botanist

package
v0.0.0-...-be4dc66 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 7, 2019 License: Apache-2.0, BSD-2-Clause, MIT, + 1 more Imports: 52 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Now = time.Now

Now determines the current time.

Functions

This section is empty.

Types

type Botanist 

type Botanist struct {
	*operation.Operation
	DefaultDomainSecret *corev1.Secret
}

Botanist is a struct which has methods that perform cloud-independent operations for a Shoot cluster.

func New 

func New(o *operation.Operation) (*Botanist, error)

New takes an operation object <o> and creates a new Botanist object. It checks whether the given Shoot DNS domain is covered by a default domain, and if so, it sets the <DefaultDomainSecret> attribute on the Botanist object.

func (*Botanist) CleanCustomResourceDefinitions 

func (b *Botanist) CleanCustomResourceDefinitions() error

CleanCustomResourceDefinitions deletes all the CRDs in the Kubernetes cluster (which will delete the existing custom resources, recursively). It will wait until all resources have been cleaned up.

func (*Botanist) CleanKubernetesResources 

func (b *Botanist) CleanKubernetesResources() error

CleanKubernetesResources deletes all the Kubernetes resources in the Shoot cluster other than those stored in the exceptions map. It will check whether all the Kubernetes resources in the Shoot cluster other than those stored in the exceptions map have been deleted. It will return an error in case it has not finished yet, and nil if all resources are gone.

func (*Botanist) CleanWebhooks 

func (b *Botanist) CleanWebhooks(ctx context.Context) error

CleanWebhooks deletes all Webhooks in the Shoot cluster that are not being managed by the addon manager.

func (*Botanist) CleanupCustomAPIServices 

func (b *Botanist) CleanupCustomAPIServices() error

CleanupCustomAPIServices deletes all the custom API services in the Kubernetes cluster. It will wait until all resources have been cleaned up.

func (*Botanist) DeleteBackupInfrastructure 

func (b *Botanist) DeleteBackupInfrastructure() error

DeleteBackupInfrastructure deletes the sets deletionTimestamp on the backupInfrastructure resource in the Garden namespace which is responsible for actual deletion of cloud resource for Shoot's backup infrastructure.

func (*Botanist) DeleteBackupNamespace 

func (b *Botanist) DeleteBackupNamespace() error

DeleteBackupNamespace deletes the namespace in the Seed cluster which holds the backup infrastructure state. The built-in garbage collection in Kubernetes will automatically delete all resources which belong to this namespace.

func (*Botanist) DeleteCertBroker 

func (b *Botanist) DeleteCertBroker() error

DeleteCertBroker delete the Cert-Broker deployment if cert-management in disabled.

func (*Botanist) DeleteClusterAutoscaler 

func (b *Botanist) DeleteClusterAutoscaler() error

DeleteClusterAutoscaler deletes the cluster-autoscaler deployment in the Seed cluster which holds the Shoot's control plane.

func (*Botanist) DeleteGardenSecrets 

func (b *Botanist) DeleteGardenSecrets() error

DeleteGardenSecrets deletes the Shoot-specific secrets from the project namespace in the Garden cluster. TODO: https://github.com/gardener/gardener/pull/353: This can be removed in a future version as we are now using owner references for the Garden secrets (also remove the actual invocation of the function in the deletion flow of a Shoot).

func (*Botanist) DeleteKubeAPIServer 

func (b *Botanist) DeleteKubeAPIServer() error

DeleteKubeAPIServer deletes the kube-apiserver deployment in the Seed cluster which holds the Shoot's control plane.

func (*Botanist) DeleteKubeAddonManager 

func (b *Botanist) DeleteKubeAddonManager() error

DeleteKubeAddonManager deletes the kube-addon-manager deployment in the Seed cluster which holds the Shoot's control plane. It needs to be deleted before trying to remove any resources in the Shoot cluster, otherwise it will automatically recreate them and block the infrastructure deletion.

func (*Botanist) DeleteNamespace 

func (b *Botanist) DeleteNamespace() error

DeleteNamespace deletes the namespace in the Seed cluster which holds the control plane components. The built-in garbage collection in Kubernetes will automatically delete all resources which belong to this namespace. This comprises volumes and load balancers as well.

func (*Botanist) DeleteSeedMonitoring 

func (b *Botanist) DeleteSeedMonitoring() error

DeleteSeedMonitoring will delete the monitoring stack from the Seed cluster to avoid phantom alerts during the deletion process. More precisely, the Alertmanager and Prometheus StatefulSets will be deleted.

func (*Botanist) DeployBackupInfrastructure 

func (b *Botanist) DeployBackupInfrastructure() error

DeployBackupInfrastructure creates a BackupInfrastructure resource into the project namespace of shoot on garden cluster. BackupInfrastructure controller acting on resource will actually create required cloud resources and updates the status.

func (*Botanist) DeployBackupNamespace 

func (b *Botanist) DeployBackupNamespace() error

DeployBackupNamespace creates a namespace in the Seed cluster from info in shoot object, which is used to deploy all the backup infrastructure realted resources for shoot cluster. Moreover, the terraform configuration and all the secrets will be stored as ConfigMaps/Secrets.

func (*Botanist) DeployCertBroker 

func (b *Botanist) DeployCertBroker() error

DeployCertBroker deploys the Cert-Broker to the Shoot namespace in the Seed.

func (*Botanist) DeployCloudMetadataServiceNetworkPolicy 

func (b *Botanist) DeployCloudMetadataServiceNetworkPolicy() error

DeployCloudMetadataServiceNetworkPolicy creates a global network policy that allows access to the meta-data service only from the cloud-controller-manager and the kube-controller-manager

func (*Botanist) DeployCloudProviderSecret 

func (b *Botanist) DeployCloudProviderSecret() error

DeployCloudProviderSecret creates or updates the cloud provider secret in the Shoot namespace in the Seed cluster.

func (*Botanist) DeployClusterAutoscaler 

func (b *Botanist) DeployClusterAutoscaler() error

DeployClusterAutoscaler deploys the cluster-autoscaler into the Shoot namespace in the Seed cluster. It is responsible for automatically scaling the worker pools of the Shoot.

func (*Botanist) DeployDNSRecord 

func (b *Botanist) DeployDNSRecord(terraformerPurpose, name, target string, purposeInternalDomain bool) error

DeployDNSRecord kicks off a Terraform job of name <alias> which deploys the DNS record for <name> which will point to <target>.

func (*Botanist) DeployExternalDomainDNSRecord 

func (b *Botanist) DeployExternalDomainDNSRecord() error

DeployExternalDomainDNSRecord deploys the DNS record for the external cluster domain.

func (*Botanist) DeployInternalDomainDNSRecord 

func (b *Botanist) DeployInternalDomainDNSRecord() error

DeployInternalDomainDNSRecord deploys the DNS record for the internal cluster domain.

func (*Botanist) DeployMachineControllerManager 

func (b *Botanist) DeployMachineControllerManager() error

DeployMachineControllerManager deploys the machine-controller-manager into the Shoot namespace in the Seed cluster. It is responsible for managing the worker nodes of the Shoot.

func (*Botanist) DeployNamespace 

func (b *Botanist) DeployNamespace() error

DeployNamespace creates a namespace in the Seed cluster which is used to deploy all the control plane components for the Shoot cluster. Moreover, the cloud provider configuration and all the secrets will be stored as ConfigMaps/Secrets.

func (*Botanist) DeploySecrets 

func (b *Botanist) DeploySecrets() error

DeploySecrets creates a CA certificate for the Shoot cluster and uses it to sign the server certificate used by the kube-apiserver, and all client certificates used for communcation. It also creates RSA key pairs for SSH connections to the nodes/VMs and for the VPN tunnel. Moreover, basic authentication credentials are computed which will be used to secure the Ingress resources and the kube-apiserver itself. Server certificates for the exposed monitoring endpoints (via Ingress) are generated as well.

func (*Botanist) DeploySeedLogging 

func (b *Botanist) DeploySeedLogging() error

DeploySeedLogging will install the Helm release "seed-bootstrap/charts/elastic-kibana-curator" in the Seed clusters.

func (*Botanist) DeploySeedMonitoring 

func (b *Botanist) DeploySeedMonitoring() error

DeploySeedMonitoring will install the Helm release "seed-monitoring" in the Seed clusters. It comprises components to monitor the Shoot cluster whose control plane runs in the Seed cluster.

func (*Botanist) DestroyDNSRecord 

func (b *Botanist) DestroyDNSRecord(terraformerPurpose string, purposeInternalDomain bool) error

DestroyDNSRecord kicks off a Terraform job which destroys the DNS record.

func (*Botanist) DestroyExternalDomainDNSRecord 

func (b *Botanist) DestroyExternalDomainDNSRecord() error

DestroyExternalDomainDNSRecord destroys the DNS record for the external cluster domain.

func (*Botanist) DestroyIngressDNSRecord 

func (b *Botanist) DestroyIngressDNSRecord() error

DestroyIngressDNSRecord destroys the nginx-ingress resources created by Terraform.

func (*Botanist) DestroyInternalDomainDNSRecord 

func (b *Botanist) DestroyInternalDomainDNSRecord() error

DestroyInternalDomainDNSRecord destroys the DNS record for the internal cluster domain.

func (*Botanist) EnsureIngressDNSRecord 

func (b *Botanist) EnsureIngressDNSRecord() error

EnsureIngressDNSRecord creates the respective wildcard DNS record for the nginx-ingress-controller.

func (*Botanist) ForceDeleteCustomAPIServices 

func (b *Botanist) ForceDeleteCustomAPIServices() error

ForceDeleteCustomAPIServices forcefully deletes all custom API services, accumulating all errors in the process.

func (*Botanist) ForceDeleteCustomResourceDefinitions 

func (b *Botanist) ForceDeleteCustomResourceDefinitions() error

ForceDeleteCustomResourceDefinitions forcefully deletes all custom CRDs, accumulating all errors in the process.

func (*Botanist) GenerateKubeLegoConfig 

func (b *Botanist) GenerateKubeLegoConfig() (map[string]interface{}, error)

GenerateKubeLegoConfig generates the values which are required to render the chart of kube-lego properly.

func (*Botanist) GenerateKubernetesDashboardConfig 

func (b *Botanist) GenerateKubernetesDashboardConfig() (map[string]interface{}, error)

GenerateKubernetesDashboardConfig generates the values which are required to render the chart of the kubernetes-dashboard properly.

func (*Botanist) GenerateTerraformAlicloudDNSVariablesEnvironment 

func (b *Botanist) GenerateTerraformAlicloudDNSVariablesEnvironment(purposeInternalDomain bool) (map[string]string, error)

GenerateTerraformAlicloudDNSVariablesEnvironment generates the environment containing the credentials which are required to validate/apply/destroy the Terraform configuration. These environment must contain Terraform variables which are prefixed with TF_VAR_.

func (*Botanist) GenerateTerraformCloudDNSVariablesEnvironment 

func (b *Botanist) GenerateTerraformCloudDNSVariablesEnvironment(purposeInternalDomain bool) (map[string]string, error)

GenerateTerraformCloudDNSVariablesEnvironment generates the environment containing the credentials which Terraform variables which are prefixed with TF_VAR_.

func (*Botanist) GenerateTerraformDNSConfig 

func (b *Botanist) GenerateTerraformDNSConfig(name, hostedZoneID, targetType string, values []string) map[string]interface{}

GenerateTerraformDNSConfig creates the Terraform variables and the Terraform config (for the DNS record) and returns them (these values will be stored as a ConfigMap and a Secret in the Garden cluster.

func (*Botanist) GenerateTerraformDesignateDNSVariablesEnvironment 

func (b *Botanist) GenerateTerraformDesignateDNSVariablesEnvironment(purposeInternalDomain bool) (map[string]string, error)

GenerateTerraformDesignateDNSVariablesEnvironment generates the environment containing the credentials which are required to validate/apply/destroy the Terraform configuration. These environment must contain Terraform variables which are prefixed with TF_VAR_.

func (*Botanist) GenerateTerraformRoute53VariablesEnvironment 

func (b *Botanist) GenerateTerraformRoute53VariablesEnvironment(purposeInternalDomain bool) (map[string]string, error)

GenerateTerraformRoute53VariablesEnvironment generates the environment containing the credentials which are required to validate/apply/destroy the Terraform configuration. These environment must contain Terraform variables which are prefixed with TF_VAR_.

func (*Botanist) HealthChecks 

func (b *Botanist) HealthChecks(initializeShootClients func() error, thresholdMappings map[gardenv1beta1.ConditionType]time.Duration, apiserverAvailability, controlPlane, nodes, systemComponents *gardenv1beta1.Condition) (*gardenv1beta1.Condition, *gardenv1beta1.Condition, *gardenv1beta1.Condition, *gardenv1beta1.Condition)

HealthChecks conducts the health checks on all the given conditions.

func (*Botanist) HibernateControlPlane 

func (b *Botanist) HibernateControlPlane(ctx context.Context) error

HibernateControlPlane hibernates the entire control plane if the shoot shall be hibernated.

func (*Botanist) MonitoringHealthChecks 

func (b *Botanist) MonitoringHealthChecks(checker *HealthChecker, inactiveAlerts *gardenv1beta1.Condition) *gardenv1beta1.Condition

MonitoringHealthChecks performs the monitoring related health checks.

func (*Botanist) PerformGarbageCollectionSeed 

func (b *Botanist) PerformGarbageCollectionSeed() error

PerformGarbageCollectionSeed performs garbage collection in the Shoot namespace in the Seed cluster, i.e., it deletes old machine sets which have a desired=actual=0 replica count.

func (*Botanist) PerformGarbageCollectionShoot 

func (b *Botanist) PerformGarbageCollectionShoot() error

PerformGarbageCollectionShoot performs garbage collection in the kube-system namespace in the Shoot cluster, i.e., it deletes evicted pods (mitigation for https://github.com/kubernetes/kubernetes/issues/55051).

func (*Botanist) RefreshCloudControllerManagerChecksums 

func (b *Botanist) RefreshCloudControllerManagerChecksums() error

RefreshCloudControllerManagerChecksums updates the cloud provider checksum in the cloud-controller-manager pod spec template.

func (*Botanist) RefreshKubeControllerManagerChecksums 

func (b *Botanist) RefreshKubeControllerManagerChecksums() error

RefreshKubeControllerManagerChecksums updates the cloud provider checksum in the kube-controller-manager pod spec template.

func (*Botanist) RegisterAsSeed 

func (b *Botanist) RegisterAsSeed(protected, visible *bool, minimumVolumeSize *string) error

RegisterAsSeed registers a Shoot cluster as a Seed in the Garden cluster.

func (*Botanist) RequiredExtensionsExist 

func (b *Botanist) RequiredExtensionsExist(shoot *gardenv1beta1.Shoot) error

RequiredExtensionsExist checks whether all required extensions needed for an shoot operation exist.

func (*Botanist) SyncShootCredentialsToGarden 

func (b *Botanist) SyncShootCredentialsToGarden() error

SyncShootCredentialsToGarden copies the kubeconfig generated for the user as well as the SSH keypair to the project namespace in the Garden cluster.

func (*Botanist) UnregisterAsSeed 

func (b *Botanist) UnregisterAsSeed() error

UnregisterAsSeed unregisters a Shoot cluster as a Seed in the Garden cluster.

func (*Botanist) WaitForControllersToBeActive 

func (b *Botanist) WaitForControllersToBeActive() error

WaitForControllersToBeActive checks whether the kube-controller-manager and the cloud-controller-manager have recently written to the Endpoint object holding the leader information. If yes, they are active.

func (*Botanist) WaitUntilBackupInfrastructureReconciled 

func (b *Botanist) WaitUntilBackupInfrastructureReconciled() error

WaitUntilBackupInfrastructureReconciled waits until the backup infrastructure within the garden cluster has been reconciled.

func (*Botanist) WaitUntilBackupNamespaceDeleted 

func (b *Botanist) WaitUntilBackupNamespaceDeleted() error

WaitUntilBackupNamespaceDeleted waits until the namespace for the backup of Shoot cluster within the Seed cluster is deleted.

func (*Botanist) WaitUntilClusterAutoscalerDeleted 

func (b *Botanist) WaitUntilClusterAutoscalerDeleted() error

WaitUntilClusterAutoscalerDeleted waits until the cluster-autoscaler deployment within the Seed cluster has been deleted.

func (*Botanist) WaitUntilEtcdReady 

func (b *Botanist) WaitUntilEtcdReady() error

WaitUntilEtcdReady waits until the etcd statefulsets indicate readiness in their statuses.

func (*Botanist) WaitUntilKubeAPIServerReady 

func (b *Botanist) WaitUntilKubeAPIServerReady() error

WaitUntilKubeAPIServerReady waits until the kube-apiserver pod(s) indicate readiness in their statuses.

func (*Botanist) WaitUntilKubeAPIServerServiceIsReady 

func (b *Botanist) WaitUntilKubeAPIServerServiceIsReady() error

WaitUntilKubeAPIServerServiceIsReady waits until the external load balancer of the kube-apiserver has been created (i.e., its ingress information has been updated in the service status).

func (*Botanist) WaitUntilKubeAddonManagerDeleted 

func (b *Botanist) WaitUntilKubeAddonManagerDeleted() error

WaitUntilKubeAddonManagerDeleted waits until the kube-addon-manager deployment within the Seed cluster has been deleted.

func (*Botanist) WaitUntilNodesDeleted 

func (b *Botanist) WaitUntilNodesDeleted(ctx context.Context) error

WaitUntilNodesDeleted waits until no nodes exist in the shoot cluster anymore.

func (*Botanist) WaitUntilSeedNamespaceDeleted 

func (b *Botanist) WaitUntilSeedNamespaceDeleted() error

WaitUntilSeedNamespaceDeleted waits until the namespace of the Shoot cluster within the Seed cluster is deleted.

func (*Botanist) WaitUntilVPNConnectionExists 

func (b *Botanist) WaitUntilVPNConnectionExists() error

WaitUntilVPNConnectionExists waits until a port forward connection to the vpn-shoot pod in the kube-system namespace of the Shoot cluster can be established.

func (*Botanist) WakeUpControlPlane 

func (b *Botanist) WakeUpControlPlane(ctx context.Context) error

WakeUpControlPlane scales the replicas to 1 for the following deployments which are needed in case of shoot deletion: * etcd-events * etcd-main * kube-apiserver * cloud-controller-manager * kube-controller-manager * machine-controller-manager

type HealthChecker 

type HealthChecker struct {
	// contains filtered or unexported fields
}

HealthChecker contains the condition thresholds.

func NewHealthChecker 

func NewHealthChecker(conditionThresholds map[gardenv1beta1.ConditionType]time.Duration) *HealthChecker

NewHealthChecker creates a new health checker.

func (*HealthChecker) CheckClusterNodes 

func (b *HealthChecker) CheckClusterNodes(
	namespace string,
	condition *gardenv1beta1.Condition,
	nodeLister kutil.NodeLister,
	machineDeploymentLister kutil.MachineDeploymentLister,
) (*gardenv1beta1.Condition, error)

CheckClusterNodes checks whether cluster nodes in the given listers are complete and healthy.

func (*HealthChecker) CheckControlPlane 

func (b *HealthChecker) CheckControlPlane(
	shoot *gardenv1beta1.Shoot,
	namespace string,
	seedCloudProvider gardenv1beta1.CloudProvider,
	condition *gardenv1beta1.Condition,
	deploymentLister kutil.DeploymentLister,
	statefulSetLister kutil.StatefulSetLister,
	machineDeploymentLister kutil.MachineDeploymentLister,
) (*gardenv1beta1.Condition, error)

CheckControlPlane checks whether the control plane components in the given listers are complete and healthy.

func (*HealthChecker) CheckLoggingControlPlane 

func (b *HealthChecker) CheckLoggingControlPlane(
	namespace string,
	condition *gardenv1beta1.Condition,
	deploymentLister kutil.DeploymentLister,
	statefulSetLister kutil.StatefulSetLister,
) (*gardenv1beta1.Condition, error)

CheckLoggingControlPlane checks whether the logging components in the given listers are complete and healthy.

func (*HealthChecker) CheckMonitoringControlPlane 

func (b *HealthChecker) CheckMonitoringControlPlane(
	namespace string,
	wantsAlertmanager bool,
	condition *gardenv1beta1.Condition,
	deploymentLister kutil.DeploymentLister,
	statefulSetLister kutil.StatefulSetLister,
) (*gardenv1beta1.Condition, error)

CheckMonitoringControlPlane checks whether the monitoring in the given listers are complete and healthy.

func (*HealthChecker) CheckMonitoringSystemComponents 

func (b *HealthChecker) CheckMonitoringSystemComponents(
	namespace string,
	condition *gardenv1beta1.Condition,
	daemonSetLister kutil.DaemonSetLister,
) (*gardenv1beta1.Condition, error)

CheckMonitoringSystemComponents checks whether the monitoring in the given listers are complete and healthy.

func (*HealthChecker) CheckOptionalAddonsSystemComponents 

func (b *HealthChecker) CheckOptionalAddonsSystemComponents(
	namespace string,
	condition *gardenv1beta1.Condition,
	deploymentLister kutil.DeploymentLister,
	daemonSetLister kutil.DaemonSetLister,
) (*gardenv1beta1.Condition, error)

CheckOptionalAddonsSystemComponents checks whether the addons in the given listers are healthy.

func (*HealthChecker) CheckSystemComponents 

func (b *HealthChecker) CheckSystemComponents(
	namespace string,
	condition *gardenv1beta1.Condition,
	deploymentLister kutil.DeploymentLister,
	daemonSetLister kutil.DaemonSetLister,
) (*gardenv1beta1.Condition, error)

CheckSystemComponents checks whether the system components in the given listers are complete and healthy.

func (*HealthChecker) FailedCondition 

func (b *HealthChecker) FailedCondition(condition *gardenv1beta1.Condition, reason, message string) *gardenv1beta1.Condition

FailedCondition returns a progressing or false condition depending on the progressing threshold.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.