operatingsystemconfig

Documentation

Index

• Constants
• Variables
• func CreateMigrationSecret(namespace string) (*corev1.Secret, error)
• func KeyV1(workerPoolName string, kubernetesVersion *semver.Version, ...) string
• func KeyV2(kubernetesVersion *semver.Version, ...) string
• type Data
• type InitValues
• type Interface
  • func New(log logr.Logger, client client.Client, secretsManager secretsmanager.Interface, ...) Interface
• type OperatingSystemConfigs
• type OriginalValues
• type Values

Constants

const (
	// DefaultInterval is the default interval for retry operations.
	DefaultInterval = 5 * time.Second
	// DefaultSevereThreshold is the default threshold until an error reported by another component is treated as
	// 'severe'.
	DefaultSevereThreshold = 30 * time.Second
	// DefaultTimeout is the default timeout and defines how long Gardener should wait for a successful reconciliation
	// of an OperatingSystemConfig resource.
	DefaultTimeout = 3 * time.Minute
	// WorkerPoolHashesSecretName is the name of the secret that tracks the OSC key calculation version used for each worker pool.
	WorkerPoolHashesSecretName = "worker-pools-operatingsystemconfig-hashes" // #nosec G101 -- No credential.

)

Variables

var (
	// InitConfigFn is a function for computing the gardener-node-init units and files.
	InitConfigFn = nodeinit.Config
	// OriginalConfigFn is a function for computing the downloaded cloud config user data units and files.
	OriginalConfigFn = original.Config
)

exposed for testing

var CalculateKeyForVersion = calculateKeyForVersion

CalculateKeyForVersion is exposed for testing purposes only

var LatestHashVersion = func() int {

	if features.DefaultFeatureGate.Enabled(features.NewWorkerPoolHash) {
		return 2
	}
	return 1
}

LatestHashVersion is the latest version support for calculateKeyVersion. Exposed for testing.

var TimeNow = time.Now

TimeNow returns the current time. Exposed for testing.

Functions

func CreateMigrationSecret

func CreateMigrationSecret(namespace string) (*corev1.Secret, error)

CreateMigrationSecret creates a pool-hash secret for initially deploying the pool hash secret into a shoot (namespace).

func KeyV1

func KeyV1(workerPoolName string, kubernetesVersion *semver.Version, criConfig *gardencorev1beta1.CRI) string

KeyV1 returns the key that can be used as secret name based on the provided worker name, Kubernetes version and CRI configuration.

func KeyV2

func KeyV2(
	kubernetesVersion *semver.Version,
	credentialsRotation *gardencorev1beta1.ShootCredentialsRotation,
	worker *gardencorev1beta1.Worker,
	nodeLocalDNSEnabled bool,
	kubeletConfiguration *gardencorev1beta1.KubeletConfig,
) string

KeyV2 returns the key that can be used as secret name based on the provided worker name, Kubernetes version, machine type, image, worker volume, CRI, credentials rotation, node local dns and kubelet configuration.

Types

type Data

type Data struct {
	// Object is the plain OperatingSystemConfig object.
	Object *extensionsv1alpha1.OperatingSystemConfig
	// Content is the actual cloud-config user data.
	// TODO(rfranzke): Remove this Content field after v1.100 is released.
	Content string
	// IncludeSecretNameInWorkerPool states whether a extensionsv1alpha1.WorkerPool must include the GardenerNodeAgentSecretName
	IncludeSecretNameInWorkerPool bool
	// GardenerNodeAgentSecretName is the name of the secret storing the gardener node agent configuration in the shoot cluster.
	GardenerNodeAgentSecretName string
	// SecretName is the name of a secret storing the actual cloud-config user data.
	SecretName *string
}

Data contains the actual content, a command to load it and all units that shall be considered for restart on change.

type InitValues

type InitValues struct {
	// APIServerURL is the address (including https:// protocol prefix) to the kube-apiserver (from which the original
	// cloud-config user data will be downloaded).
	APIServerURL string
}

InitValues are configuration values required for the 'provision' OperatingSystemConfigPurpose.

type Interface

type Interface interface {
	component.DeployMigrateWaiter
	// MigrateWorkerPoolHashes turns a migration WorkerPoolHashesSecretName into the final
	// secret.
	// TODO(MichaelEischer) Remove after Gardener 1.99 is released.
	MigrateWorkerPoolHashes(context.Context) error
	// DeleteStaleResources deletes unused OperatingSystemConfig resources from the shoot namespace in the seed.
	DeleteStaleResources(context.Context) error
	// WaitCleanupStaleResources waits until all unused OperatingSystemConfig resources are cleaned up.
	WaitCleanupStaleResources(context.Context) error
	// SetAPIServerURL sets the APIServerURL value.
	SetAPIServerURL(string)
	// SetCABundle sets the CABundle value.
	SetCABundle(*string)
	// SetCredentialsRotationStatus sets the credentials rotation status
	SetCredentialsRotationStatus(*gardencorev1beta1.ShootCredentialsRotation)
	// SetSSHPublicKeys sets the SSHPublicKeys value.
	SetSSHPublicKeys([]string)
	// WorkerPoolNameToOperatingSystemConfigsMap returns a map whose key is a worker pool name and whose value is a structure
	// containing both the init and the original operating system config data.
	WorkerPoolNameToOperatingSystemConfigsMap() map[string]*OperatingSystemConfigs
}

Interface is an interface for managing OperatingSystemConfigs.

func New

func New(
	log logr.Logger,
	client client.Client,
	secretsManager secretsmanager.Interface,
	values *Values,
	waitInterval time.Duration,
	waitSevereThreshold time.Duration,
	waitTimeout time.Duration,
) Interface

New creates a new instance of Interface.

type OperatingSystemConfigs

type OperatingSystemConfigs struct {
	// Init is the data for the init script.
	Init Data
	// Original is the data for the to-be-downloaded original config.
	Original Data
}

OperatingSystemConfigs contains operating system configs for the init script as well as for the original config.

type OriginalValues

type OriginalValues struct {
	// CABundle is the bundle of certificate authorities that will be added as root certificates.
	CABundle *string
	// ClusterDNSAddress is the address for in-cluster DNS.
	ClusterDNSAddress string
	// ClusterDomain is the Kubernetes cluster domain.
	ClusterDomain string
	// Images is a map containing the necessary container images for the systemd units (hyperkube and pause-container).
	Images map[string]*imagevectorutils.Image
	// KubeletConfig is the default kubelet configuration for all worker pools. Individual worker pools might overwrite
	// this configuration.
	KubeletConfig *gardencorev1beta1.KubeletConfig
	// MachineTypes is a list of machine types.
	MachineTypes []gardencorev1beta1.MachineType
	// SSHPublicKeys is a list of public SSH keys.
	SSHPublicKeys []string
	// SSHAccessEnabled states whether sshd.service service in systemd should be enabled and running for the worker nodes.
	SSHAccessEnabled bool
	// ValitailEnabled states whether Valitail shall be enabled.
	ValitailEnabled bool
	// ValiIngressHostName is the ingress host name of the shoot's Vali.
	ValiIngressHostName string
	// NodeLocalDNSEnabled indicates whether node local dns is enabled or not.
	NodeLocalDNSEnabled bool
	// PrimaryIPFamily represents the preferred IP family (IPv4 or IPv6) to be used.
	PrimaryIPFamily gardencorev1beta1.IPFamily
}

OriginalValues are configuration values required for the 'reconcile' OperatingSystemConfigPurpose.

type Values

type Values struct {
	// Namespace is the namespace for the OperatingSystemConfig resource.
	Namespace string
	// KubernetesVersion is the version for the kubelets of all worker pools.
	KubernetesVersion *semver.Version
	// Workers is the list of worker pools.
	Workers []gardencorev1beta1.Worker
	// CredentialsRotationStatus
	CredentialsRotationStatus *gardencorev1beta1.ShootCredentialsRotation

	// InitValues are configuration values required for the 'provision' OperatingSystemConfigPurpose.
	InitValues
	// OriginalValues are configuration values required for the 'reconcile' OperatingSystemConfigPurpose.
	OriginalValues
}

Values contains the values used to create an OperatingSystemConfig resource.