model

package
v1.17.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 9, 2020 License: Apache-2.0 Imports: 57 Imported by: 26

Documentation

Index

Constants

View Source 
const (
	CloudConfigFilePath = "/etc/kubernetes/cloud.config"

	// Required for vSphere CloudProvider
	MinimumVersionForVMUUID = "1.5.3"

	// VM UUID is set by cloud-init
	VM_UUID_FILE_PATH = "/etc/vmware/vm_uuid"
)
View Source 
const DefaultDockerVersion = "1.12.3"

DefaultDockerVersion is the (legacy) docker version we use if one is not specified in the manifest. We don't change this with each version of kops, we expect newer versions of kops to populate the field.

View Source 
const PathAuthnConfig = "/etc/kubernetes/authn.config"

PathAuthnConfig is the path to the custom webhook authentication config

View Source 
const ServiceName = "update-service"

ServiceName is the name given to the service to be created

Variables

This section is empty.

Functions

func EvaluateHostnameOverride 

func EvaluateHostnameOverride(hostnameOverride string) (string, error)

EvaluateHostnameOverride returns the hostname after replacing some well-known placeholders

Types

type Architecture 

type Architecture string
var (
	ArchitectureAmd64 Architecture = "amd64"
	ArchitectureArm   Architecture = "arm"
)

type CloudConfigBuilder 

type CloudConfigBuilder struct {
	*NodeupModelContext
}

CloudConfigBuilder creates the cloud configuration file

func (*CloudConfigBuilder) Build 

func (b *CloudConfigBuilder) Build(c *fi.ModelBuilderContext) error

type DirectoryBuilder 

type DirectoryBuilder struct {
	*NodeupModelContext
}

DirectoryBuilder creates required directories

func (*DirectoryBuilder) Build 

func (b *DirectoryBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for specific directories are created - os dependent

type DockerBuilder 

type DockerBuilder struct {
	*NodeupModelContext
}

DockerBuilder install docker (just the packages at the moment)

func (*DockerBuilder) Build 

func (b *DockerBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for configuring the docker daemon

type EtcdBuilder 

type EtcdBuilder struct {
	*NodeupModelContext
}

EtcdBuilder installs etcd

func (*EtcdBuilder) Build 

func (b *EtcdBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for creating the etcd user

type EtcdManagerTLSBuilder added in v1.15.1 

type EtcdManagerTLSBuilder struct {
	*NodeupModelContext
}

EtcdManagerTLSBuilder configures TLS support for etcd-manager

func (*EtcdManagerTLSBuilder) Build added in v1.15.1 

func (b *EtcdManagerTLSBuilder) Build(ctx *fi.ModelBuilderContext) error

Build is responsible for TLS configuration for etcd-manager

type EtcdTLSBuilder 

type EtcdTLSBuilder struct {
	*NodeupModelContext
}

EtcdTLSBuilder configures the etcd TLS support

func (*EtcdTLSBuilder) Build 

func (b *EtcdTLSBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for performing setup for CNIs that need etcd TLS support

type FileAssetsBuilder 

type FileAssetsBuilder struct {
	*NodeupModelContext
}

FileAssetsBuilder configures the hooks

func (*FileAssetsBuilder) Build 

func (f *FileAssetsBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for writing out the file assets from cluster and instanceGroup

type FirewallBuilder 

type FirewallBuilder struct {
	*NodeupModelContext
}

FirewallBuilder configures the firewall (iptables)

func (*FirewallBuilder) Build 

func (b *FirewallBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for generating any node firewall rules

type HookBuilder 

type HookBuilder struct {
	*NodeupModelContext
}

HookBuilder configures the hooks

func (*HookBuilder) Build 

func (h *HookBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for implementing the cluster hook

type KubeAPIServerBuilder 

type KubeAPIServerBuilder struct {
	*NodeupModelContext
}

KubeAPIServerBuilder install kube-apiserver (just the manifest at the moment)

func (*KubeAPIServerBuilder) Build 

func (b *KubeAPIServerBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for generating the configuration for the kube-apiserver

type KubeControllerManagerBuilder 

type KubeControllerManagerBuilder struct {
	*NodeupModelContext
}

KubeControllerManagerBuilder install kube-controller-manager (just the manifest at the moment)

func (*KubeControllerManagerBuilder) Build 

func (b *KubeControllerManagerBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for configuring the kube-controller-manager

type KubeProxyBuilder 

type KubeProxyBuilder struct {
	*NodeupModelContext
}

KubeProxyBuilder installs kube-proxy

func (*KubeProxyBuilder) Build 

func (b *KubeProxyBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for building the kube-proxy manifest @TODO we should probably change this to a daemonset in the future and follow the kubeadm path

type KubeRouterBuilder 

type KubeRouterBuilder struct {
	*NodeupModelContext
}

KubeRouterBuilder installs kube-router

func (*KubeRouterBuilder) Build 

func (b *KubeRouterBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for configuring the kube-router

type KubeSchedulerBuilder 

type KubeSchedulerBuilder struct {
	*NodeupModelContext
}

KubeSchedulerBuilder install kube-scheduler

func (*KubeSchedulerBuilder) Build 

func (b *KubeSchedulerBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for building the manifest for the kube-scheduler

type KubectlBuilder 

type KubectlBuilder struct {
	*NodeupModelContext
}

KubectlBuilder install kubectl

func (*KubectlBuilder) Build 

func (b *KubectlBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for managing the kubectl on the nodes

type KubeletBuilder 

type KubeletBuilder struct {
	*NodeupModelContext
}

KubeletBuilder installs kubelet

func (*KubeletBuilder) Build 

func (b *KubeletBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for building the kubelet configuration

type LogrotateBuilder 

type LogrotateBuilder struct {
	*NodeupModelContext
}

LogrotateBuilder installs logrotate.d and configures log rotation for kubernetes logs

func (*LogrotateBuilder) Build 

func (b *LogrotateBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for configuring logrotate

type ManifestsBuilder 

type ManifestsBuilder struct {
	*NodeupModelContext
}

ManifestsBuilder copies manifests from the store (e.g. etcdmanager)

func (*ManifestsBuilder) Build 

func (b *ManifestsBuilder) Build(c *fi.ModelBuilderContext) error

Build creates tasks for copying the manifests

type MiscUtilsBuilder added in v1.15.1 

type MiscUtilsBuilder struct {
	*NodeupModelContext
}

MiscUtilsBuilder ensures that some system packages that are required for kubernetes are installed (e.g. socat)

func (*MiscUtilsBuilder) Build added in v1.15.1 

func (b *MiscUtilsBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for configuring the miscellaneous packages we want installed

type NTPBuilder added in v1.15.1 

type NTPBuilder struct {
	*NodeupModelContext
}

NTPBuilder installs and starts NTP, to ensure accurate clock times. As well as general log confusion, clock-skew of more than 5 minutes causes AWS API calls to fail

func (*NTPBuilder) Build added in v1.15.1 

func (b *NTPBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for configuring NTP

type NetworkBuilder 

type NetworkBuilder struct {
	*NodeupModelContext
}

NetworkBuilder writes CNI assets

func (*NetworkBuilder) Build 

func (b *NetworkBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for configuring the network cni

type NodeAuthorizationBuilder 

type NodeAuthorizationBuilder struct {
	*NodeupModelContext
}

NodeAuthorizationBuilder is responsible for node authorization

func (*NodeAuthorizationBuilder) Build 

func (b *NodeAuthorizationBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for handling the node authorization client

type NodeupModelContext 

type NodeupModelContext struct {
	Architecture  Architecture
	Assets        *fi.AssetStore
	Cluster       *kops.Cluster
	ConfigBase    vfs.Path
	Distribution  distros.Distribution
	InstanceGroup *kops.InstanceGroup
	KeyStore      fi.CAStore
	NodeupConfig  *nodeup.Config
	SecretStore   fi.SecretStore

	// IsMaster is true if the InstanceGroup has a role of master (populated by Init)
	IsMaster bool
	// contains filtered or unexported fields
}

NodeupModelContext is the context supplied the nodeup tasks

func (*NodeupModelContext) BuildCertificatePairTask 

func (c *NodeupModelContext) BuildCertificatePairTask(ctx *fi.ModelBuilderContext, key, path, filename string) error

BuildCertificatePairTask creates the tasks to pull down the certificate and private key

func (*NodeupModelContext) BuildCertificateTask 

func (c *NodeupModelContext) BuildCertificateTask(ctx *fi.ModelBuilderContext, name, filename string) error

BuildCertificateTask is responsible for build a certificate request task

func (*NodeupModelContext) BuildKubeConfig 

func (c *NodeupModelContext) BuildKubeConfig(username string, ca, certificate, privateKey []byte) (string, error)

BuildKubeConfig is responsible for building a kubeconfig

func (*NodeupModelContext) BuildPKIKubeconfig 

func (c *NodeupModelContext) BuildPKIKubeconfig(name string) (string, error)

BuildPKIKubeconfig generates a kubeconfig

func (*NodeupModelContext) BuildPrivateKeyTask 

func (c *NodeupModelContext) BuildPrivateKeyTask(ctx *fi.ModelBuilderContext, name, filename string) error

BuildPrivateKeyTask is responsible for build a certificate request task

func (*NodeupModelContext) CNIBinDir 

func (c *NodeupModelContext) CNIBinDir() string

CNIBinDir returns the path for the CNI binaries

func (*NodeupModelContext) CNIConfDir 

func (c *NodeupModelContext) CNIConfDir() string

CNIConfDir returns the CNI directory

func (*NodeupModelContext) EnsureDirectory added in v1.15.1 

func (c *NodeupModelContext) EnsureDirectory(path string) error

EnsureDirectory ensures the directory exists or creates it

func (*NodeupModelContext) EnsureSystemdSuffix added in v1.15.1 

func (c *NodeupModelContext) EnsureSystemdSuffix(name string) string

EnsureSystemdSuffix ensures that the hook name ends with a valid systemd unit file extension. If it doesn't, it adds ".service" for backwards-compatibility with older versions of Kops

func (*NodeupModelContext) FileAssetsDefaultPath 

func (c *NodeupModelContext) FileAssetsDefaultPath() string

FileAssetsDefaultPath is the default location for assets which have no path

func (*NodeupModelContext) GetCert added in v1.17.0 

func (c *NodeupModelContext) GetCert(name string) ([]byte, error)

GetCert is a helper method to retrieve a certificate from the store

func (*NodeupModelContext) GetPrivateKey added in v1.17.0 

func (c *NodeupModelContext) GetPrivateKey(name string) ([]byte, error)

GetPrivateKey is a helper method to retrieve a private key from the store

func (*NodeupModelContext) Init 

func (c *NodeupModelContext) Init() error

Init completes initialization of the object, for example pre-parsing the kubernetes version

func (*NodeupModelContext) IsKubernetesGTE 

func (c *NodeupModelContext) IsKubernetesGTE(version string) bool

IsKubernetesGTE checks if the version is greater-than-or-equal

func (*NodeupModelContext) IsMounted added in v1.15.1 

func (c *NodeupModelContext) IsMounted(m mount.Interface, device, path string) (bool, error)

IsMounted checks if the device is mount

func (*NodeupModelContext) KubectlPath 

func (c *NodeupModelContext) KubectlPath() string

KubectlPath returns distro based path for kubectl

func (*NodeupModelContext) KubeletBootstrapKubeconfig 

func (c *NodeupModelContext) KubeletBootstrapKubeconfig() string

KubeletBootstrapKubeconfig is the path the bootstrap config file

func (*NodeupModelContext) KubeletKubeConfig 

func (c *NodeupModelContext) KubeletKubeConfig() string

KubeletKubeConfig is the path of the kubelet kubeconfig file

func (*NodeupModelContext) NodeName 

func (c *NodeupModelContext) NodeName() (string, error)

NodeName returns the name of the local Node, as it will be created in k8s

func (*NodeupModelContext) PathSrvKubernetes 

func (c *NodeupModelContext) PathSrvKubernetes() string

PathSrvKubernetes returns the path for the kubernetes service files

func (*NodeupModelContext) PathSrvSshproxy 

func (c *NodeupModelContext) PathSrvSshproxy() string

PathSrvSshproxy returns the path for the SSH proxy

func (*NodeupModelContext) SSLHostPaths 

func (c *NodeupModelContext) SSLHostPaths() []string

SSLHostPaths returns the TLS paths for the distribution

func (*NodeupModelContext) UseBootstrapTokens 

func (c *NodeupModelContext) UseBootstrapTokens() bool

UseBootstrapTokens checks if we are using bootstrap tokens

func (*NodeupModelContext) UseEtcdManager added in v1.15.1 

func (c *NodeupModelContext) UseEtcdManager() bool

UseEtcdManager checks if the etcd cluster has etcd-manager enabled

func (*NodeupModelContext) UseEtcdTLS 

func (c *NodeupModelContext) UseEtcdTLS() bool

UseEtcdTLS checks if the etcd cluster has TLS enabled bool

func (*NodeupModelContext) UseEtcdTLSAuth 

func (c *NodeupModelContext) UseEtcdTLSAuth() bool

UseEtcdTLSAuth checks the peer-auth is set in both cluster @NOTE: in retrospect i think we should have consolidated the common config in the wrapper struct; it feels weird we set things like version, tls etc per cluster since they both have to be the same.

func (*NodeupModelContext) UseNodeAuthorization 

func (c *NodeupModelContext) UseNodeAuthorization() bool

UseNodeAuthorization checks if have a node authorization policy

func (*NodeupModelContext) UseNodeAuthorizer 

func (c *NodeupModelContext) UseNodeAuthorizer() bool

UseNodeAuthorizer checks if node authorization is enabled

func (*NodeupModelContext) UseSecureKubelet 

func (c *NodeupModelContext) UseSecureKubelet() bool

UseSecureKubelet checks if the kubelet api should be protected by a client certificate. Note: the settings are in one of three section, master specific kubelet, cluster wide kubelet or the InstanceGroup. Though arguably is doesn't make much sense to unset this on a per InstanceGroup level, but hey :)

func (*NodeupModelContext) UseVolumeMounts added in v1.15.1 

func (c *NodeupModelContext) UseVolumeMounts() bool

UseVolumeMounts is used to check if we have volume mounts enabled as we need to insert requires and afters in various places

func (*NodeupModelContext) UsesCNI 

func (c *NodeupModelContext) UsesCNI() bool

UsesCNI checks if the cluster has CNI configured

func (*NodeupModelContext) UsesSecondaryIP 

func (c *NodeupModelContext) UsesSecondaryIP() bool

UsesSecondaryIP checks if the CNI in use attaches secondary interfaces to the host.

func (*NodeupModelContext) VolumesServiceName added in v1.15.1 

func (c *NodeupModelContext) VolumesServiceName() string

VolumesServiceName is the name of the service which is downstream of any volume mounts

type PackagesBuilder 

type PackagesBuilder struct {
	*NodeupModelContext
}

PackagesBuilder adds miscellaneous OS packages that we need

func (*PackagesBuilder) Build 

func (b *PackagesBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for installing packages

type ProtokubeBuilder 

type ProtokubeBuilder struct {
	*NodeupModelContext
}

ProtokubeBuilder configures protokube

func (*ProtokubeBuilder) Build 

func (t *ProtokubeBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for generating the options for protokube

func (*ProtokubeBuilder) ProtokubeEnvironmentVariables 

func (t *ProtokubeBuilder) ProtokubeEnvironmentVariables() string

ProtokubeEnvironmentVariables generates the environments variables for docker

func (*ProtokubeBuilder) ProtokubeFlags 

func (t *ProtokubeBuilder) ProtokubeFlags(k8sVersion semver.Version) (*ProtokubeFlags, error)

ProtokubeFlags is responsible for building the command line flags for protokube

func (*ProtokubeBuilder) ProtokubeImageName 

func (t *ProtokubeBuilder) ProtokubeImageName() string

ProtokubeImageName returns the docker image for protokube

func (*ProtokubeBuilder) ProtokubeImagePullCommand 

func (t *ProtokubeBuilder) ProtokubeImagePullCommand() string

ProtokubeImagePullCommand returns the command to pull the image

type ProtokubeFlags 

type ProtokubeFlags struct {
	ApplyTaints *bool    `json:"applyTaints,omitempty" flag:"apply-taints"`
	Channels    []string `json:"channels,omitempty" flag:"channels"`
	Cloud       *string  `json:"cloud,omitempty" flag:"cloud"`
	// ClusterID flag is required only for vSphere cloud type, to pass cluster id information to protokube. AWS and GCE workflows ignore this flag.
	ClusterID                 *string  `json:"cluster-id,omitempty" flag:"cluster-id"`
	Containerized             *bool    `json:"containerized,omitempty" flag:"containerized"`
	DNSInternalSuffix         *string  `json:"dnsInternalSuffix,omitempty" flag:"dns-internal-suffix"`
	DNSProvider               *string  `json:"dnsProvider,omitempty" flag:"dns"`
	DNSServer                 *string  `json:"dns-server,omitempty" flag:"dns-server"`
	EtcdBackupImage           string   `json:"etcd-backup-image,omitempty" flag:"etcd-backup-image"`
	EtcdBackupStore           string   `json:"etcd-backup-store,omitempty" flag:"etcd-backup-store"`
	EtcdImage                 *string  `json:"etcd-image,omitempty" flag:"etcd-image"`
	EtcdLeaderElectionTimeout *string  `json:"etcd-election-timeout,omitempty" flag:"etcd-election-timeout"`
	EtcdHearbeatInterval      *string  `json:"etcd-heartbeat-interval,omitempty" flag:"etcd-heartbeat-interval"`
	InitializeRBAC            *bool    `json:"initializeRBAC,omitempty" flag:"initialize-rbac"`
	LogLevel                  *int32   `json:"logLevel,omitempty" flag:"v"`
	Master                    *bool    `json:"master,omitempty" flag:"master"`
	PeerTLSCaFile             *string  `json:"peer-ca,omitempty" flag:"peer-ca"`
	PeerTLSCertFile           *string  `json:"peer-cert,omitempty" flag:"peer-cert"`
	PeerTLSKeyFile            *string  `json:"peer-key,omitempty" flag:"peer-key"`
	TLSAuth                   *bool    `json:"tls-auth,omitempty" flag:"tls-auth"`
	TLSCAFile                 *string  `json:"tls-ca,omitempty" flag:"tls-ca"`
	TLSCertFile               *string  `json:"tls-cert,omitempty" flag:"tls-cert"`
	TLSKeyFile                *string  `json:"tls-key,omitempty" flag:"tls-key"`
	Zone                      []string `json:"zone,omitempty" flag:"zone"`

	// ManageEtcd is true if protokube should manage etcd; being replaced by etcd-manager
	ManageEtcd bool `json:"manageEtcd,omitempty" flag:"manage-etcd"`

	// RemoveDNSNames allows us to remove dns records, so that they can be managed elsewhere
	// We use it e.g. for the switch to etcd-manager
	RemoveDNSNames string `json:"removeDNSNames,omitempty" flag:"remove-dns-names"`

	// BootstrapMasterNodeLabels applies the critical node-role labels to our node,
	// which lets us bring up the controllers that can only run on masters, which are then
	// responsible for node labels.  The node is specified by NodeName
	BootstrapMasterNodeLabels bool `json:"bootstrapMasterNodeLabels,omitempty" flag:"bootstrap-master-node-labels"`

	// NodeName is the name of the node as will be created in kubernetes.  Primarily used by BootstrapMasterNodeLabels.
	NodeName string `json:"nodeName,omitempty" flag:"node-name"`

	GossipProtocol *string `json:"gossip-protocol" flag:"gossip-protocol"`
	GossipListen   *string `json:"gossip-listen" flag:"gossip-listen"`
	GossipSecret   *string `json:"gossip-secret" flag:"gossip-secret"`

	GossipProtocolSecondary *string `json:"gossip-protocol-secondary" flag:"gossip-protocol-secondary"`
	GossipListenSecondary   *string `json:"gossip-listen-secondary" flag:"gossip-listen-secondary"`
	GossipSecretSecondary   *string `json:"gossip-secret-secondary" flag:"gossip-secret-secondary"`
}

ProtokubeFlags are the flags for protokube

type SecretBuilder 

type SecretBuilder struct {
	*NodeupModelContext
}

SecretBuilder writes secrets

func (*SecretBuilder) Build 

func (b *SecretBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for pulling down the secrets

type SysctlBuilder 

type SysctlBuilder struct {
	*NodeupModelContext
}

SysctlBuilder set up our sysctls

func (*SysctlBuilder) Build 

func (b *SysctlBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for configuring sysctl settings

type UpdateServiceBuilder 

type UpdateServiceBuilder struct {
	*NodeupModelContext
}

UpdateServiceBuilder disables the OS automatic updates

func (*UpdateServiceBuilder) Build 

func (b *UpdateServiceBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for creating the relevant systemd service based on OS

type VolumesBuilder added in v1.15.1 

type VolumesBuilder struct {
	*NodeupModelContext
}

VolumesBuilder maintains the volume mounting

func (*VolumesBuilder) Build added in v1.15.1 

func (b *VolumesBuilder) Build(c *fi.ModelBuilderContext) error

Build is responsible for handling the mounting additional volumes onto the instance

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.