Documentation ¶
Index ¶
- Constants
- Variables
- func Render(assetDir string, config Config) error
- type Asset
- type Assets
- type Config
- func (c Config) APIServiceIPsString() string
- func (c Config) BindAllAddress() string
- func (c Config) DNSServiceIPString() string
- func (c Config) DNSServiceIPv6String() string
- func (c Config) FirstPodCIDRString() string
- func (c Config) PodCIDRsString() string
- func (c Config) ServiceCIDRsString() string
- type ImageVersions
Constants ¶
const ( AssetPathSecrets = "tls" AssetPathCAKey = "tls/ca.key" AssetPathCACert = "tls/ca.crt" AssetPathAPIServerKey = "tls/apiserver.key" AssetPathAPIServerCert = "tls/apiserver.crt" AssetPathEtcdClientCA = "tls/etcd-client-ca.crt" AssetPathEtcdClientCert = "tls/etcd-client.crt" AssetPathEtcdClientKey = "tls/etcd-client.key" AssetPathEtcdServerCA = "tls/etcd/server-ca.crt" AssetPathEtcdServerCert = "tls/etcd/server.crt" AssetPathEtcdServerKey = "tls/etcd/server.key" AssetPathEtcdPeerCA = "tls/etcd/peer-ca.crt" AssetPathEtcdPeerCert = "tls/etcd/peer.crt" AssetPathEtcdPeerKey = "tls/etcd/peer.key" AssetPathAggregatorCA = "tls/front-proxy-ca.crt" AssetPathFrontProxyClientCert = "tls/front-proxy-client.crt" AssetPathFrontProxyClientKey = "tls/front-proxy-client.key" AssetPathServiceAccountPrivKey = "tls/service-account.key" AssetPathServiceAccountPubKey = "tls/service-account.pub" AssetPathKubeletClientCert = "tls/apiserver-kubelet-client.crt" AssetPathKubeletClientKey = "tls/apiserver-kubelet-client.key" AssetPathAdminKey = "tls/admin.key" AssetPathAdminCert = "tls/admin.crt" AssetPathEncryptionConfig = "tls/encryptionconfig.yaml" AssetPathAuditPolicy = "tls/auditpolicy.yaml" AssetPathAdminKubeConfig = "auth/kubeconfig" AssetPathKubeletKubeConfig = "auth/kubeconfig-kubelet" AssetPathManifests = "manifests" AssetPathKubeConfigInCluster = "manifests/kubeconfig-in-cluster.yaml" AssetPathKubeletBootstrapToken = "manifests/kubelet-bootstrap-token.yaml" AssetPathProxy = "manifests/kube-proxy.yaml" AssetPathProxySA = "manifests/kube-proxy-sa.yaml" AssetPathProxyRoleBinding = "manifests/kube-proxy-role-binding.yaml" AssetPathFlannel = "manifests/flannel.yaml" AssetPathFlannelCfg = "manifests/flannel-cfg.yaml" AssetPathFlannelClusterRole = "manifests/flannel-cluster-role.yaml" AssetPathFlannelClusterRoleBinding = "manifests/flannel-cluster-role-binding.yaml" AssetPathFlannelSA = "manifests/flannel-sa.yaml" AssetPathCalico = "manifests/calico.yaml" AssetPathCalicoPolicyOnly = "manifests/calico-policy-only.yaml" AssetPathCalicoCfg = "manifests/calico-config.yaml" AssetPathCalicoSA = "manifests/calico-service-account.yaml" AssetPathCalicoRole = "manifests/calico-role.yaml" AssetPathCalicoRoleBinding = "manifests/calico-role-binding.yaml" AssetPathCalicoBGPConfigurationsCRD = "manifests/calico-bgp-configurations-crd.yaml" AssetPathCalicoBGPPeersCRD = "manifests/calico-bgp-peers-crd.yaml" AssetPathCalicoFelixConfigurationsCRD = "manifests/calico-felix-configurations-crd.yaml" AssetPathCalicoGlobalNetworkPoliciesCRD = "manifests/calico-global-network-policies-crd.yaml" AssetPathCalicoNetworkPoliciesCRD = "manifests/calico-network-policies-crd.yaml" AssetPathCalicoGlobalNetworkSetsCRD = "manifests/calico-global-network-sets-crd.yaml" AssetPathCalicoIPPoolsCRD = "manifests/calico-ip-pools-crd.yaml" AssetPathCalicoClusterInformationsCRD = "manifests/calico-cluster-informations-crd.yaml" AssetPathAPIServerSecret = "manifests/kube-apiserver-secret.yaml" AssetPathAPIServer = "manifests/kube-apiserver.yaml" AssetPathControllerManager = "manifests/kube-controller-manager.yaml" AssetPathControllerManagerSA = "manifests/kube-controller-manager-service-account.yaml" AssetPathControllerManagerRB = "manifests/kube-controller-manager-role-binding.yaml" AssetPathControllerManagerSecret = "manifests/kube-controller-manager-secret.yaml" AssetPathControllerManagerDisruption = "manifests/kube-controller-manager-disruption.yaml" AssetPathScheduler = "manifests/kube-scheduler.yaml" AssetPathSchedulerDisruption = "manifests/kube-scheduler-disruption.yaml" AssetPathCoreDNSClusterRoleBinding = "manifests/coredns-cluster-role-binding.yaml" AssetPathCoreDNSClusterRole = "manifests/coredns-cluster-role.yaml" AssetPathCoreDNSConfig = "manifests/coredns-config.yaml" AssetPathCoreDNSDeployment = "manifests/coredns-deployment.yaml" AssetPathCoreDNSSA = "manifests/coredns-service-account.yaml" AssetPathCoreDNSSvc = "manifests/coredns-service.yaml" AssetPathCoreDNSv6Svc = "manifests/coredns-ipv6-service.yaml" AssetPathSystemNamespace = "manifests/kube-system-ns.yaml" AssetPathCheckpointer = "manifests/pod-checkpointer.yaml" AssetPathCheckpointerSA = "manifests/pod-checkpointer-sa.yaml" AssetPathCheckpointerRole = "manifests/pod-checkpointer-role.yaml" AssetPathCheckpointerRoleBinding = "manifests/pod-checkpointer-role-binding.yaml" AssetPathCheckpointerClusterRole = "manifests/pod-checkpointer-cluster-role.yaml" AssetPathCheckpointerClusterRoleBinding = "manifests/pod-checkpointer-cluster-role-binding.yaml" AssetPathPodSecurityPolicy = "manifests/psp.yaml" AssetPathEtcdClientSecret = "manifests/etcd-client-tls.yaml" AssetPathEtcdPeerSecret = "manifests/etcd-peer-tls.yaml" AssetPathEtcdServerSecret = "manifests/etcd-server-tls.yaml" AssetPathCSRBootstrapRoleBinding = "manifests/csr-bootstrap-role-binding.yaml" AssetPathCSRApproverRoleBinding = "manifests/csr-approver-role-binding.yaml" AssetPathCSRRenewalRoleBinding = "manifests/csr-renewal-role-binding.yaml" AssetPathKubeSystemSARoleBinding = "manifests/kube-system-rbac-role-binding.yaml" AssetPathBootstrapManifests = "bootstrap-manifests" AssetPathBootstrapAPIServer = "bootstrap-manifests/bootstrap-apiserver.yaml" AssetPathBootstrapControllerManager = "bootstrap-manifests/bootstrap-controller-manager.yaml" AssetPathBootstrapScheduler = "bootstrap-manifests/bootstrap-scheduler.yaml" )
const ( // The name of the k8s service that selects self-hosted etcd pods EtcdServiceName = "etcd-service" SecretEtcdPeer = "etcd-peer-tls" SecretEtcdServer = "etcd-server-tls" SecretEtcdClient = "etcd-client-tls" NetworkFlannel = "flannel" NetworkCalico = "experimental-calico" NetworkCanal = "experimental-canal" )
Variables ¶
var BootstrapSecretsDir = "/etc/kubernetes/bootstrap-secrets" // Overridden for testing.
var DefaultImages = ImageVersions{
Etcd: "quay.io/coreos/etcd:v3.3.12",
Flannel: "quay.io/coreos/flannel:v0.12.0-amd64",
FlannelCNI: "docker.io/autonomy/install-cni:v0.3.0-7-g9344bd1",
Calico: "quay.io/calico/node:v3.0.3",
CalicoCNI: "quay.io/calico/cni:v2.0.0",
CoreDNS: "k8s.gcr.io/coredns:1.6.5",
PodCheckpointer: "quay.io/coreos/pod-checkpointer:83e25e5968391b9eb342042c435d1b3eeddb2be1",
Kubelet: "docker.io/autonomy/kubelet:v1.19.0-beta.1",
KubeAPIServer: "k8s.gcr.io/kube-apiserver:v1.19.0-beta.1",
KubeControllerManager: "k8s.gcr.io/kube-controller-manager:v1.19.0-beta.1",
KubeProxy: "k8s.gcr.io/kube-proxy:v1.19.0-beta.1",
KubeScheduler: "k8s.gcr.io/kube-scheduler:v1.19.0-beta.1",
}
DefaultImages are the default images bootkube components use.
Functions ¶
Types ¶
type Asset ¶
type Assets ¶
type Assets []Asset
func NewDefaultAssets ¶
NewDefaultAssets returns a list of default assets, optionally configured via a user provided AssetConfig. Default assets include TLS assets (certs, keys and secrets), and k8s component manifests.
func (Assets) WriteFiles ¶
type Config ¶
type Config struct { ClusterName string APIServerExtraArgs map[string]string ControllerManagerExtraArgs map[string]string SchedulerExtraArgs map[string]string ProxyMode string ProxyExtraArgs map[string]string EtcdCACert *x509.Certificate EtcdClientCert *x509.Certificate EtcdClientKey *rsa.PrivateKey EtcdServers []*url.URL EtcdUseTLS bool ControlPlaneEndpoint *url.URL LocalAPIServerPort int CACert *x509.Certificate CAPrivKey *rsa.PrivateKey AltNames *tlsutil.AltNames ClusterDomain string PodCIDRs []*net.IPNet ServiceCIDRs []*net.IPNet APIServiceIPs []net.IP DNSServiceIPs []net.IP CloudProvider string NetworkProvider string BootstrapSecretsSubdir string Images ImageVersions BootstrapTokenID string BootstrapTokenSecret string AESCBCEncryptionSecret string // PodCIDR describes the networking subnet to be used for inter-pod networking. // // Deprecated: PodCIDR exists only for compatibility with older external // systems. Please use PodCIDRs instead, which allows for dual-stack // configurations. PodCIDR *net.IPNet // ServiceCIDR describes the networking subnet to be used to expose services. // // Deprecated: ServiceCIDR exists only for compatibility with older external // systems. Please use ServiceCIDRs instead, which allows for dual-stack // configurations. If both are specified, only ServiceCIDRs will be used. ServiceCIDR *net.IPNet // APIServiceIP describes the in-cluster IP address by which the API Servers may be reached. // // Deprecated: APIServiceIP exists only for compatibility with older // external systems. Please use APIServiceIPs instead, which allows for // dual-stack configurations. If both are specified, only APIServiceIPs // will be used. APIServiceIP net.IP // DNSServiceIP describes the in-cluster IP address by which the cluster DNS servers may be reached. // // Deprecated: DNSServiceIP exists only for compatibility with older // external systems. Please use DNSServiceIPs instead, which allows for // dual-stack configurations. If both are specified, only DNSServiceIPs // will be used. DNSServiceIP net.IP }
AssetConfig holds all configuration needed when generating the default set of assets.
func (Config) APIServiceIPsString ¶
APIServiceIPsString returns a "," concatenated string for the APIServiceIPs
func (Config) BindAllAddress ¶
BindAllAddress indicates the address to use when binding all IPs.
func (Config) DNSServiceIPString ¶
DNSServiceString returns the service address for DNS. If this is a dual-stack cluster, it will return the IPv4 address.
func (Config) DNSServiceIPv6String ¶
DNSServiceIPv6String returns the IPv6 service address for DNS
func (Config) FirstPodCIDRString ¶
FirstPodCIDRString returns the first (or only) PodCIDR (IPv4 CIDR) as a string
func (Config) PodCIDRsString ¶
PodCIDRsString returns a "," concatenated string for the PodCIDRs
func (Config) ServiceCIDRsString ¶
ServiceCIDRsString returns a "," concatenated string for the ServiceCIDRs
type ImageVersions ¶
type ImageVersions struct { Etcd string Flannel string FlannelCNI string Calico string CalicoCNI string CoreDNS string Kenc string PodCheckpointer string Kubelet string KubeAPIServer string KubeControllerManager string KubeProxy string KubeScheduler string }
ImageVersions holds all the images (and their versions) that are rendered into the templates.