Documentation ¶
Index ¶
- Constants
- func CreateBootstrapMetricsSignerCert(secretInformer corev1informers.SecretInformer, ...) certrotation.RotatedSigningCASecret
- func CreateBootstrapSignerCert(secretInformer corev1informers.SecretInformer, ...) certrotation.RotatedSigningCASecret
- func CreateEtcdClientCert(secretInformer corev1informers.SecretInformer, ...) certrotation.RotatedSelfSignedCertKeySecret
- func CreateMetricsClientCert(secretInformer corev1informers.SecretInformer, ...) certrotation.RotatedSelfSignedCertKeySecret
- func CreateMetricsServingCertificate(node *corev1.Node, secretInformer corev1informers.SecretInformer, ...) (*certrotation.RotatedSelfSignedCertKeySecret, error)
- func CreateMetricsSignerCert(secretInformer corev1informers.SecretInformer, ...) certrotation.RotatedSigningCASecret
- func CreateMetricsSignerCertRotationBundleConfigMap(cmInformer corev1informers.ConfigMapInformer, ...) certrotation.CABundleConfigMap
- func CreatePeerCertificate(node *corev1.Node, secretInformer corev1informers.SecretInformer, ...) (*certrotation.RotatedSelfSignedCertKeySecret, error)
- func CreateServingCertificate(node *corev1.Node, secretInformer corev1informers.SecretInformer, ...) (*certrotation.RotatedSelfSignedCertKeySecret, error)
- func CreateSignerCert(secretInformer corev1informers.SecretInformer, ...) certrotation.RotatedSigningCASecret
- func CreateSignerCertRotationBundleConfigMap(cmInformer corev1informers.ConfigMapInformer, ...) certrotation.CABundleConfigMap
- func GetPeerClientSecretNameForNode(nodeName string) string
- func GetServingMetricsSecretNameForNode(nodeName string) string
- func GetServingSecretNameForNode(nodeName string) string
- func ReadConfigMetricsSignerCert(ctx context.Context, secretClient corev1client.SecretsGetter) (*crypto.CA, error)
- func ReadConfigSignerCert(ctx context.Context, secretClient corev1client.SecretsGetter) (*crypto.CA, error)
- func SupportedEtcdCiphers(cipherSuites []string) []string
- type CARotatingTargetCertCreator
Constants ¶
View Source
const ( EtcdJiraComponentName = "etcd" EtcdSignerCertSecretName = "etcd-signer" EtcdSignerCaBundleConfigMapName = "etcd-ca-bundle" EtcdMetricsSignerCertSecretName = "etcd-metric-signer" EtcdMetricsSignerCaBundleConfigMapName = "etcd-metrics-ca-bundle" EtcdAllCertsSecretName = "etcd-all-certs" EtcdClientCertSecretName = "etcd-client" EtcdMetricsClientCertSecretName = "etcd-metric-client" )
Variables ¶
This section is empty.
Functions ¶
func CreateBootstrapMetricsSignerCert ¶
func CreateBootstrapMetricsSignerCert( secretInformer corev1informers.SecretInformer, secretLister corev1listers.SecretLister, secretGetter corev1client.SecretsGetter, recorder events.Recorder) certrotation.RotatedSigningCASecret
CreateBootstrapMetricsSignerCert is a CreateMetricsSignerCert in the openshift-config namespace
func CreateBootstrapSignerCert ¶
func CreateBootstrapSignerCert( secretInformer corev1informers.SecretInformer, secretLister corev1listers.SecretLister, secretGetter corev1client.SecretsGetter, recorder events.Recorder) certrotation.RotatedSigningCASecret
CreateBootstrapSignerCert is a CreateSignerCert in the openshift-config namespace
func CreateEtcdClientCert ¶
func CreateEtcdClientCert( secretInformer corev1informers.SecretInformer, secretLister corev1listers.SecretLister, secretGetter corev1client.SecretsGetter, recorder events.Recorder) certrotation.RotatedSelfSignedCertKeySecret
func CreateMetricsClientCert ¶
func CreateMetricsClientCert( secretInformer corev1informers.SecretInformer, secretLister corev1listers.SecretLister, secretGetter corev1client.SecretsGetter, recorder events.Recorder) certrotation.RotatedSelfSignedCertKeySecret
func CreateMetricsServingCertificate ¶
func CreateMetricsServingCertificate(node *corev1.Node, secretInformer corev1informers.SecretInformer, secretLister corev1listers.SecretLister, secretGetter corev1client.SecretsGetter, recorder events.Recorder) (*certrotation.RotatedSelfSignedCertKeySecret, error)
func CreateMetricsSignerCert ¶
func CreateMetricsSignerCert( secretInformer corev1informers.SecretInformer, secretLister corev1listers.SecretLister, secretGetter corev1client.SecretsGetter, recorder events.Recorder) certrotation.RotatedSigningCASecret
func CreateMetricsSignerCertRotationBundleConfigMap ¶
func CreateMetricsSignerCertRotationBundleConfigMap( cmInformer corev1informers.ConfigMapInformer, cmLister corev1listers.ConfigMapLister, cmGetter corev1client.ConfigMapsGetter, recorder events.Recorder) certrotation.CABundleConfigMap
func CreatePeerCertificate ¶
func CreatePeerCertificate(node *corev1.Node, secretInformer corev1informers.SecretInformer, secretLister corev1listers.SecretLister, secretGetter corev1client.SecretsGetter, recorder events.Recorder) (*certrotation.RotatedSelfSignedCertKeySecret, error)
func CreateServingCertificate ¶
func CreateServingCertificate(node *corev1.Node, secretInformer corev1informers.SecretInformer, secretLister corev1listers.SecretLister, secretGetter corev1client.SecretsGetter, recorder events.Recorder) (*certrotation.RotatedSelfSignedCertKeySecret, error)
func CreateSignerCert ¶
func CreateSignerCert( secretInformer corev1informers.SecretInformer, secretLister corev1listers.SecretLister, secretGetter corev1client.SecretsGetter, recorder events.Recorder) certrotation.RotatedSigningCASecret
func CreateSignerCertRotationBundleConfigMap ¶
func CreateSignerCertRotationBundleConfigMap( cmInformer corev1informers.ConfigMapInformer, cmLister corev1listers.ConfigMapLister, cmGetter corev1client.ConfigMapsGetter, recorder events.Recorder) certrotation.CABundleConfigMap
func ReadConfigMetricsSignerCert ¶
func ReadConfigMetricsSignerCert(ctx context.Context, secretClient corev1client.SecretsGetter) (*crypto.CA, error)
func ReadConfigSignerCert ¶
func ReadConfigSignerCert(ctx context.Context, secretClient corev1client.SecretsGetter) (*crypto.CA, error)
func SupportedEtcdCiphers ¶
Types ¶
type CARotatingTargetCertCreator ¶
type CARotatingTargetCertCreator struct {
certrotation.TargetCertCreator
}
CARotatingTargetCertCreator ensures we also rotate leaf certificates when we detect a change in signer. The certrotation.TargetCertCreator only assumes the bundle to change on a CA rotation, whereas we have to keep the bundle around for some time for a proper static pod rollout.
func (*CARotatingTargetCertCreator) NeedNewTargetCertKeyPair ¶
Click to show internal directories.
Click to hide internal directories.