root

package

v0.8.0 Latest Latest Go to latest Published: Nov 14, 2022 License: Apache-2.0 Imports: 47 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/virtual-kubelet/node-cli

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func BuildAuthn(client authenticationclient.TokenReviewInterface, authn opts.Authentication, ...) (authenticator.Request, func(<-chan struct{}), error)
func BuildAuthz(client authorizationclient.SubjectAccessReviewInterface, ...) (authorizer.Authorizer, error)
func NewCommand(name string, s *provider.Store, o *opts.Opts) *cobra.Command
func NewNodeAuthorizerAttributesGetter(nodeName types.NodeName) authorizer.RequestAttributesGetter
func NodeFromProvider(ctx context.Context, name string, taint *v1.Taint, p provider.Provider, ...) *v1.Node
type AuthInterface
- func BuildAuth(nodeName types.NodeName, client clientset.Interface, config opts.Opts) (AuthInterface, func(<-chan struct{}), error)
- func NewVirtualKubeletAuth(authenticator authenticator.Request, ...) AuthInterface
type ServeMuxWithAuth
- func NewServeMuxWithAuth(ctx context.Context, auth AuthInterface) *ServeMuxWithAuth
- func (s *ServeMuxWithAuth) Handle(path string, h http.Handler)
- func (s *ServeMuxWithAuth) ServeHTTP(w http.ResponseWriter, r *http.Request)
type VirtualKubeletAuth

Constants ¶

This section is empty.

Variables ¶

View Source

var AcceptedCiphers = []uint16{
	tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
	tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
	tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
	tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,

	tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
	tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
	tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
	tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
}

AcceptedCiphers is the list of accepted TLS ciphers, with known weak ciphers elided Note this list should be a moving target.

Functions ¶

func BuildAuthn ¶ added in v0.5.0

func BuildAuthn(client authenticationclient.TokenReviewInterface, authn opts.Authentication, clientCACert string) (authenticator.Request, func(<-chan struct{}), error)

BuildAuthn creates an authenticator compatible with the virtual-kubelet's needs

func BuildAuthz ¶ added in v0.5.0

func BuildAuthz(client authorizationclient.SubjectAccessReviewInterface, authz opts.Authorization) (authorizer.Authorizer, error)

BuildAuthz creates an authorizer compatible with the virtual-kubelet's needs

func NewCommand ¶

func NewCommand(name string, s *provider.Store, o *opts.Opts) *cobra.Command

NewCommand creates a new top-level command. This command is used to start the virtual-kubelet daemon

func NewNodeAuthorizerAttributesGetter ¶ added in v0.5.0

func NewNodeAuthorizerAttributesGetter(nodeName types.NodeName) authorizer.RequestAttributesGetter

NewNodeAuthorizerAttributesGetter creates a new authorizer.RequestAttributesGetter for the node.

func NodeFromProvider ¶

func NodeFromProvider(ctx context.Context, name string, taint *v1.Taint, p provider.Provider, version string) *v1.Node

NodeFromProvider builds a kubernetes node object from a provider This is a temporary solution until node stuff actually split off from the provider interface itself.

Types ¶

type AuthInterface ¶ added in v0.5.0

type AuthInterface interface {
	authenticator.Request
	authorizer.RequestAttributesGetter
	authorizer.Authorizer
}

AuthInterface contains all methods required by the auth filters

func BuildAuth ¶ added in v0.5.0

func BuildAuth(nodeName types.NodeName, client clientset.Interface, config opts.Opts) (AuthInterface, func(<-chan struct{}), error)

BuildAuth creates an authenticator, an authorizer, and a matching authorizer attributes getter compatible with the virtual-kubelet's needs

func NewVirtualKubeletAuth ¶ added in v0.5.0

func NewVirtualKubeletAuth(authenticator authenticator.Request, authorizerAttributeGetter authorizer.RequestAttributesGetter, authorizer authorizer.Authorizer) AuthInterface

NewVirtualKubeletAuth returns a AuthInterface composed of the given authenticator, attribute getter, and authorizer

type ServeMuxWithAuth ¶ added in v0.5.0

type ServeMuxWithAuth struct {
	// contains filtered or unexported fields
}

ServeMuxWithAuth implements api.ServerMux

func NewServeMuxWithAuth ¶ added in v0.5.0

func NewServeMuxWithAuth(ctx context.Context, auth AuthInterface) *ServeMuxWithAuth

NewServeMuxWithAuth initiate an instance for ServeMuxWithAuth

func (*ServeMuxWithAuth) Handle ¶ added in v0.5.0

func (s *ServeMuxWithAuth) Handle(path string, h http.Handler)

Handle enables auth filter for mux Handle

func (*ServeMuxWithAuth) ServeHTTP ¶ added in v0.5.0

func (s *ServeMuxWithAuth) ServeHTTP(w http.ResponseWriter, r *http.Request)

type VirtualKubeletAuth ¶ added in v0.5.0

type VirtualKubeletAuth struct {
	// authenticator identifies the user for requests to the Kubelet API
	authenticator.Request
	// authorizerAttributeGetter builds authorization.Attributes for a request to the Kubelet API
	authorizer.RequestAttributesGetter
	// authorizer determines whether a given authorization.Attributes is allowed
	authorizer.Authorizer
}

VirtualKubeletAuth implements AuthInterface

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL