Documentation
¶
Overview ¶
Package config provides interfaces to consume machine configuration values.
Index ¶
- type APIServer
- type AdminKubeconfig
- type AdmissionPlugin
- type Bond
- type Bridge
- type CNI
- type ClusterConfig
- type ClusterNetwork
- type Config
- type ControllerManager
- type CoreDNS
- type DHCPOptions
- type Device
- type Discovery
- type DiscoveryRegistries
- type Disk
- type Document
- type Encoder
- type Encryption
- type EncryptionKey
- type EncryptionKeyKMS
- type EncryptionKeyNodeID
- type EncryptionKeyStatic
- type EncryptionKeyTPM
- type Env
- type Etcd
- type Extension
- type ExtensionServiceConfig
- type ExtensionServiceConfigFile
- type ExternalCloudProvider
- type ExtraHost
- type Features
- type File
- type FlannelCNI
- type HostDNS
- type InlineManifest
- type Install
- type Kernel
- type KernelModule
- type KubePrism
- type KubeSpan
- type KubeSpanFilters
- type Kubelet
- type KubeletNodeIP
- type KubernetesRegistry
- type KubernetesTalosAPIAccess
- type Logging
- type LoggingDestination
- type MachineConfig
- type MachineControlPlane
- type MachineControllerManager
- type MachineNetwork
- type MachineScheduler
- type NamedDocument
- type NetworkDeviceSelector
- type NetworkRule
- type NetworkRuleConfig
- type NetworkRuleConfigDefaultAction
- type NetworkRuleConfigRules
- type NetworkRuleConfigSignal
- type NodeLabels
- type NodeTaints
- type Partition
- type Proxy
- type Registries
- type RegistryAuthConfig
- type RegistryConfig
- type RegistryMirrorConfig
- type RegistryTLSConfig
- type Resources
- type Route
- type RuntimeConfig
- type STP
- type Scheduler
- type SeccompProfile
- type SecretDocument
- type Security
- type ServiceRegistry
- type SideroLinkConfig
- type SystemDiskEncryption
- type Time
- type Token
- type UdevConfig
- type VIPConfig
- type VIPEquinixMetal
- type VIPHCloud
- type Validator
- type Vlan
- type VolumeMount
- type WatchdogTimerConfig
- type WireguardConfig
- type WireguardPeer
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type APIServer ¶
type APIServer interface {
Image() string
ExtraArgs() map[string]string
ExtraVolumes() []VolumeMount
Env() Env
DisablePodSecurityPolicy() bool
AdmissionControl() []AdmissionPlugin
AuditPolicy() map[string]interface{}
Resources() Resources
}
APIServer defines the requirements for a config that pertains to apiserver related options.
type AdminKubeconfig ¶
type AdminKubeconfig interface {
CommonName() string
CertOrganization() string
CertLifetime() time.Duration
}
AdminKubeconfig defines settings for admin kubeconfig.
type AdmissionPlugin ¶
AdmissionPlugin defines the API server Admission Plugin configuration.
type Bond ¶
type Bond interface {
Interfaces() []string
Selectors() []NetworkDeviceSelector
ARPIPTarget() []string
Mode() string
HashPolicy() string
LACPRate() string
ADActorSystem() string
ARPValidate() string
ARPAllTargets() string
Primary() string
PrimaryReselect() string
FailOverMac() string
ADSelect() string
MIIMon() uint32
UpDelay() uint32
DownDelay() uint32
ARPInterval() uint32
ResendIGMP() uint32
MinLinks() uint32
LPInterval() uint32
PacketsPerSlave() uint32
NumPeerNotif() uint8
TLBDynamicLB() uint8
AllSlavesActive() uint8
UseCarrier() bool
ADActorSysPrio() uint16
ADUserPortKey() uint16
PeerNotifyDelay() uint32
}
Bond contains the various options for configuring a bonded interface.
type CNI ¶
type CNI interface {
Name() string
URLs() []string
Flannel() FlannelCNI
}
CNI defines the requirements for a config that pertains to Kubernetes cni.
type ClusterConfig ¶
type ClusterConfig interface {
ID() string
Name() string
Secret() string
APIServer() APIServer
ControllerManager() ControllerManager
Proxy() Proxy
Scheduler() Scheduler
Endpoint() *url.URL
Token() Token
CertSANs() []string
IssuingCA() *x509.PEMEncodedCertificateAndKey
AcceptedCAs() []*x509.PEMEncodedCertificate
AggregatorCA() *x509.PEMEncodedCertificateAndKey
ServiceAccount() *x509.PEMEncodedKey
AESCBCEncryptionSecret() string
SecretboxEncryptionSecret() string
Etcd() Etcd
Network() ClusterNetwork
LocalAPIServerPort() int
CoreDNS() CoreDNS
// ExternalCloudProvider returns external cloud provider settings.
ExternalCloudProvider() ExternalCloudProvider
ExtraManifestURLs() []string
ExtraManifestHeaderMap() map[string]string
InlineManifests() []InlineManifest
AdminKubeconfig() AdminKubeconfig
ScheduleOnControlPlanes() bool
Discovery() Discovery
}
ClusterConfig defines the requirements for a config that pertains to cluster related options.
type ClusterNetwork ¶
type ClusterNetwork interface {
CNI() CNI
PodCIDRs() []string
ServiceCIDRs() []string
DNSDomain() string
// APIServerIPs returns kube-apiserver IPs in the ServiceCIDR.
APIServerIPs() ([]netip.Addr, error)
// DNSServiceIPs returns DNS service IPs in the ServiceCIDR.
DNSServiceIPs() ([]netip.Addr, error)
}
ClusterNetwork defines the requirements for a config that pertains to cluster network options.
type Config ¶
type Config interface {
Debug() bool
Machine() MachineConfig
Cluster() ClusterConfig
SideroLink() SideroLinkConfig
ExtensionServiceConfigs() []ExtensionServiceConfig
Runtime() RuntimeConfig
NetworkRules() NetworkRuleConfig
}
Config defines the interface to access contents of the machine configuration.
type ControllerManager ¶
type ControllerManager interface {
Image() string
ExtraArgs() map[string]string
ExtraVolumes() []VolumeMount
Env() Env
Resources() Resources
}
ControllerManager defines the requirements for a config that pertains to controller manager related options.
type CoreDNS ¶
CoreDNS defines the requirements for a config that pertains to CoreDNS coredns options.
type DHCPOptions ¶
DHCPOptions represents a set of DHCP options.
type Device ¶
type Device interface {
Interface() string
Addresses() []string
Routes() []Route
Bond() Bond
Bridge() Bridge
Vlans() []Vlan
MTU() int
DHCP() bool
Ignore() bool
Dummy() bool
DHCPOptions() DHCPOptions
VIPConfig() VIPConfig
WireguardConfig() WireguardConfig
Selector() NetworkDeviceSelector
}
Device represents a network interface.
type Discovery ¶
type Discovery interface {
Enabled() bool
Registries() DiscoveryRegistries
}
Discovery describes cluster membership discovery.
type DiscoveryRegistries ¶
type DiscoveryRegistries interface {
Kubernetes() KubernetesRegistry
Service() ServiceRegistry
}
DiscoveryRegistries describes discovery methods.
type Disk ¶
Disk represents the options available for partitioning, formatting, and mounting extra disks.
type Document ¶
type Document interface {
// Clone returns a deep copy of the document.
Clone() Document
// Kind returns the kind of the document.
Kind() string
// APIVersion returns the API version of the document.
APIVersion() string
}
Document is a configuration document.
type Encoder ¶
type Encoder interface {
// Bytes returns source YAML representation (if available) or does default encoding.
Bytes() ([]byte, error)
// Encode configuration to YAML using the provided options.
EncodeString(encoderOptions ...encoder.Option) (string, error)
EncodeBytes(encoderOptions ...encoder.Option) ([]byte, error)
}
Encoder provides the interface to encode configuration documents.
type Encryption ¶
type Encryption interface {
Provider() string
Cipher() string
KeySize() uint
BlockSize() uint64
Options() []string
Keys() []EncryptionKey
}
Encryption defines settings for the partition encryption.
type EncryptionKey ¶
type EncryptionKey interface {
Static() EncryptionKeyStatic
NodeID() EncryptionKeyNodeID
KMS() EncryptionKeyKMS
Slot() int
TPM() EncryptionKeyTPM
}
EncryptionKey defines settings for the partition encryption key handling.
type EncryptionKeyKMS ¶
EncryptionKeyKMS encryption key sealed by KMS.
type EncryptionKeyNodeID ¶
type EncryptionKeyNodeID interface {
String() string
}
EncryptionKeyNodeID deterministically generated encryption key.
type EncryptionKeyStatic ¶
EncryptionKeyStatic ephemeral encryption key.
type EncryptionKeyTPM ¶
type EncryptionKeyTPM interface {
String() string
}
EncryptionKeyTPM encryption key sealed by TPM.
type Etcd ¶
type Etcd interface {
Image() string
CA() *x509.PEMEncodedCertificateAndKey
ExtraArgs() map[string]string
AdvertisedSubnets() []string
ListenSubnets() []string
}
Etcd defines the requirements for a config that pertains to etcd related options.
type Extension ¶
type Extension interface {
Image() string
}
Extension defines the system extension.
type ExtensionServiceConfig ¶ added in v1.7.0
type ExtensionServiceConfig interface {
Name() string
ConfigFiles() []ExtensionServiceConfigFile
Environment() []string
}
ExtensionServiceConfig is a config for extension services.
type ExtensionServiceConfigFile ¶ added in v1.7.0
ExtensionServiceConfigFile is a config file for extension services.
type ExternalCloudProvider ¶
type ExternalCloudProvider interface {
// Enabled returns true if external cloud provider is enabled.
Enabled() bool
// ManifestURLs returns external cloud provider manifest URLs if it is enabled.
ManifestURLs() []string
}
ExternalCloudProvider defines settings for external cloud provider.
type Features ¶
type Features interface {
RBACEnabled() bool
StableHostnameEnabled() bool
KubernetesTalosAPIAccess() KubernetesTalosAPIAccess
ApidCheckExtKeyUsageEnabled() bool
DiskQuotaSupportEnabled() bool
HostDNS() HostDNS
KubePrism() KubePrism
}
Features describe individual Talos features that can be switched on or off.
type FlannelCNI ¶ added in v1.6.0
type FlannelCNI interface {
ExtraArgs() []string
}
FlannelCNI defines the requirements for a config that pertains to configure Flannel.
type InlineManifest ¶
InlineManifest describes inline manifest for the cluster boostrap.
type Install ¶
type Install interface {
Image() string
Extensions() []Extension
Disk() (string, error)
ExtraKernelArgs() []string
Zero() bool
LegacyBIOSSupport() bool
WithBootloader() bool
}
Install defines the requirements for a config that pertains to install related options.
type Kernel ¶
type Kernel interface {
Modules() []KernelModule
}
Kernel describes Talos Linux kernel configuration.
type KernelModule ¶
KernelModule describes Linux module to load.
type KubeSpan ¶
type KubeSpan interface {
Enabled() bool
ForceRouting() bool
AdvertiseKubernetesNetworks() bool
HarvestExtraEndpoints() bool
MTU() uint32
Filters() KubeSpanFilters
}
KubeSpan configures KubeSpan feature.
type KubeSpanFilters ¶
type KubeSpanFilters interface {
Endpoints() []string
}
KubeSpanFilters configures KubeSpan filters.
type Kubelet ¶
type Kubelet interface {
Image() string
ClusterDNS() []string
ExtraArgs() map[string]string
ExtraMounts() []specs.Mount
ExtraConfig() map[string]interface{}
CredentialProviderConfig() map[string]interface{}
DefaultRuntimeSeccompProfileEnabled() bool
RegisterWithFQDN() bool
NodeIP() KubeletNodeIP
SkipNodeRegistration() bool
DisableManifestsDirectory() bool
}
Kubelet defines the requirements for a config that pertains to kubelet related options.
type KubeletNodeIP ¶
type KubeletNodeIP interface {
ValidSubnets() []string
}
KubeletNodeIP defines the way node IPs are selected for the kubelet.
type KubernetesRegistry ¶
type KubernetesRegistry interface {
Enabled() bool
}
KubernetesRegistry describes Kubernetes discovery registry.
type KubernetesTalosAPIAccess ¶
type KubernetesTalosAPIAccess interface {
Enabled() bool
AllowedRoles() []string
AllowedKubernetesNamespaces() []string
}
KubernetesTalosAPIAccess describes the Kubernetes Talos API access features.
type Logging ¶
type Logging interface {
Destinations() []LoggingDestination
}
Logging describes logging configuration.
type LoggingDestination ¶
type LoggingDestination interface {
Endpoint() *url.URL
ExtraTags() map[string]string
Format() string
}
LoggingDestination describes logging destination.
type MachineConfig ¶
type MachineConfig interface {
Install() Install
Security() Security
Network() MachineNetwork
Disks() []Disk
Time() Time
Env() Env
Files() ([]File, error)
Type() machine.Type
Controlplane() MachineControlPlane
Pods() []map[string]interface{}
Kubelet() Kubelet
Sysctls() map[string]string
Sysfs() map[string]string
Registries() Registries
SystemDiskEncryption() SystemDiskEncryption
Features() Features
Udev() UdevConfig
Logging() Logging
Kernel() Kernel
SeccompProfiles() []SeccompProfile
NodeLabels() NodeLabels
NodeTaints() NodeTaints
}
MachineConfig defines the requirements for a config that pertains to machine related options.
type MachineControlPlane ¶
type MachineControlPlane interface {
ControllerManager() MachineControllerManager
Scheduler() MachineScheduler
}
MachineControlPlane defines the requirements for a config that pertains to Controlplane related options.
type MachineControllerManager ¶
type MachineControllerManager interface {
Disabled() bool
}
MachineControllerManager defines the requirements for a config that pertains to ControllerManager related options.
type MachineNetwork ¶
type MachineNetwork interface {
Hostname() string
Resolvers() []string
Devices() []Device
ExtraHosts() []ExtraHost
KubeSpan() KubeSpan
DisableSearchDomain() bool
}
MachineNetwork defines the requirements for a config that pertains to network related options.
type MachineScheduler ¶
type MachineScheduler interface {
Disabled() bool
}
MachineScheduler defines the requirements for a config that pertains to Scheduler related options.
type NamedDocument ¶
type NamedDocument interface {
// Name of the document.
Name() string
}
NamedDocument is a configuration document which has a name.
type NetworkDeviceSelector ¶
type NetworkDeviceSelector interface {
Bus() string
HardwareAddress() string
PCIID() string
KernelDriver() string
Physical() *bool
}
NetworkDeviceSelector defines the set of fields that can be used to pick network a device.
type NetworkRule ¶ added in v1.6.0
type NetworkRule interface {
Protocol() nethelpers.Protocol
PortRanges() [][2]uint16
Subnets() []netip.Prefix
ExceptSubnets() []netip.Prefix
}
NetworkRule defines a network firewall rule.
type NetworkRuleConfig ¶ added in v1.6.0
type NetworkRuleConfig interface {
NetworkRuleConfigRules
NetworkRuleConfigDefaultAction
}
NetworkRuleConfig defines the interface to access network firewall configuration.
func WrapNetworkRuleConfigList ¶ added in v1.6.0
func WrapNetworkRuleConfigList(configs ...NetworkRuleConfigSignal) NetworkRuleConfig
WrapNetworkRuleConfigList wraps a list of NetworkConfig into a single NetworkConfig aggregating the results.
type NetworkRuleConfigDefaultAction ¶ added in v1.6.0
type NetworkRuleConfigDefaultAction interface {
DefaultAction() nethelpers.DefaultAction
}
NetworkRuleConfigDefaultAction defines the interface to access network firewall configuration.
type NetworkRuleConfigRules ¶ added in v1.6.0
type NetworkRuleConfigRules interface {
Rules() []NetworkRule
}
NetworkRuleConfigRules defines the interface to access network firewall configuration.
type NetworkRuleConfigSignal ¶ added in v1.6.0
type NetworkRuleConfigSignal interface {
NetworkRuleConfigSignal()
}
NetworkRuleConfigSignal is used to signal documents which implement either of the NetworkRuleConfig interfaces.
type NodeLabels ¶
NodeLabels defines the labels that should be set on a node.
type NodeTaints ¶ added in v1.6.0
NodeTaints defines the taints that should be set on a node.
type Proxy ¶
type Proxy interface {
Enabled() bool
Image() string
// Mode indicates the proxy mode for kube-proxy. By default, this is `iptables`. Other options include `ipvs`.
Mode() string
// ExtraArgs describe an additional set of arguments to be supplied to the execution of `kube-proxy`
ExtraArgs() map[string]string
}
Proxy defines the requirements for a config that pertains to the kube-proxy options.
type Registries ¶
type Registries interface {
// Mirror config by registry host (first part of image reference).
Mirrors() map[string]RegistryMirrorConfig
// Registry config (auth, TLS) by hostname.
Config() map[string]RegistryConfig
}
Registries defines the configuration for image fetching.
type RegistryAuthConfig ¶
type RegistryAuthConfig interface {
Username() string
Password() string
Auth() string
IdentityToken() string
}
RegistryAuthConfig specifies authentication configuration for a registry.
type RegistryConfig ¶
type RegistryConfig interface {
TLS() RegistryTLSConfig
Auth() RegistryAuthConfig
}
RegistryConfig specifies auth & TLS config per registry.
type RegistryMirrorConfig ¶
RegistryMirrorConfig represents mirror configuration for a registry.
type RegistryTLSConfig ¶
type RegistryTLSConfig interface {
ClientIdentity() *x509.PEMEncodedCertificateAndKey
CA() []byte
InsecureSkipVerify() bool
GetTLSConfig() (*tls.Config, error)
}
RegistryTLSConfig specifies TLS config for HTTPS registries.
type Resources ¶
type Resources interface {
CPURequests() string
MemoryRequests() string
CPULimits() string
MemoryLimits() string
}
Resources describes memory/cpu requests/limits for static pods.
type Route ¶
type Route interface {
Network() string
Gateway() string
Source() string
Metric() uint32
MTU() uint32
}
Route represents a network route.
type RuntimeConfig ¶
type RuntimeConfig interface {
EventsEndpoint() *string
KmsgLogURLs() []*url.URL
WatchdogTimer() WatchdogTimerConfig
}
RuntimeConfig defines the interface to access Talos runtime configuration.
func WrapRuntimeConfigList ¶
func WrapRuntimeConfigList(configs ...RuntimeConfig) RuntimeConfig
WrapRuntimeConfigList wraps a list of RuntimeConfig into a single RuntimeConfig aggregating the results.
type STP ¶
type STP interface {
Enabled() bool
}
STP contains the Spanning Tree Protocol settings for a bridge.
type Scheduler ¶
type Scheduler interface {
Image() string
ExtraArgs() map[string]string
ExtraVolumes() []VolumeMount
Env() Env
Resources() Resources
Config() map[string]any
}
Scheduler defines the requirements for a config that pertains to scheduler related options.
type SeccompProfile ¶
SeccompProfile defines the requirements for a config that pertains to seccomp related options.
type SecretDocument ¶
type SecretDocument interface {
// Redact does in-place replacement of secrets with the given string.
Redact(replacement string)
}
SecretDocument is a configuration document that contains secrets.
type Security ¶
type Security interface {
IssuingCA() *x509.PEMEncodedCertificateAndKey
AcceptedCAs() []*x509.PEMEncodedCertificate
Token() string
CertSANs() []string
}
Security defines the requirements for a config that pertains to security related options.
type ServiceRegistry ¶
ServiceRegistry describes external service discovery registry.
type SideroLinkConfig ¶
SideroLinkConfig defines the interface to access SideroLink configuration.
type SystemDiskEncryption ¶
type SystemDiskEncryption interface {
Get(label string) Encryption
}
SystemDiskEncryption accumulates settings for all system partitions encryption.
type Token ¶
Token defines the requirements for a config that pertains to Kubernetes bootstrap token.
type UdevConfig ¶
type UdevConfig interface {
Rules() []string
}
UdevConfig describes configuration for udev.
type VIPConfig ¶
type VIPConfig interface {
IP() string
EquinixMetal() VIPEquinixMetal
HCloud() VIPHCloud
}
VIPConfig contains settings for the Virtual (shared) IP setup.
type VIPEquinixMetal ¶
type VIPEquinixMetal interface {
APIToken() string
}
VIPEquinixMetal contains Equinix Metal API VIP settings.
type VIPHCloud ¶
type VIPHCloud interface {
APIToken() string
}
VIPHCloud contains Hetzner Cloud API VIP settings.
type Validator ¶
type Validator interface {
// Validate checks configuration and returns warnings and fatal errors (as multierror).
Validate(validation.RuntimeMode, ...validation.Option) ([]string, error)
}
Validator is the interface to validate configuration.
Validator might be implemented by a Container and a single Document.
type Vlan ¶
type Vlan interface {
Addresses() []string
Routes() []Route
DHCP() bool
ID() uint16
MTU() uint32
VIPConfig() VIPConfig
DHCPOptions() DHCPOptions
}
Vlan represents vlan settings for a device.
type VolumeMount ¶
VolumeMount describes extra volume mount for the static pods.
type WatchdogTimerConfig ¶ added in v1.7.0
WatchdogTimerConfig defines the interface to access Talos watchdog timer configuration.
type WireguardConfig ¶
type WireguardConfig interface {
PrivateKey() string
ListenPort() int
FirewallMark() int
Peers() []WireguardPeer
}
WireguardConfig contains settings for configuring Wireguard network interface.
Source Files