Documentation
¶
Index ¶
- Constants
- func CreateRecertConfigFile(seedReconfig *seedreconfig.SeedReconfiguration, ...) error
- func CreateRecertConfigFileForSeedCreation(path string, withPassword bool) error
- func CreateRecertConfigFileForSeedRestoration(path, originalPasswordHash string) error
- func FormatRecertProxyFromSeedReconfigProxy(proxy, statusProxy *seedreconfig.Proxy) string
- func SetRecertTrustedCaBundleFromSeedReconfigAdditionaTrustBundle(recertConfig *RecertConfig, ...) error
- type RecertConfig
Constants ¶
View Source
const ( RecertConfigFile = "recert_config.json" SummaryFile = "/var/tmp/recert-summary.yaml" )
View Source
const ( EtcMount = "/host-etc" EtcSSHMount = "/ssh" EtcKubernetesMount = "/kubernetes" VarLibKubeletMount = "/kubelet" EtcMachineConfigDaemonMount = "/machine-config-daemon" EtcPKIMount = "/pki" )
Variables ¶
This section is empty.
Functions ¶
func CreateRecertConfigFile ¶
func CreateRecertConfigFile(seedReconfig *seedreconfig.SeedReconfiguration, seedClusterInfo *seedclusterinfo.SeedClusterInfo, cryptoDir, recertConfigFolder string) error
CreateRecertConfigFile function to create recert config file those params will be provided to an installation script after reboot that will run recert command with them
func FormatRecertProxyFromSeedReconfigProxy ¶
func FormatRecertProxyFromSeedReconfigProxy(proxy, statusProxy *seedreconfig.Proxy) string
func SetRecertTrustedCaBundleFromSeedReconfigAdditionaTrustBundle ¶
func SetRecertTrustedCaBundleFromSeedReconfigAdditionaTrustBundle(recertConfig *RecertConfig, additionalTrustBundle seedreconfig.AdditionalTrustBundle) error
Types ¶
type RecertConfig ¶
type RecertConfig struct {
DryRun bool `json:"dry_run,omitempty"`
ExtendExpiration bool `json:"extend_expiration,omitempty"`
ForceExpire bool `json:"force_expire,omitempty"`
EtcdEndpoint string `json:"etcd_endpoint,omitempty"`
ClusterRename string `json:"cluster_rename,omitempty"`
Hostname string `json:"hostname,omitempty"`
IP string `json:"ip,omitempty"`
Proxy string `json:"proxy,omitempty"`
InstallConfig string `json:"install_config,omitempty"`
UserCaBundle string `json:"user_ca_bundle,omitempty"`
ProxyTrustedCaBundle string `json:"proxy_trusted_ca_bundle,omitempty"`
// We intentionally don't omitEmpty this field because an empty string here
// means "delete the kubeadmin password secret" while a complete omission
// of the field means "don't touch the secret". We never want the latter,
// we either want to delete the secret or update it, never leave it as is.
KubeadminPasswordHash string `json:"kubeadmin_password_hash"`
// WARNING: You probably don't want use `SummaryFile`! This will leak
// private keys and tokens!
SummaryFile string `json:"summary_file,omitempty"`
SummaryFileClean string `json:"summary_file_clean,omitempty"`
CryptoDirs []string `json:"crypto_dirs,omitempty"`
CryptoFiles []string `json:"crypto_files,omitempty"`
ClusterCustomizationDirs []string `json:"cluster_customization_dirs,omitempty"`
ClusterCustomizationFiles []string `json:"cluster_customization_files,omitempty"`
CNSanReplaceRules []string `json:"cn_san_replace_rules,omitempty"`
UseKeyRules []string `json:"use_key_rules,omitempty"`
UseCertRules []string `json:"use_cert_rules,omitempty"`
PullSecret string `json:"pull_secret,omitempty"`
ChronyConfig string `json:"chrony_config,omitempty"`
RegenerateServerSSHKeys string `json:"regenerate_server_ssh_keys,omitempty"`
EtcdDefrag bool `json:"etcd_defrag,omitempty"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.