Documentation ¶
Index ¶
Constants ¶
View Source
const (
MastersGroup = "system:masters"
)
View Source
const (
PublicKeyBlockType = "PUBLIC KEY"
)
Variables ¶
View Source
var ( ErrInvalidCA = errors.New("certificate is not a certificate authority") ErrEmptyPair = errors.New("pair or cert/key is empty") )
Functions ¶
Types ¶
type CARequest ¶
type CARequest struct { DNSDomain string `json:"dnsDomain" valid:"required"` IPs []string `json:"ips" valid:"required"` CA []byte `json:"ca" valid:"optional"` }
CARequest defines a request to generate or use CA if provided to setup PKI for k8s cluster
type PKI ¶
type PKI struct { ID string `json:"id"` CA *PairPEM `json:"ca"` //KubeName is a sg specific name of a k8s cluster KubeName string `json:"kubeName"` }
PKI defines a set of certificates/keys for a kubernetes cluster.
type Pair ¶
type Pair struct { Cert *x509.Certificate Key *rsa.PrivateKey }
Pair defines a certificate and a private key.
type PairPEM ¶
PairPEM defines PEM encoded certificate and private key. TODO: user cert pair in the kube model or get rid of it.
func NewAdminPair ¶
NewAdminPair creates certificates for the kubernetes admin user.
Click to show internal directories.
Click to hide internal directories.