api

package
v0.76.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 19, 2023 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type APIEndpoint

type APIEndpoint struct {
	// AdvertiseAddress sets the IP address for the API server to advertise.
	AdvertiseAddress string `yaml:"advertiseAddress,omitempty"`

	// BindPort sets the secure port for the API Server to bind to.
	// Defaults to 6443.
	BindPort int32 `yaml:"bindPort,omitempty"`
}

nolint: revive

type BootstrapToken

type BootstrapToken struct {
	Groups []string `yaml:"groups"`
	Token  string   `yaml:"token"`
	TTL    string   `yaml:"ttl"`
	Usages []string `yaml:"usages"`
}

type BootstrapTokenDiscovery

type BootstrapTokenDiscovery struct {
	// Token is a token used to validate cluster information
	// fetched from the control-plane.
	Token string `json:"token"`

	// APIServerEndpoint is an IP or domain name to the API server from which info will be fetched.
	APIServerEndpoint string `yaml:"apiServerEndpoint,omitempty"`

	// CACertHashes specifies a set of public key pins to verify
	// when token-based discovery is used. The root CA found during discovery
	// must match one of these values. Specifying an empty set disables root CA
	// pinning, which can be unsafe. Each hash is specified as "<type>:<value>",
	// where the only currently supported type is "sha256". This is a hex-encoded
	// SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded
	// ASN.1. These hashes can be calculated using, for example, OpenSSL.
	CACertHashes []string `yaml:"caCertHashes,omitempty"`

	// UnsafeSkipCAVerification allows token-based discovery
	// without CA verification via CACertHashes. This can weaken
	// the security of kubeadm since other nodes can impersonate the control-plane.
	UnsafeSkipCAVerification bool `yaml:"unsafeSkipCAVerification,omitempty"`
}

type ClusterConfiguration

type ClusterConfiguration struct {
	APIVersion           string `yaml:"apiVersion,omitempty"`
	Kind                 string `yaml:"kind"`
	KubernetesVersion    string `yaml:"kubernetesVersion,omitempty"`
	ControlPlaneEndpoint string `yaml:"controlPlaneEndpoint,omitempty"`
	APIServer            struct {
		CertSANs               []string          `yaml:"certSANs,omitempty"`
		TimeoutForControlPlane string            `yaml:"timeoutForControlPlane,omitempty"`
		ExtraArgs              map[string]string `yaml:"extraArgs,omitempty"`
		ExtraVolumes           []HostPathMount   `yaml:"extraVolumes,omitempty"`
	} `yaml:"apiServer,omitempty"`
	CertificatesDir   string `yaml:"certificatesDir,omitempty"`
	ClusterName       string `yaml:"clusterName,omitempty"`
	ControllerManager struct {
		ExtraArgs map[string]string `yaml:"extraArgs,omitempty"`
	} `yaml:"controllerManager,omitempty"`
	DNS struct {
		Type string `yaml:"type,omitempty"`
	} `yaml:"dns,omitempty"`
	Etcd struct {
		Local struct {
			DataDir   string            `yaml:"dataDir,omitempty"`
			ExtraArgs map[string]string `yaml:"extraArgs,omitempty"`
		} `yaml:"local,omitempty"`
	} `yaml:"etcd,omitempty"`
	ImageRepository string `yaml:"imageRepository,omitempty"`
	Networking      struct {
		DNSDomain     string `yaml:"dnsDomain,omitempty"`
		ServiceSubnet string `yaml:"serviceSubnet,omitempty"`
		PodSubnet     string `yaml:"podSubnet,omitempty"`
	} `yaml:"networking,omitempty"`
	Scheduler struct {
		ExtraArgs map[string]string `yaml:"extraArgs,omitempty"`
	} `yaml:"scheduler,omitempty"`
}

type Consul

type Consul struct {
	logger.Logger
	Host, Service string
}

func (Consul) GetMembers

func (consul Consul) GetMembers() []string

func (Consul) RemoveMember

func (consul Consul) RemoveMember(name string) error

type Discovery

type Discovery struct {
	// BootstrapToken is used to set the options for bootstrap token based discovery
	// BootstrapToken and File are mutually exclusive
	BootstrapToken *BootstrapTokenDiscovery `yaml:"bootstrapToken,omitempty"`

	// Timeout modifies the discovery timeout
	Timeout *metav1.Duration `yaml:"timeout,omitempty"`
}

type HostPathMount

type HostPathMount struct {
	// Name of the volume inside the pod template.
	Name string `yaml:"name"`
	// HostPath is the path in the host that will be mounted inside
	// the pod.
	HostPath string `yaml:"hostPath"`
	// MountPath is the path inside the pod where hostPath will be mounted.
	MountPath string `yaml:"mountPath"`
	// ReadOnly controls write access to the volume
	ReadOnly bool `yaml:"readOnly,omitempty"`
	// PathType is the type of the HostPath.
	PathType HostPathType `yaml:"pathType,omitempty"`
}

type HostPathType

type HostPathType string
const (
	// For backwards compatible, leave it empty if unset
	HostPathUnset HostPathType = ""
	// If nothing exists at the given path, an empty directory will be created there
	// as needed with file mode 0755, having the same group and ownership with Kubelet.
	HostPathDirectoryOrCreate HostPathType = "DirectoryOrCreate"
	// A directory must exist at the given path
	HostPathDirectory HostPathType = "Directory"
	// If nothing exists at the given path, an empty file will be created there
	// as needed with file mode 0644, having the same group and ownership with Kubelet.
	HostPathFileOrCreate HostPathType = "FileOrCreate"
	// A file must exist at the given path
	HostPathFile HostPathType = "File"
	// A UNIX socket must exist at the given path
	HostPathSocket HostPathType = "Socket"
	// A character device must exist at the given path
	HostPathCharDev HostPathType = "CharDevice"
	// A block device must exist at the given path
	HostPathBlockDev HostPathType = "BlockDevice"
)

type InitConfiguration

type InitConfiguration struct {
	APIVersion       string           `yaml:"apiVersion,omitempty"`
	Kind             string           `yaml:"kind"`
	BootstrapTokens  []BootstrapToken `yaml:"bootstrapTokens,omitempty"`
	NodeRegistration NodeRegistration `yaml:"nodeRegistration,omitempty"`
}

type JoinConfiguration

type JoinConfiguration struct {
	APIVersion       string           `yaml:"apiVersion,omitempty"`
	Kind             string           `yaml:"kind"`
	NodeRegistration NodeRegistration `yaml:"nodeRegistration,omitempty"`

	// Discovery specifies the options for the kubelet to use during the TLS Bootstrap process
	Discovery Discovery `yaml:"discovery"`

	// ControlPlane defines the additional control plane instance to be deployed on the joining node.
	// If nil, no additional control plane instance will be deployed.
	ControlPlane *JoinControlPlane `yaml:"controlPlane,omitempty"`
}

type JoinControlPlane

type JoinControlPlane struct {
	// LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node.
	LocalAPIEndpoint APIEndpoint `yaml:"localAPIEndpoint,omitempty"`

	// CertificateKey is the key that is used for decryption of certificates after they are downloaded from the secret
	// upon joining a new control plane node. The corresponding encryption key is in the InitConfiguration.
	CertificateKey string `yaml:"certificateKey,omitempty"`
}

type NodeRegistration

type NodeRegistration struct {
	CRISocket        string            `yaml:"criSocket,omitempty"`
	KubeletExtraArgs map[string]string `yaml:"kubeletExtraArgs,omitempty"`
}

type Secret

type Secret struct {
	meta.TypeMeta `json:",inline"`
	// Standard object's metadata.
	// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
	// +optional
	meta.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Data contains the secret data. Each key must consist of alphanumeric
	// characters, '-', '_' or '.'. The serialized form of the secret data is a
	// base64 encoded string, representing the arbitrary (possibly non-string)
	// data value here. Described in https://tools.ietf.org/html/rfc4648#section-4
	// +optional
	Data map[string]string `json:"data,omitempty" protobuf:"bytes,2,rep,name=data"`

	// stringData allows specifying non-binary secret data in string form.
	// It is provided as a write-only convenience method.
	// All keys and values are merged into the data field on write, overwriting any existing values.
	// It is never output when reading from the API.
	// +k8s:conversion-gen=false
	// +optional
	StringData map[string]string `json:"stringData,omitempty" protobuf:"bytes,4,rep,name=stringData"`

	// Used to facilitate programmatic handling of secret data.
	// +optional
	Type string `json:"type,omitempty" protobuf:"bytes,3,opt,name=type,casttype=SecretType"`
}

Directories

Path Synopsis
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.
operator
v1
Package v1 contains API Schema definitions for the karina.flanksource.com v1 API group +kubebuilder:object:generate=true +groupName=karina.flanksource.com
Package v1 contains API Schema definitions for the karina.flanksource.com v1 API group +kubebuilder:object:generate=true +groupName=karina.flanksource.com
platformoperator
v1
Package v1 contains API Schema definitions for the platform v1 API group +kubebuilder:object:generate=true +groupName=platform.flanksource.com
Package v1 contains API Schema definitions for the platform v1 API group +kubebuilder:object:generate=true +groupName=platform.flanksource.com
v1

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL