Documentation
¶
Index ¶
- Constants
- func GetKubeAPIServerArg(cluster *v1.Cluster) map[string]string
- func GetRuntime(kubernetesVersion string) string
- func MachineSelectorFileExists(file *rkev1.RKEProvisioningFiles, cluster *v1.Cluster, ignoreValueCheck bool) bool
- func MachineSelectorFileForPSA(secretName, mountPath, hash string) *rkev1.RKEProvisioningFiles
- type ManagementClusterMutator
- func (m *ManagementClusterMutator) Admit(request *admission.Request) (*admissionv1.AdmissionResponse, error)
- func (m *ManagementClusterMutator) GVR() schema.GroupVersionResource
- func (m *ManagementClusterMutator) MutatingWebhook(clientConfig admissionregistrationv1.WebhookClientConfig) []admissionregistrationv1.MutatingWebhook
- func (m *ManagementClusterMutator) Operations() []admissionregistrationv1.OperationType
- type ProvisioningClusterMutator
- func (m *ProvisioningClusterMutator) Admit(request *admission.Request) (*admissionv1.AdmissionResponse, error)
- func (m *ProvisioningClusterMutator) GVR() schema.GroupVersionResource
- func (m *ProvisioningClusterMutator) MutatingWebhook(clientConfig admissionregistrationv1.WebhookClientConfig) []admissionregistrationv1.MutatingWebhook
- func (m *ProvisioningClusterMutator) Operations() []admissionregistrationv1.OperationType
Constants ¶
const ( // KubeAPIAdmissionConfigOption is the option name in kube-apiserver for the admission control configuration file KubeAPIAdmissionConfigOption = "admission-control-config-file" // SecretName is the naming pattern of the secret which contains the admission control configuration file SecretName = "%s-admission-configuration-psact" // SecretKey is the key of the item holding the admission control configuration file in the secret SecretKey = "admission-config-psact" // MountPath is where the admission control configuration file will be mounted in the control plane nodes MountPath = "/etc/rancher/%s/config/rancher-psact.yaml" )
Variables ¶
This section is empty.
Functions ¶
func GetKubeAPIServerArg ¶ added in v0.3.2
GetKubeAPIServerArg returns a map representation of the value of kube-apiserver-arg from the cluster's MachineGlobalConfig. An empty map is returned if kube-apiserver-arg is not set in the cluster.
func GetRuntime ¶ added in v0.3.2
GetRuntime returns the runtime of a cluster by checking its k8s version.
func MachineSelectorFileExists ¶ added in v0.3.2
func MachineSelectorFileExists(file *rkev1.RKEProvisioningFiles, cluster *v1.Cluster, ignoreValueCheck bool) bool
MachineSelectorFileExists returns a boolean to indicate if the provided RKEProvisioningFiles exist in the provided cluster.
func MachineSelectorFileForPSA ¶ added in v0.3.2
func MachineSelectorFileForPSA(secretName, mountPath, hash string) *rkev1.RKEProvisioningFiles
MachineSelectorFileForPSA generates an RKEProvisioningFiles that mounts the secret which contains the generated admission configuration file to the control plane node
Types ¶
type ManagementClusterMutator ¶ added in v0.3.2
type ManagementClusterMutator struct {
// contains filtered or unexported fields
}
ManagementClusterMutator implements admission.MutatingAdmissionWebhook.
func NewManagementClusterMutator ¶ added in v0.3.2
func NewManagementClusterMutator(cache v3.PodSecurityAdmissionConfigurationTemplateCache) *ManagementClusterMutator
func (*ManagementClusterMutator) Admit ¶ added in v0.3.2
func (m *ManagementClusterMutator) Admit(request *admission.Request) (*admissionv1.AdmissionResponse, error)
Admit is the entrypoint for the mutator. Admit will return an error if it is unable to process the request.
func (*ManagementClusterMutator) GVR ¶ added in v0.3.2
func (m *ManagementClusterMutator) GVR() schema.GroupVersionResource
GVR returns the GroupVersionKind for this CRD.
func (*ManagementClusterMutator) MutatingWebhook ¶ added in v0.3.2
func (m *ManagementClusterMutator) MutatingWebhook(clientConfig admissionregistrationv1.WebhookClientConfig) []admissionregistrationv1.MutatingWebhook
MutatingWebhook returns the MutatingWebhook used for this CRD.
func (*ManagementClusterMutator) Operations ¶ added in v0.3.2
func (m *ManagementClusterMutator) Operations() []admissionregistrationv1.OperationType
Operations returns list of operations handled by this mutator.
type ProvisioningClusterMutator ¶ added in v0.3.2
type ProvisioningClusterMutator struct {
// contains filtered or unexported fields
}
ProvisioningClusterMutator implements admission.MutatingAdmissionWebhook.
func NewProvisioningClusterMutator ¶ added in v0.3.2
func NewProvisioningClusterMutator(secret corecontroller.SecretController, psact v3.PodSecurityAdmissionConfigurationTemplateCache) *ProvisioningClusterMutator
NewProvisioningClusterMutator returns a new mutator for provisioning clusters
func (*ProvisioningClusterMutator) Admit ¶ added in v0.3.2
func (m *ProvisioningClusterMutator) Admit(request *admission.Request) (*admissionv1.AdmissionResponse, error)
Admit is the entrypoint for the mutator. Admit will return an error if it unable to process the request.
func (*ProvisioningClusterMutator) GVR ¶ added in v0.3.2
func (m *ProvisioningClusterMutator) GVR() schema.GroupVersionResource
GVR returns the GroupVersionKind for this CRD.
func (*ProvisioningClusterMutator) MutatingWebhook ¶ added in v0.3.2
func (m *ProvisioningClusterMutator) MutatingWebhook(clientConfig admissionregistrationv1.WebhookClientConfig) []admissionregistrationv1.MutatingWebhook
MutatingWebhook returns the MutatingWebhook used for this CRD.
func (*ProvisioningClusterMutator) Operations ¶ added in v0.3.2
func (m *ProvisioningClusterMutator) Operations() []admissionregistrationv1.OperationType
Operations returns list of operations handled by this mutator.
Source Files