cluster

package
v1.5.11-rc4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 5, 2024 License: Apache-2.0 Imports: 73 Imported by: 182

Documentation

Index

Constants

View Source
const (
	UserAddonResourceName         = "rke-user-addon"
	IngressAddonResourceName      = "rke-ingress-controller"
	UserAddonsIncludeResourceName = "rke-user-includes-addons"

	IngressAddonJobName            = "rke-ingress-controller-deploy-job"
	MetricsServerAddonJobName      = "rke-metrics-addon-deploy-job"
	UserAddonJobName               = "rke-user-addon-deploy-job"
	UserAddonIncludeJobName        = "rke-user-includes-addons-deploy-job"
	MetricsServerAddonResourceName = "rke-metrics-addon"
	KubeDNSAddonAppName            = "kube-dns"
	KubeDNSAutoscalerAppName       = "kube-dns-autoscaler"
	CoreDNSAutoscalerAppName       = "coredns-autoscaler"
	KubeAPIAuthAppName             = "kube-api-auth"
	CattleClusterAgentAppName      = "cattle-cluster-agent"

	CoreDNSPriorityClassNameKey           = "coredns_priority_class_name"
	CoreDNSAutoscalerPriorityClassNameKey = "coredns_autoscaler_priority_class_name"
	KubeDNSPriorityClassNameKey           = "kube_dns_priority_class_name"
	KubeDNSAutoscalerPriorityClassNameKey = "kube_dns_autoscaler_priority_class_name"

	CoreDNSProvider = "coredns"
	KubeDNSProvider = "kube-dns"
	Nodelocal       = "nodelocal"

	NginxIngressAddonAppName                 = "ingress-nginx"
	NginxIngressAddonAppNamespace            = "ingress-nginx"
	NginxIngressAddonDefaultBackendName      = "default-http-backend"
	NginxIngressAddonDefaultBackendNamespace = "ingress-nginx"
)
View Source
const (
	AuthnX509Provider      = "x509"
	AuthnWebhookProvider   = "webhook"
	StateConfigMapName     = "cluster-state"
	FullStateConfigMapName = "full-cluster-state"
	FullStateSecretName    = "full-cluster-state"
	UpdateStateTimeout     = time.Second * 30
	GetStateTimeout        = time.Second * 30
	RewriteWorkers         = 5
	SyncWorkers            = 10
	NoneAuthorizationMode  = "none"
	LocalNodeAddress       = "127.0.0.1"
	LocalNodeHostname      = "localhost"
	LocalNodeUser          = "root"
	CloudProvider          = "CloudProvider"
	ControlPlane           = "controlPlane"
	KubeAppLabel           = "k8s-app"
	AppLabel               = "app"
	NameLabel              = "name"

	WorkerThreads = util.WorkerThreads
	SELinuxLabel  = services.SELinuxLabel

	SystemNamespace = "kube-system"
)
View Source
const (
	DefaultServiceClusterIPRange = "10.43.0.0/16"
	DefaultNodePortRange         = "30000-32767"
	DefaultClusterCIDR           = "10.42.0.0/16"
	DefaultClusterDNSService     = "10.43.0.10"
	DefaultClusterDomain         = "cluster.local"
	DefaultClusterName           = "local"
	DefaultClusterSSHKeyPath     = "~/.ssh/id_rsa"

	DefaultSSHPort        = "22"
	DefaultDockerSockPath = "/var/run/docker.sock"

	DefaultAuthStrategy      = "x509"
	DefaultAuthorizationMode = "rbac"

	DefaultAuthnWebhookFile  = templates.AuthnWebhook
	DefaultAuthnCacheTimeout = "5s"

	DefaultNetworkPlugin        = "canal"
	DefaultNetworkCloudProvider = "none"

	DefaultIngressController             = "nginx"
	DefaultEtcdBackupCreationPeriod      = "12h"
	DefaultEtcdBackupRetentionPeriod     = "72h"
	DefaultEtcdSnapshot                  = true
	DefaultMonitoringProvider            = "metrics-server"
	DefaultEtcdBackupConfigIntervalHours = 12
	DefaultEtcdBackupConfigRetention     = 6
	DefaultEtcdBackupConfigTimeout       = docker.WaitTimeout

	DefaultDNSProvider = "kube-dns"
	K8sVersionCoreDNS  = "1.14.0"

	DefaultEtcdHeartbeatIntervalName  = "heartbeat-interval"
	DefaultEtcdHeartbeatIntervalValue = "500"
	DefaultEtcdElectionTimeoutName    = "election-timeout"
	DefaultEtcdElectionTimeoutValue   = "5000"

	DefaultFlannelBackendVxLan     = "vxlan"
	DefaultFlannelBackendVxLanPort = "8472"
	DefaultFlannelBackendVxLanVNI  = "1"

	DefaultCalicoFlexVolPluginDirectory = "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds"

	DefaultCanalFlexVolPluginDirectory = "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds"

	DefaultAciApicRefreshTime                        = "1200"
	DefaultAciOVSMemoryLimit                         = "1Gi"
	DefaultAciOVSMemoryRequest                       = "128Mi"
	DefaultAciImagePullPolicy                        = "Always"
	DefaultAciServiceMonitorInterval                 = "5"
	DefaultAciPBRTrackingNonSnat                     = "false"
	DefaultAciInstallIstio                           = "false"
	DefaultAciIstioProfile                           = "demo"
	DefaultAciDropLogEnable                          = "true"
	DefaultAciControllerLogLevel                     = "info"
	DefaultAciHostAgentLogLevel                      = "info"
	DefaultAciOpflexAgentLogLevel                    = "info"
	DefaultAciUseAciCniPriorityClass                 = "false"
	DefaultAciNoPriorityClass                        = "false"
	DefaultAciMaxNodesSvcGraph                       = "32"
	DefaultAciSnatContractScope                      = "global"
	DefaultAciSnatNamespace                          = "aci-containers-system"
	DefaultAciCApic                                  = "false"
	DefaultAciPodSubnetChunkSize                     = "32"
	DefaultAciSnatPortRangeStart                     = "5000"
	DefaultAciSnatPortRangeEnd                       = "65000"
	DefaultAciSnatPortsPerNode                       = "3000"
	DefaultAciUseHostNetnsVolume                     = "false"
	DefaultAciRunGbpContainer                        = "false"
	DefaultAciRunOpflexServerContainer               = "false"
	DefaultAciUseAciAnywhereCRD                      = "false"
	DefaultAciEnableEndpointSlice                    = "false"
	DefaultAciOpflexClientSSL                        = "true"
	DefaultAciUsePrivilegedContainer                 = "false"
	DefaultAciUseOpflexServerVolume                  = "false"
	DefaultAciDurationWaitForNetwork                 = "210"
	DefaultAciUseClusterRole                         = "true"
	DefaultAciDisableWaitForNetwork                  = "false"
	DefaultAciApicSubscriptionDelay                  = "0"
	DefaultAciApicRefreshTickerAdjust                = "0"
	DefaultAciDisablePeriodicSnatGlobalInfoSync      = "false"
	DefaultAciOpflexDeviceDeleteTimeout              = "0"
	DefaultAciMTUHeadRoom                            = "0"
	DefaultAciNodePodIfEnable                        = "false"
	DefaultAciSriovEnable                            = "false"
	DefaultAciMultusDisable                          = "true"
	DefaultAciNoWaitForServiceEpReadiness            = "false"
	DefaultAciAddExternalSubnetsToRdconfig           = "false"
	DefaultAciServiceGraphEndpointAddDelay           = "0"
	DefaultAciHppOptimization                        = "false"
	DefaultAciSleepTimeSnatGlobalInfoSync            = "0"
	DefaultAciOpflexAgentOpflexAsyncjsonEnabled      = "false"
	DefaultAciOpflexAgentOvsAsyncjsonEnabled         = "false"
	DefaultAciOpflexAgentPolicyRetryDelayTimer       = "10"
	DefaultAciAciMultipod                            = "false"
	DefaultAciAciMultipodUbuntu                      = "false"
	DefaultAciDhcpRenewMaxRetryCount                 = "0"
	DefaultAciDhcpDelay                              = "0"
	DefaultAciUseSystemNodePriorityClass             = "false"
	DefaultAciAciContainersMemoryLimit               = "3Gi"
	DefaultAciAciContainersMemoryRequest             = "128Mi"
	DefaultAciOpflexAgentStatistics                  = "true"
	DefaultAciAddExternalContractToDefaultEpg        = "false"
	DefaultAciEnableOpflexAgentReconnect             = "false"
	DefaultAciOpflexOpensslCompat                    = "false"
	DefaultAciTolerationSeconds                      = "600"
	DefaultAciDisableHppRendering                    = "false"
	DefaultAciApicConnectionRetryLimit               = "5"
	DefaultAciTaintNotReadyNode                      = "false"
	DefaultAciDropLogDisableEvents                   = "false"
	DefaultAciOpflexStartupEnabled                   = "false"
	DefaultAciOpflexStartupPolicyDuration            = "60"
	DefaultAciOpflexStartupResolveAftConn            = "false"
	DefaultAciOpflexSwitchSyncDelay                  = "5"
	DefaultAciOpflexSwitchSyncDynamic                = "10"
	KubeAPIArgAdmissionControlConfigFile             = "admission-control-config-file"
	DefaultKubeAPIArgAdmissionControlConfigFileValue = "/etc/kubernetes/admission.yaml"

	EventRateLimitPluginName = "EventRateLimit"
	PodSecurityPluginName    = "PodSecurity"
	PodSecurityPrivileged    = "privileged"
	PodSecurityRestricted    = "restricted"

	KubeAPIArgAuditLogPath                = "audit-log-path"
	KubeAPIArgAuditLogMaxAge              = "audit-log-maxage"
	KubeAPIArgAuditLogMaxBackup           = "audit-log-maxbackup"
	KubeAPIArgAuditLogMaxSize             = "audit-log-maxsize"
	KubeAPIArgAuditLogFormat              = "audit-log-format"
	KubeAPIArgAuditPolicyFile             = "audit-policy-file"
	DefaultKubeAPIArgAuditLogPathValue    = "/var/log/kube-audit/audit-log.json"
	DefaultKubeAPIArgAuditPolicyFileValue = "/etc/kubernetes/audit-policy.yaml"

	DefaultMaxUnavailableWorker       = "10%"
	DefaultMaxUnavailableControlplane = "1"
	DefaultNodeDrainTimeout           = 120
	DefaultNodeDrainGracePeriod       = -1
	DefaultHTTPPort                   = 80
	DefaultHTTPSPort                  = 443
	DefaultNetworkMode                = "hostNetwork"
	DefaultNetworkModeV121            = "hostPort"
)
View Source
const (
	ContainerName = "file-deployer"
	ServiceName   = "file-deploy"
	ConfigEnv     = "FILE_DEPLOY"
)
View Source
const (
	NetworkPluginResourceName = "rke-network-plugin"

	PortCheckContainer        = "rke-port-checker"
	EtcdPortListenContainer   = "rke-etcd-port-listener"
	CPPortListenContainer     = "rke-cp-port-listener"
	WorkerPortListenContainer = "rke-worker-port-listener"

	KubeAPIPort      = "6443"
	EtcdPort1        = "2379"
	EtcdPort2        = "2380"
	KubeletPort      = "10250"
	FlannelVxLanPort = 8472

	FlannelVxLanNetworkIdentify = 1

	ProtocolTCP = "TCP"
	ProtocolUDP = "UDP"

	NoNetworkPlugin = "none"

	FlannelNetworkPlugin = "flannel"
	FlannelIface         = "flannel_iface"
	FlannelBackendType   = "flannel_backend_type"
	// FlannelBackendPort must be 4789 if using VxLan mode in the cluster with Windows nodes
	FlannelBackendPort = "flannel_backend_port"
	// FlannelBackendVxLanNetworkIdentify should be greater than or equal to 4096 if using VxLan mode in the cluster with Windows nodes
	FlannelBackendVxLanNetworkIdentify  = "flannel_backend_vni"
	KubeFlannelPriorityClassNameKeyName = "kube_flannel_priority_class_name"

	CalicoNetworkPlugin                           = "calico"
	CalicoNodeLabel                               = "calico-node"
	CalicoControllerLabel                         = "calico-kube-controllers"
	CalicoCloudProvider                           = "calico_cloud_provider"
	CalicoFlexVolPluginDirectory                  = "calico_flex_volume_plugin_dir"
	CalicoNodePriorityClassNameKeyName            = "calico_node_priority_class_name"
	CalicoKubeControllersPriorityClassNameKeyName = "calico_kube_controllers_priority_class_name"

	CanalNetworkPlugin      = "canal"
	CanalIface              = "canal_iface"
	CanalFlannelBackendType = "canal_flannel_backend_type"
	// CanalFlannelBackendPort must be 4789 if using Flannel VxLan mode in the cluster with Windows nodes
	CanalFlannelBackendPort = "canal_flannel_backend_port"
	// CanalFlannelBackendVxLanNetworkIdentify should be greater than or equal to 4096 if using Flannel VxLan mode in the cluster with Windows nodes
	CanalFlannelBackendVxLanNetworkIdentify = "canal_flannel_backend_vni"
	CanalFlexVolPluginDirectory             = "canal_flex_volume_plugin_dir"
	CanalPriorityClassNameKeyName           = "canal_priority_class_name"

	WeaveNetworkPlugin               = "weave"
	WeaveNetworkAppName              = "weave-net"
	WeaveNetPriorityClassNameKeyName = "weave_net_priority_class_name"

	AciNetworkPlugin                        = "aci"
	AciOVSMemoryLimit                       = "aci_ovs_memory_limit"
	AciOVSMemoryRequest                     = "aci_ovs_memory_request"
	AciImagePullPolicy                      = "aci_image_pull_policy"
	AciPBRTrackingNonSnat                   = "aci_pbr_tracking_non_snat"
	AciInstallIstio                         = "aci_install_istio"
	AciIstioProfile                         = "aci_istio_profile"
	AciDropLogEnable                        = "aci_drop_log_enable"
	AciControllerLogLevel                   = "aci_controller_log_level"
	AciHostAgentLogLevel                    = "aci_host_agent_log_level"
	AciOpflexAgentLogLevel                  = "aci_opflex_agent_log_level"
	AciApicRefreshTime                      = "aci_apic_refresh_time"
	AciServiceMonitorInterval               = "aci_server_monitor_interval"
	AciSystemIdentifier                     = "aci_system_identifier"
	AciToken                                = "aci_token"
	AciApicUserName                         = "aci_apic_user_name"
	AciApicUserKey                          = "aci_apic_user_key"
	AciApicUserCrt                          = "aci_apic_user_crt"
	AciVmmDomain                            = "aci_vmm_domain"
	AciVmmController                        = "aci_vmm_controller"
	AciEncapType                            = "aci_encap_type"
	AciAEP                                  = "aci_aep"
	AciVRFName                              = "aci_vrf_name"
	AciVRFTenant                            = "aci_vrf_tenant"
	AciL3Out                                = "aci_l3out"
	AciDynamicExternalSubnet                = "aci_dynamic_external_subnet"
	AciStaticExternalSubnet                 = "aci_static_external_subnet"
	AciServiceGraphSubnet                   = "aci_service_graph_subnet"
	AciKubeAPIVlan                          = "aci_kubeapi_vlan"
	AciServiceVlan                          = "aci_service_vlan"
	AciInfraVlan                            = "aci_infra_vlan"
	AciImagePullSecret                      = "aci_image_pull_secret"
	AciTenant                               = "aci_tenant"
	AciNodeSubnet                           = "aci_node_subnet"
	AciMcastRangeStart                      = "aci_mcast_range_start"
	AciMcastRangeEnd                        = "aci_mcast_range_end"
	AciUseAciCniPriorityClass               = "aci_use_aci_cni_priority_class"
	AciNoPriorityClass                      = "aci_no_priority_class"
	AciMaxNodesSvcGraph                     = "aci_max_nodes_svc_graph"
	AciSnatContractScope                    = "aci_snat_contract_scope"
	AciPodSubnetChunkSize                   = "aci_pod_subnet_chunk_size"
	AciEnableEndpointSlice                  = "aci_enable_endpoint_slice"
	AciSnatNamespace                        = "aci_snat_namespace"
	AciEpRegistry                           = "aci_ep_registry"
	AciOpflexMode                           = "aci_opflex_mode"
	AciSnatPortRangeStart                   = "aci_snat_port_range_start"
	AciSnatPortRangeEnd                     = "aci_snat_port_range_end"
	AciSnatPortsPerNode                     = "aci_snat_ports_per_node"
	AciOpflexClientSSL                      = "aci_opflex_client_ssl"
	AciUsePrivilegedContainer               = "aci_use_privileged_container"
	AciUseHostNetnsVolume                   = "aci_use_host_netns_volume"
	AciUseOpflexServerVolume                = "aci_use_opflex_server_volume"
	AciKafkaClientCrt                       = "aci_kafka_client_crt"
	AciKafkaClientKey                       = "aci_kafka_client_key"
	AciSubnetDomainName                     = "aci_subnet_domain_name"
	AciCApic                                = "aci_capic"
	AciUseAciAnywhereCRD                    = "aci_use_aci_anywhere_crd"
	AciOverlayVRFName                       = "aci_overlay_vrf_name"
	AciGbpPodSubnet                         = "aci_gbp_pod_subnet"
	AciRunGbpContainer                      = "aci_run_gbp_container"
	AciRunOpflexServerContainer             = "aci_run_opflex_server_container"
	AciOpflexServerPort                     = "aci_opflex_server_port"
	AciDurationWaitForNetwork               = "aci_duration_wait_for_network"
	AciDisableWaitForNetwork                = "aci_disable_wait_for_network"
	AciUseClusterRole                       = "aci_use_cluster_role"
	AciApicSubscriptionDelay                = "aci_apic_subscription_delay"
	AciApicRefreshTickerAdjust              = "aci_apic_refresh_ticker_adjust"
	AciDisablePeriodicSnatGlobalInfoSync    = "aci_disable_periodic_snat_global_info_sync"
	AciOpflexDeviceDeleteTimeout            = "aci_opflex_device_delete_timeout"
	AciMTUHeadRoom                          = "aci_mtu_head_room"
	AciNodePodIfEnable                      = "aci_node_pod_if_enable"
	AciSriovEnable                          = "aci_sriov_enable"
	AciMultusDisable                        = "aci_multus_disable"
	AciNoWaitForServiceEpReadiness          = "aci_no_wait_for_service_ep_readiness"
	AciAddExternalSubnetsToRdconfig         = "aci_add_external_subnets_to_rdconfig"
	AciServiceGraphEndpointAddDelay         = "aci_service_graph_endpoint_add_delay"
	AciHppOptimization                      = "aci_hpp_optimization"
	AciSleepTimeSnatGlobalInfoSync          = "aci_sleep_time_snat_global_info_sync"
	AciOpflexAgentOpflexAsyncjsonEnabled    = "aci_opflex_agent_opflex_asyncjson_enabled"
	AciOpflexAgentOvsAsyncjsonEnabled       = "aci_opflex_agent_ovs_asyncjson_enabled"
	AciOpflexAgentPolicyRetryDelayTimer     = "aci_opflex_agent_policy_retry_delay_timer"
	AciAciMultipod                          = "aci_aci_multipod"
	AciOpflexDeviceReconnectWaitTimeout     = "aci_opflex_device_reconnect_wait_timeout"
	AciAciMultipodUbuntu                    = "aci_aci_multipod_ubuntu"
	AciDhcpRenewMaxRetryCount               = "aci_dhcp_renew_max_retry_count"
	AciDhcpDelay                            = "aci_dhcp_delay"
	AciUseSystemNodePriorityClass           = "aci_use_system_node_priority_class"
	AciAciContainersControllerMemoryRequest = "aci_aci_containers_controller_memory_request"
	AciAciContainersControllerMemoryLimit   = "aci_aci_containers_controller_memory_limit"
	AciAciContainersHostMemoryRequest       = "aci_aci_containers_host_memory_request"
	AciAciContainersHostMemoryLimit         = "aci_aci_containers_host_memory_limit"
	AciMcastDaemonMemoryRequest             = "aci_mcast_daemon_memory_request"
	AciMcastDaemonMemoryLimit               = "aci_mcast_daemon_memory_limit"
	AciOpflexAgentMemoryRequest             = "aci_opflex_agent_memory_request"
	AciOpflexAgentMemoryLimit               = "aci_opflex_agent_memory_limit"
	AciAciContainersMemoryRequest           = "aci_aci_containers_memory_request"
	AciAciContainersMemoryLimit             = "aci_aci_containers_memory_limit"
	AciOpflexAgentStatistics                = "aci_opflex_agent_statistics"
	AciAddExternalContractToDefaultEpg      = "aci_add_external_contract_to_default_epg"
	AciEnableOpflexAgentReconnect           = "aci_enable_opflex_agent_reconnect"
	AciOpflexOpensslCompat                  = "aci_opflex_openssl_compat"
	AciTolerationSeconds                    = "aci_toleration_seconds"
	AciDisableHppRendering                  = "aci_disable_hpp_rendering"
	AciApicConnectionRetryLimit             = "aci_apic_connection_retry_limit"
	AciTaintNotReadyNode                    = "aci_taint_not_ready_node"
	AciDropLogDisableEvents                 = "aci_drop_log_disable_events"
	AciOpflexStartupEnabled                 = "aci_opflex_startup_enabled"
	AciOpflexStartupPolicyDuration          = "aci_opflex_startup_policy_duration"
	AciOpflexStartupResolveAftConn          = "aci_opflex_startup_resolve_aft_conn"
	AciOpflexSwitchSyncDelay                = "aci_opflex_switch_sync_delay"
	AciOpflexSwitchSyncDynamic              = "aci_opflex_switch_sync_dynamic"

	// EtcdEndpoints is the server address for Etcd, used by calico
	EtcdEndpoints = "EtcdEndpoints"
	// APIRoot is the kubernetes API address
	APIRoot = "APIRoot"

	EtcdClientCert     = "EtcdClientCert"
	EtcdClientKey      = "EtcdClientKey"
	EtcdClientCA       = "EtcdClientCA"
	EtcdClientCertPath = "EtcdClientCertPath"
	EtcdClientKeyPath  = "EtcdClientKeyPath"
	EtcdClientCAPath   = "EtcdClientCAPath"

	ClientCertPath = "ClientCertPath"
	ClientKeyPath  = "ClientKeyPath"
	ClientCAPath   = "ClientCAPath"

	KubeCfg = "KubeCfg"

	ClusterCIDR = "ClusterCIDR"

	Image              = "Image"
	CNIImage           = "CNIImage"
	NodeImage          = "NodeImage"
	ControllersImage   = "ControllersImage"
	CanalFlannelImg    = "CanalFlannelImg"
	FlexVolImg         = "FlexVolImg"
	WeaveLoopbackImage = "WeaveLoopbackImage"

	Calicoctl = "Calicoctl"

	FlannelInterface                       = "FlannelInterface"
	FlannelBackend                         = "FlannelBackend"
	KubeFlannelPriorityClassName           = "KubeFlannelPriorityClassName"
	CalicoNodePriorityClassName            = "CalicoNodePriorityClassName"
	CalicoKubeControllersPriorityClassName = "CalicoKubeControllersPriorityClassName"
	CanalInterface                         = "CanalInterface"
	CanalPriorityClassName                 = "CanalPriorityClassName"
	FlexVolPluginDir                       = "FlexVolPluginDir"
	WeavePassword                          = "WeavePassword"
	WeaveNetPriorityClassName              = "WeaveNetPriorityClassName"
	MTU                                    = "MTU"
	RBACConfig                             = "RBACConfig"
	ClusterVersion                         = "ClusterVersion"
	SystemIdentifier                       = "SystemIdentifier"
	ApicHosts                              = "ApicHosts"
	Token                                  = "Token"
	ApicUserName                           = "ApicUserName"
	ApicUserKey                            = "ApicUserKey"
	ApicUserCrt                            = "ApicUserCrt"
	ApicRefreshTime                        = "ApicRefreshTime"
	VmmDomain                              = "VmmDomain"
	VmmController                          = "VmmController"
	EncapType                              = "EncapType"
	McastRangeStart                        = "McastRangeStart"
	McastRangeEnd                          = "McastRangeEnd"
	AEP                                    = "AEP"
	VRFName                                = "VRFName"
	VRFTenant                              = "VRFTenant"
	L3Out                                  = "L3Out"
	L3OutExternalNetworks                  = "L3OutExternalNetworks"
	DynamicExternalSubnet                  = "DynamicExternalSubnet"
	StaticExternalSubnet                   = "StaticExternalSubnet"
	ServiceGraphSubnet                     = "ServiceGraphSubnet"
	KubeAPIVlan                            = "KubeAPIVlan"
	ServiceVlan                            = "ServiceVlan"
	InfraVlan                              = "InfraVlan"
	ImagePullPolicy                        = "ImagePullPolicy"
	ImagePullSecret                        = "ImagePullSecret"
	Tenant                                 = "Tenant"
	ServiceMonitorInterval                 = "ServiceMonitorInterval"
	PBRTrackingNonSnat                     = "PBRTrackingNonSnat"
	InstallIstio                           = "InstallIstio"
	IstioProfile                           = "IstioProfile"
	DropLogEnable                          = "DropLogEnable"
	ControllerLogLevel                     = "ControllerLogLevel"
	HostAgentLogLevel                      = "HostAgentLogLevel"
	OpflexAgentLogLevel                    = "OpflexAgentLogLevel"
	AciCniDeployContainer                  = "AciCniDeployContainer"
	AciHostContainer                       = "AciHostContainer"
	AciOpflexContainer                     = "AciOpflexContainer"
	AciMcastContainer                      = "AciMcastContainer"
	AciOpenvSwitchContainer                = "AciOpenvSwitchContainer"
	AciControllerContainer                 = "AciControllerContainer"
	AciGbpServerContainer                  = "AciGbpServerContainer"
	AciOpflexServerContainer               = "AciOpflexServerContainer"
	StaticServiceIPPool                    = "StaticServiceIPPool"
	PodNetwork                             = "PodNetwork"
	PodSubnet                              = "PodSubnet"
	PodIPPool                              = "PodIPPool"
	NodeServiceIPStart                     = "NodeServiceIPStart"
	NodeServiceIPEnd                       = "NodeServiceIPEnd"
	ServiceIPPool                          = "ServiceIPPool"
	UseAciCniPriorityClass                 = "UseAciCniPriorityClass"
	NoPriorityClass                        = "NoPriorityClass"
	MaxNodesSvcGraph                       = "MaxNodesSvcGraph"
	SnatContractScope                      = "SnatContractScope"
	PodSubnetChunkSize                     = "PodSubnetChunkSize"
	EnableEndpointSlice                    = "EnableEndpointSlice"
	SnatNamespace                          = "SnatNamespace"
	EpRegistry                             = "EpRegistry"
	OpflexMode                             = "OpflexMode"
	SnatPortRangeStart                     = "SnatPortRangeStart"
	SnatPortRangeEnd                       = "SnatPortRangeEnd"
	SnatPortsPerNode                       = "SnatPortsPerNode"
	OpflexClientSSL                        = "OpflexClientSSL"
	UsePrivilegedContainer                 = "UsePrivilegedContainer"
	UseHostNetnsVolume                     = "UseHostNetnsVolume"
	UseOpflexServerVolume                  = "UseOpflexServerVolume"
	KafkaBrokers                           = "KafkaBrokers"
	KafkaClientCrt                         = "KafkaClientCrt"
	KafkaClientKey                         = "KafkaClientKey"
	SubnetDomainName                       = "SubnetDomainName"
	CApic                                  = "CApic"
	UseAciAnywhereCRD                      = "UseAciAnywhereCRD"
	OverlayVRFName                         = "OverlayVRFName"
	GbpPodSubnet                           = "GbpPodSubnet"
	RunGbpContainer                        = "RunGbpContainer"
	RunOpflexServerContainer               = "RunOpflexServerContainer"
	OpflexServerPort                       = "OpflexServerPort"
	DurationWaitForNetwork                 = "DurationWaitForNetwork"
	DisableWaitForNetwork                  = "DisableWaitForNetwork"
	UseClusterRole                         = "UseClusterRole"
	ApicSubscriptionDelay                  = "ApicSubscriptionDelay"
	ApicRefreshTickerAdjust                = "ApicRefreshTickerAdjust"
	DisablePeriodicSnatGlobalInfoSync      = "DisablePeriodicSnatGlobalInfoSync"
	OpflexDeviceDeleteTimeout              = "OpflexDeviceDeleteTimeout"
	MTUHeadRoom                            = "MTUHeadRoom"
	NodePodIfEnable                        = "NodePodIfEnable"
	SriovEnable                            = "SriovEnable"
	MultusDisable                          = "MultusDisable"
	NoWaitForServiceEpReadiness            = "NoWaitForServiceEpReadiness"
	AddExternalSubnetsToRdconfig           = "AddExternalSubnetsToRdconfig"
	ServiceGraphEndpointAddDelay           = "ServiceGraphEndpointAddDelay"
	ServiceGraphEndpointAddServices        = "ServiceGraphEndpointAddServices"
	HppOptimization                        = "HppOptimization"
	SleepTimeSnatGlobalInfoSync            = "SleepTimeSnatGlobalInfoSync"
	OpflexAgentOpflexAsyncjsonEnabled      = "OpflexAgentOpflexAsyncjsonEnabled"
	OpflexAgentOvsAsyncjsonEnabled         = "OpflexAgentOvsAsyncjsonEnabled"
	OpflexAgentPolicyRetryDelayTimer       = "OpflexAgentPolicyRetryDelayTimer"
	AciMultipod                            = "AciMultipod"
	OpflexDeviceReconnectWaitTimeout       = "OpflexDeviceReconnectWaitTimeout"
	AciMultipodUbuntu                      = "AciMultipodUbuntu"
	DhcpRenewMaxRetryCount                 = "DhcpRenewMaxRetryCount"
	DhcpDelay                              = "DhcpDelay"
	OVSMemoryLimit                         = "OVSMemoryLimit"
	OVSMemoryRequest                       = "OVSMemoryRequest"
	NodeSubnet                             = "NodeSubnet"
	NodeSelector                           = "NodeSelector"
	UpdateStrategy                         = "UpdateStrategy"
	Tolerations                            = "Tolerations"
	UseSystemNodePriorityClass             = "UseSystemNodePriorityClass"
	AciContainersControllerMemoryRequest   = "AciContainersControllerMemoryRequest"
	AciContainersControllerMemoryLimit     = "AciContainersControllerMemoryLimit"
	AciContainersHostMemoryRequest         = "AciContainersHostMemoryRequest"
	AciContainersHostMemoryLimit           = "AciContainersHostMemoryLimit"
	McastDaemonMemoryRequest               = "McastDaemonMemoryRequest"
	McastDaemonMemoryLimit                 = "McastDaemonMemoryLimit"
	OpflexAgentMemoryRequest               = "OpflexAgentMemoryRequest"
	OpflexAgentMemoryLimit                 = "OpflexAgentMemoryLimit"
	AciContainersMemoryRequest             = "AciContainersMemoryRequest"
	AciContainersMemoryLimit               = "AciContainersMemoryLimit"
	OpflexAgentStatistics                  = "OpflexAgentStatistics"
	AddExternalContractToDefaultEpg        = "AddExternalContractToDefaultEpg"
	EnableOpflexAgentReconnect             = "EnableOpflexAgentReconnect"
	OpflexOpensslCompat                    = "OpflexOpensslCompat"
	NodeSnatRedirectExclude                = "NodeSnatRedirectExclude"
	TolerationSeconds                      = "TolerationSeconds"
	DisableHppRendering                    = "DisableHppRendering"
	ApicConnectionRetryLimit               = "ApicConnectionRetryLimit"
	TaintNotReadyNode                      = "TaintNotReadyNode"
	DropLogDisableEvents                   = "DropLogDisableEvents"
	OpflexStartupEnabled                   = "OpflexStartupEnabled"
	OpflexStartupPolicyDuration            = "OpflexStartupPolicyDuration"
	OpflexStartupResolveAftConn            = "OpflexStartupResolveAftConn"
	OpflexSwitchSyncDelay                  = "OpflexSwitchSyncDelay"
	OpflexSwitchSyncDynamic                = "OpflexSwitchSyncDynamic"
)
View Source
const (
	ClusterCIDREnv        = "RKE_CLUSTER_CIDR"
	ClusterServiceCIDREnv = "RKE_CLUSTER_SERVICE_CIDR"
	ClusterDNSServerEnv   = "RKE_CLUSTER_DNS_SERVER"
	ClusterDomainEnv      = "RKE_CLUSTER_DOMAIN"

	NodeAddressEnv         = "RKE_NODE_ADDRESS"
	NodeInternalAddressEnv = "RKE_NODE_INTERNAL_ADDRESS"
	NodeNameOverrideEnv    = "RKE_NODE_NAME_OVERRIDE"
	NodePrefixPath         = "RKE_NODE_PREFIX_PATH"

	NetworkConfigurationEnv = "RKE_NETWORK_CONFIGURATION"

	EtcdPathPrefix        = "/registry"
	CloudConfigSumEnv     = "RKE_CLOUD_CONFIG_CHECKSUM"
	CloudProviderNameEnv  = "RKE_CLOUD_PROVIDER_NAME"
	AuditLogConfigSumEnv  = "RKE_AUDITLOG_CONFIG_CHECKSUM"
	AdmissionConfigSumEnv = "RKE_ADMISSION_CONFIG_CHECKSUM"

	DefaultToolsEntrypoint        = "/opt/rke-tools/entrypoint.sh"
	DefaultToolsEntrypointVersion = "0.1.13"
	LegacyToolsEntrypoint         = "/opt/rke/entrypoint.sh"

	KubeletDockerConfigEnv     = "RKE_KUBELET_DOCKER_CONFIG"
	KubeletDockerConfigFileEnv = "RKE_KUBELET_DOCKER_FILE"
	KubeletDockerConfigPath    = "/var/lib/kubelet/config.json"

	// MaxEtcdOldEnvVersion The versions are maxed out for minor versions because -rancher1 suffix will cause semver to think its older, example: v1.15.0 > v1.15.0-rancher1
	MaxEtcdOldEnvVersion      = "v3.2.99"
	MaxK8s115Version          = "v1.15"
	MaxEtcdPort4001Version    = "v3.4.3-rancher99"
	MaxEtcdNoStrictTLSVersion = "v3.4.14-rancher99"
	MaxK8s121Version          = "v1.21.99-rancher99"
	MaxK8s122Version          = "v1.22.99-rancher99"

	EncryptionProviderConfigArgument = "encryption-provider-config"

	KubeletCRIDockerdNameEnv = "RKE_KUBELET_CRIDOCKERD"
	KubeletDualStackNameEnv  = "RKE_KUBELET_CRIDOCKERD_DUALSTACK"
)
View Source
const (
	EncryptionProviderFilePath = "/etc/kubernetes/ssl/encryption.yaml"
)
View Source
const (
	EtcdPlaneNodesReplacedErr = "Etcd plane nodes are replaced. Stopping provisioning. Please restore your cluster from backup."
)
View Source
const MinEtcdVersionWithDistrolessImage = "v3.5.7"
View Source
const (
	SELinuxCheckContainer = "rke-selinux-checker"
)

Variables

View Source
var (
	DNSProviders              = []string{KubeDNSProvider, CoreDNSProvider}
	NginxIngressAddonJobNames = []string{"ingress-nginx-admission-create", "ingress-nginx-admission-patch"}
)
View Source
var (
	DefaultNodeDrainIgnoreDaemonsets      = true
	DefaultDaemonSetMaxUnavailable        = intstr.FromInt(1)
	DefaultDeploymentUpdateStrategyParams = intstr.FromString("25%")
	DefaultDaemonSetUpdateStrategy        = v3.DaemonSetUpdateStrategy{
		Strategy:      appsv1.RollingUpdateDaemonSetStrategyType,
		RollingUpdate: &appsv1.RollingUpdateDaemonSet{MaxUnavailable: &DefaultDaemonSetMaxUnavailable},
	}
	DefaultDeploymentUpdateStrategy = v3.DeploymentStrategy{
		Strategy: appsv1.RollingUpdateDeploymentStrategyType,
		RollingUpdate: &appsv1.RollingUpdateDeployment{
			MaxUnavailable: &DefaultDeploymentUpdateStrategyParams,
			MaxSurge:       &DefaultDeploymentUpdateStrategyParams,
		},
	}
	DefaultClusterProportionalAutoscalerLinearParams = v3.LinearAutoscalerParams{CoresPerReplica: 128, NodesPerReplica: 4, Min: 1, PreventSinglePointFailure: true}
	DefaultMonitoringAddonReplicas                   = int32(1)
)
View Source
var ControlPlanePortList = []string{
	KubeAPIPort,
}
View Source
var (
	ErrFullStateIsNil = errors.New("fullState argument cannot be nil")
)
View Source
var EtcdClientPortList = []string{
	EtcdPort1,
}
View Source
var EtcdPortList = []string{
	EtcdPort1,
	EtcdPort2,
}
View Source
var IPv6CompatibleNetworkPlugins = []string{CalicoNetworkPlugin, AciNetworkPlugin}
View Source
var WorkerPortList = []string{
	KubeletPort,
}

Functions

func ApplyAuthzResources added in v0.1.2

func ApplyAuthzResources(ctx context.Context, rkeConfig v3.RancherKubernetesEngineConfig, flags ExternalFlags, dailersOptions hosts.DialersOptions) error

func BuildPortChecksFromPortList added in v0.1.2

func BuildPortChecksFromPortList(host *hosts.Host, portList []string, proto string) []v3.PortCheck

func BuildRKEConfigNodePlan added in v0.1.2

func BuildRKEConfigNodePlan(ctx context.Context, myCluster *Cluster, host *hosts.Host, svcOptions v3.KubernetesServicesOptions) v3.RKEConfigNodePlan

func CheckEtcdHostsChanged

func CheckEtcdHostsChanged(kubeCluster, currentCluster *Cluster) error

func ConfigureCluster added in v0.1.2

func ConfigureCluster(
	ctx context.Context,
	rkeConfig v3.RancherKubernetesEngineConfig,
	crtBundle map[string]pki.CertificatePKI,
	flags ExternalFlags,
	dailersOptions hosts.DialersOptions,
	data map[string]interface{},
	useKubectl bool) error

func GeneratePlan added in v0.1.2

func GeneratePlan(ctx context.Context, rkeConfig *v3.RancherKubernetesEngineConfig, hostsInfoMap map[string]types.Info, data map[string]interface{}) (v3.RKEPlan, error)

func GetCertificateDirPath added in v0.2.0

func GetCertificateDirPath(configPath, configDir string) string

func GetClusterCertsFromKubernetes added in v0.2.0

func GetClusterCertsFromKubernetes(ctx context.Context, kubeCluster *Cluster) (map[string]pki.CertificatePKI, error)

func GetClusterCertsFromNodes added in v0.2.0

func GetClusterCertsFromNodes(ctx context.Context, kubeCluster *Cluster) (map[string]pki.CertificatePKI, error)

func GetK8sVersion

func GetK8sVersion(localConfigPath string, k8sWrapTransport transport.WrapperFunc) (string, error)

func GetLocalRKEConfig

func GetLocalRKEConfig() *v3.RancherKubernetesEngineConfig

func GetLocalRKENodeConfig

func GetLocalRKENodeConfig() *v3.RKEConfigNode

func GetServiceOptionData added in v0.3.0

func GetServiceOptionData(data map[string]interface{}) map[string]*v3.KubernetesServicesOptions

func GetStateFilePath added in v0.2.0

func GetStateFilePath(configPath, configDir string) string

func IsLegacyKubeAPI added in v0.2.0

func IsLegacyKubeAPI(ctx context.Context, kubeCluster *Cluster) (bool, error)

func ParseConfig

func ParseConfig(clusterFile string) (*v3.RancherKubernetesEngineConfig, error)

func RebuildKubeconfig added in v0.2.0

func RebuildKubeconfig(ctx context.Context, kubeCluster *Cluster) error

func ReconcileCluster

func ReconcileCluster(ctx context.Context, kubeCluster, currentCluster *Cluster, flags ExternalFlags, svcOptionData map[string]*v3.KubernetesServicesOptions) error

func ReconcileEncryptionProviderConfig added in v1.0.0

func ReconcileEncryptionProviderConfig(ctx context.Context, kubeCluster, currentCluster *Cluster) error

func RemoveStateFile added in v1.2.0

func RemoveStateFile(ctx context.Context, statePath string)

func RestartClusterPods added in v0.2.0

func RestartClusterPods(ctx context.Context, kubeCluster *Cluster) error

func RotateRKECertificates added in v0.1.18

func RotateRKECertificates(ctx context.Context, c *Cluster, flags ExternalFlags, clusterState *FullState) error

func SaveFullStateToK8s added in v1.4.19

func SaveFullStateToK8s(ctx context.Context, k8sClient kubernetes.Interface, fullState *FullState) error

SaveFullStateToK8s saves the full cluster state to a k8s secret. If any errors that occur on attempts to update the secret will be retired up until some limit.

func SetUpAuthentication

func SetUpAuthentication(ctx context.Context, kubeCluster, currentCluster *Cluster, fullState *FullState) error

func ValidateHostCount added in v0.1.2

func ValidateHostCount(c *Cluster) error

Types

type Cluster

type Cluster struct {
	AuthnStrategies                  map[string]bool
	ConfigPath                       string
	ConfigDir                        string
	CloudConfigFile                  string
	ControlPlaneHosts                []*hosts.Host
	Certificates                     map[string]pki.CertificatePKI
	CertificateDir                   string
	ClusterDomain                    string
	ClusterCIDR                      string
	ClusterDNSServer                 string
	DinD                             bool
	DockerDialerFactory              hosts.DialerFactory
	EtcdHosts                        []*hosts.Host
	EtcdReadyHosts                   []*hosts.Host
	ForceDeployCerts                 bool
	InactiveHosts                    []*hosts.Host
	K8sWrapTransport                 transport.WrapperFunc
	KubeClient                       *kubernetes.Clientset
	KubernetesServiceIP              []net.IP
	LocalKubeConfigPath              string
	LocalConnDialerFactory           hosts.DialerFactory
	PrivateRegistriesMap             map[string]v3.PrivateRegistry
	StateFilePath                    string
	UpdateWorkersOnly                bool
	UseKubectlDeploy                 bool
	v3.RancherKubernetesEngineConfig `yaml:",inline"`
	WorkerHosts                      []*hosts.Host
	EncryptionConfig                 encryptionConfig
	NewHosts                         map[string]bool
	MaxUnavailableForWorkerNodes     int
	MaxUnavailableForControlNodes    int
}

func GetStateFromKubernetes added in v0.2.0

func GetStateFromKubernetes(ctx context.Context, kubeCluster *Cluster) (*Cluster, error)

func GetStateFromNodes added in v0.2.0

func GetStateFromNodes(ctx context.Context, kubeCluster *Cluster) *Cluster

func InitClusterObject added in v0.2.0

func InitClusterObject(ctx context.Context, rkeConfig *v3.RancherKubernetesEngineConfig, flags ExternalFlags, encryptConfig string) (*Cluster, error)

func (*Cluster) ApplySystemAddonExecuteJob added in v0.1.9

func (c *Cluster) ApplySystemAddonExecuteJob(addonJob, resourceName string, addonUpdated bool) error

func (*Cluster) BuildEtcdProcess added in v0.1.2

func (c *Cluster) BuildEtcdProcess(host *hosts.Host, etcdHosts []*hosts.Host, serviceOptions v3.KubernetesServicesOptions) v3.Process

func (*Cluster) BuildKubeAPIProcess added in v0.1.2

func (c *Cluster) BuildKubeAPIProcess(host *hosts.Host, serviceOptions v3.KubernetesServicesOptions) v3.Process

func (*Cluster) BuildKubeControllerProcess added in v0.1.2

func (c *Cluster) BuildKubeControllerProcess(host *hosts.Host, serviceOptions v3.KubernetesServicesOptions) v3.Process

func (*Cluster) BuildKubeProxyProcess added in v0.1.2

func (c *Cluster) BuildKubeProxyProcess(host *hosts.Host, serviceOptions v3.KubernetesServicesOptions) v3.Process

func (*Cluster) BuildKubeletProcess added in v0.1.2

func (c *Cluster) BuildKubeletProcess(host *hosts.Host, serviceOptions v3.KubernetesServicesOptions) v3.Process

func (*Cluster) BuildProxyProcess added in v0.1.2

func (c *Cluster) BuildProxyProcess(host *hosts.Host) v3.Process

func (*Cluster) BuildSchedulerProcess added in v0.1.2

func (c *Cluster) BuildSchedulerProcess(host *hosts.Host, serviceOptions v3.KubernetesServicesOptions) v3.Process

func (*Cluster) BuildSidecarProcess added in v0.1.2

func (c *Cluster) BuildSidecarProcess(host *hosts.Host) v3.Process

func (*Cluster) CalculateMaxUnavailable added in v1.0.7

func (c *Cluster) CalculateMaxUnavailable() (int, int, error)

func (*Cluster) CheckClusterPorts

func (c *Cluster) CheckClusterPorts(ctx context.Context, currentCluster *Cluster) error

func (*Cluster) CleanDeadLogs added in v0.1.3

func (c *Cluster) CleanDeadLogs(ctx context.Context) error

func (*Cluster) CleanupFiles added in v0.2.0

func (c *Cluster) CleanupFiles(ctx context.Context) error

func (*Cluster) CleanupNodes added in v0.2.0

func (c *Cluster) CleanupNodes(ctx context.Context) error

func (*Cluster) ClusterRemove

func (c *Cluster) ClusterRemove(ctx context.Context) error

func (*Cluster) DeployControlPlane

func (c *Cluster) DeployControlPlane(ctx context.Context, svcOptionData map[string]*v3.KubernetesServicesOptions, reconcileCluster bool) (string, error)

func (*Cluster) DeployEncryptionProviderFile added in v1.0.0

func (c *Cluster) DeployEncryptionProviderFile(ctx context.Context) error

func (*Cluster) DeployRestoreCerts added in v0.2.0

func (c *Cluster) DeployRestoreCerts(ctx context.Context, clusterCerts map[string]pki.CertificatePKI) error

func (*Cluster) DeployStateFile added in v1.1.5

func (c *Cluster) DeployStateFile(ctx context.Context, stateFilePath, snapshotName string) error

func (*Cluster) DeployWorkerPlane

func (c *Cluster) DeployWorkerPlane(ctx context.Context, svcOptionData map[string]*v3.KubernetesServicesOptions, reconcileCluster bool) (string, error)

func (*Cluster) DisableSecretsEncryption added in v1.0.0

func (c *Cluster) DisableSecretsEncryption(ctx context.Context, currentCluster *Cluster, custom bool) error

func (*Cluster) GetClusterState

func (c *Cluster) GetClusterState(ctx context.Context, fullState *FullState) (*Cluster, error)

func (*Cluster) GetHostInfoMap added in v0.2.0

func (c *Cluster) GetHostInfoMap() map[string]types.Info

func (*Cluster) GetKubernetesServicesOptions added in v0.1.6

func (c *Cluster) GetKubernetesServicesOptions(osType string, data map[string]*v3.KubernetesServicesOptions) (v3.KubernetesServicesOptions, error)

func (*Cluster) GetStateFileFromConfigMap added in v1.2.5

func (c *Cluster) GetStateFileFromConfigMap(ctx context.Context) (string, error)

func (*Cluster) GetStateFileFromSnapshot added in v1.1.5

func (c *Cluster) GetStateFileFromSnapshot(ctx context.Context, snapshotName string) (string, error)

func (*Cluster) InvertIndexHosts

func (c *Cluster) InvertIndexHosts() error

func (*Cluster) IsCRIDockerdEnabled added in v1.3.0

func (c *Cluster) IsCRIDockerdEnabled() bool

func (*Cluster) IsEncryptionCustomConfig added in v1.0.0

func (c *Cluster) IsEncryptionCustomConfig() bool

func (*Cluster) IsEncryptionEnabled added in v1.0.0

func (c *Cluster) IsEncryptionEnabled() bool

func (*Cluster) IsKubeletGenerateServingCertificateEnabled added in v1.0.0

func (c *Cluster) IsKubeletGenerateServingCertificateEnabled() bool

func (*Cluster) PrePullK8sImages added in v0.1.1

func (c *Cluster) PrePullK8sImages(ctx context.Context) error

func (*Cluster) PrepareBackup added in v0.2.0

func (c *Cluster) PrepareBackup(ctx context.Context, snapshotPath string) error

func (*Cluster) ReconcileDesiredStateEncryptionConfig added in v1.0.0

func (c *Cluster) ReconcileDesiredStateEncryptionConfig(ctx context.Context, fullState *FullState) error

ReconcileDesiredStateEncryptionConfig We do the rotation outside of the cluster reconcile logic. When we are done, DesiredState needs to be updated to reflect the "new" configuration

func (*Cluster) RemoveEtcdSnapshot added in v0.2.3

func (c *Cluster) RemoveEtcdSnapshot(ctx context.Context, snapshotName string) error

func (*Cluster) RemoveOldNodes added in v0.2.0

func (c *Cluster) RemoveOldNodes(ctx context.Context) error

func (*Cluster) RestoreEtcdSnapshot added in v0.1.7

func (c *Cluster) RestoreEtcdSnapshot(ctx context.Context, snapshotPath string) error

func (*Cluster) RewriteSecrets added in v1.0.0

func (c *Cluster) RewriteSecrets(ctx context.Context) error

RewriteSecrets does the following: - retrieves all cluster secrets in batches with size of <secretBatchSize> - triggers rewrites with new encryption key by sending each secret over a channel consumed by workers that perform the rewrite - logs progress of rewrite operation

func (*Cluster) RotateEncryptionKey added in v1.0.0

func (c *Cluster) RotateEncryptionKey(ctx context.Context, fullState *FullState) error

func (*Cluster) RunSELinuxCheck added in v1.3.3

func (c *Cluster) RunSELinuxCheck(ctx context.Context) error

func (*Cluster) SetUpHosts

func (c *Cluster) SetUpHosts(ctx context.Context, flags ExternalFlags) error

func (*Cluster) SetupDialers added in v0.2.0

func (c *Cluster) SetupDialers(ctx context.Context, dailersOptions hosts.DialersOptions) error

func (*Cluster) SnapshotEtcd added in v0.1.7

func (c *Cluster) SnapshotEtcd(ctx context.Context, snapshotName string) error

func (*Cluster) StoreAddonConfigMap

func (c *Cluster) StoreAddonConfigMap(ctx context.Context, addonYaml string, addonName string) (bool, error)

func (*Cluster) SyncLabelsAndTaints added in v0.1.1

func (c *Cluster) SyncLabelsAndTaints(ctx context.Context, currentCluster *Cluster) error

func (*Cluster) TunnelHosts

func (c *Cluster) TunnelHosts(ctx context.Context, flags ExternalFlags) error

func (*Cluster) UpdateClusterCurrentState added in v0.2.0

func (c *Cluster) UpdateClusterCurrentState(ctx context.Context, fullState *FullState) error

func (*Cluster) UpgradeControlPlane added in v1.0.7

func (c *Cluster) UpgradeControlPlane(ctx context.Context, kubeClient *kubernetes.Clientset, cpNodePlanMap map[string]v3.RKEConfigNodePlan) (string, error)

func (*Cluster) UpgradeWorkerPlane added in v1.0.7

func (c *Cluster) UpgradeWorkerPlane(ctx context.Context, kubeClient *kubernetes.Clientset, workerNodePlanMap map[string]v3.RKEConfigNodePlan, etcdAndWorkerHosts, workerOnlyHosts []*hosts.Host) (string, error)

func (*Cluster) ValidateCluster

func (c *Cluster) ValidateCluster(ctx context.Context) error

type CoreDNSOptions added in v0.2.0

type CoreDNSOptions struct {
	RBACConfig                         string
	CoreDNSImage                       string
	CoreDNSAutoScalerImage             string
	ClusterDomain                      string
	ClusterDNSServer                   string
	ReverseCIDRs                       []string
	UpstreamNameservers                []string
	NodeSelector                       map[string]string
	UpdateStrategy                     *appsv1.DeploymentStrategy
	LinearAutoscalerParams             string
	Tolerations                        []v1.Toleration
	CoreDNSPriorityClassName           string
	CoreDNSAutoscalerPriorityClassName string
}

type ExternalFlags added in v0.2.0

type ExternalFlags struct {
	CertificateDir   string
	ClusterFilePath  string
	DinD             bool
	ConfigDir        string
	CustomCerts      bool
	DisablePortCheck bool
	GenerateCSR      bool
	Local            bool
	UpdateOnly       bool
	UseLocalState    bool
}

func GetExternalFlags added in v0.2.0

func GetExternalFlags(local, updateOnly, disablePortCheck, useLocalState bool, configDir, clusterFilePath string) ExternalFlags

type FullState added in v0.2.0

type FullState struct {
	DesiredState State `json:"desiredState,omitempty"`
	CurrentState State `json:"currentState,omitempty"`
}

func GetFullStateFromK8s added in v1.4.19

func GetFullStateFromK8s(ctx context.Context, k8sClient kubernetes.Interface) (*FullState, error)

GetFullStateFromK8s fetches the full cluster state from the k8s cluster. In earlier versions of RKE, the full cluster state was stored in a configmap, but it has since been moved to a secret. This function tries fetching it from the secret first and will fall back on the configmap if the secret doesn't exist.

func ReadStateFile added in v0.2.0

func ReadStateFile(ctx context.Context, statePath string) (*FullState, error)

func RebuildState added in v0.2.0

func RebuildState(ctx context.Context, kubeCluster *Cluster, oldState *FullState, flags ExternalFlags) (*FullState, error)

func StringToFullState added in v1.1.5

func StringToFullState(ctx context.Context, stateFileContent string) (*FullState, error)

func (*FullState) WriteStateFile added in v0.2.0

func (s *FullState) WriteStateFile(ctx context.Context, statePath string) error

type IPPool added in v1.3.21

type IPPool struct {
	Start net.IP
	End   net.IP
}

type KubeDNSOptions added in v0.2.0

type KubeDNSOptions struct {
	RBACConfig                         string
	KubeDNSImage                       string
	DNSMasqImage                       string
	KubeDNSAutoScalerImage             string
	KubeDNSSidecarImage                string
	ClusterDomain                      string
	ClusterDNSServer                   string
	ReverseCIDRs                       []string
	UpstreamNameservers                []string
	StubDomains                        map[string][]string
	NodeSelector                       map[string]string
	UpdateStrategy                     *appsv1.DeploymentStrategy
	LinearAutoscalerParams             string
	Tolerations                        []v1.Toleration
	KubeDNSPriorityClassName           string
	KubeDNSAutoscalerPriorityClassName string
}

type MetricsServerOptions added in v0.1.9

type MetricsServerOptions struct {
	RBACConfig                     string
	Options                        map[string]string
	NodeSelector                   map[string]string
	MetricsServerImage             string
	Version                        string
	UpdateStrategy                 *appsv1.DeploymentStrategy
	Replicas                       *int32
	Tolerations                    []v1.Toleration
	MetricsServerPriorityClassName string
}

type NodelocalOptions added in v1.0.7

type NodelocalOptions struct {
	RBACConfig                    string
	NodelocalImage                string
	ClusterDomain                 string
	ClusterDNSServer              string
	IPAddress                     string
	NodeSelector                  map[string]string
	UpdateStrategy                *appsv1.DaemonSetUpdateStrategy
	NodeLocalDNSPriorityClassName string
}

type PodIPNetwork added in v1.3.21

type PodIPNetwork struct {
	Subnet  net.IPNet
	Gateway net.IP
}

type State added in v0.2.0

type State struct {
	RancherKubernetesEngineConfig *v3.RancherKubernetesEngineConfig `json:"rkeConfig,omitempty"`
	CertificatesBundle            map[string]pki.CertificatePKI     `json:"certificatesBundle,omitempty"`
	EncryptionConfig              string                            `json:"encryptionConfig,omitempty"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL