install

package
v1.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 28, 2018 License: Apache-2.0 Imports: 28 Imported by: 2

Documentation

Overview

Package install provides the functionality for installing a Kismatic cluster.

Index

Constants

This section is empty.

Variables

View Source 
var KismaticVersion semver.Version

KismaticVersion contains the version information of the currently running binary

Functions

func DetectNodeUpgradeSafety added in v1.3.0 

func DetectNodeUpgradeSafety(plan Plan, node Node, kubeClient upgradeKubeInfoClient) []error

DetectNodeUpgradeSafety determines whether it's safe to upgrade a specific node listed in the plan file. If any condition that could result in data or availability loss is detected, the upgrade is deemed unsafe, and the conditions are returned as errors.

func GenerateDashboardAdminKubeconfig added in v1.7.0 

func GenerateDashboardAdminKubeconfig(token string, p *Plan, generatedAssetsDir string, file string) error

func GenerateKubeconfig 

func GenerateKubeconfig(p *Plan, generatedAssetsDir string) error

GenerateKubeconfig generate a kubeconfig file for a specific user

func IsLessThanVersion added in v1.3.1 

func IsLessThanVersion(this semver.Version, that string) bool

IsLessThanVersion parses the version from a string and returns true if this version is less than that version

func IsOlderVersion added in v1.3.0 

func IsOlderVersion(that semver.Version) bool

IsOlderVersion returns true if the provided version is older than the current Kismatic version

func RegenerateKubeconfig added in v1.4.0 

func RegenerateKubeconfig(p *Plan, generatedAssetsDir string) (bool, error)

RegenerateKubeconfig backs up the old kubeconfig file if it exists. Returns true if the new kubeconfig file is different than the previous one. Otherwise returns false.

func SetVersion added in v1.3.0 

func SetVersion(v string)

SetVersion parses the given version, and sets it as the global version of the binary

func ValidateCertificates added in v1.2.0 

func ValidateCertificates(p *Plan, pki *LocalPKI) (bool, []error)

ValidateCertificates checks if certificates exist and are valid

func ValidateNode 

func ValidateNode(node *Node) (bool, []error)

ValidateNode runs validation against the given node.

func ValidateNodes added in v1.6.0 

func ValidateNodes(nodes []Node) (bool, []error)

ValidateNodes runs validation against the given node. Validates if the details of the nodes are unique.

func ValidatePlan 

func ValidatePlan(p *Plan) (bool, []error)

ValidatePlan runs validation against the installation plan to ensure that the plan contains valid user input. Returns true, nil if the validation is successful. Otherwise, returns false and a collection of validation errors.

func ValidatePlanSSHConnections added in v1.2.0 

func ValidatePlanSSHConnections(p *Plan) (bool, []error)

ValidatePlanSSHConnections tries to establish SSH connections to all nodes in the cluster

func ValidateSSHConnection added in v1.1.0 

func ValidateSSHConnection(con *SSHConnection, prefix string) (bool, []error)

ValidateSSHConnection tries to establish SSH connection with the details provieded for a single node

func ValidateStorageVolume added in v1.2.0 

func ValidateStorageVolume(sv StorageVolume) (bool, []error)

ValidateStorageVolume validates the storage volume attributes

func VersionOverrides added in v1.8.0 

func VersionOverrides() map[string]string

VersionOverrides returns a map of all image names and their versions that can be modified by the user

func WritePlanTemplate 

func WritePlanTemplate(planTemplateOpts PlanTemplateOptions, w PlanReadWriter) error

WritePlanTemplate writes an installation plan with pre-filled defaults.

Types

type APIServerOptions added in v1.4.0 

type APIServerOptions struct {
	// Listing of option overrides that are to be applied to the Kubernetes
	// API server configuration. This is an advanced feature that can prevent
	// the API server from starting up if invalid configuration is provided.
	Overrides map[string]string `yaml:"option_overrides"`
}

type AddOns added in v1.4.0 

type AddOns struct {
	// The Container Networking Interface (CNI) add-on configuration.
	CNI *CNI `yaml:"cni"`
	// The DNS add-on configuration.
	DNS DNS `yaml:"dns"`
	// The Heapster Monitoring add-on configuration.
	HeapsterMonitoring *HeapsterMonitoring `yaml:"heapster"`
	// Metrics Server add-on configuration.
	// A cluster-wide aggregator of resource usage data.
	// Required for Horizontal Pod Autoscaler to function properly.
	MetricsServer MetricsServer `yaml:"metrics_server"`
	// The Dashboard add-on configuration.
	Dashboard Dashboard `yaml:"dashboard"`
	// The PackageManager add-on configuration.
	PackageManager PackageManager `yaml:"package_manager"`
	// The Rescheduler add-on configuration.
	// Because the Rescheduler does not have leader election and therefore can only run as a single instance in a cluster, it will be deployed as a static pod on the first master.
	// More information about the Rescheduler can be found here: https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/
	Rescheduler Rescheduler `yaml:"rescheduler"`
}

AddOns are components that are deployed on the cluster that KET considers necessary for producing a production cluster.

type AdditionalFile added in v1.9.2 

type AdditionalFile struct {
	// Hostname or role where additional files or directories will be copied.
	// +required
	Hosts []string
	// Path to the file or directory on local machine.
	// Must be an absolute path.
	// +required
	Source string
	// Path to the file or directory on remote machine, where file will be copied.
	// Must be an absolute path.
	// +required
	Destination string
	// Set to true if validation will be run before the file exists on the local machine.
	// Useful for files generated at install time, ie. assets in generated/ directory.
	SkipValidation bool `yaml:"skip_validation"`
}

AdditionalFile is a file or directory to copy to remote host(s) from the local host

type CNI added in v1.5.0 

type CNI struct {
	// Whether the CNI add-on is disabled. When set to true,
	// CNI will not be installed on the cluster. Furthermore, the smoke test and
	// any validation that depends on a functional pod network will be skipped.
	// +default=false
	Disable bool
	// The CNI provider that should be installed on the cluster.
	// +default=calico
	// +options=calico,weave,contiv,custom
	Provider string
	// The CNI options that can be configured for each CNI provider.
	Options CNIOptions `yaml:"options"`
}

CNI add-on configuration

type CNIOptions added in v1.5.0 

type CNIOptions struct {
	// The options that can be configured for the Portmap CNI provider.
	Portmap PortmapOptions
	// The options that can be configured for the Calico CNI provider.
	Calico CalicoOptions
	// The options that can be configured for the Weave CNI provider.
	Weave WeaveOptions
}

CNIOptions that can be configured for each CNI provider.

type CalicoOptions added in v1.5.0 

type CalicoOptions struct {
	// The datapath technique that should be configured in Calico.
	// +default=overlay
	// +options=overlay,routed
	Mode string
	// The logging level for the CNI plugin
	// +default=info
	// +options=warning,info,debug
	LogLevel string `yaml:"log_level"`
	// MTU for the workload interface, configures the CNI config.
	// +default=1500
	WorkloadMTU int `yaml:"workload_mtu"`
	// MTU for the tunnel device used if IPIP is enabled.
	// +default=1440
	FelixInputMTU int `yaml:"felix_input_mtu"`
	// IPAutodetectionMethod is used to detect the IPv4 address of the host.
	// The value gets set in IP_AUTODETECTION_METHOD variable in the pod.
	// +default=first-found
	IPAutodetectionMethod string `yaml:"ip_autodetection_method"`
}

The CalicoOptions that can be configured for the Calico CNI provider.

type CertsConfig 

type CertsConfig struct {
	// The length of time that the generated certificates should be valid for.
	// For example: "17520h" for 2 years.
	// +required
	Expiry string
	// The length of time that the generated Certificate Authority should be valid for.
	// For example: "17520h" for 2 years.
	// +required.
	CAExpiry string `yaml:"ca_expiry"`
	// Comma-separated list of Subject Alternative Names (SANs) to use for the API Server serving certificate.
	// Can be both IP addresses and DNS names.
	APIServerCertExtraSANs string `yaml:"apiserver_cert_extra_sans"`
}

CertsConfig describes the cluster's trust and certificate configuration

type CloudProvider added in v1.6.0 

type CloudProvider struct {
	// The cloud provider that should be set in the Kubernetes components
	// +options=aws,azure,cloudstack,fake,gce,mesos,openstack,ovirt,photon,rackspace,vsphere
	Provider string
	// Path to the cloud provider config file. This will be copied to all the machines in the cluster
	Config string
}

CloudProvider controls the Kubernetes cloud providers feature

type Cluster 

type Cluster struct {
	// Name of the cluster to be used when generating assets that require a
	// cluster name, such as kubeconfig files and certificates.
	// +required
	Name string
	// The Kubernetes version to install.
	// If left blank will be set to the latest tested version.
	// Only a single Minor version is supported with.
	// +default=v1.10.5
	Version string
	// The password for the admin user.
	// If provided, ABAC will be enabled in the cluster.
	// This field will be removed completely in a future release.
	// +deprecated
	AdminPassword string `yaml:"admin_password,omitempty"`
	// Whether KET should install the packages on the cluster nodes.
	// When true, KET will not install the required packages.
	// Instead, it will verify that the packages have been installed by the operator.
	DisablePackageInstallation bool `yaml:"disable_package_installation"`
	// Whether KET should install the packages on the cluster nodes.
	// Use DisablePackageInstallation instead.
	// +deprecated
	AllowPackageInstallation *bool `yaml:"allow_package_installation,omitempty"`
	// Whether the cluster nodes are disconnected from the internet.
	// When set to `true`, internal package repositories and a container image
	// registry are required for installation.
	// +default=false
	DisconnectedInstallation bool `yaml:"disconnected_installation"`
	// The Networking configuration for the cluster.
	Networking NetworkConfig
	// The Certificates configuration for the cluster.
	Certificates CertsConfig
	// The SSH configuration for the cluster nodes.
	SSH SSHConfig
	// Kubernetes API Server configuration.
	APIServerOptions APIServerOptions `yaml:"kube_apiserver"`
	// Kubernetes Controller Manager configuration.
	KubeControllerManagerOptions KubeControllerManagerOptions `yaml:"kube_controller_manager"`
	// Kubernetes Scheduler configuration.
	KubeSchedulerOptions KubeSchedulerOptions `yaml:"kube_scheduler"`
	// Kubernetes Proxy configuration.
	KubeProxyOptions KubeProxyOptions `yaml:"kube_proxy"`
	// Kubelet configuration applied to all nodes.
	KubeletOptions KubeletOptions `yaml:"kubelet"`
	// The CloudProvider configuration for the cluster.
	CloudProvider CloudProvider `yaml:"cloud_provider"`
}

Cluster describes a Kubernetes cluster

type ClusterVersion added in v1.3.0 

type ClusterVersion struct {
	EarliestVersion semver.Version
	LatestVersion   semver.Version
	IsTransitioning bool
	Nodes           []ListableNode
}

ClusterVersion contains version information about the cluster

func ListVersions added in v1.3.0 

func ListVersions(plan *Plan) (ClusterVersion, error)

ListVersions connects to the cluster described in the plan file and gathers version information about it.

type ComponentVersions added in v1.8.0 

type ComponentVersions struct {
	Kubernetes string
}

type ConfigOptions 

type ConfigOptions struct {
	CA      string
	Server  string
	Cluster string
	User    string
	Context string
	Cert    string
	Key     string
	Token   string
}

ConfigOptions sds

type DNS added in v1.5.0 

type DNS struct {
	// Whether the DNS add-on should be disabled.
	// When set to true, no DNS solution will be deployed on the cluster.
	Disable bool
	// This property indicates the in-cluster DNS provider.
	// +required
	// +options=kubedns,coredns
	// +default=kubedns
	Provider string
	// The options that can be configured for the cluster DNS add-on
	Options DNSOptions
}

The DNS add-on configuration

type DNSOptions added in v1.9.2 

type DNSOptions struct {
	// Number of cluster DNS replicas that should be scheduled on the cluster.
	// +default=2
	Replicas int
}

type Dashboard added in v1.5.0 

type Dashboard struct {
	// Whether the dashboard add-on should be disabled.
	// When set to true, the Kubernetes Dashboard will not be installed on the cluster.
	// +default=false
	Disable bool
	// The options that can be configured for the Dashboard add-on
	Options DashboardOptions
}

Dashboard add-on configuration

type DashboardOptions added in v1.10.0 

type DashboardOptions struct {
	// Kubernetes service type of the Dashboard service.
	// +default=ClusterIP
	// +options=ClusterIP,NodePort,LoadBalancer,ExternalName
	ServiceType string `yaml:"service_type"`
	// When using NodePort set the port to use.
	// When left empty Kubernetes will allocate a random port.
	// +default=”
	NodePort string `yaml:"node_port"`
}

The DashboardOptions for the Dashboard addon

type DeprecatedPackageManager added in v1.4.0 

type DeprecatedPackageManager struct {
	// Whether the package manager add-on should be enabled.
	// +deprecated
	Enabled bool
}

type DiagnosticsExecutor added in v1.3.0 

type DiagnosticsExecutor interface {
	DiagnoseNodes(plan Plan) error
}

DiagnosticsExecutor will run diagnostics on the nodes after an install

func NewDiagnosticsExecutor added in v1.3.0 

func NewDiagnosticsExecutor(stdout io.Writer, errOut io.Writer, options ExecutorOptions) (DiagnosticsExecutor, error)

NewDiagnosticsExecutor returns an executor for running preflight

type DirectLVMBlockDevice added in v1.8.0 

type DirectLVMBlockDevice struct {
	// The path to the block device.
	Path string
	// The percentage of space to use for storage from the passed in block device.
	// +default=95
	ThinpoolPercent string `yaml:"thinpool_percent"`
	// The percentage of space to for metadata storage from the passed in block device.
	// +default=1
	ThinpoolMetaPercent string `yaml:"thinpool_metapercent"`
	// The threshold for when lvm should automatically extend the thin pool as a percentage of the total storage space.
	// +default=80
	ThinpoolAutoextendThreshold string `yaml:"thinpool_autoextend_threshold"`
	// The percentage to increase the thin pool by when an autoextend is triggered.
	// +default=20
	ThinpoolAutoextendPercent string `yaml:"thinpool_autoextend_percent"`
}

type Docker added in v1.3.1 

type Docker struct {
	// Set to true to disable the installation of docker container runtime on the nodes.
	// The installer will validate that docker is installed and running prior to proceeding.
	// Use this option if a different version of docker from the included one is required.
	Disable bool
	// Log configuration for the docker engine.
	Logs DockerLogs
	// Storage configuration for the docker engine.
	Storage DockerStorage
}

Docker includes the configuration for the docker installation owned by KET.

type DockerLogs added in v1.7.0 

type DockerLogs struct {
	// Docker logging driver, more details https://docs.docker.com/engine/admin/logging/overview/.
	// +default=json-file
	Driver string
	// Driver specific options.
	Opts map[string]string
}

DockerLogs includes the log-specific configuration for docker.

type DockerRegistry 

type DockerRegistry struct {
	// The hostname or IP address and port of a private container image registry.
	// Do not include http or https.
	// When performing a disconnected installation, this registry will be used
	// to fetch all the required container images.
	Server string
	// The hostname or IP address of a private container image registry.
	// When performing a disconnected installation, this registry will be used
	// to fetch all the required container images.
	// +deprecated
	Address string `yaml:"address,omitempty"`
	// The port on which the private container image registry is listening on.
	// +deprecated
	Port int `yaml:"port,omitempty"`
	// The absolute path of the Certificate Authority that should be installed on
	// all cluster nodes that have a docker daemon.
	// This is required to establish trust between the daemons and the private
	// registry when the registry is using a self-signed certificate.
	CAPath string `yaml:"CA"`
	// The username that should be used when connecting to a registry that has authentication enabled.
	// Otherwise leave blank for unauthenticated access.
	Username string
	// The password that should be used when connecting to a registry that has authentication enabled.
	// Otherwise leave blank for unauthenticated access.
	Password string
}

DockerRegistry details for docker registry, either confgiured by the cli or customer provided

type DockerStorage added in v1.3.1 

type DockerStorage struct {
	// Docker storage driver, more details https://docs.docker.com/engine/userguide/storagedriver/.
	// Leave empty to have docker automatically select the driver.
	// +default='empty'
	Driver string
	// Driver specific options
	Opts map[string]string
	// DirectLVMBlockDevice is the configuration required for setting up Device Mapper storage driver in direct-lvm mode.
	// Refer to https://docs.docker.com/v17.03/engine/userguide/storagedriver/device-mapper-driver/#manage-devicemapper docs.
	DirectLVMBlockDevice DirectLVMBlockDevice `yaml:"direct_lvm_block_device"`
	// DirectLVM is the configuration required for setting up device mapper in direct-lvm mode.
	// +deprecated
	DirectLVM *DockerStorageDirectLVMDeprecated `yaml:"direct_lvm,omitempty"`
}

DockerStorage includes the storage-specific configuration for docker.

type DockerStorageDirectLVMDeprecated added in v1.8.0 

type DockerStorageDirectLVMDeprecated struct {
	// Whether the direct_lvm mode of the devicemapper storage driver should be enabled.
	// When set to true, a dedicated block storage device must be available on each cluster node.
	// +default=false
	Enabled bool
	// The path to the block storage device that will be used by the devicemapper storage driver.
	BlockDevice string `yaml:"block_device"`
	// Whether deferred deletion should be enabled when using devicemapper in direct_lvm mode.
	// +default=false
	EnableDeferredDeletion bool `yaml:"enable_deferred_deletion"`
}

DockerStorageDirectLVMDeprecated includes the configuration required for setting up device mapper in direct-lvm mode.

type Executor 

type Executor interface {
	PreFlightExecutor
	Install(plan *Plan, restartServices bool, nodes ...string) error
	Reset(plan *Plan, nodes ...string) error
	GenerateCertificates(p *Plan, useExistingCA bool) error
	RunSmokeTest(*Plan) error
	AddNode(plan *Plan, node Node, roles []string, restartServices bool) (*Plan, error)
	RunPlay(name string, plan *Plan, restartServices bool, nodes ...string) error
	AddVolume(*Plan, StorageVolume) error
	DeleteVolume(*Plan, string) error
	UpgradeNodes(plan Plan, nodesToUpgrade []ListableNode, onlineUpgrade bool, maxParallelWorkers int, restartServices bool) error
	ValidateControlPlane(plan Plan) error
	UpgradeClusterServices(plan Plan) error
}

The Executor will carry out the installation plan

func NewExecutor 

func NewExecutor(stdout io.Writer, errOut io.Writer, options ExecutorOptions) (Executor, error)

NewExecutor returns an executor for performing installations according to the installation plan.

type ExecutorOptions 

type ExecutorOptions struct {
	// GeneratedAssetsDirectory is the location where generated assets
	// are to be stored
	GeneratedAssetsDirectory string
	// OutputFormat sets the format of the executor
	OutputFormat string
	// Verbose output from the executor
	Verbose bool
	// RunsDirectory is where information about installation runs is kept
	RunsDirectory string
	// DiagnosticsDirecty is where the doDiagnostics information about the cluster will be dumped
	DiagnosticsDirecty string
	// DryRun determines if the executor should actually run the task
	DryRun bool
}

ExecutorOptions are used to configure the executor

type Features added in v1.3.3 

type Features struct {
	// The PackageManager feature configuration.
	// +deprecated
	PackageManager *DeprecatedPackageManager `yaml:"package_manager,omitempty"`
}

Features configuration +deprecated

type FilePlanner 

type FilePlanner struct {
	File string
}

FilePlanner is a file-based installation planner

func (*FilePlanner) PlanExists 

func (fp *FilePlanner) PlanExists() bool

PlanExists return true if the plan exists on the file system

func (*FilePlanner) Read 

func (fp *FilePlanner) Read() (*Plan, error)

Read the plan from the file system

func (*FilePlanner) Write 

func (fp *FilePlanner) Write(p *Plan) error

Write the plan to the file system

type Heapster added in v1.5.0 

type Heapster struct {
	// Number of Heapster replicas that should be scheduled on the cluster.
	// +default=2
	Replicas int `yaml:"replicas"`
	// Kubernetes service type of the Heapster service.
	// +default=ClusterIP
	// +options=ClusterIP,NodePort,LoadBalancer,ExternalName
	ServiceType string `yaml:"service_type"`
	// URL of the backend store that will be used as the Heapster sink.
	// +default=influxdb:http://heapster-influxdb.kube-system.svc:8086
	Sink string `yaml:"sink"`
}

Heapster configuration options for the Heapster add-on

type HeapsterMonitoring added in v1.4.0 

type HeapsterMonitoring struct {
	// Whether the Heapster add-on should be disabled.
	// When set to true, Heapster and InfluxDB will not be deployed on the cluster.
	// +default=false
	Disable bool
	// The options that can be configured for the Heapster add-on
	Options HeapsterOptions `yaml:"options"`
}

The HeapsterMonitoring add-on configuration

type HeapsterOptions added in v1.4.0 

type HeapsterOptions struct {
	// The Heapster configuration options.
	Heapster Heapster `yaml:"heapster"`
	// The InfluxDB configuration options.
	InfluxDB InfluxDB `yaml:"influxdb"`
	// Number of Heapster replicas that should be scheduled on the cluster.
	// +deprecated
	HeapsterReplicas int `yaml:"heapster_replicas,omitempty"`
	// Name of the Persistent Volume Claim that will be used by InfluxDB.
	// When set, this PVC must be created after the installation.
	// If not set, InfluxDB will be configured with ephemeral storage.
	// +deprecated
	InfluxDBPVCName string `yaml:"influxdb_pvc_name,omitempty"`
}

The HeapsterOptions for the HeapsterMonitoring add-on

type HelmOptions added in v1.8.0 

type HelmOptions struct {
	// Namespace to deploy tiller
	// +default=kube-system
	Namespace string
}

HelmOptions for the helm PackageManager add-on

type InfluxDB added in v1.5.0 

type InfluxDB struct {
	// Name of the Persistent Volume Claim that will be used by InfluxDB.
	// This PVC must be created after the installation.
	// If not set, InfluxDB will be configured with ephemeral storage.
	PVCName string `yaml:"pvc_name"`
}

InfluxDB configuration options for the Heapster add-on

type KubeControllerManagerOptions added in v1.6.0 

type KubeControllerManagerOptions struct {
	// Listing of option overrides that are to be applied to the Kubernetes
	// Controller Manager configuration. This is an advanced feature that can prevent
	// the Controller Manager from starting up if invalid configuration is provided.
	Overrides map[string]string `yaml:"option_overrides"`
}

type KubeProxyOptions added in v1.6.0 

type KubeProxyOptions struct {
	// Listing of option overrides that are to be applied to the Kubernetes
	// Proxy configuration. This is an advanced feature that can prevent
	// the Proxy from starting up if invalid configuration is provided.
	Overrides map[string]string `yaml:"option_overrides"`
}

type KubeSchedulerOptions added in v1.6.0 

type KubeSchedulerOptions struct {
	// Listing of option overrides that are to be applied to the Kubernetes
	// Scheduler configuration. This is an advanced feature that can prevent
	// the Scheduler from starting up if invalid configuration is provided.
	Overrides map[string]string `yaml:"option_overrides"`
}

type KubeletOptions added in v1.6.0 

type KubeletOptions struct {
	// Listing of option overrides that are to be applied to the Kubelet configurations.
	// This is an advanced feature that can prevent the Kubelet from starting up if invalid configuration is provided.
	Overrides map[string]string `yaml:"option_overrides"`
}

type ListableNode added in v1.3.0 

type ListableNode struct {
	Node              Node
	Roles             []string
	Version           semver.Version
	ComponentVersions ComponentVersions
}

ListableNode contains version and role information about a given node

func NodesWithRoles added in v1.3.0 

func NodesWithRoles(nodes []ListableNode, roles ...string) []ListableNode

NodesWithRoles returns a filtered list of ListableNode slice based on the node's roles

type LocalPKI 

type LocalPKI struct {
	CACsr                   string
	GeneratedCertsDirectory string
	Log                     io.Writer
}

LocalPKI is a file-based PKI

func (*LocalPKI) CertificateAuthorityExists 

func (lp *LocalPKI) CertificateAuthorityExists() (bool, error)

CertificateAuthorityExists returns true if the CA for the cluster exists

func (*LocalPKI) GenerateCertificate added in v1.5.0 

func (lp *LocalPKI) GenerateCertificate(name string, validityPeriod string, commonName string, subjectAlternateNames []string, organizations []string, ca *tls.CA, overwrite bool) (bool, error)

GenerateCertificate creates a private key and certificate for the given name, CN, subjectAlternateNames and organizations If cert exists, will not fail Pass overwrite to replace an existing cert

func (*LocalPKI) GenerateClusterCA 

func (lp *LocalPKI) GenerateClusterCA(p *Plan) (*tls.CA, error)

GenerateClusterCA creates a Certificate Authority for the cluster

func (*LocalPKI) GenerateClusterCertificates 

func (lp *LocalPKI) GenerateClusterCertificates(p *Plan, clusterCA *tls.CA, proxyClientCA *tls.CA) error

GenerateClusterCertificates creates all certificates required for the cluster described in the plan file.

func (*LocalPKI) GenerateNodeCertificate 

func (lp *LocalPKI) GenerateNodeCertificate(plan *Plan, node Node, ca *tls.CA) error

GenerateNodeCertificate creates a private key and certificate for the given node

func (*LocalPKI) GenerateProxyClientCA added in v1.9.0 

func (lp *LocalPKI) GenerateProxyClientCA(p *Plan) (*tls.CA, error)

GenerateProxyClientCA creates a Certificate Authority for the cluster

func (*LocalPKI) GetClusterCA 

func (lp *LocalPKI) GetClusterCA() (*tls.CA, error)

GetClusterCA returns the cluster CA

func (*LocalPKI) GetProxyClientCA added in v1.9.0 

func (lp *LocalPKI) GetProxyClientCA() (*tls.CA, error)

GetProxyClientCA returns the cluster CA

func (*LocalPKI) NodeCertificateExists 

func (lp *LocalPKI) NodeCertificateExists(node Node) (bool, error)

NodeCertificateExists returns true if the node's key and certificate exist

func (*LocalPKI) ValidateClusterCertificates added in v1.2.0 

func (lp *LocalPKI) ValidateClusterCertificates(p *Plan) (warns []error, errs []error)

ValidateClusterCertificates validates any certificates that already exist in the expected directory.

type MasterNodeGroup 

type MasterNodeGroup struct {
	// The IP or DNS and Port of the load balancer that is fronting multiple master nodes.
	// In the case where there no load balancer this can be set to the IP address of the master node with port '6443'.
	// +required
	LoadBalancer string `yaml:"load_balancer"`
	// Number of master nodes that are part of the cluster.
	// +required
	ExpectedCount int `yaml:"expected_count"`
	// The FQDN of the load balancer that is fronting multiple master nodes.
	// In the case where there is only one master node, this can be set to the IP address of the master node.
	// +deprecated
	LoadBalancedFQDN *string `yaml:"load_balanced_fqdn,omitempty"`
	// The short name of the load balancer that is fronting multiple master nodes.
	// In the case where there is only one master node, this can be set to the IP address of the master nodes.
	// +deprecated
	LoadBalancedShortName *string `yaml:"load_balanced_short_name,omitempty"`
	// List of master nodes that are part of the cluster.
	// +required
	Nodes []Node
}

MasterNodeGroup is the collection of master nodes

type MetricsServer added in v1.9.0 

type MetricsServer struct {
	// Whether the metrics-server add-on should be disabled.
	// When set to true, metrics-server will not be deployed on the cluster.
	// +default=false
	Disable bool
}

The MetricsServer add-on configuration.

type NFS added in v1.2.0 

type NFS struct {
	// List of NFS volumes that should be attached to the cluster during
	// the installation.
	Volumes []NFSVolume `yaml:"nfs_volume"`
}

type NFSVolume added in v1.2.0 

type NFSVolume struct {
	// The hostname or IP of the NFS volume.
	// +required
	Host string `yaml:"nfs_host"`
	// The path where the NFS volume should be mounted.
	// +required
	Path string `yaml:"mount_path"`
}

type NetworkConfig 

type NetworkConfig struct {
	// The datapath technique that should be configured in Calico.
	// +default=overlay
	// +options=overlay,routed
	// +deprecated
	Type string `yaml:"type,omitempty"`
	// The pod network's CIDR block. For example: `172.16.0.0/16`
	// +required
	PodCIDRBlock string `yaml:"pod_cidr_block"`
	// The Kubernetes service network's CIDR block. For example: `172.20.0.0/16`
	// +required
	ServiceCIDRBlock string `yaml:"service_cidr_block"`
	// Whether the /etc/hosts file should be updated on the cluster nodes.
	// When set to true, KET will update the hosts file on all nodes to include
	// entries for all other nodes in the cluster.
	// +default=false
	UpdateHostsFiles bool `yaml:"update_hosts_files"`
	// The URL of the proxy that should be used for HTTP connections.
	HTTPProxy string `yaml:"http_proxy"`
	// The URL of the proxy that should be used for HTTPS connections.
	HTTPSProxy string `yaml:"https_proxy"`
	// Comma-separated list of host names and/or IPs for which connections
	// should not go through a proxy.
	// All nodes' 'host' and 'IPs' are always set.
	NoProxy string `yaml:"no_proxy"`
}

NetworkConfig describes the cluster's networking configuration

type Node 

type Node struct {
	// The hostname of the node. The hostname is verified
	// in the validation phase of the installation.
	// +required
	Host string
	// The IP address of the node. This is the IP address that will be used to
	// connect to the node over SSH.
	// +required
	IP string
	// The internal (or private) IP address of the node.
	// If set, this IP will be used when configuring cluster components.
	InternalIP string
	// Labels to add when installing the node in the cluster.
	// If a node is defined under multiple roles, the labels for that node will be merged.
	// If a label is repeated for the same node,
	// only one will be used in this order: etcd,master,worker,ingress,storage roles where 'storage' has the highest precedence.
	// It is recommended to use reverse-DNS notation to avoid collision with other labels.
	Labels map[string]string
	// Taints to add when installing the node in the cluster.
	// If a node is defined under multiple roles, the taints for that node will be merged.
	// If a taint is repeated for the same node,
	// only one will be used in this order: etcd,master,worker,ingress,storage roles where 'storage' has the highest precedence.
	Taints []Taint
	// Kubelet configuration applied to this node.
	// If a node is repeated for multiple roles, the overrides cannot be different.
	KubeletOptions KubeletOptions `yaml:"kubelet,omitempty"`
}

A Node is a compute unit, virtual or physical, that is part of the cluster

func (Node) Equal added in v1.6.0 

func (node Node) Equal(other Node) bool

Equal returns true of 2 nodes have the same host, IP and InternalIP

func (Node) HashCode added in v1.6.0 

func (node Node) HashCode() string

HashCode is crude implementation for the Node struct

func (Node) KubeletAddresses added in v1.10.0 

func (node Node) KubeletAddresses() []string

KubeletAddresses returns the host and the internalIP If no internalIP is provided, IP will be be returned instead

type NodeGroup 

type NodeGroup struct {
	// Number of nodes.
	// +required
	ExpectedCount int `yaml:"expected_count"`
	// List of nodes.
	// +required
	Nodes []Node
}

A NodeGroup is a collection of nodes

type OptionalNodeGroup added in v1.1.0 

type OptionalNodeGroup NodeGroup

An OptionalNodeGroup is a collection of nodes that can be empty

type PKI 

type PKI interface {
	CertificateAuthorityExists() (bool, error)
	GenerateClusterCA(p *Plan) (*tls.CA, error)
	GetClusterCA() (*tls.CA, error)
	GenerateProxyClientCA(p *Plan) (*tls.CA, error)
	GetProxyClientCA() (*tls.CA, error)
	GenerateClusterCertificates(p *Plan, clusterCA *tls.CA, proxyClientCA *tls.CA) error
	NodeCertificateExists(node Node) (bool, error)
	GenerateNodeCertificate(plan *Plan, node Node, ca *tls.CA) error
	GenerateCertificate(name string, validityPeriod string, commonName string, subjectAlternateNames []string, organizations []string, ca *tls.CA, overwrite bool) (bool, error)
}

The PKI provides a way for generating certificates for the cluster described by the Plan

type PackageManager added in v1.3.3 

type PackageManager struct {
	// Whether the package manager add-on should be disabled.
	// When set to true, the package manager will not be installed on the cluster.
	// +default=false
	Disable bool
	// This property indicates the package manager provider.
	// +required
	// +options=helm
	Provider string
	// The PackageManager options.
	Options PackageManagerOptions `yaml:"options"`
}

PackageManager add-on configuration

type PackageManagerOptions added in v1.8.0 

type PackageManagerOptions struct {
	// Helm PackageManager options
	Helm HelmOptions
}

The PackageManagerOptions for the PackageManager add-on

type Plan 

type Plan struct {
	// Kubernetes cluster configuration
	// +required
	Cluster Cluster
	// Configuration for the docker engine installed by KET
	Docker Docker
	// Docker registry configuration
	DockerRegistry DockerRegistry `yaml:"docker_registry"`
	// A set of files or directories to copy from the local machine to any of the nodes in the cluster.
	AdditionalFiles []AdditionalFile `yaml:"additional_files"`
	// Add on configuration
	AddOns AddOns `yaml:"add_ons"`
	// Feature configuration
	// +deprecated
	Features *Features `yaml:"features,omitempty"`
	// Etcd nodes of the cluster
	// +required
	Etcd NodeGroup
	// Master nodes of the cluster
	// +required
	Master MasterNodeGroup
	// Worker nodes of the cluster
	// +required
	Worker NodeGroup
	// Ingress nodes of the cluster
	Ingress OptionalNodeGroup
	// Storage nodes of the cluster.
	Storage OptionalNodeGroup
	// NFS volumes of the cluster.
	NFS *NFS `yaml:"nfs,omitempty"`
}

Plan is the installation plan that the user intends to execute

func AddNodeToPlan added in v1.9.2 

func AddNodeToPlan(plan Plan, node Node, roles []string) Plan

func (*Plan) AllAddresses added in v1.6.0 

func (p *Plan) AllAddresses() []string

AllAddresses will return the hostnames, IPs and internal IPs for all nodes

func (*Plan) ClusterAddress added in v1.12.0 

func (p *Plan) ClusterAddress() (string, string, error)

func (*Plan) GetRolesForIP added in v1.3.0 

func (p *Plan) GetRolesForIP(ip string) []string

func (*Plan) GetSSHClient added in v1.2.1 

func (p *Plan) GetSSHClient(host string) (ssh.Client, error)

GetSSHClient is a convience method that calls GetSSHConnection and returns an SSH client with the result

func (*Plan) GetSSHConnection added in v1.2.0 

func (p *Plan) GetSSHConnection(host string) (*SSHConnection, error)

GetSSHConnection returns the SSHConnection struct containing the node and SSHConfig details

func (*Plan) GetUniqueNodes added in v1.3.0 

func (p *Plan) GetUniqueNodes() []Node

GetUniqueNodes returns a list of the unique nodes that are listed in the plan file. That is, if a node has multiple roles, it will only appear once in the list. Nodes are considered unique if the combination of 'host', 'IP' or 'internalIP' is unique to all other nodes.

func (*Plan) HostExists added in v1.9.2 

func (p *Plan) HostExists(host string) bool

func (Plan) NetworkConfigured added in v1.5.0 

func (p Plan) NetworkConfigured() bool

NetworkConfigured returns true if pod validation/smoketest should run

func (Plan) PrivateRegistryProvided added in v1.6.0 

func (p Plan) PrivateRegistryProvided() bool

PrivateRegistryProvided returns true when the details about a private registry have been provided

func (*Plan) ValidRole added in v1.9.2 

func (p *Plan) ValidRole(role string) bool

func (Plan) Versions added in v1.8.0 

func (p Plan) Versions() map[string]string

type PlanReadWriter 

type PlanReadWriter interface {
	Read() (*Plan, error)
	Write(*Plan) error
}

PlanReadWriter is capable of reading/writing a Plan

type PlanTemplateOptions added in v1.6.0 

type PlanTemplateOptions struct {
	EtcdNodes       int
	MasterNodes     int
	WorkerNodes     int
	IngressNodes    int
	StorageNodes    int
	AdditionalFiles int
	AdminPassword   string
}

PlanTemplateOptions contains the options that are desired when generating a plan file template.

type Planner 

type Planner interface {
	PlanReadWriter
	PlanExists() bool
}

Planner is used to plan the installation

type PortmapOptions added in v1.11.1 

type PortmapOptions struct {
	// Disable the portmap CNI plugin
	// +default=false
	Disable bool
}

The PortmapOptions that can be configured for the Portmap CNI plugin.

type PreFlightExecutor 

type PreFlightExecutor interface {
	RunPreFlightCheck(plan *Plan, nodes ...string) error
	RunNewNodePreFlightCheck(Plan, Node) error
	RunUpgradePreFlightCheck(*Plan, ListableNode) error
}

The PreFlightExecutor will run pre-flight checks against the environment defined in the plan file

func NewPreFlightExecutor 

func NewPreFlightExecutor(stdout io.Writer, errOut io.Writer, options ExecutorOptions) (PreFlightExecutor, error)

NewPreFlightExecutor returns an executor for running preflight

type Rescheduler added in v1.6.1 

type Rescheduler struct {
	// Whether the pod rescheduler add-on should be disabled.
	// When set to true, the rescheduler will not be installed on the cluster.
	// +default=false
	Disable bool
}

Rescheduler add-on configuration

type SSHConfig 

type SSHConfig struct {
	// The user for accessing the cluster nodes via SSH.
	// This user requires sudo elevation privileges on the cluster nodes.
	// +required
	User string
	// The absolute path of the SSH key that should be used for accessing the
	// cluster nodes via SSH.
	// +required
	Key string `yaml:"ssh_key"`
	// The port number on which cluster nodes are listening for SSH connections.
	// +required
	Port int `yaml:"ssh_port"`
}

SSHConfig describes the cluster's SSH configuration for accessing nodes

type SSHConnection added in v1.1.0 

type SSHConnection struct {
	SSHConfig *SSHConfig
	Node      *Node
}

type StorageVolume added in v1.2.0 

type StorageVolume struct {
	// Name of the storage volume
	Name string
	// SizeGB is the size of the volume, in gigabytes
	SizeGB int
	// ReplicateCount is the number of replicas
	ReplicateCount int
	// DistributionCount is the degree to which data will be distributed across the cluster
	DistributionCount int
	// StorageClass is the annotation that will be used when creating the persistent-volume in kubernetes
	StorageClass string
	// AllowAddresses is a list of address wildcards that have access to the volume
	AllowAddresses []string
	// ReclaimPolicy is the persistent volume's reclaim policy
	// ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#reclaim-policy
	ReclaimPolicy string
	// AccessModes supported by the persistent volume
	// ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes
	AccessModes []string
}

StorageVolume managed by Kismatic

type Taint added in v1.10.0 

type Taint struct {
	// Key for the taint
	Key string
	// Value for the taint
	Value string
	// Effect for the taint
	// +options=NoSchedule,PreferNoSchedule,NoExecute
	Effect string
}

Taint for nodes

type WeaveOptions added in v1.9.2 

type WeaveOptions struct {
	// The password to use for network traffic encryption.
	Password string
}

The WeaveOptions that can be configured for the Weave CNI provider.

Source Files

View all Source files

Directories

Path Synopsis
Package explain contains explainers that are used for processing an incoming stream, and explaining the events that are found in it.
 Package explain contains explainers that are used for processing an incoming stream, and explaining the events that are found in it.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.