cli

package
v0.0.0-...-270f78c Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 31, 2023 License: Zlib Imports: 40 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateYAML 

func GenerateYAML(obj runtime.Object) (string, error)

func UserServiceAccountName 

func UserServiceAccountName(userID int, instanceID string) string

Types

type ClientFactory 

type ClientFactory struct {
	AddrHTTPS string
	// contains filtered or unexported fields
}

ClientFactory is used to create Kubernetes clients

func NewClientFactory 

func NewClientFactory(signatureService portainer.DigitalSignatureService, reverseTunnelService portainer.ReverseTunnelService, dataStore dataservices.DataStore, instanceID, addrHTTPS, userSessionTimeout string) (*ClientFactory, error)

NewClientFactory returns a new instance of a ClientFactory

func (*ClientFactory) CreateClient 

func (factory *ClientFactory) CreateClient(endpoint *portainer.Endpoint) (*kubernetes.Clientset, error)

CreateClient returns a pointer to a new Clientset instance

func (*ClientFactory) CreateKubeClientFromKubeConfig 

func (factory *ClientFactory) CreateKubeClientFromKubeConfig(clusterID string, kubeConfig []byte) (portainer.KubeClient, error)

CreateKubeClientFromKubeConfig creates a KubeClient from a clusterID, and Kubernetes config.

func (*ClientFactory) GetInstanceID 

func (factory *ClientFactory) GetInstanceID() (instanceID string)

func (*ClientFactory) GetKubeClient 

func (factory *ClientFactory) GetKubeClient(endpoint *portainer.Endpoint) (portainer.KubeClient, error)

GetKubeClient checks if an existing client is already registered for the environment(endpoint) and returns it if one is found. If no client is registered, it will create a new client, register it, and returns it.

func (*ClientFactory) GetProxyKubeClient 

func (factory *ClientFactory) GetProxyKubeClient(endpointID, token string) (portainer.KubeClient, bool)

GetProxyKubeClient retrieves a KubeClient from the cache. You should be calling SetProxyKubeClient before first. It is normally, called the kubernetes middleware.

func (*ClientFactory) PostInitMigrateIngresses 

func (factory *ClientFactory) PostInitMigrateIngresses() error

func (*ClientFactory) RemoveKubeClient 

func (factory *ClientFactory) RemoveKubeClient(endpointID portainer.EndpointID)

Remove the cached kube client so a new one can be created

func (*ClientFactory) SetProxyKubeClient 

func (factory *ClientFactory) SetProxyKubeClient(endpointID, token string, cli portainer.KubeClient)

SetProxyKubeClient stores a kubeclient in the cache.

type KubeClient 

type KubeClient struct {
	// contains filtered or unexported fields
}

KubeClient represent a service used to execute Kubernetes operations

func (*KubeClient) CreateIngress 

func (kcl *KubeClient) CreateIngress(namespace string, info models.K8sIngressInfo, owner string) error

CreateIngress creates a new ingress in a given namespace in a k8s endpoint.

func (*KubeClient) CreateNamespace 

func (kcl *KubeClient) CreateNamespace(info models.K8sNamespaceDetails) error

CreateNamespace creates a new ingress in a given namespace in a k8s endpoint.

func (*KubeClient) CreateRegistrySecret 

func (kcl *KubeClient) CreateRegistrySecret(registry *portainer.Registry, namespace string) (err error)

func (*KubeClient) CreateService 

func (kcl *KubeClient) CreateService(namespace string, info models.K8sServiceInfo) error

CreateService creates a new service in a given namespace in a k8s endpoint.

func (*KubeClient) CreateUserShellPod 

func (kcl *KubeClient) CreateUserShellPod(ctx context.Context, serviceAccountName, shellPodImage string) (*portainer.KubernetesShellPod, error)

CreateUserShellPod will create a kubectl based shell for the specified user by mounting their respective service account. The lifecycle of the pod is managed in this function; this entails management of the following pod operations: - The shell pod will be scoped to specified service accounts access permissions - The shell pod will be automatically removed if it's not ready after specified period of time - The shell pod will be automatically removed after a specified max life (prevent zombie pods) - The shell pod will be automatically removed if request is cancelled (or client closes websocket connection)

func (*KubeClient) DeleteIngresses 

func (kcl *KubeClient) DeleteIngresses(reqs models.K8sIngressDeleteRequests) error

DeleteIngresses processes a K8sIngressDeleteRequest by deleting each ingress in its given namespace.

func (*KubeClient) DeleteNamespace 

func (kcl *KubeClient) DeleteNamespace(namespace string) error

func (*KubeClient) DeleteRegistrySecret 

func (kcl *KubeClient) DeleteRegistrySecret(registry *portainer.Registry, namespace string) error

func (*KubeClient) DeleteServices 

func (kcl *KubeClient) DeleteServices(reqs models.K8sServiceDeleteRequests) error

DeleteServices processes a K8sServiceDeleteRequest by deleting each service in its given namespace.

func (*KubeClient) GetConfigMapsAndSecrets 

func (kcl *KubeClient) GetConfigMapsAndSecrets(namespace string) ([]models.K8sConfigMapOrSecret, error)

GetConfigMapsAndSecrets gets all the ConfigMaps AND all the Secrets for a given namespace in a k8s endpoint. The result is a list of both config maps and secrets. The IsSecret boolean property indicates if a given struct is a secret or configmap.

func (*KubeClient) GetIngressControllers 

func (kcl *KubeClient) GetIngressControllers() (models.K8sIngressControllers, error)

func (*KubeClient) GetIngresses 

func (kcl *KubeClient) GetIngresses(namespace string) ([]models.K8sIngressInfo, error)

GetIngresses gets all the ingresses for a given namespace in a k8s endpoint.

func (*KubeClient) GetMetrics 

func (kcl *KubeClient) GetMetrics() (models.K8sMetrics, error)

func (*KubeClient) GetNamespace 

func (kcl *KubeClient) GetNamespace(name string) (portainer.K8sNamespaceInfo, error)

GetNamespace gets the namespace in the current k8s environment(endpoint).

func (*KubeClient) GetNamespaceAccessPolicies 

func (kcl *KubeClient) GetNamespaceAccessPolicies() (map[string]portainer.K8sNamespaceAccessPolicy, error)

GetNamespaceAccessPolicies gets the namespace access policies from config maps in the portainer namespace

func (*KubeClient) GetNamespaces 

func (kcl *KubeClient) GetNamespaces() (map[string]portainer.K8sNamespaceInfo, error)

GetNamespaces gets the namespaces in the current k8s environment(endpoint).

func (*KubeClient) GetNodesLimits 

func (kcl *KubeClient) GetNodesLimits() (portainer.K8sNodesLimits, error)

GetNodesLimits gets the CPU and Memory limits(unused resources) of all nodes in the current k8s environment(endpoint) connection

func (*KubeClient) GetServiceAccount 

func (kcl *KubeClient) GetServiceAccount(tokenData *portainer.TokenData) (*v1.ServiceAccount, error)

GetServiceAccount returns the portainer ServiceAccountName associated to the specified user.

func (*KubeClient) GetServiceAccountBearerToken 

func (kcl *KubeClient) GetServiceAccountBearerToken(userID int) (string, error)

GetServiceAccountBearerToken returns the ServiceAccountToken associated to the specified user.

func (*KubeClient) GetServices 

func (kcl *KubeClient) GetServices(namespace string) ([]models.K8sServiceInfo, error)

GetServices gets all the services for a given namespace in a k8s endpoint.

func (*KubeClient) GetStorage 

func (kcl *KubeClient) GetStorage() ([]portainer.KubernetesStorageClassConfig, error)

func (*KubeClient) HasStackName 

func (kcl *KubeClient) HasStackName(namespace string, stackName string) (bool, error)

HasStackName checks whether the given name is used in the given namespace.

func (*KubeClient) IsRBACEnabled 

func (kcl *KubeClient) IsRBACEnabled() (bool, error)

IsRBACEnabled checks if RBAC is enabled in the cluster by creating a service account, then checking it's access to a resourcequota before and after setting a cluster role and cluster role binding

func (*KubeClient) IsRegistrySecret 

func (cli *KubeClient) IsRegistrySecret(namespace, secretName string) (bool, error)

func (*KubeClient) NamespaceAccessPoliciesDeleteNamespace 

func (kcl *KubeClient) NamespaceAccessPoliciesDeleteNamespace(ns string) error

NamespaceAccessPoliciesDeleteNamespace removes stored policies associated with a given namespace

func (*KubeClient) SetupUserServiceAccount 

func (kcl *KubeClient) SetupUserServiceAccount(userID int, teamIDs []int, restrictDefaultNamespace bool) error

SetupUserServiceAccount will make sure that all the required resources are created inside the Kubernetes cluster before creating a ServiceAccount and a ServiceAccountToken for the specified Portainer user. It will also create required default RoleBinding and ClusterRoleBinding rules.

func (*KubeClient) StartExecProcess 

func (kcl *KubeClient) StartExecProcess(token string, useAdminToken bool, namespace, podName, containerName string, command []string, stdin io.Reader, stdout io.Writer, errChan chan error)

StartExecProcess will start an exec process inside a container located inside a pod inside a specific namespace using the specified command. The stdin parameter will be bound to the stdin process and the stdout process will write to the stdout parameter. This function only works against a local environment(endpoint) using an in-cluster config with the user's SA token. This is a blocking operation.

func (*KubeClient) ToggleSystemState 

func (kcl *KubeClient) ToggleSystemState(namespaceName string, isSystem bool) error

ToggleSystemState will set a namespace as a system namespace, or remove this state if isSystem is true it will set `systemNamespaceLabel` to "true" and false otherwise this will skip if namespace is "default" or if the required state is already set

func (*KubeClient) UpdateIngress 

func (kcl *KubeClient) UpdateIngress(namespace string, info models.K8sIngressInfo) error

UpdateIngress updates an existing ingress in a given namespace in a k8s endpoint.

func (*KubeClient) UpdateNamespace 

func (kcl *KubeClient) UpdateNamespace(info models.K8sNamespaceDetails) error

UpdateIngress updates an ingress in a given namespace in a k8s endpoint.

func (*KubeClient) UpdateNamespaceAccessPolicies 

func (kcl *KubeClient) UpdateNamespaceAccessPolicies(accessPolicies map[string]portainer.K8sNamespaceAccessPolicy) error

UpdateNamespaceAccessPolicies updates the namespace access policies

func (*KubeClient) UpdateService 

func (kcl *KubeClient) UpdateService(namespace string, info models.K8sServiceInfo) error

UpdateService updates service in a given namespace in a k8s endpoint.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.