apiserver

package

v2.14.11+incompatible Latest Latest Go to latest Published: Mar 11, 2021 License: Apache-2.0 Imports: 32 Imported by: 121

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubermatic/kubermatic

Links

Open Source Insights

Documentation ¶

Index ¶

func AdmissionControlCreator(data *resources.TemplateData) reconciling.NamedConfigMapCreatorGetter
func AuditConfigMapCreator() reconciling.NamedConfigMapCreatorGetter
func DeploymentCreator(data *resources.TemplateData, enableOIDCAuthentication bool) reconciling.NamedDeploymentCreatorGetter
func DexCACertificateCreator(getDexCA func() ([]*x509.Certificate, error)) reconciling.NamedSecretCreatorGetter
func EtcdClientCertificateCreator(data etcdClientCertificateCreatorData) reconciling.NamedSecretCreatorGetter
func ExternalServiceCreator(exposeStrategy corev1.ServiceType) reconciling.NamedServiceCreatorGetter
func FrontProxyClientCertificateCreator(data frontProxyClientCertificateCreatorData) reconciling.NamedSecretCreatorGetter
func GetEnvVars(data kubeAPIServerEnvData) ([]corev1.EnvVar, error)
func InternalServiceCreator() reconciling.NamedServiceCreatorGetter
func IsRunningWrapper(data isRunningInitContainerData, spec corev1.PodSpec, ...) (*corev1.PodSpec, error)
func KubeletClientCertificateCreator(data kubeletClientCertificateCreatorData) reconciling.NamedSecretCreatorGetter
func PodDisruptionBudgetCreator() reconciling.NamedPodDisruptionBudgetCreatorGetter
func ServiceAccountKeyCreator() reconciling.NamedSecretCreatorGetter
func TLSServingCertificateCreator(data tlsServingCertCreatorData) reconciling.NamedSecretCreatorGetter
func TokenUsersCreator(data *resources.TemplateData) reconciling.NamedSecretCreatorGetter
func TokenViewerCreator() reconciling.NamedSecretCreatorGetter
type AdmissionConfiguration
type AdmissionPluginConfiguration

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AdmissionControlCreator ¶

func AdmissionControlCreator(data *resources.TemplateData) reconciling.NamedConfigMapCreatorGetter

func AuditConfigMapCreator ¶

func AuditConfigMapCreator() reconciling.NamedConfigMapCreatorGetter

func DeploymentCreator ¶

func DeploymentCreator(data *resources.TemplateData, enableOIDCAuthentication bool) reconciling.NamedDeploymentCreatorGetter

DeploymentCreator returns the function to create and update the API server deployment

func DexCACertificateCreator ¶

func DexCACertificateCreator(getDexCA func() ([]*x509.Certificate, error)) reconciling.NamedSecretCreatorGetter

DexCACertificateCreator returns a function to create/update the secret with the certificate for TLS verification against dex

func EtcdClientCertificateCreator ¶

func EtcdClientCertificateCreator(data etcdClientCertificateCreatorData) reconciling.NamedSecretCreatorGetter

EtcdClientCertificateCreator returns a function to create/update the secret with the client certificate for authenticating against etcd

func ExternalServiceCreator ¶

func ExternalServiceCreator(exposeStrategy corev1.ServiceType) reconciling.NamedServiceCreatorGetter

ExternalServiceCreator returns the function to reconcile the external API server service

func FrontProxyClientCertificateCreator ¶

func FrontProxyClientCertificateCreator(data frontProxyClientCertificateCreatorData) reconciling.NamedSecretCreatorGetter

FrontProxyClientCertificateCreator returns a function to create/update the secret with the client certificate for authenticating against extension apiserver

func GetEnvVars ¶

func GetEnvVars(data kubeAPIServerEnvData) ([]corev1.EnvVar, error)

func InternalServiceCreator ¶

func InternalServiceCreator() reconciling.NamedServiceCreatorGetter

InternalServiceCreator returns the function to reconcile the internal API server service

func IsRunningWrapper ¶

func IsRunningWrapper(data isRunningInitContainerData, spec corev1.PodSpec, containersToWrap sets.String, crdsToWaitFor ...string) (*corev1.PodSpec, error)

IsRunningWrapper wraps the named containers in the pod with a check if the API server is reachable. This is achieved by copying a `http-prober` binary via an init container into an emptyDir volume, then mounting that volume onto all named containers and replacing the command with a call to the `http-prober` binary. The http prober binary gets the original command as serialized string and does an syscall.Exec onto it once the apiserver became reachable

func KubeletClientCertificateCreator ¶

func KubeletClientCertificateCreator(data kubeletClientCertificateCreatorData) reconciling.NamedSecretCreatorGetter

KubeletClientCertificateCreator returns a function to create/update a secret with the client certificate for the apiserver -> kubelet connection.

func PodDisruptionBudgetCreator ¶

func PodDisruptionBudgetCreator() reconciling.NamedPodDisruptionBudgetCreatorGetter

PodDisruptionBudgetCreator returns a func to create/update the apiserver PodDisruptionBudget

func ServiceAccountKeyCreator ¶

func ServiceAccountKeyCreator() reconciling.NamedSecretCreatorGetter

ServiceAccountKeyCreator returns a function to create/update a secret with the ServiceAccount key

func TLSServingCertificateCreator ¶

func TLSServingCertificateCreator(data tlsServingCertCreatorData) reconciling.NamedSecretCreatorGetter

TLSServingCertificateCreator returns a function to create/update the secret with the apiserver tls certificate used to serve https

func TokenUsersCreator ¶

func TokenUsersCreator(data *resources.TemplateData) reconciling.NamedSecretCreatorGetter

TokenUsers returns a secret containing the tokens csv

func TokenViewerCreator ¶

func TokenViewerCreator() reconciling.NamedSecretCreatorGetter

TokenViewerCreator returns a secret containing the viewer token

Types ¶

type AdmissionConfiguration ¶

type AdmissionConfiguration struct {
	Kind string `yaml:"kind,omitempty"`

	APIVersion string `yaml:"apiVersion,omitempty"`

	// Plugins allows specifying a configuration per admission control plugin.
	Plugins []AdmissionPluginConfiguration `yaml:"plugins,omitempty"`
}

AdmissionConfiguration provides versioned configuration for admission controllers.

type AdmissionPluginConfiguration ¶

type AdmissionPluginConfiguration struct {
	// Name is the name of the admission controller.
	// It must match the registered admission plugin name.
	Name string `yaml:"name"`

	// Path is the path to a configuration file that contains the plugin's
	// configuration
	Path string `yaml:"path"`
}

AdmissionPluginConfiguration provides the configuration for a single plug-in.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL