Documentation
¶
Index ¶
Constants ¶
View Source
const ( EnvNameSSHAuthSock = "SSH_AUTH_SOCK" EnvNameSSHKnownHosts = "SSH_KNOWN_HOSTS" EnvNameAWSAccessKey = "AWS_ACCESS_KEY_ID" EnvNameAWSSecretKey = "AWS_SECRET_ACCESS_KEY" EnvNameAWSSessionToken = "AWS_SESSION_TOKEN" EnvNameAWSRegion = "AWS_REGION" EnvNameAWSB64EcodedCredentials = "AWS_B64ENCODED_CREDENTIALS" EnvNameHCloudToken = "HCLOUD_TOKEN" EnvNameRobotUser = "ROBOT_USER" EnvNameRobotPassword = "ROBOT_PASSWORD" EnvNameKubeconfig = "KUBECONFIG" )
Environment variable names.
View Source
const ( FlagNameDebug = "debug" FlagNameKubeAidVersion = "kubeaid-version" FlagNameManagementClusterName = "management-cluster-name" FlagNameManagementClusterNameDefaultValue = "kubeaid-bootstrapper" FlagNameConfigsDirectory = "configs-directory" FlagNameConfigsDirectoryDefaultValue = "outputs/configs" FlagNameSkipMonitoringSetup = "skip-monitoring-setup" FlagNameSkipPRWorkflow = "skip-pr-workflow" FlagNameSkipClusterctlMove = "skip-clusterctl-move" FlagNameAWSAccessKeyID = "aws-access-key-id" FlagNameAWSSecretAccessKey = "aws-secret-access-key" FlagNameAWSSessionToken = "aws-session-token" FlagNameAWSRegion = "aws-region" FlagNameAMIID = "ami-id" FlagNameAzureClientSecret = "azure-client-secret" FlagNameNewImageOffer = "new-image-offer" FlagNameHetznerAPIToken = "hetzner-cloud-api-token" FlagNameHetznerRobotUsername = "hetzner-robot-username" FlagNameHetznerRobotPassword = "hetzner-robot-password" FlagNameNewImageName = "new-image-name" FlagNameNewImagePath = "new-image-path" FlagNameNewK8sVersion = "new-k8s-version" FlagNameOSSize = "os-size" FlagNameZFSPoolSize = "zfs-pool-size" )
CLI flags.
View Source
const ( KubeAPIServerFlagAuditPolicyFile = "audit-policy-file" KubeAPIServerFlagAuditLogPath = "audit-log-path" )
Kube API server CLI flags.
View Source
const ( CloudProviderAWS = "aws" CloudProviderHetzner = "hetzner" CloudProviderAzure = "azure" CloudProviderBareMetal = "bare-metal" CloudProviderLocal = "local" )
Cloud providers.
View Source
const ( DiskTypeHDD = "HDD" DiskTypeSSD = "SSD" DiskTypeNVMe = "NVMe" DiskTypeUnknown = "Unknown" )
Disk types.
View Source
const ( ZFSPoolDefaultSize = (ZFSVolumeSizeContainerImages + ZFSVolumeSizePodLogs + ZFSVolumeSizePodEphemeralVolumes) + 20 // = 220 GB. ZFSVolumeSizeContainerImages = 100 ZFSVolumeSizePodLogs = 50 ZFSVolumeSizePodEphemeralVolumes = 50 )
ZFS.
View Source
const ( ReleaseNameArgoCD = "argocd" ArgoCDProjectKubeAid = "kubeaid" ArgoCDRoleKubeAidAgent = "kubeaid-agent" // Apps. ArgoCDAppArgoCD = "argocd" ArgoCDAppRoot = "root" ArgoCDAppCapiCluster = "capi-cluster" ArgoCDAppHetznerRobot = "hetzner-robot" ArgoCDAppClusterAutoscaler = "cluster-autoscaler" ArgoCDAppVelero = "velero" ArgoCDAppKubePrometheus = "kube-prometheus" ArgoCDExternalSnapshotter = "external-snapshotter" ArgoCDAppCilium = "cilium" ArgoCDAppAzureDiskCSIDriver = "azuredisk-csi-driver" ArgoCDAppHCloudCSIDriver = "hcloud-csi-driver" ArgoCDAppRookCeph = "rook-ceph" ArgoCDAppLocalPVProvisioner = "localpv-provisioner" ArgoCDProjectRolePolicyFmt = "p, proj:%s:%s, %s, %s, %s/*, %s" // Inputs: project-name, role-name, resource, action, project-name, effect ArgoCDLabelKeyManagedBy = "kubeaid.io/managed-by" ArgoCDRBACEffectAllow = "allow" ArgoCDRBACEffectDeny = "deny" ArgoCDProjectRoleSecretName = "argocd-project-role-kubeaid-agent" )
ArgoCD.
View Source
const ( ReleaseNameSealedSecrets = "sealed-secrets" SealedSecretsControllerName = ReleaseNameSealedSecrets + "-controller" CRONJobNameBackupSealedSecrets = "backup-sealed-secrets" )
Sealed Secrets.
View Source
const ( BlobContainerNameOIDCProvider = "oidc-provider" AzureBlobNameOpenIDConfiguration = ".well-known/openid-configuration" AzureBlobNameJWKSDocument = "openid/v1/jwks" // Grants full access to manage all resources, but does not allow you to assign roles in Azure // RBAC, manage assignments in Azure Blueprints, or share image galleries. AzureRoleIDContributor = "b24988ac-6180-42a0-ab88-20f7382dd24c" // Provides full access to Azure Storage blob containers and data, including assigning POSIX // access control. AzureRoleIDStorageBlobDataOwner = "b7e6dc6d-f1e8-4753-8033-0f276bb0955b" AzureResponseStatusCodeResourceAlreadyExists = 409 )
Azure
View Source
const ( HetznerModeBareMetal = "bare-metal" HetznerModeHCloud = "hcloud" HetznerModeHybrid = "hybrid" HetznerRobotWebServiceAPI = "https://robot-ws.your-server.de" HetznerNetworkCIDR = "10.0.0.0/16" HCloudServersSubnetCIDR = "10.0.0.0/24" HetznerVSwitchSubnetCIDR = "10.0.1.0/24" HetznerVSwitchGatewayIP = "10.0.1.0" HCloudServerTypeCAX11 = "cax11" HCloudServerImageUbuntu2404 = "ubuntu-24.04" HCloudLocationHel1 = "hel1" HCloudLBTypeLB11 = "lb11" )
Hetzner
View Source
const ( // Namespaces. NamespaceArgoCD = "argocd" NamespaceVelero = "velero" NamespaceSealedSecrets = "sealed-secrets" NamespaceCrossPlane = "crossplane" NamespaceCilium = "cilium" NamespaceCiliumTest = "cilium-test" // Service Accounts. ServiceAccountCAPZ = "capz-manager" ServiceAccountASO = "azureserviceoperator-default" ServiceAccountVelero = "velero" ServiceAccountSealedSecrets = "sealed-secrets" )
View Source
const ( ClusterTypeManagement = "management" ClusterTypeMain = "main" ClusterTypeVPN = "vpn" ClusterTypeWorkload = "workload" )
Cluster types.
View Source
const ( RepoURLObmondoKubeAid = "https://github.com/Obmondo/KubeAid" GzippedFilenameSuffix = ".gz" )
Miscellaneous.
View Source
const ( OneDay = 24 * time.Hour OneMonth = 30 * OneDay )
Time durations
View Source
const ( CommitAuthorName = "KubeAid CLI" CommitAuthorEmail = "info@obmondo.com" )
Git related.
View Source
const ( DockerSocketPath = "/var/run/docker.sock" DockerDefaultNetworkName = "default" )
Docker related.
View Source
const ( K3sReleasesAPIURL = "https://api.github.com/repos/k3s-io/k3s/releases/latest" // CGroup v1 support has been dropped from K8s version v1.35. // REFER : https://www.sysdig.com/blog/kubernetes-1-35-whats-new#changes-in-kubernetes-135-that-may-break-things. MaxCGroupV1CompatibleK3sVersion = "v1.34.5-k3s1" )
K3s related.
View Source
const ( MinSupportedK8sVersion = "v1.30" // // Whatever is the latest K8s version, that becomes the max supported K8s version. // We get the latest K8s version from the K8s release API. K8sReleaseAPIURL = "https://dl.k8s.io/release/stable.txt" // CGroup v1 support has been dropped from K8s version v1.35. // REFER : https://www.sysdig.com/blog/kubernetes-1-35-whats-new#changes-in-kubernetes-135-that-may-break-things. MaxCGroupV1CompatibleK8sVersion = "v1.34" // For the Bare Metal provider though, the story is a bit different. // We're using KubeOne v1.12. And you can see the K8s versions officially supported by KubeOne // here : https://docs.kubermatic.com/kubeone/v1.12/architecture/compatibility/supported-versions. // That range becomes the range of K8s version supported by KubeAid CLI. // NOTE : We need update this range manually, when upgrading KubeOne. MinKubeOneSupportedK8sVersion = "v1.32" MaxKubeOneSupportedK8sVersion = "v1.34" )
K8s version related
View Source
const ( TemplateNameKubePrometheusArgoCDApp = "argocd-apps/templates/kube-prometheus.yaml.tmpl" TemplateNameKubePrometheusVars = "cluster-vars.jsonnet.tmpl" )
For KubePrometheus.
View Source
const CEPHNodeMinSize = 50 // GB.
View Source
const HighSpeedNICThreshold = 5000 // GBPS.
View Source
const KubeOneConfigTemlateName = "kubeone/kubeone-cluster.yaml.tmpl"
View Source
const OSDefaultSize = 50 // GB.
View Source
const PEMBlockTypeOpenSSHPrivateKey = "OPENSSH PRIVATE KEY"
View Source
const TempDirectory = "/tmp/kubeaid-core"
View Source
const TemplateNameK3DConfig = "templates/k3d.config.yaml.tmpl"
View Source
const TemplateNameStoragePlanExecutor = "templates/storage-plan-executor.sh.tmpl"
Variables ¶
View Source
var ( OutputsDirectory = "outputs" OutputPathLogFile = path.Join(OutputsDirectory, ".log") OutputPathKnownHostsFile = path.Join(TempDirectory, "known_hosts") OutputPathManagementClusterK3DConfig = path.Join(OutputsDirectory, "k3d.config.yaml") OutputPathManagementClusterHostKubeconfig = path.Join(OutputsDirectory, "kubeconfigs/clusters/management/host.yaml", ) OutputPathManagementClusterContainerKubeconfig = path.Join(OutputsDirectory, "kubeconfigs/clusters/management/container.yaml", ) OutputPathMainClusterKubeconfig = path.Join(OutputsDirectory, "kubeconfigs/clusters/main.yaml") OutputPathJWKSDocument = path.Join(OutputsDirectory, "workload-identity/openid-provider/jwks.json", ) )
Output paths.
View Source
var ( CommonNonSecretTemplateNames = []string{ "kubeaid-bootstrap-script.general.yaml.tmpl", "argocd-apps/templates/argocd.yaml.tmpl", "argocd-apps/values-argocd.yaml.tmpl", "argocd-apps/Chart.yaml", "argocd-apps/templates/root.yaml.tmpl", "argocd-apps/templates/cert-manager.yaml.tmpl", "argocd-apps/values-cert-manager.yaml.tmpl", "argocd-apps/templates/sealed-secrets.yaml.tmpl", "argocd-apps/values-sealed-secrets.yaml.tmpl", "argocd-apps/templates/secrets.yaml.tmpl", } CommonSecretTemplateNames = []string{ "sealed-secrets/argocd/repo-kubeaid-config.yaml.tmpl", } KubeaidDeployKeySecretTemplateName = "sealed-secrets/argocd/repo-kubeaid.yaml.tmpl" )
Common template names.
View Source
var ( AWSSpecificNonSecretTemplateNames = []string{ "argocd-apps/templates/ccm-aws.yaml.tmpl", "argocd-apps/values-ccm-aws.yaml.tmpl", "argocd-apps/templates/cluster-autoscaler.yaml.tmpl", "argocd-apps/values-cluster-autoscaler.yaml.tmpl", "argocd-apps/templates/external-snapshotter.yaml.tmpl", } AWSSpecificSecretTemplateNames = []string{ "sealed-secrets/capi-cluster/cloud-credentials.yaml.tmpl", } AWSDisasterRecoverySpecificNonSecretTemplateNames = []string{ "argocd-apps/templates/kube2iam.yaml.tmpl", "argocd-apps/values-kube2iam.yaml.tmpl", "argocd-apps/templates/velero.yaml.tmpl", "argocd-apps/values-velero.yaml.tmpl", "argocd-apps/templates/k8s-configs.yaml.tmpl", "k8s-configs/sealed-secrets.namespace.yaml.tmpl", "k8s-configs/velero.namespace.yaml.tmpl", } )
AWS specific template names.
View Source
var ( TemplateNameOpenIDConfig = "templates/openid-configuration.json.tmpl" AzureSpecificNonSecretTemplateNames = []string{ "argocd-apps/templates/crossplane.yaml.tmpl", "argocd-apps/values-crossplane.yaml.tmpl", "argocd-apps/templates/crossplane-providers-and-functions.yaml.tmpl", "argocd-apps/values-crossplane-providers-and-functions.yaml.tmpl", "argocd-apps/templates/crossplane-compositions.yaml.tmpl", "argocd-apps/values-crossplane-compositions.yaml.tmpl", "argocd-apps/templates/infrastructure.yaml.tmpl", "infrastructure/azure/workload-identity-infrastructure.yaml.tmpl", "argocd-apps/templates/ccm-azure.yaml.tmpl", "argocd-apps/values-ccm-azure.yaml.tmpl", "argocd-apps/templates/azuredisk-csi-driver.yaml.tmpl", "argocd-apps/values-azuredisk-csi-driver.yaml.tmpl", "argocd-apps/templates/azure-workload-identity-webhook.yaml.tmpl", "argocd-apps/values-azure-workload-identity-webhook.yaml.tmpl", "argocd-apps/templates/cluster-autoscaler.yaml.tmpl", "argocd-apps/values-cluster-autoscaler.yaml.tmpl", "argocd-apps/templates/external-snapshotter.yaml.tmpl", } AzureSpecificSecretTemplateNames = []string{ "sealed-secrets/crossplane/azure-credentials.yaml.tmpl", "sealed-secrets/capi-cluster/service-account-issuer-keys.yaml.tmpl", } AzureDisasterRecoverySpecificNonSecretTemplateNames = []string{ "infrastructure/azure/disaster-recovery-infrastructure.yaml.tmpl", "argocd-apps/templates/velero.yaml.tmpl", "argocd-apps/values-velero.yaml.tmpl", } AzureDisasterRecoverySpecificSecretTemplateNames = []string{ "sealed-secrets/sealed-secrets/backup-sealed-secrets-pod-env.yaml.tmpl", } )
Azure specific template names.
View Source
var ( CommonHetznerSpecificSecretTemplateNames = []string{ "sealed-secrets/kube-system/cloud-credentials.yaml.tmpl", "sealed-secrets/capi-cluster/cloud-credentials.yaml.tmpl", } HCloudSpecificNonSecretTemplateNames = []string{ "argocd-apps/templates/ccm-hcloud.yaml.tmpl", "argocd-apps/values-ccm-hcloud.yaml.tmpl", "argocd-apps/templates/hcloud-csi-driver.yaml.tmpl", "argocd-apps/values-hcloud-csi-driver.yaml.tmpl", "argocd-apps/templates/cluster-autoscaler.yaml.tmpl", "argocd-apps/values-cluster-autoscaler.yaml.tmpl", } HetznerBareMetalSpecificNonSecretTemplateNames = []string{ "argocd-apps/templates/ccm-hetzner.yaml.tmpl", "argocd-apps/values-ccm-hetzner.yaml.tmpl", "argocd-apps/templates/rook-ceph.yaml.tmpl", "argocd-apps/values-rook-ceph.yaml.tmpl", } HetznerBareMetalSpecificSecretTemplateNames = []string{ "sealed-secrets/capi-cluster/hetzner-ssh-keypair.yaml.tmpl", } )
Hetzner specific template names.
View Source
var ( CustomerSpecificNonSecretTemplateNames = []string{ "argocd-apps/templates/teleport-kube-agent.yaml.tmpl", "argocd-apps/values-teleport-kube-agent.yaml.tmpl", "argocd-apps/templates/teleport-kube-agent.yaml.tmpl", "argocd-apps/values-teleport-kube-agent.yaml.tmpl", } CustomerSpecificSecretTemplateNames = []string{ "sealed-secrets/obmondo/teleport-kube-agent-join-token.yaml.tmpl", } )
Obmondo customer specific template names.
View Source
var ( TemplateNameAWSGeneralConfig = "templates/aws/general.config.yaml.tmpl" TemplateNameAWSSecretsConfig = "templates/aws/secrets.config.yaml.tmpl" TemplateNameAzureGeneralConfig = "templates/azure/general.config.yaml.tmpl" TemplateNameAzureSecretsConfig = "templates/azure/secrets.config.yaml.tmpl" TemplateNameHetznerHCloudGeneralConfig = "templates/hetzner/hcloud/general.config.yaml.tmpl" TemplateNameHetznerHCloudSecretsConfig = "templates/hetzner/hcloud/secrets.config.yaml.tmpl" TemplateNameHetznerBareMetalGeneralConfig = "templates/hetzner/bare-metal/general.config.yaml.tmpl" TemplateNameHetznerBareMetalSecretsConfig = "templates/hetzner/bare-metal/secrets.config.yaml.tmpl" TemplateNameHetznerHybridGeneralConfig = "templates/hetzner/hybrid/general.config.yaml.tmpl" TemplateNameHetznerHybridSecretsConfig = "templates/hetzner/hybrid/secrets.config.yaml.tmpl" TemplateNameBareMetalGeneralConfig = "templates/bare-metal/general.config.yaml.tmpl" TemplateNameBareMetalSecretsConfig = "templates/bare-metal/secrets.config.yaml.tmpl" TemplateNameLocalGeneralConfig = "templates/local/general.config.yaml.tmpl" TemplateNameLocalSecretsConfig = "templates/local/secrets.config.yaml.tmpl" )
Config template names.
View Source
var BareMetalSpecificNonSecretTemplateNames = []string{ KubeOneConfigTemlateName, "argocd-apps/templates/cilium.yaml.tmpl", "argocd-apps/values-cilium.yaml.tmpl", "argocd-apps/templates/localpv-provisioner.yaml.tmpl", "argocd-apps/values-localpv-provisioner.yaml.tmpl", }
View Source
var (
CommonCloudSpecificNonSecretTemplateNames = []string{
"argocd-apps/templates/cilium.yaml.tmpl",
"argocd-apps/values-cilium.yaml.tmpl",
"argocd-apps/templates/cluster-api-operator.yaml.tmpl",
"argocd-apps/values-cluster-api-operator.yaml.tmpl",
"argocd-apps/templates/capi-cluster.yaml.tmpl",
"argocd-apps/values-capi-cluster.yaml.tmpl",
}
)
Common template names (for clusters being provisioned in any of the supported cloud providers).
View Source
var CommonRuntimeDependencies = []string{
"jsonnet",
"jb",
"jq",
"gojsontoyaml",
"kubectl",
}
View Source
var KubernetesKubePrometheusVersionCompatibilityMatrix = map[string][]string{
"v1.32": {"v0.16.0"},
"v1.33": {"v0.16.0", "v0.17.0"},
"v1.34": {"v0.16.0", "v0.17.0"},
"v1.35": {"v0.17.0"},
}
Kubernetes -> KubePrometheus compatibility matrix. This makes it easy to select a default KubePrometheus version for a given K8s version. REFER : https://github.com/prometheus-operator/kube-prometheus?tab=readme-ov-file#compatibility.
Functions ¶
This section is empty.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.