gardener

package
v1.32.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 5, 2021 License: Apache-2.0, BSD-2-Clause, MIT, + 1 more Imports: 25 Imported by: 38

Documentation

Index

Constants

View Source 
const (
	// ConfirmationDeletion is an annotation on a Shoot and Project resources whose value must be set to "true" in order to
	// allow deleting the resource (if the annotation is not set any DELETE request will be denied).
	ConfirmationDeletion = "confirmation.gardener.cloud/deletion"
	// DeletionProtected is a label on CustomResourceDefinitions indicating that the deletion is protected, i.e.
	// it must be confirmed with the `confirmation.gardener.cloud/deletion=true` annotation before a `DELETE` call
	// is accepted.
	DeletionProtected = "gardener.cloud/deletion-protected"
)
View Source 
const (
	// DNSProvider is the key for an annotation on a Kubernetes Secret object whose value must point to a valid
	// DNS provider.
	DNSProvider = "dns.gardener.cloud/provider"
	// DNSDomain is the key for an annotation on a Kubernetes Secret object whose value must point to a valid
	// domain name.
	DNSDomain = "dns.gardener.cloud/domain"
	// DNSZone is the key for an annotation on a Kubernetes Secret object whose value must point to a valid
	// DNS hosted zone id.
	DNSZone = "dns.gardener.cloud/zone"
	// DNSIncludeZones is the key for an annotation on a Kubernetes Secret object whose value must point to a list
	// of zones that shall be included.
	DNSIncludeZones = "dns.gardener.cloud/include-zones"
	// DNSExcludeZones is the key for an annotation on a Kubernetes Secret object whose value must point to a list
	// of zones that shall be excluded.
	DNSExcludeZones = "dns.gardener.cloud/exclude-zones"

	// APIServerFQDNPrefix is the part of a FQDN which will be used to construct the domain name for the kube-apiserver of
	// a Shoot cluster. For example, when a Shoot specifies domain 'cluster.example.com', the apiserver domain would be
	// 'api.cluster.example.com'.
	APIServerFQDNPrefix = "api"
	// OwnerFQDNPrefix is the part of a FQDN which will be used to construct the domain name for the owner of
	// a Shoot cluster. For example, when a Shoot specifies domain 'cluster.example.com', the owner domain would be
	// 'owner.cluster.example.com'.
	OwnerFQDNPrefix = "owner"
	// IngressPrefix is the part of a FQDN which will be used to construct the domain name for an ingress controller of
	// a Shoot cluster. For example, when a Shoot specifies domain 'cluster.example.com', the ingress domain would be
	// '*.<IngressPrefix>.cluster.example.com'.
	IngressPrefix = "ingress"
	// InternalDomainKey is a key which must be present in an internal domain constructed for a Shoot cluster. If the
	// configured internal domain already contains it, it won't be added twice. If it does not contain it, it will be
	// appended.
	InternalDomainKey = "internal"
)
View Source 
const (
	// ShootProjectSecretSuffixKubeconfig is a constant for a shoot project secret with suffix 'kubeconfig'.
	ShootProjectSecretSuffixKubeconfig = "kubeconfig"
	// ShootProjectSecretSuffixSSHKeypair is a constant for a shoot project secret with suffix 'ssh-keypair'.
	ShootProjectSecretSuffixSSHKeypair = v1beta1constants.SecretNameSSHKeyPair
	// ShootProjectSecretSuffixOldSSHKeypair is a constant for a shoot project secret with suffix 'ssh-keypair.old'.
	ShootProjectSecretSuffixOldSSHKeypair = v1beta1constants.SecretNameOldSSHKeyPair
	// ShootProjectSecretSuffixMonitoring is a constant for a shoot project secret with suffix 'monitoring'.
	ShootProjectSecretSuffixMonitoring = "monitoring"
)
View Source 
const ProjectNamespacePrefix = "garden-"

ProjectNamespacePrefix is the prefix of namespaces representing projects.

View Source 
const (
	// SeedNamespaceNamePrefix is the prefix used for seed namespaces.
	SeedNamespaceNamePrefix = "seed-"
)

Variables

View Source 
var (
	// NoControlPlaneSecretsReq is a label selector requirement to select non-control plane secrets.
	NoControlPlaneSecretsReq = utils.MustNewRequirement(constants.GardenRole, selection.NotIn, constants.ControlPlaneSecretRoles...)
	// UncontrolledSecretSelector is a selector for objects which are managed by operators/users and not created
	// Gardener controllers.
	UncontrolledSecretSelector = client.MatchingLabelsSelector{Selector: labels.NewSelector().Add(NoControlPlaneSecretsReq)}
)
View Source 
var TimeNow = time.Now

TimeNow returns the current time. Exposed for testing.

Functions

func CheckIfDeletionIsConfirmed added in v1.21.0 

func CheckIfDeletionIsConfirmed(obj client.Object) error

CheckIfDeletionIsConfirmed returns whether the deletion of an object is confirmed or not.

func ComputeGardenNamespace 

func ComputeGardenNamespace(seedName string) string

ComputeGardenNamespace returns the name of the namespace belonging to the given seed in the Garden cluster.

func ComputeSeedName 

func ComputeSeedName(seedNamespaceName string) string

ComputeSeedName computes the name of the seed out of the seed namespace in the Garden cluster.

func ComputeShootProjectSecretName added in v1.24.0 

func ComputeShootProjectSecretName(shootName, suffix string) string

ComputeShootProjectSecretName computes the name of a shoot-related project secret.

func ConfirmDeletion added in v1.21.0 

func ConfirmDeletion(ctx context.Context, w client.Writer, obj client.Object) error

ConfirmDeletion adds Gardener's deletion confirmation and timestamp annotation to the given object and sends a PATCH request. It does not ignore `NotFound` errors while patching.

func EffectiveMaintenanceTimeWindow added in v1.21.0 

func EffectiveMaintenanceTimeWindow(timeWindow *utils.MaintenanceTimeWindow) *utils.MaintenanceTimeWindow

EffectiveMaintenanceTimeWindow cuts a maintenance time window at the end with a guess of 15 minutes. It is subtracted from the end of a maintenance time window to use a best-effort kind of finishing the operation before the end. Generally, we can't make sure that the maintenance operation is done by the end of the time window anyway (considering large clusters with hundreds of nodes, a rolling update will take several hours).

func EffectiveShootMaintenanceTimeWindow added in v1.21.0 

func EffectiveShootMaintenanceTimeWindow(shoot *v1beta1.Shoot) *utils.MaintenanceTimeWindow

EffectiveShootMaintenanceTimeWindow returns the effective MaintenanceTimeWindow of the given Shoot.

func ExtractShootDetailsFromBackupEntryName added in v1.24.0 

func ExtractShootDetailsFromBackupEntryName(backupEntryName string) (shootTechnicalID string, shootUID types.UID)

ExtractShootDetailsFromBackupEntryName returns Shoot resource technicalID its UID from provided <backupEntryName>.

func GardenEtcdEncryptionSecretName added in v1.21.0 

func GardenEtcdEncryptionSecretName(shootName string) string

GardenEtcdEncryptionSecretName returns the name to the 'backup' of the etcd encryption secret in the Garden cluster.

func GenerateBackupEntryName added in v1.24.0 

func GenerateBackupEntryName(shootTechnicalID string, shootUID types.UID) (string, error)

GenerateBackupEntryName returns BackupEntry resource name created from provided <seedNamespace> and <shootUID>.

func GenerateDNSProviderName added in v1.21.0 

func GenerateDNSProviderName(secretName, providerType string) string

GenerateDNSProviderName creates a name for the dns provider out of the passed `secretName` and `providerType`.

func GetAPIServerDomain added in v1.21.0 

func GetAPIServerDomain(domain string) string

GetAPIServerDomain returns the fully qualified domain name for the api-server of the Shoot cluster. The end result is 'api.<domain>'.

func GetDomainInfoFromAnnotations added in v1.21.0 

func GetDomainInfoFromAnnotations(annotations map[string]string) (provider string, domain string, zone string, includeZones, excludeZones []string, err error)

GetDomainInfoFromAnnotations returns the provider, domain, and zones that are specified in the given annotations.

func GetMandatoryExposureClassHandlerSNILabels added in v1.27.0 

func GetMandatoryExposureClassHandlerSNILabels(labels map[string]string, exposureClassName string) map[string]string

GetMandatoryExposureClassHandlerSNILabels get the labels of an ExposureClass Handler plus its name and will add the mandatory SNI labels for ExposureClass handlers to it. Existing label keys will be overridden by the mandatory labels keys.

func GetOwnerDomain added in v1.32.0 

func GetOwnerDomain(domain string) string

GetOwnerDomain returns the fully qualified domain name for the owner of the Shoot cluster. The end result is 'owner.<domain>'.

func GetShootNameFromOwnerReferences added in v1.22.0 

func GetShootNameFromOwnerReferences(objectMeta metav1.Object) string

GetShootNameFromOwnerReferences attempts to get the name of the Shoot object which owns the passed in object. If it is not owned by a Shoot, an empty string is returned.

func GetShootProjectSecretSuffixes added in v1.24.0 

func GetShootProjectSecretSuffixes() []string

GetShootProjectSecretSuffixes returns the list of shoot-related project secret suffixes.

func IsNowInEffectiveShootMaintenanceTimeWindow added in v1.21.0 

func IsNowInEffectiveShootMaintenanceTimeWindow(shoot *v1beta1.Shoot) bool

IsNowInEffectiveShootMaintenanceTimeWindow checks if the current time is in the effective maintenance time window of the Shoot.

func IsObservedAtLatestGenerationAndSucceeded added in v1.21.0 

func IsObservedAtLatestGenerationAndSucceeded(shoot *v1beta1.Shoot) bool

IsObservedAtLatestGenerationAndSucceeded checks whether the Shoot's generation has changed or if the LastOperation status is Succeeded.

func IsSeedClientCert added in v1.23.0 

func IsSeedClientCert(x509cr *x509.CertificateRequest, usages []certificatesv1.KeyUsage) bool

IsSeedClientCert returns true when the given CSR and usages match the requirements for a client certificate for a seed.

func IsShootFailed added in v1.21.0 

func IsShootFailed(shoot *v1beta1.Shoot) bool

IsShootFailed checks if a Shoot is failed.

func IsShootProjectSecret added in v1.24.0 

func IsShootProjectSecret(secretName string) (string, bool)

IsShootProjectSecret checks if the given name matches the name of a shoot-related project secret. If no, it returns an empty string and <false>. Otherwise, it returns the shoot name and <true>.

func LastReconciliationDuringThisTimeWindow added in v1.21.0 

func LastReconciliationDuringThisTimeWindow(shoot *v1beta1.Shoot) bool

LastReconciliationDuringThisTimeWindow returns true if <now> is contained in the given effective maintenance time window of the shoot and if the <lastReconciliation> did not happen longer than the longest possible duration of a maintenance time window.

func ProjectAndNamespaceFromReader added in v1.21.0 

func ProjectAndNamespaceFromReader(ctx context.Context, reader client.Reader, namespaceName string) (*gardencorev1beta1.Project, *corev1.Namespace, error)

ProjectAndNamespaceFromReader returns the Project responsible for a given <namespace>. It reads the namespace and fetches the project name label. Then it will read the project with the respective name.

func ProjectForNamespaceFromInternalLister added in v1.21.0 

func ProjectForNamespaceFromInternalLister(projectLister gardencoreinternallisters.ProjectLister, namespaceName string) (*gardencore.Project, error)

ProjectForNamespaceFromInternalLister returns the Project responsible for a given <namespace>. It lists all Projects via the given lister, iterates over them and tries to identify the Project by looking for the namespace name in the project spec.

func ProjectForNamespaceFromReader added in v1.21.0 

func ProjectForNamespaceFromReader(ctx context.Context, reader client.Reader, namespaceName string) (*gardencorev1beta1.Project, error)

ProjectForNamespaceFromReader returns the Project responsible for a given <namespace>. It reads the namespace and fetches the project name label. Then it will read the project with the respective name.

func RespectShootSyncPeriodOverwrite added in v1.21.0 

func RespectShootSyncPeriodOverwrite(respectSyncPeriodOverwrite bool, shoot *v1beta1.Shoot) bool

RespectShootSyncPeriodOverwrite checks whether to respect the sync period overwrite of a Shoot or not.

func ShouldIgnoreShoot added in v1.21.0 

func ShouldIgnoreShoot(respectSyncPeriodOverwrite bool, shoot *v1beta1.Shoot) bool

ShouldIgnoreShoot determines whether a Shoot should be ignored or not.

func SyncPeriodOfShoot added in v1.21.0 

func SyncPeriodOfShoot(respectSyncPeriodOverwrite bool, defaultMinSyncPeriod time.Duration, shoot *v1beta1.Shoot) time.Duration

SyncPeriodOfShoot determines the sync period of the given shoot.

If no overwrite is allowed, the defaultMinSyncPeriod is returned. Otherwise, the overwrite is parsed. If an error occurs or it is smaller than the defaultMinSyncPeriod, the defaultMinSyncPeriod is returned. Otherwise, the overwrite is returned.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.