Documentation ¶
Index ¶
- Constants
- func APIDeploymentCreator(ctx context.Context, data openshiftData) reconciling.NamedDeploymentCreatorGetter
- func APIServerOauthMetadataConfigMapCreator(data openshiftData) reconciling.NamedConfigMapCreatorGetter
- func CloudCredentialOperator(data openshiftData) reconciling.NamedDeploymentCreatorGetter
- func ConsoleConfigCreator(data openshiftData) reconciling.NamedConfigMapCreatorGetter
- func ConsoleDeployment(data openshiftData) reconciling.NamedDeploymentCreatorGetter
- func ConsoleServingCertCreator(caGetter servingcerthelper.CAGetter) reconciling.NamedSecretCreatorGetter
- func ExternalX509KubeconfigCreator(data openshiftData) reconciling.NamedSecretCreatorGetter
- func GetLoopbackKubeconfigCreator(ctx context.Context, data loopbackKubeconfigCreatorData, ...) reconciling.NamedSecretCreatorGetter
- func ImagePullSecretCreator(cluster *kubermaticv1.Cluster) reconciling.NamedSecretCreatorGetter
- func KubeControllerManagerConfigMapCreatorFactory(data kubeControllerManagerConfigData) reconciling.NamedConfigMapCreatorGetter
- func KubeControllerManagerDeploymentCreatorFactory(data kubeControllerManagerData) reconciling.NamedDeploymentCreatorGetter
- func KubeSchedulerConfigMapCreator() (string, reconciling.ConfigMapCreator)
- func KubeSchedulerDeploymentCreator(data openshiftData) reconciling.NamedDeploymentCreatorGetter
- func KubeSchedulerServingCertCreator(caGetter servingcerthelper.CAGetter) reconciling.NamedSecretCreatorGetter
- func MachineController(osData openshiftData) reconciling.NamedDeploymentCreatorGetter
- func MachineControllerRole() (types.NamespacedName, reconciling.RoleCreator)
- func MachineControllerRoleBinding() (types.NamespacedName, reconciling.RoleBindingCreator)
- func OauthConfigMapCreator(data openshiftData) reconciling.NamedConfigMapCreatorGetter
- func OauthDeploymentCreator(data openshiftData) reconciling.NamedDeploymentCreatorGetter
- func OauthOCPBrandingSecretCreator() (string, reconciling.SecretCreator)
- func OauthServiceCreator(exposeStrategy kubermaticv1.ExposeStrategy) reconciling.NamedServiceCreatorGetter
- func OauthSessionSecretCreator() (string, reconciling.SecretCreator)
- func OauthTLSServingCertCreator(data openshiftData) reconciling.NamedSecretCreatorGetter
- func OpenShiftTLSServingCertificateCreator(data tlsServingCertCreatorData) reconciling.NamedSecretCreatorGetter
- func OpenshiftAPIServerConfigMapCreator(data openshiftAPIServerCreatorData) reconciling.NamedConfigMapCreatorGetter
- func OpenshiftAPIServerDeploymentCreator(ctx context.Context, data openshiftData) reconciling.NamedDeploymentCreatorGetter
- func OpenshiftAPIServiceCreator() (string, reconciling.ServiceCreator)
- func OpenshiftControllerManagerConfigMapCreator(data openshiftData) reconciling.NamedConfigMapCreatorGetter
- func OpenshiftControllerManagerDeploymentCreator(ctx context.Context, data openshiftData) reconciling.NamedDeploymentCreatorGetter
- func OpenshiftControllerManagerServingCertSecretCreator(caGetter servingcerthelper.CAGetter) reconciling.NamedSecretCreatorGetter
- func OpenshiftDNSOperatorFactory(data openshiftData) reconciling.NamedDeploymentCreatorGetter
- func OpenshiftImageWithRegistry(image, componentName, version, registry string) (string, error)
- func OpenshiftKubeAPIServerConfigMapCreator(data masterConfigData) reconciling.NamedConfigMapCreatorGetter
- func OpenshiftNetworkOperatorCreatorFactory(data openshiftData) reconciling.NamedDeploymentCreatorGetter
- func RegistryOperatorFactory(data openshiftData) reconciling.NamedDeploymentCreatorGetter
- func ServiceSignerCA() reconciling.NamedSecretCreatorGetter
- type SessionSecret
- type SessionSecrets
Constants ¶
const ( ConsoleOAuthSecretName = "openshift-console-oauth-client-secret" // ConsoleAdminPasswordSecretName is the name of the secret that contains // the bootstrap admin user for Openshift OAuth ConsoleAdminPasswordSecretName = "openshift-bootstrap-password" // ConsoleAdminUserName is the name of the bootstrap admin user for oauth/the console ConsoleAdminUserName = "kubeadmin" // ConsoleListenPort is the port the console listens on ConsoleListenPort = 8443 )
const ( OauthName = "openshift-oauth" // OAuthServiceName is the name of the OAuthService OAuthServiceName = OauthName )
const ( OpenshiftAPIServerDeploymentName = "openshift-apiserver" OpenshiftAPIServerServiceName = OpenshiftAPIServerDeploymentName )
const ExternalX509KubeconfigName = "kubermatic-cluster-admin-secret"
const (
OpenshiftControllerManagerDeploymentName = "openshift-controller-manager"
)
const (
// RegistryNamespaceName is the name in which the registry is getting created by the openshift registry operator
RegistryNamespaceName = "openshift-image-registry"
)
const ServiceSignerCASecretName = "service-signer-ca"
Variables ¶
This section is empty.
Functions ¶
func APIDeploymentCreator ¶
func APIDeploymentCreator(ctx context.Context, data openshiftData) reconciling.NamedDeploymentCreatorGetter
DeploymentCreator returns the function to create and update the API server deployment
func APIServerOauthMetadataConfigMapCreator ¶
func APIServerOauthMetadataConfigMapCreator(data openshiftData) reconciling.NamedConfigMapCreatorGetter
func CloudCredentialOperator ¶
func CloudCredentialOperator(data openshiftData) reconciling.NamedDeploymentCreatorGetter
func ConsoleConfigCreator ¶
func ConsoleConfigCreator(data openshiftData) reconciling.NamedConfigMapCreatorGetter
func ConsoleDeployment ¶
func ConsoleDeployment(data openshiftData) reconciling.NamedDeploymentCreatorGetter
func ConsoleServingCertCreator ¶
func ConsoleServingCertCreator(caGetter servingcerthelper.CAGetter) reconciling.NamedSecretCreatorGetter
func ExternalX509KubeconfigCreator ¶
func ExternalX509KubeconfigCreator(data openshiftData) reconciling.NamedSecretCreatorGetter
func GetLoopbackKubeconfigCreator ¶
func GetLoopbackKubeconfigCreator(ctx context.Context, data loopbackKubeconfigCreatorData, log *zap.SugaredLogger) reconciling.NamedSecretCreatorGetter
GetLoopbackKubeconfigCreator is a function to return a secret generator to create a kubeconfig which must only by the openshift-apiserver itself as it uses 127.0.0.1 as address It is required because the Apiserver tries to talk to itself before it is ready, hence it doesn't appear as valid endpoint on the service
func ImagePullSecretCreator ¶
func ImagePullSecretCreator(cluster *kubermaticv1.Cluster) reconciling.NamedSecretCreatorGetter
func KubeControllerManagerConfigMapCreatorFactory ¶
func KubeControllerManagerConfigMapCreatorFactory(data kubeControllerManagerConfigData) reconciling.NamedConfigMapCreatorGetter
func KubeControllerManagerDeploymentCreatorFactory ¶
func KubeControllerManagerDeploymentCreatorFactory(data kubeControllerManagerData) reconciling.NamedDeploymentCreatorGetter
func KubeSchedulerConfigMapCreator ¶
func KubeSchedulerConfigMapCreator() (string, reconciling.ConfigMapCreator)
func KubeSchedulerDeploymentCreator ¶
func KubeSchedulerDeploymentCreator(data openshiftData) reconciling.NamedDeploymentCreatorGetter
DeploymentCreator returns the function to create and update the scheduler deployment
func KubeSchedulerServingCertCreator ¶
func KubeSchedulerServingCertCreator(caGetter servingcerthelper.CAGetter) reconciling.NamedSecretCreatorGetter
func MachineController ¶
func MachineController(osData openshiftData) reconciling.NamedDeploymentCreatorGetter
func MachineControllerRole ¶
func MachineControllerRole() (types.NamespacedName, reconciling.RoleCreator)
func MachineControllerRoleBinding ¶
func MachineControllerRoleBinding() (types.NamespacedName, reconciling.RoleBindingCreator)
func OauthConfigMapCreator ¶
func OauthConfigMapCreator(data openshiftData) reconciling.NamedConfigMapCreatorGetter
func OauthDeploymentCreator ¶
func OauthDeploymentCreator(data openshiftData) reconciling.NamedDeploymentCreatorGetter
func OauthOCPBrandingSecretCreator ¶
func OauthOCPBrandingSecretCreator() (string, reconciling.SecretCreator)
func OauthServiceCreator ¶
func OauthServiceCreator(exposeStrategy kubermaticv1.ExposeStrategy) reconciling.NamedServiceCreatorGetter
OauthServiceCreator returns the function to reconcile the external Oauth service
func OauthSessionSecretCreator ¶
func OauthSessionSecretCreator() (string, reconciling.SecretCreator)
func OauthTLSServingCertCreator ¶
func OauthTLSServingCertCreator(data openshiftData) reconciling.NamedSecretCreatorGetter
func OpenShiftTLSServingCertificateCreator ¶
func OpenShiftTLSServingCertificateCreator(data tlsServingCertCreatorData) reconciling.NamedSecretCreatorGetter
func OpenshiftAPIServerConfigMapCreator ¶
func OpenshiftAPIServerConfigMapCreator(data openshiftAPIServerCreatorData) reconciling.NamedConfigMapCreatorGetter
func OpenshiftAPIServerDeploymentCreator ¶
func OpenshiftAPIServerDeploymentCreator(ctx context.Context, data openshiftData) reconciling.NamedDeploymentCreatorGetter
OpenshiftAPIServerDeploymentCreator returns the deployment creator for the Openshift APIServer This can not be part of the openshift-kube-apiserver pod, because the openshift-apiserver needs some CRD definitions to work and get ready, however we can not talk to the API until at least one pod is ready, preventing us from creating those CRDs
func OpenshiftAPIServiceCreator ¶
func OpenshiftAPIServiceCreator() (string, reconciling.ServiceCreator)
func OpenshiftControllerManagerConfigMapCreator ¶
func OpenshiftControllerManagerConfigMapCreator(data openshiftData) reconciling.NamedConfigMapCreatorGetter
func OpenshiftControllerManagerDeploymentCreator ¶
func OpenshiftControllerManagerDeploymentCreator(ctx context.Context, data openshiftData) reconciling.NamedDeploymentCreatorGetter
OpenshiftControllerManagerDeploymentCreator returns the function to create and update the controller manager deployment
func OpenshiftControllerManagerServingCertSecretCreator ¶
func OpenshiftControllerManagerServingCertSecretCreator(caGetter servingcerthelper.CAGetter) reconciling.NamedSecretCreatorGetter
OpenshiftControllerManagerServingCertSecretCreator returns the function to create and update the serving cert for the openshift controller manager
func OpenshiftDNSOperatorFactory ¶
func OpenshiftDNSOperatorFactory(data openshiftData) reconciling.NamedDeploymentCreatorGetter
func OpenshiftImageWithRegistry ¶
OpenshiftImageWithRegistry will return docker image name for Openshift images. The function is digest-aware and can be used with the overwriteRegistry option and with image-loader.
func OpenshiftKubeAPIServerConfigMapCreator ¶
func OpenshiftKubeAPIServerConfigMapCreator(data masterConfigData) reconciling.NamedConfigMapCreatorGetter
func OpenshiftNetworkOperatorCreatorFactory ¶
func OpenshiftNetworkOperatorCreatorFactory(data openshiftData) reconciling.NamedDeploymentCreatorGetter
func RegistryOperatorFactory ¶
func RegistryOperatorFactory(data openshiftData) reconciling.NamedDeploymentCreatorGetter
func ServiceSignerCA ¶
func ServiceSignerCA() reconciling.NamedSecretCreatorGetter
ServiceSignerCA is Openshift-specific CA used to create serving certs for workloads on-demand See https://github.com/openshift/openshift-docs/pull/2324/files
Types ¶
type SessionSecret ¶
type SessionSecret struct { // Authentication is used to authenticate sessions using HMAC. Recommended to use a secret with 32 or 64 bytes. Authentication string `json:"authentication"` // Encryption is used to encrypt sessions. Must be 16, 24, or 32 characters long, to select AES-128, AES- Encryption string `json:"encryption"` }
SessionSecret is a secret used to authenticate/decrypt cookie-based sessions
type SessionSecrets ¶
type SessionSecrets struct { metav1.TypeMeta `json:",inline"` // Secrets is a list of secrets // New sessions are signed and encrypted using the first secret. // Existing sessions are decrypted/authenticated by each secret until one succeeds. This allows rotating secrets. Secrets []SessionSecret `json:"secrets"` }
Copied code start
SessionSecrets list the secrets to use to sign/encrypt and authenticate/decrypt created sessions.
Source Files ¶
- cloud_credential_operator.go
- console.go
- const.go
- controlplane_configmap.go
- dns_operator.go
- external_x509_kubeconfig.go
- image_pull_secret.go
- interfaces.go
- kube_apiserver_deployment.go
- kube_controller_manager.go
- kube_scheduler.go
- loopback_kubeconfig.go
- machinecontroller.go
- machinecontroller_rbac.go
- oauth.go
- oauth_branding.go
- openshift_apiserver_deployment.go
- openshift_apiserver_serving_cert.go
- openshift_controller_manager.go
- openshift_network_operator.go
- registry_operator.go
- service_signer_ca.go
- utils.go
- zz_generated_image_tags.go