Documentation
¶
Index ¶
- Constants
- func Annotations(instance v1alpha1.TargetAllocator, configMap *v1.ConfigMap, ...) map[string]string
- func Build(params Params) ([]client.Object, error)
- func CACertificate(params Params) *cmv1.Certificate
- func CAIssuer(params Params) *cmv1.Issuer
- func ClientCertificate(params Params) *cmv1.Certificate
- func ConfigMap(params Params) (*corev1.ConfigMap, error)
- func Container(cfg config.Config, logger logr.Logger, instance v1alpha1.TargetAllocator) corev1.Container
- func Deployment(params Params) (*appsv1.Deployment, error)
- func NetworkPolicy(params Params) (*networkingv1.NetworkPolicy, error)
- func PodDisruptionBudget(params Params) (*policyV1.PodDisruptionBudget, error)
- func SelfSignedIssuer(params Params) *cmv1.Issuer
- func Service(params Params) *corev1.Service
- func ServiceAccount(params Params) *corev1.ServiceAccount
- func ServiceAccountName(instance v1alpha1.TargetAllocator) string
- func ServiceMonitor(params Params) *monitoringv1.ServiceMonitor
- func ServingCertificate(params Params) *cmv1.Certificate
- func Volumes(cfg config.Config, instance v1alpha1.TargetAllocator) []corev1.Volume
- type Params
Constants ¶
View Source
const ( // ClientCertDuration is the validity period for client and server certificates (90 days). // cert-manager defaults to renewing at 2/3 of the duration (~60 days), ensuring certificates // are refreshed well before expiration (we'll keep it at 90d explicitly). ClientCertDuration = time.Hour * 24 * 90 // CACertRenewBefore defines when the CA certificate should begin renewal (181 days before expiry). // Set to 2x ClientCertDuration + 1 day to ensure: // 1. CA renewal doesn't coincide with client/server renewal cycles (which occur every 60 days: day 60, 120, 180, 240, 300, 360, 420, 480, 540...). // 2. Without the +1 day offset, CA would renew at day 540 (when 180 days remain), colliding with the 9th client cert renewal. // 3. With +1 day, CA renews at day 539 (when 181 days remain), avoiding the race condition. // 4. The CA always has sufficient remaining validity (≥181 days) to safely issue 90-day client/server certificates. CACertRenewBefore = ClientCertDuration*2 + 24*time.Hour // CACertDuration is the validity period for the CA certificate (720 days = ~2 years). // Set to 8x ClientCertDuration to prevent renewal race conditions where client and server // certificates might be signed by different CA versions during simultaneous renewal. // This ensures the CA remains stable through multiple client/server certificate renewal cycles. CACertDuration = ClientCertDuration * 8 )
View Source
const (
ComponentOpenTelemetryTargetAllocator = "opentelemetry-targetallocator"
)
Variables ¶
This section is empty.
Functions ¶
func Annotations ¶
func Annotations(instance v1alpha1.TargetAllocator, configMap *v1.ConfigMap, filterAnnotations []string) map[string]string
Annotations returns the annotations for the TargetAllocator Pod.
func CACertificate ¶ added in v0.111.0
func CACertificate(params Params) *cmv1.Certificate
/ CACertificate returns a CA Certificate for the given instance.
func ClientCertificate ¶ added in v0.111.0
func ClientCertificate(params Params) *cmv1.Certificate
ClientCertificate returns a client Certificate for the given instance.
func Container ¶
func Container(cfg config.Config, logger logr.Logger, instance v1alpha1.TargetAllocator) corev1.Container
Container builds a container for the given TargetAllocator.
func Deployment ¶
func Deployment(params Params) (*appsv1.Deployment, error)
Deployment builds the deployment for the given instance.
func NetworkPolicy ¶ added in v0.132.0
func NetworkPolicy(params Params) (*networkingv1.NetworkPolicy, error)
func PodDisruptionBudget ¶ added in v0.91.0
func PodDisruptionBudget(params Params) (*policyV1.PodDisruptionBudget, error)
func SelfSignedIssuer ¶ added in v0.111.0
SelfSignedIssuer returns a self-signed issuer for the given instance.
func ServiceAccount ¶
func ServiceAccount(params Params) *corev1.ServiceAccount
ServiceAccount returns the service account for the given instance.
func ServiceAccountName ¶
func ServiceAccountName(instance v1alpha1.TargetAllocator) string
ServiceAccountName returns the name of the existing or self-provisioned service account to use for the given instance.
func ServiceMonitor ¶ added in v0.91.0
func ServiceMonitor(params Params) *monitoringv1.ServiceMonitor
ServiceMonitor returns the service monitor for the given instance.
func ServingCertificate ¶ added in v0.111.0
func ServingCertificate(params Params) *cmv1.Certificate
ServingCertificate returns a serving Certificate for the given instance.
Types ¶
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.