import "istio.io/istio/istioctl/pkg/multicluster"
apply.go cluster.go describe.go env.go generate.go mesh.go options.go remote_secret.go
const ( // default service account to use for remote cluster access. DefaultServiceAccountName = "istio-reader-service-account" )
func CreateRemoteSecret(opt RemoteSecretOptions, env Environment) (string, error)
CreateRemoteSecret creates a remote secret with credentials of the specified service account. This is useful for providing a cluster access to a remote apiserver.
func Describe(opt describeOptions, env Environment) error
NewApplyCommand creates a new command for applying multicluster configuration to the mesh.
NewCreateRemoteSecretCommand creates a new command for joining two contexts together in a multi-cluster mesh.
type CACerts struct {
// contains filtered or unexported fields
}
type Cluster struct { ClusterDesc // Current context referenced by the MeshDesc. This context corresponds to the `context` in // the current kubeconfig file. It is essentially the human friendly display // name. It can be changed by the user with`kubectl config rename-context`. Context string // contains filtered or unexported fields }
Cluster represents the current state of a cluster in the mesh.
func NewCluster(context string, desc ClusterDesc, env Environment) (*Cluster, error)
type ClusterDesc struct { // Name of the cluster's network Network string `json:"network,omitempty"` // Optional Namespace override of the Istio control plane. `istio-system` if not set. Namespace string `json:"namespace,omitempty"` // Optional service account to use for cross-cluster authentication. `istio-multi` if not set. ServiceAccountReader string `json:"serviceAccountReader"` // When true, disables linking the service registry of this cluster with other clustersByContext in the mesh. DisableRegistryJoin bool `json:"disableRegistryJoin,omitempty"` }
ClusterDesc describes attributes of a cluster and the desired state of joining the mesh.
type Environment interface { GetConfig() *api.Config CreateClientSet(context string) (kubernetes.Interface, error) Stdout() io.Writer Stderr() io.Writer ReadFile(filename string) ([]byte, error) Printf(format string, a ...interface{}) Errorf(format string, a ...interface{}) Poll(interval, timeout time.Duration, condition ConditionFunc) error }
type Gateway struct { RegistryServiceName string Address string Port uint32 Locality string Cluster *Cluster }
type KubeEnvironment struct {
// contains filtered or unexported fields
}
func NewEnvironment(kubeconfig, context string, stdout, stderr io.Writer) (*KubeEnvironment, error)
func (e *KubeEnvironment) CreateClientSet(context string) (kubernetes.Interface, error)
func (e *KubeEnvironment) Errorf(format string, a ...interface{})
func (e *KubeEnvironment) GetConfig() *api.Config
func (e *KubeEnvironment) Poll(interval, timeout time.Duration, condition ConditionFunc) error
func (e *KubeEnvironment) Printf(format string, a ...interface{})
func (e *KubeEnvironment) ReadFile(filename string) ([]byte, error)
func (e *KubeEnvironment) Stderr() io.Writer
func (e *KubeEnvironment) Stdout() io.Writer
KubeOptions contains kubernetes options common to all commands.
type Mesh struct {
// contains filtered or unexported fields
}
type MeshDesc struct { // Mesh Identifier. MeshID string `json:"mesh_id,omitempty"` // Collection of clusters in the multi-cluster mesh. Clusters are indexed by context name and // reference clusters defined in the Kubeconfig following kubectl precedence rules. Clusters map[string]ClusterDesc `json:"contexts,omitempty"` }
MeshDesc describes the topology of a multi-cluster mesh. The clustersByContext in the mesh reference the active Kubeconfig file as described by https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig.
func LoadMeshDesc(filename string, env Environment) (*MeshDesc, error)
RemoteSecretAuthType is a strongly typed authentication type suitable for use with pflags.Var().
const ( // Use a bearer token for authentication to the remote kubernetes cluster. RemoteSecretAuthTypeBearerToken RemoteSecretAuthType = "bearer-token" // User a custom custom authentication plugin for the remote kubernetes cluster. RemoteSecretAuthTypePlugin RemoteSecretAuthType = "plugin" )
func (at *RemoteSecretAuthType) Set(in string) error
func (at *RemoteSecretAuthType) String() string
func (at *RemoteSecretAuthType) Type() string
type RemoteSecretOptions struct { KubeOptions // Create a secret with this service account's credentials. ServiceAccountName string // Authentication method for the remote Kubernetes cluster. AuthType RemoteSecretAuthType // Authenticator plugin configuration AuthPluginName string AuthPluginConfig map[string]string }
RemoteSecretOptions contains the options for creating a remote secret.
Package multicluster imports 43 packages (graph) and is imported by 4 packages. Updated 2019-12-14. Refresh now. Tools for package owners.