Documentation ¶
Overview ¶
Package origin provides objects for creating an OpenShift Origin server
Index ¶
- Constants
- Variables
- func CreateOrUpdateDefaultOAuthClients(masterPublicAddr string, assetPublicAddresses []string, ...) error
- func OpenShiftOAuthAuthorizeURL(masterAddr string) string
- func OpenShiftOAuthTokenRequestURL(masterAddr string) string
- func OpenShiftOAuthTokenURL(masterAddr string) string
- type APIInstallFunc
- type APIInstaller
- type AssetConfig
- type AuthConfig
- type MasterConfig
- func (c *MasterConfig) BuildConfigChangeControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) BuildConfigWebHookClient() *osclient.Client
- func (c *MasterConfig) BuildControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) BuildImageChangeTriggerControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) BuildLogClient() *kclient.Client
- func (c *MasterConfig) BuildPodControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) DNSServerClient() *kclient.Client
- func (c *MasterConfig) DeploymentClient() *kclient.Client
- func (c *MasterConfig) DeploymentConfigClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) DeploymentConfigControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) DeploymentConfigInstantiateClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) DeploymentControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) DeploymentLogClient() *kclient.Client
- func (c *MasterConfig) DeploymentTriggerControllerClient() *osclient.Client
- func (c *MasterConfig) GetRestStorage() map[string]rest.Storage
- func (c *MasterConfig) GetServiceAccountClients(name string) (*restclient.Config, *osclient.Client, *kclient.Client, error)
- func (c *MasterConfig) ImageChangeControllerClient() *osclient.Client
- func (c *MasterConfig) ImageImportControllerClient() *osclient.Client
- func (c *MasterConfig) ImageStreamImportSecretClient() *osclient.Client
- func (c *MasterConfig) ImageStreamSecretClient() *kclient.Client
- func (c *MasterConfig) InitializeObjects()
- func (c *MasterConfig) InstallProtectedAPI(container *restful.Container) ([]string, error)
- func (c *MasterConfig) InstallUnprotectedAPI(container *restful.Container) ([]string, error)
- func (c *MasterConfig) KubeClient() *kclient.Client
- func (c *MasterConfig) OAuthServerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) OriginNamespaceControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) PolicyClient() *osclient.Client
- func (c *MasterConfig) ResourceQuotaManagerClients() (*osclient.Client, *internalclientset.Clientset)
- func (c *MasterConfig) RouteAllocator() *routeallocationcontroller.RouteAllocationController
- func (c *MasterConfig) RouteAllocatorClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) Run(protected []APIInstaller, unprotected []APIInstaller)
- func (c *MasterConfig) RunAssetServer()
- func (c *MasterConfig) RunBuildConfigChangeController()
- func (c *MasterConfig) RunBuildController(informers shared.InformerFactory) error
- func (c *MasterConfig) RunBuildImageChangeTriggerController()
- func (c *MasterConfig) RunBuildPodController()
- func (c *MasterConfig) RunClusterQuotaMappingController()
- func (c *MasterConfig) RunClusterQuotaReconciliationController()
- func (c *MasterConfig) RunDNSServer()
- func (c *MasterConfig) RunDeploymentConfigController()
- func (c *MasterConfig) RunDeploymentController()
- func (c *MasterConfig) RunDeploymentTriggerController()
- func (c *MasterConfig) RunGroupCache()
- func (c *MasterConfig) RunHealth()
- func (c *MasterConfig) RunImageImportController()
- func (c *MasterConfig) RunIngressIPController(client *kclient.Client)
- func (c *MasterConfig) RunOriginNamespaceController()
- func (c *MasterConfig) RunProjectAuthorizationCache()
- func (c *MasterConfig) RunProjectCache()
- func (c *MasterConfig) RunResourceQuotaManager(cm *cmapp.CMServer)
- func (c *MasterConfig) RunSDNController()
- func (c *MasterConfig) RunSecurityAllocationController()
- func (c *MasterConfig) RunServiceAccountPullSecretsControllers()
- func (c *MasterConfig) RunServiceAccountTokensController(cm *cmapp.CMServer)
- func (c *MasterConfig) RunServiceAccountsController()
- func (c *MasterConfig) RunServiceServingCertController(client *kclient.Client)
- func (c *MasterConfig) RunUnidlingController()
- func (c *MasterConfig) SDNControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) SdnClient() *osclient.Client
- func (c *MasterConfig) SecurityAllocationControllerClient() *kclient.Client
- func (c *MasterConfig) ServiceAccountRoleBindingClient() *osclient.Client
- func (c *MasterConfig) UnidlingControllerClients() (*osclient.Client, *kclient.Client)
- func (c *MasterConfig) WebConsoleEnabled() bool
Constants ¶
const ( OpenShiftOAuthAPIPrefix = "/oauth" OpenShiftOAuthCallbackPrefix = "/oauth2callback" OpenShiftWebConsoleClientID = "openshift-web-console" OpenShiftBrowserClientID = "openshift-browser-client" OpenShiftCLIClientID = "openshift-challenging-client" )
const ( LegacyOpenShiftAPIPrefix = "/osapi" // TODO: make configurable OpenShiftAPIPrefix = "/oapi" // TODO: make configurable KubernetesAPIPrefix = "/api" // TODO: make configurable KubernetesAPIGroupPrefix = "/apis" // TODO: make configurable OpenShiftAPIV1 = "v1" OpenShiftAPIPrefixV1 = OpenShiftAPIPrefix + "/" + OpenShiftAPIV1 )
Variables ¶
var ( // KubeAdmissionPlugins gives the in-order default admission chain for kube resources. KubeAdmissionPlugins = []string{ lifecycle.PluginName, "RunOnceDuration", "PodNodeConstraints", "OriginPodNodeEnvironment", overrideapi.PluginName, serviceadmit.ExternalIPPluginName, serviceadmit.RestrictedEndpointsPluginName, imagepolicy.PluginName, "ImagePolicyWebhook", "LimitRanger", "ServiceAccount", "SecurityContextConstraint", storageclassdefaultadmission.PluginName, "AlwaysPullImages", "LimitPodHardAntiAffinityTopology", "SCCExecRestrictions", "PersistentVolumeLabel", "OwnerReferencesPermissionEnforcement", quotaadmission.PluginName, "openshift.io/ClusterResourceQuota", } // CombinedAdmissionControlPlugins gives the in-order default admission chain for all resources resources. // When possible, this list is used. The set of openshift+kube chains must exactly match this set. In addition, // the order specified in the openshift and kube chains must match the order here. CombinedAdmissionControlPlugins = []string{ lifecycle.PluginName, "ProjectRequestLimit", "OriginNamespaceLifecycle", "PodNodeConstraints", "openshift.io/JenkinsBootstrapper", "BuildByStrategy", imageadmission.PluginName, "RunOnceDuration", "PodNodeConstraints", "OriginPodNodeEnvironment", overrideapi.PluginName, serviceadmit.ExternalIPPluginName, serviceadmit.RestrictedEndpointsPluginName, imagepolicy.PluginName, "ImagePolicyWebhook", "LimitRanger", "ServiceAccount", "SecurityContextConstraint", storageclassdefaultadmission.PluginName, "AlwaysPullImages", "LimitPodHardAntiAffinityTopology", "SCCExecRestrictions", "PersistentVolumeLabel", "OwnerReferencesPermissionEnforcement", quotaadmission.PluginName, "openshift.io/ClusterResourceQuota", } )
Functions ¶
func CreateOrUpdateDefaultOAuthClients ¶
func CreateOrUpdateDefaultOAuthClients(masterPublicAddr string, assetPublicAddresses []string, clientRegistry clientregistry.Registry) error
func OpenShiftOAuthTokenURL ¶
Types ¶
type APIInstallFunc ¶
APIInstallFunc is a function for installing APIs
func (APIInstallFunc) InstallAPI ¶
func (fn APIInstallFunc) InstallAPI(container *restful.Container) ([]string, error)
InstallAPI implements APIInstaller
type APIInstaller ¶
type APIInstaller interface { // InstallAPI returns an array of strings describing what was installed InstallAPI(*restful.Container) ([]string, error) }
APIInstaller installs additional API components into this server
type AssetConfig ¶
type AssetConfig struct { Options oapi.AssetConfig LimitRequestOverrides *api.ClusterResourceOverrideConfig }
AssetConfig defines the required parameters for starting the OpenShift master
func NewAssetConfig ¶
func NewAssetConfig(options oapi.AssetConfig, limitRequestOverrides *api.ClusterResourceOverrideConfig) (*AssetConfig, error)
NewAssetConfig returns a new AssetConfig
func (*AssetConfig) InstallAPI ¶
func (c *AssetConfig) InstallAPI(container *restful.Container) ([]string, error)
InstallAPI adds handlers for serving static assets into the provided mux, then returns an array of strings indicating what endpoints were started (these are format strings that will expect to be sent a single string value).
func (*AssetConfig) Run ¶
func (c *AssetConfig) Run()
Run starts an http server for the static assets listening on the configured bind address
type AuthConfig ¶
type AuthConfig struct { Options configapi.OAuthConfig // AssetPublicAddresses contains valid redirectURI prefixes to direct browsers to the web console AssetPublicAddresses []string // KubeClient is kubeclient with enough permission for the auth API KubeClient kclient.Interface // OpenShiftClient is osclient with enough permission for the auth API OpenShiftClient osclient.Interface // RESTOptionsGetter provides storage and RESTOption lookup RESTOptionsGetter restoptions.Getter // EtcdBackends is a list of storage interfaces, each of which talks to a single etcd backend. // These are only used to ensure newly created tokens are distributed to all backends before returning them for use. // EtcdHelper should normally be used for storage functions. EtcdBackends []storage.Interface UserRegistry userregistry.Registry IdentityRegistry identityregistry.Registry SessionAuth *session.Authenticator HandlerWrapper handlerWrapper }
func BuildAuthConfig ¶
func BuildAuthConfig(masterConfig *MasterConfig) (*AuthConfig, error)
func (*AuthConfig) InstallAPI ¶
func (c *AuthConfig) InstallAPI(container *restful.Container) ([]string, error)
InstallAPI registers endpoints for an OAuth2 server into the provided mux, then returns an array of strings indicating what endpoints were started (these are format strings that will expect to be sent a single string value).
func (*AuthConfig) NewOpenShiftOAuthClientConfig ¶
func (c *AuthConfig) NewOpenShiftOAuthClientConfig(client *oauthapi.OAuthClient) *osincli.ClientConfig
NewOpenShiftOAuthClientConfig provides config for OpenShift OAuth client
type MasterConfig ¶
type MasterConfig struct { Options configapi.MasterConfig // RESTOptionsGetter provides access to storage and RESTOptions for a particular resource RESTOptionsGetter restoptions.Getter RuleResolver rulevalidation.AuthorizationRuleResolver Authenticator authenticator.Request Authorizer authorizer.Authorizer AuthorizationAttributeBuilder authorizer.AuthorizationAttributeBuilder GroupCache *usercache.GroupCache ProjectAuthorizationCache *projectauth.AuthorizationCache ProjectCache *projectcache.ProjectCache ClusterQuotaMappingController *clusterquotamapping.ClusterQuotaMappingController LimitVerifier imageadmission.LimitVerifier // RequestContextMapper maps requests to contexts RequestContextMapper kapi.RequestContextMapper // RequestInfoResolver is responsible for reading request attributes RequestInfoResolver *apiserver.RequestInfoResolver AdmissionControl admission.Interface // KubeAdmissionControl holds the kube admission chain. Because of the way the plugin initializer is built // you'll be passing information in this direction either way. Knowing how to build this chain requires knowledge // of both the origin config AND the kube config, so this spot makes more sense. KubeAdmissionControl admission.Interface TLS bool ControllerPlug plug.Plug ControllerPlugStart func() // ImageFor is a function that returns the appropriate image to use for a named component ImageFor func(component string) string // RegistryNameFn retrieves the name of the integrated registry, or false if no such registry // is available. RegistryNameFn imageapi.DefaultRegistryFunc // ExternalVersionCodec is the codec used when serializing annotations, which cannot be changed // without all clients being aware of the new version. ExternalVersionCodec runtime.Codec KubeletClientConfig *kubeletclient.KubeletClientConfig // ClientCAs will be used to request client certificates in connections to the API. // This CertPool should contain all the CAs that will be used for client certificate verification. ClientCAs *x509.CertPool // APIClientCAs is used to verify client certificates presented for API auth APIClientCAs *x509.CertPool // PrivilegedLoopbackClientConfig is the client configuration used to call OpenShift APIs from system components // To apply different access control to a system component, create a client config specifically for that component. PrivilegedLoopbackClientConfig restclient.Config // PrivilegedLoopbackKubernetesClient is the client used to call Kubernetes APIs from system components, // built from KubeClientConfig. It should only be accessed via the *Client() helper methods. To apply // different access control to a system component, create a separate client/config specifically for // that component. PrivilegedLoopbackKubernetesClient *kclient.Client // PrivilegedLoopbackOpenShiftClient is the client used to call OpenShift APIs from system components, // built from PrivilegedLoopbackClientConfig. It should only be accessed via the *Client() helper methods. // To apply different access control to a system component, create a separate client/config specifically // for that component. PrivilegedLoopbackOpenShiftClient *osclient.Client // Informers is a shared factory for getting SharedInformers. It is important to get your informers, indexers, and listers // from here so that we only end up with a single cache of objects Informers shared.InformerFactory }
MasterConfig defines the required parameters for starting the OpenShift master
func BuildMasterConfig ¶
func BuildMasterConfig(options configapi.MasterConfig) (*MasterConfig, error)
BuildMasterConfig builds and returns the OpenShift master configuration based on the provided options
func (*MasterConfig) BuildConfigChangeControllerClients ¶
func (c *MasterConfig) BuildConfigChangeControllerClients() (*osclient.Client, *kclient.Client)
BuildConfigChangeControllerClients returns the build config change controller client objects
func (*MasterConfig) BuildConfigWebHookClient ¶
func (c *MasterConfig) BuildConfigWebHookClient() *osclient.Client
BuildConfigWebHookClient returns the webhook client object
func (*MasterConfig) BuildControllerClients ¶
func (c *MasterConfig) BuildControllerClients() (*osclient.Client, *kclient.Client)
BuildControllerClients returns the build controller client objects
func (*MasterConfig) BuildImageChangeTriggerControllerClients ¶
func (c *MasterConfig) BuildImageChangeTriggerControllerClients() (*osclient.Client, *kclient.Client)
BuildImageChangeTriggerControllerClients returns the build image change trigger controller client objects
func (*MasterConfig) BuildLogClient ¶
func (c *MasterConfig) BuildLogClient() *kclient.Client
BuildLogClient returns the build log client object
func (*MasterConfig) BuildPodControllerClients ¶
func (c *MasterConfig) BuildPodControllerClients() (*osclient.Client, *kclient.Client)
BuildPodControllerClients returns the build pod controller client objects
func (*MasterConfig) DNSServerClient ¶
func (c *MasterConfig) DNSServerClient() *kclient.Client
DNSServerClient returns the DNS server client object It must have the following capabilities:
list, watch all services in all namespaces
func (*MasterConfig) DeploymentClient ¶
func (c *MasterConfig) DeploymentClient() *kclient.Client
DeploymentClient returns the deployment client object
func (*MasterConfig) DeploymentConfigClients ¶
func (c *MasterConfig) DeploymentConfigClients() (*osclient.Client, *kclient.Client)
DeploymentConfigClients returns deploymentConfig and deployment client objects
func (*MasterConfig) DeploymentConfigControllerClients ¶
func (c *MasterConfig) DeploymentConfigControllerClients() (*osclient.Client, *kclient.Client)
DeploymentConfigControllerClients returns the deploymentConfig controller client objects
func (*MasterConfig) DeploymentConfigInstantiateClients ¶
func (c *MasterConfig) DeploymentConfigInstantiateClients() (*osclient.Client, *kclient.Client)
DeploymentConfigInstantiateClients returns the clients used by the instantiate endpoint.
func (*MasterConfig) DeploymentControllerClients ¶
func (c *MasterConfig) DeploymentControllerClients() (*osclient.Client, *kclient.Client)
DeploymentControllerClients returns the deployment controller client objects
func (*MasterConfig) DeploymentLogClient ¶
func (c *MasterConfig) DeploymentLogClient() *kclient.Client
DeploymentLogClient returns the deployment log client object
func (*MasterConfig) DeploymentTriggerControllerClient ¶
func (c *MasterConfig) DeploymentTriggerControllerClient() *osclient.Client
DeploymentTriggerControllerClient returns the deploymentConfig trigger controller client object
func (*MasterConfig) GetRestStorage ¶
func (c *MasterConfig) GetRestStorage() map[string]rest.Storage
func (*MasterConfig) GetServiceAccountClients ¶
func (c *MasterConfig) GetServiceAccountClients(name string) (*restclient.Config, *osclient.Client, *kclient.Client, error)
GetServiceAccountClients returns an OpenShift and Kubernetes client with the credentials of the named service account in the infra namespace
func (*MasterConfig) ImageChangeControllerClient ¶
func (c *MasterConfig) ImageChangeControllerClient() *osclient.Client
ImageChangeControllerClient returns the openshift client object
func (*MasterConfig) ImageImportControllerClient ¶
func (c *MasterConfig) ImageImportControllerClient() *osclient.Client
ImageImportControllerClient returns the deployment client object
func (*MasterConfig) ImageStreamImportSecretClient ¶
func (c *MasterConfig) ImageStreamImportSecretClient() *osclient.Client
ImageStreamImportSecretClient returns the client capable of retrieving image secrets for a namespace
func (*MasterConfig) ImageStreamSecretClient ¶
func (c *MasterConfig) ImageStreamSecretClient() *kclient.Client
ImageStreamSecretClient returns the client capable of retrieving secrets for an image secret wrapper
func (*MasterConfig) InitializeObjects ¶
func (c *MasterConfig) InitializeObjects()
InitializeObjects ensures objects in Kubernetes and etcd are properly populated. Requires a Kube client to be established and that etcd be started.
func (*MasterConfig) InstallProtectedAPI ¶
func (c *MasterConfig) InstallProtectedAPI(container *restful.Container) ([]string, error)
func (*MasterConfig) InstallUnprotectedAPI ¶
func (c *MasterConfig) InstallUnprotectedAPI(container *restful.Container) ([]string, error)
func (*MasterConfig) KubeClient ¶
func (c *MasterConfig) KubeClient() *kclient.Client
KubeClient returns the kubernetes client object
func (*MasterConfig) OAuthServerClients ¶
func (c *MasterConfig) OAuthServerClients() (*osclient.Client, *kclient.Client)
OAuthServerClients returns the openshift and kubernetes OAuth server client objects The returned clients are privileged
func (*MasterConfig) OriginNamespaceControllerClients ¶
func (c *MasterConfig) OriginNamespaceControllerClients() (*osclient.Client, *kclient.Client)
OriginNamespaceControllerClients returns a client for openshift and kubernetes. The openshift client object must have authority to delete openshift content in any namespace The kubernetes client object must have authority to execute a finalize request on a namespace
func (*MasterConfig) PolicyClient ¶
func (c *MasterConfig) PolicyClient() *osclient.Client
PolicyClient returns the policy client object It must have the following capabilities:
list, watch all policyBindings in all namespaces list, watch all policies in all namespaces create resourceAccessReviews in all namespaces
func (*MasterConfig) ResourceQuotaManagerClients ¶
func (c *MasterConfig) ResourceQuotaManagerClients() (*osclient.Client, *internalclientset.Clientset)
ResourceQuotaManagerClients returns the client capable of retrieving resources needed for resource quota evaluation
func (*MasterConfig) RouteAllocator ¶
func (c *MasterConfig) RouteAllocator() *routeallocationcontroller.RouteAllocationController
RouteAllocator returns a route allocation controller.
func (*MasterConfig) RouteAllocatorClients ¶
func (c *MasterConfig) RouteAllocatorClients() (*osclient.Client, *kclient.Client)
RouteAllocatorClients returns the route allocator client objects
func (*MasterConfig) Run ¶
func (c *MasterConfig) Run(protected []APIInstaller, unprotected []APIInstaller)
Run launches the OpenShift master. It takes optional installers that may install additional endpoints into the server. All endpoints get configured CORS behavior Protected installers' endpoints are protected by API authentication and authorization. Unprotected installers' endpoints do not have any additional protection added.
func (*MasterConfig) RunAssetServer ¶
func (c *MasterConfig) RunAssetServer()
RunAssetServer starts the asset server for the OpenShift UI.
func (*MasterConfig) RunBuildConfigChangeController ¶
func (c *MasterConfig) RunBuildConfigChangeController()
RunBuildConfigChangeController starts the build config change trigger controller process.
func (*MasterConfig) RunBuildController ¶
func (c *MasterConfig) RunBuildController(informers shared.InformerFactory) error
RunBuildController starts the build sync loop for builds and buildConfig processing.
func (*MasterConfig) RunBuildImageChangeTriggerController ¶
func (c *MasterConfig) RunBuildImageChangeTriggerController()
RunBuildImageChangeTriggerController starts the build image change trigger controller process.
func (*MasterConfig) RunBuildPodController ¶
func (c *MasterConfig) RunBuildPodController()
RunBuildPodController starts the build/pod status sync loop for build status
func (*MasterConfig) RunClusterQuotaMappingController ¶
func (c *MasterConfig) RunClusterQuotaMappingController()
func (*MasterConfig) RunClusterQuotaReconciliationController ¶
func (c *MasterConfig) RunClusterQuotaReconciliationController()
func (*MasterConfig) RunDNSServer ¶
func (c *MasterConfig) RunDNSServer()
RunDNSServer starts the DNS server
func (*MasterConfig) RunDeploymentConfigController ¶
func (c *MasterConfig) RunDeploymentConfigController()
RunDeploymentConfigController starts the deployment config controller process.
func (*MasterConfig) RunDeploymentController ¶
func (c *MasterConfig) RunDeploymentController()
RunDeploymentController starts the deployment controller process.
func (*MasterConfig) RunDeploymentTriggerController ¶
func (c *MasterConfig) RunDeploymentTriggerController()
RunDeploymentTriggerController starts the deployment trigger controller process.
func (*MasterConfig) RunGroupCache ¶
func (c *MasterConfig) RunGroupCache()
RunGroupCache starts the group cache
func (*MasterConfig) RunHealth ¶
func (c *MasterConfig) RunHealth()
func (*MasterConfig) RunImageImportController ¶
func (c *MasterConfig) RunImageImportController()
RunImageImportController starts the image import trigger controller process.
func (*MasterConfig) RunIngressIPController ¶
func (c *MasterConfig) RunIngressIPController(client *kclient.Client)
RunIngressIPController starts the ingress ip controller if IngressIPNetworkCIDR is configured.
func (*MasterConfig) RunOriginNamespaceController ¶
func (c *MasterConfig) RunOriginNamespaceController()
RunOriginNamespaceController starts the controller that takes part in namespace termination of openshift content
func (*MasterConfig) RunProjectAuthorizationCache ¶
func (c *MasterConfig) RunProjectAuthorizationCache()
RunProjectAuthorizationCache starts the project authorization cache
func (*MasterConfig) RunProjectCache ¶
func (c *MasterConfig) RunProjectCache()
RunProjectCache populates project cache, used by scheduler and project admission controller.
func (*MasterConfig) RunResourceQuotaManager ¶
func (c *MasterConfig) RunResourceQuotaManager(cm *cmapp.CMServer)
RunResourceQuotaManager starts resource quota controller for OpenShift resources
func (*MasterConfig) RunSDNController ¶
func (c *MasterConfig) RunSDNController()
RunSDNController runs openshift-sdn if the said network plugin is provided
func (*MasterConfig) RunSecurityAllocationController ¶
func (c *MasterConfig) RunSecurityAllocationController()
RunSecurityAllocationController starts the security allocation controller process.
func (*MasterConfig) RunServiceAccountPullSecretsControllers ¶
func (c *MasterConfig) RunServiceAccountPullSecretsControllers()
RunServiceAccountPullSecretsControllers starts the service account pull secret controllers
func (*MasterConfig) RunServiceAccountTokensController ¶
func (c *MasterConfig) RunServiceAccountTokensController(cm *cmapp.CMServer)
RunServiceAccountTokensController starts the service account token controller
func (*MasterConfig) RunServiceAccountsController ¶
func (c *MasterConfig) RunServiceAccountsController()
RunServiceAccountsController starts the service account controller
func (*MasterConfig) RunServiceServingCertController ¶
func (c *MasterConfig) RunServiceServingCertController(client *kclient.Client)
func (*MasterConfig) RunUnidlingController ¶
func (c *MasterConfig) RunUnidlingController()
RunUnidlingController starts the unidling controller
func (*MasterConfig) SDNControllerClients ¶
func (c *MasterConfig) SDNControllerClients() (*osclient.Client, *kclient.Client)
SDNControllerClients returns the SDN controller client objects
func (*MasterConfig) SdnClient ¶
func (c *MasterConfig) SdnClient() *osclient.Client
SdnClient returns the sdn client object It must have the capability to get/list/watch/create/delete HostSubnets. And have the capability to get ClusterNetwork.
func (*MasterConfig) SecurityAllocationControllerClient ¶
func (c *MasterConfig) SecurityAllocationControllerClient() *kclient.Client
SecurityAllocationControllerClient returns the security allocation controller client object
func (*MasterConfig) ServiceAccountRoleBindingClient ¶
func (c *MasterConfig) ServiceAccountRoleBindingClient() *osclient.Client
ServiceAccountRoleBindingClient returns the client object used to bind roles to service accounts It must have the following capabilities:
get, list, update, create policyBindings and clusterPolicyBindings in all namespaces
func (*MasterConfig) UnidlingControllerClients ¶
func (c *MasterConfig) UnidlingControllerClients() (*osclient.Client, *kclient.Client)
UnidlingControllerClients returns the unidling controller clients
func (*MasterConfig) WebConsoleEnabled ¶
func (c *MasterConfig) WebConsoleEnabled() bool
WebConsoleEnabled says whether web ui is not a disabled feature and asset service is configured.