Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type MCSAllocationFunc ¶
func DefaultMCSAllocation ¶
DefaultMCSAllocation returns a label from the MCS range that matches the offset within the overall range. blockSize must be a positive integer representing the number of labels to jump past in the category space (if 1, range == label, if 2 each range will have two labels).
type NamespaceSecurityDefaultsController ¶
type NamespaceSecurityDefaultsController struct {
// contains filtered or unexported fields
}
NamespaceSecurityDefaultsController allocates uids/labels for namespaces
func NewNamespaceSecurityDefaultsController ¶
func NewNamespaceSecurityDefaultsController(namespaces informers.NamespaceInformer, client kcoreclient.NamespaceInterface, uid uidallocator.Interface, mcs MCSAllocationFunc) *NamespaceSecurityDefaultsController
func (*NamespaceSecurityDefaultsController) Run ¶
func (c *NamespaceSecurityDefaultsController) Run(stopCh <-chan struct{}, workers int)
Run starts the workers for this controller.
type Repair ¶
type Repair struct {
// contains filtered or unexported fields
}
Repair is a controller loop that periodically examines all UID allocations and logs any errors, and then sets the compacted and accurate list of both
Can be run at infrequent intervals, and is best performed on startup of the master. Is level driven and idempotent - all claimed UIDs will be updated into the allocator map at the end of a single execution loop if no race is encountered.
func NewRepair ¶
func NewRepair(interval time.Duration, client kcoreclient.NamespaceInterface, uidRange *uid.Range, alloc rangeallocation.RangeRegistry) *Repair
NewRepair creates a controller that periodically ensures that all UIDs labels that are allocated in the cluster are claimed.
Source Files