options

package
v1.6.0-alpha.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 30, 2017 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Overview

package options is the public flags and options used by a generic api server. It takes a minimal set of dependencies and does not reference implementations, in order to ensure it may be reused by multiple components (such as CLI commands that wish to generate or validate config).

Index

Constants

View Source 
const (
	DefaultEtcdPathPrefix = "/registry"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type CertKey 

type CertKey struct {
	// CertFile is a file containing a PEM-encoded certificate, and possibly the complete certificate chain
	CertFile string
	// KeyFile is a file containing a PEM-encoded private key for the certificate specified by CertFile
	KeyFile string
}

type ClientCertAuthenticationOptions 

type ClientCertAuthenticationOptions struct {
	// ClientCA is the certificate bundle for all the signers that you'll recognize for incoming client certificates
	ClientCA string
}

func (*ClientCertAuthenticationOptions) AddFlags 

func (s *ClientCertAuthenticationOptions) AddFlags(fs *pflag.FlagSet)

type DelegatingAuthenticationOptions 

type DelegatingAuthenticationOptions struct {
	// RemoteKubeConfigFile is the file to use to connect to a "normal" kube API server which hosts the
	// TokenAccessReview.authentication.k8s.io endpoint for checking tokens.
	RemoteKubeConfigFile string

	// CacheTTL is the length of time that a token authentication answer will be cached.
	CacheTTL time.Duration

	ClientCert    ClientCertAuthenticationOptions
	RequestHeader RequestHeaderAuthenticationOptions
}

DelegatingAuthenticationOptions provides an easy way for composing API servers to delegate their authentication to the root kube API server. The API federator will act as a front proxy and direction connections will be able to delegate to the core kube API server

func NewDelegatingAuthenticationOptions 

func NewDelegatingAuthenticationOptions() *DelegatingAuthenticationOptions

func (*DelegatingAuthenticationOptions) AddFlags 

func (s *DelegatingAuthenticationOptions) AddFlags(fs *pflag.FlagSet)

func (*DelegatingAuthenticationOptions) ToAuthenticationConfig 

func (s *DelegatingAuthenticationOptions) ToAuthenticationConfig() (authenticatorfactory.DelegatingAuthenticatorConfig, error)

func (*DelegatingAuthenticationOptions) Validate 

func (s *DelegatingAuthenticationOptions) Validate() []error

type DelegatingAuthorizationOptions 

type DelegatingAuthorizationOptions struct {
	// RemoteKubeConfigFile is the file to use to connect to a "normal" kube API server which hosts the
	// SubjectAccessReview.authorization.k8s.io endpoint for checking tokens.
	RemoteKubeConfigFile string

	// AllowCacheTTL is the length of time that a successful authorization response will be cached
	AllowCacheTTL time.Duration

	// DenyCacheTTL is the length of time that an unsuccessful authorization response will be cached.
	// You generally want more responsive, "deny, try again" flows.
	DenyCacheTTL time.Duration
}

DelegatingAuthorizationOptions provides an easy way for composing API servers to delegate their authorization to the root kube API server

func NewDelegatingAuthorizationOptions 

func NewDelegatingAuthorizationOptions() *DelegatingAuthorizationOptions

func (*DelegatingAuthorizationOptions) AddFlags 

func (s *DelegatingAuthorizationOptions) AddFlags(fs *pflag.FlagSet)

func (*DelegatingAuthorizationOptions) ToAuthorizationConfig 

func (s *DelegatingAuthorizationOptions) ToAuthorizationConfig() (authorizerfactory.DelegatingAuthorizerConfig, error)

func (*DelegatingAuthorizationOptions) Validate 

func (s *DelegatingAuthorizationOptions) Validate() []error

type EtcdOptions 

type EtcdOptions struct {
	StorageConfig storagebackend.Config

	EtcdServersOverrides []string
}

func NewEtcdOptions 

func NewEtcdOptions() *EtcdOptions

func (*EtcdOptions) AddFlags 

func (s *EtcdOptions) AddFlags(fs *pflag.FlagSet)

AddEtcdFlags adds flags related to etcd storage for a specific APIServer to the specified FlagSet

func (*EtcdOptions) Validate 

func (s *EtcdOptions) Validate() []error

type GeneratableKeyCert 

type GeneratableKeyCert struct {
	CertKey CertKey

	// CACertFile is an optional file containing the certificate chain for CertKey.CertFile
	CACertFile string
	// CertDirectory is a directory that will contain the certificates.  If the cert and key aren't specifically set
	// this will be used to derive a match with the "pair-name"
	CertDirectory string
	// PairName is the name which will be used with CertDirectory to make a cert and key names
	// It becomes CertDirector/PairName.crt and CertDirector/PairName.key
	PairName string
}

type RequestHeaderAuthenticationOptions 

type RequestHeaderAuthenticationOptions struct {
	UsernameHeaders     []string
	GroupHeaders        []string
	ExtraHeaderPrefixes []string
	ClientCAFile        string
	AllowedNames        []string
}

func (*RequestHeaderAuthenticationOptions) AddFlags 

func (s *RequestHeaderAuthenticationOptions) AddFlags(fs *pflag.FlagSet)

func (*RequestHeaderAuthenticationOptions) ToAuthenticationRequestHeaderConfig 

func (s *RequestHeaderAuthenticationOptions) ToAuthenticationRequestHeaderConfig() *authenticatorfactory.RequestHeaderConfig

ToAuthenticationRequestHeaderConfig returns a RequestHeaderConfig config object for these options if necessary, nil otherwise.

type SecureServingOptions 

type SecureServingOptions struct {
	ServingOptions ServingOptions

	// ServerCert is the TLS cert info for serving secure traffic
	ServerCert GeneratableKeyCert
	// SNICertKeys are named CertKeys for serving secure traffic with SNI support.
	SNICertKeys []utilflag.NamedCertKey
}

func NewSecureServingOptions 

func NewSecureServingOptions() *SecureServingOptions

func (*SecureServingOptions) AddDeprecatedFlags 

func (s *SecureServingOptions) AddDeprecatedFlags(fs *pflag.FlagSet)

func (*SecureServingOptions) AddFlags 

func (s *SecureServingOptions) AddFlags(fs *pflag.FlagSet)

func (*SecureServingOptions) MaybeDefaultWithSelfSignedCerts 

func (s *SecureServingOptions) MaybeDefaultWithSelfSignedCerts(publicAddress string, alternateIPs ...net.IP) error

func (*SecureServingOptions) Validate 

func (s *SecureServingOptions) Validate() []error

type ServerRunOptions 

type ServerRunOptions struct {
	AdmissionControl           string
	AdmissionControlConfigFile string
	AdvertiseAddress           net.IP

	CorsAllowedOriginList       []string
	DefaultStorageMediaType     string
	DeleteCollectionWorkers     int
	AuditLogPath                string
	AuditLogMaxAge              int
	AuditLogMaxBackups          int
	AuditLogMaxSize             int
	EnableGarbageCollection     bool
	EnableProfiling             bool
	EnableContentionProfiling   bool
	EnableSwaggerUI             bool
	EnableWatchCache            bool
	ExternalHost                string
	MaxRequestsInFlight         int
	MaxMutatingRequestsInFlight int
	MinRequestTimeout           int
	RuntimeConfig               utilflag.ConfigurationMap
	StorageVersions             string
	// The default values for StorageVersions. StorageVersions overrides
	// these; you can change this if you want to change the defaults (e.g.,
	// for testing). This is not actually exposed as a flag.
	DefaultStorageVersions string
	TargetRAMMB            int
	WatchCacheSizes        []string
}

ServerRunOptions contains the options while running a generic api server.

func NewServerRunOptions 

func NewServerRunOptions() *ServerRunOptions

func (*ServerRunOptions) AddUniversalFlags 

func (s *ServerRunOptions) AddUniversalFlags(fs *pflag.FlagSet)

AddFlags adds flags for a specific APIServer to the specified FlagSet

func (*ServerRunOptions) DefaultAdvertiseAddress 

func (s *ServerRunOptions) DefaultAdvertiseAddress(secure *SecureServingOptions, insecure *ServingOptions) error

DefaultAdvertiseAddress sets the field AdvertiseAddress if unset. The field will be set based on the SecureServingOptions. If the SecureServingOptions is not present, DefaultExternalAddress will fall back to the insecure ServingOptions.

func (*ServerRunOptions) StorageGroupsToEncodingVersion 

func (s *ServerRunOptions) StorageGroupsToEncodingVersion() (map[string]schema.GroupVersion, error)

StorageGroupsToEncodingVersion returns a map from group name to group version, computed from s.StorageVersions flag.

type ServingOptions 

type ServingOptions struct {
	BindAddress net.IP
	BindPort    int
}

func NewInsecureServingOptions 

func NewInsecureServingOptions() *ServingOptions

func (*ServingOptions) AddDeprecatedFlags 

func (s *ServingOptions) AddDeprecatedFlags(fs *pflag.FlagSet)

func (*ServingOptions) AddFlags 

func (s *ServingOptions) AddFlags(fs *pflag.FlagSet)

func (*ServingOptions) DefaultExternalAddress 

func (s *ServingOptions) DefaultExternalAddress() (net.IP, error)

func (ServingOptions) Validate 

func (s ServingOptions) Validate(portArg string) []error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.