Documentation
¶
Index ¶
- Variables
- func Do(ctx context.Context, kr *rest.Request) rest.Result
- func Is404(err error) bool
- func OAuth2RoundTripper(rt http.RoundTripper, creds oauth2.TokenSource) http.RoundTripper
- func RegisterTokenProvider(name string, creds oauth2.TokenSource)
- func SetK8SLogging(flags string)
- type K8S
- func (kr *K8S) GetCM(ctx context.Context, ns string, name string) (map[string]string, error)
- func (kr *K8S) GetSecret(ctx context.Context, ns string, name string) (map[string][]byte, error)
- func (kr *K8S) GetToken(ctx context.Context, aud string) (string, error)
- func (kr *K8S) InitK8SClient(ctx context.Context) error
- func (kr *K8S) LoadKubeConfig(kc string) error
- func (kr *K8S) LocalCluster() error
- type K8SCluster
- func (kr *K8SCluster) ConfigFor(apiPath, version string, group string, c runtime.NegotiatedSerializer) *rest.Config
- func (k *K8SCluster) GcpInfo() (string, string, string)
- func (kr *K8SCluster) GetCM(ctx context.Context, ns string, name string) (map[string]string, error)
- func (kr *K8SCluster) GetSecret(ctx context.Context, ns string, name string) (map[string][]byte, error)
- func (k *K8SCluster) GetToken(ctx context.Context, aud string) (string, error)
- func (k *K8SCluster) GetTokenRaw(ctx context.Context, ns, ksa, aud string) (string, error)
- func (kr *K8SCluster) InitConfig(config *rest.Config) error
- func (kr *K8SCluster) RestClient(apiPath, version string, group string, c runtime.NegotiatedSerializer) (*rest.RESTClient, error)
- func (kr *K8SCluster) WithNamespace(ns, n string) *K8SCluster
- type K8SConfig
- type MDSRoundTripper
Constants ¶
This section is empty.
Variables ¶
var Debug = true
Functions ¶
func OAuth2RoundTripper ¶
func OAuth2RoundTripper(rt http.RoundTripper, creds oauth2.TokenSource) http.RoundTripper
Return a wrapper round tripper.
func RegisterTokenProvider ¶
func RegisterTokenProvider(name string, creds oauth2.TokenSource)
Register an oauth2 token source. This takes a dep on the oauth2 library, but client already depends on it. Alternative: set WrapTransport directly on the rest.Config.
func SetK8SLogging ¶
func SetK8SLogging(flags string)
Init klog.InitFlags from an env (to avoid messing with the CLI of the app). For example -v=9 lists full request content, -v=7 lists requests headers
Types ¶
type K8S ¶
type K8S struct {
Config *K8SConfig
TokenProvider interface{}
// InCluster (if possible), followed by LoadKubeConfig or GKE config.
Default *K8SCluster
// LoadKubeConfig will populate this from a kubeconfig file
ByName map[string]*K8SCluster
}
K8S implements the common interface for a set of K8S APIservers or servers implementing same patterns.
func NewK8S ¶
NewK8S will initialize a K8S cluster set.
If running in cluster, the 'local' cluster will be the default. Additional clusters can be loaded from istio kubeconfig files, kubeconfig, GKE, Fleet.
func (*K8S) GetToken ¶
GetToken returns a token with the given audience for the current KSA, using CreateToken request. Used by the STS token exchanger.
func (*K8S) InitK8SClient ¶
InitK8SClient will discover a K8S config cluster and return the client.
- KUBE_CONFIG takes priority, is checked first - in cluster is probed if KUBE_CONFIG is missing.
Istio Server.initKubeClient handles it for Istio: - FileDir fakes it using files (config controller) - local MeshConfig from args is read - if no configSources or CLI kubeconfig - use it.
func (*K8S) LoadKubeConfig ¶
LoadConfig gets the default k8s client, using environment variables to decide how:
- KUBECONFIG or $HOME/.kube/config will be tried first
- GKE is checked - using env or metadata server to get PROJECT_ID, CLUSTER_LOCATION, CLUSTER_NAME (if not set), and construct a kube config to use.
- (in future other vendor-specific methods may be added)
- finally in-cluster will be checked.
Once the cluster is found, additional config can be loaded from the cluster.
error is set if KUBECONFIG is set or ~/.kube/config exists and fail to load. If the file doesn't exist, err is nil.
func (*K8S) LocalCluster ¶
LocalCluster returns a cluster determined based on in-cluster or MDS config. The extended MDS server is used to cache cluster info to avoid GKE lookups. Equivalent to rest.InClusterConfig.
type K8SCluster ¶
type K8SCluster struct {
// Loaded Config.
// The URL can be extracted with rest.DefaultServerURLFor(Config)
// Http client properly configured with rest.HTTPClientFor(Config)
Config *rest.Config
// The name should be mangled - gke_PROJECT_LOCATION_NAME or connectgateway_PROJECT_NAME
// or hostname.
// Best practice: fleet name, also part of the domain suffix
// Using the VENDOR_PROJECT_REGION_NAME for all would also be nice.
Name string
Namespace string
KSA string
// TODO: lazy load. Should be cached.
Client *kubernetes.Clientset
}
K8SCluster represents a single K8S cluster
func (*K8SCluster) ConfigFor ¶
func (kr *K8SCluster) ConfigFor(apiPath, version string, group string, c runtime.NegotiatedSerializer) *rest.Config
func (*K8SCluster) GetTokenRaw ¶
func (*K8SCluster) InitConfig ¶
func (kr *K8SCluster) InitConfig(config *rest.Config) error
func (*K8SCluster) RestClient ¶
func (kr *K8SCluster) RestClient(apiPath, version string, group string, c runtime.NegotiatedSerializer) (*rest.RESTClient, error)
RestClient returns a K8S RESTClient for a specific resource. apiPath is typically /api or /apis version is v1, etc group is "" for core resources. Serializer defaults to scheme.Codecs.WithoutConversion()
func (*K8SCluster) WithNamespace ¶
func (kr *K8SCluster) WithNamespace(ns, n string) *K8SCluster
type K8SConfig ¶
type K8SConfig struct {
// Logging options for K8S. Will be set in klog.
Logging string
Namespace string
KSA string
GSA string
}
K8SConfig has general config for a set of clusters.
type MDSRoundTripper ¶
type MDSRoundTripper struct {
// contains filtered or unexported fields
}
Round-tripper adding tokens from an oauth2 source - including MDS server.
Source Files