Documentation ¶
Index ¶
- Constants
- Variables
- func JoinSuffixes(src SecurityGroupInfo, dest SecurityGroupInfo) string
- func NewTemplateResource(key string, definition string, functions template.FuncMap, context interface{}) (*templateResource, error)
- type BastionModelBuilder
- type BootstrapScript
- type DNSModelBuilder
- type ExternalAccessModelBuilder
- type FirewallModelBuilder
- type IAMModelBuilder
- type KopsModelContext
- func (b *KopsModelContext) AutoscalingGroupName(ig *kops.InstanceGroup) string
- func (m *KopsModelContext) CloudTags(name string, shared bool) map[string]string
- func (m *KopsModelContext) CloudTagsForInstanceGroup(ig *kops.InstanceGroup) (map[string]string, error)
- func (m *KopsModelContext) ClusterName() string
- func (b *KopsModelContext) ELBName(prefix string) string
- func (b *KopsModelContext) ELBSecurityGroupName(prefix string) string
- func (m *KopsModelContext) FindInstanceGroup(name string) *kops.InstanceGroup
- func (m *KopsModelContext) FindSubnet(name string) *kops.ClusterSubnetSpec
- func (m *KopsModelContext) FindZonesForInstanceGroup(ig *kops.InstanceGroup) ([]string, error)
- func (m *KopsModelContext) GatherSubnets(ig *kops.InstanceGroup) ([]*kops.ClusterSubnetSpec, error)
- func (m *KopsModelContext) GetELBName32(prefix string) string
- func (b *KopsModelContext) GetSecurityGroups(role kops.InstanceGroupRole) ([]SecurityGroupInfo, error)
- func (b *KopsModelContext) IAMName(role kops.InstanceGroupRole) string
- func (b *KopsModelContext) InstanceName(ig *kops.InstanceGroup, suffix string) string
- func (c *KopsModelContext) IsKubernetesGTE(version string) bool
- func (c *KopsModelContext) KubernetesVersion() semver.Version
- func (b *KopsModelContext) LinkToAutoscalingGroup(ig *kops.InstanceGroup) *awstasks.AutoscalingGroup
- func (b *KopsModelContext) LinkToDNSZone() *awstasks.DNSZone
- func (b *KopsModelContext) LinkToELB(prefix string) *awstasks.LoadBalancer
- func (b *KopsModelContext) LinkToELBSecurityGroup(prefix string) *awstasks.SecurityGroup
- func (b *KopsModelContext) LinkToIAMInstanceProfile(ig *kops.InstanceGroup) (*awstasks.IAMInstanceProfile, error)
- func (b *KopsModelContext) LinkToPrivateRouteTableInZone(zoneName string) *awstasks.RouteTable
- func (b *KopsModelContext) LinkToPublicSubnetInZone(zoneName string) (*awstasks.Subnet, error)
- func (b *KopsModelContext) LinkToSSHKey() (*awstasks.SSHKey, error)
- func (b *KopsModelContext) LinkToSecurityGroup(role kops.InstanceGroupRole) *awstasks.SecurityGroup
- func (b *KopsModelContext) LinkToSubnet(z *kops.ClusterSubnetSpec) *awstasks.Subnet
- func (b *KopsModelContext) LinkToUtilitySubnetInZone(zoneName string) (*awstasks.Subnet, error)
- func (b *KopsModelContext) LinkToVPC() *awstasks.VPC
- func (m *KopsModelContext) MasterInstanceGroups() []*kops.InstanceGroup
- func (b *KopsModelContext) NameForDNSZone() string
- func (b *KopsModelContext) NamePrivateRouteTableInZone(zoneName string) string
- func (m *KopsModelContext) NodeInstanceGroups() []*kops.InstanceGroup
- func (c *KopsModelContext) NodePortRange() (utilnet.PortRange, error)
- func (c *KopsModelContext) SSHKeyName() (string, error)
- func (b *KopsModelContext) SecurityGroupName(role kops.InstanceGroupRole) string
- func (m *KopsModelContext) UseBootstrapTokens() bool
- func (c *KopsModelContext) UseEtcdTLS() bool
- func (m *KopsModelContext) UseLoadBalancerForAPI() bool
- func (m *KopsModelContext) UseLoadBalancerForInternalAPI() bool
- func (m *KopsModelContext) UsePrivateDNS() bool
- func (m *KopsModelContext) UsesBastionDns() bool
- func (m *KopsModelContext) UsesSSHBastion() bool
- func (c *KopsModelContext) WellKnownServiceIP(id int) (net.IP, error)
- type MasterVolumeBuilder
- type NetworkModelBuilder
- type PKIModelBuilder
- type Protocol
- type SSHKeyModelBuilder
- type SecurityGroupInfo
Constants ¶
const ( DefaultEtcdVolumeSize = 20 DefaultAWSEtcdVolumeType = "gp2" DefaultAWSEtcdVolumeIops = 100 DefaultGCEEtcdVolumeType = "pd-ssd" DefaultALIEtcdVolumeType = "cloud_ssd" )
const BastionELBDefaultIdleTimeout = 5 * time.Minute
const BastionELBSecurityGroupPrefix = "bastion"
const RolePolicyTemplate = `` /* 177-byte string literal not displayed */
Variables ¶
var UseLegacyELBName = featureflag.New("UseLegacyELBName", featureflag.Bool(false))
Functions ¶
func JoinSuffixes ¶ added in v1.11.0
func JoinSuffixes(src SecurityGroupInfo, dest SecurityGroupInfo) string
JoinSuffixes constructs a suffix for traffic from the src to the dest group We have to avoid ambiguity in the case where one has a suffix and the other does not, where normally l.Suffix + r.Suffix would equal r.Suffix + l.Suffix
Types ¶
type BastionModelBuilder ¶
type BastionModelBuilder struct { *KopsModelContext Lifecycle *fi.Lifecycle SecurityLifecycle *fi.Lifecycle }
func (*BastionModelBuilder) Build ¶
func (b *BastionModelBuilder) Build(c *fi.ModelBuilderContext) error
type BootstrapScript ¶
type BootstrapScript struct { NodeUpSource string NodeUpSourceHash string NodeUpConfigBuilder func(ig *kops.InstanceGroup) (*nodeup.Config, error) }
BootstrapScript creates the bootstrap script
func (*BootstrapScript) KubeEnv ¶
func (b *BootstrapScript) KubeEnv(ig *kops.InstanceGroup) (string, error)
KubeEnv returns the nodeup config for the instance group
func (*BootstrapScript) ResourceNodeUp ¶
func (b *BootstrapScript) ResourceNodeUp(ig *kops.InstanceGroup, cluster *kops.Cluster) (*fi.ResourceHolder, error)
ResourceNodeUp generates and returns a nodeup (bootstrap) script from a template file, substituting in specific env vars & cluster spec configuration
type DNSModelBuilder ¶
type DNSModelBuilder struct { *KopsModelContext Lifecycle *fi.Lifecycle }
DNSModelBuilder builds DNS related model objects
func (*DNSModelBuilder) Build ¶
func (b *DNSModelBuilder) Build(c *fi.ModelBuilderContext) error
type ExternalAccessModelBuilder ¶
type ExternalAccessModelBuilder struct { *KopsModelContext Lifecycle *fi.Lifecycle }
ExternalAccessModelBuilder configures security group rules for external access (SSHAccess, KubernetesAPIAccess)
func (*ExternalAccessModelBuilder) Build ¶
func (b *ExternalAccessModelBuilder) Build(c *fi.ModelBuilderContext) error
type FirewallModelBuilder ¶
type FirewallModelBuilder struct { *KopsModelContext Lifecycle *fi.Lifecycle }
FirewallModelBuilder configures firewall network objects
func (*FirewallModelBuilder) Build ¶
func (b *FirewallModelBuilder) Build(c *fi.ModelBuilderContext) error
type IAMModelBuilder ¶
type IAMModelBuilder struct { *KopsModelContext Lifecycle *fi.Lifecycle }
IAMModelBuilder configures IAM objects
func (*IAMModelBuilder) Build ¶
func (b *IAMModelBuilder) Build(c *fi.ModelBuilderContext) error
type KopsModelContext ¶
type KopsModelContext struct { Cluster *kops.Cluster InstanceGroups []*kops.InstanceGroup Region string SSHPublicKeys [][]byte }
KopsModelContext is the kops model
func (*KopsModelContext) AutoscalingGroupName ¶
func (b *KopsModelContext) AutoscalingGroupName(ig *kops.InstanceGroup) string
func (*KopsModelContext) CloudTags ¶
func (m *KopsModelContext) CloudTags(name string, shared bool) map[string]string
CloudTags computes the tags to apply to a normal cloud resource with the specified name
func (*KopsModelContext) CloudTagsForInstanceGroup ¶
func (m *KopsModelContext) CloudTagsForInstanceGroup(ig *kops.InstanceGroup) (map[string]string, error)
CloudTagsForInstanceGroup computes the tags to apply to instances in the specified InstanceGroup
func (*KopsModelContext) ClusterName ¶
func (m *KopsModelContext) ClusterName() string
func (*KopsModelContext) ELBName ¶
func (b *KopsModelContext) ELBName(prefix string) string
func (*KopsModelContext) ELBSecurityGroupName ¶
func (b *KopsModelContext) ELBSecurityGroupName(prefix string) string
func (*KopsModelContext) FindInstanceGroup ¶
func (m *KopsModelContext) FindInstanceGroup(name string) *kops.InstanceGroup
FindInstanceGroup returns the instance group with the matching Name (or nil if not found)
func (*KopsModelContext) FindSubnet ¶
func (m *KopsModelContext) FindSubnet(name string) *kops.ClusterSubnetSpec
FindSubnet returns the subnet with the matching Name (or nil if not found)
func (*KopsModelContext) FindZonesForInstanceGroup ¶
func (m *KopsModelContext) FindZonesForInstanceGroup(ig *kops.InstanceGroup) ([]string, error)
FindZonesForInstanceGroup finds the zones for an InstanceGroup
func (*KopsModelContext) GatherSubnets ¶
func (m *KopsModelContext) GatherSubnets(ig *kops.InstanceGroup) ([]*kops.ClusterSubnetSpec, error)
GatherSubnets maps the subnet names in an InstanceGroup to the ClusterSubnetSpec objects (which are stored on the Cluster)
func (*KopsModelContext) GetELBName32 ¶
func (m *KopsModelContext) GetELBName32(prefix string) string
GetELBName32 will attempt to calculate a meaningful name for an ELB given a prefix Will never return a string longer than 32 chars Note this is _not_ the primary identifier for the ELB - we use the Name tag for that.
func (*KopsModelContext) GetSecurityGroups ¶ added in v1.11.0
func (b *KopsModelContext) GetSecurityGroups(role kops.InstanceGroupRole) ([]SecurityGroupInfo, error)
func (*KopsModelContext) IAMName ¶
func (b *KopsModelContext) IAMName(role kops.InstanceGroupRole) string
IAMName determines the name of the IAM Role and Instance Profile to use for the InstanceGroup
func (*KopsModelContext) InstanceName ¶
func (b *KopsModelContext) InstanceName(ig *kops.InstanceGroup, suffix string) string
func (*KopsModelContext) IsKubernetesGTE ¶
func (c *KopsModelContext) IsKubernetesGTE(version string) bool
IsKubernetesGTE checks if the kubernetes version is at least version, ignoring prereleases / patches
func (*KopsModelContext) KubernetesVersion ¶
func (c *KopsModelContext) KubernetesVersion() semver.Version
KubernetesVersion parses the semver version of kubernetes, from the cluster spec
func (*KopsModelContext) LinkToAutoscalingGroup ¶
func (b *KopsModelContext) LinkToAutoscalingGroup(ig *kops.InstanceGroup) *awstasks.AutoscalingGroup
func (*KopsModelContext) LinkToDNSZone ¶
func (b *KopsModelContext) LinkToDNSZone() *awstasks.DNSZone
func (*KopsModelContext) LinkToELB ¶
func (b *KopsModelContext) LinkToELB(prefix string) *awstasks.LoadBalancer
func (*KopsModelContext) LinkToELBSecurityGroup ¶
func (b *KopsModelContext) LinkToELBSecurityGroup(prefix string) *awstasks.SecurityGroup
func (*KopsModelContext) LinkToIAMInstanceProfile ¶
func (b *KopsModelContext) LinkToIAMInstanceProfile(ig *kops.InstanceGroup) (*awstasks.IAMInstanceProfile, error)
func (*KopsModelContext) LinkToPrivateRouteTableInZone ¶
func (b *KopsModelContext) LinkToPrivateRouteTableInZone(zoneName string) *awstasks.RouteTable
func (*KopsModelContext) LinkToPublicSubnetInZone ¶
func (b *KopsModelContext) LinkToPublicSubnetInZone(zoneName string) (*awstasks.Subnet, error)
func (*KopsModelContext) LinkToSSHKey ¶
func (b *KopsModelContext) LinkToSSHKey() (*awstasks.SSHKey, error)
func (*KopsModelContext) LinkToSecurityGroup ¶
func (b *KopsModelContext) LinkToSecurityGroup(role kops.InstanceGroupRole) *awstasks.SecurityGroup
func (*KopsModelContext) LinkToSubnet ¶
func (b *KopsModelContext) LinkToSubnet(z *kops.ClusterSubnetSpec) *awstasks.Subnet
func (*KopsModelContext) LinkToUtilitySubnetInZone ¶
func (b *KopsModelContext) LinkToUtilitySubnetInZone(zoneName string) (*awstasks.Subnet, error)
func (*KopsModelContext) LinkToVPC ¶
func (b *KopsModelContext) LinkToVPC() *awstasks.VPC
func (*KopsModelContext) MasterInstanceGroups ¶
func (m *KopsModelContext) MasterInstanceGroups() []*kops.InstanceGroup
MasterInstanceGroups returns InstanceGroups with the master role
func (*KopsModelContext) NameForDNSZone ¶
func (b *KopsModelContext) NameForDNSZone() string
func (*KopsModelContext) NamePrivateRouteTableInZone ¶
func (b *KopsModelContext) NamePrivateRouteTableInZone(zoneName string) string
func (*KopsModelContext) NodeInstanceGroups ¶
func (m *KopsModelContext) NodeInstanceGroups() []*kops.InstanceGroup
NodeInstanceGroups returns InstanceGroups with the node role
func (*KopsModelContext) NodePortRange ¶
func (c *KopsModelContext) NodePortRange() (utilnet.PortRange, error)
NodePortRange returns the range of ports allocated to NodePorts
func (*KopsModelContext) SSHKeyName ¶
func (c *KopsModelContext) SSHKeyName() (string, error)
SSHKeyName computes a unique SSH key name, combining the cluster name and the SSH public key fingerprint. If an SSH key name is provided in the cluster configuration, it will use that instead.
func (*KopsModelContext) SecurityGroupName ¶
func (b *KopsModelContext) SecurityGroupName(role kops.InstanceGroupRole) string
func (*KopsModelContext) UseBootstrapTokens ¶
func (m *KopsModelContext) UseBootstrapTokens() bool
UseBootstrapTokens checks if bootstrap tokens are enabled
func (*KopsModelContext) UseEtcdTLS ¶
func (c *KopsModelContext) UseEtcdTLS() bool
UseEtcdTLS checks to see if etcd tls is enabled
func (*KopsModelContext) UseLoadBalancerForAPI ¶
func (m *KopsModelContext) UseLoadBalancerForAPI() bool
UseLoadBalancerForAPI checks if we are using a load balancer for the kubeapi
func (*KopsModelContext) UseLoadBalancerForInternalAPI ¶
func (m *KopsModelContext) UseLoadBalancerForInternalAPI() bool
If true then we will use the created loadbalancer for internal kubelet connections. The intention here is to make connections to apiserver more HA - see https://github.com/kubernetes/kops/issues/4252
func (*KopsModelContext) UsePrivateDNS ¶
func (m *KopsModelContext) UsePrivateDNS() bool
UsePrivateDNS checks if we are using private DNS
func (*KopsModelContext) UsesBastionDns ¶
func (m *KopsModelContext) UsesBastionDns() bool
UsesBastionDns checks if we should use a specific name for the bastion dns
func (*KopsModelContext) UsesSSHBastion ¶
func (m *KopsModelContext) UsesSSHBastion() bool
UsesSSHBastion checks if we have a Bastion in the cluster
func (*KopsModelContext) WellKnownServiceIP ¶
func (c *KopsModelContext) WellKnownServiceIP(id int) (net.IP, error)
type MasterVolumeBuilder ¶
type MasterVolumeBuilder struct { *KopsModelContext Lifecycle *fi.Lifecycle }
MasterVolumeBuilder builds master EBS volumes
func (*MasterVolumeBuilder) Build ¶
func (b *MasterVolumeBuilder) Build(c *fi.ModelBuilderContext) error
type NetworkModelBuilder ¶
type NetworkModelBuilder struct { *KopsModelContext Lifecycle *fi.Lifecycle }
NetworkModelBuilder configures network objects
func (*NetworkModelBuilder) Build ¶
func (b *NetworkModelBuilder) Build(c *fi.ModelBuilderContext) error
type PKIModelBuilder ¶
type PKIModelBuilder struct { *KopsModelContext Lifecycle *fi.Lifecycle }
PKIModelBuilder configures PKI keypairs, as well as tokens
func (*PKIModelBuilder) Build ¶
func (b *PKIModelBuilder) Build(c *fi.ModelBuilderContext) error
Build is responsible for generating the various pki assets.
type SSHKeyModelBuilder ¶
type SSHKeyModelBuilder struct { *KopsModelContext Lifecycle *fi.Lifecycle }
SSHKeyModelBuilder configures SSH objects
func (*SSHKeyModelBuilder) Build ¶
func (b *SSHKeyModelBuilder) Build(c *fi.ModelBuilderContext) error
type SecurityGroupInfo ¶ added in v1.11.0
type SecurityGroupInfo struct { Name string Suffix string Task *awstasks.SecurityGroup }