Documentation
¶
Index ¶
- Constants
- Variables
- func IsValidSecurityListManagementMode(mode string) bool
- func NewConfigurationProvider(cfg *Config) (common.ConfigurationProvider, error)
- func ValidateConfig(c *Config) field.ErrorList
- type AuthConfig
- type Config
- type InitialTags
- type LoadBalancerConfig
- type MetricsConfig
- type RateLimiterConfig
- type TagConfig
Constants ¶
const ( // ManagementModeAll denotes the management of security list rules for load // balancer ingress/egress, health checkers, and worker ingress/egress. ManagementModeAll = "All" // ManagementModeFrontend denotes the management of security list rules for load // balancer ingress only. ManagementModeFrontend = "Frontend" // ManagementModeNone denotes the management of no security list rules. ManagementModeNone = "None" )
Variables ¶
var SecurityListManagementModeChoices = []string{ManagementModeAll, ManagementModeFrontend, ManagementModeNone}
SecurityListManagementModeChoices are the supported security list management modes.
Functions ¶
func IsValidSecurityListManagementMode ¶
IsValidSecurityListManagementMode checks if a given security list management mode is valid.
func NewConfigurationProvider ¶
func NewConfigurationProvider(cfg *Config) (common.ConfigurationProvider, error)
NewConfigurationProvider takes a cloud provider config file and returns an OCI ConfigurationProvider to be consumed by the OCI SDK.
func ValidateConfig ¶
ValidateConfig validates the OCI Cloud Provider config file.
Types ¶
type AuthConfig ¶
type AuthConfig struct {
Region string `yaml:"region"`
TenancyID string `yaml:"tenancy"`
UserID string `yaml:"user"`
PrivateKey string `yaml:"key"`
Fingerprint string `yaml:"fingerprint"`
Passphrase string `yaml:"passphrase"`
// Used by the flex driver for OCID expansion. This should be moved to top level
// as it doesn't strictly relate to OCI authentication.
RegionKey string `yaml:"regionKey"`
// UseInstancePrincipals is DEPRECATED should use top-level UseInstancePrincipals
UseInstancePrincipals bool `yaml:"useInstancePrincipals"`
// CompartmentID is DEPRECATED and should be set on the top level Config
// struct.
CompartmentID string `yaml:"compartment"`
// PrivateKeyPassphrase is DEPRECATED in favour of Passphrase.
PrivateKeyPassphrase string `yaml:"key_passphrase"`
// contains filtered or unexported fields
}
AuthConfig holds the configuration required for communicating with the OCI API.
func (*AuthConfig) Complete ¶
func (c *AuthConfig) Complete()
Complete the authentication config applying defaults / overrides.
type Config ¶
type Config struct {
Auth AuthConfig `yaml:"auth"`
LoadBalancer *LoadBalancerConfig `yaml:"loadBalancer"`
RateLimiter *RateLimiterConfig `yaml:"rateLimiter"`
// Metrics collection is enabled when this configuration is provided
Metrics *MetricsConfig `yaml:"metrics"`
// Tags to be added to managed LB and BV
Tags *InitialTags `yaml:"tags"`
RegionKey string `yaml:"regionKey"`
// When set to true, clients will use an instance principal configuration provider and ignore auth fields.
UseInstancePrincipals bool `yaml:"useInstancePrincipals"`
// CompartmentID is the OCID of the Compartment within which the cluster
// resides.
CompartmentID string `yaml:"compartment"`
// VCNID is the OCID of the Virtual Cloud Network (VCN) within which the
// cluster resides.
VCNID string `yaml:"vcn"`
// contains filtered or unexported fields
}
Config holds the OCI cloud-provider config passed to Kubernetes components via the --cloud-config option.
func ReadConfig ¶
ReadConfig consumes the config Reader and constructs a Config object.
type InitialTags ¶
type InitialTags struct {
LoadBalancer *TagConfig `yaml:"loadBalancer"`
BlockVolume *TagConfig `yaml:"blockVolume"`
FSS *TagConfig `yaml:"fss"`
}
InitialTags are optional tags to apply to all LBs, BVs, File systems, Mount Targets and Exports provisioned in the cluster
type LoadBalancerConfig ¶
type LoadBalancerConfig struct {
// Disabled disables the creation of a load balancer.
Disabled bool `yaml:"disabled"`
// DisableSecurityListManagement disables the automatic creation of ingress
// rules for the node subnets and egress rules for the load balancers to the node subnets.
//
// If security list management is disabled, then it requires that the user
// has setup a rule that allows inbound traffic to the appropriate ports
// for kube proxy health port, node port ranges, and health check port ranges.
// E.g. 10.82.0.0/16 30000-32000
DisableSecurityListManagement bool `yaml:"disableSecurityListManagement"`
// SecurityListManagementMode defines how the CCM manages security lists
// when provisioning load balancers. Available modes are All, Frontend,
// and None.
SecurityListManagementMode string `yaml:"securityListManagementMode"`
Subnet1 string `yaml:"subnet1"`
Subnet2 string `yaml:"subnet2"`
// SecurityLists defines the Security List to mutate for each Subnet (
// both load balancer and worker).
SecurityLists map[string]string `yaml:"securityLists"`
}
LoadBalancerConfig holds the configuration options for OCI load balancers.
func (*LoadBalancerConfig) Complete ¶
func (c *LoadBalancerConfig) Complete()
Complete the load balancer config applying defaults / overrides.
type MetricsConfig ¶
type MetricsConfig struct {
CompartmentID string `yaml:"compartmentID"`
Namespace string `yaml:"namespace"`
ResourceGroup string `yaml:"resourceGroup"`
// +optional
// This prefix is added to all the metric names
Prefix string `yaml:"prefix"`
}
MetricsConfig holds the configuration for collection metrics which are pushed to OCI Monitoring. More details present at https://docs.cloud.oracle.com/en-us/iaas/Content/Monitoring/Tasks/publishingcustommetrics.htm
type RateLimiterConfig ¶
type RateLimiterConfig struct {
RateLimitQPSRead float32 `yaml:"rateLimitQPSRead"`
RateLimitBucketRead int `yaml:"rateLimitBucketRead"` //Read?
RateLimitQPSWrite float32 `yaml:"rateLimitQPSWrite"`
RateLimitBucketWrite int `yaml:"rateLimitBucketWrite"`
DisableRateLimiter bool `yaml:"disableRateLimiter"`
}
RateLimiterConfig holds the configuration options for OCI rate limiting.
Source Files