Documentation
¶
Index ¶
- Constants
- func AllowBootstrapTokensToPostCSRs(client clientset.Interface) error
- func AutoApproveNodeBootstrapTokens(client clientset.Interface, k8sVersion *version.Version) error
- func CreateNewToken(client clientset.Interface, token string, tokenDuration time.Duration, ...) error
- func UpdateOrCreateToken(client clientset.Interface, token string, failIfExists bool, ...) error
Constants ¶
View Source
const ( // NodeBootstrapperClusterRoleName defines the name of the auto-bootstrapped ClusterRole for letting someone post a CSR // TODO: This value should be defined in an other, generic authz package instead of here NodeBootstrapperClusterRoleName = "system:node-bootstrapper" // NodeKubeletBootstrap defines the name of the ClusterRoleBinding that lets kubelets post CSRs NodeKubeletBootstrap = "kubeadm:kubelet-bootstrap" // CSRAutoApprovalClusterRoleName defines the name of the auto-bootstrapped ClusterRole for making the csrapprover controller auto-approve the CSR // TODO: This value should be defined in an other, generic authz package instead of here CSRAutoApprovalClusterRoleName = "system:certificates.k8s.io:certificatesigningrequests:nodeclient" // NodeAutoApproveBootstrap defines the name of the ClusterRoleBinding that makes the csrapprover approve node CSRs NodeAutoApproveBootstrap = "kubeadm:node-autoapprove-bootstrap" )
Variables ¶
This section is empty.
Functions ¶
func AllowBootstrapTokensToPostCSRs ¶
AllowBootstrapTokensToPostCSRs creates RBAC rules in a way the makes Node Bootstrap Tokens able to post CSRs
func AutoApproveNodeBootstrapTokens ¶
AutoApproveNodeBootstrapTokens creates RBAC rules in a way that makes Node Bootstrap Tokens' CSR auto-approved by the csrapprover controller
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.