Documentation ¶
Index ¶
- Constants
- Variables
- func NewCertAndKey(caCert *x509.Certificate, caKey *rsa.PrivateKey, config *certutil.Config) (*x509.Certificate, *rsa.PrivateKey, error)
- type CARequest
- type Handler
- type PKI
- type Pair
- type PairPEM
- type Service
- func (s *Service) Delete(ctx context.Context, ID string) error
- func (s *Service) GenerateFromCA(ctx context.Context, parentBytes []byte) (*PKI, error)
- func (s *Service) GenerateSelfSigned(ctx context.Context) (*PKI, error)
- func (s *Service) Get(ctx context.Context, ID string) (*PKI, error)
- func (s *Service) GetAll(ctx context.Context) ([]*PKI, error)
Constants ¶
View Source
const (
MastersGroup = "system:masters"
)
Variables ¶
Functions ¶
func NewCertAndKey ¶
func NewCertAndKey(caCert *x509.Certificate, caKey *rsa.PrivateKey, config *certutil.Config) (*x509.Certificate, *rsa.PrivateKey, error)
NewCertAndKey creates signed certificate and key for the provided CA.
Types ¶
type CARequest ¶
type CARequest struct { DNSDomain string `json:"dnsDomain" valid:"required"` IPs []string `json:"ips" valid:"required"` CA []byte `json:"ca" valid:"optional"` }
CARequest defines a request to generate or use CA if provided to setup PKI for k8s cluster
type PKI ¶
type PKI struct { ID string `json:"id"` CA *PairPEM `json:"ca"` //KubeName is a sg specific name of a k8s cluster KubeName string `json:"kubeName"` }
PKI defines a set of certificates/keys for a kubernetes cluster.
type Pair ¶
type Pair struct { Cert *x509.Certificate Key *rsa.PrivateKey }
Pair defines a certificate and a private key.
type PairPEM ¶
PairPEM defines PEM encoded certificate and private key. TODO: user cert pair in the kube model or get rid of it.
func NewAdminPair ¶
NewAdminPair creates certificates for the kubernetes admin user.
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
func (*Service) GenerateFromCA ¶
func (*Service) GenerateSelfSigned ¶
Click to show internal directories.
Click to hide internal directories.