Documentation
¶
Index ¶
Constants ¶
View Source
const ( FlannelBackendNone = "none" FlannelBackendVXLAN = "vxlan" FlannelBackendHostGW = "host-gw" FlannelBackendIPSEC = "ipsec" FlannelBackendWireguard = "wireguard" FlannelBackendWireguardNative = "wireguard-native" EgressSelectorModeAgent = "agent" EgressSelectorModeCluster = "cluster" EgressSelectorModeDisabled = "disabled" EgressSelectorModePod = "pod" CertificateRenewDays = 90 StreamServerPort = "10010" KubeletPort = "10250" )
Variables ¶
View Source
var KubeletReservedPorts = map[string]bool{ StreamServerPort: true, KubeletPort: true, }
These ports can always be accessed via the tunnel server, at the loopback address. Other addresses and ports are only accessible via the tunnel on newer agents, when used by a pod.
Functions ¶
Types ¶
type Agent ¶
type Agent struct {
PodManifests string
NodeName string
NodeConfigPath string
ServingKubeletCert string
ServingKubeletKey string
ServiceCIDR *net.IPNet
ServiceCIDRs []*net.IPNet
ServiceNodePortRange utilnet.PortRange
ClusterCIDR *net.IPNet
ClusterCIDRs []*net.IPNet
ClusterDNS net.IP
ClusterDNSs []net.IP
ClusterDomain string
ResolvConf string
RootDir string
KubeConfigKubelet string
KubeConfigKubeProxy string
KubeConfigTStacController string
NodeIP string
NodeIPs []net.IP
NodeExternalIP string
NodeExternalIPs []net.IP
RuntimeSocket string
ImageServiceSocket string
ListenAddress string
ClientCA string
CNIBinDir string
CNIConfDir string
ExtraKubeletArgs []string
ExtraKubeProxyArgs []string
PauseImage string
Snapshotter string
Systemd bool
CNIPlugin bool
NodeTaints []string
NodeLabels []string
ImageCredProvBinDir string
ImageCredProvConfig string
IPSECPSK string
FlannelCniConfFile string
StrongSwanDir string
PrivateRegistry string
SystemDefaultRegistry string
AirgapExtraRegistry []string
DisableCCM bool
DisableNPC bool
Rootless bool
ProtectKernelDefaults bool
DisableServiceLB bool
EnableIPv4 bool
EnableIPv6 bool
}
type CRIDockerd ¶
type Containerd ¶
type Control ¶
type Control struct {
CriticalControlArgs
AdvertisePort int
AdvertiseIP string
// The port which kubectl clients can access k8s
HTTPSPort int
// The port which custom k3s API runs on
SupervisorPort int
// The port which kube-apiserver runs on
APIServerPort int
APIServerBindAddress string
AgentToken string `json:"-"`
Token string `json:"-"`
ServiceNodePortRange *utilnet.PortRange
KubeConfigOutput string
KubeConfigMode string
DataDir string
Datastore endpoint.Config `json:"-"`
Disables map[string]bool
DisableAPIServer bool
DisableControllerManager bool
DisableETCD bool
DisableKubeProxy bool
DisableScheduler bool
EnablePProf bool
ExtraAPIArgs []string
ExtraControllerArgs []string
ExtraCloudControllerArgs []string
ExtraEtcdArgs []string
ExtraSchedulerAPIArgs []string
NoLeaderElect bool
JoinURL string
IPSECPSK string
DefaultLocalStoragePath string
Skips map[string]bool
SystemDefaultRegistry string
ClusterInit bool
ClusterReset bool
ClusterResetRestorePath string
EncryptSecrets bool
EncryptForce bool
EncryptSkip bool
TLSMinVersion uint16
TLSCipherSuites []uint16
EtcdSnapshotName string `json:"-"`
EtcdDisableSnapshots bool `json:"-"`
EtcdExposeMetrics bool `json:"-"`
EtcdSnapshotDir string `json:"-"`
EtcdSnapshotCron string `json:"-"`
EtcdSnapshotRetention int `json:"-"`
EtcdSnapshotCompress bool `json:"-"`
EtcdListFormat string `json:"-"`
EtcdS3 bool `json:"-"`
EtcdS3Endpoint string `json:"-"`
EtcdS3EndpointCA string `json:"-"`
EtcdS3SkipSSLVerify bool `json:"-"`
EtcdS3AccessKey string `json:"-"`
EtcdS3SecretKey string `json:"-"`
EtcdS3BucketName string `json:"-"`
EtcdS3Region string `json:"-"`
EtcdS3Folder string `json:"-"`
EtcdS3Timeout time.Duration `json:"-"`
EtcdS3Insecure bool `json:"-"`
ServerNodeName string
BindAddress string
SANs []string
PrivateIP string
Runtime *ControlRuntime `json:"-"`
}
func (*Control) BindAddressOrLoopback ¶
BindAddressOrLoopback returns an IPv4 or IPv6 address suitable for embedding in server URLs. If a bind address was configured, that is returned. If the chooseHostInterface parameter is true, and a suitable default interface can be found, that interface's address is returned. If neither of the previous were used, the loopback address is returned. If the urlSafe parameter is true, IPv6 addresses are enclosed in square brackets, as per RFC2732.
type ControlRuntime ¶
type ControlRuntime struct {
ControlRuntimeBootstrap
HTTPBootstrap bool
APIServerReady <-chan struct{}
AgentReady <-chan struct{}
ETCDReady <-chan struct{}
StartupHooksWg *sync.WaitGroup
ClusterControllerStart func(ctx context.Context) error
LeaderElectedClusterControllerStart func(ctx context.Context) error
ClientKubeAPICert string
ClientKubeAPIKey string
NodePasswdFile string
KubeConfigAdmin string
KubeConfigController string
KubeConfigScheduler string
KubeConfigAPIServer string
KubeConfigCloudController string
ServingKubeAPICert string
ServingKubeAPIKey string
ServingKubeletKey string
ServerToken string
AgentToken string
APIServer http.Handler
Handler http.Handler
Tunnel http.Handler
Authenticator authenticator.Request
EgressSelectorConfig string
ClientAuthProxyCert string
ClientAuthProxyKey string
ClientAdminCert string
ClientAdminKey string
ClientControllerCert string
ClientControllerKey string
ClientSchedulerCert string
ClientSchedulerKey string
ClientKubeProxyCert string
ClientKubeProxyKey string
ClientKubeletKey string
ClientCloudControllerCert string
ClientCloudControllerKey string
ClientTStacControllerCert string
ClientTStacControllerKey string
ServerETCDCert string
ServerETCDKey string
PeerServerClientETCDCert string
PeerServerClientETCDKey string
ClientETCDCert string
ClientETCDKey string
Core *core.Factory
EtcdConfig endpoint.ETCDConfig
}
type ControlRuntimeBootstrap ¶
type ControlRuntimeBootstrap struct {
ETCDServerCA string
ETCDServerCAKey string
ETCDPeerCA string
ETCDPeerCAKey string
ServerCA string
ServerCAKey string
ClientCA string
ClientCAKey string
ServiceKey string
PasswdFile string
RequestHeaderCA string
RequestHeaderCAKey string
IPSECKey string
EncryptionConfig string
EncryptionHash string
}
type CriticalControlArgs ¶
type CriticalControlArgs struct {
ClusterDNSs []net.IP
ClusterIPRanges []*net.IPNet
ClusterDNS net.IP
ClusterDomain string
ClusterIPRange *net.IPNet
DisableCCM bool
DisableHelmController bool
DisableNPC bool
DisableServiceLB bool
FlannelBackend string
FlannelIPv6Masq bool
EgressSelectorMode string
NoCoreDNS bool
ServiceIPRange *net.IPNet
ServiceIPRanges []*net.IPNet
}
CriticalControlArgs contains parameters that all control plane nodes in HA must share
type Node ¶
type Node struct {
Docker bool
ContainerRuntimeEndpoint string
NoFlannel bool
SELinux bool
FlannelBackend string
FlannelConfFile string
FlannelConfOverride bool
FlannelIface *net.Interface
FlannelIPv6Masq bool
EgressSelectorMode string
Containerd Containerd
CRIDockerd CRIDockerd
Images string
AgentConfig Agent
Token string
Certificate *tls.Certificate
ServerHTTPSPort int
}
Source Files
Click to show internal directories.
Click to hide internal directories.