Documentation

Overview

    package options is the public flags and options used by a generic api server. It takes a minimal set of dependencies and does not reference implementations, in order to ensure it may be reused by multiple components (such as CLI commands that wish to generate or validate config).

    Index

    Constants

    This section is empty.

    Variables

    This section is empty.

    Functions

    This section is empty.

    Types

    type AuditLogOptions

    type AuditLogOptions struct {
    	Path       string
    	MaxAge     int
    	MaxBackups int
    	MaxSize    int
    }

    func NewAuditLogOptions

    func NewAuditLogOptions() *AuditLogOptions

    func (*AuditLogOptions) AddFlags

    func (o *AuditLogOptions) AddFlags(fs *pflag.FlagSet)

    func (*AuditLogOptions) ApplyTo

    func (o *AuditLogOptions) ApplyTo(c *server.Config) error

    type CertKey

    type CertKey struct {
    	// CertFile is a file containing a PEM-encoded certificate, and possibly the complete certificate chain
    	CertFile string
    	// KeyFile is a file containing a PEM-encoded private key for the certificate specified by CertFile
    	KeyFile string
    }

    type ClientCertAuthenticationOptions

    type ClientCertAuthenticationOptions struct {
    	// ClientCA is the certificate bundle for all the signers that you'll recognize for incoming client certificates
    	ClientCA string
    }

    func (*ClientCertAuthenticationOptions) AddFlags

    type DelegatingAuthenticationOptions

    type DelegatingAuthenticationOptions struct {
    	// RemoteKubeConfigFile is the file to use to connect to a "normal" kube API server which hosts the
    	// TokenAccessReview.authentication.k8s.io endpoint for checking tokens.
    	RemoteKubeConfigFile string
    
    	// CacheTTL is the length of time that a token authentication answer will be cached.
    	CacheTTL time.Duration
    
    	ClientCert    ClientCertAuthenticationOptions
    	RequestHeader RequestHeaderAuthenticationOptions
    
    	SkipInClusterLookup bool
    }

      DelegatingAuthenticationOptions provides an easy way for composing API servers to delegate their authentication to the root kube API server. The API federator will act as a front proxy and direction connections will be able to delegate to the core kube API server

      func NewDelegatingAuthenticationOptions

      func NewDelegatingAuthenticationOptions() *DelegatingAuthenticationOptions

      func (*DelegatingAuthenticationOptions) AddFlags

      func (*DelegatingAuthenticationOptions) ApplyTo

      func (*DelegatingAuthenticationOptions) ToAuthenticationConfig

      func (*DelegatingAuthenticationOptions) Validate

      func (s *DelegatingAuthenticationOptions) Validate() []error

      type DelegatingAuthorizationOptions

      type DelegatingAuthorizationOptions struct {
      	// RemoteKubeConfigFile is the file to use to connect to a "normal" kube API server which hosts the
      	// SubjectAccessReview.authorization.k8s.io endpoint for checking tokens.
      	RemoteKubeConfigFile string
      
      	// AllowCacheTTL is the length of time that a successful authorization response will be cached
      	AllowCacheTTL time.Duration
      
      	// DenyCacheTTL is the length of time that an unsuccessful authorization response will be cached.
      	// You generally want more responsive, "deny, try again" flows.
      	DenyCacheTTL time.Duration
      }

        DelegatingAuthorizationOptions provides an easy way for composing API servers to delegate their authorization to the root kube API server

        func NewDelegatingAuthorizationOptions

        func NewDelegatingAuthorizationOptions() *DelegatingAuthorizationOptions

        func (*DelegatingAuthorizationOptions) AddFlags

        func (s *DelegatingAuthorizationOptions) AddFlags(fs *pflag.FlagSet)

        func (*DelegatingAuthorizationOptions) ApplyTo

        func (*DelegatingAuthorizationOptions) ToAuthorizationConfig

        func (*DelegatingAuthorizationOptions) Validate

        func (s *DelegatingAuthorizationOptions) Validate() []error

        type EtcdOptions

        type EtcdOptions struct {
        	StorageConfig storagebackend.Config
        
        	EtcdServersOverrides []string
        
        	// To enable protobuf as storage format, it is enough
        	// to set it to "application/vnd.kubernetes.protobuf".
        	DefaultStorageMediaType string
        	DeleteCollectionWorkers int
        	EnableGarbageCollection bool
        	EnableWatchCache        bool
        }

        func NewEtcdOptions

        func NewEtcdOptions(backendConfig *storagebackend.Config) *EtcdOptions

        func (*EtcdOptions) AddFlags

        func (s *EtcdOptions) AddFlags(fs *pflag.FlagSet)

          AddEtcdFlags adds flags related to etcd storage for a specific APIServer to the specified FlagSet

          func (*EtcdOptions) ApplyTo

          func (s *EtcdOptions) ApplyTo(c *server.Config) error

          func (*EtcdOptions) ApplyWithStorageFactoryTo

          func (s *EtcdOptions) ApplyWithStorageFactoryTo(factory serverstorage.StorageFactory, c *server.Config) error

          func (*EtcdOptions) Validate

          func (s *EtcdOptions) Validate() []error

          type FeatureOptions

          type FeatureOptions struct {
          	EnableProfiling           bool
          	EnableContentionProfiling bool
          	EnableSwaggerUI           bool
          }

          func NewFeatureOptions

          func NewFeatureOptions() *FeatureOptions

          func (*FeatureOptions) AddFlags

          func (o *FeatureOptions) AddFlags(fs *pflag.FlagSet)

          func (*FeatureOptions) ApplyTo

          func (o *FeatureOptions) ApplyTo(c *server.Config) error

          type GeneratableKeyCert

          type GeneratableKeyCert struct {
          	CertKey CertKey
          
          	// CACertFile is an optional file containing the certificate chain for CertKey.CertFile
          	CACertFile string
          	// CertDirectory is a directory that will contain the certificates.  If the cert and key aren't specifically set
          	// this will be used to derive a match with the "pair-name"
          	CertDirectory string
          	// PairName is the name which will be used with CertDirectory to make a cert and key names
          	// It becomes CertDirector/PairName.crt and CertDirector/PairName.key
          	PairName string
          }

          type RecommendedOptions

          type RecommendedOptions struct {
          	Etcd           *EtcdOptions
          	SecureServing  *SecureServingOptions
          	Authentication *DelegatingAuthenticationOptions
          	Authorization  *DelegatingAuthorizationOptions
          	Audit          *AuditLogOptions
          	Features       *FeatureOptions
          }

            RecommendedOptions contains the recommended options for running an API server If you add something to this list, it should be in a logical grouping

            func NewRecommendedOptions

            func NewRecommendedOptions(prefix string, copier runtime.ObjectCopier, codec runtime.Codec) *RecommendedOptions

            func (*RecommendedOptions) AddFlags

            func (o *RecommendedOptions) AddFlags(fs *pflag.FlagSet)

            func (*RecommendedOptions) ApplyTo

            func (o *RecommendedOptions) ApplyTo(config *server.Config) error

            type RequestHeaderAuthenticationOptions

            type RequestHeaderAuthenticationOptions struct {
            	UsernameHeaders     []string
            	GroupHeaders        []string
            	ExtraHeaderPrefixes []string
            	ClientCAFile        string
            	AllowedNames        []string
            }

            func (*RequestHeaderAuthenticationOptions) AddFlags

            func (*RequestHeaderAuthenticationOptions) ToAuthenticationRequestHeaderConfig

            func (s *RequestHeaderAuthenticationOptions) ToAuthenticationRequestHeaderConfig() *authenticatorfactory.RequestHeaderConfig

              ToAuthenticationRequestHeaderConfig returns a RequestHeaderConfig config object for these options if necessary, nil otherwise.

              type SecureServingOptions

              type SecureServingOptions struct {
              	ServingOptions ServingOptions
              
              	// ServerCert is the TLS cert info for serving secure traffic
              	ServerCert GeneratableKeyCert
              	// SNICertKeys are named CertKeys for serving secure traffic with SNI support.
              	SNICertKeys []utilflag.NamedCertKey
              }

              func NewSecureServingOptions

              func NewSecureServingOptions() *SecureServingOptions

              func (*SecureServingOptions) AddDeprecatedFlags

              func (s *SecureServingOptions) AddDeprecatedFlags(fs *pflag.FlagSet)

              func (*SecureServingOptions) AddFlags

              func (s *SecureServingOptions) AddFlags(fs *pflag.FlagSet)

              func (*SecureServingOptions) ApplyTo

              func (s *SecureServingOptions) ApplyTo(c *server.Config) error

              func (*SecureServingOptions) MaybeDefaultWithSelfSignedCerts

              func (s *SecureServingOptions) MaybeDefaultWithSelfSignedCerts(publicAddress string, alternateIPs ...net.IP) error

              func (*SecureServingOptions) Validate

              func (s *SecureServingOptions) Validate() []error

              type ServerRunOptions

              type ServerRunOptions struct {
              	AdmissionControl           string
              	AdmissionControlConfigFile string
              	AdvertiseAddress           net.IP
              
              	CorsAllowedOriginList       []string
              	ExternalHost                string
              	MaxRequestsInFlight         int
              	MaxMutatingRequestsInFlight int
              	MinRequestTimeout           int
              	TargetRAMMB                 int
              	WatchCacheSizes             []string
              }

                ServerRunOptions contains the options while running a generic api server.

                func NewServerRunOptions

                func NewServerRunOptions() *ServerRunOptions

                func (*ServerRunOptions) AddUniversalFlags

                func (s *ServerRunOptions) AddUniversalFlags(fs *pflag.FlagSet)

                  AddFlags adds flags for a specific APIServer to the specified FlagSet

                  func (*ServerRunOptions) ApplyTo

                  func (s *ServerRunOptions) ApplyTo(c *server.Config) error

                    ApplyOptions applies the run options to the method receiver and returns self

                    func (*ServerRunOptions) DefaultAdvertiseAddress

                    func (s *ServerRunOptions) DefaultAdvertiseAddress(secure *SecureServingOptions, insecure *ServingOptions) error

                      DefaultAdvertiseAddress sets the field AdvertiseAddress if unset. The field will be set based on the SecureServingOptions. If the SecureServingOptions is not present, DefaultExternalAddress will fall back to the insecure ServingOptions.

                      type ServingOptions

                      type ServingOptions struct {
                      	BindAddress net.IP
                      	BindPort    int
                      }

                      func NewInsecureServingOptions

                      func NewInsecureServingOptions() *ServingOptions

                      func (*ServingOptions) AddDeprecatedFlags

                      func (s *ServingOptions) AddDeprecatedFlags(fs *pflag.FlagSet)

                      func (*ServingOptions) AddFlags

                      func (s *ServingOptions) AddFlags(fs *pflag.FlagSet)

                      func (*ServingOptions) ApplyTo

                      func (s *ServingOptions) ApplyTo(c *server.Config) error

                      func (*ServingOptions) DefaultExternalAddress

                      func (s *ServingOptions) DefaultExternalAddress() (net.IP, error)

                      func (ServingOptions) Validate

                      func (s ServingOptions) Validate(portArg string) []error