Documentation ¶
Overview ¶
Package keyring provides methods for accessing keyrings for Ceph daemons stored securely in Kubernetes secrets. It also provides methods for creating keyrings with desired permissions which are stored persistently and a special subset of methods for the Ceph admin keyring.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AdminStore ¶
type AdminStore struct {
// contains filtered or unexported fields
}
An AdminStore is a specialized derivative of the SecretStore helper for storing the Ceph cluster admin keyring as a Kubernetes secret.
func (*AdminStore) CreateOrUpdate ¶
func (a *AdminStore) CreateOrUpdate(c *cephconfig.ClusterInfo) error
CreateOrUpdate creates or updates the admin keyring secret with cluster information.
type SecretStore ¶
type SecretStore struct {
// contains filtered or unexported fields
}
SecretStore is a helper to store Ceph daemon keyrings as Kubernetes secrets.
func GetSecretStore ¶
func GetSecretStore(context *clusterd.Context, namespace string, ownerRef *metav1.OwnerReference) *SecretStore
GetSecretStore returns a new SecretStore struct.
func (*SecretStore) Admin ¶
func (s *SecretStore) Admin() *AdminStore
Admin returns the special Admin keyring store type.
func (*SecretStore) CreateOrUpdate ¶
func (k *SecretStore) CreateOrUpdate(resourceName, keyring string) error
CreateOrUpdate creates or updates the keyring secret for the resource with the keyring specified. WARNING: Do not use "rook-ceph-admin" as the resource name; conflicts with the AdminStore.
func (*SecretStore) Delete ¶
func (k *SecretStore) Delete(resourceName string) error
Delete deletes the keyring secret for the resource.
func (*SecretStore) GenerateKey ¶
func (k *SecretStore) GenerateKey(user string, access []string) (string, error)
GenerateKey generates a key for a Ceph user with the given access permissions. It returns the key generated on success. Ceph will always return the most up-to-date key for a daemon, and the key usually does not change.
type VolumeBuilder ¶
type VolumeBuilder struct{}
VolumeBuilder is a helper for creating Kubernetes pod volumes with content sourced by keyrings stored in the SecretStore.
func (*VolumeBuilder) Admin ¶
func (v *VolumeBuilder) Admin() v1.Volume
Admin returns a kubernetes pod volume whose content is sourced by the SecretStore admin keyring.
type VolumeMountBuilder ¶
type VolumeMountBuilder struct{}
VolumeMountBuilder is a helper for creating Kubernetes container volume mounts that mount the keyring content from VolumeBuilder volumes.
func (*VolumeMountBuilder) Admin ¶
func (*VolumeMountBuilder) Admin() v1.VolumeMount
Admin returns a Kubernetes container volume mount that mounts the content from the matching VolumeBuilder Admin volume.
func (*VolumeMountBuilder) AdminKeyringFilePath ¶
func (*VolumeMountBuilder) AdminKeyringFilePath() string
AdminKeyringFilePath returns the full path to the admin keyring file within a container.
func (*VolumeMountBuilder) KeyringFilePath ¶
func (*VolumeMountBuilder) KeyringFilePath() string
KeyringFilePath returns the full path to the regular keyring file within a container.
func (*VolumeMountBuilder) Resource ¶
func (*VolumeMountBuilder) Resource(resourceName string) v1.VolumeMount
Resource returns a Kubernetes container volume mount that mounts the content from the matching VolumeBuilder Resource volume for the same resource.