resources

package
v3.0.0-...-d6c4d9c Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 14, 2023 License: Apache-2.0 Imports: 32 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// NameLabel is the label containing the application's name.
	NameLabel = "app.kubernetes.io/name"

	// VersionLabel is the label containing the application's version.
	VersionLabel = resources.VersionLabel

	// InstanceLabel is A unique name identifying the instance of an application.
	InstanceLabel = "app.kubernetes.io/instance"

	// ComponentLabel is the label of the component within the architecture.
	ComponentLabel = "app.kubernetes.io/component"

	DockercfgSecretName = "dockercfg"

	WebhookServiceName        = "kubermatic-webhook"
	WebhookRoleName           = "kubermatic-webhook"
	WebhookRoleBindingName    = "kubermatic-webhook"
	WebhookServiceAccountName = "kubermatic-webhook"

	// SeedWebhookServiceName is deprecated and only exists to facilitate cleanup by the operator.
	SeedWebhookServiceName = "seed-webhook"
	// ClusterWebhookServiceName is deprecated and only exists to facilitate cleanup by the operator.
	ClusterWebhookServiceName = "cluster-webhook"

	// UserSSHKeyAdmissionWebhookName is the name of the validating and mutation webhooks for UserSSHKeys.
	UserSSHKeyAdmissionWebhookName = "kubermatic-usersshkeys"

	// UserAdmissionWebhookName is the name of the validating webhook for Users.
	UserAdmissionWebhookName = "kubermatic-users"

	// ResourceQuotaAdmissionWebhookName is the name of the validating and mutating webhook for ResourceQuotas.
	ResourceQuotaAdmissionWebhookName = "kubermatic-resourcequotas"

	// ExternalClusterAdmissionWebhookName is the name of the mutating webhook for ExternalClusters.
	ExternalClusterAdmissionWebhookName = "kubermatic-externalclusters"

	// ApplicationDefinitionAdmissionWebhookName is the name of the validating webhook for ApplicationDefnition.
	ApplicationDefinitionAdmissionWebhookName = "kubermatic-application-definitions"

	// GroupProjectBindingAdmissionWebhookName is the name of the validating webhook for GroupProjectBindings.
	GroupProjectBindingAdmissionWebhookName = "kubermatic-groupprojectbindings"

	WebhookServingCASecretName   = "webhook-ca"
	WebhookServingCertSecretName = "webhook-cert"

	IngressName                         = "kubermatic"
	SeedControllerManagerDeploymentName = "kubermatic-seed-controller-manager"
	WebhookDeploymentName               = "kubermatic-webhook"

	CleanupFinalizer = "kubermatic.k8c.io/cleanup"

	// SkipReconcilingAnnotation can be used on Seed resources to make
	// the operator ignore them and not reconcile the seed components into
	// the cluster. This should only be used during cluster migrations.
	SkipReconcilingAnnotation = "kubermatic.k8c.io/skip-reconciling"
)
View Source 
const (
	// OperatorName is used as the value for ManagedBy labels to establish
	// a weak ownership to reconciled resources.
	OperatorName = "kubermatic-operator"

	// ManagedByLabel is the label used to identify the resources
	// created by this controller.
	ManagedByLabel = "app.kubernetes.io/managed-by"
)

Variables

View Source 
var (
	// ManagedByOperatorPredicate is a predicate that matches all resources created by
	// the Kubermatic Operator, based on the ManagedBy label.
	ManagedByOperatorPredicate = predicate.Factory(func(o ctrlruntimeclient.Object) bool {
		for _, ref := range o.GetOwnerReferences() {
			if isKubermaticConfiguration(ref) || isSeed(ref) {
				return true
			}
		}

		return false
	})

	// ManagedByOperatorSelector is a label selector that matches all resources created by
	// the Kubermatic Operator.
	ManagedByOperatorSelector, _ = labels.NewRequirement(ManagedByLabel, selection.Equals, []string{OperatorName})
)

Functions

func ApplicationDefinitionMutatingWebhookConfigurationReconciler 

func ApplicationDefinitionMutatingWebhookConfigurationReconciler(ctx context.Context, cfg *kubermaticv1.KubermaticConfiguration, client ctrlruntimeclient.Client) reconciling.NamedMutatingWebhookConfigurationReconcilerFactory

func ApplicationDefinitionValidatingWebhookConfigurationReconciler 

func ApplicationDefinitionValidatingWebhookConfigurationReconciler(ctx context.Context, cfg *kubermaticv1.KubermaticConfiguration, client ctrlruntimeclient.Client) reconciling.NamedValidatingWebhookConfigurationReconcilerFactory

func CRDReconciler 

func CRDReconciler(crd *apiextensionsv1.CustomResourceDefinition, log *zap.SugaredLogger, versions kubermaticversion.Versions) kkpreconciling.NamedCustomResourceDefinitionReconcilerFactory

CRDReconciler will reconcile a CRD, but only if the existing CRD is older or the same version (i.e. this function will never downgrade a CRD). Up- and downgrading is only defined for KKP CRDs which have a version annotation.

func CleanupClusterResource 

func CleanupClusterResource(ctx context.Context, client ctrlruntimeclient.Client, obj ctrlruntimeclient.Object, name string) error

CleanupClusterResource attempts to find a cluster-wide resource and deletes it if it was found. If no resource with the given name exists, nil is returned.

func CleanupWebhookServices 

func CleanupWebhookServices(ctx context.Context, client ctrlruntimeclient.Client, logger *zap.SugaredLogger, namespace string)

CleanupWebhookServices removes the unused webhook services. It's here because we need to exact same logic on master and seed clusters.

func DeleteObject 

func DeleteObject(ctx context.Context, client ctrlruntimeclient.Client, name, namespace string, obj ctrlruntimeclient.Object) error

func DeleteService 

func DeleteService(ctx context.Context, client ctrlruntimeclient.Client, name, namespace string) error

func DockercfgSecretReconciler 

func DockercfgSecretReconciler(cfg *kubermaticv1.KubermaticConfiguration) reconciling.NamedSecretReconcilerFactory

func KubermaticConfigurationAdmissionWebhookName 

func KubermaticConfigurationAdmissionWebhookName(cfg *kubermaticv1.KubermaticConfiguration) string

func KubermaticConfigurationAdmissionWebhookReconciler 

func KubermaticConfigurationAdmissionWebhookReconciler(ctx context.Context, cfg *kubermaticv1.KubermaticConfiguration, client ctrlruntimeclient.Client) reconciling.NamedValidatingWebhookConfigurationReconcilerFactory

func KubermaticProxyEnvironmentVars 

func KubermaticProxyEnvironmentVars(p *kubermaticv1.KubermaticProxyConfiguration) (result []corev1.EnvVar)

KubermaticProxyEnvironmentVars returns ProxySettings from Kubermatic configuration as env vars.

func ProxyEnvironmentVars 

func ProxyEnvironmentVars(p *kubermaticv1.ProxySettings) (result []corev1.EnvVar)

ProxyEnvironmentVars returns ProxySettings as env vars.

func SeedAdmissionWebhookName 

func SeedAdmissionWebhookName(cfg *kubermaticv1.KubermaticConfiguration) string

func SeedAdmissionWebhookReconciler 

func SeedAdmissionWebhookReconciler(ctx context.Context, cfg *kubermaticv1.KubermaticConfiguration, client ctrlruntimeclient.Client) reconciling.NamedValidatingWebhookConfigurationReconcilerFactory

func StringifyFeatureGates 

func StringifyFeatureGates(cfg *kubermaticv1.KubermaticConfiguration) string

StringifyFeatureGates takes a set of enabled features and returns a comma-separated key=value list like "featureA=true,featureB=true,...". The list of feature gates is sorted, so the output of this function is stable.

func WebhookCABundle 

func WebhookCABundle(ctx context.Context, cfg *kubermaticv1.KubermaticConfiguration, client ctrlruntimeclient.Client) ([]byte, error)

func WebhookClusterRoleBindingName 

func WebhookClusterRoleBindingName(cfg *kubermaticv1.KubermaticConfiguration) string

func WebhookClusterRoleBindingReconciler 

func WebhookClusterRoleBindingReconciler(cfg *kubermaticv1.KubermaticConfiguration) reconciling.NamedClusterRoleBindingReconcilerFactory

func WebhookClusterRoleName 

func WebhookClusterRoleName(cfg *kubermaticv1.KubermaticConfiguration) string

func WebhookClusterRoleReconciler 

func WebhookClusterRoleReconciler(cfg *kubermaticv1.KubermaticConfiguration) reconciling.NamedClusterRoleReconcilerFactory

func WebhookDeploymentReconciler 

func WebhookDeploymentReconciler(cfg *kubermaticv1.KubermaticConfiguration, versions kubermatic.Versions) reconciling.NamedDeploymentReconcilerFactory

WebhookDeploymentReconciler returns a DeploymentReconciler for the Kubermatic webhook.

func WebhookRoleBindingReconciler 

func WebhookRoleBindingReconciler(cfg *kubermaticv1.KubermaticConfiguration) reconciling.NamedRoleBindingReconcilerFactory

func WebhookRoleReconciler 

func WebhookRoleReconciler(cfg *kubermaticv1.KubermaticConfiguration) reconciling.NamedRoleReconcilerFactory

func WebhookServiceAccountReconciler 

func WebhookServiceAccountReconciler(cfg *kubermaticv1.KubermaticConfiguration) reconciling.NamedServiceAccountReconcilerFactory

func WebhookServiceReconciler 

func WebhookServiceReconciler(cfg *kubermaticv1.KubermaticConfiguration, client ctrlruntimeclient.Client) reconciling.NamedServiceReconcilerFactory

WebhookServiceReconciler creates the Service for all KKP webhooks.

func WebhookServingCASecretReconciler 

func WebhookServingCASecretReconciler(cfg *kubermaticv1.KubermaticConfiguration) reconciling.NamedSecretReconcilerFactory

func WebhookServingCertSecretReconciler 

func WebhookServingCertSecretReconciler(ctx context.Context, cfg *kubermaticv1.KubermaticConfiguration, client ctrlruntimeclient.Client) reconciling.NamedSecretReconcilerFactory

Types

This section is empty.

Source Files

View all Source files

Directories

Path Synopsis
Package nodeportproxy is responsible for reconciling a seed-cluster-wide proxy based on Envoy and a custom envoy-manager/lb-updater tools.
 Package nodeportproxy is responsible for reconciling a seed-cluster-wide proxy based on Envoy and a custom envoy-manager/lb-updater tools.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.