asyncstorage

package
v0.29.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 24, 2024 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var NotReadyError = errors.New("async storage component is not ready")

Functions

func ExtractSSHKeyPairFromSecret

func ExtractSSHKeyPairFromSecret(secret *corev1.Secret) (public, private []byte, err error)

func GetAsyncSidecar

func GetAsyncSidecar(devworkspaceID, sshVolumeName string, volumes []corev1.Volume) *corev1.Container

GetAsyncSidecar gets the definition for the async storage sidecar. Within this sidecar, all provided volumes are mounted to `/volume.Name`, and the sshVolume is mounted to /etc/ssh/private as read-only.

Note: in the current implementation, the image used for the async sidecar only syncs from ${CHE_PROJECTS_ROOT}

func GetOrCreateSSHConfig

func GetOrCreateSSHConfig(workspace *common.DevWorkspaceWithConfig, clusterAPI sync.ClusterAPI) (*corev1.Secret, *corev1.ConfigMap, error)

GetOrCreateSSHConfig returns the secret and configmap used for the asynchronous deployment. The Secret is generated per-workspace and should be mounted to the asynchronous storage sync sidecar. The ConfigMap is per-namespace and stores authorized_keys for each workspace that is expected to use asynchronous storage; it should be mounted in the asynchronous storage sync deployment.

If the k8s objects do not exist, an SSH keypair is generated and a secret and configmap are created on the cluster. This function works on two streams:

  1. If the async storage SSH secret for the given workspace does not exist on the cluster, an SSH keypair are generated, a Secret is synced to the cluster and the corresponding authorized key is added to the ConfigMap
  2. If the async storage SSH secret exists, its content is read, and the ConfigMap is verified to contain the corresponding public key in authorized_keys.

In both cases, if the ConfigMap does not exist, it is created.

Returns NotReadyError if changes were made to the cluster.

func GetSSHKeyPair

func GetSSHKeyPair() (public, private []byte, err error)

GetSSHKeyPair returns a pair of SSH keys. The public key is formatted for inclusion in an ssh authorized_keys file, and the private key is pem-formatted.

func GetSSHSidecarSecretName

func GetSSHSidecarSecretName(workspaceId string) string

func GetVolumeFromSecret

func GetVolumeFromSecret(secret *corev1.Secret) *corev1.Volume

func GetWorkspaceSyncDeploymentCluster

func GetWorkspaceSyncDeploymentCluster(namespace string, clusterAPI sync.ClusterAPI) (*appsv1.Deployment, error)

func RemoveAuthorizedKeyFromConfigMap added in v0.12.0

func RemoveAuthorizedKeyFromConfigMap(workspace *common.DevWorkspaceWithConfig, api sync.ClusterAPI) (retry bool, err error)

RemoveAuthorizedKeyFromConfigMap removes the ssh key used by a given workspace from the common async storage authorized keys configmap.

func SyncWorkspaceSyncDeploymentToCluster

func SyncWorkspaceSyncDeploymentToCluster(workspace *common.DevWorkspaceWithConfig, sshConfigMap *corev1.ConfigMap, pvcName string, clusterAPI sync.ClusterAPI) (*appsv1.Deployment, error)

func SyncWorkspaceSyncServiceToCluster

func SyncWorkspaceSyncServiceToCluster(asyncDeploy *appsv1.Deployment, api sync.ClusterAPI) (*corev1.Service, error)

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL