Documentation

Overview

    Package server contains the plumbing to create kubernetes-like API server command.

    Index

    Constants

    View Source
    const (
    	// DefaultLegacyAPIPrefix is where the legacy APIs will be located.
    	DefaultLegacyAPIPrefix = "/api"
    
    	// APIGroupPrefix is where non-legacy API group will be located.
    	APIGroupPrefix = "/apis"
    )
    View Source
    const LoopbackClientServerNameOverride = "apiserver-loopback-client"

      LoopbackClientServerNameOverride is passed to the apiserver from the loopback client in order to select the loopback certificate via SNI if TLS is used.

      Variables

      This section is empty.

      Functions

      func AuthorizeClientBearerToken

      func AuthorizeClientBearerToken(loopback *restclient.Config, authn *AuthenticationInfo, authz *AuthorizationInfo)

        AuthorizeClientBearerToken wraps the authenticator and authorizer in loopback authentication logic if the loopback client config is specified AND it has a bearer token.

        func DefaultBuildHandlerChain

        func DefaultBuildHandlerChain(apiHandler http.Handler, c *Config) http.Handler

        func DefaultOpenAPIConfig

        func DefaultOpenAPIConfig(getDefinitions openapicommon.GetOpenAPIDefinitions, defNamer *apiopenapi.DefinitionNamer) *openapicommon.Config

        func GetNamedCertificateMap

        func GetNamedCertificateMap(certs []NamedTLSCert) (map[string]*tls.Certificate, error)

          GetNamedCertificateMap returns a map of *tls.Certificate by name. It's suitable for use in tls.Config#NamedCertificates. Returns an error if any of the certs cannot be loaded. Returns nil if len(certs) == 0

          func LoopbackHostPort

          func LoopbackHostPort(bindAddress string) (string, string, error)

            LoopbackHostPort returns the host and port loopback REST clients should use to contact the server.

            func NewRequestInfoResolver

            func NewRequestInfoResolver(c *Config) *apirequest.RequestInfoFactory

            func RegisterAllAdmissionPlugins

            func RegisterAllAdmissionPlugins(plugins *admission.Plugins)

              RegisterAllAdmissionPlugins registers all admission plugins

              func RequestShutdown

              func RequestShutdown() bool

                RequestShutdown emulates a received event that is considered as shutdown signal (SIGTERM/SIGINT) This returns whether a handler was notified

                func RunServer

                func RunServer(
                	server *http.Server,
                	ln net.Listener,
                	shutDownTimeout time.Duration,
                	stopCh <-chan struct{},
                ) (<-chan struct{}, error)

                  RunServer listens on the given port if listener is not given, then spawns a go-routine continuously serving until the stopCh is closed. It returns a stoppedCh that is closed when all non-hijacked active requests have been processed. This function does not block TODO: make private when insecure serving is gone from the kube-apiserver

                  func SetupSignalHandler

                  func SetupSignalHandler() <-chan struct{}

                    SetupSignalHandler registered for SIGTERM and SIGINT. A stop channel is returned which is closed on one of these signals. If a second signal is caught, the program is terminated with exit code 1.

                    Types

                    type APIGroupInfo

                    type APIGroupInfo struct {
                    	PrioritizedVersions []schema.GroupVersion
                    	// Info about the resources in this group. It's a map from version to resource to the storage.
                    	VersionedResourcesStorageMap map[string]map[string]rest.Storage
                    	// OptionsExternalVersion controls the APIVersion used for common objects in the
                    	// schema like api.Status, api.DeleteOptions, and metav1.ListOptions. Other implementors may
                    	// define a version "v1beta1" but want to use the Kubernetes "v1" internal objects.
                    	// If nil, defaults to groupMeta.GroupVersion.
                    	// TODO: Remove this when https://github.com/kubernetes/kubernetes/issues/19018 is fixed.
                    	OptionsExternalVersion *schema.GroupVersion
                    	// MetaGroupVersion defaults to "meta.k8s.io/v1" and is the scheme group version used to decode
                    	// common API implementations like ListOptions. Future changes will allow this to vary by group
                    	// version (for when the inevitable meta/v2 group emerges).
                    	MetaGroupVersion *schema.GroupVersion
                    
                    	// Scheme includes all of the types used by this group and how to convert between them (or
                    	// to convert objects from outside of this group that are accepted in this API).
                    	// TODO: replace with interfaces
                    	Scheme *runtime.Scheme
                    	// NegotiatedSerializer controls how this group encodes and decodes data
                    	NegotiatedSerializer runtime.NegotiatedSerializer
                    	// ParameterCodec performs conversions for query parameters passed to API calls
                    	ParameterCodec runtime.ParameterCodec
                    }

                      Info about an API group.

                      func NewDefaultAPIGroupInfo

                      func NewDefaultAPIGroupInfo(group string, scheme *runtime.Scheme, parameterCodec runtime.ParameterCodec, codecs serializer.CodecFactory) APIGroupInfo

                        NewDefaultAPIGroupInfo returns an APIGroupInfo stubbed with "normal" values exposed for easier composition from other packages

                        type APIServerHandler

                        type APIServerHandler struct {
                        	// FullHandlerChain is the one that is eventually served with.  It should include the full filter
                        	// chain and then call the Director.
                        	FullHandlerChain http.Handler
                        	// The registered APIs.  InstallAPIs uses this.  Other servers probably shouldn't access this directly.
                        	GoRestfulContainer *restful.Container
                        	// NonGoRestfulMux is the final HTTP handler in the chain.
                        	// It comes after all filters and the API handling
                        	// This is where other servers can attach handler to various parts of the chain.
                        	NonGoRestfulMux *mux.PathRecorderMux
                        
                        	// Director is here so that we can properly handle fall through and proxy cases.
                        	// This looks a bit bonkers, but here's what's happening.  We need to have /apis handling registered in gorestful in order to have
                        	// swagger generated for compatibility.  Doing that with `/apis` as a webservice, means that it forcibly 404s (no defaulting allowed)
                        	// all requests which are not /apis or /apis/.  We need those calls to fall through behind goresful for proper delegation.  Trying to
                        	// register for a pattern which includes everything behind it doesn't work because gorestful negotiates for verbs and content encoding
                        	// and all those things go crazy when gorestful really just needs to pass through.  In addition, openapi enforces unique verb constraints
                        	// which we don't fit into and it still muddies up swagger.  Trying to switch the webservices into a route doesn't work because the
                        	//  containing webservice faces all the same problems listed above.
                        	// This leads to the crazy thing done here.  Our mux does what we need, so we'll place it in front of gorestful.  It will introspect to
                        	// decide if the route is likely to be handled by goresful and route there if needed.  Otherwise, it goes to PostGoRestful mux in
                        	// order to handle "normal" paths and delegation. Hopefully no API consumers will ever have to deal with this level of detail.  I think
                        	// we should consider completely removing gorestful.
                        	// Other servers should only use this opaquely to delegate to an API server.
                        	Director http.Handler
                        }

                          APIServerHandlers holds the different http.Handlers used by the API server. This includes the full handler chain, the director (which chooses between gorestful and nonGoRestful, the gorestful handler (used for the API) which falls through to the nonGoRestful handler on unregistered paths, and the nonGoRestful handler (which can contain a fallthrough of its own) FullHandlerChain -> Director -> {GoRestfulContainer,NonGoRestfulMux} based on inspection of registered web services

                          func NewAPIServerHandler

                          func NewAPIServerHandler(name string, s runtime.NegotiatedSerializer, handlerChainBuilder HandlerChainBuilderFn, notFoundHandler http.Handler) *APIServerHandler

                          func (*APIServerHandler) ListedPaths

                          func (a *APIServerHandler) ListedPaths() []string

                            ListedPaths returns the paths that should be shown under /

                            func (*APIServerHandler) ServeHTTP

                            func (a *APIServerHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

                              ServeHTTP makes it an http.Handler

                              type AuthenticationInfo

                              type AuthenticationInfo struct {
                              	// APIAudiences is a list of identifier that the API identifies as. This is
                              	// used by some authenticators to validate audience bound credentials.
                              	APIAudiences authenticator.Audiences
                              	// Authenticator determines which subject is making the request
                              	Authenticator authenticator.Request
                              	// SupportsBasicAuth indicates that's at least one Authenticator supports basic auth
                              	// If this is true, a basic auth challenge is returned on authentication failure
                              	// TODO(roberthbailey): Remove once the server no longer supports http basic auth.
                              	SupportsBasicAuth bool
                              }

                              func (*AuthenticationInfo) ApplyClientCert

                              func (c *AuthenticationInfo) ApplyClientCert(clientCAFile string, servingInfo *SecureServingInfo) error

                              type AuthorizationInfo

                              type AuthorizationInfo struct {
                              	// Authorizer determines whether the subject is allowed to make the request based only
                              	// on the RequestURI
                              	Authorizer authorizer.Authorizer
                              }

                              type CompletedConfig

                              type CompletedConfig struct {
                              	// contains filtered or unexported fields
                              }

                              func (CompletedConfig) New

                              func (c CompletedConfig) New(name string, delegationTarget DelegationTarget) (*GenericAPIServer, error)

                                New creates a new server which logically combines the handling chain with the passed server. name is used to differentiate for logging. The handler chain in particular can be difficult as it starts delgating. delegationTarget may not be nil.

                                type Config

                                type Config struct {
                                	// SecureServing is required to serve https
                                	SecureServing *SecureServingInfo
                                
                                	// Authentication is the configuration for authentication
                                	Authentication AuthenticationInfo
                                
                                	// Authorization is the configuration for authorization
                                	Authorization AuthorizationInfo
                                
                                	// LoopbackClientConfig is a config for a privileged loopback connection to the API server
                                	// This is required for proper functioning of the PostStartHooks on a GenericAPIServer
                                	// TODO: move into SecureServing(WithLoopback) as soon as insecure serving is gone
                                	LoopbackClientConfig *restclient.Config
                                	// RuleResolver is required to get the list of rules that apply to a given user
                                	// in a given namespace
                                	RuleResolver authorizer.RuleResolver
                                	// AdmissionControl performs deep inspection of a given request (including content)
                                	// to set values and determine whether its allowed
                                	AdmissionControl      admission.Interface
                                	CorsAllowedOriginList []string
                                
                                	EnableIndex     bool
                                	EnableProfiling bool
                                	EnableDiscovery bool
                                	// Requires generic profiling enabled
                                	EnableContentionProfiling bool
                                	EnableMetrics             bool
                                
                                	DisabledPostStartHooks sets.String
                                
                                	// Version will enable the /version endpoint if non-nil
                                	Version *version.Info
                                	// AuditBackend is where audit events are sent to.
                                	AuditBackend audit.Backend
                                	// AuditPolicyChecker makes the decision of whether and how to audit log a request.
                                	AuditPolicyChecker auditpolicy.Checker
                                	// ExternalAddress is the host name to use for external (public internet) facing URLs (e.g. Swagger)
                                	// Will default to a value based on secure serving info and available ipv4 IPs.
                                	ExternalAddress string
                                
                                	// BuildHandlerChainFunc allows you to build custom handler chains by decorating the apiHandler.
                                	BuildHandlerChainFunc func(apiHandler http.Handler, c *Config) (secure http.Handler)
                                	// HandlerChainWaitGroup allows you to wait for all chain handlers exit after the server shutdown.
                                	HandlerChainWaitGroup *utilwaitgroup.SafeWaitGroup
                                	// DiscoveryAddresses is used to build the IPs pass to discovery. If nil, the ExternalAddress is
                                	// always reported
                                	DiscoveryAddresses discovery.Addresses
                                	// The default set of healthz checks. There might be more added via AddHealthzChecks dynamically.
                                	HealthzChecks []healthz.HealthzChecker
                                	// LegacyAPIGroupPrefixes is used to set up URL parsing for authorization and for validating requests
                                	// to InstallLegacyAPIGroup. New API servers don't generally have legacy groups at all.
                                	LegacyAPIGroupPrefixes sets.String
                                	// RequestInfoResolver is used to assign attributes (used by admission and authorization) based on a request URL.
                                	// Use-cases that are like kubelets may need to customize this.
                                	RequestInfoResolver apirequest.RequestInfoResolver
                                	// Serializer is required and provides the interface for serializing and converting objects to and from the wire
                                	// The default (api.Codecs) usually works fine.
                                	Serializer runtime.NegotiatedSerializer
                                	// OpenAPIConfig will be used in generating OpenAPI spec. This is nil by default. Use DefaultOpenAPIConfig for "working" defaults.
                                	OpenAPIConfig *openapicommon.Config
                                
                                	// RESTOptionsGetter is used to construct RESTStorage types via the generic registry.
                                	RESTOptionsGetter genericregistry.RESTOptionsGetter
                                
                                	// If specified, all requests except those which match the LongRunningFunc predicate will timeout
                                	// after this duration.
                                	RequestTimeout time.Duration
                                	// If specified, long running requests such as watch will be allocated a random timeout between this value, and
                                	// twice this value.  Note that it is up to the request handlers to ignore or honor this timeout. In seconds.
                                	MinRequestTimeout int
                                	// The limit on the total size increase all "copy" operations in a json
                                	// patch may cause.
                                	// This affects all places that applies json patch in the binary.
                                	JSONPatchMaxCopyBytes int64
                                	// The limit on the request body size that would be accepted and decoded in a write request.
                                	// 0 means no limit.
                                	MaxRequestBodyBytes int64
                                	// MaxRequestsInFlight is the maximum number of parallel non-long-running requests. Every further
                                	// request has to wait. Applies only to non-mutating requests.
                                	MaxRequestsInFlight int
                                	// MaxMutatingRequestsInFlight is the maximum number of parallel mutating requests. Every further
                                	// request has to wait.
                                	MaxMutatingRequestsInFlight int
                                	// Predicate which is true for paths of long-running http requests
                                	LongRunningFunc apirequest.LongRunningRequestCheck
                                
                                	// EnableAPIResponseCompression indicates whether API Responses should support compression
                                	// if the client requests it via Accept-Encoding
                                	EnableAPIResponseCompression bool
                                
                                	// MergedResourceConfig indicates which groupVersion enabled and its resources enabled/disabled.
                                	// This is composed of genericapiserver defaultAPIResourceConfig and those parsed from flags.
                                	// If not specify any in flags, then genericapiserver will only enable defaultAPIResourceConfig.
                                	MergedResourceConfig *serverstore.ResourceConfig
                                
                                	// PublicAddress is the IP address where members of the cluster (kubelet,
                                	// kube-proxy, services, etc.) can reach the GenericAPIServer.
                                	// If nil or 0.0.0.0, the host's default interface will be used.
                                	PublicAddress net.IP
                                }

                                  Config is a structure used to configure a GenericAPIServer. Its members are sorted roughly in order of importance for composers.

                                  func NewConfig

                                  func NewConfig(codecs serializer.CodecFactory) *Config

                                    NewConfig returns a Config struct with the default values

                                    func (*Config) Complete

                                    func (c *Config) Complete(informers informers.SharedInformerFactory) CompletedConfig

                                      Complete fills in any fields not set that are required to have valid data and can be derived from other fields. If you're going to `ApplyOptions`, do that first. It's mutating the receiver.

                                      type DelegationTarget

                                      type DelegationTarget interface {
                                      	// UnprotectedHandler returns a handler that is NOT protected by a normal chain
                                      	UnprotectedHandler() http.Handler
                                      
                                      	// PostStartHooks returns the post-start hooks that need to be combined
                                      	PostStartHooks() map[string]postStartHookEntry
                                      
                                      	// PreShutdownHooks returns the pre-stop hooks that need to be combined
                                      	PreShutdownHooks() map[string]preShutdownHookEntry
                                      
                                      	// HealthzChecks returns the healthz checks that need to be combined
                                      	HealthzChecks() []healthz.HealthzChecker
                                      
                                      	// ListedPaths returns the paths for supporting an index
                                      	ListedPaths() []string
                                      
                                      	// NextDelegate returns the next delegationTarget in the chain of delegations
                                      	NextDelegate() DelegationTarget
                                      }

                                        DelegationTarget is an interface which allows for composition of API servers with top level handling that works as expected.

                                        func NewEmptyDelegate

                                        func NewEmptyDelegate() DelegationTarget

                                        type DeprecatedInsecureServingInfo

                                        type DeprecatedInsecureServingInfo struct {
                                        	// Listener is the secure server network listener.
                                        	Listener net.Listener
                                        	// optional server name for log messages
                                        	Name string
                                        }

                                          DeprecatedInsecureServingInfo is the main context object for the insecure http server.

                                          func (*DeprecatedInsecureServingInfo) NewLoopbackClientConfig

                                          func (s *DeprecatedInsecureServingInfo) NewLoopbackClientConfig() (*rest.Config, error)

                                          func (*DeprecatedInsecureServingInfo) Serve

                                          func (s *DeprecatedInsecureServingInfo) Serve(handler http.Handler, shutdownTimeout time.Duration, stopCh <-chan struct{}) error

                                            Serve starts an insecure http server with the given handler. It fails only if the initial listen call fails. It does not block.

                                            type GenericAPIServer

                                            type GenericAPIServer struct {
                                            
                                            	// LoopbackClientConfig is a config for a privileged loopback connection to the API server
                                            	LoopbackClientConfig *restclient.Config
                                            
                                            	// ShutdownTimeout is the timeout used for server shutdown. This specifies the timeout before server
                                            	// gracefully shutdown returns.
                                            	ShutdownTimeout time.Duration
                                            
                                            	// SecureServingInfo holds configuration of the TLS server.
                                            	SecureServingInfo *SecureServingInfo
                                            
                                            	// ExternalAddress is the address (hostname or IP and port) that should be used in
                                            	// external (public internet) URLs for this GenericAPIServer.
                                            	ExternalAddress string
                                            
                                            	// Serializer controls how common API objects not in a group/version prefix are serialized for this server.
                                            	// Individual APIGroups may define their own serializers.
                                            	Serializer runtime.NegotiatedSerializer
                                            
                                            	// "Outputs"
                                            	// Handler holds the handlers being used by this API server
                                            	Handler *APIServerHandler
                                            
                                            	// DiscoveryGroupManager serves /apis
                                            	DiscoveryGroupManager discovery.GroupManager
                                            
                                            	// OpenAPIVersionedService controls the /openapi/v2 endpoint, and can be used to update the served spec.
                                            	// It is set during PrepareRun.
                                            	OpenAPIVersionedService *handler.OpenAPIService
                                            
                                            	// StaticOpenAPISpec is the spec derived from the restful container endpoints.
                                            	// It is set during PrepareRun.
                                            	StaticOpenAPISpec *spec.Swagger
                                            
                                            	// auditing. The backend is started after the server starts listening.
                                            	AuditBackend audit.Backend
                                            
                                            	// Authorizer determines whether a user is allowed to make a certain request. The Handler does a preliminary
                                            	// authorization check using the request URI but it may be necessary to make additional checks, such as in
                                            	// the create-on-update case
                                            	Authorizer authorizer.Authorizer
                                            
                                            	// HandlerChainWaitGroup allows you to wait for all chain handlers finish after the server shutdown.
                                            	HandlerChainWaitGroup *utilwaitgroup.SafeWaitGroup
                                            	// contains filtered or unexported fields
                                            }

                                              GenericAPIServer contains state for a Kubernetes cluster api server.

                                              func (*GenericAPIServer) AddHealthzChecks

                                              func (s *GenericAPIServer) AddHealthzChecks(checks ...healthz.HealthzChecker) error

                                                AddHealthzCheck allows you to add a HealthzCheck.

                                                func (*GenericAPIServer) AddPostStartHook

                                                func (s *GenericAPIServer) AddPostStartHook(name string, hook PostStartHookFunc) error

                                                  AddPostStartHook allows you to add a PostStartHook.

                                                  func (*GenericAPIServer) AddPostStartHookOrDie

                                                  func (s *GenericAPIServer) AddPostStartHookOrDie(name string, hook PostStartHookFunc)

                                                    AddPostStartHookOrDie allows you to add a PostStartHook, but dies on failure

                                                    func (*GenericAPIServer) AddPreShutdownHook

                                                    func (s *GenericAPIServer) AddPreShutdownHook(name string, hook PreShutdownHookFunc) error

                                                      AddPreShutdownHook allows you to add a PreShutdownHook.

                                                      func (*GenericAPIServer) AddPreShutdownHookOrDie

                                                      func (s *GenericAPIServer) AddPreShutdownHookOrDie(name string, hook PreShutdownHookFunc)

                                                        AddPreShutdownHookOrDie allows you to add a PostStartHook, but dies on failure

                                                        func (*GenericAPIServer) HealthzChecks

                                                        func (s *GenericAPIServer) HealthzChecks() []healthz.HealthzChecker

                                                        func (*GenericAPIServer) InstallAPIGroup

                                                        func (s *GenericAPIServer) InstallAPIGroup(apiGroupInfo *APIGroupInfo) error

                                                          Exposes the given api group in the API.

                                                          func (*GenericAPIServer) InstallAPIGroups

                                                          func (s *GenericAPIServer) InstallAPIGroups(apiGroupInfos ...*APIGroupInfo) error

                                                            Exposes given api groups in the API.

                                                            func (*GenericAPIServer) InstallLegacyAPIGroup

                                                            func (s *GenericAPIServer) InstallLegacyAPIGroup(apiPrefix string, apiGroupInfo *APIGroupInfo) error

                                                            func (*GenericAPIServer) ListedPaths

                                                            func (s *GenericAPIServer) ListedPaths() []string

                                                            func (*GenericAPIServer) NextDelegate

                                                            func (s *GenericAPIServer) NextDelegate() DelegationTarget

                                                            func (*GenericAPIServer) PostStartHooks

                                                            func (s *GenericAPIServer) PostStartHooks() map[string]postStartHookEntry

                                                            func (*GenericAPIServer) PreShutdownHooks

                                                            func (s *GenericAPIServer) PreShutdownHooks() map[string]preShutdownHookEntry

                                                            func (*GenericAPIServer) PrepareRun

                                                            func (s *GenericAPIServer) PrepareRun() preparedGenericAPIServer

                                                              PrepareRun does post API installation setup steps.

                                                              func (*GenericAPIServer) RunPostStartHooks

                                                              func (s *GenericAPIServer) RunPostStartHooks(stopCh <-chan struct{})

                                                                RunPostStartHooks runs the PostStartHooks for the server

                                                                func (*GenericAPIServer) RunPreShutdownHooks

                                                                func (s *GenericAPIServer) RunPreShutdownHooks() error

                                                                  RunPreShutdownHooks runs the PreShutdownHooks for the server

                                                                  func (*GenericAPIServer) UnprotectedHandler

                                                                  func (s *GenericAPIServer) UnprotectedHandler() http.Handler

                                                                  type HandlerChainBuilderFn

                                                                  type HandlerChainBuilderFn func(apiHandler http.Handler) http.Handler

                                                                    HandlerChainBuilderFn is used to wrap the GoRestfulContainer handler using the provided handler chain. It is normally used to apply filtering like authentication and authorization

                                                                    type InsecureSuperuser

                                                                    type InsecureSuperuser struct{}

                                                                      InsecureSuperuser implements authenticator.Request to always return a superuser. This is functionally equivalent to skipping authentication and authorization, but allows apiserver code to stop special-casing a nil user to skip authorization checks.

                                                                      func (InsecureSuperuser) AuthenticateRequest

                                                                      func (InsecureSuperuser) AuthenticateRequest(req *http.Request) (*authenticator.Response, bool, error)

                                                                      type NamedTLSCert

                                                                      type NamedTLSCert struct {
                                                                      	TLSCert tls.Certificate
                                                                      
                                                                      	// Names is a list of domain patterns: fully qualified domain names, possibly prefixed with
                                                                      	// wildcard segments.
                                                                      	Names []string
                                                                      }

                                                                      type PostStartHookContext

                                                                      type PostStartHookContext struct {
                                                                      	// LoopbackClientConfig is a config for a privileged loopback connection to the API server
                                                                      	LoopbackClientConfig *restclient.Config
                                                                      	// StopCh is the channel that will be closed when the server stops
                                                                      	StopCh <-chan struct{}
                                                                      }

                                                                        PostStartHookContext provides information about this API server to a PostStartHookFunc

                                                                        type PostStartHookFunc

                                                                        type PostStartHookFunc func(context PostStartHookContext) error

                                                                          PostStartHookFunc is a function that is called after the server has started. It must properly handle cases like:

                                                                          1. asynchronous start in multiple API server processes
                                                                          2. conflicts between the different processes all trying to perform the same action
                                                                          3. partially complete work (API server crashes while running your hook)
                                                                          4. API server access **BEFORE** your hook has completed
                                                                          

                                                                          Think of it like a mini-controller that is super privileged and gets to run in-process If you use this feature, tag @deads2k on github who has promised to review code for anyone's PostStartHook until it becomes easier to use.

                                                                          type PostStartHookProvider

                                                                          type PostStartHookProvider interface {
                                                                          	PostStartHook() (string, PostStartHookFunc, error)
                                                                          }

                                                                            PostStartHookProvider is an interface in addition to provide a post start hook for the api server

                                                                            type PreShutdownHookFunc

                                                                            type PreShutdownHookFunc func() error

                                                                              PreShutdownHookFunc is a function that can be added to the shutdown logic.

                                                                              type RecommendedConfig

                                                                              type RecommendedConfig struct {
                                                                              	Config
                                                                              
                                                                              	// SharedInformerFactory provides shared informers for Kubernetes resources. This value is set by
                                                                              	// RecommendedOptions.CoreAPI.ApplyTo called by RecommendedOptions.ApplyTo. It uses an in-cluster client config
                                                                              	// by default, or the kubeconfig given with kubeconfig command line flag.
                                                                              	SharedInformerFactory informers.SharedInformerFactory
                                                                              
                                                                              	// ClientConfig holds the kubernetes client configuration.
                                                                              	// This value is set by RecommendedOptions.CoreAPI.ApplyTo called by RecommendedOptions.ApplyTo.
                                                                              	// By default in-cluster client config is used.
                                                                              	ClientConfig *restclient.Config
                                                                              }

                                                                              func NewRecommendedConfig

                                                                              func NewRecommendedConfig(codecs serializer.CodecFactory) *RecommendedConfig

                                                                                NewRecommendedConfig returns a RecommendedConfig struct with the default values

                                                                                func (*RecommendedConfig) Complete

                                                                                func (c *RecommendedConfig) Complete() CompletedConfig

                                                                                  Complete fills in any fields not set that are required to have valid data and can be derived from other fields. If you're going to `ApplyOptions`, do that first. It's mutating the receiver.

                                                                                  type SecureServingInfo

                                                                                  type SecureServingInfo struct {
                                                                                  	// Listener is the secure server network listener.
                                                                                  	Listener net.Listener
                                                                                  
                                                                                  	// Cert is the main server cert which is used if SNI does not match. Cert must be non-nil and is
                                                                                  	// allowed to be in SNICerts.
                                                                                  	Cert *tls.Certificate
                                                                                  
                                                                                  	// SNICerts are the TLS certificates by name used for SNI.
                                                                                  	SNICerts map[string]*tls.Certificate
                                                                                  
                                                                                  	// ClientCA is the certificate bundle for all the signers that you'll recognize for incoming client certificates
                                                                                  	ClientCA *x509.CertPool
                                                                                  
                                                                                  	// MinTLSVersion optionally overrides the minimum TLS version supported.
                                                                                  	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
                                                                                  	MinTLSVersion uint16
                                                                                  
                                                                                  	// CipherSuites optionally overrides the list of allowed cipher suites for the server.
                                                                                  	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
                                                                                  	CipherSuites []uint16
                                                                                  
                                                                                  	// HTTP2MaxStreamsPerConnection is the limit that the api server imposes on each client.
                                                                                  	// A value of zero means to use the default provided by golang's HTTP/2 support.
                                                                                  	HTTP2MaxStreamsPerConnection int
                                                                                  }

                                                                                  func (*SecureServingInfo) HostPort

                                                                                  func (s *SecureServingInfo) HostPort() (string, int, error)

                                                                                  func (*SecureServingInfo) NewClientConfig

                                                                                  func (s *SecureServingInfo) NewClientConfig(caCert []byte) (*restclient.Config, error)

                                                                                  func (*SecureServingInfo) NewLoopbackClientConfig

                                                                                  func (s *SecureServingInfo) NewLoopbackClientConfig(token string, loopbackCert []byte) (*restclient.Config, error)

                                                                                  func (*SecureServingInfo) Serve

                                                                                  func (s *SecureServingInfo) Serve(handler http.Handler, shutdownTimeout time.Duration, stopCh <-chan struct{}) (<-chan struct{}, error)

                                                                                    Serve runs the secure http server. It fails only if certificates cannot be loaded or the initial listen call fails. The actual server loop (stoppable by closing stopCh) runs in a go routine, i.e. Serve does not block. It returns a stoppedCh that is closed when all non-hijacked active requests have been processed.

                                                                                    Directories

                                                                                    Path Synopsis
                                                                                    Package filters contains all the http handler chain filters which are not api related.
                                                                                    Package filters contains all the http handler chain filters which are not api related.
                                                                                    Package healthz implements basic http server health checking.
                                                                                    Package healthz implements basic http server health checking.
                                                                                    Package httplog contains a helper object and functions to maintain a log along with an http response.
                                                                                    Package httplog contains a helper object and functions to maintain a log along with an http response.
                                                                                    Package mux contains abstractions for http multiplexing of APIs.
                                                                                    Package mux contains abstractions for http multiplexing of APIs.
                                                                                    package options is the public flags and options used by a generic api server.
                                                                                    package options is the public flags and options used by a generic api server.
                                                                                    Package resourceconfig contains the resource config related helper functions.
                                                                                    Package resourceconfig contains the resource config related helper functions.
                                                                                    Package routes holds a collection of optional genericapiserver http handlers.
                                                                                    Package routes holds a collection of optional genericapiserver http handlers.
                                                                                    Package storage contains the plumbing to setup the etcd storage of the apiserver.
                                                                                    Package storage contains the plumbing to setup the etcd storage of the apiserver.