README
¶
GCP integration
Code with GCP dependencies, allowing use of GCP auth and services from hbone without heavy dependencies.
This extracts the Istio STS implementation and code required to connect to GKE.
Documentation
¶
Index ¶
- func GKE2RestCluster(ctx context.Context, uk *hbone.HBone, token string, p string) ([]*hbone.Cluster, error)
- func GcpSecret(ctx context.Context, uk *hbone.HBone, token, p, n, v string) ([]byte, error)
- func GetCluster(ctx context.Context, uk *hbone.HBone, token, path string) (*hbone.Cluster, error)
- func Hub2RestClusters(ctx context.Context, uk *hbone.HBone, tok, p string) ([]*hbone.Cluster, error)
- func InitDefaultTokenSource(ctx context.Context, uk *hbone.HBone) error
- type Cluster
- type Clusters
- type HubCluster
- type HubClusters
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GKE2RestCluster ¶
func GKE2RestCluster(ctx context.Context, uk *hbone.HBone, token string, p string) ([]*hbone.Cluster, error)
GKE2RestCluster gets all the clusters for a project, and returns Cluster object.
func GcpSecret ¶
Get a GCP secrets - used for bootstraping the credentials and provisioning.
Example for creating a secret:
gcloud secrets create ca \ --data-file <PATH-TO-SECRET-FILE> \ --replication-policy automatic \ --project dmeshgate \ --format json \ --quiet
func GetCluster ¶
GetCluster returns a cluster config using the GKE API. Path must follow GKE API spec: /projects/P/locations/L/l
func Hub2RestClusters ¶
func InitDefaultTokenSource ¶
Init GCP auth Will init AuthProviders["gcp"].
DefaultTokenSource will: - check GOOGLE_APPLICATION_CREDENTIALS - ~/.config/gcloud/application_default_credentials.json" - use metadata
This also works for K8S, using node MDS or GKE MDS - but only if the ServiceAccount is annotated with a GSA (with permissions to use). Also specific to GKE and GCP APIs.
Types ¶
type Cluster ¶
type Cluster struct {
Name string
// nodeConfig
MasterAuth struct {
ClusterCaCertificate []byte
}
Location string
Endpoint string
ResourceLabels map[string]string
// loggingService, monitoringService
//Network string "default"
//Subnetwork string
ClusterIpv4Cidr string
ServicesIpv4Cidr string
// For regional clusters - each zone.
// For zonal - one entry, equal with location
Locations []string
// ipAllocationPolicy - clusterIpv4Cider, serviceIpv4Cider...
// masterAuthorizedNetworksConfig
// maintenancePolicy
// autoscaling
NetworkConfig struct {
// projects/NAME/global/networks/default
Network string
Subnetwork string
}
}
type Clusters ¶
type Clusters struct {
Clusters []*Cluster
}
Clusters return the list of GKE clusters.
type HubCluster ¶
type HubCluster struct {
// Full name - projects/wlhe-cr/locations/global/memberships/asm-cr
//Name string
Endpoint *struct {
GkeCluster *struct {
// //container.googleapis.com/projects/wlhe-cr/locations/us-central1-c/clusters/asm-cr
ResourceLink string
}
}
State *struct {
// READY
Code string
}
Authority struct {
Issuer string `json:"issuer"`
WorkloadIdentityPool string `json:"workloadIdentityPool"`
IdentityProvider string `json:"identityProvider"`
} `json:"authority"`
// Membership labels - different from GKE labels
Labels map[string]string
}
type HubClusters ¶
type HubClusters struct {
Resources []HubCluster
}
HubClusters return the list of clusters registered in GKE Hub.
Source Files