Documentation ¶
Index ¶
- Constants
- Variables
- func IsValidSecurityListManagementMode(mode string) bool
- func NewConfigurationProvider(cfg *Config) (common.ConfigurationProvider, error)
- func ValidateConfig(c *Config) field.ErrorList
- type AuthConfig
- type Config
- type InitialTags
- type LoadBalancerConfig
- type MetricsConfig
- type RateLimiterConfig
- type TagConfig
Constants ¶
const ( // ManagementModeAll denotes the management of security list rules for load // balancer ingress/egress, health checkers, and worker ingress/egress. ManagementModeAll = "All" // ManagementModeFrontend denotes the management of security list rules for load // balancer ingress only. ManagementModeFrontend = "Frontend" // ManagementModeNone denotes the management of no security list rules. ManagementModeNone = "None" )
Variables ¶
var SecurityListManagementModeChoices = []string{ManagementModeAll, ManagementModeFrontend, ManagementModeNone}
SecurityListManagementModeChoices are the supported security list management modes.
Functions ¶
func IsValidSecurityListManagementMode ¶
IsValidSecurityListManagementMode checks if a given security list management mode is valid.
func NewConfigurationProvider ¶
func NewConfigurationProvider(cfg *Config) (common.ConfigurationProvider, error)
NewConfigurationProvider takes a cloud provider config file and returns an OCI ConfigurationProvider to be consumed by the OCI SDK.
func ValidateConfig ¶
ValidateConfig validates the OCI Cloud Provider config file.
Types ¶
type AuthConfig ¶
type AuthConfig struct { Region string `yaml:"region"` TenancyID string `yaml:"tenancy"` UserID string `yaml:"user"` PrivateKey string `yaml:"key"` Fingerprint string `yaml:"fingerprint"` Passphrase string `yaml:"passphrase"` // Used by the flex driver for OCID expansion. This should be moved to top level // as it doesn't strictly relate to OCI authentication. RegionKey string `yaml:"regionKey"` // UseInstancePrincipals is DEPRECATED should use top-level UseInstancePrincipals UseInstancePrincipals bool `yaml:"useInstancePrincipals"` // CompartmentID is DEPRECATED and should be set on the top level Config // struct. CompartmentID string `yaml:"compartment"` // PrivateKeyPassphrase is DEPRECATED in favour of Passphrase. PrivateKeyPassphrase string `yaml:"key_passphrase"` // contains filtered or unexported fields }
AuthConfig holds the configuration required for communicating with the OCI API.
func (*AuthConfig) Complete ¶
func (c *AuthConfig) Complete()
Complete the authentication config applying defaults / overrides.
type Config ¶
type Config struct { Auth AuthConfig `yaml:"auth"` LoadBalancer *LoadBalancerConfig `yaml:"loadBalancer"` RateLimiter *RateLimiterConfig `yaml:"rateLimiter"` // Metrics collection is enabled when this configuration is provided Metrics *MetricsConfig `yaml:"metrics"` // Tags to be added to managed LB and BV Tags *InitialTags `yaml:"tags"` RegionKey string `yaml:"regionKey"` // When set to true, clients will use an instance principal configuration provider and ignore auth fields. UseInstancePrincipals bool `yaml:"useInstancePrincipals"` // CompartmentID is the OCID of the Compartment within which the cluster // resides. CompartmentID string `yaml:"compartment"` // VCNID is the OCID of the Virtual Cloud Network (VCN) within which the // cluster resides. VCNID string `yaml:"vcn"` // contains filtered or unexported fields }
Config holds the OCI cloud-provider config passed to Kubernetes components via the --cloud-config option.
func ReadConfig ¶
ReadConfig consumes the config Reader and constructs a Config object.
type InitialTags ¶
type InitialTags struct { LoadBalancer *TagConfig `yaml:"loadBalancer"` BlockVolume *TagConfig `yaml:"blockVolume"` FSS *TagConfig `yaml:"fss"` }
InitialTags are optional tags to apply to all LBs, BVs, File systems, Mount Targets and Exports provisioned in the cluster
type LoadBalancerConfig ¶
type LoadBalancerConfig struct { // Disabled disables the creation of a load balancer. Disabled bool `yaml:"disabled"` // DisableSecurityListManagement disables the automatic creation of ingress // rules for the node subnets and egress rules for the load balancers to the node subnets. // // If security list management is disabled, then it requires that the user // has setup a rule that allows inbound traffic to the appropriate ports // for kube proxy health port, node port ranges, and health check port ranges. // E.g. 10.82.0.0/16 30000-32000 DisableSecurityListManagement bool `yaml:"disableSecurityListManagement"` // SecurityListManagementMode defines how the CCM manages security lists // when provisioning load balancers. Available modes are All, Frontend, // and None. SecurityListManagementMode string `yaml:"securityListManagementMode"` Subnet1 string `yaml:"subnet1"` Subnet2 string `yaml:"subnet2"` // SecurityLists defines the Security List to mutate for each Subnet ( // both load balancer and worker). SecurityLists map[string]string `yaml:"securityLists"` }
LoadBalancerConfig holds the configuration options for OCI load balancers.
func (*LoadBalancerConfig) Complete ¶
func (c *LoadBalancerConfig) Complete()
Complete the load balancer config applying defaults / overrides.
type MetricsConfig ¶
type MetricsConfig struct { CompartmentID string `yaml:"compartmentID"` Namespace string `yaml:"namespace"` ResourceGroup string `yaml:"resourceGroup"` // +optional // This prefix is added to all the metric names Prefix string `yaml:"prefix"` }
MetricsConfig holds the configuration for collection metrics which are pushed to OCI Monitoring. More details present at https://docs.cloud.oracle.com/en-us/iaas/Content/Monitoring/Tasks/publishingcustommetrics.htm
type RateLimiterConfig ¶
type RateLimiterConfig struct { RateLimitQPSRead float32 `yaml:"rateLimitQPSRead"` RateLimitBucketRead int `yaml:"rateLimitBucketRead"` //Read? RateLimitQPSWrite float32 `yaml:"rateLimitQPSWrite"` RateLimitBucketWrite int `yaml:"rateLimitBucketWrite"` DisableRateLimiter bool `yaml:"disableRateLimiter"` }
RateLimiterConfig holds the configuration options for OCI rate limiting.