Documentation
¶
Index ¶
- func UnboundedAgentInstallScript() string
- func UnboundedAgentUninstallScript(machineName string) string
- type AgentAttestConfig
- type AgentClusterConfig
- type AgentConfig
- type AgentKubeletConfig
- type BuildAgentConfigParams
- type CNIConfig
- type CRIConfig
- type ClusterEndpoint
- type ContainerdConfig
- type KubeletAuthInfo
- type RuncConfig
- type UnboundedAgentConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func UnboundedAgentInstallScript ¶
func UnboundedAgentInstallScript() string
UnboundedAgentInstallScript returns the install script for using the unbounded-agent to bootstrap a node.
func UnboundedAgentUninstallScript ¶
UnboundedAgentUninstallScript returns the uninstall script with the given machine name baked in. The script reverses the bootstrap process: it stops and removes the nspawn machine, cleans up network interfaces, removes configuration files, and restores the host to its original state.
Types ¶
type AgentAttestConfig ¶
type AgentAttestConfig struct {
// URL is the base URL of the metalman serve-pxe instance (e.g.
// "http://10.0.0.1:8880"). The agent appends "/attest" to this URL
// when performing TPM attestation.
URL string `json:"URL"`
}
AgentAttestConfig holds configuration for TPM-based attestation against a metalman serve-pxe instance.
type AgentClusterConfig ¶
type AgentClusterConfig = config.AgentClusterConfig
type AgentConfig ¶
type AgentConfig = config.AgentConfig
type AgentKubeletConfig ¶
type AgentKubeletConfig = config.AgentKubeletConfig
type BuildAgentConfigParams ¶
type BuildAgentConfigParams struct {
// Machine is the Machine object to build the config for.
Machine *v1alpha3.Machine
// Cluster holds the cluster-level connection parameters.
Cluster ClusterEndpoint
// ProviderLabels are cloud-provider-injected labels that override
// all other labels. These are typically resolved from
// cloudprovider.Provider.DefaultLabels().
ProviderLabels map[string]string
// BootstrapToken is the kubelet bootstrap token (e.g. "abc123.xyz789").
// When empty, the agent is expected to obtain a token via attestation.
BootstrapToken string
// AttestURL is the base URL of a metalman serve-pxe instance for
// TPM-based attestation (e.g. "http://10.0.0.1:8880"). When non-empty
// an Attest section is included in the config.
AttestURL string
}
BuildAgentConfigParams holds the inputs for BuildAgentConfig. Cluster-level values are resolved once at controller startup and reused across reconcile loops. Machine-level values come from the Machine object.
type ClusterEndpoint ¶
type ClusterEndpoint struct {
// APIServer is the Kubernetes API server endpoint (e.g.
// "my-cluster-dns.hcp.eastus.azmk8s.io:443").
APIServer string
// CACertBase64 is the base64-encoded cluster CA certificate.
CACertBase64 string
// ClusterDNS is the ClusterIP of the kube-dns Service.
ClusterDNS string
// KubeVersion is the cluster's Kubernetes version (e.g. "v1.34.0"),
// used as a fallback when the Machine's Spec.Kubernetes.Version is
// empty.
KubeVersion string
}
ClusterEndpoint holds the cluster-level connection parameters needed to build agent configuration. These values are typically resolved once at controller startup and reused across reconcile loops.
type ContainerdConfig ¶ added in v0.1.1
type ContainerdConfig = config.ContainerdConfig
type KubeletAuthInfo ¶ added in v0.1.1
type KubeletAuthInfo = config.KubeletAuthInfo
type RuncConfig ¶ added in v0.1.1
type RuncConfig = config.RuncConfig
type UnboundedAgentConfig ¶ added in v0.1.1
type UnboundedAgentConfig struct {
config.AgentConfig
// Attest configures TPM-based attestation for obtaining a bootstrap
// token from a metalman serve-pxe instance. When set, the agent
// performs TPM attestation on the host instead of requiring a static
// BootstrapToken in the Kubelet.Auth config.
Attest *AgentAttestConfig `json:"Attest,omitempty"`
}
UnboundedAgentConfig extends the shared AgentConfig with unbounded-specific fields that are not part of the public agent IR. Controllers and the agent CLI use this type; the shared agent library uses only AgentConfig.
func BuildAgentConfig ¶
func BuildAgentConfig(params BuildAgentConfigParams) UnboundedAgentConfig
BuildAgentConfig constructs an AgentConfig from a Machine and cluster-level parameters. This is the canonical function used by all codepaths that produce agent configuration (machina SSH provisioner, metalman PXE templates, and kubectl-unbounded manual bootstrap).
Label priority (lowest to highest):
- User-defined labels from Machine.Spec.Kubernetes.NodeLabels.
- Common labels applied unconditionally (e.g. cloud provider exclusion).
- Provider-injected labels from params.ProviderLabels.
Source Files