kubeadm

package
v1.31.1-rc5.0...-9692409 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 24, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	NodeBootstrapTokenAuthGroup = "system:bootstrappers:" + version.Program + ":default-node-token"
)

Functions

func BootstrapTokenToSecret

func BootstrapTokenToSecret(bt *BootstrapToken) *v1.Secret

BootstrapTokenToSecret converts the given BootstrapToken object to its Secret representation that may be submitted to the API Server in order to be stored.

func SetDefaults

func SetDefaults(clx *cli.Context, cfg *cmds.Token) error

SetDefaults ensures that the default values are set on the token configuration. These are set here, rather than in the default Token struct, to avoid importing the cluster-bootstrap packages into the CLI.

Types

type BootstrapToken

type BootstrapToken struct {
	// Token is used for establishing bidirectional trust between nodes and control-planes.
	// Used for joining nodes in the cluster.
	Token *BootstrapTokenString `json:"token" datapolicy:"token"`
	// Description sets a human-friendly message why this token exists and what it's used
	// for, so other administrators can know its purpose.
	// +optional
	Description string `json:"description,omitempty"`
	// TTL defines the time to live for this token. Defaults to 24h.
	// Expires and TTL are mutually exclusive.
	// +optional
	TTL *metav1.Duration `json:"ttl,omitempty"`
	// Expires specifies the timestamp when this token expires. Defaults to being set
	// dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive.
	// +optional
	Expires *metav1.Time `json:"expires,omitempty"`
	// Usages describes the ways in which this token can be used. Can by default be used
	// for establishing bidirectional trust, but that can be changed here.
	// +optional
	Usages []string `json:"usages,omitempty"`
	// Groups specifies the extra groups that this token will authenticate as when/if
	// used for authentication
	// +optional
	Groups []string `json:"groups,omitempty"`
}

BootstrapToken describes one bootstrap token, stored as a Secret in the cluster

func BootstrapTokenFromSecret

func BootstrapTokenFromSecret(secret *v1.Secret) (*BootstrapToken, error)

BootstrapTokenFromSecret returns a BootstrapToken object from the given Secret

type BootstrapTokenString

type BootstrapTokenString struct {
	ID     string `json:"-"`
	Secret string `json:"-" datapolicy:"token"`
}

BootstrapTokenString is a token of the format abcdef.abcdef0123456789 that is used for both validation of the identity of the API server from a joining node's point of view and as an authentication method for the node. This token is and should be short-lived.

func NewBootstrapTokenString

func NewBootstrapTokenString(token string) (*BootstrapTokenString, error)

NewBootstrapTokenString converts the given Bootstrap Token as a string to the BootstrapTokenString object used for serialization/deserialization and internal usage. It also automatically validates that the given token is of the right format

func NewBootstrapTokenStringFromIDAndSecret

func NewBootstrapTokenStringFromIDAndSecret(id, secret string) (*BootstrapTokenString, error)

NewBootstrapTokenStringFromIDAndSecret is a wrapper around NewBootstrapTokenString that allows the caller to specify the ID and Secret separately

func (BootstrapTokenString) String

func (bts BootstrapTokenString) String() string

String returns the string representation of the BootstrapTokenString

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL