kubectl

package
v0.16.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 5, 2024 License: Apache-2.0 Imports: 31 Imported by: 4

Documentation

Overview

Package kubectl contains functions to work with kubectl command line.

Index

Constants

View Source 
const INITIAL_BLANK_KUBECONFIG = `apiVersion: v1
clusters: []
contexts: []
current-context: ""
kind: Config
preferences: {}
users: []
`

INITIAL_BLANK_KUBECONFIG is a bare, empty kubeconfig

Variables

This section is empty.

Functions

func AddClusterToConfig 

func AddClusterToConfig(
	config *api.Config,
	name string,
	endpoint string,
	b64CertificateAuthorityData string,
) error

AddClusterToConfig will append a new cluster to the kubectl config, based on its endpoint and certificate authority data.

func AddContextToConfig 

func AddContextToConfig(config *api.Config, contextName string, clusterName string, authInfoName string) error

AddContextToConfig will add a new context to the kubectl config that ties the provided cluster to the auth info.

func AddEksAuthInfoToConfig 

func AddEksAuthInfoToConfig(config *api.Config, eksClusterArnString string, eksClusterName string) error

AddEksAuthInfoToConfig will add an exec command based AuthInfo entry to the kubectl config that is designed to retrieve the Kubernetes auth token using AWS IAM credentials. This will use the `token` command provided by `kubergrunt`.

func AddEksConfigContext 

func AddEksConfigContext(
	config *api.Config,
	contextName string,
	eksClusterArnString string,
	eksClusterName string,
	eksEndpoint string,
	b64CertificateAuthorityData string,
) error

AddEksConfigContext will add the EKS cluster authentication info as a new context in the kubectl config. This will update the config object in place, adding in the: - cluster entry with the CA and endpoint information - auth info entry with execution settings to retrieve token via IAM - context entry to link the cluster and authinfo entries

func AddToSecretFromData added in v0.1.5 

func AddToSecretFromData(secret *corev1.Secret, key string, rawData []byte)

AddToSecretFromData will add data to the secret at the provided key.

func AddToSecretFromFile added in v0.1.5 

func AddToSecretFromFile(secret *corev1.Secret, key string, path string) error

AddToSecretFromFile will add data to the secret from a file, attached using the provided key.

func CordonNodes added in v0.5.4 

func CordonNodes(kubectlOptions *KubectlOptions, nodeIds []string) error

CordonNodes calls `kubectl cordon` on each node provided. Cordoning a node makes it unschedulable, preventing new Pods from being scheduled on the node. Note that cordoning a node does not evict the running Pods. To evict existing Pods, use DrainNodes.

func CreateInitialConfig 

func CreateInitialConfig(kubeconfigPath string) error

This will create an initial blank config

func CreateRole added in v0.4.0 

func CreateRole(options *KubectlOptions, newRole *rbacv1.Role) error

CreateRole will create the provided role on the Kubernetes cluster.

func CreateRoleBinding added in v0.4.0 

func CreateRoleBinding(options *KubectlOptions, newRoleBinding *rbacv1.RoleBinding) error

CreateRoleBinding will create the provided role binding on the Kubernetes cluster.

func CreateSecret added in v0.1.5 

func CreateSecret(options *KubectlOptions, newSecret *corev1.Secret) error

CreateSecret will create the provided secret on the Kubernetes cluster.

func DeleteRole added in v0.4.0 

func DeleteRole(options *KubectlOptions, namespace string, name string) error

DeleteRole will delete the role in the provided namespace that has the provided name.

func DeleteRoleBinding added in v0.4.0 

func DeleteRoleBinding(options *KubectlOptions, namespace string, name string) error

DeleteRole will delete the role in the provided namespace that has the provided name.

func DeleteSecret added in v0.1.5 

func DeleteSecret(options *KubectlOptions, namespace string, secretName string) error

DeleteSecret will delete the secret in the provided namespace that has the provided name.

func DrainNodes 

func DrainNodes(kubectlOptions *KubectlOptions, nodeIds []string, timeout time.Duration, deleteEmptyDirData bool) error

DrainNodes calls `kubectl drain` on each node provided. Draining a node consists of: - Taint the nodes so that new pods are not scheduled - Evict all the pods gracefully See https://kubernetes.io/docs/tasks/administer-cluster/safely-drain-node/#use-kubectl-drain-to-remove-a-node-from-service for more information.

func GetAllServices 

func GetAllServices(clientset *kubernetes.Clientset) ([]corev1.Service, error)

GetAllServices queries Kubernetes for information on all deployed Service resources in the current cluster that the provided client can access.

func GetIngress added in v0.3.7 

func GetIngress(options *KubectlOptions, namespace string, ingressName string) (*networkingv1.Ingress, error)

GetIngress returns a Kubernetes Ingress resource in the provided namespace with the given name.

func GetIngressEndpoints added in v0.3.7 

func GetIngressEndpoints(ingress *networkingv1.Ingress) []string

GetIngressEndpoints returns all the available ingress endpoints (preferring hostnames, and if unavailable, returning IPs). Note that if no endpoints are available, returns empty list.

func GetKubernetesClientFromOptions added in v0.3.5 

func GetKubernetesClientFromOptions(kubectlOptions *KubectlOptions) (*kubernetes.Clientset, error)

GetKubernetesClientFromOptions returns a Kubernetes API client given a KubectlOptions object. Constructs the client based on the information in the struct:

  • If Server is set, assume direct auth methods and use Server, Base64PEMCertificateAuthority, and BearerToken to construct authenticated client.
  • Else, use ConfigPath and ContextName to load the config from disk and setup the client to use the auth method provided in the context.

func GetLoadBalancerNameFromService 

func GetLoadBalancerNameFromService(service corev1.Service) (string, error)

GetLoadBalancerNameFromService will return the name of the LoadBalancer given a Kubernetes service object

func GetLoadBalancerTypeFromService added in v0.7.4 

func GetLoadBalancerTypeFromService(service corev1.Service) (ELBType, ELBTargetType, error)

GetLoadBalancerTypeFromService will return the ELB type and target type of the given LoadBalancer Service. This uses the following heuristic:

  • A LoadBalancer Service with no type annotations will default to Classic Load Balancer (from the in-tree controller).
  • If service.beta.kubernetes.io/aws-load-balancer-type is set to nlb or external, then the ELB will be NLB. (When external, we assume the LB controller handles it)
  • For LB services handled by the LB controller, also check for service.beta.kubernetes.io/aws-load-balancer-nlb-target-type which determines the target type. Otherwise, it is always instance target type.

func GetNodes 

func GetNodes(clientset *kubernetes.Clientset, options metav1.ListOptions) ([]corev1.Node, error)

GetNodes queries Kubernetes for information about the worker nodes registered to the cluster, given a clientset.

func GetRole added in v0.4.0 

func GetRole(options *KubectlOptions, namespace string, name string) (*rbacv1.Role, error)

GetRole will get an RBAC role by name in the provided namespace

func GetRoleBinding added in v0.4.0 

func GetRoleBinding(options *KubectlOptions, namespace string, name string) (*rbacv1.RoleBinding, error)

GetRoleBinding will get an RBAC role binding by name in the provided namespace

func GetSecret added in v0.1.5 

func GetSecret(options *KubectlOptions, namespace string, name string) (*corev1.Secret, error)

GetSecret will get a Kubernetes secret by name in the provided namespace.

func IsIngressAvailable added in v0.3.7 

func IsIngressAvailable(ingress *networkingv1.Ingress) bool

IsIngressAvailable returns true if the Ingress endpoint is provisioned and available.

func IsNodeReady 

func IsNodeReady(node corev1.Node) bool

IsNodeReady takes a Kubernetes Node information object and checks if the Node is in the ready state.

func IsPodReady added in v0.3.1 

func IsPodReady(pod corev1.Pod) bool

IsPodReady returns True when a Pod is in the Ready status.

func KubeConfigPathFromHomeDir 

func KubeConfigPathFromHomeDir() (string, error)

KubeConfigPathFromHomeDir returns a string to the default Kubernetes config path in the home directory. This will error if the home directory can not be determined.

func LabelsToListOptions added in v0.4.0 

func LabelsToListOptions(labels map[string]string) metav1.ListOptions

LabelsToListOptions takes a map of label keys/values and returns ListOptions with LabelSelector

func ListPods added in v0.1.5 

func ListPods(options *KubectlOptions, namespace string, filters metav1.ListOptions) ([]corev1.Pod, error)

ListPods will look for pods in the given namespace and return them.

func ListRoleBindings added in v0.4.0 

func ListRoleBindings(options *KubectlOptions, namespace string, filters metav1.ListOptions) ([]rbacv1.RoleBinding, error)

ListRoleBindings will list all role bindings that match the provided filters in the provided namespace

func ListRoles added in v0.4.0 

func ListRoles(options *KubectlOptions, namespace string, filters metav1.ListOptions) ([]rbacv1.Role, error)

ListRole will list all roles that match the provided filters in the provided namespace

func ListSecrets added in v0.1.5 

func ListSecrets(options *KubectlOptions, namespace string, filters metav1.ListOptions) ([]corev1.Secret, error)

ListSecrets will list all the secrets that match the provided filters in the provided namespace.

func LoadApiClientConfig 

func LoadApiClientConfig(path string, context string) (*restclient.Config, error)

LoadApiClientConfig will load a ClientConfig object from a file path that points to a location on disk containing a kubectl config, with the requested context loaded.

func LoadApiClientConfigFromOptions added in v0.3.5 

func LoadApiClientConfigFromOptions(options *KubectlOptions) (*restclient.Config, error)

LoadApiClientConfigFromOptions will load a ClientConfig object based on the provided KubectlOptions. Specifically, this will create the config in memory if using direct auth, and load from disk if not.

func LoadConfigFromPath 

func LoadConfigFromPath(path string) clientcmd.ClientConfig

LoadConfigFromPath will load a ClientConfig object from a file path that points to a location on disk containing a kubectl config.

func PrepareRole added in v0.4.0 

func PrepareRole(
	namespace string,
	name string,
	labels map[string]string,
	annotations map[string]string,
	rules []rbacv1.PolicyRule,
) *rbacv1.Role

PrepareTillerRole will construct a new Role struct with the provided metadata. The role can later be used to add rules.

func PrepareRoleBinding added in v0.4.0 

func PrepareRoleBinding(
	namespace string,
	name string,
	labels map[string]string,
	annotations map[string]string,
	subjects []rbacv1.Subject,
	roleRef rbacv1.RoleRef,
) *rbacv1.RoleBinding

PrepareTillerRoleBinding will construct a new RoleBinding struct with the provided metadata. The role can later be used to add rules.

func PrepareSecret added in v0.1.5 

func PrepareSecret(
	namespace string,
	name string,
	labels map[string]string,
	annotations map[string]string,
) *corev1.Secret

PrepareSecret will construct a new Secret struct with the provided metadata. This can then be used to append data to it, either from a file (using AddToSecretFromFile) or raw data (using AddToSecretFromData).

func RunKubectl 

func RunKubectl(options *KubectlOptions, args ...string) error

RunKubectl will make a call to kubectl, setting the config and context to the ones specified in the provided options.

func RunKubectlWithOutput added in v0.14.0 

func RunKubectlWithOutput(options *KubectlOptions, args ...string) (string, error)

func ValidateNamespaceExists added in v0.1.5 

func ValidateNamespaceExists(kubectlOptions *KubectlOptions, namespace string) error

ValidateNamespaceExists will return an error if the provided namespace does not exist on the Kubernetes cluster.

func ValidateServiceAccountExists added in v0.1.5 

func ValidateServiceAccountExists(kubectlOptions *KubectlOptions, namespace string, serviceAccount string) error

ValidateServiceAccountExists will return an error if the provided service account does not exist on the provided namespace in the Kubernetes cluster.

func WaitForNodesReady 

func WaitForNodesReady(
	kubectlOptions *KubectlOptions,
	nodeIds []string,
	maxRetries int,
	sleepBetweenRetries time.Duration,
) error

WaitForNodesReady will continuously watch the nodes until they reach the ready state.

func WaitUntilIngressEndpointProvisioned added in v0.3.7 

func WaitUntilIngressEndpointProvisioned(
	options *KubectlOptions,
	namespace string,
	ingressName string,
	maxRetries int,
	sleepBetweenRetries time.Duration,
) error

WaitUntilIngressEndpointProvisioned continuously checks the Ingress resource until the endpoint is provisioned or if it times out.

Types

type AWSLoadBalancer added in v0.7.4 

type AWSLoadBalancer struct {
	Name       string
	Type       ELBType
	TargetType ELBTargetType
}

AWSLoadBalancer is a struct that represents an AWS ELB that is associated with Kubernetes resources (Service or Ingress).

func GetAWSLoadBalancers added in v0.7.4 

func GetAWSLoadBalancers(kubectlOptions *KubectlOptions) ([]AWSLoadBalancer, error)

GetAWSLoadBalancers will query Kubernetes for all services, filter for LoadBalancer services, and then parse out the following information: - Type of LB (NLB or Classic LB) - Instance target or IP target TODO: support ALBs with Ingress as well

type AuthScheme added in v0.5.12 

type AuthScheme int

AuthScheme is an enum that indicates how to authenticate to the Kubernetes cluster. 

const (
	ConfigBased AuthScheme = iota
	DirectAuth
	EKSClusterBased
)

type AuthSchemeNotSupported added in v0.5.12 

type AuthSchemeNotSupported struct {
	// contains filtered or unexported fields
}

AuthSchemeNotSupported is returned when the specified auth scheme in KubectlOptions is not supported.

func (AuthSchemeNotSupported) Error added in v0.5.12 

func (err AuthSchemeNotSupported) Error() string

type ContextAlreadyExistsError 

type ContextAlreadyExistsError struct {
	// contains filtered or unexported fields
}

ContextAlreadyExistsError is returned when trying to create a new context with a name that is already in the config

func NewContextAlreadyExistsError 

func NewContextAlreadyExistsError(contextName string) ContextAlreadyExistsError

func (ContextAlreadyExistsError) Error 

func (err ContextAlreadyExistsError) Error() string

type ELBTargetType added in v0.7.4 

type ELBTargetType int

ELBTargetType represents the different ways the AWS ELB routes to the services. 

const (
	InstanceTarget ELBTargetType = iota
	IPTarget
	UnknownELBTarget
)

type ELBType added in v0.7.4 

type ELBType int

ELBType represents the underlying type of the load balancer (classic, network, or application) 

const (
	ALB ELBType = iota
	NLB
	CLB
	UnknownELB
)

type KubeContextNotFound added in v0.1.5 

type KubeContextNotFound struct {
	Options *KubectlOptions
}

KubeContextNotFound error is returned when the specified Kubernetes context is unabailable in the specified kubeconfig.

func (KubeContextNotFound) Error added in v0.1.5 

func (err KubeContextNotFound) Error() string

type KubectlOptions 

type KubectlOptions struct {
	// Config based authentication scheme
	ContextName string
	ConfigPath  string

	// Direct authentication scheme. Has precedence over config based scheme. All 3 values must be set.
	Server                        string
	Base64PEMCertificateAuthority string
	BearerToken                   string

	// EKS based authentication scheme. Has precedence over direct or config based scheme.
	EKSClusterArn string
}

Represents common options necessary to specify for all Kubectl calls

func GetKubectlOptions added in v0.4.0 

func GetKubectlOptions(t *testing.T) (*k8s.KubectlOptions, *KubectlOptions)

func GetTestKubectlOptions added in v0.3.3 

func GetTestKubectlOptions(t *testing.T) *KubectlOptions

func (*KubectlOptions) AuthScheme added in v0.5.12 

func (options *KubectlOptions) AuthScheme() AuthScheme

func (*KubectlOptions) TempCAFile added in v0.3.5 

func (options *KubectlOptions) TempCAFile() (string, error)

TempCAFile creates a temporary file to hold the Certificate Authority data so that it can be passed on to kubectl.

func (*KubectlOptions) TempConfigFromAuthInfo added in v0.3.5 

func (options *KubectlOptions) TempConfigFromAuthInfo() (string, error)

TempConfigFromAuthInfo will create a temporary kubeconfig file that can be used with commands that don't support directly configuring auth info (e.g helm).

type LoadBalancerNameFormatError 

type LoadBalancerNameFormatError struct {
	// contains filtered or unexported fields
}

LoadBalancerNameFormatError is returned when the hostname of the load balancer is in an unexpected format

func NewLoadBalancerNameFormatError 

func NewLoadBalancerNameFormatError(hostname string) LoadBalancerNameFormatError

func (LoadBalancerNameFormatError) Error 

func (err LoadBalancerNameFormatError) Error() string

type LoadBalancerNotReadyError 

type LoadBalancerNotReadyError struct {
	// contains filtered or unexported fields
}

LoadBalancerNotReadyError is returned when the LoadBalancer Service is unexpectedly not ready.

func NewLoadBalancerNotReadyError 

func NewLoadBalancerNotReadyError(serviceName string) LoadBalancerNotReadyError

func (LoadBalancerNotReadyError) Error 

func (err LoadBalancerNotReadyError) Error() string

type NodeCordonError added in v0.5.4 

type NodeCordonError struct {
	Error  error
	NodeID string
}

NodeCordonError is returned when there is an error cordoning a node.

type NodeDrainError 

type NodeDrainError struct {
	Error  error
	NodeID string
}

NodeDrainError is returned when there is an error draining a node.

type NodeReadyTimeoutError 

type NodeReadyTimeoutError struct {
	// contains filtered or unexported fields
}

NodeReadyTimeoutError is returned when we timeout waiting for nodes to reach ready state

func NewNodeReadyTimeoutError 

func NewNodeReadyTimeoutError(numNodes int) NodeReadyTimeoutError

func (NodeReadyTimeoutError) Error 

func (err NodeReadyTimeoutError) Error() string

type ProvisionIngressEndpointTimeoutError added in v0.3.7 

type ProvisionIngressEndpointTimeoutError struct {
	// contains filtered or unexported fields
}

ProvisionIngressEndpointTimeoutError is returned when we time out waiting for the endpoint to be provisioned.

func (ProvisionIngressEndpointTimeoutError) Error added in v0.3.7 

func (err ProvisionIngressEndpointTimeoutError) Error() string

type UnknownAWSLoadBalancerTypeErr added in v0.7.4 

type UnknownAWSLoadBalancerTypeErr struct {
	// contains filtered or unexported fields
}

UnknownAWSLoadBalancerTypeErr is returned when we encounter a load balancer type that we don't expect/support.

func (UnknownAWSLoadBalancerTypeErr) Error added in v0.7.4 

func (err UnknownAWSLoadBalancerTypeErr) Error() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.