Documentation ¶
Overview ¶
Package controller contains all our controllers. They are sorted by binary they run in, which means that for all folders here a corresponding folder in the `cmd/` directory has to exist.
The only exception here are the `util` package which does not contain any controllers but some helpers and the `shared` package which contains controllers that run within more than one binary.
Directories ¶
Path | Synopsis |
---|---|
Package kubeletdnat contains the kubeletdnat controller which: * Is needed for all controlplane components running in the seed that need to reach nodes * Is not needed if reaching the pods is sufficient * Must be used in conjunction with the openvpn client * Creates NAT rules for both the public and private node IP that tunnels access to them via the VPN * Its counterpart runs within the openvpn client pod in the usercluster, is part of the openvpn addon and written in bash
|
Package kubeletdnat contains the kubeletdnat controller which: * Is needed for all controlplane components running in the seed that need to reach nodes * Is not needed if reaching the pods is sufficient * Must be used in conjunction with the openvpn client * Creates NAT rules for both the public and private node IP that tunnels access to them via the VPN * Its counterpart runs within the openvpn client pod in the usercluster, is part of the openvpn addon and written in bash |
Package mastercontrollermanager contains all controllers that run within the master-controller-manager binary.
|
Package mastercontrollermanager contains all controllers that run within the master-controller-manager binary. |
master-constraint-template-controller
Package masterconstrainttemplatecontroller contains a controller that is responsible for ensuring that the kubermatic constraint templates are synced from master to the seed clusters.
|
Package masterconstrainttemplatecontroller contains a controller that is responsible for ensuring that the kubermatic constraint templates are synced from master to the seed clusters. |
project-label-synchronizer
Package projectlabelsynchronizer contains a controller that synchronizes labels from a project onto all the clusters that belong to the project, without allowing them to be overridden.
|
Package projectlabelsynchronizer contains a controller that synchronizes labels from a project onto all the clusters that belong to the project, without allowing them to be overridden. |
project-sync
Package proejctsync contains a controller that is responsible for ensuring that the kubermatic Project objects are synced from master to the seed clusters.
|
Package proejctsync contains a controller that is responsible for ensuring that the kubermatic Project objects are synced from master to the seed clusters. |
rbac
Package rbac contains a controller that is responsible for setting up RBAC to allow users to access the clusters they should be able to access.
|
Package rbac contains a controller that is responsible for setting up RBAC to allow users to access the clusters they should be able to access. |
seed-proxy
Package seedproxy contains a controller that is responsible for creating various resources in the master cluster to be able to access the other seeds clusters prometheus, leveraring `kubectl proxy` under the hood.
|
Package seedproxy contains a controller that is responsible for creating various resources in the master cluster to be able to access the other seeds clusters prometheus, leveraring `kubectl proxy` under the hood. |
seed-sync
Package seedsync contains a controller that is responsible for synchronizing the `Seed` custom resources onto the corresponding seed clusters, so that the seed-controller-manager can use them.
|
Package seedsync contains a controller that is responsible for synchronizing the `Seed` custom resources onto the corresponding seed clusters, so that the seed-controller-manager can use them. |
usersshkeyssynchronizer
The usersshkeyssynchronizer controller is responsible for synchronizing usersshkeys into a secret in the cluster namespace.
|
The usersshkeyssynchronizer controller is responsible for synchronizing usersshkeys into a secret in the cluster namespace. |
nodeport-proxy
|
|
Package operator contains all controllers that run within the kubermatic operator binary.
|
Package operator contains all controllers that run within the kubermatic operator binary. |
seed/resources/nodeportproxy
Package nodeportproxy is responsible for reconciling a seed-cluster-wide proxy based on Envoy and a custom envoy-manager/lb-updater tools.
|
Package nodeportproxy is responsible for reconciling a seed-cluster-wide proxy based on Envoy and a custom envoy-manager/lb-updater tools. |
Package seedcontrollermanager contains a package for each controller that runs within the seed controller manager binary.
|
Package seedcontrollermanager contains a package for each controller that runs within the seed controller manager binary. |
addon
Package addon contains a controller that applies addons based on a Addon CRD.
|
Package addon contains a controller that applies addons based on a Addon CRD. |
addoninstaller
Package addoninstaller contains a controller that is responsible for making sure a set of addons that are configured via a flag on the controller-manager and are required for basic cluster functionality exist for all clusters.
|
Package addoninstaller contains a controller that is responsible for making sure a set of addons that are configured via a flag on the controller-manager and are required for basic cluster functionality exist for all clusters. |
backup
Package backup contains a controller that is responsible for creating backup-related resources.
|
Package backup contains a controller that is responsible for creating backup-related resources. |
cloud
Package cloud contains a controller that is responsible for creating cluster-level resources at the cloud provider, like networks, subnets or security groups.
|
Package cloud contains a controller that is responsible for creating cluster-level resources at the cloud provider, like networks, subnets or security groups. |
clustercomponentdefaulter
Package clustercomponentdefaulter contains a controller that is responsible for applying some defaults for various controlplane components, but never overwrites them to make out-of-tree customization is still possible.
|
Package clustercomponentdefaulter contains a controller that is responsible for applying some defaults for various controlplane components, but never overwrites them to make out-of-tree customization is still possible. |
constraint-template-controller
Package constrainttemplatecontroller contains a controller that is responsible for ensuring that the kubermatic constraint templates are synced to the user cluster.
|
Package constrainttemplatecontroller contains a controller that is responsible for ensuring that the kubermatic constraint templates are synced to the user cluster. |
initialmachinedeployment
Package initialmachinedeployment contains a controller that watches Cluster resources and will transform the InitialMachineDeployment annotation into an actual MachineDeployment once the cluster has become ready.
|
Package initialmachinedeployment contains a controller that watches Cluster resources and will transform the InitialMachineDeployment annotation into an actual MachineDeployment once the cluster has become ready. |
kubernetes
Package kubernetes contains a controller that reconciles all controlplane components in the seed needed for Kubernetes clusters.
|
Package kubernetes contains a controller that reconciles all controlplane components in the seed needed for Kubernetes clusters. |
monitoring
Package monitoring contains a controller that reconciles all monitoring-related components for all cluster types in the seed.
|
Package monitoring contains a controller that reconciles all monitoring-related components for all cluster types in the seed. |
openshift
Package openshift contains a controller that reconciles all controlplane components in the seed needed for Openshift clusters.
|
Package openshift contains a controller that reconciles all controlplane components in the seed needed for Openshift clusters. |
pvwatcher
Package pvwatcher contains a controller that is responsible for monitoring and recovering users' clusters etcd plane PVs.
|
Package pvwatcher contains a controller that is responsible for monitoring and recovering users' clusters etcd plane PVs. |
rancher
Package rancher contains a controller responsible for reconciling all rancher-related resources in the seed for Kubernetes clusters, as Rancher doesn't support openshift.
|
Package rancher contains a controller responsible for reconciling all rancher-related resources in the seed for Kubernetes clusters, as Rancher doesn't support openshift. |
seedresourcesuptodatecondition
Package seedresourcesuptodatecondition contains a controller that is responsible for: * Setting a condition on the cluster object when all Deployments and Statefulsets were fully rolled out * This condition serves the purpose of limiting the load imposed on the seed * All controllers that create Deployments or Statefulsets in the seed must respect it via `controllerutil.ClusterAvailableForReconciling`
|
Package seedresourcesuptodatecondition contains a controller that is responsible for: * Setting a condition on the cluster object when all Deployments and Statefulsets were fully rolled out * This condition serves the purpose of limiting the load imposed on the seed * All controllers that create Deployments or Statefulsets in the seed must respect it via `controllerutil.ClusterAvailableForReconciling` |
update
Package update contains a controller that auto applies updates to both the cluster version and the machine version based on a configuration file.
|
Package update contains a controller that auto applies updates to both the cluster version and the machine version based on a configuration file. |
Package shared contains all controllers that are imported by more than one controller-manager
|
Package shared contains all controllers that are imported by more than one controller-manager |
Package userclustercontrollermanager contains all controllers running in the usercluster controller manager binary.
|
Package userclustercontrollermanager contains all controllers running in the usercluster controller manager binary. |
cluster-role-labeler
Package clusterrolelabeler contains a controller that is responsible for ensuring that the viewer, editor and admin clusterroles have a `component: userClusterRole` label associated.
|
Package clusterrolelabeler contains a controller that is responsible for ensuring that the viewer, editor and admin clusterroles have a `component: userClusterRole` label associated. |
constraint-syncer
Package constraint syncer contains the controller which is responsible for syncing the kubermatic Constraints to the user cluster as gatekeeper constraints.
|
Package constraint syncer contains the controller which is responsible for syncing the kubermatic Constraints to the user cluster as gatekeeper constraints. |
container-linux
Package containerlinux contains the containerlinux controller that is responsible for deploying the [Container Linux Update Operator](https://github.com/coreos/container-linux-update-operator) operator and DaemonSet
|
Package containerlinux contains the containerlinux controller that is responsible for deploying the [Container Linux Update Operator](https://github.com/coreos/container-linux-update-operator) operator and DaemonSet |
flatcar
Package flatcar linux contains the flatcar linux controller that is responsible for deploying the [Flatcar Linux Update Operator](https://github.com/kinvolk/flatcar-linux-update-operator) operator and DaemonSet
|
Package flatcar linux contains the flatcar linux controller that is responsible for deploying the [Flatcar Linux Update Operator](https://github.com/kinvolk/flatcar-linux-update-operator) operator and DaemonSet |
ipam
Package ipam contains a controller responsible for assigning IP addresses from a configured pool to machines that have an annotation keyed `machine-controller.kubermatic.io/initializers` which contains the value ipam.
|
Package ipam contains a controller responsible for assigning IP addresses from a configured pool to machines that have an annotation keyed `machine-controller.kubermatic.io/initializers` which contains the value ipam. |
node-labeler
Package nodelabeler contains a controller that ensures Nodes have various labels present at all times: * A `x-kubernetes.io/distribution` label with a value of `centos`, `ubuntu`, `container-linux`, `rhel` or `sles` * A set of labels configured on the controller via a flag that are inherited from the cluster object
|
Package nodelabeler contains a controller that ensures Nodes have various labels present at all times: * A `x-kubernetes.io/distribution` label with a value of `centos`, `ubuntu`, `container-linux`, `rhel` or `sles` * A set of labels configured on the controller via a flag that are inherited from the cluster object |
nodecsrapprover
Package nodecsrapprover contains a controller responsible for autoapproving CSRs created by nodes for serving certificates.
|
Package nodecsrapprover contains a controller responsible for autoapproving CSRs created by nodes for serving certificates. |
openshift-master-node-labeler
Package openshiftmasternodelabeler contains a controller that makes sure there is always one randomly selected nodes with a `node-role.kubernetes.io/master` label on it.
|
Package openshiftmasternodelabeler contains a controller that makes sure there is always one randomly selected nodes with a `node-role.kubernetes.io/master` label on it. |
openshift-seed-syncer
The openshiftseedsyncer controller is responsible for syncing resources from Openshift userclusters into the seed cluster namespace.
|
The openshiftseedsyncer controller is responsible for syncing resources from Openshift userclusters into the seed cluster namespace. |
owner-binding-creator
The ownerbindingcreator controller is responsible for making sure that the binding exists and if it doesn't, will create it and use the cluster owner as subject.
|
The ownerbindingcreator controller is responsible for making sure that the binding exists and if it doesn't, will create it and use the cluster owner as subject. |
resources
Package resources contains the resources controller responsible for making sure the various Kubernetes resources we need in the usercluster like RBAC, Deployments, ServiceAccounts and much more are present.
|
Package resources contains the resources controller responsible for making sure the various Kubernetes resources we need in the usercluster like RBAC, Deployments, ServiceAccounts and much more are present. |
role-cloner
Package rolecloner contains a controller that duplicates all roles with the `component=userClusterRole` label that are in the kube-system namespace into all other namespaces.
|
Package rolecloner contains a controller that duplicates all roles with the `component=userClusterRole` label that are in the kube-system namespace into all other namespaces. |
Package usersshkeysagent contains the usersshkeysagent controller, which is deployed as a DaemonSet on all usercluster nodes and responsible for synchronizing the `$HOME/.ssh/authorized_keys` file for all users we know about (root, core, ubuntu, centos) and that exist with the content of a secret.
|
Package usersshkeysagent contains the usersshkeysagent controller, which is deployed as a DaemonSet on all usercluster nodes and responsible for synchronizing the `$HOME/.ssh/authorized_keys` file for all users we know about (root, core, ubuntu, centos) and that exist with the content of a secret. |
Package util contains helpers for building controllers.
|
Package util contains helpers for building controllers. |
Click to show internal directories.
Click to hide internal directories.