v1

package
v1.30.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 14, 2024 License: Apache-2.0 Imports: 10 Imported by: 5

Documentation

Index

Constants

View Source
const (
	// DefaultTokenDuration specifies the default amount of time that a bootstrap token will be valid
	// Default behaviour is 24 hours
	DefaultTokenDuration = 24 * time.Hour
)

Variables

View Source
var (
	// DefaultTokenUsages specifies the default functions a token will get
	DefaultTokenUsages = bootstrapapi.KnownTokenUsages

	// DefaultTokenGroups specifies the default groups that this token will authenticate as when used for authentication
	DefaultTokenGroups = []string{"system:bootstrappers:kubeadm:default-node-token"}
)

Functions

func BootstrapTokenToSecret

func BootstrapTokenToSecret(bt *BootstrapToken) *v1.Secret

BootstrapTokenToSecret converts the given BootstrapToken object to its Secret representation that may be submitted to the API Server in order to be stored.

func SetDefaults_BootstrapToken added in v1.28.0

func SetDefaults_BootstrapToken(bt *BootstrapToken)

SetDefaults_BootstrapToken sets the defaults for an individual Bootstrap Token

Types

type BootstrapToken

type BootstrapToken struct {
	// Token is used for establishing bidirectional trust between nodes and control-planes.
	// Used for joining nodes in the cluster.
	Token *BootstrapTokenString `json:"token" datapolicy:"token"`
	// Description sets a human-friendly message why this token exists and what it's used
	// for, so other administrators can know its purpose.
	// +optional
	Description string `json:"description,omitempty"`
	// TTL defines the time to live for this token. Defaults to 24h.
	// Expires and TTL are mutually exclusive.
	// +optional
	TTL *metav1.Duration `json:"ttl,omitempty"`
	// Expires specifies the timestamp when this token expires. Defaults to being set
	// dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive.
	// +optional
	Expires *metav1.Time `json:"expires,omitempty"`
	// Usages describes the ways in which this token can be used. Can by default be used
	// for establishing bidirectional trust, but that can be changed here.
	// +optional
	Usages []string `json:"usages,omitempty"`
	// Groups specifies the extra groups that this token will authenticate as when/if
	// used for authentication
	// +optional
	Groups []string `json:"groups,omitempty"`
}

BootstrapToken describes one bootstrap token, stored as a Secret in the cluster +k8s:deepcopy-gen=true

func BootstrapTokenFromSecret

func BootstrapTokenFromSecret(secret *v1.Secret) (*BootstrapToken, error)

BootstrapTokenFromSecret returns a BootstrapToken object from the given Secret

func (*BootstrapToken) DeepCopy

func (in *BootstrapToken) DeepCopy() *BootstrapToken

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BootstrapToken.

func (*BootstrapToken) DeepCopyInto

func (in *BootstrapToken) DeepCopyInto(out *BootstrapToken)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BootstrapTokenString

type BootstrapTokenString struct {
	ID     string `json:"-"`
	Secret string `json:"-" datapolicy:"token"`
}

BootstrapTokenString is a token of the format abcdef.abcdef0123456789 that is used for both validation of the practically of the API server from a joining node's point of view and as an authentication method for the node in the bootstrap phase of "kubeadm join". This token is and should be short-lived

func NewBootstrapTokenString

func NewBootstrapTokenString(token string) (*BootstrapTokenString, error)

NewBootstrapTokenString converts the given Bootstrap Token as a string to the BootstrapTokenString object used for serialization/deserialization and internal usage. It also automatically validates that the given token is of the right format

func NewBootstrapTokenStringFromIDAndSecret

func NewBootstrapTokenStringFromIDAndSecret(id, secret string) (*BootstrapTokenString, error)

NewBootstrapTokenStringFromIDAndSecret is a wrapper around NewBootstrapTokenString that allows the caller to specify the ID and Secret separately

func (BootstrapTokenString) MarshalJSON

func (bts BootstrapTokenString) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface.

func (BootstrapTokenString) String

func (bts BootstrapTokenString) String() string

String returns the string representation of the BootstrapTokenString

func (*BootstrapTokenString) UnmarshalJSON

func (bts *BootstrapTokenString) UnmarshalJSON(b []byte) error

UnmarshalJSON implements the json.Unmarshaller interface.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL