config

package
v1.31.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 16, 2024 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CloudConfig

type CloudConfig struct {
	Global struct {
		// TODO: Is there any use for this?  We can get it from the instance metadata service
		// Maybe if we're not running on AWS, e.g. bootstrap; for now it is not very useful
		Zone string

		Region string

		// The AWS VPC flag enables the possibility to run the master components
		// on a different aws account, on a different cloud provider or on-premises.
		// If the flag is set also the KubernetesClusterTag must be provided
		VPC string
		// SubnetID enables using a specific subnet to use for ELB's
		SubnetID string
		// RouteTableID enables using a specific RouteTable
		RouteTableID string

		// RoleARN is the IAM role to assume when interaction with AWS APIs.
		RoleARN string
		// SourceARN is value which is passed while assuming role specified by RoleARN. When a service
		// assumes a role in your account, you can include the aws:SourceAccount and aws:SourceArn global
		// condition context keys in your role trust policy to limit access to the role to only requests that are generated
		// by expected resources. https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html
		SourceARN string

		// KubernetesClusterTag is the legacy cluster id we'll use to identify our cluster resources
		KubernetesClusterTag string
		// KubernetesClusterID is the cluster id we'll use to identify our cluster resources
		KubernetesClusterID string

		//The aws provider creates an inbound rule per load balancer on the node security
		//group. However, this can run into the AWS security group rule limit of 50 if
		//many LoadBalancers are created.
		//
		//This flag disables the automatic ingress creation. It requires that the user
		//has setup a rule that allows inbound traffic on kubelet ports from the
		//local VPC subnet (so load balancers can access it). E.g. 10.82.0.0/16 30000-32000.
		DisableSecurityGroupIngress bool

		//AWS has a hard limit of 500 security groups. For large clusters creating a security group for each ELB
		//can cause the max number of security groups to be reached. If this is set instead of creating a new
		//Security group for each ELB this security group will be used instead.
		ElbSecurityGroup string

		// NodeIPFamilies determines which IP addresses are added to node objects and their ordering.
		NodeIPFamilies []string
	}
	// [ServiceOverride "1"]
	//  Service = s3
	//  Region = region1
	//  URL = https://s3.foo.bar
	//  SigningRegion = signing_region
	//  SigningMethod = signing_method
	//
	//  [ServiceOverride "2"]
	//     Service = ec2
	//     Region = region2
	//     URL = https://ec2.foo.bar
	//     SigningRegion = signing_region
	//     SigningMethod = signing_method
	ServiceOverride map[string]*struct {
		Service       string
		Region        string
		URL           string
		SigningRegion string
		SigningMethod string
		SigningName   string
	}
}

CloudConfig wraps the settings for the AWS cloud provider. NOTE: Cloud config files should follow the same Kubernetes deprecation policy as flags or CLIs. Config fields should not change behavior in incompatible ways and should be deprecated for at least 2 release prior to removing. See https://kubernetes.io/docs/reference/using-api/deprecation-policy/#deprecating-a-flag-or-cli for more details.

func (*CloudConfig) GetRegion

func (cfg *CloudConfig) GetRegion(metadata EC2Metadata) (string, error)

GetRegion returns the AWS region from the config, if set, or gets it from the metadata service if unset and sets in config

func (*CloudConfig) GetResolver

func (cfg *CloudConfig) GetResolver() endpoints.ResolverFunc

GetResolver computes the correct resolver to use

func (*CloudConfig) ValidateOverrides

func (cfg *CloudConfig) ValidateOverrides() error

ValidateOverrides ensures overrides are correct

type EC2Metadata

type EC2Metadata interface {
	// Query the EC2 metadata service (used to discover instance-id etc)
	GetMetadata(path string) (string, error)
	Region() (string, error)
}

EC2Metadata is an abstraction over the AWS metadata service.

type SDKProvider

type SDKProvider interface {
	AddHandlers(regionName string, h *request.Handlers)
}

SDKProvider can be used by variants to add their own handlers

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL