Documentation
¶
Overview ¶
Package client provides runtime configuration options for a Kubernetes client, making it easier to consistently have the same configuration options and flags across GitOps Toolkit components.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetConfigOrDie ¶
GetConfigOrDie wraps ctrl.GetConfigOrDie and checks if the Kubernetes apiserver has PriorityAndFairness flow control filter enabled. If true, it returns a rest.Config with client side throttling disabled. Otherwise, it returns a modified rest.Config configured with the provided Options.
func KubeConfig ¶ added in v0.13.3
func KubeConfig(in *rest.Config, opts KubeConfigOptions) *rest.Config
KubeConfig sanitises a kubeconfig represented as *rest.Config using KubeConfigOptions to inform the transformation decisions.
Types ¶
type Impersonator ¶ added in v0.20.0
Impersonator holds the state for impersonating a Kubernetes account.
func NewImpersonator ¶ added in v0.20.0
func NewImpersonator(kubeClient rc.Client, statusPoller *polling.StatusPoller, pollingOpts polling.Options, kubeConfigRef *meta.KubeConfigReference, kubeConfigOpts KubeConfigOptions, defaultServiceAccount string, serviceAccountName string, namespace string) *Impersonator
NewImpersonator creates an Impersonator from the given arguments.
func (*Impersonator) CanImpersonate ¶ added in v0.20.0
func (i *Impersonator) CanImpersonate(ctx context.Context) bool
CanImpersonate checks if the given Kubernetes account can be impersonated.
func (*Impersonator) GetClient ¶ added in v0.20.0
func (i *Impersonator) GetClient(ctx context.Context) (rc.Client, *polling.StatusPoller, error)
GetClient creates a controller-runtime client for talking to a Kubernetes API server. If spec.KubeConfig is set, use the kubeconfig bytes from the Kubernetes secret. Otherwise, will assume running in cluster and use the cluster provided kubeconfig. If a --default-service-account is set and no spec.ServiceAccountName, use the provided kubeconfig and impersonate the default SA. If spec.ServiceAccountName is set, use the provided kubeconfig and impersonate the specified SA.
type KubeConfigOptions ¶ added in v0.13.3
type KubeConfigOptions struct {
// InsecureExecProvider enables the use of ExecProviders in kubeconfig.
// To use this feature securely, it is recommended the use of restrictive
// AppArmor and SELinux profiles to restrict what binaries can be executed.
InsecureExecProvider bool
// InsecureTLS disables TLS certificate verification. This is insecure and
// should be used for testing purposes only.
InsecureTLS bool
// UserAgent defines a string to identify the caller.
UserAgent string
// Timeout defines the maximum length of time to wait before giving up on a server request.
// A value of zero means no timeout.
//
// If not provided, it will be set to 30 seconds.
Timeout *time.Duration
}
KubeConfigOptions defines options for KubeConfig sanitization.
func (*KubeConfigOptions) BindFlags ¶ added in v0.13.3
func (o *KubeConfigOptions) BindFlags(fs *pflag.FlagSet)
BindFlags will parse the given pflag.FlagSet for Kubernetes client option flags and set the Options accordingly.
type Options ¶
type Options struct {
// QPS indicates the maximum queries-per-second of requests sent to the Kubernetes API, defaults to 50.
QPS float32
// Burst indicates the maximum burst queries-per-second of requests sent to the Kubernetes API, defaults to 100.
Burst int
}
Options contains the runtime configuration for a Kubernetes client.
The struct can be used in the main.go file of your controller by binding it to the main flag set, and then utilizing the configured options later:
func main() {
var (
// other controller specific configuration variables
clientOptions client.Options
)
// Bind the options to the main flag set, and parse it
clientOptions.BindFlags(flag.CommandLine)
flag.Parse()
// Get a runtime Kubernetes client configuration with the options set
restConfig := client.GetConfigOrDie(clientOptions)
}
Source Files