certs

package

v0.1.0 Latest Latest Go to latest Published: Dec 11, 2018 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/platform9/etcdadm

Links

Open Source Insights

Documentation ¶

Index ¶

func CreateAPIServerEtcdClientCertAndKeyFiles(cfg *apis.EtcdAdmConfig) error
func CreateEtcdCACertAndKeyFiles(cfg *apis.EtcdAdmConfig) error
func CreateEtcdPeerCertAndKeyFiles(cfg *apis.EtcdAdmConfig) error
func CreateEtcdServerCertAndKeyFiles(cfg *apis.EtcdAdmConfig) error
func CreateEtcdctlClientCertAndKeyFiles(cfg *apis.EtcdAdmConfig) error
func CreatePKIAssets(cfg *apis.EtcdAdmConfig) error
func NewEtcdCACertAndKey() (*x509.Certificate, *rsa.PrivateKey, error)
func NewEtcdClientCertAndKey(caCert *x509.Certificate, caKey *rsa.PrivateKey, commonName string, ...) (*x509.Certificate, *rsa.PrivateKey, error)
func NewEtcdPeerCertAndKey(cfg *apis.EtcdAdmConfig, caCert *x509.Certificate, caKey *rsa.PrivateKey) (*x509.Certificate, *rsa.PrivateKey, error)
func NewEtcdServerCertAndKey(cfg *apis.EtcdAdmConfig, caCert *x509.Certificate, caKey *rsa.PrivateKey) (*x509.Certificate, *rsa.PrivateKey, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CreateAPIServerEtcdClientCertAndKeyFiles ¶

func CreateAPIServerEtcdClientCertAndKeyFiles(cfg *apis.EtcdAdmConfig) error

CreateAPIServerEtcdClientCertAndKeyFiles create a new client certificate for the apiserver calling etcd If the apiserver-etcd-client certificate and key file already exist in the target folder, they are used only if evaluated equal; otherwise an error is returned. It assumes the etcd CA certificate and key file exist in the CertificatesDir

func CreateEtcdCACertAndKeyFiles ¶

func CreateEtcdCACertAndKeyFiles(cfg *apis.EtcdAdmConfig) error

CreateEtcdCACertAndKeyFiles create a self signed etcd CA certificate and key files. The etcd CA and client certs are used to secure communication between etcd peers and connections to etcd from the API server. This is a separate CA, so that kubernetes client identities cannot connect to etcd directly or peer with the etcd cluster. If the etcd CA certificate and key files already exists in the target folder, they are used only if evaluated equals; otherwise an error is returned.

func CreateEtcdPeerCertAndKeyFiles ¶

func CreateEtcdPeerCertAndKeyFiles(cfg *apis.EtcdAdmConfig) error

CreateEtcdPeerCertAndKeyFiles create a new certificate and key file for etcd peering. If the etcd peer certificate and key file already exist in the target folder, they are used only if evaluated equal; otherwise an error is returned. It assumes the etcd CA certificate and key file exist in the CertificatesDir

func CreateEtcdServerCertAndKeyFiles ¶

func CreateEtcdServerCertAndKeyFiles(cfg *apis.EtcdAdmConfig) error

CreateEtcdServerCertAndKeyFiles create a new certificate and key file for etcd. If the etcd serving certificate and key file already exist in the target folder, they are used only if evaluated equal; otherwise an error is returned. It assumes the etcd CA certificate and key file exist in the CertificatesDir

func CreateEtcdctlClientCertAndKeyFiles ¶

func CreateEtcdctlClientCertAndKeyFiles(cfg *apis.EtcdAdmConfig) error

CreateEtcdctlClientCertAndKeyFiles create a new client certificate for the etcdctl client. If the etcdctl-client certificate and key file already exist in the target folder, they are used only if evaluated equal; otherwise an error is returned. It assumes the etcd CA certificate and key file exist in the CertificatesDir

func CreatePKIAssets ¶

func CreatePKIAssets(cfg *apis.EtcdAdmConfig) error

CreatePKIAssets will create and write to disk all PKI assets necessary to establish the control plane. If the PKI assets already exists in the target folder, they are used only if evaluated equal; otherwise an error is returned.

func NewEtcdCACertAndKey ¶

func NewEtcdCACertAndKey() (*x509.Certificate, *rsa.PrivateKey, error)

NewEtcdCACertAndKey generate a self signed etcd CA.

func NewEtcdClientCertAndKey ¶

func NewEtcdClientCertAndKey(caCert *x509.Certificate, caKey *rsa.PrivateKey, commonName string, organization string) (*x509.Certificate, *rsa.PrivateKey, error)

NewEtcdClientCertAndKey generates a client certificate to connect to etcd securely, signed by the given CA.

func NewEtcdPeerCertAndKey ¶

func NewEtcdPeerCertAndKey(cfg *apis.EtcdAdmConfig, caCert *x509.Certificate, caKey *rsa.PrivateKey) (*x509.Certificate, *rsa.PrivateKey, error)

NewEtcdPeerCertAndKey generate certificate for etcd peering, signed by the given CA.

func NewEtcdServerCertAndKey ¶

func NewEtcdServerCertAndKey(cfg *apis.EtcdAdmConfig, caCert *x509.Certificate, caKey *rsa.PrivateKey) (*x509.Certificate, *rsa.PrivateKey, error)

NewEtcdServerCertAndKey generate certificate for etcd, signed by the given CA.

Types ¶

This section is empty.

Source Files ¶

View all Source files

certs.go

Directories ¶

Path	Synopsis
pkiutil

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL