types

package
v0.17.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 22, 2020 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AlertManager

type AlertManager struct {
	Version  string `yaml:"version,omitempty"`
	Disabled bool   `yaml:"disabled,omitempty"`
}

type AuditConfig

type AuditConfig struct {
	PolicyFile string `yaml:"policyFile,omitempty"`
}

AuditConfig is used to specify the audit policy file. If a policy file is specified them cluster auditing is enabled. Configure additional `--audit-log-*` flags under kubernetes.apiServerExtraArgs

type Auditbeat

type Auditbeat struct {
	Disabled `yaml:",inline"`
	Kibana   *Connection `yaml:"kibana,omitempty"`
}

type Brand

type Brand struct {
	Name string `yaml:"name,omitempty"`
	URL  string `yaml:"url,omitempty"`
}

type CA

type CA struct {
	Cert       string `yaml:"cert,omitempty"`
	PrivateKey string `yaml:"privateKey,omitempty"`
	Password   string `yaml:"password,omitempty"`
}

type Calico

type Calico struct {
	Disabled  bool                    `yaml:"disabled,omitempty"`
	IPIP      calico.IPIPMode         `yaml:"ipip"`
	VxLAN     calico.VXLANMode        `yaml:"vxlan"`
	Version   string                  `yaml:"version,omitempty"`
	Log       string                  `yaml:"log,omitempty"`
	BGPPeers  []calico.BGPPeer        `yaml:"bgpPeers,omitempty"`
	BGPConfig calico.BGPConfiguration `yaml:"bgpConfig,omitempty"`
	IPPools   []calico.IPPool         `yaml:"ipPools,omitempty"`
}

type CanaryChecker added in v0.16.7

type CanaryChecker struct {
	Enabled          `yaml:",inline"`
	Version          string   `yaml:"version"`
	AggregateServers []string `yaml:"aggregateServers"`
}

Canary-checker allows for the deployment and configuration of the canary-checker

type CertManager

type CertManager struct {
	Version string `yaml:"version"`

	// Details of a vault server to use for signing ingress certificates
	Vault *VaultClient `yaml:"vault,omitempty"`
}

type Cluster

type Cluster interface {
	Clone(template VM, config *konfigadm.Config) (Machine, error)
	GetMachine(name string) (Machine, error)
	GetMachines() (map[string]Machine, error)
	GetMachinesFor(vm *VM) (map[string]Machine, error)
}

type ConfigMapReloader

type ConfigMapReloader struct {
	Version  string `yaml:"version"`
	Disabled bool   `yaml:"disabled,omitempty"`
}

type Connection

type Connection struct {
	URL      string `yaml:"url"`
	User     string `yaml:"user,omitempty"`
	Password string `yaml:"password,omitempty"`
	Port     string `yaml:"port,omitempty"`
	Scheme   string `yaml:"scheme,omitempty"`
	Verify   string `yaml:"verify,omitempty"`
}

func (Connection) GetURL

func (c Connection) GetURL() string

type Consul

type Consul struct {
	Version        string `yaml:"version"`
	Disabled       bool   `yaml:"disabled,omitempty"`
	Bucket         string `yaml:"bucket,omitempty"`
	BackupSchedule string `yaml:"backupSchedule,omitempty"`
	BackupImage    string `yaml:"backupImage,omitempty"`
}

type DB

type DB struct {
	Host     string `yaml:"host"`
	Username string `yaml:"username"`
	Password string `yaml:"password"`
	Port     int    `yaml:"port"`
}

func (DB) GetConnectionURL

func (db DB) GetConnectionURL(name string) string

type Dashboard

type Dashboard struct {
	Enabled          `yaml:",inline"`
	Version          string           `yaml:"version,omitempty"`
	AccessRestricted LdapAccessConfig `yaml:"accessRestricted,omitempty"`
}

type Dex added in v0.16.8

type Dex struct {
	Enabled `yaml:",inline"`
	Version string `yaml:"version,omitempty"`
}

type Disabled added in v0.16.2

type Disabled struct {
	Disabled bool   `yaml:"disabled"`
	Version  string `yaml:"version"`
}

func (Disabled) IsDisabled added in v0.16.2

func (d Disabled) IsDisabled() bool

type DynamicDNS

type DynamicDNS struct {
	Disabled bool `yaml:"disabled,omitempty"`
	// Set to true if you want DNS records added to k8s-api and "*" for every new
	// worker and master created.
	UpdateHosts bool `yaml:"updateHosts,omitempty"`
	// Nameserver and port for dynamic DNS updates
	Nameserver string `yaml:"nameserver,omitempty"`
	// Dynamic DNS key secret
	Key string `yaml:"key,omitempty"`
	// Dynamic DNS key name
	KeyName string `yaml:"keyName,omitempty"`
	// A Dynamic DNS signature algorithm, one of: hmac-md5, hmac-sha1, hmac-256, hmac-512
	Algorithm string `yaml:"algorithm,omitempty"`
	Zone      string `yaml:"zone,omitempty"`
	AccessKey string `yaml:"accessKey,omitempty"`
	SecretKey string `yaml:"secretKey,omitempty"`
	// Type of DNS provider. Defaults to RFC 2136 Dynamic DNS. If using "route53" you
	// must specify accessKey, secretKey and zone
	Type string `yaml:"type,omitempty"`
}

func (DynamicDNS) IsEnabled added in v0.16.3

func (dns DynamicDNS) IsEnabled() bool

type ECK

type ECK struct {
	Disabled bool   `yaml:"disabled,omitempty"`
	Version  string `yaml:"version"`
}

type Elasticsearch

type Elasticsearch struct {
	Version     string       `yaml:"version"`
	Mem         *Memory      `yaml:"mem,omitempty"`
	Replicas    int          `yaml:"replicas,omitempty"`
	Persistence *Persistence `yaml:"persistence,omitempty"`
	Disabled    bool         `yaml:"disabled,omitempty"`
}

type Enabled

type Enabled struct {
	Disabled bool `yaml:"disabled"`
}

type EncryptionConfig

type EncryptionConfig struct {
	EncryptionProviderConfigFile string `yaml:"encryptionProviderConfigFile,omitempty"`
}

Specifies Cluster Encryption Provider Config, primarily by specifying the Encryption Provider Config File supplied to the cluster API Server.

type EventRouter

type EventRouter struct {
	Disabled       `yaml:",inline"`
	FilebeatPrefix string `yaml:"filebeatPrefix"`
}

type Filebeat

type Filebeat struct {
	Enabled       `yaml:",inline"`
	Version       string      `yaml:"version"`
	Name          string      `yaml:"name"`
	Index         string      `yaml:"index"`
	Prefix        string      `yaml:"prefix"`
	Elasticsearch *Connection `yaml:"elasticsearch,omitempty"`
	Logstash      *Connection `yaml:"logstash,omitempty"`
}

type FluentdOperator

type FluentdOperator struct {
	Disabled             bool       `yaml:"disabled,omitempty"`
	Version              string     `yaml:"version"`
	Elasticsearch        Connection `yaml:"elasticsearch,omitempty"`
	DisableDefaultConfig bool       `yaml:"disableDefaultConfig"`
}

type GitOps

type GitOps struct {
	// The name of the gitops deployment, defaults to namespace name
	Name string `yaml:"name,omitempty"`

	// Do not scan container image registries to fill in the registry cache, implies `--git-read-only` (default: true)
	DisableScanning *bool `yaml:"disableScanning,omitempty"`

	// The namespace to deploy the GitOps operator into, if empty then it will be deployed cluster-wide into kube-system
	Namespace string `yaml:"namespace,omitempty"`

	// The URL to git repository to clone
	GitURL string `yaml:"gitUrl"`

	// The git branch to use (default: `master`)
	GitBranch string `yaml:"gitBranch,omitempty"`

	// The path with in the git repository to look for YAML in (default: `.`)
	GitPath string `yaml:"gitPath,omitempty"`

	// The frequency with which to fetch the git repository (default: `5m0s`)
	GitPollInterval string `yaml:"gitPollInterval,omitempty"`

	// The frequency with which to sync the manifests in the repository to the cluster (default: `5m0s`)
	SyncInterval string `yaml:"syncInterval,omitempty"`

	// The Kubernetes secret to use for cloning, if it does not exist it will be generated (default: `flux-$name-git-deploy`)
	GitKey string `yaml:"gitKey,omitempty"`

	// The contents of the known_hosts file to mount into Flux and helm-operator
	KnownHosts string `yaml:"knownHosts,omitempty"`

	// The contents of the ~/.ssh/config file to mount into Flux and helm-operator
	SSHConfig string `yaml:"sshConfig,omitempty"`

	// The version to use for flux (default: 1.9.0 )
	FluxVersion string `yaml:"fluxVersion,omitempty"`

	// a map of args to pass to flux without -- prepended. See [fluxd](https://docs.fluxcd.io/en/1.19.0/references/daemon/) for a full list
	Args map[string]string `yaml:"args,omitempty"`
}

type Grafana

type Grafana struct {
	Version  string `yaml:"version,omitempty"`
	Disabled bool   `yaml:"disabled,omitempty"`
}

type Harbor

type Harbor struct {
	Disabled        bool   `yaml:"disabled,omitempty"`
	Version         string `yaml:"version,omitempty"`
	RegistryPVC     string `yaml:"registryPVC,omitempty"`
	ChartPVC        string `yaml:"chartPVC,omitempty"`
	ChartVersion    string `yaml:"chartVersion,omitempty"`
	AdminPassword   string `yaml:"-"`
	ClairVersion    string `yaml:"clairVersion"`
	RegistryVersion string `yaml:"registryVersion"`
	// Logging level for various components, valid options are `info`,`warn`,`debug` (default: `warn`)
	LogLevel string                   `yaml:"logLevel,omitempty"`
	DB       *DB                      `yaml:"db,omitempty"`
	URL      string                   `yaml:"url,omitempty"`
	Projects map[string]HarborProject `yaml:"projects,omitempty"`
	Settings *HarborSettings          `yaml:"settings,omitempty"`
	Replicas int                      `yaml:"replicas,omitempty"`
	// S3 bucket for the docker registry to use
	Bucket string `yaml:"bucket"`
}

type HarborProject

type HarborProject struct {
	Name  string            `yaml:"name,omitempty"`
	Roles map[string]string `yaml:"roles,omitempty"`
}

type HarborSettings

type HarborSettings struct {
	AuthMode                     string `json:"auth_mode,omitempty" yaml:"auth_mode,omitempty"`
	EmailFrom                    string `json:"email_from,omitempty" yaml:"email_from,omitempty"`
	EmailHost                    string `json:"email_host,omitempty" yaml:"email_host,omitempty"`
	EmailIdentity                string `json:"email_identity,omitempty" yaml:"email_identity,omitempty"`
	EmailPassword                string `json:"email_password,omitempty" yaml:"email_password,omitempty"`
	EmailInsecure                string `json:"email_insecure,omitempty" yaml:"email_insecure,omitempty"`
	EmailPort                    string `json:"email_port,omitempty" yaml:"email_port,omitempty"`
	EmailSsl                     *bool  `json:"email_ssl,omitempty" yaml:"email_ssl,omitempty"`
	EmailUsername                string `json:"email_username,omitempty" yaml:"email_username,omitempty"`
	LdapURL                      string `json:"ldap_url,omitempty" yaml:"ldap_url,omitempty"`
	LdapBaseDN                   string `json:"ldap_base_dn,omitempty" yaml:"ldap_base_dn,omitempty"`
	LdapFilter                   string `json:"ldap_filter,omitempty" yaml:"ldap_filter,omitempty"`
	LdapScope                    string `json:"ldap_scope,omitempty" yaml:"ldap_scope,omitempty"`
	LdapSearchDN                 string `json:"ldap_search_dn,omitempty" yaml:"ldap_search_dn,omitempty"`
	LdapSearchPassword           string `json:"ldap_search_password,omitempty" yaml:"ldap_search_password,omitempty"`
	LdapTimeout                  string `json:"ldap_timeout,omitempty" yaml:"ldap_timeout,omitempty"`
	LdapUID                      string `json:"ldap_uid,omitempty" yaml:"ldap_uid,omitempty"`
	LdapVerifyCert               *bool  `json:"ldap_verify_cert,omitempty" yaml:"ldap_verify_cert,omitempty"`
	LdapGroupAdminDN             string `json:"ldap_group_admin_dn,omitempty" yaml:"ldap_group_admin_dn,omitempty"`
	LdapGroupAttributeName       string `json:"ldap_group_attribute_name,omitempty" yaml:"ldap_group_attribute_name,omitempty"`
	LdapGroupBaseDN              string `json:"ldap_group_base_dn,omitempty" yaml:"ldap_group_base_dn,omitempty"`
	LdapGroupSearchFilter        string `json:"ldap_group_search_filter,omitempty" yaml:"ldap_group_search_filter,omitempty"`
	LdapGroupSearchScope         string `json:"ldap_group_search_scope,omitempty" yaml:"ldap_group_search_scope,omitempty"`
	LdapGroupMembershipAttribute string `json:"ldap_group_membership_attribute,omitempty" yaml:"ldap_group_membership_attribute,omitempty"`
	ProjectCreationRestriction   string `json:"project_creation_restriction,omitempty" yaml:"project_creation_restriction,omitempty"`
	ReadOnly                     string `json:"read_only,omitempty" yaml:"read_only,omitempty"`
	SelfRegistration             *bool  `json:"self_registration,omitempty" yaml:"self_registration,omitempty"`
	TokenExpiration              int    `json:"token_expiration,omitempty" yaml:"token_expiration,omitempty"`
	OidcName                     string `json:"oidc_name,omitempty" yaml:"oidc_name,omitempty"`
	OidcEndpoint                 string `json:"oidc_endpoint,omitempty" yaml:"oidc_endpoint,omitempty"`
	OidcClientID                 string `json:"oidc_client_id,omitempty" yaml:"oidc_client_id,omitempty"`
	OidcClientSecret             string `json:"oidc_client_secret,omitempty" yaml:"oidc_client_secret,omitempty"`
	OidcScope                    string `json:"oidc_scope,omitempty" yaml:"oidc_scope,omitempty"`
	OidcVerifyCert               string `json:"oidc_verify_cert,omitempty" yaml:"oidc_verify_cert,omitempty"`
	RobotTokenDuration           int    `json:"robot_token_duration,omitempty" yaml:"robot_token_duration,omitempty"`
}

type Journalbeat

type Journalbeat struct {
	Disabled `yaml:",inline"`
	Kibana   *Connection `yaml:"kibana,omitempty"`
}

type Karma added in v0.16.5

type Karma struct {
	Version       string            `yaml:"version,omitempty"`
	AlertManagers map[string]string `yaml:"alertManagers"`
}

Configuration for Karma(https://github.com/prymitive/karma/releases) Alert Dashboard

type Kind added in v0.17.9

type Kind struct {
	PortMappings map[int32]int32 `yaml:"portMappings,omitempty"`
}

type Kiosk added in v0.17.8

type Kiosk struct {
	Disabled `yaml:",inline"`
}

type KubeResourceReport added in v0.17.7

type KubeResourceReport struct {
	// Disable kube-resource-report
	Disabled bool `yaml:"disabled,omitempty"`
	// Specify version to use (see [releases](https://github.com/hjacobs/kube-resource-report/releases))
	Version string `yaml:"version,omitempty"`
	// update interval in minutes
	UpdateInterval int `yaml:"updateInterval,omitempty"`
	// add a fixed extra cost per cluster
	AdditionalClusterCost float32 `yaml:"additionalClusterCost,omitempty"`
}

Configuration for KubeResourceReport(https://github.com/hjacobs/kube-resource-report)

type KubeWebView added in v0.17.4

type KubeWebView struct {
	Disabled       bool   `yaml:"disabled,omitempty"`
	Version        string `yaml:"version,omitempty"`
	LogsEnabled    bool   `yaml:"viewLogs,omitempty"`
	SecretsEnabled bool   `yaml:"viewSecrets,omitempty"`
}

Configuration for KubeWebView(https://github.com/hjacobs/kube-web-view) resource viewer

type Kubernetes

type Kubernetes struct {
	Version string `yaml:"version"`
	// Configure additional kubelet [flags](https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/)
	KubeletExtraArgs map[string]string `yaml:"kubeletExtraArgs,omitempty"`
	// Configure additional kube-controller-manager [flags](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/)
	ControllerExtraArgs map[string]string `yaml:"controllerExtraArgs,omitempty"`
	// Configure additional kube-scheduler [flags](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-scheduler/)
	SchedulerExtraArgs map[string]string `yaml:"schedulerExtraArgs,omitempty"`
	// Configure additional kube-apiserver [flags](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/)
	APIServerExtraArgs map[string]string `yaml:"apiServerExtraArgs,omitempty"`
	// Configure additional etcd [flags](https://github.com/etcd-io/etcd/blob/master/Documentation/op-guide/configuration.md)
	EtcdExtraArgs map[string]string `yaml:"etcdExtraArgs,omitempty"`
	MasterIP      string            `yaml:"masterIP,omitempty"`
	// Configure Kubernetes auditing
	AuditConfig AuditConfig `yaml:"auditing,omitempty"`
	// EncryptionConfig is used to specify the encryption configuration file.
	EncryptionConfig EncryptionConfig `yaml:"encryption,omitempty"`
	// Configure container runtime: docker/containerd
	ContainerRuntime string `yaml:"containerRuntime"`
}

func (*Kubernetes) UnmarshalYAML

func (c *Kubernetes) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML is used to customize the YAML unmarshalling of Kubernetes objects. It makes sure that if a audit policy is specified that a default audit-log-path will be supplied.

type Ldap

type Ldap struct {
	Disabled bool   `yaml:"disabled,omitempty"`
	Host     string `yaml:"host,omitempty"`
	Port     string `yaml:"port,omitempty"`
	Username string `yaml:"username,omitempty"`
	Password string `yaml:"password,omitempty"`
	Domain   string `yaml:"domain,omitempty"`
	// Members of this group will become cluster-admins
	AdminGroup string `yaml:"adminGroup,omitempty"`
	UserDN     string `yaml:"userDN,omitempty"`
	GroupDN    string `yaml:"groupDN,omitempty"`
	// GroupObjectClass is used for searching user groups in LDAP. Default is `group` for Active Directory and `groupOfNames` for Apache DS
	GroupObjectClass string `yaml:"groupObjectClass,omitempty"`
	// GroupNameAttr is the attribute used for returning group name in OAuth tokens. Default is `name` in ActiveDirectory and `DN` in Apache DS
	GroupNameAttr string  `yaml:"groupNameAttr,omitempty"`
	E2E           LdapE2E `yaml:"e2e,omitempty"`
}

func (Ldap) GetConnectionURL

func (ldap Ldap) GetConnectionURL() string

type LdapAccessConfig

type LdapAccessConfig struct {
	Enabled bool     `yaml:"enabled,omitempty"`
	Groups  []string `yaml:"groups,omitempty"`
	Snippet string   `yaml:"snippet,omitempty"`
}

type LdapE2E

type LdapE2E struct {
	// Ff true, deploy a mock LDAP server for testing
	Mock bool `yaml:"mock,omitempty"`
	// Username to be used for OIDC integration tests
	Username string `yaml:"username,omitempty"`
	// Password to be used for or OIDC integration tests
	Password string `yaml:"password,omitempty"`
}

type Machine

type Machine interface {
	TagInterface
	String() string
	WaitForPoweredOff() error
	GetIP(timeout time.Duration) (string, error)
	WaitForIP() (string, error)
	SetAttributes(attributes map[string]string) error
	GetAttributes() (map[string]string, error)
	Shutdown() error
	PowerOff() error
	Terminate() error
	Name() string
	GetAge() time.Duration
	GetTemplate() string
	IP() string
}

Machine represents a running instance of a VM

type Memory

type Memory struct {
	Requests string `yaml:"requests,omitempty"`
	Limits   string `yaml:"limits,omitempty"`
}

type Monitoring

type Monitoring struct {
	Disabled           bool          `yaml:"disabled,omitempty"`
	AlertEmail         string        `yaml:"alert_email,omitempty"`
	Version            string        `yaml:"version,omitempty" json:"version,omitempty"`
	Prometheus         Prometheus    `yaml:"prometheus,omitempty" json:"prometheus,omitempty"`
	Karma              Karma         `yaml:"karma,omitempty"`
	Grafana            Grafana       `yaml:"grafana,omitempty" json:"grafana,omitempty"`
	AlertManager       AlertManager  `yaml:"alertmanager,omitempty"`
	KubeStateMetrics   string        `yaml:"kubeStateMetrics,omitempty"`
	KubeRbacProxy      string        `yaml:"kubeRbacProxy,omitempty"`
	NodeExporter       string        `yaml:"nodeExporter,omitempty"`
	AddonResizer       string        `yaml:"addonResizer,omitempty"`
	PrometheusOperator string        `yaml:"prometheus_operator,omitempty"`
	E2E                MonitoringE2E `yaml:"e2e,omitempty"`
}

type MonitoringE2E

type MonitoringE2E struct {
	// MinAlertLevel is the minimum alert level for which E2E tests should fail. can be
	// can be one of critical, warning, info
	MinAlertLevel string `yaml:"minAlertLevel,omitempty"`
}

type NFS

type NFS struct {
	Host string `yaml:"host,omitempty"`
	Path string `yaml:"path,omitempty"`
}

type NSX

type NSX struct {
	LoadBalancerIPPool string `yaml:"loadbalancer_ip_pool,omitempty"`
	Tier0              string `yaml:"tier0,omitempty"`
	Disabled           bool   `structs:"-" yaml:"disabled"`
	Image              string `structs:"-" yaml:""`
	Version            string `structs:"-" yaml:"version"`
	// If set to true, the logging level will be set to DEBUG instead of the
	// default INFO level.
	Debug *bool `structs:"debug,omitempty" yaml:"debug,omitempty"`
	// If set to true, log output to standard error.
	UseStderr *bool `structs:"use_stderr,omitempty" yaml:"use_stderr,omitempty"`

	// If set to true, use syslog for logging.
	UseSyslog *bool `structs:"use_syslog,omitempty" yaml:"use_syslog,omitempty"`

	// The base directory used for relative log_file paths.
	LogDir string `structs:"log_dir,omitempty" yaml:"log_dir,omitempty"`

	// Name of log file to send logging output to.
	LogFile string `structs:"log_file,omitempty" yaml:"log_file,omitempty"`

	// max MB for each compressed file. Defaults to 100 MB.
	//log_rotation_file_max_mb = 100
	LogRotationFileMaxMb *int `structs:"log_rotation_file_max_mb,omitempty" yaml:"log_rotation_file_max_mb,omitempty"`

	// Total number of compressed backup files to store. Defaults to 5.
	LogRotationBackupCount *int `structs:"log_rotation_backup_count,omitempty" yaml:"log_rotation_backup_count,omitempty"`

	// Specify the directory where nsx-python-logging is installed
	NsxPythonLoggingPath string `structs:"nsx_python_logging_path,omitempty" yaml:"nsx_python_logging_path,omitempty"`

	// Specify the directory where nsx-cli is installed
	NsxCliPath string `structs:"nsx_cli_path,omitempty" yaml:"nsx_cli_path,omitempty"`

	NsxV3 *NsxV3 `structs:"nsx_v3,omitempty" yaml:"nsx_v3,omitempty"`

	NsxHA *NsxHA `structs:"ha,omitempty" yaml:"nsx_ha,omitempty"`

	NsxCOE *NsxCOE `structs:"coe,omitempty" yaml:"coe,omitempty"`

	NsxK8s *NsxK8s `structs:"k8s" yaml:"nsx_k8s,omitempty"`

	NsxNodeAgent *NsxNodeAgent `structs:"nsx_node_agent" yaml:"nsx_node_agent,omitempty"`
}

type Nginx

type Nginx struct {
	Disabled bool `yaml:"disabled"`
	// The version of the nginx controller to deploy (default: `0.25.1.flanksource.1`)
	Version string `yaml:"version"`
	// Disable access logs
	DisableAccessLog bool `yaml:"disableAccessLog,omitempty"`
	// Size of request body buffer (default: `16M`)
	RequestBodyBuffer string `yaml:"requestBodyBuffer,omitempty"`
	// Max size of request body (default: `32M`)
	RequestBodyMax string `yaml:"requestBodyMax,omitempty"`
}

Configures the Nginx Ingress Controller, the controller Docker image is forked from upstream to include more LUA packages for OAuth. <br> To configure global settings not available below, override the <b>ingress-nginx/nginx-configuration</b> configmap with settings from [here](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/)

type NodeLocalDNS

type NodeLocalDNS struct {
	Disabled  bool   `yaml:"disabled,omitempty"`
	DNSServer string `yaml:"dnsServer,omitempty"`
	LocalDNS  string `yaml:"localDNS,omitempty"`
	DNSDomain string `yaml:"dnsDomain,omitempty"`
}

type NsxCOE

type NsxCOE struct {

	// Container orchestrator adaptor to plug in.
	Adaptor string `structs:"adaptor,omitempty" yaml:"adaptor,omitempty"`

	// Specify cluster for adaptor.
	Cluster string `structs:"cluster,omitempty" yaml:"cluster,omitempty"`

	// Log level for NCP operations
	// Choices: NOTSET DEBUG INFO WARNING ERROR CRITICAL
	Loglevel string `structs:"loglevel,omitempty" yaml:"loglevel,omitempty"`

	// Log level for NSX API client operations
	// Choices: NOTSET DEBUG INFO WARNING ERROR CRITICAL
	NsxlibLoglevel string `structs:"nsxlib_loglevel,omitempty" yaml:"nsxlib_loglevel,omitempty"`

	// Enable SNAT for all projects in this cluster
	EnableSnat *bool `structs:"enable_snat,omitempty" yaml:"enable_snat,omitempty"`

	// Option to enable profiling
	Profiling *bool `structs:"profiling,omitempty" yaml:"profiling,omitempty"`

	// The type of container host node
	// Choices: HOSTVM BAREMETAL CLOUD WCP_WORKER
	NodeType string `structs:"node_type,omitempty" yaml:"node_type,omitempty"`

	// The time in seconds for NCP/nsx_node_agent to recover the connection to
	// NSX manager/container orchestrator adaptor/Hyperbus before exiting. If
	// the value is 0, NCP/nsx_node_agent wont exit automatically when the
	// connection check fails
	ConnectRetryTimeout *int `structs:"connect_retry_timeout,omitempty" yaml:"connect_retry_timeout,omitempty"`
}

type NsxHA

type NsxHA struct {

	// Time duration in seconds of mastership timeout. NCP instance will remain
	// master for this duration after elected. Note that the heartbeat period
	// plus the update timeout must not be greater than this period. This is
	// done to ensure that the master instance will either confirm liveness or
	// fail before the timeout.
	MasterTimeout *int `structs:"master_timeout,omitempty"`

	// Time in seconds between heartbeats for elected leader. Once an NCP
	// instance is elected master, it will periodically confirm liveness based
	// on this value.
	HeartbeatPeriod *int `structs:"heartbeat_period,omitempty"`

	// Timeout duration in seconds for update to election resource. The default
	// value is calculated by subtracting heartbeat period from master timeout.
	// If the update request does not complete before the timeout it will be
	// aborted. Used for master heartbeats to ensure that the update fstructs:shes or
	// is aborted before the master timeout occurs.
	UpdateTimeout *int `structs:"update_timeout,omitempty"`
}

type NsxK8s

type NsxK8s struct {
	// Kubernetes API server IP address.
	ApiserverHostIP string `structs:"apiserver_host_ip,omitempty" yaml:"apiserver_host_ip,omitempty"`

	// Kubernetes API server port.
	ApiserverHostPort string `structs:"apiserver_host_port,omitempty" yaml:"apiserver_host_port,omitempty"`

	// Full path of the Token file to use for authenticating with the k8s API
	// server.
	ClientTokenFile string `structs:"client_token_file,omitempty" yaml:"client_token_file,omitempty"`

	// Full path of the client certificate file to use for authenticating with
	// the k8s API server. It must be specified together with
	// "client_private_key_file".
	ClientCertFile string `structs:"client_cert_file,omitempty" yaml:"client_cert_file,omitempty"`

	ClientPrivateKeyFile string `structs:"client_private_key_file,omitempty" yaml:"client_private_key_file,omitempty"`

	// Specify a CA bundle file to use in verifying the k8s API server
	// certificate.
	CaFile string `structs:"ca_file,omitempty" yaml:"ca_file,omitempty"`

	// Specify whether ingress controllers are expected to be deployed in
	// hostnework mode or as regular pods externally accessed via NAT
	// Choices: hostnetwork nat
	IngressMode string `structs:"ingress_mode,omitempty" yaml:"ingress_mode,omitempty"`

	// Log level for the kubernetes adaptor
	// Choices: NOTSET DEBUG INFO WARNING ERROR CRITICAL
	Loglevel string `structs:"loglevel,omitempty" yaml:"loglevel,omitempty"`

	HTTPIngressPort *int `structs:"http_ingress_port,omitempty" yaml:"http_ingress_port,omitempty"`

	// The default HTTPS ingress port
	HTTPSIngressPort *int `structs:"https_ingress_port,omitempty" yaml:"https_ingress_port,omitempty"`

	// Specify thread pool size to process resource events
	ResourceWatcherThreadPoolSize *int `structs:"resource_watcher_thread_pool_size,omitempty" yaml:"resource_watcher_thread_pool_size,omitempty"`

	// User specified IP address for HTTP and HTTPS ingresses
	// nolint: golint, stylecheck
	HttpAndHttpsIngressIp string `structs:"http_and_https_ingress_ip,omitempty" yaml:"http_and_https_ingress_ip,omitempty"`

	// Set this to True to enable NCP to create segment port for VM through
	// NsxNetworkInterface CRD.
	EnableNsxNetifCrd *bool `structs:"enable_nsx_netif_crd,omitempty" yaml:"enable_nsx_netif_crd,omitempty"`

	// Option to set the type of baseline cluster policy. ALLOW_CLUSTER creates
	// an explicit baseline policy to allow any pod to communicate any other pod
	// within the cluster. ALLOW_NAMESPACE creates an explicit baseline policy
	// to allow pods within the same namespace to communicate with each other.
	// By default, no baseline rule will be created and the cluster will assume
	// the default behavior as specified by the backend.
	// Choices: <None> allow_cluster allow_namespace
	BaselinePolicyType string `structs:"baseline_policy_type,omitempty" yaml:"baseline_policy_type,omitempty"`
}

type NsxNodeAgent

type NsxNodeAgent struct {

	// The log level of NSX RPC library
	// Choices: NOTSET DEBUG INFO WARNING ERROR CRITICAL
	LogLevel string `structs:"nsxrpc_loglevel,omitempty" yaml:"log_level,omitempty"`

	// OVS bridge name
	OvsBridge string `structs:"ovs_bridge,omitempty" yaml:"ovs_bridge,omitempty"`

	// The OVS uplink OpenFlow port where to apply the NAT rules to.
	OvsUplinkPort string `structs:"ovs_uplink_port,omit_empty" yaml:"ovs_uplink_port,omitempty"`

	// The time in seconds for nsx_node_agent to wait CIF config from HyperBus
	// before returning to CNI
	ConfigRetryTimeout *int `structs:"config_retry_timeout,omitempty" yaml:"config_retry_timeout,omitempty"`

	// The time in seconds for nsx_node_agent to backoff before re-using an
	// existing cached CIF to serve CNI request. Must be less than config_retry_timeout.
	ConfigReuseBackoffTime *int `structs:"config_reuse_backoff_time,omitempty" yaml:"config_reuse_backoff_time,omitempty"`
}

type NsxV3

type NsxV3 struct {
	NsxAPIUser   string `structs:"nsx_api_user,omitempty" yaml:"nsx_api_user,omitempty"`
	NsxAPIPass   string `structs:"nsx_api_password,omitempty" yaml:"nsx_api_password,omitempty"`
	PolicyNSXAPI *bool  `structs:"policy_nsxapi" yaml:"policy_nsxapi,omitempty"`
	// Path to NSX client certificate file. If specified, the nsx_api_user and
	// nsx_api_password options will be ignored. Must be specified along with
	// nsx_api_private_key_file option
	NsxAPICertFile string `structs:"nsx_api_cert_file,omitempty" yaml:"nsx_api_cert_file,omitempty"`

	// Path to NSX client private key file. If specified, the nsx_api_user and
	// nsx_api_password options will be ignored. Must be specified along with
	// nsx_api_cert_file option
	NsxAPIPrivateKeyFile string `structs:"nsx_api_private_key_file,omitempty" yaml:"nsx_api_private_key_file,omitempty"`

	// IP address of one or more NSX managers separated by commas. The IP
	// address should be of the form:
	// [<scheme>://]<ip_adress>[:<port>]
	// If
	// scheme is not provided https is used. If port is not provided port 80 is
	// used for http and port 443 for https.
	NsxAPIManagers []string `structs:"nsx_api_managers,omitempty" yaml:"nsx_api_managers,omitempty"`

	// If True, skip fatal errors when no endpoint in the NSX management cluster
	// is available to serve a request, and retry the request instead
	ClusterUnavailableRetry *bool `structs:"cluster_unavailable_retry,omitempty" yaml:"cluster_unavailable_retry,omitempty"`

	// Maximum number of times to retry API requests upon stale revision errors.
	Retries *int `structs:"retries,omitempty" yaml:"retries,omitempty"`

	// Specify one or a list of CA bundle files to use in verifying the NSX
	// Manager server certificate. This option is ignored if "insecure" is set
	// to True. If "insecure" is set to False and ca_file is unset, the system
	// root CAs will be used to verify the server certificate.
	CaFile []string `structs:"ca_file,omitempty" yaml:"ca_file,omitempty"`

	// If true, the NSX Manager server certificate is not verified. If false the
	// CA bundle specified via "ca_file" will be used or if unset the default
	// system root CAs will be used.
	Insecure *bool `structs:"insecure,omitempty" yaml:"insecure,omitempty"`

	// The time in seconds before aborting a HTTP connection to a NSX manager.
	HTTPTimeout *int `structs:"http_timeout,omitempty" yaml:"http_timeout,omitempty"`

	// The time in seconds before aborting a HTTP read response from a NSX
	// manager.
	HTTPReadTimeout *int `structs:"http_read_timeout,omitempty" yaml:"http_read_timeout,omitempty"`

	// Maximum number of times to retry a HTTP connection.
	HTTPRetries *int `structs:"http_retries,omitempty" yaml:"http_retries,omitempty"`

	// Maximum concurrent connections to each NSX manager.
	ConcurrentConnections *int `structs:"concurrent_connections,omitempty" yaml:"concurrent_connections,omitempty"`

	// The amount of time in seconds to wait before ensuring connectivity to the
	// NSX manager if no manager connection has been used.
	ConnIdltTimeout *int `structs:"conn_idlt_timeout,omitempty" yaml:"conn_idlt_timeout,omitempty"`

	// Number of times a HTTP redirect should be followed.
	Redirects *int `structs:"redirects,omitempty" yaml:"redirects,omitempty"`

	// Subnet prefix of IP block.
	SubnetPrefix *int `structs:"subnet_prefix,omitempty" yaml:"subnet_prefix,omitempty"`

	// Indicates whether distributed firewall DENY rules are logged.
	LogDroppedTraffic *bool `structs:"log_dropped_traffic,omitempty" yaml:"log_dropped_traffic,omitempty"`

	// Option to use native load balancer or not
	UseNativeLoadbalancer *bool `structs:"use_native_loadbalancer,omitempty" yaml:"use_native_loadbalancer,omitempty"`

	// Option to auto scale layer 4 load balancer or not. If set to True, NCP
	// will create additional LB when necessary upon K8s Service of type LB
	// creation/update.
	L4LBAutoScaling *bool `structs:"l_4_lb_auto_scaling,omitempty" yaml:"l_4_lb_auto_scaling,omitempty"`

	// Option to use native load balancer or not when ingress class annotation
	// is missing. Only effective if use_native_loadbalancer is set to true
	DefaultIngressClassNsx *bool `structs:"default_ingress_class_nsx,omitempty" yaml:"default_ingress_class_nsx,omitempty"`

	// Path to the default certificate file for HTTPS load balancing. Must be
	// specified along with lb_priv_key_path option
	LBDefaultCertPath string `structs:"lb_default_cert_path,omitempty" yaml:"lb_default_cert_path,omitempty"`

	// Path to the private key file for default certificate for HTTPS load
	// balancing. Must be specified along with lb_default_cert_path option
	LBPrivKeyPath string `structs:"lb_priv_key_path,omitempty" yaml:"lb_priv_key_path,omitempty"`

	// Option to set load balancing algorithm in load balancer pool object.
	// Choices: ROUND_ROBIN LEAST_CONNECTION IP_HASH WEIGHTED_ROUND_ROBIN
	PoolAlgorithm string `structs:"pool_algorithm,omitempty" yaml:"pool_algorithm,omitempty"`

	// Option to set load balancer service size. MEDIUM Edge VM (4 vCPU, 8GB)
	// only supports SMALL LB. LARGE Edge VM (8 vCPU, 16GB) only supports MEDIUM
	// and SMALL LB. Bare Metal Edge (IvyBridge, 2 socket, 128GB) supports
	// LARGE, MEDIUM and SMALL LB
	// Choices: SMALL MEDIUM LARGE
	ServiceSize string `structs:"service_size,omitempty" yaml:"service_size,omitempty"`

	// Option to set load balancer persistence option. If cookie is selected,
	// cookie persistence will be offered.If source_ip is selected, source IP
	// persistence will be offered for ingress traffic through L7 load balancer
	// Choices: <None> cookie source_ip
	L7Persistence string `structs:"l7_persistence,omitempty" yaml:"l7_persistence,omitempty"`

	// An integer for LoadBalancer side timeout value in seconds on layer 7
	// persistence profile, if the profile exists.
	L7PersistenceTimeout *int `structs:"l7_persistence_timeout,omitempty" yaml:"l7_persistence_timeout,omitempty"`

	// Option to set load balancer persistence option. If source_ip is selected,
	// source IP persistence will be offered for ingress traffic through L4 load
	// balancer
	L4Persistence string `structs:"l4_persistence,omitempty" yaml:"l4_persistence,omitempty"`

	// The interval to check VIF for node. It is a workaroud for bug 2006790.
	// Old orphan LSP may not be removed on MP, so NCP will retrieve parent VIF
	// back once in a while. NCP will use the last created LSP from the list
	VIFCheckInterval *int `structs:"vif_check_interval,omitempty" yaml:"vif_check_interval,omitempty"`

	// Name or UUID of the container ip blocks that will be used for creating
	// subnets. If name, it must be unique. If policy_nsxapi is enabled, it also
	// support automatically creating the IP blocks. The definition is a comma
	// separated list: CIDR,CIDR,... Mixing different formats (e.g. UUID,CIDR)
	// is not supported.
	ContainerIPBlocks []string `structs:"container_ip_blocks,omitempty" yaml:"container_ip_blocks,omitempty"`

	// Name or UUID of the container ip blocks that will be used for creating
	// subnets for no-SNAT projects. If specified, no-SNAT projects will use
	// these ip blocks ONLY. Otherwise they will use container_ip_blocks
	NoSNATIPBlocks []string `structs:"no_snat_ip_blocks,omitempty" yaml:"no_snat_ip_blocks,omitempty"`

	// Name or UUID of the external ip pools that will be used for allocating IP
	// addresses which will be used for translating container IPs via SNAT
	// rules. If policy_nsxapi is enabled, it also support automatically
	// creating the ip pools. The definition is a comma separated list:
	// CIDR,IP_1-IP_2,... Mixing different formats (e.g. UUID, CIDR&IP_Range) is
	// not supported.
	ExternalIPPools []string `structs:"external_ip_pools,omitempty" yaml:"external_ip_pools,omitempty"`

	// Name or UUID of the top-tier router for the container cluster network,
	// which could be either tier0 or tier1. When policy_nsxapi is enabled,
	// single_tier_topology is True and tier0_gateway is defined,
	// top_tier_router value can be empty and a tier1 gateway is automatically
	// created for the cluster
	TopTierRouter string `structs:"top_tier_router,omitempty" yaml:"top_tier_router,omitempty"`

	// Name or UUID of the external ip pools that will be used only for
	// allocating IP addresses for Ingress controller and LB service
	ExternalIPPoolsLB []string `structs:"external_ip_pools_lb,omitempty" yaml:"external_ip_pools_lb,omitempty"`

	// Name or UUID of the NSX overlay transport zone that will be used for
	// creating logical switches for container networking. It must refer to an
	// already existing resource on NSX and every transport node where VMs
	// hosting containers are deployed must be enabled on this transport zone
	OverlayTZ string `structs:"overlay_tz,omitempty" yaml:"overlay_tz,omitempty"`

	// Enable X_forward_for for ingress. Available values are INSERT or REPLACE.
	// When this config is set, if x_forwarded_for is missing, LB will add
	// x_forwarded_for in the request header with value client ip. When
	// x_forwarded_for is present and its set to REPLACE, LB will replace
	// x_forwarded_for in the header to client_ip. When x_forwarded_for is
	// present and its set to INSERT, LB will append client_ip to
	// x_forwarded_for in the header. If not wanting to use x_forwarded_for,
	// remove this config
	// Choices: <None> INSERT REPLACE
	XForwardedFor string `structs:"x_forwarded_for,omitempty" yaml:"x_forwarded_for,omitempty"`

	// Name or UUID of the spoof guard switching profile that will be used by
	// NCP for leader election
	ElectionProfile string `structs:"election_profile,omitempty" yaml:"election_profile,omitempty"`

	// Name or UUID of the firewall section that will be used to create firewall
	// sections below this mark section
	TopFirewallSectionMarker string `structs:"top_firewall_section_marker,omitempty" yaml:"top_firewall_section_marker,omitempty"`

	// Name or UUID of the firewall section that will be used to create firewall
	// sections above this mark section
	BottomFirewallSectionMarker string `structs:"bottom_firewall_section_marker,omitempty" yaml:"bottom_firewall_section_marker,omitempty"`

	// Replication mode of container logical switch, set SOURCE for cloud as it
	// only supports head replication mode
	// Choices: MTEP SOURCE
	LSReplicationMode string `structs:"ls_replication_mode,omitempty" yaml:"ls_replication_mode,omitempty"`

	// Allocate vlan ID for container interface or not. Set it to False for
	// cloud mode.
	AllocVlanTag string `structs:"alloc_vlan_tag,omitempty" yaml:"alloc_vlan_tag,omitempty"`

	// The resource which NCP will search tag 'node_name' on, to get parent VIF
	// or transport node uuid for container LSP API context field. For HOSTVM
	// mode, it will search tag on LSP. For BM mode, it will search tag on LSP
	// then search TN. For CLOUD mode, it will search tag on VM. For WCP_WORKER
	// mode, it will search TN by hostname.
	// Choices: tag_on_lsp tag_on_tn tag_on_vm hostname_on_tn
	//search_node_tag_on = tag_on_lsp
	SearchNodeTagOn string `structs:"search_node_tag_on,omitempty" yaml:"search_node_tag_on,omitempty"`

	// Determines which kind of information to be used as VIF app_id. Defaults
	// to pod_resource_key. In WCP mode, pod_uid is used.
	// Choices: pod_resource_key pod_uid
	VifAppIDType string `structs:"vif_app_id_type,omitempty" yaml:"vif_app_id_type,omitempty"`

	// SNAT IP to secondary IPs mapping. In the cloud case, SNAT rules are
	// created using the PCG public or link local IPs, local IPs which will be
	// translated to PCG secondary IPs for on-prem traffic. The secondary IPs
	// might be used by admstructs:strator to configure on-prem firewall or other
	// physical network services.
	SnatSecondaryIps []string `structs:"snat_secondary_ips,omitempty" yaml:"snat_secondary_ips,omitempty"`

	// If this value is not empty, NCP will append it to nameserver list
	DNSServers []string `structs:"dns_servers,omitempty" yaml:"dns_servers,omitempty"`

	// Set this to True to enable NCP to report errors through NSXError CRD.
	EnableNsxErrCrd *bool `structs:"enable_nsx_err_crd,omitempty" yaml:"enable_nsx_err_crd,omitempty"`

	// Maximum number of virtual servers allowed to create in cluster for
	// LoadBalancer type of services.
	MaxAllowedVirtualServers *int `structs:"max_allowed_virtual_servers,omitempty" yaml:"max_allowed_virtual_servers,omitempty"`

	// Edge cluster ID needed when creating Tier1 router for loadbalancer
	// service. Information could be retrieved from Tier0 router
	EdgeCluster string `structs:"edge_cluster,omitempty" yaml:"edge_cluster,omitempty"`
}

type NullMachine

type NullMachine struct {
	Hostname string
}

func (NullMachine) GetAge

func (n NullMachine) GetAge() time.Duration

func (NullMachine) GetAttributes

func (n NullMachine) GetAttributes() (map[string]string, error)

func (NullMachine) GetIP

func (n NullMachine) GetIP(timeout time.Duration) (string, error)

func (NullMachine) GetTags

func (n NullMachine) GetTags() map[string]string

func (NullMachine) GetTemplate

func (n NullMachine) GetTemplate() string

func (NullMachine) IP

func (n NullMachine) IP() string

func (NullMachine) Name

func (n NullMachine) Name() string

func (NullMachine) PowerOff

func (n NullMachine) PowerOff() error

func (NullMachine) SetAttributes

func (n NullMachine) SetAttributes(attributes map[string]string) error

func (NullMachine) Shutdown

func (n NullMachine) Shutdown() error

func (NullMachine) String

func (n NullMachine) String() string

func (NullMachine) Terminate

func (n NullMachine) Terminate() error

func (NullMachine) WaitForIP

func (n NullMachine) WaitForIP() (string, error)

func (NullMachine) WaitForPoweredOff

func (n NullMachine) WaitForPoweredOff() error

type OAuth2Proxy

type OAuth2Proxy struct {
	Disabled     bool   `yaml:"disabled"`
	CookieSecret string `yaml:"cookieSecret,omitempty"`
	Version      string `yaml:"version,omitempty"`
	OidcGroup    string `yaml:"oidcGroup,omitempty"`
}

type OPA

type OPA struct {
	Disabled          bool   `yaml:"disabled,omitempty"`
	KubeMgmtVersion   string `yaml:"kubeMgmtVersion,omitempty"`
	Version           string `yaml:"version,omitempty"`
	BundleURL         string `yaml:"bundleUrl,omitempty"`
	BundlePrefix      string `yaml:"bundlePrefix,omitempty"`
	BundleServiceName string `yaml:"bundleServiceName,omitempty"`
	LogFormat         string `yaml:"logFormat,omitempty"`
	SetDecisionLogs   bool   `yaml:"setDecisionLogs,omitempty"`
	// Policies is a path to directory containing .rego policy files
	Policies string `yaml:"policies,omitempty"`
	// Log level for opa server, one of: `debug`,`info`,`error` (default: `error`)
	LogLevel string `yaml:"logLevel,omitempty"`
	E2E      OPAE2E `yaml:"e2e,omitempty"`
}

type OPAE2E

type OPAE2E struct {
	Fixtures string `yaml:"fixtures,omitempty"`
}

type Packetbeat

type Packetbeat struct {
	Disabled      `yaml:",inline"`
	Elasticsearch *Connection `yaml:"elasticsearch,omitempty"`
	Kibana        *Connection `yaml:"kibana,omitempty"`
}

type Persistence

type Persistence struct {
	// Enable persistence for Prometheus
	Enabled bool `yaml:"enabled"`
	// Storage class to use. If not set default one will be used
	StorageClass string `yaml:"storageClass,omitempty"`
	// Capacity. Required if persistence is enabled
	Capacity string `yaml:"capacity,omitempty"`
}

type PlatformConfig

type PlatformConfig struct {
	Brand         Brand          `yaml:"brand,omitempty"`
	Version       string         `yaml:"version"`
	Velero        *Velero        `yaml:"velero,omitempty"`
	CA            *CA            `yaml:"ca"`
	CanaryChecker *CanaryChecker `yaml:"canaryChecker,omitempty"`
	Calico        Calico         `yaml:"calico,omitempty"`
	CertManager   CertManager    `yaml:"certmanager,omitempty"`
	// The endpoint for an externally hosted consul cluster
	// that is used for master discovery
	Consul         string     `yaml:"consul"`
	Dashboard      Dashboard  `yaml:"dashboard,omitempty"`
	Dex            Dex        `yaml:"dex,omitempty"`
	Datacenter     string     `yaml:"datacenter"`
	DNS            DynamicDNS `yaml:"dns,omitempty"`
	DockerRegistry string     `yaml:"dockerRegistry,omitempty"`
	// The wildcard domain that cluster will be available at
	Domain      string      `yaml:"domain"`
	EventRouter EventRouter `yaml:"eventrouter,omitempty"`
	Harbor      *Harbor     `yaml:"harbor,omitempty"`
	// A prefix to be added to VM hostnames.
	HostPrefix            string              `yaml:"hostPrefix"`
	ImportConfigs         []string            `yaml:"importConfigs,omitempty"`
	IngressCA             *CA                 `yaml:"ingressCA"`
	GitOps                []GitOps            `yaml:"gitops,omitempty"`
	Kind                  Kind                `yaml:"kind,omitempty"`
	Kiosk                 Kiosk               `yaml:"kiosk,omitempty"`
	KubeWebView           *KubeWebView        `yaml:"kubeWebView,omitempty"`
	KubeResourceReport    *KubeResourceReport `yaml:"kubeResourceReport,omitempty"`
	Kubernetes            Kubernetes          `yaml:"kubernetes"`
	Ldap                  *Ldap               `yaml:"ldap,omitempty"`
	LocalPath             *Enabled            `yaml:"localPath,omitempty"`
	Master                VM                  `yaml:"master,omitempty"`
	Monitoring            *Monitoring         `yaml:"monitoring,omitempty"`
	Name                  string              `yaml:"name"`
	NamespaceConfigurator *Enabled            `yaml:"namespaceConfigurator,omitempty"`
	NFS                   *NFS                `yaml:"nfs,omitempty"`
	Nodes                 map[string]VM       `yaml:"workers,omitempty"`
	NodeLocalDNS          NodeLocalDNS        `yaml:"nodeLocalDNS,omitempty"`
	NSX                   *NSX                `yaml:"nsx,omitempty"`
	OAuth2Proxy           *OAuth2Proxy        `yaml:"oauth2Proxy,omitempty"`
	OPA                   *OPA                `yaml:"opa,omitempty"`
	PostgresOperator      *PostgresOperator   `yaml:"postgresOperator,omitempty"`
	PodSubnet             string              `yaml:"podSubnet"`
	Policies              []string            `yaml:"policies,omitempty"`
	// A list of strategic merge patches that will be applied to all resources created
	Patches             []string             `yaml:"patches,omitempty"`
	Quack               *Enabled             `yaml:"quack,omitempty"`
	RegistryCredentials *RegistryCredentials `yaml:"registryCredentials,omitempty"`
	Resources           map[string]string    `yaml:"resources,omitempty"`
	S3                  S3                   `yaml:"s3,omitempty"`
	S3UploadCleaner     *S3UploadCleaner     `yaml:"s3uploadCleaner,omitempty"`
	SealedSecrets       *SealedSecrets       `yaml:"sealedSecrets,omitempty"`
	ServiceSubnet       string               `yaml:"serviceSubnet"`
	SMTP                SMTP                 `yaml:"smtp,omitempty"`
	Specs               []string             `yaml:"specs,omitempty"`
	TrustedCA           string               `yaml:"trustedCA,omitempty"`
	Versions            map[string]string    `yaml:"versions,omitempty"`
	PlatformOperator    *PlatformOperator    `yaml:"platformOperator,omitempty"`
	Nginx               *Nginx               `yaml:"nginx,omitempty"`
	Minio               *Enabled             `yaml:"minio,omitempty"`
	FluentdOperator     *FluentdOperator     `yaml:"fluentd,omitempty"`
	ECK                 *ECK                 `yaml:"eck,omitempty"`
	Thanos              *Thanos              `yaml:"thanos,omitempty"`
	Filebeat            []Filebeat           `yaml:"filebeat,omitempty"`
	Journalbeat         Journalbeat          `yaml:"journalbeat,omitempty"`
	Auditbeat           Auditbeat            `yaml:"auditbeat,omitempty"`
	Packetbeat          Packetbeat           `yaml:"packetbeat,omitempty"`
	Vault               *Vault               `yaml:"vault,omitempty"`
	ConfigMapReloader   ConfigMapReloader    `yaml:"configmapReloader,omitempty"`
	Elasticsearch       *Elasticsearch       `yaml:"elasticsearch,omitempty"`
	Tekton              Tekton               `yaml:"tekton,omitempty"`
	Vsphere             *Vsphere             `yaml:"vsphere,omitempty"`
	Test                Test                 `yaml:"test,omitempty"`
	// If true, terminate operations will return an error. Used to
	// protect stateful clusters
	TerminationProtection bool   `yaml:"terminationProtection,omitempty"`
	BootstrapToken        string `yaml:"-"`
	DryRun                bool   `yaml:"-"`
	Trace                 bool   `yaml:"-"`
	JoinEndpoint          string `yaml:"-"`
	Source                string `yaml:"-"`
	ControlPlaneEndpoint  string `yaml:"-"`
	// E2E is true if end to end tests are being run
	E2E bool `yaml:"-"`
}

func DefaultPlatformConfig

func DefaultPlatformConfig() PlatformConfig

func (PlatformConfig) GetImagePath

func (p PlatformConfig) GetImagePath(image string) string

func (PlatformConfig) GetVMCount

func (p PlatformConfig) GetVMCount() int

func (*PlatformConfig) String

func (p *PlatformConfig) String() string

type PlatformOperator

type PlatformOperator struct {
	Disabled                  bool     `yaml:"disabled,omitempty"`
	Version                   string   `yaml:"version"`
	WhitelistedPodAnnotations []string `yaml:"whitelistedPodAnnotations"`
}

type PostgresOperator

type PostgresOperator struct {
	Disabled       bool   `yaml:"disabled,omitempty"`
	Version        string `yaml:"version"`
	DBVersion      string `yaml:"dbVersion,omitempty"`
	BackupBucket   string `yaml:"backupBucket,omitempty"`
	BackupSchedule string `yaml:"backupSchedule,omitempty"`
	SpiloImage     string `yaml:"spiloImage,omitempty"`
	BackupImage    string `yaml:"backupImage,omitempty"`
}

type Prometheus

type Prometheus struct {
	Version     string      `yaml:"version,omitempty"`
	Disabled    bool        `yaml:"disabled,omitempty"`
	Persistence Persistence `yaml:"persistence,omitempty"`
}

type RegistryCredentials

type RegistryCredentials struct {
	Disabled              bool                   `yaml:"disabled,omitempty"`
	Version               string                 `yaml:"version,omitempty"`
	Namespace             string                 `yaml:"namespace,omitempty"`
	Aws                   RegistryCredentialsECR `yaml:"aws,omitempty"`
	DockerPrivateRegistry RegistryCredentialsDPR `yaml:"dockerRegistry,omitempty"`
	GCR                   RegistryCredentialsGCR `yaml:"gcr,omitempty"`
	ACR                   RegistryCredentialsACR `yaml:"azure,omitempty"`
}

type RegistryCredentialsACR

type RegistryCredentialsACR struct {
	Enabled  bool   `yaml:"enabled,omitempty"`
	URL      string `yaml:"string,omitempty"`
	ClientID string `yaml:"clientId,omitempty"`
	Password string `yaml:"password,omitempty"`
}

type RegistryCredentialsDPR

type RegistryCredentialsDPR struct {
	Enabled  bool   `yaml:"enabled,omitempty"`
	Server   string `yaml:"server,omitempty"`
	Username string `yaml:"username,omitempty"`
	Password string `yaml:"password,omitempty"`
}

type RegistryCredentialsECR

type RegistryCredentialsECR struct {
	Enabled      bool   `yaml:"enabled,omitempty"`
	AccessKey    string `yaml:"accessKey,omitempty"`
	SecretKey    string `yaml:"secretKey,omitempty"`
	SessionToken string `yaml:"secretToken,omitempty"`
	Account      string `yaml:"account,omitempty"`
	Region       string `yaml:"region,omitempty"`
	AssumeRole   string `yaml:"assumeRole,omitempty"`
}

type RegistryCredentialsGCR

type RegistryCredentialsGCR struct {
	Enabled                bool   `yaml:"enabled,omitempty"`
	URL                    string `yaml:"url,omitempty"`
	ApplicationCredentials string `yaml:"applicationCredentials,omitempty"`
}

type S3

type S3 struct {
	AccessKey string `yaml:"access_key,omitempty"`
	SecretKey string `yaml:"secret_key,omitempty"`
	Bucket    string `yaml:"bucket,omitempty"`
	Region    string `yaml:"region,omitempty"`
	// The endpoint at which the S3-like object storage will be available from inside the cluster
	// e.g. if minio is deployed inside the cluster, specify: `http://minio.minio.svc:9000`
	Endpoint string `yaml:"endpoint,omitempty"`
	// The endpoint at which S3 is accessible outside the cluster,
	// When deploying locally on kind specify: *minio.127.0.0.1.nip.io*
	ExternalEndpoint string `yaml:"externalEndpoint,omitempty"`
	// Whether to enable the *s3* storage class that creates persistent volumes FUSE mounted to
	// S3 buckets
	CSIVolumes bool `yaml:"csiVolumes,omitempty"`
	// Provide a KMS Master Key
	KMSMasterKey string `yaml:"kmsMasterKey,omitempty"`
	// UsePathStyle http://s3host/bucket instead of http://bucket.s3host
	UsePathStyle bool `yaml:"usePathStyle"`
	// Skip TLS verify when connecting to S3
	SkipTLSVerify bool  `yaml:"skipTLSVerify"`
	E2E           S3E2E `yaml:"e2e,omitempty"`
}

func (S3) GetExternalEndpoint

func (s3 S3) GetExternalEndpoint() string

type S3E2E

type S3E2E struct {
	Minio bool `yaml:"minio,omitempty"`
}

type S3UploadCleaner added in v0.16.2

type S3UploadCleaner struct {
	Enabled  `yaml:",inline"`
	Version  string `yaml:"version"`
	Endpoint string `yaml:"endpoint"`
	Bucket   string `yaml:"bucket"`
	Schedule string `yaml:"schedule"`
}

type SMTP

type SMTP struct {
	Server   string `yaml:"server,omitempty"`
	Username string `yaml:"username,omitempty"`
	Password string `yaml:"password,omitempty"`
	Port     int    `yaml:"port,omitempty"`
	From     string `yaml:"from,omitempty"`
}

type SealedSecrets

type SealedSecrets struct {
	Enabled     `yaml:",inline"`
	Version     string `yaml:"version,omitempty"`
	Certificate *CA    `yaml:"certificate,omitempty"`
}

type TagInterface

type TagInterface interface {
	GetTags() map[string]string
}

type Tekton

type Tekton struct {
	Version          string            `yaml:"version,omitempty"`
	DashboardVersion string            `yaml:"dashboardVersion,omitempty"`
	EventsVersion    string            `yaml:"eventsVersion,omitempty"`
	Disabled         bool              `yaml:"disabled,omitempty"`
	Persistence      Persistence       `yaml:"persistence,omitempty"`
	FeatureFlags     map[string]string `yaml:"featureFlags,omitempty"`
}

type Test added in v0.16.3

type Test struct {
	// A list of tests to exclude from testings
	Exclude []string `yaml:"exclude,omitempty"`
}

type Thanos

type Thanos struct {
	Disabled bool   `yaml:"disabled"`
	Version  string `yaml:"version"`
	// Must be either `client` or `obeservability`.
	Mode string `yaml:"mode,omitempty"`
	// Bucket to store metrics. Must be the same across all environments
	Bucket string `yaml:"bucket,omitempty"`
	// Only for observability mode. List of client sidecars in `<hostname>:<port>“ format
	ClientSidecars []string `yaml:"clientSidecars,omitempty"`
	// Only for observability mode. Disable compactor singleton if there are multiple observability clusters
	EnableCompactor bool      `yaml:"enableCompactor,omitempty"`
	E2E             ThanosE2E `yaml:"e2e,omitempty"`
}

type ThanosE2E

type ThanosE2E struct {
	Server string `yaml:"server,omitempty"`
}

type VM

type VM struct {
	Name   string `yaml:"name,omitempty"`
	Prefix string `yaml:"prefix,omitempty"`
	// Number of VM's to provision
	Count        int      `yaml:"count"`
	Template     string   `yaml:"template"`
	Cluster      string   `yaml:"cluster,omitempty"`
	Folder       string   `yaml:"folder,omitempty"`
	Datastore    string   `yaml:"datastore,omitempty"`
	ResourcePool string   `yaml:"resourcePool,omitempty"`
	CPUs         int32    `yaml:"cpu"`
	MemoryGB     int64    `yaml:"memory"`
	Network      []string `yaml:"networks,omitempty"`
	// Size in GB of the VM root volume
	DiskGB int `yaml:"disk"`
	// Tags to be applied to the VM
	Tags     map[string]string `yaml:"tags,omitempty"`
	Commands []string          `yaml:"commands,omitempty"`
	// A path to a konfigadm specification used for configuring the VM on creation.
	KonfigadmFile string            `yaml:"konfigadm,omitempty"`
	IP            string            `yaml:"-"`
	Konfigadm     *konfigadm.Config `yaml:"-"`
}

VM captures the specifications of a virtual machine

func (VM) GetTags

func (vm VM) GetTags() map[string]string

type Vault

type Vault struct {
	Version string `yaml:"version"`
	// A VAULT_TOKEN to use when authenticating with Vault
	Token string `yaml:"token,omitempty"`
	// A map of PKI secret roles to create/update See [pki](https://www.vaultproject.io/api-docs/secret/pki/#createupdate-role)
	Roles         map[string]map[string]interface{} `yaml:"roles,omitempty"`
	Policies      map[string]VaultPolicy            `yaml:"policies,omitempty"`
	GroupMappings map[string][]string               `yaml:"groupMappings,omitempty"`
	// ExtraConfig is an escape hatch that allows writing to arbritrary vault paths
	ExtraConfig map[string]map[string]interface{} `yaml:"config,omitempty"`
	Disabled    bool                              `yaml:"disabled,omitempty"`
	AccessKey   string                            `yaml:"accessKey,omitempty"`
	SecretKey   string                            `yaml:"secretKey,omitempty"`
	// The AWS KMS ARN Id to use to unseal vault
	KmsKeyID string `yaml:"kmsKeyId,omitempty"`
	Region   string `yaml:"region,omitempty"`
	Consul   Consul `yaml:"consul,omitempty"`
}

type VaultClient

type VaultClient struct {
	// The address of a remote Vault server to use for signinig
	Address string `yaml:"address"`

	// The path to the PKI Role to use for signing ingress certificates e.g. /pki/role/ingress-ca
	Path string `yaml:"path"`

	// A VAULT_TOKEN to use when authenticating with Vault
	Token string `yaml:"token"`
}

type VaultPolicy

type VaultPolicy map[string]VaultPolicyPath

func (VaultPolicy) String

func (vaultPolicy VaultPolicy) String() string

type VaultPolicyPath

type VaultPolicyPath struct {
	Capabilities      []string            `yaml:"capabilities,omitempty"`
	DeniedParameters  map[string][]string `yaml:"denied_parameters,omitempty"`
	AllowedParameters map[string][]string `yaml:"allowed_parameters,omitempty"`
}

type Velero

type Velero struct {
	Disabled bool              `yaml:"disabled,omitempty"`
	Version  string            `yaml:"version"`
	Schedule string            `yaml:"schedule,omitempty"`
	Bucket   string            `yaml:"bucket,omitempty"`
	Volumes  bool              `yaml:"volumes"`
	Config   map[string]string `yaml:"config,omitempty"`
}

type Versions

type Versions struct {
	Kubernetes       string            `yaml:"kubernetes,omitempty"`
	ContainerRuntime string            `yaml:"containerRuntime,omitempty"`
	Dependencies     map[string]string `yaml:"dependencies,omitempty"`
}

type Vsphere

type Vsphere struct {
	// GOVC_USER
	Username string `yaml:"username,omitempty"`
	// GOVC_PASS
	Password string `yaml:"password,omitempty"`
	// GOVC_DATACENTER
	Datacenter string `yaml:"datacenter,omitempty"`
	// e.g. ds:///vmfs/volumes/vsan:<id>/
	DatastoreURL string `yaml:"datastoreUrl,omitempty"`
	// GOVC_DATASTORE
	Datastore string `yaml:"datastore,omitempty"`
	// GOVC_NETWORK
	Network string `yaml:"network,omitempty"`
	// Cluster for VM placement via DRS (GOVC_CLUSTER)
	Cluster string `yaml:"cluster,omitempty"`
	// GOVC_RESOURCE_POOL
	ResourcePool string `yaml:"resourcePool,omitempty"`
	//  Inventory folder (GOVC_FOLDER)
	Folder string `yaml:"folder,omitempty"`
	// GOVC_FQDN
	Hostname string `yaml:"hostname,omitempty"`
	// Version of the vSphere CSI Driver
	CSIVersion string `yaml:"csiVersion,omitempty"`
	// Version of the vSphere External Cloud Provider
	CPIVersion string `yaml:"cpiVersion,omitempty"`
	// Skip verification of server certificate
	SkipVerify bool `yaml:"verify"`
}

func (Vsphere) GetSecret

func (v Vsphere) GetSecret() map[string][]byte

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL