Documentation ¶
Overview ¶
Package origin provides objects for creating an OpenShift Origin server
Index ¶
- Constants
- Variables
- func BuildSessionAuth(secure bool, config *configapi.SessionConfig) (*session.Authenticator, error)
- func CreateOrUpdateDefaultOAuthClients(masterPublicAddr string, assetPublicAddresses []string, ...)
- func NewEtcdHelper(client *etcdclient.Client, version, prefix string) (oshelper tools.EtcdHelper, err error)
- func OpenShiftOAuthAuthorizeURL(masterAddr string) string
- func OpenShiftOAuthTokenRequestURL(masterAddr string) string
- func OpenShiftOAuthTokenURL(masterAddr string) string
- type APIInstallFunc
- type APIInstaller
- type AssetConfig
- type AuthConfig
- type MasterConfig
- func (c *MasterConfig) BuildControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) BuildLogClient() *kclient.Client
- func (c *MasterConfig) DNSServerClient() *kclient.Client
- func (c *MasterConfig) DeployerClientConfig() *kclient.Config
- func (c *MasterConfig) DeploymentClient() *kclient.Client
- func (c *MasterConfig) DeploymentConfigChangeControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) DeploymentConfigControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) DeploymentControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) DeploymentImageChangeControllerClient() *osclient.Client
- func (c *MasterConfig) ImageChangeControllerClient() *osclient.Client
- func (c *MasterConfig) ImageImportControllerClient() *osclient.Client
- func (c *MasterConfig) InstallProtectedAPI(container *restful.Container) []string
- func (c *MasterConfig) InstallUnprotectedAPI(container *restful.Container) []string
- func (c *MasterConfig) KubeClient() *kclient.Client
- func (c *MasterConfig) OriginNamespaceControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) PolicyClient() *osclient.Client
- func (c *MasterConfig) RouteAllocator() *routeallocationcontroller.RouteAllocationController
- func (c *MasterConfig) Run(protected []APIInstaller, unprotected []APIInstaller)
- func (c *MasterConfig) RunAssetServer()
- func (c *MasterConfig) RunBuildController()
- func (c *MasterConfig) RunBuildImageChangeTriggerController()
- func (c *MasterConfig) RunBuildPodController()
- func (c *MasterConfig) RunDNSServer()
- func (c *MasterConfig) RunDeployerPodController()
- func (c *MasterConfig) RunDeploymentConfigChangeController()
- func (c *MasterConfig) RunDeploymentConfigController()
- func (c *MasterConfig) RunDeploymentController() error
- func (c *MasterConfig) RunDeploymentImageChangeTriggerController()
- func (c *MasterConfig) RunImageImportController()
- func (c *MasterConfig) RunOriginNamespaceController()
- func (c *MasterConfig) RunPolicyCache()
- func (c *MasterConfig) RunProjectAuthorizationCache()
- func (c *MasterConfig) RunProjectCache()
- func (c *MasterConfig) RunSDNController()
- func (c *MasterConfig) RunServiceAccountTokensController()
- func (c *MasterConfig) RunServiceAccountsController()
- func (c *MasterConfig) SdnClient() *osclient.Client
- func (c *MasterConfig) WebHookClient() *osclient.Client
Constants ¶
const ( OpenShiftOAuthAPIPrefix = "/oauth" OpenShiftLoginPrefix = "/login" OpenShiftApprovePrefix = "/oauth/approve" OpenShiftOAuthCallbackPrefix = "/oauth2callback" OpenShiftWebConsoleClientID = "openshift-web-console" )
const ( OpenShiftAPIPrefix = "/osapi" // TODO: make configurable KubernetesAPIPrefix = "/api" // TODO: make configurable OpenShiftAPIV1Beta1 = "v1beta1" OpenShiftAPIV1Beta3 = "v1beta3" OpenShiftAPIV1 = "v1" OpenShiftAPIPrefixV1Beta1 = OpenShiftAPIPrefix + "/" + OpenShiftAPIV1Beta1 OpenShiftAPIPrefixV1Beta3 = OpenShiftAPIPrefix + "/" + OpenShiftAPIV1Beta3 OpenShiftAPIPrefixV1 = "/oapi" + "/" + OpenShiftAPIV1 OpenShiftRouteSubdomain = "router.default.local" )
Variables ¶
var ( OSWebConsoleClientBase = oauthapi.OAuthClient{ ObjectMeta: kapi.ObjectMeta{ Name: OpenShiftWebConsoleClientID, }, Secret: uuid.New(), } // OSBrowserClientBase is used as a skeleton for building a Client. We can't set the allowed redirecturis because we don't yet know the host:port of the auth server OSBrowserClientBase = oauthapi.OAuthClient{ ObjectMeta: kapi.ObjectMeta{ Name: "openshift-browser-client", }, Secret: uuid.New(), } OSCliClientBase = oauthapi.OAuthClient{ ObjectMeta: kapi.ObjectMeta{ Name: "openshift-challenging-client", }, Secret: uuid.New(), RespondWithChallenges: true, } )
Functions ¶
func BuildSessionAuth ¶ added in v0.4.3
func BuildSessionAuth(secure bool, config *configapi.SessionConfig) (*session.Authenticator, error)
func CreateOrUpdateDefaultOAuthClients ¶ added in v0.2.1
func CreateOrUpdateDefaultOAuthClients(masterPublicAddr string, assetPublicAddresses []string, clientRegistry clientregistry.Registry)
func NewEtcdHelper ¶
func NewEtcdHelper(client *etcdclient.Client, version, prefix string) (oshelper tools.EtcdHelper, err error)
NewEtcdHelper returns an EtcdHelper for the provided storage version.
func OpenShiftOAuthAuthorizeURL ¶ added in v0.2.2
func OpenShiftOAuthTokenRequestURL ¶ added in v0.4.4
func OpenShiftOAuthTokenURL ¶ added in v0.2.2
Types ¶
type APIInstallFunc ¶ added in v0.2.2
APIInstallFunc is a function for installing APIs
func (APIInstallFunc) InstallAPI ¶ added in v0.2.2
func (fn APIInstallFunc) InstallAPI(container *restful.Container) []string
InstallAPI implements APIInstaller
type APIInstaller ¶
type APIInstaller interface { // Returns an array of strings describing what was installed InstallAPI(*restful.Container) []string }
APIInstaller installs additional API components into this server
type AssetConfig ¶ added in v0.4.2
type AssetConfig struct {
Options configapi.AssetConfig
}
MasterConfig defines the required parameters for starting the OpenShift master
func BuildAssetConfig ¶ added in v0.4.2
func BuildAssetConfig(options configapi.AssetConfig) (*AssetConfig, error)
func (*AssetConfig) InstallAPI ¶ added in v0.4.2
func (c *AssetConfig) InstallAPI(container *restful.Container) []string
InstallAPI adds handlers for serving static assets into the provided mux, then returns an array of strings indicating what endpoints were started (these are format strings that will expect to be sent a single string value).
func (*AssetConfig) Run ¶ added in v0.4.2
func (c *AssetConfig) Run()
Run starts an http server for the static assets listening on the configured bind address
type AuthConfig ¶
type AuthConfig struct { Options configapi.OAuthConfig // Valid redirectURI prefixes to direct browsers to the web console AssetPublicAddresses []string MasterRoots *x509.CertPool EtcdHelper tools.EtcdHelper UserRegistry userregistry.Registry IdentityRegistry identityregistry.Registry SessionAuth *session.Authenticator }
func BuildAuthConfig ¶ added in v0.4.2
func BuildAuthConfig(options configapi.MasterConfig) (*AuthConfig, error)
func (*AuthConfig) InstallAPI ¶
func (c *AuthConfig) InstallAPI(container *restful.Container) []string
InstallSupport registers endpoints for an OAuth2 server into the provided mux, then returns an array of strings indicating what endpoints were started (these are format strings that will expect to be sent a single string value).
func (*AuthConfig) NewOpenShiftOAuthClientConfig ¶ added in v0.2.1
func (c *AuthConfig) NewOpenShiftOAuthClientConfig(client *oauthapi.OAuthClient) *osincli.ClientConfig
NewOpenShiftOAuthClientConfig provides config for OpenShift OAuth client
type MasterConfig ¶
type MasterConfig struct { Options configapi.MasterConfig Authenticator authenticator.Request Authorizer authorizer.Authorizer AuthorizationAttributeBuilder authorizer.AuthorizationAttributeBuilder PolicyCache *policycache.PolicyCache ProjectAuthorizationCache *projectauth.AuthorizationCache // Map requests to contexts RequestContextMapper kapi.RequestContextMapper AdmissionControl admission.Interface TLS bool // a function that returns the appropriate image to use for a named component ImageFor func(component string) string EtcdHelper tools.EtcdHelper KubeletClientConfig *kclient.KubeletConfig // ClientCAs will be used to request client certificates in connections to the API. // This CertPool should contain all the CAs that will be used for client certificate verification. ClientCAs *x509.CertPool // APIClientCAs is used to verify client certificates presented for API auth APIClientCAs *x509.CertPool // PrivilegedLoopbackClientConfig is the client configuration used to call OpenShift APIs from system components // To apply different access control to a system component, create a client config specifically for that component. PrivilegedLoopbackClientConfig kclient.Config // DeployerPrivilegedLoopbackClientConfig is the client configuration used to call OpenShift APIs from launched deployer pods DeployerOSClientConfig kclient.Config // kubeClient is the client used to call Kubernetes APIs from system components, built from KubeClientConfig. // It should only be accessed via the *Client() helper methods. // To apply different access control to a system component, create a separate client/config specifically for that component. PrivilegedLoopbackKubernetesClient *kclient.Client // osClient is the client used to call OpenShift APIs from system components, built from PrivilegedLoopbackClientConfig. // It should only be accessed via the *Client() helper methods. // To apply different access control to a system component, create a separate client/config specifically for that component. PrivilegedLoopbackOpenShiftClient *osclient.Client }
MasterConfig defines the required parameters for starting the OpenShift master
func BuildMasterConfig ¶ added in v0.3.3
func BuildMasterConfig(options configapi.MasterConfig) (*MasterConfig, error)
func (*MasterConfig) BuildControllerClients ¶ added in v0.2.1
func (c *MasterConfig) BuildControllerClients() (*osclient.Client, *kclient.Client)
BuildControllerClients returns the build controller client objects
func (*MasterConfig) BuildLogClient ¶ added in v0.2.1
func (c *MasterConfig) BuildLogClient() *kclient.Client
BuildLogClient returns the build log client object
func (*MasterConfig) DNSServerClient ¶ added in v0.4.2
func (c *MasterConfig) DNSServerClient() *kclient.Client
DNSServerClient returns the DNS server client object It must have the following capabilities:
list, watch all services in all namespaces
func (*MasterConfig) DeployerClientConfig ¶ added in v0.2.1
func (c *MasterConfig) DeployerClientConfig() *kclient.Config
DeployerClientConfig returns the client configuration a Deployer instance launched in a pod should use when making API calls.
func (*MasterConfig) DeploymentClient ¶ added in v0.2.1
func (c *MasterConfig) DeploymentClient() *kclient.Client
DeploymentClient returns the deployment client object
func (*MasterConfig) DeploymentConfigChangeControllerClients ¶ added in v0.2.1
func (c *MasterConfig) DeploymentConfigChangeControllerClients() (*osclient.Client, *kclient.Client)
func (*MasterConfig) DeploymentConfigControllerClients ¶ added in v0.2.1
func (c *MasterConfig) DeploymentConfigControllerClients() (*osclient.Client, *kclient.Client)
func (*MasterConfig) DeploymentControllerClients ¶ added in v0.2.1
func (c *MasterConfig) DeploymentControllerClients() (*osclient.Client, *kclient.Client)
DeploymentControllerClients returns the deployment controller client object
func (*MasterConfig) DeploymentImageChangeControllerClient ¶ added in v0.2.1
func (c *MasterConfig) DeploymentImageChangeControllerClient() *osclient.Client
func (*MasterConfig) ImageChangeControllerClient ¶ added in v0.2.1
func (c *MasterConfig) ImageChangeControllerClient() *osclient.Client
ImageChangeControllerClient returns the openshift client object
func (*MasterConfig) ImageImportControllerClient ¶ added in v0.4.2
func (c *MasterConfig) ImageImportControllerClient() *osclient.Client
ImageImportControllerClient returns the deployment client object
func (*MasterConfig) InstallProtectedAPI ¶ added in v0.2.2
func (c *MasterConfig) InstallProtectedAPI(container *restful.Container) []string
func (*MasterConfig) InstallUnprotectedAPI ¶ added in v0.2.2
func (c *MasterConfig) InstallUnprotectedAPI(container *restful.Container) []string
func (*MasterConfig) KubeClient ¶
func (c *MasterConfig) KubeClient() *kclient.Client
KubeClient returns the kubernetes client object
func (*MasterConfig) OriginNamespaceControllerClients ¶ added in v0.4.2
func (c *MasterConfig) OriginNamespaceControllerClients() (*osclient.Client, *kclient.Client)
OriginNamespaceControllerClients returns a client for openshift and kubernetes. The openshift client object must have authority to delete openshift content in any namespace The kubernetes client object must have authority to execute a finalize request on a namespace
func (*MasterConfig) PolicyClient ¶ added in v0.3.2
func (c *MasterConfig) PolicyClient() *osclient.Client
PolicyClient returns the policy client object It must have the following capabilities:
list, watch all policyBindings in all namespaces list, watch all policies in all namespaces create resourceAccessReviews in all namespaces
func (*MasterConfig) RouteAllocator ¶ added in v0.4.2
func (c *MasterConfig) RouteAllocator() *routeallocationcontroller.RouteAllocationController
RouteAllocator returns a route allocation controller.
func (*MasterConfig) Run ¶ added in v0.2.1
func (c *MasterConfig) Run(protected []APIInstaller, unprotected []APIInstaller)
Run launches the OpenShift master. It takes optional installers that may install additional endpoints into the server. All endpoints get configured CORS behavior Protected installers' endpoints are protected by API authentication and authorization. Unprotected installers' endpoints do not have any additional protection added.
func (*MasterConfig) RunAssetServer ¶
func (c *MasterConfig) RunAssetServer()
RunAssetServer starts the asset server for the OpenShift UI.
func (*MasterConfig) RunBuildController ¶
func (c *MasterConfig) RunBuildController()
RunBuildController starts the build sync loop for builds and buildConfig processing.
func (*MasterConfig) RunBuildImageChangeTriggerController ¶ added in v0.2.1
func (c *MasterConfig) RunBuildImageChangeTriggerController()
RunBuildImageChangeTriggerController starts the build image change trigger controller process.
func (*MasterConfig) RunBuildPodController ¶ added in v0.4.1
func (c *MasterConfig) RunBuildPodController()
RunBuildPodController starts the build/pod status sync loop for build status
func (*MasterConfig) RunDNSServer ¶ added in v0.4.2
func (c *MasterConfig) RunDNSServer()
func (*MasterConfig) RunDeployerPodController ¶ added in v0.3.4
func (c *MasterConfig) RunDeployerPodController()
RunDeployerPodController starts the deployer pod controller process.
func (*MasterConfig) RunDeploymentConfigChangeController ¶
func (c *MasterConfig) RunDeploymentConfigChangeController()
func (*MasterConfig) RunDeploymentConfigController ¶
func (c *MasterConfig) RunDeploymentConfigController()
func (*MasterConfig) RunDeploymentController ¶ added in v0.2.1
func (c *MasterConfig) RunDeploymentController() error
RunDeploymentController starts the deployment controller process.
func (*MasterConfig) RunDeploymentImageChangeTriggerController ¶
func (c *MasterConfig) RunDeploymentImageChangeTriggerController()
func (*MasterConfig) RunImageImportController ¶ added in v0.4.2
func (c *MasterConfig) RunImageImportController()
func (*MasterConfig) RunOriginNamespaceController ¶ added in v0.4.2
func (c *MasterConfig) RunOriginNamespaceController()
RunOriginNamespaceController starts the controller that takes part in namespace termination of openshift content
func (*MasterConfig) RunPolicyCache ¶ added in v0.3.3
func (c *MasterConfig) RunPolicyCache()
RunPolicyCache starts the policy cache
func (*MasterConfig) RunProjectAuthorizationCache ¶ added in v0.3.2
func (c *MasterConfig) RunProjectAuthorizationCache()
RunProjectAuthorizationCache starts the project authorization cache
func (*MasterConfig) RunProjectCache ¶ added in v0.5.1
func (c *MasterConfig) RunProjectCache()
RunProjectCache populates project cache, used by scheduler and project admission controller.
func (*MasterConfig) RunSDNController ¶ added in v0.5.2
func (c *MasterConfig) RunSDNController()
SDN controller runs openshift-sdn if the said network plugin is provided
func (*MasterConfig) RunServiceAccountTokensController ¶ added in v0.5.3
func (c *MasterConfig) RunServiceAccountTokensController()
func (*MasterConfig) RunServiceAccountsController ¶ added in v0.5.3
func (c *MasterConfig) RunServiceAccountsController()
func (*MasterConfig) SdnClient ¶ added in v0.5.2
func (c *MasterConfig) SdnClient() *osclient.Client
SdnClient returns the sdn client object It must have the capability to get/list/watch/create/delete HostSubnets. And have the capability to get ClusterNetwork.
func (*MasterConfig) WebHookClient ¶ added in v0.2.1
func (c *MasterConfig) WebHookClient() *osclient.Client
WebHookClient returns the webhook client object