Documentation
¶
Index ¶
- Constants
- type DeleteExternal
- type ResourceBaseReconciler
- type RoleReconciler
- func (r *RoleReconciler) Delete(ctx context.Context, obj kclient.Object) error
- func (r *RoleReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
- func (r *RoleReconciler) SetupWithManager(mgr ctrl.Manager) error
- func (r *RoleReconciler) Upsert(ctx context.Context, obj kclient.Object) error
- type TeleportKubernetesResource
- type TeleportResourceClient
- type TeleportResourceReconciler
- func NewGithubConnectorReconciler(client kclient.Client, accessor sidecar.ClientAccessor) ...
- func NewOIDCConnectorReconciler(client kclient.Client, accessor sidecar.ClientAccessor) ...
- func NewSAMLConnectorReconciler(client kclient.Client, accessor sidecar.ClientAccessor) ...
- func NewTeleportResourceReconciler[T types.ResourceWithOrigin, K TeleportKubernetesResource[T]](client kclient.Client, resourceClient TeleportResourceClient[T]) *TeleportResourceReconciler[T, K]
- func (r TeleportResourceReconciler[T, K]) Delete(ctx context.Context, obj kclient.Object) error
- func (r TeleportResourceReconciler[T, K]) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
- func (r TeleportResourceReconciler[T, K]) SetupWithManager(mgr ctrl.Manager) error
- func (r TeleportResourceReconciler[T, K]) Upsert(ctx context.Context, obj kclient.Object) error
- type UpsertExternal
- type UserReconciler
- func (r *UserReconciler) Delete(ctx context.Context, obj kclient.Object) error
- func (r *UserReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
- func (r *UserReconciler) SetupWithManager(mgr ctrl.Manager) error
- func (r *UserReconciler) Upsert(ctx context.Context, obj kclient.Object) error
Constants ¶
const ( ConditionReasonFailedToDecode = "FailedToDecode" ConditionReasonOriginLabelNotMatching = "OriginLabelNotMatching" ConditionReasonOriginLabelMatching = "OriginLabelMatching" ConditionReasonNewResource = "NewResource" ConditionReasonNoError = "NoError" ConditionReasonTeleportError = "TeleportError" ConditionTypeTeleportResourceOwned = "TeleportResourceOwned" ConditionTypeSuccessfullyReconciled = "SuccessfullyReconciled" ConditionTypeValidStructure = "ValidStructure" )
const DeletionFinalizer = "resources.teleport.dev/deletion"
DeletionFinalizer is a name of finalizer added to resource's 'finalizers' field for tracking deletion events.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ResourceBaseReconciler ¶
type ResourceBaseReconciler struct {
kclient.Client
DeleteExternal DeleteExternal
UpsertExternal UpsertExternal
}
func (ResourceBaseReconciler) Do ¶
func (r ResourceBaseReconciler) Do(ctx context.Context, req ctrl.Request, obj kclient.Object) (ctrl.Result, error)
Do will receive an update request and reconcile the resource.
When an event arrives we must propagate that change into the Teleport cluster. We have two types of events: update/create and delete.
For creating/updating we check if the resource exists in Teleport - if it does, we update it - otherwise we create it Always using the state of the resource in the cluster as the source of truth.
For deleting, the recommendation is to use finalizers. Finalizers allow us to map an external resource to a kubernetes resource. So, when we create or update a resource, we add our own finalizer to the kubernetes resource list of finalizers.
For a delete event which has our finalizer: the resource is deleted in Teleport. If it doesn't have the finalizer, we do nothing.
----
Every time we update a resource in Kubernetes (adding finalizers or the OriginLabel), we end the reconciliation process. Afterwards, we receive the request again and we progress to the next step. This allow us to progress with smaller changes and avoid a long-running reconciliation.
type RoleReconciler ¶
type RoleReconciler struct {
kclient.Client
Scheme *runtime.Scheme
TeleportClientAccessor sidecar.ClientAccessor
}
RoleReconciler reconciles a TeleportRole object
func (*RoleReconciler) Reconcile ¶
Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state.
For more details, check Reconcile and its Result here: - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.11.0/pkg/reconcile
func (*RoleReconciler) SetupWithManager ¶
func (r *RoleReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager.
type TeleportKubernetesResource ¶
type TeleportKubernetesResource[T types.Resource] interface { kclient.Object ToTeleport() T StatusConditions() *[]v1.Condition }
TeleportKubernetesResource is a Kubernetes resource representing a Teleport resource
type TeleportResourceClient ¶
type TeleportResourceClient[T types.Resource] interface { Get(context.Context, string) (T, error) Create(context.Context, T) error Update(context.Context, T) error Delete(context.Context, string) error }
TeleportResourceClient is a CRUD client for a specific Teleport resource. Implementing this interface allows to be reconciled by the TeleportResourceReconciler instead of writing a new specific reconciliation loop.
type TeleportResourceReconciler ¶
type TeleportResourceReconciler[T types.ResourceWithOrigin, K TeleportKubernetesResource[T]] struct { ResourceBaseReconciler // contains filtered or unexported fields }
TeleportResourceReconciler is a Teleport generic reconciler. It reconciles TeleportKubernetesResource with Teleport's types.ResourceWithOrigin
func NewGithubConnectorReconciler ¶
func NewGithubConnectorReconciler(client kclient.Client, accessor sidecar.ClientAccessor) *TeleportResourceReconciler[types.GithubConnector, *resourcesv3.TeleportGithubConnector]
NewGithubConnectorReconciler instantiates a new Kubernetes controller reconciling github_connector resources
func NewOIDCConnectorReconciler ¶
func NewOIDCConnectorReconciler(client kclient.Client, accessor sidecar.ClientAccessor) *TeleportResourceReconciler[types.OIDCConnector, *resourcesv3.TeleportOIDCConnector]
NewOIDCConnectorReconciler instantiates a new Kubernetes controller reconciling oidc_connector resources
func NewSAMLConnectorReconciler ¶
func NewSAMLConnectorReconciler(client kclient.Client, accessor sidecar.ClientAccessor) *TeleportResourceReconciler[types.SAMLConnector, *resourcesv2.TeleportSAMLConnector]
NewSAMLConnectorReconciler instantiates a new Kubernetes controller reconciling saml_connector resources
func NewTeleportResourceReconciler ¶
func NewTeleportResourceReconciler[T types.ResourceWithOrigin, K TeleportKubernetesResource[T]]( client kclient.Client, resourceClient TeleportResourceClient[T]) *TeleportResourceReconciler[T, K]
NewTeleportResourceReconciler instanciates a TeleportResourceReconciler from a TeleportResourceClient.
func (TeleportResourceReconciler[T, K]) Delete ¶
Delete is the TeleportResourceReconciler of the ResourceBaseReconciler DeleteExertal
func (TeleportResourceReconciler[T, K]) Reconcile ¶
func (r TeleportResourceReconciler[T, K]) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile allows the TeleportResourceReconciler to implement the reconcile.Reconciler interface
func (TeleportResourceReconciler[T, K]) SetupWithManager ¶
func (r TeleportResourceReconciler[T, K]) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager have a controllerruntime.Manager run the TeleportResourceReconciler
func (TeleportResourceReconciler[T, K]) Upsert ¶
Upsert is the TeleportResourceReconciler of the ResourceBaseReconciler UpsertExertal It contains the logic to check if the resource already exists, if it is owned by the operator and what to do to reconcile the Teleport resource based on the Kubernetes one.
type UserReconciler ¶
type UserReconciler struct {
kclient.Client
Scheme *runtime.Scheme
TeleportClientAccessor sidecar.ClientAccessor
}
UserReconciler reconciles a TeleportUser object
func (*UserReconciler) Reconcile ¶
Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state.
For more details, check Reconcile and its Result here: - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.11.0/pkg/reconcile
func (*UserReconciler) SetupWithManager ¶
func (r *UserReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager.
Source Files