Documentation
¶
Overview ¶
Package resources contains Kubernetes configs and policies for Constellation.
Index ¶
Constants ¶
const ( // KonnectivityCertificateFilename is the path to the kubelets certificate. KonnectivityCertificateFilename = "/etc/kubernetes/konnectivity.crt" // KonnectivityKeyFilename is the path to the kubelets private key. KonnectivityKeyFilename = "/etc/kubernetes/konnectivity.key" )
Variables ¶
This section is empty.
Functions ¶
func GetKonnectivityCertificateRequest ¶
GetKonnectivityCertificateRequest returns a certificate request and matching private key for the konnectivity server.
Types ¶
type AuditPolicy ¶
AuditPolicy defines rulesets for what should be logged in the kube-apiserver audit log. reference: https://kubernetes.io/docs/tasks/debug/debug-cluster/audit/ .
func NewDefaultAuditPolicy ¶
func NewDefaultAuditPolicy() *AuditPolicy
NewDefaultAuditPolicy create a new default Constellation audit policty.
func (*AuditPolicy) Marshal ¶
func (p *AuditPolicy) Marshal() ([]byte, error)
Marshal marshals the audit policy as a YAML document.
type EgressSelectorConfiguration ¶
type EgressSelectorConfiguration struct {
EgressSelectorConfiguration apiserver.EgressSelectorConfiguration
}
EgressSelectorConfiguration deployment.
func NewEgressSelectorConfiguration ¶
func NewEgressSelectorConfiguration() *EgressSelectorConfiguration
NewEgressSelectorConfiguration creates a new EgressSelectorConfiguration.
func (*EgressSelectorConfiguration) Marshal ¶
func (v *EgressSelectorConfiguration) Marshal() ([]byte, error)
Marshal to Kubernetes YAML.
type KonnectivityServerStaticPod ¶
KonnectivityServerStaticPod deployment.
func NewKonnectivityServerStaticPod ¶
func NewKonnectivityServerStaticPod() *KonnectivityServerStaticPod
NewKonnectivityServerStaticPod create a new KonnectivityServerStaticPod.
func (*KonnectivityServerStaticPod) Marshal ¶
func (v *KonnectivityServerStaticPod) Marshal() ([]byte, error)
Marshal to Kubernetes YAML.
Source Files