clustercert

package

v0.11.0 Latest Latest Go to latest Published: Jul 17, 2023 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/sealerio/sealer

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func CreateBasic(serverURL, clusterName, userName string, caCert []byte) *clientcmdapi.Config
func CreateJoinControlPlaneKubeConfigFiles(outDir string, ...) error
func CreateWithCerts(serverURL, clusterName, userName string, caCert []byte, clientKey []byte, ...) *clientcmdapi.Config
func CreateWithToken(serverURL, clusterName, userName string, caCert []byte, token string) *clientcmdapi.Config
func GenerateAllKubernetesCerts(certPath, etcdCertPath, nodeName, serviceCIRD, DNSDomain string, ...) error
func UpdateAPIServerCertSans(pkiPath string, certSans []string) error
func WriteToDisk(filename string, kubeconfig *clientcmdapi.Config) error
type Args
type CertificateConfig
type CertificateConfigFamily
- func (c CertificateConfigFamily) GenerateAll() error
type KubernetesCertService
- func (s KubernetesCertService) GenerateKubeComponentCert() (err error)
- func (s KubernetesCertService) GenerateServiceAccountKeyPair() (err error)

Constants ¶

View Source

const (

	// KubernetesConfigDir kubernetes default certificate directory
	KubernetesConfigDir = "/etc/kubernetes"

	// KubeDefaultCertPath kubernetes components default certificate directory
	KubeDefaultCertPath = "/etc/kubernetes/pki"

	// KubeDefaultCertEtcdPath etcd default certificate directory
	KubeDefaultCertEtcdPath = "/etc/kubernetes/pki/etcd"
)

Variables ¶

This section is empty.

Functions ¶

func CreateBasic ¶

func CreateBasic(serverURL, clusterName, userName string, caCert []byte) *clientcmdapi.Config

cmd/kubeadm/app/util/kubeconfig/kubeconfig.go CreateBasic creates a basic, general KubeConfig object that then can be extended

func CreateJoinControlPlaneKubeConfigFiles ¶

func CreateJoinControlPlaneKubeConfigFiles(outDir string, caCertPath, caCertName, nodeName, controlPlaneEndpoint, clusterName string) error

CreateJoinControlPlaneKubeConfigFiles will create and write to disk the kubeconfig files required by kubeadm join --control-plane workflow, plus the admin kubeconfig file used by the administrator and kubeadm itself; the kubelet.conf file must not be created because it will be created and signed by the kubelet TLS bootstrap process. If any kubeconfig files already exists, it used only if evaluated equal; otherwise an error is returned.

func CreateWithCerts ¶

func CreateWithCerts(serverURL, clusterName, userName string, caCert []byte, clientKey []byte, clientCert []byte) *clientcmdapi.Config

cmd/kubeadm/app/util/kubeconfig/kubeconfig.go CreateWithCerts creates a KubeConfig object with access to the API server with client certificates

func CreateWithToken ¶

func CreateWithToken(serverURL, clusterName, userName string, caCert []byte, token string) *clientcmdapi.Config

cmd/kubeadm/app/util/kubeconfig/kubeconfig.go CreateWithToken creates a KubeConfig object with access to the API server with a token

func GenerateAllKubernetesCerts ¶

func GenerateAllKubernetesCerts(certPath, etcdCertPath, nodeName, serviceCIRD, DNSDomain string, altNames []string, nodeIP net.IP) error

GenerateAllKubernetesCerts generate all cert.

func UpdateAPIServerCertSans ¶

func UpdateAPIServerCertSans(pkiPath string, certSans []string) error

UpdateAPIServerCertSans :renew apiserver cert sans with given ca under pkiPath.

func WriteToDisk ¶

func WriteToDisk(filename string, kubeconfig *clientcmdapi.Config) error

WriteToDisk writes a KubeConfig object down to disk with mode 0600

Types ¶

type Args ¶

type Args struct {
	APIServerAltNames cert.AltNames
	NodeName          string
	NodeIP            net.IP
	DNSDomain         string
}

type CertificateConfig ¶

type CertificateConfig struct {
	// contains filtered or unexported fields
}

type CertificateConfigFamily ¶

type CertificateConfigFamily struct {
	// contains filtered or unexported fields
}

func (CertificateConfigFamily) GenerateAll ¶

func (c CertificateConfigFamily) GenerateAll() error

type KubernetesCertService ¶

type KubernetesCertService struct {
	// contains filtered or unexported fields
}

func (KubernetesCertService) GenerateKubeComponentCert ¶

func (s KubernetesCertService) GenerateKubeComponentCert() (err error)

func (KubernetesCertService) GenerateServiceAccountKeyPair ¶

func (s KubernetesCertService) GenerateServiceAccountKeyPair() (err error)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cert

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL