config

package
v1.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 26, 2022 License: MPL-2.0 Imports: 15 Imported by: 0

Documentation

Overview

Package config provides methods to generate and consume Talos configuration.

Package config provides methods to generate and consume Talos configuration.

Index

Constants

This section is empty.

Variables

View Source 
var (
	TalosVersionCurrent = (*VersionContract)(nil)
	TalosVersion1_1     = &VersionContract{1, 1}
	TalosVersion1_0     = &VersionContract{1, 0}
	TalosVersion0_14    = &VersionContract{0, 14}
	TalosVersion0_13    = &VersionContract{0, 13}
	TalosVersion0_12    = &VersionContract{0, 12}
	TalosVersion0_11    = &VersionContract{0, 11}
	TalosVersion0_10    = &VersionContract{0, 10}
	TalosVersion0_9     = &VersionContract{0, 9}
	TalosVersion0_8     = &VersionContract{0, 8}
)

Well-known Talos version contracts.

View Source 
var (
	// ErrNotRegistered indicates that the manifest kind is not registered.
	ErrNotRegistered = errors.New("not registered")
	// ErrExists indicates that the manifest is already registered.
	ErrExists = errors.New("exists")
)

Functions

func New 

func New(kind, version string) (interface{}, error)

New creates a new instance of the requested manifest.

func Register 

func Register(kind string, f func(version string) interface{})

Register registers a manifests with the registry.

Types

type APIServer 

type APIServer interface {
	Image() string
	ExtraArgs() map[string]string
	ExtraVolumes() []VolumeMount
	Env() Env
	DisablePodSecurityPolicy() bool
	AdmissionControl() []AdmissionPlugin
}

APIServer defines the requirements for a config that pertains to apiserver related options.

type AdminKubeconfig 

type AdminKubeconfig interface {
	CertLifetime() time.Duration
}

AdminKubeconfig defines settings for admin kubeconfig.

type AdmissionPlugin added in v1.0.0 

type AdmissionPlugin interface {
	Name() string
	Configuration() map[string]interface{}
}

AdmissionPlugin defines the API server Admission Plugin configuration.

type Bond 

type Bond interface {
	Interfaces() []string
	ARPIPTarget() []string
	Mode() string
	HashPolicy() string
	LACPRate() string
	ADActorSystem() string
	ARPValidate() string
	ARPAllTargets() string
	Primary() string
	PrimaryReselect() string
	FailOverMac() string
	ADSelect() string
	MIIMon() uint32
	UpDelay() uint32
	DownDelay() uint32
	ARPInterval() uint32
	ResendIGMP() uint32
	MinLinks() uint32
	LPInterval() uint32
	PacketsPerSlave() uint32
	NumPeerNotif() uint8
	TLBDynamicLB() uint8
	AllSlavesActive() uint8
	UseCarrier() bool
	ADActorSysPrio() uint16
	ADUserPortKey() uint16
	PeerNotifyDelay() uint32
}

Bond contains the various options for configuring a bonded interface.

type CNI 

type CNI interface {
	Name() string
	URLs() []string
}

CNI defines the requirements for a config that pertains to Kubernetes cni.

type ClusterConfig 

type ClusterConfig interface {
	ID() string
	Name() string
	Secret() string
	APIServer() APIServer
	ControllerManager() ControllerManager
	Proxy() Proxy
	Scheduler() Scheduler
	Endpoint() *url.URL
	Token() Token
	CertSANs() []string
	CA() *x509.PEMEncodedCertificateAndKey
	AggregatorCA() *x509.PEMEncodedCertificateAndKey
	ServiceAccount() *x509.PEMEncodedKey
	AESCBCEncryptionSecret() string
	Config(machine.Type) (string, error)
	Etcd() Etcd
	Network() ClusterNetwork
	LocalAPIServerPort() int
	CoreDNS() CoreDNS
	// ExternalCloudProvider returns external cloud provider settings.
	ExternalCloudProvider() ExternalCloudProvider
	ExtraManifestURLs() []string
	ExtraManifestHeaderMap() map[string]string
	InlineManifests() []InlineManifest
	AdminKubeconfig() AdminKubeconfig
	ScheduleOnMasters() bool
	Discovery() Discovery
}

ClusterConfig defines the requirements for a config that pertains to cluster related options.

type ClusterNetwork 

type ClusterNetwork interface {
	CNI() CNI
	PodCIDRs() []string
	ServiceCIDRs() []string
	DNSDomain() string
	// APIServerIPs returns kube-apiserver IPs in the ServiceCIDR.
	APIServerIPs() ([]net.IP, error)
	// DNSServiceIPs returns DNS service IPs in the ServiceCIDR.
	DNSServiceIPs() ([]net.IP, error)
}

ClusterNetwork defines the requirements for a config that pertains to cluster network options.

type ControllerManager 

type ControllerManager interface {
	Image() string
	ExtraArgs() map[string]string
	ExtraVolumes() []VolumeMount
	Env() Env
}

ControllerManager defines the requirements for a config that pertains to controller manager related options.

type CoreDNS 

type CoreDNS interface {
	Enabled() bool
	Image() string
}

CoreDNS defines the requirements for a config that pertains to CoreDNS coredns options.

type DHCPOptions 

type DHCPOptions interface {
	RouteMetric() uint32
	IPv4() bool
	IPv6() bool
	DUIDv6() string
}

DHCPOptions represents a set of DHCP options.

type Device 

type Device interface {
	Interface() string
	Addresses() []string
	Routes() []Route
	Bond() Bond
	Vlans() []Vlan
	MTU() int
	DHCP() bool
	Ignore() bool
	Dummy() bool
	DHCPOptions() DHCPOptions
	VIPConfig() VIPConfig
	WireguardConfig() WireguardConfig
	Selector() NetworkDeviceSelector
}

Device represents a network interface.

type Discovery added in v0.13.0 

type Discovery interface {
	Enabled() bool
	Registries() DiscoveryRegistries
}

Discovery describes cluster membership discovery.

type DiscoveryRegistries added in v0.13.0 

type DiscoveryRegistries interface {
	Kubernetes() KubernetesRegistry
	Service() ServiceRegistry
}

DiscoveryRegistries describes discovery methods.

type Disk 

type Disk interface {
	Device() string
	Partitions() []Partition
}

Disk represents the options available for partitioning, formatting, and mounting extra disks.

type Encryption 

type Encryption interface {
	Kind() string
	Cipher() string
	KeySize() uint
	BlockSize() uint64
	Options() []string
	Keys() []EncryptionKey
}

Encryption defines settings for the partition encryption.

type EncryptionKey 

type EncryptionKey interface {
	Static() EncryptionKeyStatic
	NodeID() EncryptionKeyNodeID
	Slot() int
}

EncryptionKey defines settings for the partition encryption key handling.

type EncryptionKeyNodeID 

type EncryptionKeyNodeID interface{}

EncryptionKeyNodeID deterministically generated encryption key.

type EncryptionKeyStatic 

type EncryptionKeyStatic interface {
	Key() []byte
}

EncryptionKeyStatic ephemeral encryption key.

type Env 

type Env = map[string]string

Env represents a set of environment variables.

type Etcd 

type Etcd interface {
	Image() string
	CA() *x509.PEMEncodedCertificateAndKey
	ExtraArgs() map[string]string
	Subnet() string
}

Etcd defines the requirements for a config that pertains to etcd related options.

type Extension added in v1.0.0 

type Extension interface {
	Image() string
}

Extension defines the system extension.

type ExternalCloudProvider 

type ExternalCloudProvider interface {
	// Enabled returns true if external cloud provider is enabled.
	Enabled() bool
	// ManifestURLs returns external cloud provider manifest URLs if it is enabled.
	ManifestURLs() []string
}

ExternalCloudProvider defines settings for external cloud provider.

type ExtraHost 

type ExtraHost interface {
	IP() string
	Aliases() []string
}

ExtraHost represents a host entry in /etc/hosts.

type Features 

type Features interface {
	RBACEnabled() bool
}

Features describe individual Talos features that can be switched on or off.

type File 

type File interface {
	Content() string
	Permissions() os.FileMode
	Path() string
	Op() string
}

File represents a file to write to disk.

type InlineManifest 

type InlineManifest interface {
	Name() string
	Contents() string
}

InlineManifest describes inline manifest for the cluster boostrap.

type Install 

type Install interface {
	Image() string
	Extensions() []Extension
	Disk() (string, error)
	ExtraKernelArgs() []string
	Zero() bool
	LegacyBIOSSupport() bool
	WithBootloader() bool
}

Install defines the requirements for a config that pertains to install related options.

type Kernel added in v1.0.0 

type Kernel interface {
	Modules() []KernelModule
}

Kernel describes Talos Linux kernel configuration.

type KernelModule added in v1.0.0 

type KernelModule interface {
	Name() string
}

KernelModule describes Linux module to load.

type KubeSpan added in v0.13.0 

type KubeSpan interface {
	Enabled() bool
	ForceRouting() bool
}

KubeSpan configures KubeSpan feature.

type Kubelet 

type Kubelet interface {
	Image() string
	ClusterDNS() []string
	ExtraArgs() map[string]string
	ExtraMounts() []specs.Mount
	ExtraConfig() map[string]interface{}
	RegisterWithFQDN() bool
	NodeIP() KubeletNodeIP
}

Kubelet defines the requirements for a config that pertains to kubelet related options.

type KubeletNodeIP added in v0.13.0 

type KubeletNodeIP interface {
	ValidSubnets() []string
}

KubeletNodeIP defines the way node IPs are selected for the kubelet.

type KubernetesRegistry added in v0.13.0 

type KubernetesRegistry interface {
	Enabled() bool
}

KubernetesRegistry describes Kubernetes discovery registry.

type Logging added in v0.14.0 

type Logging interface {
	Destinations() []LoggingDestination
}

Logging describes logging configuration.

type LoggingDestination added in v0.14.0 

type LoggingDestination interface {
	Endpoint() *url.URL
	Format() string
}

LoggingDestination describes logging destination.

type MachineConfig 

type MachineConfig interface {
	Install() Install
	Security() Security
	Network() MachineNetwork
	Disks() []Disk
	Time() Time
	Env() Env
	Files() ([]File, error)
	Type() machine.Type
	Controlplane() MachineControlPlane
	Pods() []map[string]interface{}
	Kubelet() Kubelet
	Sysctls() map[string]string
	Sysfs() map[string]string
	Registries() Registries
	SystemDiskEncryption() SystemDiskEncryption
	Features() Features
	Udev() UdevConfig
	Logging() Logging
	Kernel() Kernel
}

MachineConfig defines the requirements for a config that pertains to machine related options.

type MachineControlPlane added in v0.14.0 

type MachineControlPlane interface {
	ControllerManager() MachineControllerManager
	Scheduler() MachineScheduler
}

MachineControlPlane defines the requirements for a config that pertains to Controlplane related options.

type MachineControllerManager added in v0.14.0 

type MachineControllerManager interface {
	Disabled() bool
}

MachineControllerManager defines the requirements for a config that pertains to ControllerManager related options.

type MachineNetwork 

type MachineNetwork interface {
	Hostname() string
	Resolvers() []string
	Devices() []Device
	ExtraHosts() []ExtraHost
	KubeSpan() KubeSpan
	DisableSearchDomain() bool
}

MachineNetwork defines the requirements for a config that pertains to network related options.

type MachineScheduler added in v0.14.0 

type MachineScheduler interface {
	Disabled() bool
}

MachineScheduler defines the requirements for a config that pertains to Scheduler related options.

type NetworkDeviceSelector added in v1.1.0 

type NetworkDeviceSelector interface {
	Bus() string
	HardwareAddress() string
	PCIID() string
	KernelDriver() string
}

NetworkDeviceSelector defines the set of fields that can be used to pick network a device.

type Partition 

type Partition interface {
	Size() uint64
	MountPoint() string
}

Partition represents the options for a device partition.

type Provider 

type Provider interface {
	// Config parts accessor.
	Version() string
	Debug() bool
	Persist() bool
	Machine() MachineConfig
	Cluster() ClusterConfig

	// Validate checks configuration and returns warnings and fatal errors (as multierror).
	Validate(RuntimeMode, ...ValidationOption) ([]string, error)

	// Bytes returns source YAML representation (if available) or does default encoding.
	Bytes() ([]byte, error)

	// Encode configuration to YAML using the provided options.
	EncodeString(encoderOptions ...encoder.Option) (string, error)
	EncodeBytes(encoderOptions ...encoder.Option) ([]byte, error)

	// Raw returns internal config representation.
	Raw() interface{}
}

Provider defines the configuration consumption interface.

type ProviderBundle 

type ProviderBundle interface {
	Init() Provider
	ControlPlane() Provider
	Worker() Provider
	TalosConfig() *clientconfig.Config
}

ProviderBundle defines the configuration bundle interface.

type Proxy 

type Proxy interface {
	Enabled() bool

	Image() string

	// Mode indicates the proxy mode for kube-proxy.  By default, this is `iptables`.  Other options include `ipvs`.
	Mode() string

	// ExtraArgs describe an additional set of arguments to be supplied to the execution of `kube-proxy`
	ExtraArgs() map[string]string
}

Proxy defines the requirements for a config that pertains to the kube-proxy options.

type Registries 

type Registries interface {
	// Mirror config by registry host (first part of image reference).
	Mirrors() map[string]RegistryMirrorConfig
	// Registry config (auth, TLS) by hostname.
	Config() map[string]RegistryConfig
}

Registries defines the configuration for image fetching.

type Registry 

type Registry struct {
	// contains filtered or unexported fields
}

Registry represents the provider registry.

type RegistryAuthConfig 

type RegistryAuthConfig interface {
	Username() string
	Password() string
	Auth() string
	IdentityToken() string
}

RegistryAuthConfig specifies authentication configuration for a registry.

type RegistryConfig 

type RegistryConfig interface {
	TLS() RegistryTLSConfig
	Auth() RegistryAuthConfig
}

RegistryConfig specifies auth & TLS config per registry.

type RegistryMirrorConfig 

type RegistryMirrorConfig interface {
	Endpoints() []string
}

RegistryMirrorConfig represents mirror configuration for a registry.

type RegistryTLSConfig 

type RegistryTLSConfig interface {
	ClientIdentity() *x509.PEMEncodedCertificateAndKey
	CA() []byte
	InsecureSkipVerify() bool
	GetTLSConfig() (*tls.Config, error)
}

RegistryTLSConfig specifies TLS config for HTTPS registries.

type Route 

type Route interface {
	Network() string
	Gateway() string
	Source() string
	Metric() uint32
}

Route represents a network route.

type RuntimeMode 

type RuntimeMode interface {
	fmt.Stringer
	RequiresInstall() bool
}

RuntimeMode abstracts current runtime mode.

type Scheduler 

type Scheduler interface {
	Image() string
	ExtraArgs() map[string]string
	ExtraVolumes() []VolumeMount
	Env() Env
}

Scheduler defines the requirements for a config that pertains to scheduler related options.

type Security 

type Security interface {
	CA() *x509.PEMEncodedCertificateAndKey
	Token() string
	CertSANs() []string
}

Security defines the requirements for a config that pertains to security related options.

type ServiceRegistry added in v0.13.0 

type ServiceRegistry interface {
	Enabled() bool
	Endpoint() string
}

ServiceRegistry describes external service discovery registry.

type SystemDiskEncryption 

type SystemDiskEncryption interface {
	Get(label string) Encryption
}

SystemDiskEncryption accumulates settings for all system partitions encryption.

type Time 

type Time interface {
	Disabled() bool
	Servers() []string
	BootTimeout() time.Duration
}

Time defines the requirements for a config that pertains to time related options.

type Token 

type Token interface {
	ID() string
	Secret() string
}

Token defines the requirements for a config that pertains to Kubernetes bootstrap token.

type UdevConfig added in v0.14.0 

type UdevConfig interface {
	Rules() []string
}

UdevConfig describes configuration for udev.

type VIPConfig 

type VIPConfig interface {
	IP() string
	EquinixMetal() VIPEquinixMetal
	HCloud() VIPHCloud
}

VIPConfig contains settings for the Virtual (shared) IP setup.

type VIPEquinixMetal added in v0.12.0 

type VIPEquinixMetal interface {
	APIToken() string
}

VIPEquinixMetal contains Equinix Metal API VIP settings.

type VIPHCloud added in v0.13.0 

type VIPHCloud interface {
	APIToken() string
}

VIPHCloud contains Hetzner Cloud API VIP settings.

type ValidationOption 

type ValidationOption func(opts *ValidationOptions)

ValidationOption represents an additional validation parameter for the config Validate method.

func WithLocal 

func WithLocal() ValidationOption

WithLocal enables local flag.

func WithStrict 

func WithStrict() ValidationOption

WithStrict enables strict flag.

type ValidationOptions 

type ValidationOptions struct {
	// Local should disable part of the validation flow which won't work on the host machine.
	Local bool
	// Strict mode returns warnings as errors.
	Strict bool
}

ValidationOptions additional validation parameters for the config Validate method.

func NewValidationOptions 

func NewValidationOptions(options ...ValidationOption) *ValidationOptions

NewValidationOptions creates new validation options.

type VersionContract 

type VersionContract struct {
	Major int
	Minor int
}

VersionContract describes Talos version to generate config for.

Config generation only supports backwards compatibility (e.g. Talos 0.9 can generate configs for Talos 0.9 and 0.8). Matching version of the machinery package is required to generate configs for the current version of Talos.

Nil value of *VersionContract always describes current version of Talos.

func ParseContractFromVersion 

func ParseContractFromVersion(version string) (*VersionContract, error)

ParseContractFromVersion parses Talos version into VersionContract.

func (*VersionContract) ClusterDiscoveryEnabled added in v0.14.0 

func (contract *VersionContract) ClusterDiscoveryEnabled() bool

ClusterDiscoveryEnabled returns true if cluster discovery should be enabled by default.

func (*VersionContract) Greater 

func (contract *VersionContract) Greater(other *VersionContract) bool

Greater compares contract to another contract.

func (*VersionContract) PodSecurityAdmissionEnabled added in v1.0.0 

func (contract *VersionContract) PodSecurityAdmissionEnabled() bool

PodSecurityAdmissionEnabled returns true if pod security admission should be enabled by default.

func (*VersionContract) PodSecurityPolicyEnabled added in v1.0.0 

func (contract *VersionContract) PodSecurityPolicyEnabled() bool

PodSecurityPolicyEnabled returns true if pod security policy should be enabled by default.

func (*VersionContract) SupportsAggregatorCA 

func (contract *VersionContract) SupportsAggregatorCA() bool

SupportsAggregatorCA returns true if version of Talos supports AggregatorCA in the config.

func (*VersionContract) SupportsDynamicCertSANs added in v0.13.0 

func (contract *VersionContract) SupportsDynamicCertSANs() bool

SupportsDynamicCertSANs returns true if version of Talos supports dynamic certificate generation with SANs provided from resources.

func (*VersionContract) SupportsECDSAKeys 

func (contract *VersionContract) SupportsECDSAKeys() bool

SupportsECDSAKeys returns true if version of Talos supports ECDSA keys (vs. RSA keys).

func (*VersionContract) SupportsECDSASHA256 added in v0.13.0 

func (contract *VersionContract) SupportsECDSASHA256() bool

SupportsECDSASHA256 returns true if version of Talos supports ECDSA-SHA256 for Kubernetes certificates.

func (*VersionContract) SupportsRBACFeature 

func (contract *VersionContract) SupportsRBACFeature() bool

SupportsRBACFeature returns true if version of Talos supports RBAC feature gate.

func (*VersionContract) SupportsServiceAccount 

func (contract *VersionContract) SupportsServiceAccount() bool

SupportsServiceAccount returns true if version of Talos supports ServiceAccount in the config.

type Vlan 

type Vlan interface {
	Addresses() []string
	Routes() []Route
	DHCP() bool
	ID() uint16
	MTU() uint32
	VIPConfig() VIPConfig
}

Vlan represents vlan settings for a device.

type VolumeMount 

type VolumeMount interface {
	Name() string
	HostPath() string
	MountPath() string
	ReadOnly() bool
}

VolumeMount describes extra volume mount for the static pods.

type WireguardConfig 

type WireguardConfig interface {
	PrivateKey() string
	ListenPort() int
	FirewallMark() int
	Peers() []WireguardPeer
}

WireguardConfig contains settings for configuring Wireguard network interface.

type WireguardPeer 

type WireguardPeer interface {
	PublicKey() string
	Endpoint() string
	PersistentKeepaliveInterval() time.Duration
	AllowedIPs() []string
}

WireguardPeer a WireGuard device peer configuration.

Source Files

View all Source files

Directories

Path Synopsis
Package configloader provides methods to load Talos config.
 Package configloader provides methods to load Talos config.
Package configpatcher provides methods to patch Talos config.
 Package configpatcher provides methods to patch Talos config.
internal
cis
types
v1alpha1
Package v1alpha1 configuration file contains all the options available for configuring a machine.
 Package v1alpha1 configuration file contains all the options available for configuring a machine.
v1alpha1/bundle
v1alpha1/generate
Package generate provides Talos machine configuration generation and client config generation.
 Package generate provides Talos machine configuration generation and client config generation.
v1alpha1/machine

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.