options

package
v0.0.0-...-b2a8ad6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 29, 2017 License: Apache-2.0 Imports: 50 Imported by: 0

Documentation

Overview

package options is the public flags and options used by a generic api server. It takes a minimal set of dependencies and does not reference implementations, in order to ensure it may be reused by multiple components (such as CLI commands that wish to generate or validate config).

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AdmissionOptions 

type AdmissionOptions struct {
	PluginNames []string
	ConfigFile  string
	Plugins     *admission.Plugins
}

AdmissionOptions holds the admission options

func NewAdmissionOptions 

func NewAdmissionOptions() *AdmissionOptions

NewAdmissionOptions creates a new instance of AdmissionOptions Note: In addition it calls RegisterAllAdmissionPlugins to register all generic admission plugins.

func (*AdmissionOptions) AddFlags 

func (a *AdmissionOptions) AddFlags(fs *pflag.FlagSet)

AddFlags adds flags related to admission for a specific APIServer to the specified FlagSet

func (*AdmissionOptions) ApplyTo 

func (a *AdmissionOptions) ApplyTo(serverCfg *server.Config, pluginInitializers ...admission.PluginInitializer) error

ApplyTo adds the admission chain to the server configuration the method lazily initializes a generic plugin that is appended to the list of pluginInitializers note this method uses: 

genericconfig.LoopbackClientConfig
genericconfig.SharedInformerFactory
genericconfig.Authorizer

func (*AdmissionOptions) Validate 

func (a *AdmissionOptions) Validate() []error

type AuditLogOptions 

type AuditLogOptions struct {
	Path       string
	MaxAge     int
	MaxBackups int
	MaxSize    int
	Format     string
}

AuditLogOptions holds the legacy audit log writer. If the AdvancedAuditing feature is enabled, these options determine the output of the structured audit log.

func (*AuditLogOptions) AddFlags 

func (o *AuditLogOptions) AddFlags(fs *pflag.FlagSet)

type AuditOptions 

type AuditOptions struct {
	// Policy configuration file for filtering audit events that are captured.
	// If unspecified, a default is provided.
	PolicyFile string

	LogOptions     AuditLogOptions
	WebhookOptions AuditWebhookOptions
}

func NewAuditOptions 

func NewAuditOptions() *AuditOptions

func (*AuditOptions) AddFlags 

func (o *AuditOptions) AddFlags(fs *pflag.FlagSet)

func (*AuditOptions) ApplyTo 

func (o *AuditOptions) ApplyTo(c *server.Config) error

func (*AuditOptions) Validate 

func (o *AuditOptions) Validate() []error

Validate checks invalid config combination

type AuditWebhookOptions 

type AuditWebhookOptions struct {
	ConfigFile string
	// Should the webhook asynchronous batch events to the webhook backend or
	// should the webhook block responses?
	//
	// Defaults to asynchronous batch events.
	Mode string
}

AuditWebhookOptions control the webhook configuration for audit events.

func (*AuditWebhookOptions) AddFlags 

func (o *AuditWebhookOptions) AddFlags(fs *pflag.FlagSet)

type CertKey 

type CertKey struct {
	// CertFile is a file containing a PEM-encoded certificate, and possibly the complete certificate chain
	CertFile string
	// KeyFile is a file containing a PEM-encoded private key for the certificate specified by CertFile
	KeyFile string
}

type ClientCertAuthenticationOptions 

type ClientCertAuthenticationOptions struct {
	// ClientCA is the certificate bundle for all the signers that you'll recognize for incoming client certificates
	ClientCA string
}

func (*ClientCertAuthenticationOptions) AddFlags 

func (s *ClientCertAuthenticationOptions) AddFlags(fs *pflag.FlagSet)

type DelegatingAuthenticationOptions 

type DelegatingAuthenticationOptions struct {
	// RemoteKubeConfigFile is the file to use to connect to a "normal" kube API server which hosts the
	// TokenAccessReview.authentication.k8s.io endpoint for checking tokens.
	RemoteKubeConfigFile string

	// CacheTTL is the length of time that a token authentication answer will be cached.
	CacheTTL time.Duration

	ClientCert    ClientCertAuthenticationOptions
	RequestHeader RequestHeaderAuthenticationOptions

	SkipInClusterLookup bool
}

DelegatingAuthenticationOptions provides an easy way for composing API servers to delegate their authentication to the root kube API server. The API federator will act as a front proxy and direction connections will be able to delegate to the core kube API server

func NewDelegatingAuthenticationOptions 

func NewDelegatingAuthenticationOptions() *DelegatingAuthenticationOptions

func (*DelegatingAuthenticationOptions) AddFlags 

func (s *DelegatingAuthenticationOptions) AddFlags(fs *pflag.FlagSet)

func (*DelegatingAuthenticationOptions) ApplyTo 

func (s *DelegatingAuthenticationOptions) ApplyTo(c *server.Config) error

func (*DelegatingAuthenticationOptions) ToAuthenticationConfig 

func (s *DelegatingAuthenticationOptions) ToAuthenticationConfig() (authenticatorfactory.DelegatingAuthenticatorConfig, error)

func (*DelegatingAuthenticationOptions) Validate 

func (s *DelegatingAuthenticationOptions) Validate() []error

type DelegatingAuthorizationOptions 

type DelegatingAuthorizationOptions struct {
	// RemoteKubeConfigFile is the file to use to connect to a "normal" kube API server which hosts the
	// SubjectAccessReview.authorization.k8s.io endpoint for checking tokens.
	RemoteKubeConfigFile string

	// AllowCacheTTL is the length of time that a successful authorization response will be cached
	AllowCacheTTL time.Duration

	// DenyCacheTTL is the length of time that an unsuccessful authorization response will be cached.
	// You generally want more responsive, "deny, try again" flows.
	DenyCacheTTL time.Duration
}

DelegatingAuthorizationOptions provides an easy way for composing API servers to delegate their authorization to the root kube API server

func NewDelegatingAuthorizationOptions 

func NewDelegatingAuthorizationOptions() *DelegatingAuthorizationOptions

func (*DelegatingAuthorizationOptions) AddFlags 

func (s *DelegatingAuthorizationOptions) AddFlags(fs *pflag.FlagSet)

func (*DelegatingAuthorizationOptions) ApplyTo 

func (s *DelegatingAuthorizationOptions) ApplyTo(c *server.Config) error

func (*DelegatingAuthorizationOptions) ToAuthorizationConfig 

func (s *DelegatingAuthorizationOptions) ToAuthorizationConfig() (authorizerfactory.DelegatingAuthorizerConfig, error)

func (*DelegatingAuthorizationOptions) Validate 

func (s *DelegatingAuthorizationOptions) Validate() []error

type EtcdOptions 

type EtcdOptions struct {
	StorageConfig                    storagebackend.Config
	EncryptionProviderConfigFilepath string

	EtcdServersOverrides []string

	// To enable protobuf as storage format, it is enough
	// to set it to "application/vnd.kubernetes.protobuf".
	DefaultStorageMediaType string
	DeleteCollectionWorkers int
	EnableGarbageCollection bool

	// Set EnableWatchCache to false to disable all watch caches
	EnableWatchCache bool
	// Set DefaultWatchCacheSize to zero to disable watch caches for those resources that have no explicit cache size set
	DefaultWatchCacheSize int
}

func NewEtcdOptions 

func NewEtcdOptions(backendConfig *storagebackend.Config) *EtcdOptions

func (*EtcdOptions) AddFlags 

func (s *EtcdOptions) AddFlags(fs *pflag.FlagSet)

AddEtcdFlags adds flags related to etcd storage for a specific APIServer to the specified FlagSet

func (*EtcdOptions) ApplyTo 

func (s *EtcdOptions) ApplyTo(c *server.Config) error

func (*EtcdOptions) ApplyWithStorageFactoryTo 

func (s *EtcdOptions) ApplyWithStorageFactoryTo(factory serverstorage.StorageFactory, c *server.Config) error

func (*EtcdOptions) Validate 

func (s *EtcdOptions) Validate() []error

type FeatureOptions 

type FeatureOptions struct {
	EnableProfiling           bool
	EnableContentionProfiling bool
	EnableSwaggerUI           bool
}

func NewFeatureOptions 

func NewFeatureOptions() *FeatureOptions

func (*FeatureOptions) AddFlags 

func (o *FeatureOptions) AddFlags(fs *pflag.FlagSet)

func (*FeatureOptions) ApplyTo 

func (o *FeatureOptions) ApplyTo(c *server.Config) error

func (*FeatureOptions) Validate 

func (o *FeatureOptions) Validate() []error

type GeneratableKeyCert 

type GeneratableKeyCert struct {
	CertKey CertKey

	// CACertFile is an optional file containing the certificate chain for CertKey.CertFile
	CACertFile string
	// CertDirectory is a directory that will contain the certificates.  If the cert and key aren't specifically set
	// this will be used to derive a match with the "pair-name"
	CertDirectory string
	// PairName is the name which will be used with CertDirectory to make a cert and key names
	// It becomes CertDirector/PairName.crt and CertDirector/PairName.key
	PairName string
}

type RecommendedOptions 

type RecommendedOptions struct {
	Etcd           *EtcdOptions
	SecureServing  *SecureServingOptions
	Authentication *DelegatingAuthenticationOptions
	Authorization  *DelegatingAuthorizationOptions
	Audit          *AuditOptions
	Features       *FeatureOptions
}

RecommendedOptions contains the recommended options for running an API server If you add something to this list, it should be in a logical grouping

func NewRecommendedOptions 

func NewRecommendedOptions(prefix string, copier runtime.ObjectCopier, codec runtime.Codec) *RecommendedOptions

func (*RecommendedOptions) AddFlags 

func (o *RecommendedOptions) AddFlags(fs *pflag.FlagSet)

func (*RecommendedOptions) ApplyTo 

func (o *RecommendedOptions) ApplyTo(config *server.Config) error

func (*RecommendedOptions) Validate 

func (o *RecommendedOptions) Validate() []error

type RequestHeaderAuthenticationOptions 

type RequestHeaderAuthenticationOptions struct {
	UsernameHeaders     []string
	GroupHeaders        []string
	ExtraHeaderPrefixes []string
	ClientCAFile        string
	AllowedNames        []string
}

func (*RequestHeaderAuthenticationOptions) AddFlags 

func (s *RequestHeaderAuthenticationOptions) AddFlags(fs *pflag.FlagSet)

func (*RequestHeaderAuthenticationOptions) ToAuthenticationRequestHeaderConfig 

func (s *RequestHeaderAuthenticationOptions) ToAuthenticationRequestHeaderConfig() *authenticatorfactory.RequestHeaderConfig

ToAuthenticationRequestHeaderConfig returns a RequestHeaderConfig config object for these options if necessary, nil otherwise.

type SecureServingOptions 

type SecureServingOptions struct {
	BindAddress net.IP
	BindPort    int

	// ServerCert is the TLS cert info for serving secure traffic
	ServerCert GeneratableKeyCert
	// SNICertKeys are named CertKeys for serving secure traffic with SNI support.
	SNICertKeys []utilflag.NamedCertKey
	// contains filtered or unexported fields
}

func NewSecureServingOptions 

func NewSecureServingOptions() *SecureServingOptions

func (*SecureServingOptions) AddDeprecatedFlags 

func (s *SecureServingOptions) AddDeprecatedFlags(fs *pflag.FlagSet)

func (*SecureServingOptions) AddFlags 

func (s *SecureServingOptions) AddFlags(fs *pflag.FlagSet)

func (*SecureServingOptions) ApplyTo 

func (s *SecureServingOptions) ApplyTo(c *server.Config) error

ApplyTo fills up serving information in the server configuration.

func (*SecureServingOptions) DefaultExternalAddress 

func (s *SecureServingOptions) DefaultExternalAddress() (net.IP, error)

func (*SecureServingOptions) ForceLoopbackConfigUsage 

func (s *SecureServingOptions) ForceLoopbackConfigUsage()

ForceLoopbackConfigUsage forces the usage of the loopback configuration to create SharedInformerFactory. The primary client of this method is kube API server, no other API server is the source of truth for kube APIs.

Note: this method MUST be called prior to ApplyTo to take an effect.

func (*SecureServingOptions) MaybeDefaultWithSelfSignedCerts 

func (s *SecureServingOptions) MaybeDefaultWithSelfSignedCerts(publicAddress string, alternateDNS []string, alternateIPs []net.IP) error

func (*SecureServingOptions) Validate 

func (s *SecureServingOptions) Validate() []error

type ServerRunOptions 

type ServerRunOptions struct {
	AdvertiseAddress net.IP

	CorsAllowedOriginList       []string
	ExternalHost                string
	MaxRequestsInFlight         int
	MaxMutatingRequestsInFlight int
	RequestTimeout              time.Duration
	MinRequestTimeout           int
	TargetRAMMB                 int
	WatchCacheSizes             []string
}

ServerRunOptions contains the options while running a generic api server.

func NewServerRunOptions 

func NewServerRunOptions() *ServerRunOptions

func (*ServerRunOptions) AddUniversalFlags 

func (s *ServerRunOptions) AddUniversalFlags(fs *pflag.FlagSet)

AddFlags adds flags for a specific APIServer to the specified FlagSet

func (*ServerRunOptions) ApplyTo 

func (s *ServerRunOptions) ApplyTo(c *server.Config) error

ApplyOptions applies the run options to the method receiver and returns self

func (*ServerRunOptions) DefaultAdvertiseAddress 

func (s *ServerRunOptions) DefaultAdvertiseAddress(secure *SecureServingOptions) error

DefaultAdvertiseAddress sets the field AdvertiseAddress if unset. The field will be set based on the SecureServingOptions.

func (*ServerRunOptions) Validate 

func (s *ServerRunOptions) Validate() []error

Validate checks validation of ServerRunOptions

type SimpleRestOptionsFactory 

type SimpleRestOptionsFactory struct {
	Options EtcdOptions
}

func (*SimpleRestOptionsFactory) GetRESTOptions 

func (f *SimpleRestOptionsFactory) GetRESTOptions(resource schema.GroupResource) (generic.RESTOptions, error)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.