virtualgarden

Documentation

Index

• Constants
• func ETCDConfigMapName(role string) string
• func ETCDDataVolumeName(role string) string
• func ETCDPersistentVolumeClaimName(role string) string
• func ETCDSecretNameServerCertificate(role string) string
• func ETCDServiceName(role string) string
• func ETCDStatefulSetName(role string) string
• func ETCDStorageClassName(etcd *api.ETCD) string
• func OtherVirtualGardensInHostingCluster(ctx context.Context, c client.Client, namespace string) (bool, error)
• type Interface
  • func NewOperation(c client.Client, log *logrus.Logger, namespace string, imports *api.Imports, ...) (Interface, error)

Constants

const (
	LabelKeyApp       = "app"
	LabelKeyComponent = "component"
	LabelKeyRole      = "role"

	LabelValueAllowed = "allowed"
)

const (
	ChecksumKeyKubeAPIServerAuditPolicyConfig               = "checksum/configmap-kube-apiserver-audit-policy-config"
	ChecksumKeyKubeAPIServerEncryptionConfig                = "checksum/secret-kube-apiserver-encryption-config"
	ChecksumKeyKubeAggregatorCA                             = "checksum/secret-kube-aggregator-ca"
	ChecksumKeyKubeAggregatorClient                         = "checksum/secret-kube-aggregator-client"
	ChecksumKeyKubeAPIServerCA                              = "checksum/secret-kube-apiserver-ca"
	ChecksumKeyKubeAPIServerServer                          = "checksum/secret-kube-apiserver-server"
	ChecksumKeyKubeAPIServerAuditWebhookConfig              = "checksum/secret-kube-apiserver-audit-webhook-config"
	ChecksumKeyKubeAPIServerAuthWebhookConfig               = "checksum/secret-kube-apiserver-auth-webhook-config"
	ChecksumKeyKubeAPIServerOidcAuthenticationWebhookConfig = "checksum/secret-kube-apiserver-authentication-webhook-config"
	ChecksumKeyKubeAPIServerStaticToken                     = "checksum/secret-kube-apiserver-static-token"
	ChecksumKeyKubeAPIServerAdmissionConfig                 = "checksum/virtual-garden-kube-apiserver-admission-config"
	ChecksumKeyKubeControllerManagerClient                  = "checksum/secret-kube-controller-manager-client"
	ChecksumKeyServiceAccountKey                            = "checksum/secret-service-account-key"
)

Keys of annotations for checksums

const (
	ValidatingWebhookKey    = "validating-webhook"
	MutatingWebhookKey      = "mutating-webhook"
	AuditWebhookConfigKey   = "audit-webhook-config.yaml"
	ConfigYamlKey           = "config.yaml"
	StaticTokenKey          = "static_tokens.csv"
	EncryptionConfigKey     = "encryption-config.yaml"
	ServiceAccountKey       = "service_account.key"
	ConfigurationYamlKey    = "configuration.yaml"
	AuditPolicyYamlKey      = "audit-policy.yaml"
	SecretKeyKubeconfig     = "kubeconfig"
	SecretKeyKubeconfigYaml = "kubeconfig.yaml"
)

Keys of secrets and configmaps

const (
	UserVirtualGardenKubeApiServer     = "virtual-garden-kube-apiserver"
	UserOidcWebhookAuthenticatorGarden = "oidc-webhook-authenticator.garden"
)

const (
	// ETCDRoleMain is a constant for the 'main' role of etcd.
	ETCDRoleMain = "main"
	// ETCDRoleEvents is a constant for the 'events' role of etcd.
	ETCDRoleEvents = "events"
)

const (
	// ETCDSecretNameBackup is a constant for the name of a Kubernetes secret that contains the backup secret for the
	// main etcd.
	ETCDSecretNameBackup = Prefix + "-etcd-" + ETCDRoleMain + "-backup"
	// ETCDVolumeMountPathBackupSecret is a constant for the mount path of the etcd backup secret volume.
	ETCDVolumeMountPathBackupSecret = "/var/etcd/backup"
)

const (
	// ETCDSecretNameCACertificate is a constant for the name of a Kubernetes secret that contains the CA certificate
	// for etcd.
	ETCDSecretNameCACertificate = Prefix + "-etcd-ca"
	// ETCDSecretNameClientCertificate is a constant for the name of a Kubernetes secret that contains the client
	// certificate for etcd.
	ETCDSecretNameClientCertificate = Prefix + "-etcd-client"
)

const (
	// ETCDConfigMapDataKeyBootstrapScript is a constant for a key in a configmap data that contains the bootstrap
	// script.
	ETCDConfigMapDataKeyBootstrapScript = "bootstrap.sh"
	// ETCDConfigMapDataKeyConfiguration is a constant for a key in a configmap data that contains the etcd config.
	ETCDConfigMapDataKeyConfiguration = "etcd.conf.yml"
)

const (
	KubeApiServerSecretNameAggregatorCACertificate          = Prefix + "-kube-aggregator-ca"
	KubeApiServerSecretNameAggregatorClientCertificate      = Prefix + "-kube-aggregator"
	KubeApiServerSecretNameApiServerCACertificate           = Prefix + "-kube-apiserver-ca"
	KubeApiServerSecretNameApiServerServerCertificate       = Prefix + "-kube-apiserver"
	KubeApiServerSecretNameKubeControllerManagerCertificate = Prefix + "-kube-controller-manager"
	KubeApiServerSecretNameClientAdminCertificate           = Prefix + "-kubeconfig-for-admin"
	KubeApiServerSecretNameMetricsScraperCertificate        = Prefix + "-metrics-scraper"
	KubeApiServerSecretNameOidcAuthenticationWebhookConfig  = Prefix + "-kube-apiserver-authentication-webhook-config"
)

const (
	KubeApiServerConfigMapAdmission   = Prefix + "-kube-apiserver-admission-config"
	KubeApiServerConfigMapAuditPolicy = "kube-apiserver-audit-policy-config"
)

const (
	KubeAPIServerDeploymentNameAPIServer         = Prefix + "-kube-apiserver"
	KubeAPIServerDeploymentNameControllerManager = Prefix + "-kube-controller-manager"
)

const (
	KubeApiServerSecretNameAdmissionKubeconfig = Prefix + "-kube-apiserver-admission-kubeconfig"
	KubeApiServerSecretNameAuditWebhookConfig  = "kube-apiserver-audit-webhook-config"
	KubeApiServerSecretNameAuthWebhookConfig   = Prefix + "-kube-apiserver-auth-webhook-config"
	KubeApiServerSecretNameStaticToken         = Prefix + "-kube-apiserver-static-token"
	KubeApiServerSecretNameEncryptionConfig    = Prefix + "-kube-apiserver-encryption-config"
	KubeApiServerSecretNameServiceAccountKey   = Prefix + "-service-account-key"
)

const (
	// KubeAPIServerServiceName is a constant for the service name for the kube-apiserver of the virtual cluster.
	KubeAPIServerServiceName = "virtual-garden-kube-apiserver"
)

const Prefix = "virtual-garden"

Prefix is the prefix for resource names related to the virtual garden.

Functions

func ETCDConfigMapName

func ETCDConfigMapName(role string) string

ETCDConfigMapName returns the name of the etcd bootstrap configmap for the given role.

func ETCDDataVolumeName

func ETCDDataVolumeName(role string) string

ETCDDataVolumeName returns the name of the etcd persistent volume claim for the given role.

func ETCDPersistentVolumeClaimName

func ETCDPersistentVolumeClaimName(role string) string

ETCDPersistentVolumeClaimName returns the name of the etcd persistent volume claim for the given role.

func ETCDSecretNameServerCertificate

func ETCDSecretNameServerCertificate(role string) string

ETCDSecretNameServerCertificate returns the name of a Kubernetes secret that contains the server certificate for etcd for the given role.

func ETCDServiceName

func ETCDServiceName(role string) string

ETCDServiceName returns the name of the etcd server for the given role.

func ETCDStatefulSetName

func ETCDStatefulSetName(role string) string

ETCDStatefulSetName returns the name of the etcd statefulset for the given role.

func ETCDStorageClassName

func ETCDStorageClassName(etcd *api.ETCD) string

ETCDStorageClassName returns the storage class name for etcd.

func OtherVirtualGardensInHostingCluster

func OtherVirtualGardensInHostingCluster(ctx context.Context, c client.Client, namespace string) (bool, error)

OtherVirtualGardensInHostingCluster returns true if there are other statefulsets of virtual garden in the hosting cluster.

Types

type Interface

type Interface interface {
	// Reconcile performs a reconcile operation.
	Reconcile(context.Context) (*api.Exports, error)
	// Delete performs a delete operation.
	Delete(context.Context) error
}

Interface is an interface for the operation.

func NewOperation

func NewOperation(
	c client.Client,
	log *logrus.Logger,
	namespace string,
	imports *api.Imports,
	imageRefs *api.ImageRefs,
) (Interface, error)

NewOperation returns a new operation structure that implements Interface.