Back to godoc.org

Package bootstrap

v1.0.3
Latest Go to latest

The highest tagged major version is .

Published: Oct 13, 2020 | License: Apache-2.0 | Module: github.com/criticalstack/crit

Overview

Package bootstrap contains functions for bootstrapping Kubernetes nodes.

Index

Constants

const (
	// DefaultClusterName defines the default cluster name
	DefaultClusterName = "crit"

	// TokenUser defines token user
	TokenUser = "tls-bootstrap-token-user"
)

Variables

var NodeBootstrapTokenRBAC = []*rbacv1.ClusterRoleBinding{

	{
		ObjectMeta: metav1.ObjectMeta{
			Name: "crit:kubelet-bootstrap",
		},
		RoleRef: rbacv1.RoleRef{
			APIGroup: rbacv1.GroupName,
			Kind:     "ClusterRole",
			Name:     "system:node-bootstrapper",
		},
		Subjects: []rbacv1.Subject{
			{
				Kind: rbacv1.GroupKind,
				Name: "system:bootstrappers:crit:default-node-token",
			},
		},
	},

	{
		ObjectMeta: metav1.ObjectMeta{
			Name: "crit:node-autoapprove-bootstrap",
		},
		RoleRef: rbacv1.RoleRef{
			APIGroup: rbacv1.GroupName,
			Kind:     "ClusterRole",
			Name:     "system:certificates.k8s.io:certificatesigningrequests:nodeclient",
		},
		Subjects: []rbacv1.Subject{
			{
				Kind: "Group",
				Name: "system:bootstrappers:crit:default-node-token",
			},
		},
	},

	{
		ObjectMeta: metav1.ObjectMeta{
			Name: "crit:node-autoapprove-certificate-rotation",
		},
		RoleRef: rbacv1.RoleRef{
			APIGroup: rbacv1.GroupName,
			Kind:     "ClusterRole",
			Name:     "system:certificates.k8s.io:certificatesigningrequests:selfnodeclient",
		},
		Subjects: []rbacv1.Subject{
			{
				Kind: "Group",
				Name: "system:nodes",
			},
		},
	},
}

func ApplyCSRApproverRBAC

func ApplyCSRApproverRBAC(client *clientset.Clientset, ctx context.Context) error

func GetBootstrapKubeletKubeconfig

func GetBootstrapKubeletKubeconfig(cfg *config.WorkerConfiguration) (*clientcmdapi.Config, error)

type AuthorizationType

type AuthorizationType int
const (
	UnknownAuthorizationType AuthorizationType = iota
	AmazonIdentityDocumentAndSignature
)

func (AuthorizationType) MarshalText

func (at AuthorizationType) MarshalText() ([]byte, error)

func (AuthorizationType) String

func (at AuthorizationType) String() string

func (*AuthorizationType) UnmarshalText

func (at *AuthorizationType) UnmarshalText(data []byte) error

type Request

type Request struct {
	Type AuthorizationType `json:"type"`
	Body json.RawMessage   `json:"body"`
}

type Response

type Response struct {
	Error          string `json:"error"`
	BootstrapToken string `json:"bootstrapToken"`
}

Package Files

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier