Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var (
NodeBootstrapTokenAuthGroup = "system:bootstrappers:" + version.Program + ":default-node-token"
)
Functions ¶
func BootstrapTokenToSecret ¶
func BootstrapTokenToSecret(bt *BootstrapToken) *v1.Secret
BootstrapTokenToSecret converts the given BootstrapToken object to its Secret representation that may be submitted to the API Server in order to be stored.
Types ¶
type BootstrapToken ¶
type BootstrapToken struct { // Token is used for establishing bidirectional trust between nodes and control-planes. // Used for joining nodes in the cluster. Token *BootstrapTokenString `json:"token" datapolicy:"token"` // Description sets a human-friendly message why this token exists and what it's used // for, so other administrators can know its purpose. // +optional Description string `json:"description,omitempty"` // TTL defines the time to live for this token. Defaults to 24h. // Expires and TTL are mutually exclusive. // +optional TTL *metav1.Duration `json:"ttl,omitempty"` // Expires specifies the timestamp when this token expires. Defaults to being set // dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. // +optional Expires *metav1.Time `json:"expires,omitempty"` // Usages describes the ways in which this token can be used. Can by default be used // for establishing bidirectional trust, but that can be changed here. // +optional Usages []string `json:"usages,omitempty"` // Groups specifies the extra groups that this token will authenticate as when/if // used for authentication // +optional Groups []string `json:"groups,omitempty"` }
BootstrapToken describes one bootstrap token, stored as a Secret in the cluster
func BootstrapTokenFromSecret ¶
func BootstrapTokenFromSecret(secret *v1.Secret) (*BootstrapToken, error)
BootstrapTokenFromSecret returns a BootstrapToken object from the given Secret
type BootstrapTokenString ¶
type BootstrapTokenString struct { ID string `json:"-"` Secret string `json:"-" datapolicy:"token"` }
BootstrapTokenString is a token of the format abcdef.abcdef0123456789 that is used for both validation of the identity of the API server from a joining node's point of view and as an authentication method for the node. This token is and should be short-lived.
func NewBootstrapTokenString ¶
func NewBootstrapTokenString(token string) (*BootstrapTokenString, error)
NewBootstrapTokenString converts the given Bootstrap Token as a string to the BootstrapTokenString object used for serialization/deserialization and internal usage. It also automatically validates that the given token is of the right format
func NewBootstrapTokenStringFromIDAndSecret ¶
func NewBootstrapTokenStringFromIDAndSecret(id, secret string) (*BootstrapTokenString, error)
NewBootstrapTokenStringFromIDAndSecret is a wrapper around NewBootstrapTokenString that allows the caller to specify the ID and Secret separately
func (BootstrapTokenString) String ¶
func (bts BootstrapTokenString) String() string
String returns the string representation of the BootstrapTokenString