Documentation ¶
Index ¶
- Constants
- Variables
- func CloudConfigUpdatedForAllWorkerPools(workers []gardencorev1beta1.Worker, workerPoolToNodes map[string][]corev1.Node, ...) error
- func DeleteVolumeAttachments(ctx context.Context, c client.Client) error
- func GenerateDNSProviderName(secretName, providerType string) string
- func IsValidAuditPolicyVersion(shootVersion string, schemaVersion *schema.GroupVersionKind) (bool, error)
- func WaitUntilDeploymentScaledToDesiredReplicas(ctx context.Context, client client.Client, namespace, name string, ...) error
- func WaitUntilVolumeAttachmentsDeleted(ctx context.Context, c client.Client, log *logrus.Entry) error
- func WorkerPoolToCloudConfigSecretChecksumMap(ctx context.Context, shootClient client.Client) (map[string]string, error)
- func WorkerPoolToNodesMap(ctx context.Context, shootClient client.Client) (map[string][]corev1.Node, error)
- type Botanist
- func (b *Botanist) APIServerSNIEnabled() bool
- func (b *Botanist) APIServerSNIPodMutatorEnabled() bool
- func (b *Botanist) AdditionalDNSProviders(ctx context.Context, gardenClient, seedClient client.Client) (map[string]component.DeployWaiter, error)
- func (b *Botanist) AnnotateExtensionCRsForMigration(ctx context.Context) (err error)
- func (b *Botanist) ApplyEncryptionConfiguration(ctx context.Context) error
- func (b *Botanist) CheckTunnelConnection(ctx context.Context, logger *logrus.Entry, tunnelName string) (bool, error)
- func (b *Botanist) CleanExtendedAPIs(ctx context.Context) error
- func (b *Botanist) CleanKubernetesResources(ctx context.Context) error
- func (b *Botanist) CleanShootNamespaces(ctx context.Context) error
- func (b *Botanist) CleanWebhooks(ctx context.Context) error
- func (b *Botanist) ComputeShootOperatingSystemConfig(ctx context.Context) error
- func (b *Botanist) DefaultClusterAutoscaler() (clusterautoscaler.ClusterAutoscaler, error)
- func (b *Botanist) DefaultContainerRuntime(seedClient client.Client) shoot.ExtensionContainerRuntime
- func (b *Botanist) DefaultControlPlane(seedClient client.Client, purpose extensionsv1alpha1.Purpose) shoot.ExtensionControlPlane
- func (b *Botanist) DefaultCoreBackupEntry(gardenClient client.Client) component.DeployWaiter
- func (b *Botanist) DefaultEtcd(role string, class etcd.Class) (etcd.Etcd, error)
- func (b *Botanist) DefaultExtension(seedClient client.Client) extension.Interface
- func (b *Botanist) DefaultExtensionsBackupEntry(seedClient client.Client) extensionsbackupentry.BackupEntry
- func (b *Botanist) DefaultExternalDNSEntry(seedClient client.Client) component.DeployWaiter
- func (b *Botanist) DefaultExternalDNSOwner(seedClient client.Client) component.DeployWaiter
- func (b *Botanist) DefaultExternalDNSProvider(seedClient client.Client) component.DeployWaiter
- func (b *Botanist) DefaultInfrastructure(seedClient client.Client) shoot.ExtensionInfrastructure
- func (b *Botanist) DefaultInternalDNSEntry(seedClient client.Client) component.DeployWaiter
- func (b *Botanist) DefaultInternalDNSOwner(seedClient client.Client) component.DeployWaiter
- func (b *Botanist) DefaultInternalDNSProvider(seedClient client.Client) component.DeployWaiter
- func (b *Botanist) DefaultKubeAPIServerSNI() component.DeployWaiter
- func (b *Botanist) DefaultKubeAPIServerService(sniPhase component.Phase) component.DeployWaiter
- func (b *Botanist) DefaultKubeControllerManager() (kubecontrollermanager.KubeControllerManager, error)
- func (b *Botanist) DefaultKubeScheduler() (kubescheduler.KubeScheduler, error)
- func (b *Botanist) DefaultMetricsServer() (metricsserver.MetricsServer, error)
- func (b *Botanist) DefaultNetwork(seedClient client.Client) component.DeployMigrateWaiter
- func (b *Botanist) DefaultNginxIngressDNSEntry(seedClient client.Client) component.DeployWaiter
- func (b *Botanist) DefaultNginxIngressDNSOwner(seedClient client.Client) component.DeployWaiter
- func (b *Botanist) DefaultShootNamespaces() component.DeployWaiter
- func (b *Botanist) DefaultWorker(seedClient client.Client) shoot.ExtensionWorker
- func (b *Botanist) DeleteAllExtensionCRs(ctx context.Context) error
- func (b *Botanist) DeleteAllManagedResourcesObjects(ctx context.Context) error
- func (b *Botanist) DeleteAllOperatingSystemConfigs(ctx context.Context) error
- func (b *Botanist) DeleteDNSProviders(ctx context.Context) error
- func (b *Botanist) DeleteKubeAPIServer(ctx context.Context) error
- func (b *Botanist) DeleteManagedResources(ctx context.Context) error
- func (b *Botanist) DeleteSeedMonitoring(ctx context.Context) error
- func (b *Botanist) DeleteSeedNamespace(ctx context.Context) error
- func (b *Botanist) DeleteStaleOperatingSystemConfigs(ctx context.Context, wantedOSCNames sets.String) error
- func (b *Botanist) DeployCloudProviderSecret(ctx context.Context) error
- func (b *Botanist) DeployClusterAutoscaler(ctx context.Context) error
- func (b *Botanist) DeployContainerRuntime(ctx context.Context) error
- func (b *Botanist) DeployControlPlane(ctx context.Context) error
- func (b *Botanist) DeployControlPlaneExposure(ctx context.Context) error
- func (b *Botanist) DeployEtcd(ctx context.Context) error
- func (b *Botanist) DeployExtensions(ctx context.Context) error
- func (b *Botanist) DeployExternalDNS(ctx context.Context) error
- func (b *Botanist) DeployGardenerResourceManager(ctx context.Context) error
- func (b *Botanist) DeployInfrastructure(ctx context.Context) error
- func (b *Botanist) DeployInternalDNS(ctx context.Context) error
- func (b *Botanist) DeployKubeAPIServer(ctx context.Context) error
- func (b *Botanist) DeployKubeAPIServerSNI(ctx context.Context) error
- func (b *Botanist) DeployKubeAPIService(ctx context.Context, sniPhase component.Phase) error
- func (b *Botanist) DeployKubeControllerManager(ctx context.Context) error
- func (b *Botanist) DeployKubeScheduler(ctx context.Context) error
- func (b *Botanist) DeployManagedResources(ctx context.Context) error
- func (b *Botanist) DeployMetricsServer(ctx context.Context) error
- func (b *Botanist) DeployNetwork(ctx context.Context) error
- func (b *Botanist) DeployNetworkPolicies(ctx context.Context) error
- func (b *Botanist) DeployReferencedResources(ctx context.Context) error
- func (b *Botanist) DeploySecrets(ctx context.Context) error
- func (b *Botanist) DeploySeedLogging(ctx context.Context) error
- func (b *Botanist) DeploySeedMonitoring(ctx context.Context) error
- func (b *Botanist) DeploySeedNamespace(ctx context.Context) error
- func (b *Botanist) DeployVerticalPodAutoscaler(ctx context.Context) error
- func (b *Botanist) DeployWorker(ctx context.Context) error
- func (b *Botanist) DestroyExternalDNS(ctx context.Context) error
- func (b *Botanist) DestroyIngressDNSRecord(ctx context.Context) error
- func (b *Botanist) DestroyInternalDNS(ctx context.Context) error
- func (b *Botanist) DestroyReferencedResources(ctx context.Context) error
- func (b *Botanist) EnsureClusterIdentity(ctx context.Context) error
- func (b *Botanist) EnsureIngressDNSRecord(ctx context.Context) error
- func (b *Botanist) GenerateAndSaveSecrets(ctx context.Context) error
- func (b *Botanist) GenerateEncryptionConfiguration(ctx context.Context) error
- func (b *Botanist) GenerateKubernetesDashboardConfig() (map[string]interface{}, error)
- func (b *Botanist) GenerateNginxIngressConfig() (map[string]interface{}, error)
- func (b *Botanist) HibernateControlPlane(ctx context.Context) error
- func (b *Botanist) KeepObjectsForAllManagedResources(ctx context.Context) error
- func (b *Botanist) MigrateExternalDNS(ctx context.Context) error
- func (b *Botanist) MigrateIngressDNSRecord(ctx context.Context) error
- func (b *Botanist) MigrateInternalDNS(ctx context.Context) error
- func (b *Botanist) NeedsAdditionalDNSProviders() bool
- func (b *Botanist) NeedsExternalDNS() bool
- func (b *Botanist) NeedsInternalDNS() bool
- func (b *Botanist) PersistEncryptionConfiguration(ctx context.Context) error
- func (b *Botanist) PrepareKubeAPIServerForMigration(ctx context.Context) error
- func (b *Botanist) RemoveOldETCDEncryptionSecretFromGardener(ctx context.Context) error
- func (b *Botanist) RequiredExtensionsReady(ctx context.Context) error
- func (b *Botanist) RestartControlPlanePods(ctx context.Context) error
- func (b *Botanist) RewriteShootSecretsIfEncryptionConfigurationChanged(ctx context.Context) error
- func (b *Botanist) SNIPhase(ctx context.Context) (component.Phase, error)
- func (b *Botanist) ScaleETCDToOne(ctx context.Context) error
- func (b *Botanist) ScaleETCDToZero(ctx context.Context) error
- func (b *Botanist) ScaleGardenerResourceManagerToOne(ctx context.Context) error
- func (b *Botanist) ScaleKubeAPIServerToOne(ctx context.Context) error
- func (b *Botanist) ScaleKubeControllerManagerToOne(ctx context.Context) error
- func (b *Botanist) SetNginxIngressAddress(address string, seedClient client.Client)
- func (b *Botanist) SnapshotEtcd(ctx context.Context) error
- func (b *Botanist) SyncShootCredentialsToGarden(ctx context.Context) error
- func (b *Botanist) UpdateShootAndCluster(ctx context.Context, shoot *gardencorev1beta1.Shoot, transform func() error) error
- func (b *Botanist) WaitForExtensionsOperationMigrateToSucceed(ctx context.Context) error
- func (b *Botanist) WaitForInfrastructure(ctx context.Context) error
- func (b *Botanist) WaitForKubeControllerManagerToBeActive(ctx context.Context) error
- func (b *Botanist) WaitUntilAllManagedResourcesDeleted(ctx context.Context) error
- func (b *Botanist) WaitUntilCloudConfigUpdatedForAllWorkerPools(ctx context.Context) error
- func (b *Botanist) WaitUntilEndpointsDoNotContainPodIPs(ctx context.Context) error
- func (b *Botanist) WaitUntilEtcdsReady(ctx context.Context) error
- func (b *Botanist) WaitUntilKubeAPIServerIsDeleted(ctx context.Context) error
- func (b *Botanist) WaitUntilKubeAPIServerReady(ctx context.Context) error
- func (b *Botanist) WaitUntilManagedResourcesDeleted(ctx context.Context) error
- func (b *Botanist) WaitUntilNginxIngressServiceIsReady(ctx context.Context) error
- func (b *Botanist) WaitUntilNoPodRunning(ctx context.Context) error
- func (b *Botanist) WaitUntilNodesDeleted(ctx context.Context) error
- func (b *Botanist) WaitUntilRequiredExtensionsReady(ctx context.Context) error
- func (b *Botanist) WaitUntilSeedNamespaceDeleted(ctx context.Context) error
- func (b *Botanist) WaitUntilTunnelConnectionExists(ctx context.Context) error
- func (b *Botanist) WaitUntilVpnShootServiceIsReady(ctx context.Context) error
- func (b *Botanist) WakeUpKubeAPIServer(ctx context.Context) error
Constants ¶
const ( // DefaultInterval is the default interval for retry operations. DefaultInterval = 5 * time.Second // DefaultSevereThreshold is the default threshold until an error reported by another component is treated as 'severe'. DefaultSevereThreshold = 30 * time.Second )
const ( // Provider is the kubernetes provider label. Provider = "provider" // KubernetesProvider is the 'kubernetes' value of the Provider label. KubernetesProvider = "kubernetes" // KubeAggregatorAutoManaged is the label whether an APIService is automanaged by kube-aggregator. KubeAggregatorAutoManaged = autoregister.AutoRegisterManagedLabel // MetadataNameField ist the `metadata.name` field for a field selector. MetadataNameField = "metadata.name" )
const ( // DNSInternalName is a constant for a DNS resources used for the internal domain name. DNSInternalName = "internal" // DNSExternalName is a constant for a DNS resources used for the external domain name. DNSExternalName = "external" // DNSProviderRoleAdditional is a constant for additionally managed DNS providers. DNSProviderRoleAdditional = "managed-dns-provider" )
const CloudConfigExecutionManagedResourceName = "shoot-cloud-config-execution"
CloudConfigExecutionManagedResourceName is a constant for the name of a ManagedResource in the seed cluster in the shoot namespace which contains the cloud config user data exeuction script.
const (
// ManagedResourceName is the name of the managed resource used to deploy referenced resources to the Seed cluster.
ManagedResourceName = "referenced-resources"
)
const NodeLocalIPVSAddress = "169.254.20.10"
NodeLocalIPVSAddress is the IPv4 address used by node local dns when IPVS is used.
const SecretLabelKeyManagedResource = "managed-resource"
SecretLabelKeyManagedResource is a key for a label on a secret with the value 'managed-resource'.
Variables ¶
var ( // FinalizeAfterFiveMinutes is an option to finalize resources after five minutes. FinalizeAfterFiveMinutes = utilclient.FinalizeGracePeriodSeconds(5 * 60) // FinalizeAfterOneHour is an option to finalize resources after one hour. FinalizeAfterOneHour = utilclient.FinalizeGracePeriodSeconds(60 * 60) // ZeroGracePeriod is an option to delete resources with no grace period. ZeroGracePeriod = utilclient.DeleteWith{client.GracePeriodSeconds(0)} // GracePeriodFiveMinutes is an option to delete resources with a grace period of five minutes. GracePeriodFiveMinutes = utilclient.DeleteWith{client.GracePeriodSeconds(5 * 60)} // NotSystemComponent is a requirement that something doesn't have the GardenRole GardenRoleSystemComponent. NotSystemComponent = utils.MustNewRequirement(v1beta1constants.GardenRole, selection.NotEquals, v1beta1constants.GardenRoleSystemComponent) // NoCleanupPrevention is a requirement that the ShootNoCleanup label of something is not true. NoCleanupPrevention = utils.MustNewRequirement(common.ShootNoCleanup, selection.NotEquals, "true") // NotKubernetesProvider is a requirement that the Provider label of something is not KubernetesProvider. NotKubernetesProvider = utils.MustNewRequirement(Provider, selection.NotEquals, KubernetesProvider) // NotKubeAggregatorAutoManaged is a requirement that something is not auto-managed by Kube-Aggregator. NotKubeAggregatorAutoManaged = utils.MustNewRequirement(KubeAggregatorAutoManaged, selection.DoesNotExist) // CleanupSelector is a selector that excludes system components and all resources not considered for auto cleanup. CleanupSelector = labels.NewSelector().Add(NotSystemComponent).Add(NoCleanupPrevention) // NoCleanupPreventionListOption are CollectionMatching that exclude system components or non-auto cleaned up resource. NoCleanupPreventionListOption = client.MatchingLabelsSelector{Selector: CleanupSelector} // MutatingWebhookConfigurationCleanOption is the delete selector for MutatingWebhookConfigurations. MutatingWebhookConfigurationCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // ValidatingWebhookConfigurationCleanOption is the delete selector for ValidatingWebhookConfigurations. ValidatingWebhookConfigurationCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // CustomResourceDefinitionCleanOption is the delete selector for CustomResources. CustomResourceDefinitionCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // DaemonSetCleanOption is the delete selector for DaemonSets. DaemonSetCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // DeploymentCleanOption is the delete selector for Deployments. DeploymentCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // StatefulSetCleanOption is the delete selector for StatefulSets. StatefulSetCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // ServiceCleanOption is the delete selector for Services. ServiceCleanOption = utilclient.ListWith{ client.MatchingLabelsSelector{ Selector: labels.NewSelector().Add(NotKubernetesProvider, NotSystemComponent, NoCleanupPrevention), }, } // NamespaceMatchingLabelsSelector is the delete label selector for Namespaces. NamespaceMatchingLabelsSelector = utilclient.ListWith{&NoCleanupPreventionListOption} // NamespaceMatchingFieldsSelector is the delete field selector for Namespaces. NamespaceMatchingFieldsSelector = utilclient.ListWith{ client.MatchingFieldsSelector{ Selector: fields.AndSelectors( fields.OneTermNotEqualSelector(MetadataNameField, metav1.NamespacePublic), fields.OneTermNotEqualSelector(MetadataNameField, metav1.NamespaceSystem), fields.OneTermNotEqualSelector(MetadataNameField, metav1.NamespaceDefault), fields.OneTermNotEqualSelector(MetadataNameField, corev1.NamespaceNodeLease), ), }, } // APIServiceCleanOption is the delete selector for APIServices. APIServiceCleanOption = utilclient.ListWith{ client.MatchingLabelsSelector{ Selector: labels.NewSelector().Add(NotSystemComponent, NotKubeAggregatorAutoManaged), }, } // CronJobCleanOption is the delete selector for CronJobs. CronJobCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // IngressCleanOption is the delete selector for Ingresses. IngressCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // JobCleanOption is the delete selector for Jobs. JobCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // PodCleanOption is the delete selector for Pods. PodCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // ReplicaSetCleanOption is the delete selector for ReplicaSets. ReplicaSetCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // ReplicationControllerCleanOption is the delete selector for ReplicationControllers. ReplicationControllerCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // PersistentVolumeClaimCleanOption is the delete selector for PersistentVolumeClaims. PersistentVolumeClaimCleanOption = utilclient.ListWith{&NoCleanupPreventionListOption} // NamespaceErrorToleration are the errors to be tolerated during deletion. NamespaceErrorToleration = utilclient.TolerateErrors{apierrors.IsConflict} )
var ( // IntervalWaitCloudConfigUpdated is the interval when waiting until the cloud config was updated for all worker pools. IntervalWaitCloudConfigUpdated = 5 * time.Second // TimeoutWaitCloudConfigUpdated is the timeout when waiting until the cloud config was updated for all worker pools. TimeoutWaitCloudConfigUpdated = 2 * time.Minute )
exposed for testing
var NewEtcd = etcd.New
NewEtcd is a function exposed for testing.
Functions ¶
func CloudConfigUpdatedForAllWorkerPools ¶ added in v1.16.0
func CloudConfigUpdatedForAllWorkerPools(workers []gardencorev1beta1.Worker, workerPoolToNodes map[string][]corev1.Node, workerPoolToCloudConfigSecretChecksum map[string]string) error
CloudConfigUpdatedForAllWorkerPools checks if all the nodes for all the provided worker pools have successfully applied the desired version of their cloud-config user data.
func DeleteVolumeAttachments ¶ added in v1.11.2
DeleteVolumeAttachments deletes all VolumeAttachments.
func GenerateDNSProviderName ¶ added in v1.1.0
GenerateDNSProviderName creates a name for the dns provider out of the passed `secretName` and `providerType`.
func IsValidAuditPolicyVersion ¶
func IsValidAuditPolicyVersion(shootVersion string, schemaVersion *schema.GroupVersionKind) (bool, error)
IsValidAuditPolicyVersion checks whether the api server support the provided audit policy apiVersion
func WaitUntilDeploymentScaledToDesiredReplicas ¶ added in v1.5.0
func WaitUntilDeploymentScaledToDesiredReplicas(ctx context.Context, client client.Client, namespace, name string, desiredReplicas int32) error
WaitUntilDeploymentScaledToDesiredReplicas waits for the number of available replicas to be equal to the deployment's desired replicas count.
func WaitUntilVolumeAttachmentsDeleted ¶ added in v1.11.2
func WaitUntilVolumeAttachmentsDeleted(ctx context.Context, c client.Client, log *logrus.Entry) error
WaitUntilVolumeAttachmentsDeleted waits until no VolumeAttachments exist anymore.
func WorkerPoolToCloudConfigSecretChecksumMap ¶ added in v1.16.0
func WorkerPoolToCloudConfigSecretChecksumMap(ctx context.Context, shootClient client.Client) (map[string]string, error)
WorkerPoolToCloudConfigSecretChecksumMap lists all the cloud-config secrets with the given client in the shoot cluster. It returns a map whose key is the name of a worker pool and whose values are the corresponding checksums of the cloud-config script stored inside the secret's data.
func WorkerPoolToNodesMap ¶ added in v1.16.0
func WorkerPoolToNodesMap(ctx context.Context, shootClient client.Client) (map[string][]corev1.Node, error)
WorkerPoolToNodesMap lists all the nodes with the given client in the shoot cluster. It returns a map whose key is the name of a worker pool and whose values are the corresponding nodes.
Types ¶
type Botanist ¶
type Botanist struct { *operation.Operation DefaultDomainSecret *corev1.Secret // contains filtered or unexported fields }
Botanist is a struct which has methods that perform cloud-independent operations for a Shoot cluster.
func New ¶
New takes an operation object <o> and creates a new Botanist object. It checks whether the given Shoot DNS domain is covered by a default domain, and if so, it sets the <DefaultDomainSecret> attribute on the Botanist object.
func (*Botanist) APIServerSNIEnabled ¶ added in v1.7.0
APIServerSNIEnabled returns true if APIServerSNI feature gate is enabled and the shoot uses internal and external DNS.
func (*Botanist) APIServerSNIPodMutatorEnabled ¶ added in v1.13.0
APIServerSNIPodMutatorEnabled returns false if the value of the Shoot annotation 'alpha.featuregates.shoot.gardener.cloud/apiserver-sni-pod-injector' is 'disable' or APIServereSNI feature is disabled.
func (*Botanist) AdditionalDNSProviders ¶ added in v1.5.0
func (b *Botanist) AdditionalDNSProviders(ctx context.Context, gardenClient, seedClient client.Client) (map[string]component.DeployWaiter, error)
AdditionalDNSProviders returns a map containing DNSProviders where the key is the provider name. Providers and DNSEntries which are no longer needed / or in use, contain a DeployWaiter which removes said DNSEntry / DNSProvider.
func (*Botanist) AnnotateExtensionCRsForMigration ¶ added in v1.5.0
AnnotateExtensionCRsForMigration annotates extension CRs with migrate operation annotation
func (*Botanist) ApplyEncryptionConfiguration ¶
ApplyEncryptionConfiguration creates or updates a secret on the Seed which contains the encryption configuration that is necessary to encrypt the Kubernetes secrets in etcd.
func (*Botanist) CheckTunnelConnection ¶ added in v1.6.0
func (b *Botanist) CheckTunnelConnection(ctx context.Context, logger *logrus.Entry, tunnelName string) (bool, error)
CheckTunnelConnection checks if the tunnel connection between the control plane and the shoot networks is established.
func (*Botanist) CleanExtendedAPIs ¶
CleanExtendedAPIs removes API extensions like CRDs and API services from the Shoot cluster.
func (*Botanist) CleanKubernetesResources ¶
CleanKubernetesResources deletes all the Kubernetes resources in the Shoot cluster other than those stored in the exceptions map. It will check whether all the Kubernetes resources in the Shoot cluster other than those stored in the exceptions map have been deleted. It will return an error in case it has not finished yet, and nil if all resources are gone.
func (*Botanist) CleanShootNamespaces ¶
CleanShootNamespaces deletes all non-system namespaces in the Shoot cluster. It assumes that all workload resources are cleaned up in previous step(s).
func (*Botanist) CleanWebhooks ¶
CleanWebhooks deletes all Webhooks in the Shoot cluster that are not being managed by the addon manager.
func (*Botanist) ComputeShootOperatingSystemConfig ¶
ComputeShootOperatingSystemConfig generates the shoot operating system configuration. Both, the downloader and original configuration will be generated and stored in the shoot specific cloud config map for later usage.
func (*Botanist) DefaultClusterAutoscaler ¶ added in v1.11.0
func (b *Botanist) DefaultClusterAutoscaler() (clusterautoscaler.ClusterAutoscaler, error)
DefaultClusterAutoscaler returns a deployer for the cluster-autoscaler.
func (*Botanist) DefaultContainerRuntime ¶ added in v1.10.0
func (b *Botanist) DefaultContainerRuntime(seedClient client.Client) shoot.ExtensionContainerRuntime
DefaultContainerRuntime creates the default deployer for the ContainerRuntime custom resource.
func (*Botanist) DefaultControlPlane ¶ added in v1.14.0
func (b *Botanist) DefaultControlPlane(seedClient client.Client, purpose extensionsv1alpha1.Purpose) shoot.ExtensionControlPlane
DefaultControlPlane creates the default deployer for the ControlPlane custom resource with the given purpose.
func (*Botanist) DefaultCoreBackupEntry ¶ added in v1.16.0
func (b *Botanist) DefaultCoreBackupEntry(gardenClient client.Client) component.DeployWaiter
DefaultCoreBackupEntry creates the default deployer for the core.gardener.cloud/v1beta1.BackupEntry resource.
func (*Botanist) DefaultEtcd ¶ added in v1.13.0
DefaultEtcd returns a deployer for the etcd.
func (*Botanist) DefaultExtension ¶ added in v1.16.0
DefaultExtension creates the default deployer for the Extension custom resources.
func (*Botanist) DefaultExtensionsBackupEntry ¶ added in v1.16.0
func (b *Botanist) DefaultExtensionsBackupEntry(seedClient client.Client) extensionsbackupentry.BackupEntry
DefaultExtensionsBackupEntry creates the default deployer for the extensions.gardener.cloud/v1alpha1.BackupEntry custom resource.
func (*Botanist) DefaultExternalDNSEntry ¶ added in v1.5.0
func (b *Botanist) DefaultExternalDNSEntry(seedClient client.Client) component.DeployWaiter
DefaultExternalDNSEntry returns DeployWaiter which removes the external DNSEntry.
func (*Botanist) DefaultExternalDNSOwner ¶ added in v1.8.0
func (b *Botanist) DefaultExternalDNSOwner(seedClient client.Client) component.DeployWaiter
DefaultExternalDNSOwner returns DeployWaiter which removes the external DNSOwner.
func (*Botanist) DefaultExternalDNSProvider ¶ added in v1.5.0
func (b *Botanist) DefaultExternalDNSProvider(seedClient client.Client) component.DeployWaiter
DefaultExternalDNSProvider returns the external DNSProvider if external DNS is enabled and if not DeployWaiter which removes the external DNSProvider.
func (*Botanist) DefaultInfrastructure ¶ added in v1.8.0
func (b *Botanist) DefaultInfrastructure(seedClient client.Client) shoot.ExtensionInfrastructure
DefaultInfrastructure creates the default deployer for the Infrastructure custom resource.
func (*Botanist) DefaultInternalDNSEntry ¶ added in v1.5.0
func (b *Botanist) DefaultInternalDNSEntry(seedClient client.Client) component.DeployWaiter
DefaultInternalDNSEntry returns DeployWaiter which removes the internal DNSEntry.
func (*Botanist) DefaultInternalDNSOwner ¶ added in v1.8.0
func (b *Botanist) DefaultInternalDNSOwner(seedClient client.Client) component.DeployWaiter
DefaultInternalDNSOwner returns a DeployWaiter which removes the internal DNSOwner.
func (*Botanist) DefaultInternalDNSProvider ¶ added in v1.5.0
func (b *Botanist) DefaultInternalDNSProvider(seedClient client.Client) component.DeployWaiter
DefaultInternalDNSProvider returns the internal DNSProvider if internal DNS is enabled and if not, DeployWaiter which removes the internal DNSProvider.
func (*Botanist) DefaultKubeAPIServerSNI ¶ added in v1.7.0
func (b *Botanist) DefaultKubeAPIServerSNI() component.DeployWaiter
DefaultKubeAPIServerSNI returns a deployer for kube-apiserver SNI.
func (*Botanist) DefaultKubeAPIServerService ¶ added in v1.7.0
func (b *Botanist) DefaultKubeAPIServerService(sniPhase component.Phase) component.DeployWaiter
DefaultKubeAPIServerService returns a deployer for kube-apiserver service.
func (*Botanist) DefaultKubeControllerManager ¶ added in v1.12.0
func (b *Botanist) DefaultKubeControllerManager() (kubecontrollermanager.KubeControllerManager, error)
DefaultKubeControllerManager returns a deployer for the kube-controller-manager.
func (*Botanist) DefaultKubeScheduler ¶ added in v1.10.0
func (b *Botanist) DefaultKubeScheduler() (kubescheduler.KubeScheduler, error)
DefaultKubeScheduler returns a deployer for the kube-scheduler.
func (*Botanist) DefaultMetricsServer ¶ added in v1.13.0
func (b *Botanist) DefaultMetricsServer() (metricsserver.MetricsServer, error)
DefaultMetricsServer returns a deployer for the metrics-server.
func (*Botanist) DefaultNetwork ¶ added in v1.7.0
func (b *Botanist) DefaultNetwork(seedClient client.Client) component.DeployMigrateWaiter
DefaultNetwork creates the default deployer for the Network custom resource.
func (*Botanist) DefaultNginxIngressDNSEntry ¶ added in v1.5.0
func (b *Botanist) DefaultNginxIngressDNSEntry(seedClient client.Client) component.DeployWaiter
DefaultNginxIngressDNSEntry returns a Deployer which removes existing nginx ingress DNSEntry.
func (*Botanist) DefaultNginxIngressDNSOwner ¶ added in v1.8.0
func (b *Botanist) DefaultNginxIngressDNSOwner(seedClient client.Client) component.DeployWaiter
DefaultNginxIngressDNSOwner returns DeployWaiter which removes the nginx ingress DNSOwner.
func (*Botanist) DefaultShootNamespaces ¶ added in v1.14.0
func (b *Botanist) DefaultShootNamespaces() component.DeployWaiter
DefaultShootNamespaces returns a deployer for the shoot namespaces.
func (*Botanist) DefaultWorker ¶ added in v1.16.0
func (b *Botanist) DefaultWorker(seedClient client.Client) shoot.ExtensionWorker
DefaultWorker creates the default deployer for the Worker custom resource.
func (*Botanist) DeleteAllExtensionCRs ¶ added in v1.5.0
DeleteAllExtensionCRs deletes all extension CRs from the Shoot namespace
func (*Botanist) DeleteAllManagedResourcesObjects ¶ added in v1.5.0
DeleteAllManagedResourcesObjects deletes all managed resources from the Shoot namespace in the Seed.
func (*Botanist) DeleteAllOperatingSystemConfigs ¶ added in v1.3.0
DeleteAllOperatingSystemConfigs deletes all operating system config resources in the shoot namespace in the seed.
func (*Botanist) DeleteDNSProviders ¶ added in v1.1.0
DeleteDNSProviders deletes all DNS providers in the shoot namespace of the seed.
func (*Botanist) DeleteKubeAPIServer ¶
DeleteKubeAPIServer deletes the kube-apiserver deployment in the Seed cluster which holds the Shoot's control plane.
func (*Botanist) DeleteManagedResources ¶
DeleteManagedResources deletes all managed resources labeled with `origin=gardener` from the Shoot namespace in the Seed.
func (*Botanist) DeleteSeedMonitoring ¶
DeleteSeedMonitoring will delete the monitoring stack from the Seed cluster to avoid phantom alerts during the deletion process. More precisely, the Alertmanager and Prometheus StatefulSets will be deleted.
func (*Botanist) DeleteSeedNamespace ¶ added in v1.14.0
DeleteSeedNamespace deletes the namespace in the Seed cluster which holds the control plane components. The built-in garbage collection in Kubernetes will automatically delete all resources which belong to this namespace. This comprises volumes and load balancers as well.
func (*Botanist) DeleteStaleOperatingSystemConfigs ¶ added in v1.3.0
func (b *Botanist) DeleteStaleOperatingSystemConfigs(ctx context.Context, wantedOSCNames sets.String) error
DeleteStaleOperatingSystemConfigs deletes all unused operating system configs in the shoot seed namespace (i.e., those which are not part of the provided map <usedOscNames>.
func (*Botanist) DeployCloudProviderSecret ¶
DeployCloudProviderSecret creates or updates the cloud provider secret in the Shoot namespace in the Seed cluster.
func (*Botanist) DeployClusterAutoscaler ¶
DeployClusterAutoscaler deploys the Kubernetes cluster-autoscaler.
func (*Botanist) DeployContainerRuntime ¶ added in v1.10.0
DeployContainerRuntime deploys the ContainerRuntime custom resources and triggers the restore operation in case the Shoot is in the restore phase of the control plane migration
func (*Botanist) DeployControlPlane ¶
DeployControlPlane deploys or restores the ControlPlane custom resource (purpose normal).
func (*Botanist) DeployControlPlaneExposure ¶
DeployControlPlaneExposure deploys or restores the ControlPlane custom resource (purpose exposure).
func (*Botanist) DeployEtcd ¶ added in v1.13.0
DeployEtcd deploys the etcd main and events.
func (*Botanist) DeployExtensions ¶ added in v1.16.0
DeployExtensions deploys the Extension custom resources and triggers the restore operation in case the Shoot is in the restore phase of the control plane migration.
func (*Botanist) DeployExternalDNS ¶ added in v1.5.0
DeployExternalDNS deploys the external DNSOwner, DNSProvider, and DNSEntry resources.
func (*Botanist) DeployGardenerResourceManager ¶
DeployGardenerResourceManager deploys the gardener-resource-manager which will use CRD resources in order to ensure that they exist in a cluster/reconcile them in case somebody changed something.
func (*Botanist) DeployInfrastructure ¶
DeployInfrastructure deploys the Infrastructure custom resource and triggers the restore operation in case the Shoot is in the restore phase of the control plane migration.
func (*Botanist) DeployInternalDNS ¶ added in v1.5.0
DeployInternalDNS deploys the internal DNSOwner, DNSProvider, and DNSEntry resources.
func (*Botanist) DeployKubeAPIServer ¶
DeployKubeAPIServer deploys kube-apiserver deployment.
func (*Botanist) DeployKubeAPIServerSNI ¶ added in v1.7.0
DeployKubeAPIServerSNI deploys the kube-apiserver-sni chart.
func (*Botanist) DeployKubeAPIService ¶ added in v1.11.0
DeployKubeAPIService deploys for kube-apiserver service.
func (*Botanist) DeployKubeControllerManager ¶
DeployKubeControllerManager deploys the Kubernetes Controller Manager.
func (*Botanist) DeployKubeScheduler ¶
DeployKubeScheduler deploys the Kubernetes scheduler.
func (*Botanist) DeployManagedResources ¶
DeployManagedResources deploys all the ManagedResource CRDs for the gardener-resource-manager.
func (*Botanist) DeployMetricsServer ¶ added in v1.13.0
DeployMetricsServer deploys the metrics-server.
func (*Botanist) DeployNetwork ¶
DeployNetwork deploys the Network custom resource and triggers the restore operation in case the Shoot is in the restore phase of the control plane migration
func (*Botanist) DeployNetworkPolicies ¶
DeployNetworkPolicies creates a network policies in a Shoot cluster's namespace that deny all traffic and allow certain components to use annotations to declare their desire to transmit/receive traffic to/from other Pods/IP addresses.
func (*Botanist) DeployReferencedResources ¶ added in v1.6.0
DeployReferencedResources reads all referenced resources from the Garden cluster and writes a managed resource to the Seed cluster.
func (*Botanist) DeploySecrets ¶
DeploySecrets takes all existing secrets from the ShootState resource and deploys them in the shoot's control plane.
func (*Botanist) DeploySeedLogging ¶
DeploySeedLogging will install the Helm release "seed-bootstrap/charts/loki" in the Seed clusters.
func (*Botanist) DeploySeedMonitoring ¶
DeploySeedMonitoring will install the Helm release "seed-monitoring" in the Seed clusters. It comprises components to monitor the Shoot cluster whose control plane runs in the Seed cluster.
func (*Botanist) DeploySeedNamespace ¶ added in v1.14.0
DeploySeedNamespace creates a namespace in the Seed cluster which is used to deploy all the control plane components for the Shoot cluster. Moreover, the cloud provider configuration and all the secrets will be stored as ConfigMaps/Secrets.
func (*Botanist) DeployVerticalPodAutoscaler ¶ added in v1.7.0
DeployVerticalPodAutoscaler deploys the VPA into the shoot namespace in the seed.
func (*Botanist) DeployWorker ¶
DeployWorker deploys the Worker custom resource and triggers the restore operation in case the Shoot is in the restore phase of the control plane migration
func (*Botanist) DestroyExternalDNS ¶ added in v1.8.0
DestroyExternalDNS destroys the external DNSEntry, DNSOwner, and DNSProvider resources.
func (*Botanist) DestroyIngressDNSRecord ¶
DestroyIngressDNSRecord destroys the nginx ingress DNSEntry and DNSOwner resources.
func (*Botanist) DestroyInternalDNS ¶ added in v1.8.0
DestroyInternalDNS destroys the internal DNSEntry, DNSOwner, and DNSProvider resources.
func (*Botanist) DestroyReferencedResources ¶ added in v1.6.0
DestroyReferencedResources deletes the managed resource containing referenced resources from the Seed cluster.
func (*Botanist) EnsureClusterIdentity ¶ added in v1.8.0
EnsureClusterIdentity ensures that Shoot cluster-identity ConfigMap exists and stores its data in the operation. Updates shoot.status.clusterIdentity if it doesn't exist already.
func (*Botanist) EnsureIngressDNSRecord ¶
EnsureIngressDNSRecord deploys the nginx ingress DNSEntry and DNSOwner resources.
func (*Botanist) GenerateAndSaveSecrets ¶ added in v1.7.0
GenerateAndSaveSecrets creates a CA certificate for the Shoot cluster and uses it to sign the server certificate used by the kube-apiserver, and all client certificates used for communication. It also creates RSA key pairs for SSH connections to the nodes/VMs and for the VPN tunnel. Moreover, basic authentication credentials are computed which will be used to secure the Ingress resources and the kube-apiserver itself. Server certificates for the exposed monitoring endpoints (via Ingress) are generated as well.
func (*Botanist) GenerateEncryptionConfiguration ¶ added in v1.4.0
GenerateEncryptionConfiguration generates new encryption configuration data or syncs it from the etcd encryption configuration secret if it already exists.
func (*Botanist) GenerateKubernetesDashboardConfig ¶
GenerateKubernetesDashboardConfig generates the values which are required to render the chart of the kubernetes-dashboard properly.
func (*Botanist) GenerateNginxIngressConfig ¶
GenerateNginxIngressConfig generates the values which are required to render the chart of the nginx-ingress properly.
func (*Botanist) HibernateControlPlane ¶
HibernateControlPlane hibernates the entire control plane if the shoot shall be hibernated.
func (*Botanist) KeepObjectsForAllManagedResources ¶ added in v1.16.0
KeepObjectsForAllManagedResources sets ManagedResource.Spec.KeepObjects to true.
func (*Botanist) MigrateExternalDNS ¶ added in v1.8.0
MigrateExternalDNS destroys the external DNSEntry, DNSOwner, and DNSProvider resources, without removing the entry from the DNS provider.
func (*Botanist) MigrateIngressDNSRecord ¶ added in v1.8.0
MigrateIngressDNSRecord destroys the nginx ingress DNSEntry and DNSOwner resources, without removing the entry from the DNS provider.
func (*Botanist) MigrateInternalDNS ¶ added in v1.8.0
MigrateInternalDNS destroys the internal DNSEntry, DNSOwner, and DNSProvider resources, without removing the entry from the DNS provider.
func (*Botanist) NeedsAdditionalDNSProviders ¶ added in v1.5.0
NeedsAdditionalDNSProviders returns true if additional DNS providers are needed.
func (*Botanist) NeedsExternalDNS ¶ added in v1.5.0
NeedsExternalDNS returns true if the Shoot cluster needs external DNS.
func (*Botanist) NeedsInternalDNS ¶ added in v1.5.0
NeedsInternalDNS returns true if the Shoot cluster needs internal DNS.
func (*Botanist) PersistEncryptionConfiguration ¶ added in v1.4.0
PersistEncryptionConfiguration adds the encryption configuration to the ShootState.
func (*Botanist) PrepareKubeAPIServerForMigration ¶ added in v1.6.0
PrepareKubeAPIServerForMigration deletes the kube-apiserver and deletes its hvpa
func (*Botanist) RemoveOldETCDEncryptionSecretFromGardener ¶ added in v1.4.0
RemoveOldETCDEncryptionSecretFromGardener removes the etcd encryption configuration secret from the Shoot's namespace in the garden cluster as it is no longer necessary. This step can be removed in the future after all secrets have been cleaned up.
func (*Botanist) RequiredExtensionsReady ¶ added in v1.3.0
RequiredExtensionsReady checks whether all required extensions needed for a shoot operation exist and are ready.
func (*Botanist) RestartControlPlanePods ¶ added in v1.2.0
RestartControlPlanePods restarts (deletes) pods of the shoot control plane.
func (*Botanist) RewriteShootSecretsIfEncryptionConfigurationChanged ¶
RewriteShootSecretsIfEncryptionConfigurationChanged rewrites the secrets in the Shoot if the etcd encryption configuration changed. Rewriting here means that a patch request is sent that forces the etcd to encrypt them with the new configuration.
func (*Botanist) SNIPhase ¶ added in v1.11.0
SNIPhase returns the current phase of the SNI enablement of kube-apiserver's service.
func (*Botanist) ScaleETCDToOne ¶ added in v1.5.0
ScaleETCDToOne scales ETCD main and events replicas to one.
func (*Botanist) ScaleETCDToZero ¶ added in v1.5.0
ScaleETCDToZero scales ETCD main and events replicas to zero.
func (*Botanist) ScaleGardenerResourceManagerToOne ¶ added in v1.5.0
ScaleGardenerResourceManagerToOne scales the gardener-resource-manager deployment
func (*Botanist) ScaleKubeAPIServerToOne ¶ added in v1.12.0
ScaleKubeAPIServerToOne scales kube-apiserver replicas to one
func (*Botanist) ScaleKubeControllerManagerToOne ¶ added in v1.12.0
ScaleKubeControllerManagerToOne scales kube-controller-manager replicas to one.
func (*Botanist) SetNginxIngressAddress ¶ added in v1.5.0
SetNginxIngressAddress sets the IP address of the API server's LoadBalancer.
func (*Botanist) SnapshotEtcd ¶ added in v1.13.0
SnapshotEtcd executes into the etcd-main pod and triggers a full snapshot.
func (*Botanist) SyncShootCredentialsToGarden ¶
SyncShootCredentialsToGarden copies the kubeconfig generated for the user, the SSH keypair to the project namespace in the Garden cluster and the monitoring credentials for the user-facing monitoring stack are also copied.
func (*Botanist) UpdateShootAndCluster ¶ added in v1.7.0
func (b *Botanist) UpdateShootAndCluster(ctx context.Context, shoot *gardencorev1beta1.Shoot, transform func() error) error
UpdateShootAndCluster updates the given `core.gardener.cloud/v1beta1.Shoot` resource in the garden cluster after applying the given transform function to it. It will also update the `shoot` field in the extensions.gardener.cloud/v1alpha1.Cluster` resource in the seed cluster with the updated shoot information.
func (*Botanist) WaitForExtensionsOperationMigrateToSucceed ¶ added in v1.5.0
WaitForExtensionsOperationMigrateToSucceed waits until extension CRs has lastOperation Migrate Succeeded
func (*Botanist) WaitForInfrastructure ¶ added in v1.8.0
WaitForInfrastructure waits until the infrastructure reconciliation has finished and extracts the provider status out of it.
func (*Botanist) WaitForKubeControllerManagerToBeActive ¶ added in v1.12.0
WaitForKubeControllerManagerToBeActive waits for the kube controller manager of a Shoot cluster has acquired leader election, thus is active.
func (*Botanist) WaitUntilAllManagedResourcesDeleted ¶ added in v1.5.0
WaitUntilAllManagedResourcesDeleted waits until all managed resources are gone or the context is cancelled.
func (*Botanist) WaitUntilCloudConfigUpdatedForAllWorkerPools ¶ added in v1.16.0
WaitUntilCloudConfigUpdatedForAllWorkerPools waits for a maximum 2 minutes until all the nodes for all the worker pools in the Shoot have successfully applied the desired version of their cloud-config user data.
func (*Botanist) WaitUntilEndpointsDoNotContainPodIPs ¶
WaitUntilEndpointsDoNotContainPodIPs waits until all endpoints in the shoot cluster to not contain any IPs from the Shoot's PodCIDR.
func (*Botanist) WaitUntilEtcdsReady ¶ added in v1.13.0
WaitUntilEtcdsReady waits until both etcd-main and etcd-events are ready.
func (*Botanist) WaitUntilKubeAPIServerIsDeleted ¶ added in v1.6.0
WaitUntilKubeAPIServerIsDeleted waits until the kube-apiserver is deleted
func (*Botanist) WaitUntilKubeAPIServerReady ¶
WaitUntilKubeAPIServerReady waits until the kube-apiserver pod(s) indicate readiness in their statuses.
func (*Botanist) WaitUntilManagedResourcesDeleted ¶
WaitUntilManagedResourcesDeleted waits until all managed resources labeled with `origin=gardener` are gone or the context is cancelled.
func (*Botanist) WaitUntilNginxIngressServiceIsReady ¶ added in v1.5.0
WaitUntilNginxIngressServiceIsReady waits until the external load balancer of the nginx ingress controller has been created.
func (*Botanist) WaitUntilNoPodRunning ¶
WaitUntilNoPodRunning waits until there is no running Pod in the shoot cluster.
func (*Botanist) WaitUntilNodesDeleted ¶
WaitUntilNodesDeleted waits until no nodes exist in the shoot cluster anymore.
func (*Botanist) WaitUntilRequiredExtensionsReady ¶ added in v1.3.0
WaitUntilRequiredExtensionsReady waits until all the extensions required for a shoot reconciliation are ready
func (*Botanist) WaitUntilSeedNamespaceDeleted ¶
WaitUntilSeedNamespaceDeleted waits until the namespace of the Shoot cluster within the Seed cluster is deleted.
func (*Botanist) WaitUntilTunnelConnectionExists ¶ added in v1.6.0
WaitUntilTunnelConnectionExists waits until a port forward connection to the tunnel pod (vpn-shoot or konnectivity-agent) in the kube-system namespace of the Shoot cluster can be established.
func (*Botanist) WaitUntilVpnShootServiceIsReady ¶ added in v1.12.0
WaitUntilVpnShootServiceIsReady waits until the external load balancer of the VPN has been created.
Source Files ¶
- addons.go
- backupentry.go
- botanist.go
- cleanup.go
- clusterautoscaler.go
- containerruntime.go
- controlplane.go
- dns.go
- etcd.go
- etcdencryption.go
- extension.go
- infrastructure.go
- kubecontrollermanager.go
- kubescheduler.go
- logging.go
- managedresources.go
- metricsserver.go
- migration.go
- monitoring.go
- namespaces.go
- network.go
- operatingsystemconfig.go
- resources.go
- secrets.go
- types.go
- volumeattachments.go
- waiter.go
- wanted_secrets.go
- worker.go
Directories ¶
Path | Synopsis |
---|---|
addons
|
|
extensions
|
|
this file is copy of https://github.com/kubernetes/kubernetes/blob/f247e75980061d7cf83c63c0fb1f12c7060c599f/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules.go with some modifications for the webhook matching use-case.
|
this file is copy of https://github.com/kubernetes/kubernetes/blob/f247e75980061d7cf83c63c0fb1f12c7060c599f/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules.go with some modifications for the webhook matching use-case. |
seedsystemcomponents
|
|
systemcomponents
|
|