model

package
v0.0.0-...-6060be6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 19, 2020 License: Apache-2.0 Imports: 55 Imported by: 0

Documentation

Index

Constants

View Source
const (
	CloudConfigFilePath = "/etc/kubernetes/cloud.config"

	// Required for vSphere CloudProvider
	MinimumVersionForVMUUID = "1.5.3"

	// VM UUID is set by cloud-init
	VM_UUID_FILE_PATH = "/etc/vmware/vm_uuid"
)
View Source
const (
	RoleLabelName15        = "kubernetes.io/role"
	RoleLabelName16        = "kubernetes.io/role"
	RoleMasterLabelValue15 = "master"
	RoleNodeLabelValue15   = "node"

	RoleLabelMaster16 = "node-role.kubernetes.io/master"
	RoleLabelNode16   = "node-role.kubernetes.io/node"
)
View Source
const DefaultDockerVersion = "1.12.3"

DefaultDockerVersion is the (legacy) docker version we use if one is not specified in the manifest. We don't change this with each version of kops, we expect newer versions of kops to populate the field.

View Source
const PathAuthnConfig = "/etc/kubernetes/authn.config"

PathAuthnConfig is the path to the custom webhook authentication config

View Source
const ServiceName = "update-service"

ServiceName is the name given to the service to be created

Variables

This section is empty.

Functions

func EvaluateHostnameOverride

func EvaluateHostnameOverride(hostnameOverride string) (string, error)

EvaluateHostnameOverride returns the hostname after replacing some well-known placeholders

Types

type Architecture

type Architecture string
var (
	ArchitectureAmd64 Architecture = "amd64"
	ArchitectureArm   Architecture = "arm"
)

type CloudConfigBuilder

type CloudConfigBuilder struct {
	*NodeupModelContext
}

CloudConfigBuilder creates the cloud configuration file

func (*CloudConfigBuilder) Build

type DirectoryBuilder

type DirectoryBuilder struct {
	*NodeupModelContext
}

DirectoryBuilder creates required directories

func (*DirectoryBuilder) Build

Build is responsible for specific directories are created - os dependent

type DockerBuilder

type DockerBuilder struct {
	*NodeupModelContext
}

DockerBuilder install docker (just the packages at the moment)

func (*DockerBuilder) Build

Build is responsible for configuring the docker daemon

type EtcdBuilder

type EtcdBuilder struct {
	*NodeupModelContext
}

EtcdBuilder installs etcd

func (*EtcdBuilder) Build

func (b *EtcdBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for creating the etcd user

type EtcdManagerTLSBuilder

type EtcdManagerTLSBuilder struct {
	*NodeupModelContext
}

EtcdManagerTLSBuilder configures TLS support for etcd-manager

func (*EtcdManagerTLSBuilder) Build

Build is responsible for TLS configuration for etcd-manager

type EtcdTLSBuilder

type EtcdTLSBuilder struct {
	*NodeupModelContext
}

EtcdTLSBuilder configures the etcd TLS support

func (*EtcdTLSBuilder) Build

Build is responsible for performing setup for CNIs that need etcd TLS support

type FileAssetsBuilder

type FileAssetsBuilder struct {
	*NodeupModelContext
}

FileAssetsBuilder configures the hooks

func (*FileAssetsBuilder) Build

Build is responsible for writing out the file assets from cluster and instanceGroup

type FirewallBuilder

type FirewallBuilder struct {
	*NodeupModelContext
}

FirewallBuilder configures the firewall (iptables)

func (*FirewallBuilder) Build

Build is responsible for generating any node firewall rules

type HookBuilder

type HookBuilder struct {
	*NodeupModelContext
}

HookBuilder configures the hooks

func (*HookBuilder) Build

func (h *HookBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for implementing the cluster hook

type KubeAPIServerBuilder

type KubeAPIServerBuilder struct {
	*NodeupModelContext
}

KubeAPIServerBuilder install kube-apiserver (just the manifest at the moment)

func (*KubeAPIServerBuilder) Build

Build is responsible for generating the configuration for the kube-apiserver

type KubeControllerManagerBuilder

type KubeControllerManagerBuilder struct {
	*NodeupModelContext
}

KubeControllerManagerBuilder install kube-controller-manager (just the manifest at the moment)

func (*KubeControllerManagerBuilder) Build

Build is responsible for configuring the kube-controller-manager

type KubeProxyBuilder

type KubeProxyBuilder struct {
	*NodeupModelContext
}

KubeProxyBuilder installs kube-proxy

func (*KubeProxyBuilder) Build

Build is responsible for building the kube-proxy manifest @TODO we should probably change this to a daemonset in the future and follow the kubeadm path

type KubeRouterBuilder

type KubeRouterBuilder struct {
	*NodeupModelContext
}

KubeRouterBuilder installs kube-router

func (*KubeRouterBuilder) Build

Build is responsible for configuring the kube-router

type KubeSchedulerBuilder

type KubeSchedulerBuilder struct {
	*NodeupModelContext
}

KubeSchedulerBuilder install kube-scheduler

func (*KubeSchedulerBuilder) Build

Build is responsible for building the manifest for the kube-scheduler

type KubectlBuilder

type KubectlBuilder struct {
	*NodeupModelContext
}

KubectlBuilder install kubectl

func (*KubectlBuilder) Build

Build is responsible for managing the kubectl on the nodes

type KubeletBuilder

type KubeletBuilder struct {
	*NodeupModelContext
}

KubeletBuilder installs kubelet

func (*KubeletBuilder) Build

Build is responsible for building the kubelet configuration

type LogrotateBuilder

type LogrotateBuilder struct {
	*NodeupModelContext
}

LogrotateBuilder installs logrotate.d and configures log rotation for kubernetes logs

func (*LogrotateBuilder) Build

Build is responsible for configuring logrotate

type ManifestsBuilder

type ManifestsBuilder struct {
	*NodeupModelContext
}

ManifestsBuilder copies manifests from the store (e.g. etcdmanager)

func (*ManifestsBuilder) Build

Build creates tasks for copying the manifests

type MiscUtilsBuilder

type MiscUtilsBuilder struct {
	*NodeupModelContext
}

MiscUtilsBuilder ensures that some system packages that are required for kubernetes are installed (e.g. socat)

func (*MiscUtilsBuilder) Build

Build is responsible for configuring the miscellaneous packages we want installed

type NTPBuilder

type NTPBuilder struct {
	*NodeupModelContext
}

NTPBuilder installs and starts NTP, to ensure accurate clock times. As well as general log confusion, clock-skew of more than 5 minutes causes AWS API calls to fail

func (*NTPBuilder) Build

func (b *NTPBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for configuring NTP

type NetworkBuilder

type NetworkBuilder struct {
	*NodeupModelContext
}

NetworkBuilder writes CNI assets

func (*NetworkBuilder) Build

Build is responsible for configuring the network cni

type NodeAuthorizationBuilder

type NodeAuthorizationBuilder struct {
	*NodeupModelContext
}

NodeAuthorizationBuilder is responsible for node authorization

func (*NodeAuthorizationBuilder) Build

Build is responsible for handling the node authorization client

type NodeupModelContext

type NodeupModelContext struct {
	Architecture  Architecture
	Assets        *fi.AssetStore
	Cluster       *kops.Cluster
	Distribution  distros.Distribution
	InstanceGroup *kops.InstanceGroup
	KeyStore      fi.CAStore
	NodeupConfig  *nodeup.Config
	SecretStore   fi.SecretStore

	// IsMaster is true if the InstanceGroup has a role of master (populated by Init)
	IsMaster bool
	// contains filtered or unexported fields
}

NodeupModelContext is the context supplied the nodeup tasks

func (*NodeupModelContext) BuildCertificatePairTask

func (c *NodeupModelContext) BuildCertificatePairTask(ctx *fi.ModelBuilderContext, key, path, filename string) error

BuildCertificatePairTask creates the tasks to pull down the certificate and private key

func (*NodeupModelContext) BuildCertificateTask

func (c *NodeupModelContext) BuildCertificateTask(ctx *fi.ModelBuilderContext, name, filename string) error

BuildCertificateTask is responsible for build a certificate request task

func (*NodeupModelContext) BuildKubeConfig

func (c *NodeupModelContext) BuildKubeConfig(username string, ca, certificate, privateKey []byte) (string, error)

BuildKubeConfig is responsible for building a kubeconfig

func (*NodeupModelContext) BuildPKIKubeconfig

func (c *NodeupModelContext) BuildPKIKubeconfig(name string) (string, error)

BuildPKIKubeconfig generates a kubeconfig

func (*NodeupModelContext) BuildPrivateKeyTask

func (c *NodeupModelContext) BuildPrivateKeyTask(ctx *fi.ModelBuilderContext, name, filename string) error

BuildPrivateKeyTask is responsible for build a certificate request task

func (*NodeupModelContext) CNIBinDir

func (c *NodeupModelContext) CNIBinDir() string

CNIBinDir returns the path for the CNI binaries

func (*NodeupModelContext) CNIConfDir

func (c *NodeupModelContext) CNIConfDir() string

CNIConfDir returns the CNI directory

func (*NodeupModelContext) EnsureDirectory

func (c *NodeupModelContext) EnsureDirectory(path string) error

EnsureDirectory ensures the directory exists or creates it

func (*NodeupModelContext) EnsureSystemdSuffix

func (c *NodeupModelContext) EnsureSystemdSuffix(name string) string

EnsureSystemdSuffix ensures that the hook name ends with a valid systemd unit file extension. If it doesn't, it adds ".service" for backwards-compatibility with older versions of Kops

func (*NodeupModelContext) FileAssetsDefaultPath

func (c *NodeupModelContext) FileAssetsDefaultPath() string

FileAssetsDefaultPath is the default location for assets which have no path

func (*NodeupModelContext) FindCert

func (c *NodeupModelContext) FindCert(name string) ([]byte, error)

FindCert is a helper method to retrieving a certificate from the store

func (*NodeupModelContext) FindPrivateKey

func (c *NodeupModelContext) FindPrivateKey(name string) ([]byte, error)

FindPrivateKey is a helper method to retrieving a private key from the store

func (*NodeupModelContext) Init

func (c *NodeupModelContext) Init() error

Init completes initialization of the object, for example pre-parsing the kubernetes version

func (*NodeupModelContext) IsKubernetesGTE

func (c *NodeupModelContext) IsKubernetesGTE(version string) bool

IsKubernetesGTE checks if the version is greater-than-or-equal

func (*NodeupModelContext) IsMounted

func (c *NodeupModelContext) IsMounted(m mount.Interface, device, path string) (bool, error)

IsMounted checks if the device is mount

func (*NodeupModelContext) KubectlPath

func (c *NodeupModelContext) KubectlPath() string

KubectlPath returns distro based path for kubectl

func (*NodeupModelContext) KubeletBootstrapKubeconfig

func (c *NodeupModelContext) KubeletBootstrapKubeconfig() string

KubeletBootstrapKubeconfig is the path the bootstrap config file

func (*NodeupModelContext) KubeletKubeConfig

func (c *NodeupModelContext) KubeletKubeConfig() string

KubeletKubeConfig is the path of the kubelet kubeconfig file

func (*NodeupModelContext) NodeName

func (c *NodeupModelContext) NodeName() (string, error)

NodeName returns the name of the local Node, as it will be created in k8s

func (*NodeupModelContext) PathSrvKubernetes

func (c *NodeupModelContext) PathSrvKubernetes() string

PathSrvKubernetes returns the path for the kubernetes service files

func (*NodeupModelContext) PathSrvSshproxy

func (c *NodeupModelContext) PathSrvSshproxy() string

PathSrvSshproxy returns the path for the SSL proxy

func (*NodeupModelContext) SSLHostPaths

func (c *NodeupModelContext) SSLHostPaths() []string

SSLHostPaths returns the TLS paths for the distribution

func (*NodeupModelContext) UseBootstrapTokens

func (c *NodeupModelContext) UseBootstrapTokens() bool

UseBootstrapTokens checks if we are using bootstrap tokens

func (*NodeupModelContext) UseEtcdManager

func (c *NodeupModelContext) UseEtcdManager() bool

UseEtcdManager checks if the etcd cluster has etcd-manager enabled

func (*NodeupModelContext) UseEtcdTLS

func (c *NodeupModelContext) UseEtcdTLS() bool

UseEtcdTLS checks if the etcd cluster has TLS enabled bool

func (*NodeupModelContext) UseEtcdTLSAuth

func (c *NodeupModelContext) UseEtcdTLSAuth() bool

UseEtcdTLSAuth checks the peer-auth is set in both cluster @NOTE: in retrospect i think we should have consolidated the common config in the wrapper struct; it feels weird we set things like version, tls etc per cluster since they both have to be the same.

func (*NodeupModelContext) UseNodeAuthorization

func (c *NodeupModelContext) UseNodeAuthorization() bool

UseNodeAuthorization checks if have a node authorization policy

func (*NodeupModelContext) UseNodeAuthorizer

func (c *NodeupModelContext) UseNodeAuthorizer() bool

UseNodeAuthorizer checks if node authorization is enabled

func (*NodeupModelContext) UseSecureKubelet

func (c *NodeupModelContext) UseSecureKubelet() bool

UseSecureKubelet checks if the kubelet api should be protected by a client certificate. Note: the settings are in one of three section, master specific kubelet, cluster wide kubelet or the InstanceGroup. Though arguably is doesn't make much sense to unset this on a per InstanceGroup level, but hey :)

func (*NodeupModelContext) UseVolumeMounts

func (c *NodeupModelContext) UseVolumeMounts() bool

UseVolumeMounts is used to check if we have volume mounts enabled as we need to insert requires and afters in various places

func (*NodeupModelContext) UsesCNI

func (c *NodeupModelContext) UsesCNI() bool

UsesCNI checks if the cluster has CNI configured

func (*NodeupModelContext) UsesSecondaryIP

func (c *NodeupModelContext) UsesSecondaryIP() bool

UsesSecondaryIP checks if the CNI in use attaches secondary interfaces to the host.

func (*NodeupModelContext) VolumesServiceName

func (c *NodeupModelContext) VolumesServiceName() string

VolumesServiceName is the name of the service which is downstream of any volume mounts

type PackagesBuilder

type PackagesBuilder struct {
	*NodeupModelContext
}

PackagesBuilder adds miscellaneous OS packages that we need

func (*PackagesBuilder) Build

Build is responsible for installing packages

type ProtokubeBuilder

type ProtokubeBuilder struct {
	*NodeupModelContext
}

ProtokubeBuilder configures protokube

func (*ProtokubeBuilder) Build

Build is responsible for generating the options for protokube

func (*ProtokubeBuilder) ProtokubeEnvironmentVariables

func (t *ProtokubeBuilder) ProtokubeEnvironmentVariables() string

ProtokubeEnvironmentVariables generates the environments variables for docker

func (*ProtokubeBuilder) ProtokubeFlags

func (t *ProtokubeBuilder) ProtokubeFlags(k8sVersion semver.Version) (*ProtokubeFlags, error)

ProtokubeFlags is responsible for building the command line flags for protokube

func (*ProtokubeBuilder) ProtokubeImageName

func (t *ProtokubeBuilder) ProtokubeImageName() string

ProtokubeImageName returns the docker image for protokube

func (*ProtokubeBuilder) ProtokubeImagePullCommand

func (t *ProtokubeBuilder) ProtokubeImagePullCommand() string

ProtokubeImagePullCommand returns the command to pull the image

type ProtokubeFlags

type ProtokubeFlags struct {
	ApplyTaints *bool    `json:"applyTaints,omitempty" flag:"apply-taints"`
	Channels    []string `json:"channels,omitempty" flag:"channels"`
	Cloud       *string  `json:"cloud,omitempty" flag:"cloud"`
	// ClusterID flag is required only for vSphere cloud type, to pass cluster id information to protokube. AWS and GCE workflows ignore this flag.
	ClusterID                 *string  `json:"cluster-id,omitempty" flag:"cluster-id"`
	Containerized             *bool    `json:"containerized,omitempty" flag:"containerized"`
	DNSInternalSuffix         *string  `json:"dnsInternalSuffix,omitempty" flag:"dns-internal-suffix"`
	DNSProvider               *string  `json:"dnsProvider,omitempty" flag:"dns"`
	DNSServer                 *string  `json:"dns-server,omitempty" flag:"dns-server"`
	EtcdBackupImage           string   `json:"etcd-backup-image,omitempty" flag:"etcd-backup-image"`
	EtcdBackupStore           string   `json:"etcd-backup-store,omitempty" flag:"etcd-backup-store"`
	EtcdImage                 *string  `json:"etcd-image,omitempty" flag:"etcd-image"`
	EtcdLeaderElectionTimeout *string  `json:"etcd-election-timeout,omitempty" flag:"etcd-election-timeout"`
	EtcdHearbeatInterval      *string  `json:"etcd-heartbeat-interval,omitempty" flag:"etcd-heartbeat-interval"`
	InitializeRBAC            *bool    `json:"initializeRBAC,omitempty" flag:"initialize-rbac"`
	LogLevel                  *int32   `json:"logLevel,omitempty" flag:"v"`
	Master                    *bool    `json:"master,omitempty" flag:"master"`
	PeerTLSCaFile             *string  `json:"peer-ca,omitempty" flag:"peer-ca"`
	PeerTLSCertFile           *string  `json:"peer-cert,omitempty" flag:"peer-cert"`
	PeerTLSKeyFile            *string  `json:"peer-key,omitempty" flag:"peer-key"`
	TLSAuth                   *bool    `json:"tls-auth,omitempty" flag:"tls-auth"`
	TLSCAFile                 *string  `json:"tls-ca,omitempty" flag:"tls-ca"`
	TLSCertFile               *string  `json:"tls-cert,omitempty" flag:"tls-cert"`
	TLSKeyFile                *string  `json:"tls-key,omitempty" flag:"tls-key"`
	Zone                      []string `json:"zone,omitempty" flag:"zone"`

	// ManageEtcd is true if protokube should manage etcd; being replaced by etcd-manager
	ManageEtcd bool `json:"manageEtcd,omitempty" flag:"manage-etcd"`

	// RemoveDNSNames allows us to remove dns records, so that they can be managed elsewhere
	// We use it e.g. for the switch to etcd-manager
	RemoveDNSNames string `json:"removeDNSNames,omitempty" flag:"remove-dns-names"`
}

ProtokubeFlags are the flags for protokube

type SecretBuilder

type SecretBuilder struct {
	*NodeupModelContext
}

SecretBuilder writes secrets

func (*SecretBuilder) Build

Build is responsible for pulling down the secrets

type SysctlBuilder

type SysctlBuilder struct {
	*NodeupModelContext
}

SysctlBuilder set up our sysctls

func (*SysctlBuilder) Build

Build is responsible for configuring sysctl settings

type UpdateServiceBuilder

type UpdateServiceBuilder struct {
	*NodeupModelContext
}

UpdateServiceBuilder disables the OS automatic updates

func (*UpdateServiceBuilder) Build

Build is responsible for creating the relevant systemd service based on OS

type VolumesBuilder

type VolumesBuilder struct {
	*NodeupModelContext
}

VolumesBuilder maintains the volume mounting

func (*VolumesBuilder) Build

Build is responsible for handling the mounting additional volumes onto the instance

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL