v1beta1

package
v0.1.0-rc4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 20, 2021 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Overview

Package v1beta1 contains API Schema definitions for the capsule v1beta1 API group +kubebuilder:object:generate=true +groupName=capsule.clastix.io

Index

Constants

View Source 
const (
	NodesProxy          ProxyServiceKind = "Nodes"
	StorageClassesProxy ProxyServiceKind = "StorageClasses"
	IngressClassesProxy ProxyServiceKind = "IngressClasses"

	ListOperation   ProxyOperation = "List"
	UpdateOperation ProxyOperation = "Update"
	DeleteOperation ProxyOperation = "Delete"

	UserOwner           OwnerKind = "User"
	GroupOwner          OwnerKind = "Group"
	ServiceAccountOwner OwnerKind = "ServiceAccount"
)
View Source 
const (
	AvailableIngressClassesAnnotation       = "capsule.clastix.io/ingress-classes"
	AvailableIngressClassesRegexpAnnotation = "capsule.clastix.io/ingress-classes-regexp"
	AvailableStorageClassesAnnotation       = "capsule.clastix.io/storage-classes"
	AvailableStorageClassesRegexpAnnotation = "capsule.clastix.io/storage-classes-regexp"
	AllowedRegistriesAnnotation             = "capsule.clastix.io/allowed-registries"
	AllowedRegistriesRegexpAnnotation       = "capsule.clastix.io/allowed-registries-regexp"
)
View Source 
const (
	TenantStateActive   tenantState = "active"
	TenantStateCordoned tenantState = "cordoned"
)

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: "capsule.clastix.io", Version: "v1beta1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

func GetTypeLabel 

func GetTypeLabel(t runtime.Object) (label string, err error)

func HardQuotaFor 

func HardQuotaFor(resource fmt.Stringer) string

func UsedQuotaFor 

func UsedQuotaFor(resource fmt.Stringer) string

Types

type AdditionalMetadataSpec 

type AdditionalMetadataSpec struct {
	AdditionalLabels      map[string]string `json:"additionalLabels,omitempty"`
	AdditionalAnnotations map[string]string `json:"additionalAnnotations,omitempty"`
}

func (*AdditionalMetadataSpec) DeepCopy 

func (in *AdditionalMetadataSpec) DeepCopy() *AdditionalMetadataSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalMetadataSpec.

func (*AdditionalMetadataSpec) DeepCopyInto 

func (in *AdditionalMetadataSpec) DeepCopyInto(out *AdditionalMetadataSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AdditionalRoleBindingsSpec 

type AdditionalRoleBindingsSpec struct {
	ClusterRoleName string `json:"clusterRoleName"`
	// kubebuilder:validation:Minimum=1
	Subjects []rbacv1.Subject `json:"subjects"`
}

func (*AdditionalRoleBindingsSpec) DeepCopy 

func (in *AdditionalRoleBindingsSpec) DeepCopy() *AdditionalRoleBindingsSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalRoleBindingsSpec.

func (*AdditionalRoleBindingsSpec) DeepCopyInto 

func (in *AdditionalRoleBindingsSpec) DeepCopyInto(out *AdditionalRoleBindingsSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AllowedIP 

type AllowedIP string

+kubebuilder:validation:Pattern="^([0-9]{1,3}.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"

type AllowedListSpec 

type AllowedListSpec struct {
	Exact []string `json:"allowed,omitempty"`
	Regex string   `json:"allowedRegex,omitempty"`
}

func (*AllowedListSpec) DeepCopy 

func (in *AllowedListSpec) DeepCopy() *AllowedListSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedListSpec.

func (*AllowedListSpec) DeepCopyInto 

func (in *AllowedListSpec) DeepCopyInto(out *AllowedListSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AllowedListSpec) ExactMatch 

func (in *AllowedListSpec) ExactMatch(value string) (ok bool)

func (AllowedListSpec) RegexMatch 

func (in AllowedListSpec) RegexMatch(value string) (ok bool)

type ByKindAndName 

type ByKindAndName OwnerListSpec

func (ByKindAndName) DeepCopy 

func (in ByKindAndName) DeepCopy() ByKindAndName

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ByKindAndName.

func (ByKindAndName) DeepCopyInto 

func (in ByKindAndName) DeepCopyInto(out *ByKindAndName)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (ByKindAndName) Len 

func (b ByKindAndName) Len() int

func (ByKindAndName) Less 

func (b ByKindAndName) Less(i, j int) bool

func (ByKindAndName) Swap 

func (b ByKindAndName) Swap(i, j int)

type ExternalServiceIPsSpec 

type ExternalServiceIPsSpec struct {
	Allowed []AllowedIP `json:"allowed"`
}

func (*ExternalServiceIPsSpec) DeepCopy 

func (in *ExternalServiceIPsSpec) DeepCopy() *ExternalServiceIPsSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalServiceIPsSpec.

func (*ExternalServiceIPsSpec) DeepCopyInto 

func (in *ExternalServiceIPsSpec) DeepCopyInto(out *ExternalServiceIPsSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ImagePullPolicySpec 

type ImagePullPolicySpec string

+kubebuilder:validation:Enum=Always;Never;IfNotPresent

func (ImagePullPolicySpec) String 

func (i ImagePullPolicySpec) String() string

type LimitRangesSpec 

type LimitRangesSpec struct {
	Items []corev1.LimitRangeSpec `json:"items,omitempty"`
}

func (*LimitRangesSpec) DeepCopy 

func (in *LimitRangesSpec) DeepCopy() *LimitRangesSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LimitRangesSpec.

func (*LimitRangesSpec) DeepCopyInto 

func (in *LimitRangesSpec) DeepCopyInto(out *LimitRangesSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NetworkPolicySpec 

type NetworkPolicySpec struct {
	Items []networkingv1.NetworkPolicySpec `json:"items,omitempty"`
}

func (*NetworkPolicySpec) DeepCopy 

func (in *NetworkPolicySpec) DeepCopy() *NetworkPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicySpec.

func (*NetworkPolicySpec) DeepCopyInto 

func (in *NetworkPolicySpec) DeepCopyInto(out *NetworkPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OwnerKind 

type OwnerKind string

+kubebuilder:validation:Enum=User;Group;ServiceAccount

func (OwnerKind) String 

func (k OwnerKind) String() string

type OwnerListSpec 

type OwnerListSpec []OwnerSpec

func (OwnerListSpec) DeepCopy 

func (in OwnerListSpec) DeepCopy() OwnerListSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OwnerListSpec.

func (OwnerListSpec) DeepCopyInto 

func (in OwnerListSpec) DeepCopyInto(out *OwnerListSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (OwnerListSpec) FindOwner 

func (o OwnerListSpec) FindOwner(name string, kind OwnerKind) (owner OwnerSpec)

type OwnerSpec 

type OwnerSpec struct {
	// Kind of tenant owner. Possible values are "User", "Group", and "ServiceAccount"
	Kind OwnerKind `json:"kind"`
	// Name of tenant owner.
	Name string `json:"name"`
	// Proxy settings for tenant owner.
	ProxyOperations []ProxySettings `json:"proxySettings,omitempty"`
}

func (*OwnerSpec) DeepCopy 

func (in *OwnerSpec) DeepCopy() *OwnerSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OwnerSpec.

func (*OwnerSpec) DeepCopyInto 

func (in *OwnerSpec) DeepCopyInto(out *OwnerSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyOperation 

type ProxyOperation string

+kubebuilder:validation:Enum=List;Update;Delete

func (ProxyOperation) String 

func (p ProxyOperation) String() string

type ProxyServiceKind 

type ProxyServiceKind string

+kubebuilder:validation:Enum=Nodes;StorageClasses;IngressClasses

func (ProxyServiceKind) String 

func (p ProxyServiceKind) String() string

type ProxySettings 

type ProxySettings struct {
	Kind       ProxyServiceKind `json:"kind"`
	Operations []ProxyOperation `json:"operations"`
}

func (*ProxySettings) DeepCopy 

func (in *ProxySettings) DeepCopy() *ProxySettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxySettings.

func (*ProxySettings) DeepCopyInto 

func (in *ProxySettings) DeepCopyInto(out *ProxySettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ResourceQuotaSpec 

type ResourceQuotaSpec struct {
	Items []corev1.ResourceQuotaSpec `json:"items,omitempty"`
}

func (*ResourceQuotaSpec) DeepCopy 

func (in *ResourceQuotaSpec) DeepCopy() *ResourceQuotaSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceQuotaSpec.

func (*ResourceQuotaSpec) DeepCopyInto 

func (in *ResourceQuotaSpec) DeepCopyInto(out *ResourceQuotaSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Tenant 

type Tenant struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   TenantSpec   `json:"spec,omitempty"`
	Status TenantStatus `json:"status,omitempty"`
}

Tenant is the Schema for the tenants API

func (*Tenant) AssignNamespaces 

func (t *Tenant) AssignNamespaces(namespaces []corev1.Namespace)

func (*Tenant) DeepCopy 

func (in *Tenant) DeepCopy() *Tenant

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Tenant.

func (*Tenant) DeepCopyInto 

func (in *Tenant) DeepCopyInto(out *Tenant)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Tenant) DeepCopyObject 

func (in *Tenant) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Tenant) GetOwnerProxySettings 

func (t *Tenant) GetOwnerProxySettings(name string, kind OwnerKind) []ProxySettings

func (*Tenant) Hub 

func (t *Tenant) Hub()

func (*Tenant) IsCordoned 

func (t *Tenant) IsCordoned() bool

func (*Tenant) IsFull 

func (t *Tenant) IsFull() bool

type TenantList 

type TenantList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Tenant `json:"items"`
}

TenantList contains a list of Tenant

func (*TenantList) DeepCopy 

func (in *TenantList) DeepCopy() *TenantList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantList.

func (*TenantList) DeepCopyInto 

func (in *TenantList) DeepCopyInto(out *TenantList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TenantList) DeepCopyObject 

func (in *TenantList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type TenantSpec 

type TenantSpec struct {
	// Specifies the owners of the Tenant. Mandatory.
	Owners OwnerListSpec `json:"owners"`

	//+kubebuilder:validation:Minimum=1
	// Specifies the maximum number of namespaces allowed for that Tenant. Once the namespace quota assigned to the Tenant has been reached, the Tenant owner cannot create further namespaces. Optional.
	NamespaceQuota *int32 `json:"namespaceQuota,omitempty"`
	// Specifies additional labels and annotations the Capsule operator places on any Namespace resource in the Tenant. Optional.
	NamespacesMetadata *AdditionalMetadataSpec `json:"namespacesMetadata,omitempty"`
	// Specifies additional labels and annotations the Capsule operator places on any Service resource in the Tenant. Optional.
	ServicesMetadata *AdditionalMetadataSpec `json:"servicesMetadata,omitempty"`
	// Specifies the allowed StorageClasses assigned to the Tenant. Capsule assures that all PersistentVolumeClaim resources created in the Tenant can use only one of the allowed StorageClasses. Optional.
	StorageClasses *AllowedListSpec `json:"storageClasses,omitempty"`
	// Specifies the allowed IngressClasses assigned to the Tenant. Capsule assures that all Ingress resources created in the Tenant can use only one of the allowed IngressClasses. Optional.
	IngressClasses *AllowedListSpec `json:"ingressClasses,omitempty"`
	// Specifies the allowed hostnames in Ingresses for the given Tenant. Capsule assures that all Ingress resources created in the Tenant can use only one of the allowed hostnames. Optional.
	IngressHostnames *AllowedListSpec `json:"ingressHostnames,omitempty"`
	// Specifies the trusted Image Registries assigned to the Tenant. Capsule assures that all Pods resources created in the Tenant can use only one of the allowed trusted registries. Optional.
	ContainerRegistries *AllowedListSpec `json:"containerRegistries,omitempty"`
	// Specifies the label to control the placement of pods on a given pool of worker nodes. All namesapces created within the Tenant will have the node selector annotation. This annotation tells the Kubernetes scheduler to place pods on the nodes having the selector label. Optional.
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`
	// Specifies the NetworkPolicies assigned to the Tenant. The assigned NetworkPolicies are inherited by any namespace created in the Tenant. Optional.
	NetworkPolicies *NetworkPolicySpec `json:"networkPolicies,omitempty"`
	// Specifies the NetworkPolicies assigned to the Tenant. The assigned NetworkPolicies are inherited by any namespace created in the Tenant. Optional.
	LimitRanges *LimitRangesSpec `json:"limitRanges,omitempty"`
	// Specifies a list of ResourceQuota resources assigned to the Tenant. The assigned values are inherited by any namespace created in the Tenant. The Capsule operator aggregates ResourceQuota at Tenant level, so that the hard quota is never crossed for the given Tenant. This permits the Tenant owner to consume resources in the Tenant regardless of the namespace. Optional.
	ResourceQuota *ResourceQuotaSpec `json:"resourceQuotas,omitempty"`
	// Specifies additional RoleBindings assigned to the Tenant. Capsule will ensure that all namespaces in the Tenant always contain the RoleBinding for the given ClusterRole. Optional.
	AdditionalRoleBindings []AdditionalRoleBindingsSpec `json:"additionalRoleBindings,omitempty"`
	// Specifies the external IPs that can be used in Services with type ClusterIP. An empty list means all the IPs are allowed. Optional.
	ExternalServiceIPs *ExternalServiceIPsSpec `json:"externalServiceIPs,omitempty"`
	// Specify the allowed values for the imagePullPolicies option in Pod resources. Capsule assures that all Pod resources created in the Tenant can use only one of the allowed policy. Optional.
	ImagePullPolicies []ImagePullPolicySpec `json:"imagePullPolicies,omitempty"`
	// Specifies the allowed IngressClasses assigned to the Tenant. Capsule assures that all Ingress resources created in the Tenant can use only one of the allowed IngressClasses. Optional.
	PriorityClasses *AllowedListSpec `json:"priorityClasses,omitempty"`

	//+kubebuilder:default=true
	// Specifies if NodePort service type resources are allowed for the Tenant. Default is true. Optional.
	EnableNodePorts *bool `json:"enableNodePorts,omitempty"`
}

TenantSpec defines the desired state of Tenant

func (*TenantSpec) DeepCopy 

func (in *TenantSpec) DeepCopy() *TenantSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantSpec.

func (*TenantSpec) DeepCopyInto 

func (in *TenantSpec) DeepCopyInto(out *TenantSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TenantStatus 

type TenantStatus struct {
	//+kubebuilder:default=active
	// The operational state of the Tenant. Possible values are "active", "cordoned".
	State tenantState `json:"state"`
	// How many namespaces are assigned to the Tenant.
	Size uint `json:"size"`
	// List of namespaces assigned to the Tenant.
	Namespaces []string `json:"namespaces,omitempty"`
}

Returns the observed state of the Tenant

func (*TenantStatus) DeepCopy 

func (in *TenantStatus) DeepCopy() *TenantStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantStatus.

func (*TenantStatus) DeepCopyInto 

func (in *TenantStatus) DeepCopyInto(out *TenantStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.