utils

package
v1.15.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 11, 2021 License: Apache-2.0 Imports: 42 Imported by: 0

Documentation

Overview

This file contains functions common to the controllers to help them interact with elasticsearch.

Index

Constants

View Source
const (
	ElasticsearchRetentionFactor = 4
	DefaultMaxIndexSizeGi        = 30
	ElasticConnRetries           = 10
	ElasticConnRetryInterval     = "500ms"
)

Variables

View Source
var (
	ErrInvalidCertDNSNames  = errors.New("cert has the wrong DNS names")
	ErrInvalidCertNoPEMData = errors.New("cert has no PEM data")
)
View Source
var DefaultInstanceKey = client.ObjectKey{Name: "default"}
View Source
var DefaultTSEEInstanceKey = client.ObjectKey{Name: "tigera-secure"}
View Source
var OverlayInstanceKey = client.ObjectKey{Name: "overlay"}

Functions

func AddAPIServerWatch

func AddAPIServerWatch(c controller.Controller) error

func AddComplianceWatch added in v0.2.1

func AddComplianceWatch(c controller.Controller) error

func AddConfigMapWatch added in v1.0.0

func AddConfigMapWatch(c controller.Controller, name, namespace string) error

func AddNamespaceWatch added in v1.6.0

func AddNamespaceWatch(c controller.Controller, name string) error

func AddNetworkWatch

func AddNetworkWatch(c controller.Controller) error

func AddSecretsWatch added in v1.0.0

func AddSecretsWatch(c controller.Controller, name, namespace string, metaMatches ...MetaMatch) error

func AddServiceWatch added in v1.2.0

func AddServiceWatch(c controller.Controller, name, namespace string) error

func AutoDiscoverProvider added in v1.0.0

func AutoDiscoverProvider(ctx context.Context, clientset kubernetes.Interface) (operatorv1.Provider, error)

func CheckLicenseKey added in v1.0.0

func CheckLicenseKey(ctx context.Context, cli client.Client) error

CheckLicenseKey checks if a license has been installed. It's useful to prevent rollout of TSEE components that might require it. It will return an error if the license is not installed, and nil otherwise.

func ContextLoggerForResource

func ContextLoggerForResource(log logr.Logger, obj client.Object) logr.Logger

ContextLoggerForResource provides a logger instance with context set for the provided object.

func ElasticsearchSecrets added in v1.0.0

func ElasticsearchSecrets(ctx context.Context, userSecretNames []string, cli client.Client) ([]*corev1.Secret, error)

ElasticsearchSecrets gets the secrets needed for a component to be able to access Elasticsearch

func EnsureCertificateSecret added in v1.14.0

func EnsureCertificateSecret(secretName string, secret *corev1.Secret, keyName string, certName string, certDuration time.Duration, svcDNSNames ...string) (*corev1.Secret, error)

EnsureCertificateSecret ensures that the certificate in the secret has the expected DNS names. If no secret is provided, a new secret is created and returned. If the secret does have the right DNS names then the secret is returned. If the cert in the secret has invalid DNS names and the secret is operator managed, then a new secret is created and returned. Otherwise, if the secret is user-supplied, an error is returned.

func GetAmazonCloudIntegration added in v1.8.0

func GetAmazonCloudIntegration(ctx context.Context, client client.Client) (*operatorv1.AmazonCloudIntegration, error)

GetAmazonCloudIntegration returns the tigera AmazonCloudIntegration instance.

func GetAuthentication added in v1.9.0

func GetAuthentication(ctx context.Context, cli client.Client) (*operatorv1.Authentication, error)

GetAuthentication finds the authentication CR in your cluster.

func GetElasticLicenseType added in v1.14.0

func GetElasticLicenseType(ctx context.Context, cli client.Client, logger logr.Logger) (render.ElasticsearchLicenseType, error)

GetElasticLicenseType returns the license type from elastic-licensing ConfigMap that ECK operator keeps updated.

func GetElasticsearchClusterConfig added in v1.2.0

func GetElasticsearchClusterConfig(ctx context.Context, cli client.Client) (*render.ElasticsearchClusterConfig, error)

GetElasticsearchClusterConfig retrieves the config map containing the elasticsearch configuration values, such as the the cluster name and replica count.

func GetManagementCluster added in v1.9.0

func GetManagementCluster(ctx context.Context, c client.Client) (*operatorv1.ManagementCluster, error)

Return the ManagementCluster CR if present. No error is returned if it was not found.

func GetManagementClusterConnection added in v1.9.0

func GetManagementClusterConnection(ctx context.Context, c client.Client) (*operatorv1.ManagementClusterConnection, error)

Return the ManagementClusterConnection CR if present. No error is returned if it was not found.

func GetNetworkingPullSecrets

func GetNetworkingPullSecrets(i *operatorv1.InstallationSpec, c client.Client) ([]*corev1.Secret, error)

func GetSecret added in v1.14.0

func GetSecret(ctx context.Context, client client.Client, name string, ns string) (*corev1.Secret, error)

func IgnoreObject

func IgnoreObject(obj runtime.Object) bool

IgnoreObject returns true if the object has been marked as ignored by the user, and returns false otherwise.

func IsAPIServerReady

func IsAPIServerReady(client client.Client, l logr.Logger) bool

func IsOperatorManaged added in v1.14.0

func IsOperatorManaged(certSecret *corev1.Secret, certKeyName string) (bool, error)

Check if the cert secret is created and managed by the operator.

func LogStorageExists added in v1.9.0

func LogStorageExists(ctx context.Context, cli client.Client) (bool, error)

func RandomPassword added in v1.0.0

func RandomPassword(length int) (string, error)

func RequiresAmazonController added in v1.8.0

func RequiresAmazonController(cfg *rest.Config) (bool, error)

RequiresAmazonController determines if the configuration requires we start the aws controllers.

func RequiresTigeraSecure added in v1.0.0

func RequiresTigeraSecure(cfg *rest.Config) (bool, error)

RequiresTigeraSecure determines if the configuration requires we start the tigera secure controllers.

func SecretHasExpectedDNSNames added in v1.14.0

func SecretHasExpectedDNSNames(secret *corev1.Secret, certKeyName string, expectedDNSNames []string) error

Check that the cert in the secret has the expected DNS names.

func StrToElasticLicenseType added in v1.14.0

func StrToElasticLicenseType(license string, logger logr.Logger) render.ElasticsearchLicenseType

StrToElasticLicenseType maps Elasticsearch license to one of the known and expected value.

func ValidateCertPair

func ValidateCertPair(client client.Client, namespace, certPairSecretName, keyName, certName string) (*corev1.Secret, error)

ValidateCertPairInNamespace checks if the given secret exists in the given namespace and if so that it contains key and cert fields. If a secret exists then it is returned. If there is an error accessing the secret (except NotFound) or the cert does not have both a key and cert field then an appropriate error is returned. If no secret exists then nil, nil is returned to represent that no cert is valid.

Types

type ComponentHandler

type ComponentHandler interface {
	CreateOrUpdate(context.Context, render.Component, status.StatusManager) error
}

func NewComponentHandler

func NewComponentHandler(log logr.Logger, client client.Client, scheme *runtime.Scheme, cr metav1.Object) ComponentHandler

type ElasticClient added in v1.14.0

type ElasticClient interface {
	SetILMPolicies(client.Client, context.Context, *operatorv1.LogStorage, string) error
}

func NewElasticClient added in v1.14.0

func NewElasticClient() ElasticClient

type MetaMatch added in v1.2.0

type MetaMatch func(metav1.ObjectMeta) bool

type Policy added in v1.14.0

type Policy struct {
	Phases struct {
		Hot struct {
			Actions struct {
				Rollover struct {
					MaxSize string `json:"max_size"`
					MaxAge  string `json:"max_age"`
				}
			}
		}
		Delete struct {
			MinAge string `json:"min_age"`
		}
	}
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL