install

package

v1.3.0 Latest Latest Go to latest Published: Dec 13, 2024 License: Apache-2.0 Imports: 41 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubearmor/kubearmor-client

Documentation ¶

Overview ¶

Package install is responsible for installation and uninstallation of KubeArmor while autogenerating the configuration

Index ¶

Variables
func CreateCustomResourceDefinition(crdName string) apiextensions.CustomResourceDefinition
func GenerateCA() (*x509.Certificate, *rsa.PrivateKey, error)
func GenerateCSR(namespace string, serviceName string) (*x509.Certificate, *rsa.PrivateKey, error)
func GeneratePki(namespace string, serviceName string) (*bytes.Buffer, *bytes.Buffer, *bytes.Buffer, error)
func K8sInstaller(c *k8s.Client, o Options) error
func K8sLegacyInstaller(c *k8s.Client, o Options) error
func K8sLegacyUninstaller(c *k8s.Client, o Options) error
func K8sUninstaller(c *k8s.Client, o Options) error
func SignCSR(caCrt *x509.Certificate, caKey *rsa.PrivateKey, csrCrt *x509.Certificate, ...) ([]byte, error)
func UpdateImageRegistry(registry, image string, preserveUpstream bool) string
type Options

Constants ¶

This section is empty.

Variables ¶

View Source

var KubeArmorClusterRoleBindingName = "kubearmor-clusterrolebinding"

View Source

var KubeArmorClusterRoleName = "kubearmor-clusterrole"

View Source

var KubeArmorControllerClusterRoleBindingName = "kubearmor-controller-clusterrolebinding"

View Source

var KubeArmorControllerClusterRoleName = "kubearmor-controller-clusterrole"

View Source

var KubeArmorControllerProxyClusterRoleBindingName = "kubearmor-controller-proxy-rolebinding"

View Source

var KubeArmorControllerProxyClusterRoleName = "kubearmor-controller-proxy-role"

View Source

var KubeArmorOperatorClusterRoleBindingName = "kubearmor-operator-clusterrole-binding"

View Source

var KubeArmorOperatorClusterRoleName = "kubearmor-operator-clusterrole"

View Source

var KubeArmorOperatorManageClusterRoleBindingName = "kubearmor-operator-manage-kubearmor-clusterrole-binding"

View Source

var KubeArmorOperatorManageClusterRoleName = "kubearmor-operator-manage-kubearmor-clusterrole"

View Source

var KubeArmorOperatorManageControllerClusterRoleBindingName = "kubearmor-operator-manage-controller-clusterrole-binding"

View Source

var KubeArmorOperatorManageControllerClusterRoleName = "kubearmor-operator-manage-controller-clusterrole"

View Source

var KubeArmorSnitchClusterRoleName = "kubearmor-snitch"

View Source

var KubeArmorSnitchClusterroleBindingName = "kubearmor-snitch-binding"

View Source

var RelayClusterRoleBindingName = "kubearmor-relay-clusterrolebinding"

View Source

var RelayClusterRoleName = "kubearmor-relay-clusterrole"

Functions ¶

func CreateCustomResourceDefinition ¶

func CreateCustomResourceDefinition(crdName string) apiextensions.CustomResourceDefinition

CreateCustomResourceDefinition creates the CRD and add it into Kubernetes.

func GenerateCA ¶ added in v0.7.4

func GenerateCA() (*x509.Certificate, *rsa.PrivateKey, error)

GenerateCA - generate private key and a cert for a CA

func GenerateCSR ¶ added in v0.7.4

func GenerateCSR(namespace string, serviceName string) (*x509.Certificate, *rsa.PrivateKey, error)

GenerateCSR - generate certificate signing request

func GeneratePki ¶ added in v0.7.4

func GeneratePki(namespace string, serviceName string) (*bytes.Buffer, *bytes.Buffer, *bytes.Buffer, error)

GeneratePki - generate pub/priv keypair

func K8sInstaller ¶

func K8sInstaller(c *k8s.Client, o Options) error

K8sInstaller using operator for karmor

func K8sLegacyInstaller ¶ added in v1.2.0

func K8sLegacyInstaller(c *k8s.Client, o Options) error

K8sInstaller for karmor install

func K8sLegacyUninstaller ¶ added in v1.2.0

func K8sLegacyUninstaller(c *k8s.Client, o Options) error

func K8sUninstaller ¶

func K8sUninstaller(c *k8s.Client, o Options) error

K8sUninstaller for karmor uninstall

func SignCSR ¶ added in v0.7.4

func SignCSR(caCrt *x509.Certificate, caKey *rsa.PrivateKey, csrCrt *x509.Certificate, csrKey *rsa.PrivateKey) ([]byte, error)

SignCSR - signs a certificate signing request essentially approving it using the given CA

func UpdateImageRegistry ¶ added in v1.1.0

func UpdateImageRegistry(registry, image string, preserveUpstream bool) string

UpdateImageRegistry will update the registry address of the image

Types ¶

type Options ¶

type Options struct {
	Namespace              string
	InitImage              string
	KubearmorImage         string
	ControllerImage        string
	OperatorImage          string
	RelayImage             string
	ImageRegistry          string
	Audit                  string
	Block                  string
	Visibility             string
	Force                  bool
	Local                  bool
	Save                   bool
	Verify                 bool
	Legacy                 bool
	SkipDeploy             bool
	KubeArmorTag           string
	KubeArmorRelayTag      string
	KubeArmorControllerTag string
	KubeArmorOperatorTag   string
	PreserveUpstream       bool
	Env                    envOption
	AlertThrottling        bool
	MaxAlertPerSec         int32
	ThrottleSec            int32
}

Options for karmor install

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL