resources

package
v2.14.12+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 22, 2021 License: Apache-2.0 Imports: 40 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ConsoleOAuthSecretName = "openshift-console-oauth-client-secret"

	// ConsoleAdminPasswordSecretName is the name of the secret that contains
	// the bootstrap admin user for Openshift OAuth
	ConsoleAdminPasswordSecretName = "openshift-bootstrap-password"
	// ConsoleAdminUserName is the name of the bootstrap admin user for oauth/the console
	ConsoleAdminUserName = "kubeadmin"
	// ConsoleListenPort is the port the console listens on
	ConsoleListenPort = 8443
)
View Source
const (
	OauthName = "openshift-oauth"
	// OAuthServiceName is the name of the OAuthService
	OAuthServiceName = OauthName
)
View Source
const (
	OpenshiftAPIServerDeploymentName = "openshift-apiserver"
	OpenshiftAPIServerServiceName    = OpenshiftAPIServerDeploymentName
)
View Source
const ExternalX509KubeconfigName = "kubermatic-cluster-admin-secret"
View Source
const (
	OpenshiftControllerManagerDeploymentName = "openshift-controller-manager"
)
View Source
const (

	// RegistryNamespaceName is the name in which the registry is getting created by the openshift registry operator
	RegistryNamespaceName = "openshift-image-registry"
)
View Source
const ServiceSignerCASecretName = "service-signer-ca"

Variables

This section is empty.

Functions

func APIDeploymentCreator

func APIDeploymentCreator(ctx context.Context, data openshiftData) reconciling.NamedDeploymentCreatorGetter

DeploymentCreator returns the function to create and update the API server deployment

func APIServerOauthMetadataConfigMapCreator

func APIServerOauthMetadataConfigMapCreator(data openshiftData) reconciling.NamedConfigMapCreatorGetter

func CloudCredentialOperator

func CloudCredentialOperator(data openshiftData) reconciling.NamedDeploymentCreatorGetter

func ConsoleConfigCreator

func ConsoleConfigCreator(data openshiftData) reconciling.NamedConfigMapCreatorGetter

func ConsoleDeployment

func ConsoleDeployment(data openshiftData) reconciling.NamedDeploymentCreatorGetter

func ExternalX509KubeconfigCreator

func ExternalX509KubeconfigCreator(data openshiftData) reconciling.NamedSecretCreatorGetter

func GetLoopbackKubeconfigCreator

func GetLoopbackKubeconfigCreator(ctx context.Context, data loopbackKubeconfigCreatorData, log *zap.SugaredLogger) reconciling.NamedSecretCreatorGetter

GetLoopbackKubeconfigCreator is a function to return a secret generator to create a kubeconfig which must only by the openshift-apiserver itself as it uses 127.0.0.1 as address It is required because the Apiserver tries to talk to itself before it is ready, hence it doesn't appear as valid endpoint on the service

func KubeControllerManagerConfigMapCreatorFactory

func KubeControllerManagerConfigMapCreatorFactory(data kubeControllerManagerConfigData) reconciling.NamedConfigMapCreatorGetter

func KubeControllerManagerDeploymentCreatorFactory

func KubeControllerManagerDeploymentCreatorFactory(data kubeControllerManagerData) reconciling.NamedDeploymentCreatorGetter

func KubeSchedulerConfigMapCreator

func KubeSchedulerConfigMapCreator() (string, reconciling.ConfigMapCreator)

func KubeSchedulerDeploymentCreator

func KubeSchedulerDeploymentCreator(data openshiftData) reconciling.NamedDeploymentCreatorGetter

DeploymentCreator returns the function to create and update the scheduler deployment

func MachineController

func MachineController(osData openshiftData) reconciling.NamedDeploymentCreatorGetter

func MachineControllerRole

func MachineControllerRole() (types.NamespacedName, reconciling.RoleCreator)

func OauthConfigMapCreator

func OauthConfigMapCreator(data openshiftData) reconciling.NamedConfigMapCreatorGetter

func OauthDeploymentCreator

func OauthDeploymentCreator(data openshiftData) reconciling.NamedDeploymentCreatorGetter

func OauthOCPBrandingSecretCreator

func OauthOCPBrandingSecretCreator() (string, reconciling.SecretCreator)

func OauthServiceCreator

func OauthServiceCreator(exposeStrategy corev1.ServiceType) reconciling.NamedServiceCreatorGetter

OauthServiceCreator returns the function to reconcile the external Oauth service

func OauthSessionSecretCreator

func OauthSessionSecretCreator() (string, reconciling.SecretCreator)

func OauthTLSServingCertCreator

func OauthTLSServingCertCreator(data openshiftData) reconciling.NamedSecretCreatorGetter

func OpenShiftTLSServingCertificateCreator

func OpenShiftTLSServingCertificateCreator(data tlsServingCertCreatorData) reconciling.NamedSecretCreatorGetter

func OpenshiftAPIServerConfigMapCreator

func OpenshiftAPIServerConfigMapCreator(data openshiftAPIServerCreatorData) reconciling.NamedConfigMapCreatorGetter

func OpenshiftAPIServerDeploymentCreator

func OpenshiftAPIServerDeploymentCreator(ctx context.Context, data openshiftData) reconciling.NamedDeploymentCreatorGetter

OpenshiftAPIServerDeploymentCreator returns the deployment creator for the Openshift APIServer This can not be part of the openshift-kube-apiserver pod, because the openshift-apiserver needs some CRD definitions to work and get ready, however we can not talk to the API until at least one pod is ready, preventing us from creating those CRDs

func OpenshiftAPIServiceCreator

func OpenshiftAPIServiceCreator() (string, reconciling.ServiceCreator)

func OpenshiftControllerManagerConfigMapCreator

func OpenshiftControllerManagerConfigMapCreator(data openshiftData) reconciling.NamedConfigMapCreatorGetter

func OpenshiftControllerManagerDeploymentCreator

func OpenshiftControllerManagerDeploymentCreator(ctx context.Context, data openshiftData) reconciling.NamedDeploymentCreatorGetter

OpenshiftControllerManagerDeploymentCreator returns the function to create and update the controller manager deployment

func OpenshiftControllerManagerServingCertSecretCreator

func OpenshiftControllerManagerServingCertSecretCreator(caGetter servingcerthelper.CAGetter) reconciling.NamedSecretCreatorGetter

OpenshiftControllerManagerServingCertSecretCreator returns the function to create and update the serving cert for the openshift controller manager

func OpenshiftDNSOperatorFactory

func OpenshiftDNSOperatorFactory(data openshiftData) reconciling.NamedDeploymentCreatorGetter

func OpenshiftImageWithRegistry

func OpenshiftImageWithRegistry(image, componentName, version, registry string) (string, error)

OpenshiftImageWithRegistry will return docker image name for Openshift images. The function is digest-aware and can be used with the overwriteRegistry option and with image-loader.

func OpenshiftKubeAPIServerConfigMapCreator

func OpenshiftKubeAPIServerConfigMapCreator(data masterConfigData) reconciling.NamedConfigMapCreatorGetter

func OpenshiftNetworkOperatorCreatorFactory

func OpenshiftNetworkOperatorCreatorFactory(data openshiftData) reconciling.NamedDeploymentCreatorGetter

func RegistryOperatorFactory

func RegistryOperatorFactory(data openshiftData) reconciling.NamedDeploymentCreatorGetter

func ServiceSignerCA

func ServiceSignerCA() reconciling.NamedSecretCreatorGetter

ServiceSignerCA is Openshift-specific CA used to create serving certs for workloads on-demand See https://github.com/openshift/openshift-docs/pull/2324/files

Types

type SessionSecret

type SessionSecret struct {
	// Authentication is used to authenticate sessions using HMAC. Recommended to use a secret with 32 or 64 bytes.
	Authentication string `json:"authentication"`
	// Encryption is used to encrypt sessions. Must be 16, 24, or 32 characters long, to select AES-128, AES-
	Encryption string `json:"encryption"`
}

SessionSecret is a secret used to authenticate/decrypt cookie-based sessions

type SessionSecrets

type SessionSecrets struct {
	metav1.TypeMeta `json:",inline"`

	// Secrets is a list of secrets
	// New sessions are signed and encrypted using the first secret.
	// Existing sessions are decrypted/authenticated by each secret until one succeeds. This allows rotating secrets.
	Secrets []SessionSecret `json:"secrets"`
}

Copied code start

SessionSecrets list the secrets to use to sign/encrypt and authenticate/decrypt created sessions.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL