Documentation
¶
Index ¶
- func Is404(err error) bool
- func OAuth2RoundTripper(rt http.RoundTripper, creds oauth2.TokenSource) http.RoundTripper
- func RegisterTokenProvider(name string, creds oauth2.TokenSource)
- func SetK8SLogging(flags string)
- type K8S
- type K8SCluster
- func (kr *K8SCluster) Client() *kubernetes.Clientset
- func (kr *K8SCluster) ConfigFor(apiPath, version string, group string, c runtime.NegotiatedSerializer) *rest.Config
- func (k *K8SCluster) GcpInfo() (string, string, string)
- func (kr *K8SCluster) GetCM(ctx context.Context, ns string, name string) (map[string]string, error)
- func (kr *K8SCluster) GetSecret(ctx context.Context, ns string, name string) (map[string][]byte, error)
- func (k *K8SCluster) GetToken(ctx context.Context, aud string) (string, error)
- func (k *K8SCluster) GetTokenRaw(ctx context.Context, ns, ksa, aud string) (string, error)
- func (k *K8SCluster) Location() string
- func (kr *K8SCluster) RestClient(apiPath, version string, group string, c runtime.NegotiatedSerializer) (*rest.RESTClient, error)
- func (kr *K8SCluster) WithNamespace(ns, n string) *K8SCluster
- type K8SConfig
- type MDSRoundTripper
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func OAuth2RoundTripper ¶
func OAuth2RoundTripper(rt http.RoundTripper, creds oauth2.TokenSource) http.RoundTripper
Return a wrapper round tripper.
func RegisterTokenProvider ¶
func RegisterTokenProvider(name string, creds oauth2.TokenSource)
Register an oauth2 token source. This takes a dep on the oauth2 library, but client already depends on it. Alternative: set WrapTransport directly on the rest.Config.
func SetK8SLogging ¶
func SetK8SLogging(flags string)
Init klog.InitFlags from an env (to avoid messing with the CLI of the app). For example -v=9 lists full request content, -v=7 lists requests headers
Types ¶
type K8S ¶
type K8S struct {
Config *K8SConfig
// Primary config cluster - current context in config, in-cluster
// picked by config
Default *K8SCluster
// LoadKubeConfig will populate this from a kubeconfig file,
// followed optionally by GKE or other sources.
ByName map[string]*K8SCluster
}
K8S implements the common interface for a set of K8S APIservers or servers implementing K8S patterns.
func New ¶
NewK8S will initialize a K8S cluster set.
If running in cluster, the 'local' cluster will be the default. Additional clusters can be loaded from istio kubeconfig files, kubeconfig, GKE, Fleet.
func (*K8S) GetToken ¶
GetToken returns a token with the given audience for the default KSA, using CreateToken request. Used by the STS token exchanger.
func (*K8S) LoadKubeConfig ¶
LoadKubeConfig gets the default k8s client, using environment variables to decide how:
KUBECONFIG or $HOME/.kube/config will be tried first
GKE is checked - using env or metadata server to get PROJECT_ID, CLUSTER_LOCATION, CLUSTER_NAME (if not set), and construct a kube config to use.
(in future other vendor-specific methods may be added)
finally in-cluster will be checked.
error is set if KUBECONFIG is set or ~/.kube/config exists and fail to load. If the file doesn't exist, err is nil.
type K8SCluster ¶
type K8SCluster struct {
// Loaded Config.
// The URL can be extracted with rest.DefaultServerURLFor(Config)
// Http client properly configured with rest.HTTPClientFor(Config)
Config *rest.Config
// The name should be mangled - gke_PROJECT_LOCATION_NAME or connectgateway_PROJECT_NAME
// or hostname.
// Best practice: fleet name, also part of the domain suffix
// Using the VENDOR_PROJECT_REGION_NAME for all would also be nice.
Name string
// The default and loaded clusters get namespace from config.
// It is possible to clone the cluster and use a different set.
Namespace string
KSA string
// RawConfig can be a GCP res.Config
RawConfig interface{}
// contains filtered or unexported fields
}
K8SCluster represents a single K8S cluster
func (*K8SCluster) Client ¶
func (kr *K8SCluster) Client() *kubernetes.Clientset
func (*K8SCluster) ConfigFor ¶
func (kr *K8SCluster) ConfigFor(apiPath, version string, group string, c runtime.NegotiatedSerializer) *rest.Config
func (*K8SCluster) GetTokenRaw ¶
func (*K8SCluster) Location ¶
func (k *K8SCluster) Location() string
func (*K8SCluster) RestClient ¶
func (kr *K8SCluster) RestClient(apiPath, version string, group string, c runtime.NegotiatedSerializer) (*rest.RESTClient, error)
RestClient returns a K8S RESTClient for a specific resource. apiPath is typically /api or /apis version is v1, etc group is "" for core resources. Serializer defaults to scheme.Codecs.WithoutConversion()
func (*K8SCluster) WithNamespace ¶
func (kr *K8SCluster) WithNamespace(ns, n string) *K8SCluster
Return a new K8S cluster with same config and client, but different default namespace and KSA.
type K8SConfig ¶
type K8SConfig struct {
// Namespace to use by default
Namespace string
// KSA to use by default for getting tokens.
KSA string
}
K8SConfig has general config for a set of clusters.
type MDSRoundTripper ¶
type MDSRoundTripper struct {
// contains filtered or unexported fields
}
Round-tripper adding tokens from an oauth2 source - including MDS server.
Source Files