Documentation
¶
Index ¶
- func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte
- func NewAPIServerKubeletClientCertAndKey(ca *CrtKeyPair) (*x509.Certificate, *rsa.PrivateKey, error)
- func NewEtcdHealthcheckClientCertAndKey(ca *CrtKeyPair) (*x509.Certificate, *rsa.PrivateKey, error)
- func NewServiceAccountSigningKey() (*rsa.PrivateKey, error)
- type ClusterCAGroup
- type CrtKeyPair
- func NewAPIServerCrtAndKey(ca *CrtKeyPair, vc *tenancyv1alpha1.VirtualCluster, apiserverDomain string, ...) (*CrtKeyPair, error)
- func NewClientCrtAndKey(user string, ca *CrtKeyPair, groups []string) (*CrtKeyPair, error)
- func NewEtcdServerCrtAndKey(ca *CrtKeyPair, etcdDomains []string) (*CrtKeyPair, error)
- func NewFrontProxyClientCertAndKey(ca *CrtKeyPair) (*CrtKeyPair, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EncodePrivateKeyPEM ¶
func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte
EncodePrivateKeyPEM returns PEM-encoded private key data
func NewAPIServerKubeletClientCertAndKey ¶
func NewAPIServerKubeletClientCertAndKey(ca *CrtKeyPair) (*x509.Certificate, *rsa.PrivateKey, error)
NewAPIServerKubeletClientCertAndKey creates certificate for the apiservers to connect to the kubelets securely, signed by the ca.
func NewEtcdHealthcheckClientCertAndKey ¶
func NewEtcdHealthcheckClientCertAndKey(ca *CrtKeyPair) (*x509.Certificate, *rsa.PrivateKey, error)
NewEtcdHealthcheckClientCertAndKey creates certificate for liveness probes to healthcheck etcd, signed by the given ca.
func NewServiceAccountSigningKey ¶
func NewServiceAccountSigningKey() (*rsa.PrivateKey, error)
NewServiceAccountSigningKey creates rsa key for signing service account tokens.
Types ¶
type ClusterCAGroup ¶
type ClusterCAGroup struct {
RootCA *CrtKeyPair
APIServer *CrtKeyPair
ETCD *CrtKeyPair
CtrlMgrKbCfg string // the kubeconfig used by controller-manager
AdminKbCfg string // the kubeconfig used by admin user
ServiceAccountPrivateKey *rsa.PrivateKey
}
type CrtKeyPair ¶
type CrtKeyPair struct {
Crt *x509.Certificate
Key *rsa.PrivateKey
}
func NewAPIServerCrtAndKey ¶
func NewAPIServerCrtAndKey(ca *CrtKeyPair, vc *tenancyv1alpha1.VirtualCluster, apiserverDomain string, apiserverIPs ...string) (*CrtKeyPair, error)
NewAPIServerCertAndKey creates crt and key for apiserver using ca.
func NewClientCrtAndKey ¶
func NewClientCrtAndKey(user string, ca *CrtKeyPair, groups []string) (*CrtKeyPair, error)
NewClientCrtAndKey creates crt-key pair for client
func NewEtcdServerCrtAndKey ¶
func NewEtcdServerCrtAndKey(ca *CrtKeyPair, etcdDomains []string) (*CrtKeyPair, error)
NewEtcdServerCrtAndKey creates new crt-key pair using ca for etcd
func NewFrontProxyClientCertAndKey ¶
func NewFrontProxyClientCertAndKey(ca *CrtKeyPair) (*CrtKeyPair, error)
NewFrontProxyClientCertAndKey creates crt-key pair for proxy client using ca.
Source Files
Click to show internal directories.
Click to hide internal directories.