import "k8s.io/kubernetes/cmd/kubeadm/app/phases/bootstraptoken/node"
const ( // NodeBootstrapperClusterRoleName defines the name of the auto-bootstrapped ClusterRole for letting someone post a CSR // TODO: This value should be defined in an other, generic authz package instead of here NodeBootstrapperClusterRoleName = "system:node-bootstrapper" // NodeKubeletBootstrap defines the name of the ClusterRoleBinding that lets kubelets post CSRs NodeKubeletBootstrap = "kubeadm:kubelet-bootstrap" // GetNodesClusterRoleName defines the name of the ClusterRole and ClusterRoleBinding to get nodes GetNodesClusterRoleName = "kubeadm:get-nodes" // CSRAutoApprovalClusterRoleName defines the name of the auto-bootstrapped ClusterRole for making the csrapprover controller auto-approve the CSR // TODO: This value should be defined in an other, generic authz package instead of here // Starting from v1.8, CSRAutoApprovalClusterRoleName is automatically created by the API server on startup CSRAutoApprovalClusterRoleName = "system:certificates.k8s.io:certificatesigningrequests:nodeclient" // NodeSelfCSRAutoApprovalClusterRoleName is a role defined in default 1.8 RBAC policies for automatic CSR approvals for automatically rotated node certificates NodeSelfCSRAutoApprovalClusterRoleName = "system:certificates.k8s.io:certificatesigningrequests:selfnodeclient" // NodeAutoApproveBootstrapClusterRoleBinding defines the name of the ClusterRoleBinding that makes the csrapprover approve node CSRs NodeAutoApproveBootstrapClusterRoleBinding = "kubeadm:node-autoapprove-bootstrap" // NodeAutoApproveCertificateRotationClusterRoleBinding defines name of the ClusterRoleBinding that makes the csrapprover approve node auto rotated CSRs NodeAutoApproveCertificateRotationClusterRoleBinding = "kubeadm:node-autoapprove-certificate-rotation" )
AllowBoostrapTokensToGetNodes creates RBAC rules to allow Node Bootstrap Tokens to list nodes
AllowBootstrapTokensToPostCSRs creates RBAC rules in a way the makes Node Bootstrap Tokens able to post CSRs
AutoApproveNodeBootstrapTokens creates RBAC rules in a way that makes Node Bootstrap Tokens' CSR auto-approved by the csrapprover controller
AutoApproveNodeCertificateRotation creates RBAC rules in a way that makes Node certificate rotation CSR auto-approved by the csrapprover controller
func CreateNewTokens(client clientset.Interface, tokens []kubeadmapi.BootstrapToken) error
CreateNewTokens tries to create a token and fails if one with the same ID already exists
func UpdateOrCreateTokens(client clientset.Interface, failIfExists bool, tokens []kubeadmapi.BootstrapToken) error
UpdateOrCreateTokens attempts to update a token with the given ID, or create if it does not already exist.
Package node imports 10 packages (graph) and is imported by 25 packages. Updated 2020-02-23. Refresh now. Tools for package owners.