Documentation ¶
Index ¶
- Constants
- func AttachPolicy(document, roleName, policyName string, svc *iam.Client) error
- func CreateResourceManagerRole(tags *[]types.Tag, ...) (*types.Role, error)
- func CreateServiceAccount(serviceAccountPolicyArn, clusterName string, awsConfig *aws.Config) (*types.User, *types.AccessKey, error)
- func CreateServiceAccountPolicy(tags *[]types.Tag, clusterName string, resourceManagerRoleArn string, ...) (*types.Policy, error)
- func DeleteResourceManagerRole(instanceName string, awsConfig aws.Config) error
- func DeleteServiceAccount(clusterName string, awsConfig aws.Config) error
- func DeleteServiceAccountPolicy(clusterName string, awsConfig aws.Config) error
- func EKSInventoryFilepath(providerConfigDir, instanceName string) string
- func GetCallerIdentity(awsConfig *aws.Config) (*sts.GetCallerIdentityOutput, error)
- func GetIrsaServiceAccounts(namespace, accountId, roleName string) []*unstructured.Unstructured
- func GetResourceManagerRoleArn(clusterName, accountId string) string
- func GetResourceManagerRoleName(clusterName string) string
- func IrsaControllerNames() []string
- func IsException(err *error, exception string) bool
- func ThreeportProviderTags() map[string]string
- func ThreeportRuntimeName(threeportInstanceName string) string
- func UpdateIrsaControllerList(list []*v0.ControlPlaneComponent)
- func UpdateResourceManagerRoleTrustPolicy(clusterName, accountId, externalId, oidcProviderUrl string, ...) error
- type KubernetesRuntimeInfra
- type KubernetesRuntimeInfraEKS
- type KubernetesRuntimeInfraKind
Constants ¶
const ( ServiceAccountPolicyName = "ThreeportServiceAccount" RuntimeServiceAccount = "ThreeportRuntime" ResourceManagerRoleName = "resource-manager-threeport" AssumeAnyRolePolicyDocument = `` /* 185-byte string literal not displayed */ ResourceManagerPolicyDocument = `` /* 3744-byte string literal not displayed */ )
const ( // Max length of runtime names prevents infra provider resource names // exceeding maximum lengths imposed by provider. RuntimeNameMaxLength = 30 )
Variables ¶
This section is empty.
Functions ¶
func AttachPolicy ¶
AttachPolicy attaches a given document to a role.
func CreateResourceManagerRole ¶
func CreateResourceManagerRole( tags *[]types.Tag, roleName, accountId, externalAccountId, principalRoleName, externalId string, attachAssumeAnyRolePolicy bool, attachResourceManagerPolicy bool, awsConfig aws.Config, ) (*types.Role, error)
CreateResourceManagerRole creates the IAM role needed for resource management.
func CreateServiceAccount ¶
func CreateServiceAccount(serviceAccountPolicyArn, clusterName string, awsConfig *aws.Config) (*types.User, *types.AccessKey, error)
CreateServiceAccount creates the IAM user and access key for the threeport service account.
func CreateServiceAccountPolicy ¶
func CreateServiceAccountPolicy( tags *[]types.Tag, clusterName string, resourceManagerRoleArn string, awsConfig aws.Config, ) (*types.Policy, error)
CreateServiceAccountPolicy creates the IAM policy to be used for the threeport service account policy.
func DeleteResourceManagerRole ¶
DeleteResourceManagerRole deletes the IAM resources created by threeport for a given cluster.
func DeleteServiceAccount ¶
DeleteServiceAccount deletes the IAM user and access key for the threeport service account.
func DeleteServiceAccountPolicy ¶
DeleteServiceAccountPolicy deletes the IAM policy used by the threeport service account.
func EKSInventoryFilepath ¶
EKSInventoryFilepath returns a standardized filename and path for the EKS inventory file.
func GetCallerIdentity ¶
func GetCallerIdentity(awsConfig *aws.Config) (*sts.GetCallerIdentityOutput, error)
GetCallerIdentity returns the caller identity for the AWS account.
func GetIrsaServiceAccounts ¶
func GetIrsaServiceAccounts(namespace, accountId, roleName string) []*unstructured.Unstructured
GetIrsaServiceAccounts returns the service account configured for IRSA authentication.
func GetResourceManagerRoleArn ¶
GetResourceManagerRoleArn returns the ARN for the runtime manager role.
func GetResourceManagerRoleName ¶
GetResourceManagerRoleName returns the name of the runtime manager role.
func IrsaControllerNames ¶
func IrsaControllerNames() []string
IrsaControllerNames returns a list of controllers which are configured for IRSA authentication.
func IsException ¶
IsException returns true if the error is a specific exception, otherwise it returns false and updates the error with additional context.
func ThreeportProviderTags ¶
ThreeportProviderTags returns the standard tags applied to cloud provider infrastructure resources to properly identify them.
func ThreeportRuntimeName ¶
ThreeportRuntimeName returns the name for a Kubernetes runtime that hosts the threeport control plane.
func UpdateIrsaControllerList ¶
func UpdateIrsaControllerList(list []*v0.ControlPlaneComponent)
UpdateIrsaControllerList updates the list of control plane components to be configured for IRSA authentication.
Types ¶
type KubernetesRuntimeInfra ¶
type KubernetesRuntimeInfra interface { Create() (*kube.KubeConnectionInfo, error) Delete() error }
KubernetesRuntimeInfra is the interface each provider has to satisfy to manage Kubernetes runtime infra.
type KubernetesRuntimeInfraEKS ¶
type KubernetesRuntimeInfraEKS struct { // The unique name of the kubernetes runtime instance managed by threeport. RuntimeInstanceName string // The AWS account ID where the cluster infra is provisioned. AwsAccountID string // The configuration containing credentials to connect to an AWS account. AwsConfig *aws.Config // The eks-clutser client used to create AWS EKS resources. ResourceClient *eks.EksClient // A record of AWS resources created for the EKS cluster resource stack. ResourceInventory *eks.EksInventory // A pre-existing set of AWS resources. When provided, the EKS cluster // resource stack will use these pre-existing resources and incorporate // them into the final EKS resource stack. ExistingResourceInventory *eks.EksInventory // The number of availability zones the EKS cluster will be deployed across. ZoneCount int32 // The AWS isntance type used for the default node group. DefaultNodeGroupInstanceType string // The number of nodes initially created for the default node group. DefaultNodeGroupInitialNodes int32 // The minimum number of nodes to maintain in the default node group. DefaultNodeGroupMinNodes int32 // The maximum number of nodes allowed in the default node group. DefaultNodeGroupMaxNodes int32 }
KubernetesRuntimeInfraEKS represents the infrastructure for a threeport-managed EKS cluster.
func (*KubernetesRuntimeInfraEKS) Create ¶
func (i *KubernetesRuntimeInfraEKS) Create() (*kube.KubeConnectionInfo, error)
Create installs a Kubernetes cluster using AWS EKS for threeport workloads.
func (*KubernetesRuntimeInfraEKS) Delete ¶
func (i *KubernetesRuntimeInfraEKS) Delete() error
Delete deletes an AWS EKS cluster.
func (*KubernetesRuntimeInfraEKS) GetConnection ¶
func (i *KubernetesRuntimeInfraEKS) GetConnection() (*kube.KubeConnectionInfo, error)
GetConnection gets the latest connection infor for authentication to an EKS cluster.
type KubernetesRuntimeInfraKind ¶
type KubernetesRuntimeInfraKind struct { // The unique name of the kubernetes runtime instance. RuntimeInstanceName string // Path to user's kubeconfig file for connecting to Kubernetes API. KubeconfigPath string // True if threeport instance is for a development environment that // supports live reloads of code from filesystem. DevEnvironment bool // Used only for development environments. The path to the threeport repo // on the developer's file system. ThreeportPath string // Number of worker nodes for kind cluster. NumWorkerNodes int // True if Threeport API is served via HTTPs. AuthEnabled bool // Addition ports to expose on the kind cluster. // The key is the container port and value is the Host Port. // The protocol is assumed TCP PortForwards map[int32]int32 }
KubernetesRuntimeInfraKind represents a kind cluster for local a threeport instance.
func (*KubernetesRuntimeInfraKind) Create ¶
func (i *KubernetesRuntimeInfraKind) Create() (*kube.KubeConnectionInfo, error)
Create installs a Kubernetes cluster using kind for the threeport control plane.
func (*KubernetesRuntimeInfraKind) Delete ¶
func (i *KubernetesRuntimeInfraKind) Delete() error
Delete deletes a kind cluster and the threeport control plane with it.