Documentation

Overview

    Package options contains flags and options for initializing kube-apiserver

    Index

    Constants

    View Source
    const (
    	DefaultEtcdPathPrefix = "/registry"
    )

    Variables

      AllOrderedPlugins is the list of all the plugins in order.

      View Source
      var DefaultServiceIPCIDR net.IPNet = net.IPNet{IP: net.ParseIP("10.0.0.0"), Mask: net.CIDRMask(24, 32)}

        DefaultServiceIPCIDR is a CIDR notation of IP range from which to allocate service cluster IPs

        View Source
        var DefaultServiceNodePortRange = utilnet.PortRange{Base: 30000, Size: 2768}

          DefaultServiceNodePortRange is the default port range for NodePort services.

          Functions

          func DefaultAdvertiseAddress

            DefaultAdvertiseAddress sets the field AdvertiseAddress if unset. The field will be set based on the SecureServingOptions. If the SecureServingOptions is not present, DefaultExternalAddress will fall back to the insecure ServingOptions.

            func DefaultOffAdmissionPlugins

            func DefaultOffAdmissionPlugins() sets.String

              DefaultOffAdmissionPlugins get admission plugins off by default for kube-apiserver.

              func NewInsecureServingOptions

                NewInsecureServingOptions gives default values for the kube-apiserver. TODO: switch insecure serving off by default

                func NewSecureServingOptions

                func NewSecureServingOptions() *genericoptions.SecureServingOptionsWithLoopback

                  NewSecureServingOptions gives default values for the kube-apiserver which are not the options wanted by "normal" API servers running on the platform

                  func RegisterAllAdmissionPlugins

                  func RegisterAllAdmissionPlugins(plugins *admission.Plugins)

                    RegisterAllAdmissionPlugins registers all admission plugins and sets the recommended plugins order.

                    func ToPreferredVersionString

                    func ToPreferredVersionString(versions []schema.GroupVersion) string

                      ToPreferredVersionString returns the preferred versions of all registered groups in the form of "group1/version1,group2/version2,...". This is compatible with the flag format

                      Types

                      type AdmissionOptions

                      type AdmissionOptions struct {
                      	// GenericAdmission holds the generic admission options.
                      	GenericAdmission *genericoptions.AdmissionOptions
                      	// DEPRECATED flag, should use EnabledAdmissionPlugins and DisabledAdmissionPlugins.
                      	// They are mutually exclusive, specify both will lead to an error.
                      	PluginNames []string
                      }

                        AdmissionOptions holds the admission options. It is a wrap of generic AdmissionOptions.

                        func NewAdmissionOptions

                        func NewAdmissionOptions() *AdmissionOptions

                          NewAdmissionOptions creates a new instance of AdmissionOptions Note:

                          In addition it calls RegisterAllAdmissionPlugins to register
                          all kube-apiserver admission plugins.
                          
                          Provides the list of RecommendedPluginOrder that holds sane values
                          that can be used by servers that don't care about admission chain.
                          Servers that do care can overwrite/append that field after creation.
                          

                          func (*AdmissionOptions) AddFlags

                          func (a *AdmissionOptions) AddFlags(fs *pflag.FlagSet)

                            AddFlags adds flags related to admission for kube-apiserver to the specified FlagSet

                            func (*AdmissionOptions) ApplyTo

                            func (a *AdmissionOptions) ApplyTo(
                            	c *server.Config,
                            	informers informers.SharedInformerFactory,
                            	kubeAPIServerClientConfig *rest.Config,
                            	scheme *runtime.Scheme,
                            	pluginInitializers ...admission.PluginInitializer,
                            ) error

                              ApplyTo adds the admission chain to the server configuration. Kube-apiserver just call generic AdmissionOptions.ApplyTo.

                              func (*AdmissionOptions) Validate

                              func (a *AdmissionOptions) Validate() []error

                                Validate verifies flags passed to kube-apiserver AdmissionOptions. Kube-apiserver verifies PluginNames and then call generic AdmissionOptions.Validate.

                                type AnonymousAuthenticationOptions

                                type AnonymousAuthenticationOptions struct {
                                	Allow bool
                                }

                                type BootstrapTokenAuthenticationOptions

                                type BootstrapTokenAuthenticationOptions struct {
                                	Enable bool
                                }

                                type BuiltInAuthenticationOptions

                                func NewBuiltInAuthenticationOptions

                                func NewBuiltInAuthenticationOptions() *BuiltInAuthenticationOptions

                                func (*BuiltInAuthenticationOptions) AddFlags

                                func (s *BuiltInAuthenticationOptions) AddFlags(fs *pflag.FlagSet)

                                func (*BuiltInAuthenticationOptions) ApplyAuthorization

                                func (o *BuiltInAuthenticationOptions) ApplyAuthorization(authorization *BuiltInAuthorizationOptions)

                                  ApplyAuthorization will conditionally modify the authentication options based on the authorization options

                                  func (*BuiltInAuthenticationOptions) ApplyTo

                                  func (*BuiltInAuthenticationOptions) ToAuthenticationConfig

                                  func (*BuiltInAuthenticationOptions) Validate

                                  func (s *BuiltInAuthenticationOptions) Validate() []error

                                    Validate checks invalid config combination

                                    func (*BuiltInAuthenticationOptions) WithAll

                                    func (*BuiltInAuthenticationOptions) WithAnonymous

                                    func (*BuiltInAuthenticationOptions) WithBootstrapToken

                                    func (*BuiltInAuthenticationOptions) WithClientCert

                                    func (*BuiltInAuthenticationOptions) WithOIDC

                                    func (*BuiltInAuthenticationOptions) WithPasswordFile

                                    func (*BuiltInAuthenticationOptions) WithRequestHeader

                                    func (*BuiltInAuthenticationOptions) WithServiceAccounts

                                    func (*BuiltInAuthenticationOptions) WithTokenFile

                                    func (*BuiltInAuthenticationOptions) WithWebHook

                                    type BuiltInAuthorizationOptions

                                    type BuiltInAuthorizationOptions struct {
                                    	Modes                       []string
                                    	PolicyFile                  string
                                    	WebhookConfigFile           string
                                    	WebhookCacheAuthorizedTTL   time.Duration
                                    	WebhookCacheUnauthorizedTTL time.Duration
                                    }

                                    func NewBuiltInAuthorizationOptions

                                    func NewBuiltInAuthorizationOptions() *BuiltInAuthorizationOptions

                                    func (*BuiltInAuthorizationOptions) AddFlags

                                    func (s *BuiltInAuthorizationOptions) AddFlags(fs *pflag.FlagSet)

                                    func (*BuiltInAuthorizationOptions) ToAuthorizationConfig

                                    func (s *BuiltInAuthorizationOptions) ToAuthorizationConfig(versionedInformerFactory versionedinformers.SharedInformerFactory) authorizer.AuthorizationConfig

                                    func (*BuiltInAuthorizationOptions) Validate

                                    func (s *BuiltInAuthorizationOptions) Validate() []error

                                    type CloudProviderOptions

                                    type CloudProviderOptions struct {
                                    	CloudConfigFile string
                                    	CloudProvider   string
                                    }

                                    func NewCloudProviderOptions

                                    func NewCloudProviderOptions() *CloudProviderOptions

                                    func (*CloudProviderOptions) AddFlags

                                    func (s *CloudProviderOptions) AddFlags(fs *pflag.FlagSet)

                                    func (*CloudProviderOptions) Validate

                                    func (s *CloudProviderOptions) Validate() []error

                                    type OIDCAuthenticationOptions

                                    type OIDCAuthenticationOptions struct {
                                    	CAFile         string
                                    	ClientID       string
                                    	IssuerURL      string
                                    	UsernameClaim  string
                                    	UsernamePrefix string
                                    	GroupsClaim    string
                                    	GroupsPrefix   string
                                    	SigningAlgs    []string
                                    	RequiredClaims map[string]string
                                    }

                                    type PasswordFileAuthenticationOptions

                                    type PasswordFileAuthenticationOptions struct {
                                    	BasicAuthFile string
                                    }

                                    type ServiceAccountAuthenticationOptions

                                    type ServiceAccountAuthenticationOptions struct {
                                    	KeyFiles      []string
                                    	Lookup        bool
                                    	Issuer        string
                                    	APIAudiences  []string
                                    	MaxExpiration time.Duration
                                    }

                                    type StorageSerializationOptions

                                    type StorageSerializationOptions struct {
                                    	StorageVersions string
                                    	// The default values for StorageVersions. StorageVersions overrides
                                    	// these; you can change this if you want to change the defaults (e.g.,
                                    	// for testing). This is not actually exposed as a flag.
                                    	DefaultStorageVersions string
                                    }

                                      StorageSerializationOptions contains the options for encoding resources.

                                      func NewStorageSerializationOptions

                                      func NewStorageSerializationOptions() *StorageSerializationOptions

                                      func (*StorageSerializationOptions) AddFlags

                                      func (s *StorageSerializationOptions) AddFlags(fs *pflag.FlagSet)

                                        AddFlags adds flags for a specific APIServer to the specified FlagSet

                                        func (*StorageSerializationOptions) StorageGroupsToEncodingVersion

                                        func (s *StorageSerializationOptions) StorageGroupsToEncodingVersion() (map[string]schema.GroupVersion, error)

                                          StorageGroupsToEncodingVersion returns a map from group name to group version, computed from s.StorageVersions flag.

                                          type TokenFileAuthenticationOptions

                                          type TokenFileAuthenticationOptions struct {
                                          	TokenFile string
                                          }

                                          type WebHookAuthenticationOptions

                                          type WebHookAuthenticationOptions struct {
                                          	ConfigFile string
                                          	CacheTTL   time.Duration
                                          }