Documentation
¶
Index ¶
Constants ¶
View Source
const ( // CertificateValidity defines the validity for all the signed certificates generated by kubeadm CertificateValidity = time.Hour * 24 * 365 * 10 // CACertAndKeyBaseName defines certificate authority base name CACertAndKeyBaseName = "ca" // CACertName defines certificate name CACertName = "ca.crt" // CAKeyName defines certificate name CAKeyName = "ca.key" // ServerCAKeyName defines server ca key name ServerCAKeyName = "server-ca.key" // ServerCACertName defines server ca cert name ServerCACertName = "server-ca.crt" // ClientCACertName defines client ca cert name ClientCACertName = "client-ca.crt" // ClientCAKeyName defines client ca key name ClientCAKeyName = "client-ca.key" // APIServerCertAndKeyBaseName defines API's server certificate and key base name APIServerCertAndKeyBaseName = "apiserver" // APIServerCertName defines API's server certificate name APIServerCertName = "apiserver.crt" // APIServerKeyName defines API's server key name APIServerKeyName = "apiserver.key" // APIServerCertCommonName defines API's server certificate common name (CN) APIServerCertCommonName = "kube-apiserver" // APIServerKubeletClientCertAndKeyBaseName defines kubelet client certificate and key base name APIServerKubeletClientCertAndKeyBaseName = "apiserver-kubelet-client" // APIServerKubeletClientCertName defines kubelet client certificate name APIServerKubeletClientCertName = "apiserver-kubelet-client.crt" // APIServerKubeletClientKeyName defines kubelet client key name APIServerKubeletClientKeyName = "apiserver-kubelet-client.key" // APIServerKubeletClientCertCommonName defines kubelet client certificate common name (CN) APIServerKubeletClientCertCommonName = "kube-apiserver-kubelet-client" // EtcdCACertAndKeyBaseName defines etcd's CA certificate and key base name EtcdCACertAndKeyBaseName = "etcd/ca" // EtcdCACertName defines etcd's CA certificate name EtcdCACertName = "etcd/ca.crt" // EtcdCAKeyName defines etcd's CA key name EtcdCAKeyName = "etcd/ca.key" // EtcdServerCertAndKeyBaseName defines etcd's server certificate and key base name EtcdServerCertAndKeyBaseName = "etcd/server" // EtcdServerCertName defines etcd's server certificate name EtcdServerCertName = "etcd/server.crt" // EtcdServerKeyName defines etcd's server key name EtcdServerKeyName = "etcd/server.key" // EtcdPeerCertAndKeyBaseName defines etcd's peer certificate and key base name EtcdPeerCertAndKeyBaseName = "etcd/peer" // EtcdPeerCertName defines etcd's peer certificate name EtcdPeerCertName = "etcd/peer.crt" // EtcdPeerKeyName defines etcd's peer key name EtcdPeerKeyName = "etcd/peer.key" // EtcdHealthcheckClientCertAndKeyBaseName defines etcd's healthcheck client certificate and key base name EtcdHealthcheckClientCertAndKeyBaseName = "etcd/healthcheck-client" // EtcdHealthcheckClientCertName defines etcd's healthcheck client certificate name EtcdHealthcheckClientCertName = "etcd/healthcheck-client.crt" // EtcdHealthcheckClientKeyName defines etcd's healthcheck client key name EtcdHealthcheckClientKeyName = "etcd/healthcheck-client.key" // EtcdHealthcheckClientCertCommonName defines etcd's healthcheck client certificate common name (CN) EtcdHealthcheckClientCertCommonName = "kube-etcd-healthcheck-client" // APIServerEtcdClientCertAndKeyBaseName defines apiserver's etcd client certificate and key base name APIServerEtcdClientCertAndKeyBaseName = "apiserver-etcd-client" // APIServerEtcdClientCertName defines apiserver's etcd client certificate name APIServerEtcdClientCertName = "apiserver-etcd-client.crt" // APIServerEtcdClientKeyName defines apiserver's etcd client key name APIServerEtcdClientKeyName = "apiserver-etcd-client.key" // APIServerEtcdClientCertCommonName defines apiserver's etcd client certificate common name (CN) APIServerEtcdClientCertCommonName = "kube-apiserver-etcd-client" // ServiceAccountKeyBaseName defines SA key base name ServiceAccountKeyBaseName = "sa" // ServiceAccountPublicKeyName defines SA public key base name ServiceAccountPublicKeyName = "sa.pub" // ServiceAccountPrivateKeyName defines SA private key base name ServiceAccountPrivateKeyName = "sa.key" // FrontProxyCACertAndKeyBaseName defines front proxy CA certificate and key base name FrontProxyCACertAndKeyBaseName = "front-proxy-ca" // FrontProxyCACertName defines front proxy CA certificate name FrontProxyCACertName = "front-proxy-ca.crt" // FrontProxyCAKeyName defines front proxy CA key name FrontProxyCAKeyName = "front-proxy-ca.key" // FrontProxyClientCertAndKeyBaseName defines front proxy certificate and key base name FrontProxyClientCertAndKeyBaseName = "front-proxy-client" // FrontProxyClientCertName defines front proxy certificate name FrontProxyClientCertName = "front-proxy-client.crt" // FrontProxyClientKeyName defines front proxy key name FrontProxyClientKeyName = "front-proxy-client.key" // FrontProxyClientCertCommonName defines front proxy certificate common name FrontProxyClientCertCommonName = "front-proxy-client" // used as subject.commonname attribute (CN) // AdminKubeConfigFileName defines name for the kubeconfig aimed to be used by the superuser/admin of the cluster AdminKubeConfigFileName = "admin.conf" // ControllerManagerKubeConfigFileName defines the file name for the controller manager's kubeconfig file ControllerManagerKubeConfigFileName = "controller-manager.conf" // SchedulerKubeConfigFileName defines the file name for the scheduler's kubeconfig file SchedulerKubeConfigFileName = "scheduler.conf" // ControllerManagerUser defines the well-known user the controller-manager should be authenticated as ControllerManagerUser = "system:kube-controller-manager" // SchedulerUser defines the well-known user the scheduler should be authenticated as SchedulerUser = "system:kube-scheduler" // SystemPrivilegedGroup defines the well-known group for the apiservers. This group is also superuser by default // (i.e. bound to the cluster-admin ClusterRole) SystemPrivilegedGroup = "system:masters" // DefaultAPIServerBindAddress is the default bind address for the API Server DefaultAPIServerBindAddress = "0.0.0.0" )
View Source
const ( CertSecretLabelAppKey = "app" CertSecretLabelAppValue = "vcluster" CertSecretLabelVclusterNameKey = "vcluster-name" )
Variables ¶
This section is empty.
Functions ¶
func BuildKubeConfig ¶ added in v0.26.0
func BuildKubeConfig(spec *KubeConfigOptions) (*clientcmdapi.Config, error)
BuildKubeConfig creates a kubeconfig object for the given kubeConfigSpec
func CertSecretName ¶ added in v0.25.0
func CreateKubeConfig ¶ added in v0.26.0
func CreateKubeConfig(spec *KubeConfigOptions, path string) error
CreateKubeConfig creates a kubeconfig object and writes it to disk
func EnsureCerts ¶ added in v0.17.0
func EnsureCerts( ctx context.Context, currentNamespace string, currentNamespaceClient kubernetes.Interface, certificateDir string, options *config.VirtualClusterConfig, kubeadmConfig *kubeadmapi.InitConfiguration, ) error
Types ¶
Source Files
Click to show internal directories.
Click to hide internal directories.