network
+groupName=network.openshift.io Package api is the internal version of the API.
|
+groupName=network.openshift.io Package api is the internal version of the API. |
network/apis/network/v1
+groupName=network.openshift.io Package v1 is the v1 version of the API.
|
+groupName=network.openshift.io Package v1 is the v1 version of the API. |
network/common
Package common contains the OpenShift SDN code that is shared between master, node, and proxy
|
Package common contains the OpenShift SDN code that is shared between master, node, and proxy |
network/generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
network/generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
network/generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
network/generated/internalclientset/typed/network/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
network/generated/internalclientset/typed/network/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
network/master
Package master contains the OpenShift SDN code that runs on the master
|
Package master contains the OpenShift SDN code that runs on the master |
network/node
Package node contains the OpenShift SDN networking code that runs on the nodes
|
Package node contains the OpenShift SDN networking code that runs on the nodes |
network/proxy
Package proxy contains the OpenShift SDN code that runs as part of the service proxy
|
Package proxy contains the OpenShift SDN code that runs as part of the service proxy |
oauth/apis/oauth
+groupName=oauth.openshift.io Package api is the internal version of the API.
|
+groupName=oauth.openshift.io Package api is the internal version of the API. |
oauth/apis/oauth/v1
+groupName=oauth.openshift.io Package v1 is the v1 version of the API.
|
+groupName=oauth.openshift.io Package v1 is the v1 version of the API. |
oauth/apis/oauth/validation
Package validation has functions for validating the correctness of api objects and explaining what is wrong with them when they aren't valid.
|
Package validation has functions for validating the correctness of api objects and explaining what is wrong with them when they aren't valid. |
oauth/generated/clientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
oauth/generated/clientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
oauth/generated/clientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
oauth/generated/clientset/typed/oauth/v1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
oauth/generated/clientset/typed/oauth/v1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
oauth/generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
oauth/generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
oauth/generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
oauth/generated/internalclientset/typed/oauth/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
oauth/generated/internalclientset/typed/oauth/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
oauth/osintypes
osintypes holds types that are used to interpret responses from the RangelReale osin server.
|
osintypes holds types that are used to interpret responses from the RangelReale osin server. |
oauthserver
Package auth provides mechanisms for providing authorization and authentication to OpenShift
|
Package auth provides mechanisms for providing authorization and authentication to OpenShift |
oauthserver/authenticator/password/basicauthpassword
Package basicauthpassword implements authenticator.Password by making a BasicAuth call to a remote endpoint and extracting user information from a JSON response.
|
Package basicauthpassword implements authenticator.Password by making a BasicAuth call to a remote endpoint and extracting user information from a JSON response. |
oauthserver/authenticator/password/keystonepassword
Package keystone provide authentication via keystone.
|
Package keystone provide authentication via keystone. |
oauthserver/oauth/external
Package external implements an OAuth flow with an external identity provider
|
Package external implements an OAuth flow with an external identity provider |
oc/admin/diagnostics
OpenShift v3 Diagnostics
|
OpenShift v3 Diagnostics |
oc/admin/prune/imageprune
Package prune contains logic for pruning images and interoperating with the integrated Docker registry.
|
Package prune contains logic for pruning images and interoperating with the integrated Docker registry. |
oc/bootstrap/docker/exec
Package exec contains a utility to Docker exec into a running a container
|
Package exec contains a utility to Docker exec into a running a container |
oc/bootstrap/docker/host
Package host contains a utility to run commands on the Docker host by using an image in privileged mode.
|
Package host contains a utility to run commands on the Docker host by using an image in privileged mode. |
oc/bootstrap/docker/run
Package runner contains a utility to run Docker containers
|
Package runner contains a utility to run Docker containers |
oc/generate/app
Package app defines reference objects used to generate OpenShift API objects
|
Package app defines reference objects used to generate OpenShift API objects |
oc/generate/dockerfile
Package dockerfile provides utilities for finding and parsing Dockerfiles
|
Package dockerfile provides utilities for finding and parsing Dockerfiles |
oc/generate/jenkinsfile
Package jenkinsfile provides utilities for finding and parsing Jenkinsfiles
|
Package jenkinsfile provides utilities for finding and parsing Jenkinsfiles |
oc/generate/source
Package source includes detectors for STI source repositories
|
Package source includes detectors for STI source repositories |
oc/graph/appsgraph/analysis
Package analysis provides functions that analyse deployment configurations and setup markers that will be reported by oc status
|
Package analysis provides functions that analyse deployment configurations and setup markers that will be reported by oc status |
oc/graph/routegraph
Package graph contains graph utilities for routes
|
Package graph contains graph utilities for routes |
oc/graph/routegraph/analysis
Package analysis provides functions that analyse routes and setup markers that will be reported by oc status
|
Package analysis provides functions that analyse routes and setup markers that will be reported by oc status |
oc/graph/routegraph/nodes
Package nodes contains graph functions and types for routes
|
Package nodes contains graph functions and types for routes |
openapi
package openapi contains generated openapi definitions.
|
package openapi contains generated openapi definitions. |
project
Package project provides support for projects including RESTStorage implementations and registries.
|
Package project provides support for projects including RESTStorage implementations and registries. |
project/admission/lifecycle/testing
Package testing contains types for tests.
|
Package testing contains types for tests. |
project/admission/requestlimit/api
Package api is the internal version of the API.
|
Package api is the internal version of the API. |
project/admission/requestlimit/api/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
project/apis/project
+groupName=project.openshift.io Package api is the internal version of the API.
|
+groupName=project.openshift.io Package api is the internal version of the API. |
project/apis/project/v1
+groupName=project.openshift.io Package v1 is the v1 version of the API.
|
+groupName=project.openshift.io Package v1 is the v1 version of the API. |
project/auth
Package auth provides mechanisms for enforcing authorization to Project resources in OpenShift
|
Package auth provides mechanisms for enforcing authorization to Project resources in OpenShift |
project/generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
project/generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
project/generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
project/generated/internalclientset/typed/project/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
project/generated/internalclientset/typed/project/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
quota/admission/clusterresourceoverride/api
Package api is the internal version of the API.
|
Package api is the internal version of the API. |
quota/admission/clusterresourceoverride/api/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
quota/admission/runonceduration
Package runonceduration contains the RunOnceDuration admission control plugin.
|
Package runonceduration contains the RunOnceDuration admission control plugin. |
quota/admission/runonceduration/api
Package api is the internal version of the API.
|
Package api is the internal version of the API. |
quota/admission/runonceduration/api/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
quota/apis/quota
+groupName=quota.openshift.io Package api is the internal version of the API.
|
+groupName=quota.openshift.io Package api is the internal version of the API. |
quota/apis/quota/v1
+groupName=quota.openshift.io Package v1 is the v1 version of the API.
|
+groupName=quota.openshift.io Package v1 is the v1 version of the API. |
quota/generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
quota/generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
quota/generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
quota/generated/internalclientset/typed/quota/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
quota/generated/internalclientset/typed/quota/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
quota/image
Package image implements evaluators of usage for imagestreams and images.
|
Package image implements evaluators of usage for imagestreams and images. |
route
Package route provides support for managing and watching routes.
|
Package route provides support for managing and watching routes. |
route/allocation
Package allocation contains all the route allocation plugins.
|
Package allocation contains all the route allocation plugins. |
route/allocation/simple
Package simple contains the SimpleAllocation route plugin.
|
Package simple contains the SimpleAllocation route plugin. |
route/apis/route
+groupName=route.openshift.io Package api is the internal version of the API.
|
+groupName=route.openshift.io Package api is the internal version of the API. |
route/apis/route/v1
+groupName=route.openshift.io Package v1 is the v1 version of the API.
|
+groupName=route.openshift.io Package v1 is the v1 version of the API. |
route/controller
Package controller contains all the route handling controllers.
|
Package controller contains all the route handling controllers. |
route/controller/allocation
Package allocation contains all the route allocation controllers.
|
Package allocation contains all the route allocation controllers. |
route/generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
route/generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
route/generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
route/generated/internalclientset/typed/route/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
route/generated/internalclientset/typed/route/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
route/generator
Package generator implements the Generator interface for routes
|
Package generator implements the Generator interface for routes |
router
Package router contains the abstraction for router backend implementations.
|
Package router contains the abstraction for router backend implementations. |
router/controller
Package controller contains the router controller.
|
Package controller contains the router controller. |
router/controller/factory
Package factory contains code used to create the router controller.
|
Package factory contains code used to create the router controller. |
router/metrics/haproxy
Package haproxy is inspired by https://github.com/prometheus/haproxy_exporter
|
Package haproxy is inspired by https://github.com/prometheus/haproxy_exporter |
scheduler/admission/podnodeconstraints/api
Package api is the internal version of the API.
|
Package api is the internal version of the API. |
scheduler/admission/podnodeconstraints/api/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
security/apis/security
+groupName=security.openshift.io Package api is the internal version of the API.
|
+groupName=security.openshift.io Package api is the internal version of the API. |
security/apis/security/v1
+groupName=security.openshift.io Package v1 is the v1 version of the API.
|
+groupName=security.openshift.io Package v1 is the v1 version of the API. |
security/generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
security/generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
security/generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
security/generated/internalclientset/typed/security/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
security/generated/internalclientset/typed/security/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
security/registry/securitycontextconstraints
Package securitycontextconstraints provides Registry interface and its REST implementation for storing SecurityContextConstraints api objects.
|
Package securitycontextconstraints provides Registry interface and its REST implementation for storing SecurityContextConstraints api objects. |
security/securitycontextconstraints/selinux
Package selinux contains security context constraints SELinux strategy implementations.
|
Package selinux contains security context constraints SELinux strategy implementations. |
security/securitycontextconstraints/user
Package user contains security context constraints user strategy implementations.
|
Package user contains security context constraints user strategy implementations. |
template
Package template provides TemplateProcessor, capable of transforming Template objects into Config objects.
|
Package template provides TemplateProcessor, capable of transforming Template objects into Config objects. |
template/apis/template
+groupName=template.openshift.io Package api is the internal version of the API.
|
+groupName=template.openshift.io Package api is the internal version of the API. |
template/apis/template/v1
+groupName=template.openshift.io Package v1 is the v1 version of the API.
|
+groupName=template.openshift.io Package v1 is the v1 version of the API. |
template/apis/template/validation
Package validation has functions for validating the correctness of Template objects and explaining what is wrong with them when they aren't valid.
|
Package validation has functions for validating the correctness of Template objects and explaining what is wrong with them when they aren't valid. |
template/generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
template/generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
template/generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
template/generated/internalclientset/typed/template/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
template/generated/internalclientset/typed/template/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
template/generator
Package generator defines GeneratorInterface interface and implements some random value generators.
|
Package generator defines GeneratorInterface interface and implements some random value generators. |
template/generator/examples
Package examples demonstrates possible implementation of some random value generators.
|
Package examples demonstrates possible implementation of some random value generators. |
template/servicebroker/apis/config
+groupName=config.templateservicebroker.openshift.io
|
+groupName=config.templateservicebroker.openshift.io |
template/servicebroker/apis/config/v1
+groupName=config.templateservicebroker.openshift.io Package v1 is the v1 version of the API.
|
+groupName=config.templateservicebroker.openshift.io Package v1 is the v1 version of the API. |
unidling
Package unidling supports unidling scalable resources upon network traffic to associated services
|
Package unidling supports unidling scalable resources upon network traffic to associated services |
user/apis/user
+groupName=user.openshift.io Package api is the internal version of the API.
|
+groupName=user.openshift.io Package api is the internal version of the API. |
user/apis/user/v1
+groupName=user.openshift.io Package v1 is the v1 version of the API.
|
+groupName=user.openshift.io Package v1 is the v1 version of the API. |
user/generated/internalclientset
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
user/generated/internalclientset/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
user/generated/internalclientset/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
user/generated/internalclientset/typed/user/internalversion
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
user/generated/internalclientset/typed/user/internalversion/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
util
Package util implements various utility functions used in both testing and implementation of OpenShift.
|
Package util implements various utility functions used in both testing and implementation of OpenShift. |
util/docker
Package docker has utilities to work with Docker.
|
Package docker has utilities to work with Docker. |
util/docker/dockerfile
Package dockerfile has utilities that complement Docker's official Dockerfile parser.
|
Package dockerfile has utilities that complement Docker's official Dockerfile parser. |
util/errors
Package errors provides utility functions for various errors
|
Package errors provides utility functions for various errors |
util/file
Package file implements utility functions used to work with arbitrary files.
|
Package file implements utility functions used to work with arbitrary files. |
util/fsnotification
Package fsnotification provides helper functions that wrap the fsnotify filesystem notification package.
|
Package fsnotification provides helper functions that wrap the fsnotify filesystem notification package. |
util/httpproxy
Package httpproxy contains an upgrade-aware HTTP single-host reverse proxy.
|
Package httpproxy contains an upgrade-aware HTTP single-host reverse proxy. |
util/labelselector
labelselector is trim down version of k8s/pkg/labels/selector.go It only accepts exact label matches Example: "k1=v1, k2 = v2"
|
labelselector is trim down version of k8s/pkg/labels/selector.go It only accepts exact label matches Example: "k1=v1, k2 = v2" |
util/ovs
Package ovs provides a wrapper around ovs-vsctl and ovs-ofctl
|
Package ovs provides a wrapper around ovs-vsctl and ovs-ofctl |
util/testing
Package testing contains testing types.
|
Package testing contains testing types. |
version
Package version supplies version information collected at build time to OpenShift and Kubernetes components.
|
Package version supplies version information collected at build time to OpenShift and Kubernetes components. |
Package test contains cross-functional test suites for OpenShift 3.
|
Package test contains cross-functional test suites for OpenShift 3. |
extended
Package extended contains extended tests for OpenShift Origin
|
Package extended contains extended tests for OpenShift Origin |
integration
Package integration contains integration tests for OpenShift Origin.
|
Package integration contains integration tests for OpenShift Origin. |
integration/testing
Package testing contains types for tests.
|
Package testing contains types for tests. |
tools
|
|
genconversion
conversion-gen is a tool for auto-generating Conversion functions.
|
conversion-gen is a tool for auto-generating Conversion functions. |
gendeepcopy
deepcopy-gen is a tool for auto-generating DeepCopy functions.
|
deepcopy-gen is a tool for auto-generating DeepCopy functions. |
gendefaults
conversion-gen is a tool for auto-generating Conversion functions.
|
conversion-gen is a tool for auto-generating Conversion functions. |