v1.2.2 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Aug 17, 2021 License: Apache-2.0 Imports: 25 Imported by: 0




View Source
const (
	// Name of the ConfigMap that will hold the CA certificate that signs the TLS
	// certificate of antrea-controller.
	CAConfigMapName = "antrea-ca"
	CAConfigMapKey  = "ca.crt"
View Source
const (
	// The names of the files that should contain the CA certificate and the TLS key pair.
	CACertFile  = "ca.crt"
	TLSCertFile = "tls.crt"
	TLSKeyFile  = "tls.key"


This section is empty.


func GetAntreaServerNames

func GetAntreaServerNames() []string

GetAntreaServerNames returns the DNS names that the TLS certificate will be signed with.

func GetCAConfigMapNamespace

func GetCAConfigMapNamespace() string


type CACertController

type CACertController struct {
	// contains filtered or unexported fields

CACertController is responsible for taking the CA certificate from the caContentProvider and publishing it to the ConfigMap and the APIServices.

func ApplyServerCert

func ApplyServerCert(selfSignedCert bool,
	client kubernetes.Interface,
	aggregatorClient clientset.Interface,
	apiExtensionClient apiextensionclientset.Interface,
	secureServing *options.SecureServingOptionsWithLoopback) (*CACertController, error)

func (*CACertController) Enqueue

func (c *CACertController) Enqueue()

Enqueue will be called after CACertController is registered as a listener of CA cert change.

func (*CACertController) Run

func (c *CACertController) Run(workers int, stopCh <-chan struct{})

Run starts the CACertController and blocks until stopCh is closed.

func (*CACertController) RunOnce

func (c *CACertController) RunOnce() error

RunOnce runs a single sync step to ensure that we have a valid starting configuration.

func (*CACertController) UpdateCertificate

func (c *CACertController) UpdateCertificate() error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL