common

package
v2.21.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 29, 2022 License: Apache-2.0 Imports: 34 Imported by: 1

Documentation

Index

Constants

View Source
const (
	// NameLabel is the label containing the application's name.
	NameLabel = "app.kubernetes.io/name"

	// VersionLabel is the label containing the application's version.
	VersionLabel = resources.VersionLabel

	// InstanceLabel is A unique name identifying the instance of an application.
	InstanceLabel = "app.kubernetes.io/instance"

	// ComponentLabel is the label of the component within the architecture.
	ComponentLabel = "app.kubernetes.io/component"

	DockercfgSecretName = "dockercfg"

	WebhookServiceName        = "kubermatic-webhook"
	WebhookRoleName           = "kubermatic-webhook"
	WebhookRoleBindingName    = "kubermatic-webhook"
	WebhookServiceAccountName = "kubermatic-webhook"

	// SeedWebhookServiceName is deprecated and only exists to facilitate cleanup by the operator.
	SeedWebhookServiceName = "seed-webhook"
	// ClusterWebhookServiceName is deprecated and only exists to facilitate cleanup by the operator.
	ClusterWebhookServiceName = "cluster-webhook"

	// UserSSHKeyAdmissionWebhookName is the name of the validating and mutation webhooks for UserSSHKeys.
	UserSSHKeyAdmissionWebhookName = "kubermatic-usersshkeys"

	// UserAdmissionWebhookName is the name of the validating webhook for Users.
	UserAdmissionWebhookName = "kubermatic-users"

	// ResourceQuotaAdmissionWebhookName is the name of the validating and mutating webhook for ResourceQuotas.
	ResourceQuotaAdmissionWebhookName = "kubermatic-resourcequotas"

	// ExternalClusterAdmissionWebhookName is the name of the mutating webhook for ExternalClusters.
	ExternalClusterAdmissionWebhookName = "kubermatic-externalclusters"

	// ApplicationDefinitionAdmissionWebhookName is the name of the validating webhook for ApplicationDefnition.
	ApplicationDefinitionAdmissionWebhookName = "kubermatic-application-definitions"

	// GroupProjectBindingAdmissionWebhookName is the name of the validating webhook for GroupProjectBindings.
	GroupProjectBindingAdmissionWebhookName = "kubermatic-groupprojectbindings"

	WebhookServingCASecretName   = "webhook-ca"
	WebhookServingCertSecretName = "webhook-cert"

	IngressName                           = "kubermatic"
	MasterControllerManagerDeploymentName = "kubermatic-master-controller-manager"
	SeedControllerManagerDeploymentName   = "kubermatic-seed-controller-manager"
	WebhookDeploymentName                 = "kubermatic-webhook"

	CleanupFinalizer = "kubermatic.k8c.io/cleanup"

	// SkipReconcilingAnnotation can be used on Seed resources to make
	// the operator ignore them and not reconcile the seed components into
	// the cluster. This should only be used during cluster migrations.
	SkipReconcilingAnnotation = "kubermatic.k8c.io/skip-reconciling"
)
View Source
const (
	// OperatorName is used as the value for ManagedBy labels to establish
	// a weak ownership to reconciled resources.
	OperatorName = "kubermatic-operator"

	// ManagedByLabel is the label used to identify the resources
	// created by this controller.
	ManagedByLabel = "app.kubernetes.io/managed-by"
)

Variables

View Source
var (
	// ManagedByOperatorPredicate is a predicate that matches all resources created by
	// the Kubermatic Operator, based on the ManagedBy label.
	ManagedByOperatorPredicate = predicate.Factory(func(o ctrlruntimeclient.Object) bool {
		for _, ref := range o.GetOwnerReferences() {
			if isKubermaticConfiguration(ref) || isSeed(ref) {
				return true
			}
		}

		return false
	})

	// ManagedByOperatorSelector is a label selector that matches all resources created by
	// the Kubermatic Operator.
	ManagedByOperatorSelector, _ = labels.NewRequirement(ManagedByLabel, selection.Equals, []string{OperatorName})
)

Functions

func CRDCreator added in v2.21.0

CRDCreator will reconcile a CRD, but only if the existing CRD is older or the same version (i.e. this function will never downgrade a CRD). Up- and downgrading is only defined for KKP CRDs which have a version annotation.

func CleanupClusterResource

func CleanupClusterResource(ctx context.Context, client ctrlruntimeclient.Client, obj ctrlruntimeclient.Object, name string) error

CleanupClusterResource attempts to find a cluster-wide resource and deletes it if it was found. If no resource with the given name exists, nil is returned.

func CleanupWebhookServices added in v2.21.0

func CleanupWebhookServices(ctx context.Context, client ctrlruntimeclient.Client, logger *zap.SugaredLogger, namespace string)

CleanupWebhookServices removes the unused webhook services. It's here because we need to exact same logic on master and seed clusters.

func DeleteObject added in v2.21.0

func DeleteObject(ctx context.Context, client ctrlruntimeclient.Client, name, namespace string, obj ctrlruntimeclient.Object) error

func DeleteService added in v2.21.0

func DeleteService(ctx context.Context, client ctrlruntimeclient.Client, name, namespace string) error

func KubermaticConfigurationAdmissionWebhookName added in v2.21.0

func KubermaticConfigurationAdmissionWebhookName(cfg *kubermaticv1.KubermaticConfiguration) string

func OwnershipModifierFactory

func OwnershipModifierFactory(owner metav1.Object, scheme *runtime.Scheme) reconciling.ObjectModifier

OwnershipModifierFactory is generating a new ObjectModifier that wraps an ObjectCreator and takes care of applying the ownership and other labels for all managed objects.

func ProxyEnvironmentVars

func ProxyEnvironmentVars(cfg *kubermaticv1.KubermaticConfiguration) []corev1.EnvVar

func SeedAdmissionWebhookName

func SeedAdmissionWebhookName(cfg *kubermaticv1.KubermaticConfiguration) string

func StringifyFeatureGates

func StringifyFeatureGates(cfg *kubermaticv1.KubermaticConfiguration) string

StringifyFeatureGates takes a set of enabled features and returns a comma-separated key=value list like "featureA=true,featureB=true,...". The list of feature gates is sorted, so the output of this function is stable.

func VolumeRevisionLabelsModifierFactory

func VolumeRevisionLabelsModifierFactory(ctx context.Context, client ctrlruntimeclient.Client) reconciling.ObjectModifier

VolumeRevisionLabelsModifierFactory scans volume mounts for pod templates for ConfigMaps and Secrets and will then put new labels for these mounts onto the pod template, causing restarts when the volumes changed.

func WebhookCABundle added in v2.16.3

func WebhookCABundle(ctx context.Context, cfg *kubermaticv1.KubermaticConfiguration, client ctrlruntimeclient.Client) ([]byte, error)

func WebhookClusterRoleBindingName added in v2.21.0

func WebhookClusterRoleBindingName(cfg *kubermaticv1.KubermaticConfiguration) string

func WebhookClusterRoleName added in v2.21.0

func WebhookClusterRoleName(cfg *kubermaticv1.KubermaticConfiguration) string

func WebhookDeploymentCreator added in v2.21.0

func WebhookDeploymentCreator(cfg *kubermaticv1.KubermaticConfiguration, versions kubermatic.Versions, seed *kubermaticv1.Seed, removeSeed bool) reconciling.NamedDeploymentCreatorGetter

WebhookDeploymentCreator returns a DeploymentCreator for the Kubermatic webhook. The removeSeed flag should always be set to false, except for during seed cleanup. This is important because on shared master+seed clusters, when the Seed is removed, the -seed-name flag must be gone. But because the creator is careful to not accidentally remove the flag (so that the master-operator does not wipe the seed-operator's work), a separate parameter is needed to indicate that yes, we want to in fact remove the flag.

func WebhookRoleCreator added in v2.21.0

func WebhookServiceCreator added in v2.21.0

WebhookServiceCreator creates the Service for all KKP webhooks.

func WebhookServingCASecretCreator added in v2.16.3

Types

This section is empty.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL