Documentation
¶
Overview ¶
Package etcd allows to create and manage etcd clusters.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Cluster ¶
type Cluster struct {
// Image allows to set Docker image with tag, which will be used by all members,
// if members has no image set. If empty, etcd image defined in pkg/defaults
// will be used.
//
// Example value: 'quay.io/coreos/etcd:v3.4.9'
//
// This field is optional.
Image string `json:"image,omitempty"`
// SSH stores common SSH configuration for all members and will be merged with members
// SSH configuration. If member has some SSH fields defined, they take precedence over
// this block.
//
// If you use same username or port for all members, it is recommended to have it defined
// here to avoid repetition in the configuration.
//
// This field is optional.
SSH *ssh.Config `json:"ssh,omitempty"`
// CACertificate should contain etcd CA X.509 certificate in PEM format. It will be added
// to members configuration if they don't have it defined.
//
// If empty, content will be pulled from PKI struct. The content can be also generated by the
// pki.PKI object.
//
// This field is optional.
CACertificate string `json:"caCertificate,omitempty"`
// PeerCertAllowedCN defines allowed CommonName of the client certificate
// for peer communication. Can be used when single client certificate is used
// for all members of the cluster.
//
// Is is used for --peer-cert-allowed-cn flag.
//
// Example value: 'member'.
//
// This field is optional.
PeerCertAllowedCN string `json:"peerCertAllowedCN,omitempty"`
// Members is a list of etcd member containers to create, where key defines the member name.
// Member name can be overwritten by setting Name field.
//
// If there is no state defined, this list must not be empty.
//
// If state is defined and list of members is empty, all created containers will be removed.
Members map[string]MemberConfig `json:"members,omitempty"`
// PKI field allows to use PKI resource for managing all etcd certificates. It will be used for
// members configuration, if they don't have certificates defined.
PKI *pki.PKI `json:"pki,omitempty"`
// State stores state of the created containers. After deployment, it is up to the user to export
// the state and restore it on consecutive runs.
State container.ContainersState `json:"state,omitempty"`
// ExtraMounts defines extra mounts from host filesystem, which should be added to member
// containers. It will be used unless member define it's own extra mounts.
ExtraMounts []containertypes.Mount `json:"extraMounts,omitempty"`
}
Cluster represents etcd cluster configuration and state from the user.
It implements types.ResourceConfig interface and via types.Resource interface allows to manage full lifecycle management of etcd cluster, including adding and removing members.
type Member ¶
type Member interface {
container.ResourceInstance
// contains filtered or unexported methods
}
Member represents functionality provided by validated MemberConfig.
type MemberConfig ¶ added in v0.6.0
type MemberConfig struct {
// Name defines the name of the etcd member. It is used for --name flag.
//
// Example values: etcd01, infra2, member3
//
// This field is optional if used with Cluster struct.
Name string `json:"name,omitempty"`
// Image is a Docker image with tag to use for member container.
//
// Example values: 'quay.io/coreos/etcd:v3.4.9'
//
// This field is optional if user together with Cluster struct.
Image string `json:"image,omitempty"`
// Host describes on which machine member container should be created.
//
// This field is required.
Host host.Host `json:"host,omitempty"`
// CACertificate is a etcd CA X.509 certificate used to verify peers and client
// certificates. It is used for --peer-trusted-ca-file and --trusted-ca-file flags.
//
// This certificate can be generated using pki.PKI struct.
//
// This field is optional, if used together with Cluster struct.
CACertificate string `json:"caCertificate,omitempty"`
// PeerCertificate is a X.509 certificate used to communicate with other cluster
// members. Should be signed by CACertificate. It is used for --peer-cert-file flag.
//
// This certificate can be generated using pki.PKI struct.
//
// This field is optional, if used together with Cluster struct and PKI integration.
PeerCertificate string `json:"peerCertificate,omitempty"`
// PeerKey is a private key for PeerCertificate. Must be defined in either
// PKCS8, PKCS1 or EC formats, PEM encoded. It is used for --peer-key-file flag.
//
// This private key can be generated using pki.PKI struct.
//
// This field is optional, if used together with Cluster struct and PKI integration.
PeerKey string `json:"peerKey,omitempty"`
// PeerAddress is an address, where member will listen and which will be
// advertised to the cluster. It is used for --listen-peer-urls and
// --initial-advertise-peer-urls flags.
//
// Example value: 192.168.10.10
PeerAddress string `json:"peerAddress,omitempty"`
// InitialCluster defines initial list of members for the cluster. It is used for
// --initial-cluster flag.
//
// Example value: 'infra0=http://10.0.1.10:2380,infra1=http://10.0.1.11:2380'.
//
// This field is optional, if used together with Cluster struct.
InitialCluster string `json:"initialCluster,omitempty"`
// PeerCertAllowedCN defines allowed CommonName of the client certificate
// for peer communication. Can be used when single client certificate is used
// for all members of the cluster.
//
// Is is used for --peer-cert-allowed-cn flag.
//
// Example value: 'member'.
//
// This field is optional.
PeerCertAllowedCN string `json:"peerCertAllowedCN,omitempty"`
// ServerCertificate is a X.509 certificate used to communicate with other cluster
// members. Should be signed by CACertificate. It is used for --peer-cert-file flag.
//
//
// This certificate can be generated using pki.PKI struct.
//
// This field is optional, if used together with Cluster struct and PKI integration.
ServerCertificate string `json:"serverCertificate,omitempty"`
// Serverkey is a private key for ServerCertificate. Must be defined in either
// PKCS8, PKCS1 or EC formats, PEM encoded. It is used for --peer-key-file flag.
//
// This private key can be generated using pki.PKI struct.
//
// This field is optional, if used together with Cluster struct and PKI integration.
ServerKey string `json:"serverKey,omitempty"`
// ServerAddress is an address, where member will listen and which will be
// advertised to the clients. It is used for --listen-client-urls and
// --advertise-client-urls flags.
//
// Example value: 192.168.10.10
ServerAddress string `json:"serverAddress,omitempty"`
// NewCluster controls if member should be created as part of new cluster or as part
// of already initialized cluster.
//
// If set to true, --initial-cluster-token flag will be used when creating the container,
// otherwise --initial-cluster-state=existing flag will be used.
//
// This field is optional, if used together with Cluster struct.
NewCluster bool `json:"newCluster,omitempty"`
// ExtraMounts defines extra mounts from host filesystem, which should be added to kubelet
// containers. It will be used unless kubelet instance define it's own extra mounts.
ExtraMounts []containertypes.Mount `json:"extraMounts,omitempty"`
}
MemberConfig represents single etcd member.
func (*MemberConfig) New ¶ added in v0.6.0
func (m *MemberConfig) New() (Member, error)
New validates MemberConfig and returns Member interface.
func (*MemberConfig) Validate ¶ added in v0.6.0
func (m *MemberConfig) Validate() error
Validate validates etcd member configuration.
Source Files
Click to show internal directories.
Click to hide internal directories.