authentication

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 19, 2022 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenKubeConfig 

func GenKubeConfig(filePath, url, caCert, clientCert, clientKey string) error

Types

type KineAuthentication 

type KineAuthentication struct {
	KineCertDir string
	BindAddress string
	CACert      string
	CAKey       string
	ServerCert  string
	Serverkey   string
	ClientCert  string
	Clientkey   string
}

func NewKineAuthentication 

func NewKineAuthentication(rootCertPath string, bindAddress string) *KineAuthentication

func (*KineAuthentication) GenerateOrSkip 

func (kine *KineAuthentication) GenerateOrSkip() error

func (*KineAuthentication) QueryRemoteDNSNames 

func (kine *KineAuthentication) QueryRemoteDNSNames() []string

func (*KineAuthentication) QueryRemoteIps 

func (kine *KineAuthentication) QueryRemoteIps() []net.IP

type KubernetesAuthentication 

type KubernetesAuthentication struct {
	KubectlPath               string
	ApiserverEndpoint         string
	ApiserverEndpointIp       string
	ApiserverEndpointPort     uint16
	ApiServerServiceIP        string
	ServiceClusterIpRange     string
	KubernetesRootDir         string
	KubernetesCertDir         string
	KubernetesTLSDir          string
	KubernetesKubeDir         string
	RequestheaderAllowedNames string

	ServiceKeyPair string

	// apiserver as server:
	// --------------------start-------------------
	ApiserverValidateClientsCA    string
	ApiserverValidateClientsCAKey string
	ClusterValidateServerCA       string
	ClusterValidateServerCAKey    string
	ApiserverServerCert           string
	ApiserverServerKey            string
	// clients to access apiserver
	// admin
	AdminClientCert string
	AdminClientKey  string
	KubeConfigAdmin string
	// controller
	ControllerClientCert string
	ControllerClientKey  string
	KubeConfigController string
	// cloud-controller
	// ClientCloudControllerCert string
	// ClientCloudControllerKey string
	// KubeConfigCloudController string
	// scheduler
	SchedulerClientCert string
	SchedulerClientKey  string
	KubeConfigScheduler string
	// kube-proxy
	KubeProxyClientCert string
	KubeProxyClientKey  string
	// litekube
	LitekubeControllerClientCert string
	LitekubeControllerClientKey  string

	// apiserver as client:
	// --------------------start-------------------
	// apiserver as client to external-aggregation-apiserver
	ApiserverRequestHeaderCA     string
	ApiserverRequestHeaderCAKey  string
	ApiserverClientAuthProxyCert string
	ApiserverClientAuthProxyKey  string
	// apiserver as client to kubelet
	KubeletValidateApiserverClientCA    string
	KubeletValidateApiserverClientCAKey string
	ApiserverValidateKubeletServerCA    string
	ApiserverValidateKubeletServerCAKey string
	ApiserverClientKubeletCert          string
	ApiserverClientKubeletKey           string
	KubeConfigApiserverToKubelet        string

	TokenAuthFile string

	ClientKubeletKey  string
	ServingKubeletKey string

	IPSECKey   string
	PasswdFile string

	NodePasswdFile string
}

func NewKubernetesAuthentication 

func NewKubernetesAuthentication(rootCertPath string, opt *apiserver.ApiserverOptions) *KubernetesAuthentication

func (*KubernetesAuthentication) GenerateOrSkip 

func (na *KubernetesAuthentication) GenerateOrSkip() error

generate all certificates for kubernetes to start

type NetworkControllerAuthentication 

type NetworkControllerAuthentication struct {
	ManagerCertDir         string
	NetworkControllerDir   string
	RegisterManagerCertDir string
	RegisterBindAddress    string
	RegisterCACert         string
	RegisterCAKey          string
	RegisterServerCert     string
	RegisterServerkey      string
	RegisterClientCert     string
	RegisterClientkey      string

	JoinManagerCertDir string
	JoinBindAddress    string
	JoinCACert         string
	JoinCAKey          string
	JoinServerCert     string
	JoinServerkey      string
	JoinClientCert     string
	JoinClientkey      string
}

func NewNetworkControllerAuthentication 

func NewNetworkControllerAuthentication(workDir string, rootCertPath string, registerBindAddress, joinBindAddress string) *NetworkControllerAuthentication

func (*NetworkControllerAuthentication) GenerateOrSkip 

func (na *NetworkControllerAuthentication) GenerateOrSkip() error

generate X.509 certificate for network-manager

func (*NetworkControllerAuthentication) QueryRemoteDNSNames 

func (na *NetworkControllerAuthentication) QueryRemoteDNSNames() []string

func (*NetworkControllerAuthentication) QueryRemoteIps 

func (na *NetworkControllerAuthentication) QueryRemoteIps() []net.IP

type NetworkControllerClientAuthentication 

type NetworkControllerClientAuthentication struct {
	ManagerRootCertPath    string
	ManagerCertDir         string
	RegisterManagerCertDir string
	RegisterAddress        *string // value only tls-bootstrap without init
	RegisterPort           *uint16 // value only tls-bootstrap without init
	RegisterCACert         string
	RegisterClientCert     string
	RegisterClientkey      string
	JoinManagerCertDir     string
	JoinAddress            *string // value only tls-bootstrap without init
	JoinPort               *uint16 // value only tls-bootstrap without init
	JoinCACert             string
	JoinClientCert         string
	JoinClientkey          string
	Token                  string
	NodeToken              string
	InfoPath               string
}

func NewControllerClientAuthentication 

func NewControllerClientAuthentication(rootCertPath string, token string, registerAddress *string, registerPort *uint16, joinAddress *string, joinPort *uint16) *NetworkControllerClientAuthentication

func (*NetworkControllerClientAuthentication) Check 

func (na *NetworkControllerClientAuthentication) Check() bool

func (*NetworkControllerClientAuthentication) CreatelinkForClient 

func (na *NetworkControllerClientAuthentication) CreatelinkForClient() error

func (*NetworkControllerClientAuthentication) GenerateOrSkip 

func (na *NetworkControllerClientAuthentication) GenerateOrSkip() error

generate X.509 certificate for network-manager

func (*NetworkControllerClientAuthentication) LoadInfo 

func (na *NetworkControllerClientAuthentication) LoadInfo() error

func (*NetworkControllerClientAuthentication) Nodetoken 

func (na *NetworkControllerClientAuthentication) Nodetoken() (string, error)

func (*NetworkControllerClientAuthentication) TLSBootStrap 

func (na *NetworkControllerClientAuthentication) TLSBootStrap(address string, port int, bootstrapToken string) error

download certificates and get node-token from network manager

type RemoteHostInfo 

type RemoteHostInfo struct {
	RegisterAddress string // value only tls-bootstrap without init
	RegisterPort    uint16 // value only tls-bootstrap without init
	JoinAddress     string // value only tls-bootstrap without init
	JoinPort        uint16 // value only tls-bootstrap without init
	NodeToken       string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.