kubernetes: k8s.io/kubernetes/pkg/controller/certificates/cleaner Index | Files

package cleaner

import "k8s.io/kubernetes/pkg/controller/certificates/cleaner"

Package cleaner implements an automated cleaner that does garbage collection on CSRs that meet specific criteria. With automated CSR requests and automated approvals, the volume of CSRs only increases over time, at a rapid rate if the certificate duration is short.


Package Files


type CSRCleanerController Uses

type CSRCleanerController struct {
    // contains filtered or unexported fields

CSRCleanerController is a controller that garbage collects old certificate signing requests (CSRs). Since there are mechanisms that automatically create CSRs, and mechanisms that automatically approve CSRs, in order to prevent a build up of CSRs over time, it is necessary to GC them. CSRs will be removed if they meet one of the following criteria: the CSR is Approved with a certificate and is old enough to be past the GC issued deadline, the CSR is denied and is old enough to be past the GC denied deadline, the CSR is Pending and is old enough to be past the GC pending deadline, the CSR is approved with a certificate and the certificate is expired.

func NewCSRCleanerController Uses

func NewCSRCleanerController(
    csrClient csrclient.CertificateSigningRequestInterface,
    csrInformer certificatesinformers.CertificateSigningRequestInformer,
) *CSRCleanerController

NewCSRCleanerController creates a new CSRCleanerController.

func (*CSRCleanerController) Run Uses

func (ccc *CSRCleanerController) Run(workers int, stopCh <-chan struct{})

Run the main goroutine responsible for watching and syncing jobs.

Package cleaner imports 13 packages (graph) and is imported by 6 packages. Updated 2018-12-16. Refresh now. Tools for package owners.