Documentation ¶
Index ¶
- Variables
- func AddEnvVar(container *corev1.Container, envVar corev1.EnvVar, overwrite bool)
- func AddVolume(podSpec *corev1.PodSpec, volume corev1.Volume, overwrite bool)
- func AddVolumeMount(container *corev1.Container, volumeMount corev1.VolumeMount, overwrite bool)
- func ClientCertificateFromRESTConfig(restConfig *rest.Config) (*tls.Certificate, error)
- func CurrentReplicaCountForDeployment(ctx context.Context, client client.Client, namespace, deploymentName string) (int32, error)
- func DNSNamesForService(name, namespace string) []string
- func DeleteObject(ctx context.Context, c client.Writer, object client.Object) error
- func DeleteObjects(ctx context.Context, c client.Writer, objects ...client.Object) error
- func DeleteObjectsFromListConditionally(ctx context.Context, c client.Client, listObj client.ObjectList, ...) error
- func DeleteSecretByReference(ctx context.Context, c client.Client, ref *corev1.SecretReference) error
- func FQDNForService(name, namespace string) string
- func FeatureGatesToCommandLineParameter(fg map[string]bool) string
- func FetchEventMessages(ctx context.Context, scheme *runtime.Scheme, reader client.Reader, ...) (string, error)
- func GetAdmissionPluginsForVersion(v string) []gardencorev1beta1.AdmissionPlugin
- func GetContainerResourcesInStatefulSet(ctx context.Context, k8sClient client.Client, key client.ObjectKey) (map[string]*corev1.ResourceRequirements, error)
- func GetDeploymentForPod(ctx context.Context, reader client.Reader, namespace string, ...) (*appsv1.Deployment, error)
- func GetLoadBalancerIngress(ctx context.Context, c client.Client, service *corev1.Service) (string, error)
- func GetManagedSeedByName(ctx context.Context, client client.Client, name string) (*seedmanagementv1alpha1.ManagedSeed, error)
- func GetManagedSeedWithReader(ctx context.Context, r client.Reader, shootNamespace, shootName string) (*seedmanagementv1alpha1.ManagedSeed, error)
- func GetNodeSelectorRequirementForZones(isZonePinningEnabled bool, zones []string) *corev1.NodeSelectorRequirement
- func GetReplicaCount(failureToleranceType *gardencorev1beta1.FailureToleranceType, ...) *int32
- func GetSecretByReference(ctx context.Context, c client.Reader, ref *corev1.SecretReference) (*corev1.Secret, error)
- func GetSecretMetadataByReference(ctx context.Context, c client.Reader, ref *corev1.SecretReference) (*metav1.PartialObjectMetadata, error)
- func GetTopologySpreadConstraints(replicas int32, maxReplicas int32, labelSelector metav1.LabelSelector, ...) []corev1.TopologySpreadConstraint
- func HasEnvVar(container corev1.Container, name string) bool
- func HasMetaDataAnnotation(meta metav1.Object, key, value string) bool
- func IsNodeLabelAllowedForKubelet(key string) bool
- func Key(namespaceOrName string, nameOpt ...string) client.ObjectKey
- func LookupObject(ctx context.Context, c client.Client, apiReader client.Reader, ...) error
- func MakeUnique(obj runtime.Object) error
- func MapStringBoolToCommandLineParameter(m map[string]bool, param string) string
- func MergeOwnerReferences(references []metav1.OwnerReference, newReferences ...metav1.OwnerReference) []metav1.OwnerReference
- func MostRecentCompleteLogs(ctx context.Context, podInterface corev1client.PodInterface, pod *corev1.Pod, ...) (string, error)
- func NewKubeconfig(contextName string, cluster clientcmdv1.Cluster, authInfo clientcmdv1.AuthInfo) *clientcmdv1.Config
- func NewestObject(ctx context.Context, c client.Reader, listObj client.ObjectList, ...) (client.Object, error)
- func NewestPodForDeployment(ctx context.Context, c client.Reader, deployment *appsv1.Deployment) (*corev1.Pod, error)
- func ObjectKeyForCreateWebhooks(obj client.Object, req admission.Request) client.ObjectKey
- func ObjectKeyFromSecretRef(ref corev1.SecretReference) client.ObjectKey
- func ObjectMeta(namespaceOrName string, nameOpt ...string) metav1.ObjectMeta
- func ObjectMetaFromKey(key client.ObjectKey) metav1.ObjectMeta
- func ObjectName(obj client.Object) string
- func OwnedBy(obj client.Object, apiVersion, kind, name string, uid types.UID) bool
- func ParseObjectName(objectName string) (string, string)
- func PodManagedByDaemonSet(pod *corev1.Pod) bool
- func ReadLeaderElectionRecord(ctx context.Context, client client.Client, lock, namespace, name string) (*resourcelock.LeaderElectionRecord, error)
- func ReconcileServicePorts(existingPorts []corev1.ServicePort, desiredPorts []corev1.ServicePort, ...) []corev1.ServicePort
- func ResourcesExist(ctx context.Context, reader client.Reader, objList client.ObjectList, ...) (bool, error)
- func SetAnnotationAndUpdate(ctx context.Context, c client.Client, obj client.Object, key, value string) error
- func SetMetaDataAnnotation(meta metav1.Object, key, value string)
- func SetMetaDataLabel(meta metav1.Object, key, value string)
- func TolerationForTaint(taint corev1.Taint) corev1.Toleration
- func TruncateLabelValue(s string) string
- func ValidDeploymentContainerImageVersion(deploymentToCheck *appsv1.Deployment, containerName, minimumVersion string) (bool, error)
- func VisitContainers(podSpec *corev1.PodSpec, visit func(*corev1.Container), ...)
- func VisitPodSpec(obj runtime.Object, visit func(*corev1.PodSpec)) error
- func WaitUntilLoadBalancerIsReady(ctx context.Context, log logr.Logger, c client.Client, namespace, name string, ...) (string, error)
- func WaitUntilResourceDeleted(ctx context.Context, c client.Client, obj client.Object, ...) error
- func WaitUntilResourceDeletedWithDefaults(ctx context.Context, c client.Client, obj client.Object) error
- func WaitUntilResourcesDeleted(ctx context.Context, c client.Client, list client.ObjectList, ...) error
- type ComparableTolerations
- type SortBy
Constants ¶
This section is empty.
Variables ¶
var TLSCipherSuites = []string{
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_AES_128_GCM_SHA256",
"TLS_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_CHACHA20_POLY1305_SHA256",
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
}
TLSCipherSuites is a list of the wanted and acceptable cipher suits.
Functions ¶
func AddEnvVar ¶ added in v1.75.0
AddEnvVar adds the given EnvVar to the given Container if not present. If a EnvVar with the given name is already present it optionally overwrites the EnvVar according to the overwrite parameter.
func AddVolume ¶ added in v1.75.0
AddVolume adds the given Volume to the given PodSpec if not present. If a Volume with the given name is already present it optionally overwrites the Volume according to the overwrite parameter.
func AddVolumeMount ¶ added in v1.75.0
func AddVolumeMount(container *corev1.Container, volumeMount corev1.VolumeMount, overwrite bool)
AddVolumeMount adds the given VolumeMount to the given Container if not present. If a VolumeMount with the given name is already present it optionally overwrites the VolumeMount according to the overwrite parameter.
func ClientCertificateFromRESTConfig ¶ added in v1.57.0
func ClientCertificateFromRESTConfig(restConfig *rest.Config) (*tls.Certificate, error)
ClientCertificateFromRESTConfig returns the client certificate used inside a REST config.
func CurrentReplicaCountForDeployment ¶ added in v1.21.0
func CurrentReplicaCountForDeployment(ctx context.Context, client client.Client, namespace, deploymentName string) (int32, error)
CurrentReplicaCountForDeployment returns the current replicaCount for the given deployment.
func DNSNamesForService ¶ added in v1.8.0
DNSNamesForService returns the possible DNS names for a service with the given name and namespace.
func DeleteObject ¶ added in v1.11.0
DeleteObject deletes a Kubernetes object. It ignores 'not found' and 'no match' errors.
func DeleteObjects ¶ added in v1.11.0
DeleteObjects deletes a list of Kubernetes objects.
func DeleteObjectsFromListConditionally ¶ added in v1.17.0
func DeleteObjectsFromListConditionally(ctx context.Context, c client.Client, listObj client.ObjectList, predicateFn func(runtime.Object) bool) error
DeleteObjectsFromListConditionally takes a Kubernetes List object. It iterates over its items and, if provided, executes the predicate function. If it evaluates to true then the object will be deleted.
func DeleteSecretByReference ¶ added in v1.17.0
func DeleteSecretByReference(ctx context.Context, c client.Client, ref *corev1.SecretReference) error
DeleteSecretByReference deletes the secret referenced by the given secret reference.
func FQDNForService ¶ added in v1.69.0
FQDNForService returns the fully qualified domain name of a service with the given name and namespace.
func FeatureGatesToCommandLineParameter ¶ added in v1.10.0
FeatureGatesToCommandLineParameter transforms feature gates given as string/bool map to a command line parameter that is understood by Kubernetes components.
func FetchEventMessages ¶ added in v1.17.0
func FetchEventMessages(ctx context.Context, scheme *runtime.Scheme, reader client.Reader, obj client.Object, eventType string, eventsLimit int) (string, error)
FetchEventMessages gets events for the given object of the given `eventType` and returns them as a formatted output. The function expects that the given `obj` is specified with a proper `metav1.TypeMeta`.
func GetAdmissionPluginsForVersion ¶ added in v1.25.0
func GetAdmissionPluginsForVersion(v string) []gardencorev1beta1.AdmissionPlugin
GetAdmissionPluginsForVersion returns the set of default admission plugins for the given Kubernetes version. If the given Kubernetes version does not explicitly define admission plugins the set of names for the next available version will be returned (e.g., for version X not defined the set of version X-1 will be returned).
func GetContainerResourcesInStatefulSet ¶ added in v1.21.0
func GetContainerResourcesInStatefulSet(ctx context.Context, k8sClient client.Client, key client.ObjectKey) (map[string]*corev1.ResourceRequirements, error)
GetContainerResourcesInStatefulSet returns the containers resources in StatefulSet.
func GetDeploymentForPod ¶ added in v1.80.0
func GetDeploymentForPod(ctx context.Context, reader client.Reader, namespace string, podOwnerReferences []metav1.OwnerReference) (*appsv1.Deployment, error)
GetDeploymentForPod returns the deployment the pod belongs to by traversing its metadata.
func GetLoadBalancerIngress ¶
func GetLoadBalancerIngress(ctx context.Context, c client.Client, service *corev1.Service) (string, error)
GetLoadBalancerIngress takes a context, a client, a service object. It gets the `service` and queries for a load balancer's technical name (ip address or hostname). It returns the value of the technical name whereby it always prefers the hostname (if given) over the IP address. The passed `service` instance is updated with the information received from the API server.
func GetManagedSeedByName ¶ added in v1.34.0
func GetManagedSeedByName(ctx context.Context, client client.Client, name string) (*seedmanagementv1alpha1.ManagedSeed, error)
GetManagedSeedByName tries to read a ManagedSeed in the garden namespace. If it's not found then `nil` is returned.
func GetManagedSeedWithReader ¶ added in v1.31.0
func GetManagedSeedWithReader(ctx context.Context, r client.Reader, shootNamespace, shootName string) (*seedmanagementv1alpha1.ManagedSeed, error)
GetManagedSeedWithReader gets the ManagedSeed resource for the given shoot namespace and name, by searching for all ManagedSeeds in the shoot namespace that have spec.shoot.name set to the shoot name. If no such ManagedSeeds are found, nil is returned.
func GetNodeSelectorRequirementForZones ¶ added in v1.60.4
func GetNodeSelectorRequirementForZones(isZonePinningEnabled bool, zones []string) *corev1.NodeSelectorRequirement
GetNodeSelectorRequirementForZones returns a node selector requirement to ensure all pods are scheduled only on nodes in the provided zones. If no zones are provided then nothing is done. Note that the returned requirement should be added to all existing node selector terms in the spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms field of pods because the various node selector terms are evaluated with the OR operator.
func GetReplicaCount ¶ added in v1.60.0
func GetReplicaCount(failureToleranceType *gardencorev1beta1.FailureToleranceType, componentType string) *int32
GetReplicaCount returns the replica count based on the criteria, failure tolerance type, and component type.
func GetSecretByReference ¶ added in v1.17.0
func GetSecretByReference(ctx context.Context, c client.Reader, ref *corev1.SecretReference) (*corev1.Secret, error)
GetSecretByReference returns the secret referenced by the given secret reference.
func GetSecretMetadataByReference ¶ added in v1.78.0
func GetSecretMetadataByReference(ctx context.Context, c client.Reader, ref *corev1.SecretReference) (*metav1.PartialObjectMetadata, error)
GetSecretMetadataByReference returns the secret referenced by the given secret reference.
func GetTopologySpreadConstraints ¶ added in v1.56.0
func GetTopologySpreadConstraints( replicas int32, maxReplicas int32, labelSelector metav1.LabelSelector, numberOfZones int32, failureToleranceType *gardencorev1beta1.FailureToleranceType, ) []corev1.TopologySpreadConstraint
GetTopologySpreadConstraints adds topology spread constraints based on the passed `failureToleranceType`. This is only done when the number of replicas is greater than 1 (otherwise, it doesn't make sense to add spread constraints).
func HasEnvVar ¶ added in v1.75.0
HasEnvVar checks if the given container has an EnvVar with the given name.
func HasMetaDataAnnotation ¶
HasMetaDataAnnotation checks if the passed meta object has the given key, value set in the annotations section.
func IsNodeLabelAllowedForKubelet ¶ added in v1.64.0
IsNodeLabelAllowedForKubelet determines whether kubelet is allowed by the NodeRestriction admission plugin to set a label on its own Node object with the given key. See https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction.
func Key ¶
Key creates a new client.ObjectKey from the given parameters. There are only two ways to call this function:
- If only namespaceOrName is set, then a client.ObjectKey with name set to namespaceOrName is returned.
- If namespaceOrName and one nameOpt is given, then a client.ObjectKey with namespace set to namespaceOrName and name set to nameOpt[0] is returned.
For all other cases, this method panics.
func LookupObject ¶ added in v1.7.0
func LookupObject(ctx context.Context, c client.Client, apiReader client.Reader, key client.ObjectKey, obj client.Object) error
LookupObject retrieves an obj for the given object key dealing with potential stale cache that still does not contain the obj. It first tries to retrieve the obj using the given cached client. If the object key is not found, then it does live lookup from the API server using the given apiReader.
func MakeUnique ¶ added in v1.31.0
MakeUnique takes either a *corev1.ConfigMap or a *corev1.Secret object and makes it immutable, i.e., it sets .immutable=true, computes a checksum based on .data, and appends the first 8 characters of the computed checksum to the name of the object. Additionally, it injects the `resources.gardener.cloud/garbage-collectable-reference=true` label.
func MapStringBoolToCommandLineParameter ¶ added in v1.33.0
MapStringBoolToCommandLineParameter transforms a string/bool map to a command line parameter that is understood by Kubernetes components.
func MergeOwnerReferences ¶ added in v1.16.0
func MergeOwnerReferences(references []metav1.OwnerReference, newReferences ...metav1.OwnerReference) []metav1.OwnerReference
MergeOwnerReferences merges the newReferences with the list of existing references.
func MostRecentCompleteLogs ¶ added in v1.16.0
func MostRecentCompleteLogs( ctx context.Context, podInterface corev1client.PodInterface, pod *corev1.Pod, containerName string, tailLines, headBytes *int64, ) ( string, error, )
MostRecentCompleteLogs returns the logs of the pod/container in case it is not running. If the pod/container is running then the logs of the previous pod/container are being returned.
func NewKubeconfig ¶ added in v1.36.0
func NewKubeconfig(contextName string, cluster clientcmdv1.Cluster, authInfo clientcmdv1.AuthInfo) *clientcmdv1.Config
NewKubeconfig returns a new kubeconfig structure.
func NewestObject ¶ added in v1.16.0
func NewestObject(ctx context.Context, c client.Reader, listObj client.ObjectList, filterFn func(client.Object) bool, listOpts ...client.ListOption) (client.Object, error)
NewestObject returns the most recently created object based on the provided list object type. If a filter function is provided then it will be applied for each object right after listing all objects. If no object remains then nil is returned. The Items field in the list object will be populated with the result returned from the server after applying the filter function (if provided).
func NewestPodForDeployment ¶ added in v1.16.0
func NewestPodForDeployment(ctx context.Context, c client.Reader, deployment *appsv1.Deployment) (*corev1.Pod, error)
NewestPodForDeployment returns the most recently created Pod object for the given deployment.
func ObjectKeyForCreateWebhooks ¶ added in v1.40.3
ObjectKeyForCreateWebhooks creates an object key for an object handled by webhooks registered for CREATE verbs.
func ObjectKeyFromSecretRef ¶ added in v1.51.0
func ObjectKeyFromSecretRef(ref corev1.SecretReference) client.ObjectKey
ObjectKeyFromSecretRef returns an ObjectKey for the given SecretReference.
func ObjectMeta ¶
func ObjectMeta(namespaceOrName string, nameOpt ...string) metav1.ObjectMeta
ObjectMeta creates a new metav1.ObjectMeta from the given parameters. There are only two ways to call this function:
- If only namespaceOrName is set, then a metav1.ObjectMeta with name set to namespaceOrName is returned.
- If namespaceOrName and one nameOpt is given, then a metav1.ObjectMeta with namespace set to namespaceOrName and name set to nameOpt[0] is returned.
For all other cases, this method panics.
func ObjectMetaFromKey ¶
func ObjectMetaFromKey(key client.ObjectKey) metav1.ObjectMeta
ObjectMetaFromKey returns an ObjectMeta with the namespace and name set to the values from the key.
func ObjectName ¶ added in v1.8.0
ObjectName returns the name of the given object in the format <namespace>/<name>
func OwnedBy ¶ added in v1.16.0
OwnedBy checks if the given object's owner reference contains an entry with the provided attributes.
func ParseObjectName ¶ added in v1.36.0
ParseObjectName parses the given object name (in the format <namespace>/<name>) to its constituent namespace and name. If the given object name is not namespaced, an empty namespace is returned.
func PodManagedByDaemonSet ¶ added in v1.63.0
PodManagedByDaemonSet returns 'true' if the given pod is managed by a DaemonSet, determined by the existing owner references.
func ReadLeaderElectionRecord ¶ added in v1.15.0
func ReadLeaderElectionRecord(ctx context.Context, client client.Client, lock, namespace, name string) (*resourcelock.LeaderElectionRecord, error)
ReadLeaderElectionRecord returns the leader election record for a given lock type and a namespace/name combination.
func ReconcileServicePorts ¶ added in v1.10.0
func ReconcileServicePorts(existingPorts []corev1.ServicePort, desiredPorts []corev1.ServicePort, desiredServiceType corev1.ServiceType) []corev1.ServicePort
ReconcileServicePorts reconciles the existing service ports with the desired ports. This means that it takes the existing port (identified by name), and applies the settings from the desired port to it. This way it can keep fields that are defaulted by controllers, e.g. the node port. However, it does not keep ports that are not part of the desired list.
func ResourcesExist ¶ added in v1.61.0
func ResourcesExist(ctx context.Context, reader client.Reader, objList client.ObjectList, scheme *runtime.Scheme, listOpts ...client.ListOption) (bool, error)
ResourcesExist checks if there is at least one object of the given objList.
func SetAnnotationAndUpdate ¶ added in v1.21.0
func SetAnnotationAndUpdate(ctx context.Context, c client.Client, obj client.Object, key, value string) error
SetAnnotationAndUpdate sets the annotation on the given object and updates it.
func SetMetaDataAnnotation ¶
SetMetaDataAnnotation sets the annotation on the given object. If the given Object did not yet have annotations, they are initialized.
func SetMetaDataLabel ¶
SetMetaDataLabel sets the key value pair in the labels section of the given Object. If the given Object did not yet have labels, they are initialized.
func TolerationForTaint ¶ added in v1.63.0
func TolerationForTaint(taint corev1.Taint) corev1.Toleration
TolerationForTaint returns the corresponding toleration for the given taint.
func TruncateLabelValue ¶
TruncateLabelValue truncates a string at 63 characters so it's suitable for a label value.
func ValidDeploymentContainerImageVersion ¶
func ValidDeploymentContainerImageVersion(deploymentToCheck *appsv1.Deployment, containerName, minimumVersion string) (bool, error)
ValidDeploymentContainerImageVersion validates compliance of a deployment container image to a minimum version
func VisitContainers ¶ added in v1.75.0
func VisitContainers(podSpec *corev1.PodSpec, visit func(*corev1.Container), containerNames ...string)
VisitContainers calls the given visitor for all (init) containers in the given PodSpec. If containerNames are given it only visits (init) containers with matching names. The visitor may mutate the Container.
func VisitPodSpec ¶ added in v1.75.0
VisitPodSpec calls the given visitor for the PodSpec contained in the given object. The visitor may mutate the PodSpec.
func WaitUntilLoadBalancerIsReady ¶ added in v1.15.0
func WaitUntilLoadBalancerIsReady( ctx context.Context, log logr.Logger, c client.Client, namespace, name string, timeout time.Duration, ) ( string, error, )
WaitUntilLoadBalancerIsReady waits until the given external load balancer has been created (i.e., its ingress information has been updated in the service status).
func WaitUntilResourceDeleted ¶
func WaitUntilResourceDeleted(ctx context.Context, c client.Client, obj client.Object, interval time.Duration) error
WaitUntilResourceDeleted deletes the given resource and then waits until it has been deleted. It respects the given interval and timeout.
func WaitUntilResourceDeletedWithDefaults ¶
func WaitUntilResourceDeletedWithDefaults(ctx context.Context, c client.Client, obj client.Object) error
WaitUntilResourceDeletedWithDefaults deletes the given resource and then waits until it has been deleted. It uses a default interval and timeout
func WaitUntilResourcesDeleted ¶ added in v1.1.0
func WaitUntilResourcesDeleted(ctx context.Context, c client.Client, list client.ObjectList, interval time.Duration, opts ...client.ListOption) error
WaitUntilResourcesDeleted waits until the given resources are gone. It respects the given interval and timeout.
Types ¶
type ComparableTolerations ¶ added in v1.63.0
type ComparableTolerations struct {
// contains filtered or unexported fields
}
ComparableTolerations contains information to transform an ordinary 'corev1.Toleration' object to a semantically comparable object that is fully compatible with the 'comparable' Golang interface, see https://github.com/golang/go/blob/de6abd78893e91f26337eb399644b7a6bc3ea583/src/builtin/builtin.go#L102.
func (*ComparableTolerations) Transform ¶ added in v1.63.0
func (c *ComparableTolerations) Transform(toleration corev1.Toleration) corev1.Toleration
Transform takes a toleration object and exchanges the 'TolerationSeconds' pointer if set. The int64 value will be the same but pointers will be **reused** for all passed tolerations that have the same underlying toleration seconds value.
type SortBy ¶ added in v1.15.2
SortBy the type of a "less" function that defines the ordering of its object arguments.
func ByCreationTimestamp ¶ added in v1.15.2
func ByCreationTimestamp() SortBy
ByCreationTimestamp returns a comparison function for sorting by creation timestamp.