controller

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 22, 2019 License: Apache-2.0 Imports: 18 Imported by: 4

Documentation

Index

Constants

View Source 
const (
	// IssuerACME is the name of the ACME issuer
	IssuerACME string = "acme"
	// IssuerCA is the name of the simple issuer
	IssuerCA string = "ca"
	// IssuerVault is the name of the Vault issuer
	IssuerVault string = "vault"
	// IssuerSelfSigned is a self signing issuer
	IssuerSelfSigned string = "selfsigned"
)

Variables

View Source 
var (
	KeyFunc = cache.DeletionHandlingMetaNamespaceKeyFunc
)

Functions

func DefaultItemBasedRateLimiter added in v0.6.0 

func DefaultItemBasedRateLimiter() workqueue.RateLimiter

func Known 

func Known() map[string]Constructor

Known returns a map of the registered controller Constructors

func NameForIssuer added in v0.5.0 

func NameForIssuer(i v1alpha1.GenericIssuer) (string, error)

nameForIssuer determines the name of the issuer implementation given an Issuer resource.

func Register 

func Register(name string, fn Constructor)

Register registers a controller constructor with the controller package

func RegisterIssuer added in v0.5.0 

func RegisterIssuer(name string, c IssuerConstructor)

Register will register an issuer constructor so it can be used within the application. 'name' should be unique, and should be used to identify this issuer. TODO: move this method to be on Factory, and invent a way to obtain a SharedFactory. This will make testing easier.

Types

type ACMEOptions added in v0.5.0 

type ACMEOptions struct {
	// ACMEHTTP01SolverImage is the image to use for solving ACME HTTP01
	// challenges
	HTTP01SolverImage string

	// HTTP01SolverResourceRequestCPU defines the ACME pod's resource request CPU size
	HTTP01SolverResourceRequestCPU resource.Quantity

	// HTTP01SolverResourceRequestMemory defines the ACME pod's resource request Memory size
	HTTP01SolverResourceRequestMemory resource.Quantity

	// HTTP01SolverResourceLimitsCPU defines the ACME pod's resource limits CPU size
	HTTP01SolverResourceLimitsCPU resource.Quantity

	// HTTP01SolverResourceLimitsMemory defines the ACME pod's resource limits Memory size
	HTTP01SolverResourceLimitsMemory resource.Quantity

	// DNS01CheckAuthoritative is a flag for controlling if auth nss are used
	// for checking propogation of an RR. This is the ideal scenario
	DNS01CheckAuthoritative bool

	// DNS01Nameservers is a list of nameservers to use when performing self-checks
	// for ACME DNS01 validations.
	DNS01Nameservers []string
}

type BlockingEventHandler 

type BlockingEventHandler struct {
	WorkFunc func(obj interface{})
}

BlockingEventHandler is an implementation of cache.ResourceEventHandler that simply synchronously calls it's WorkFunc upon calls to OnAdd, OnUpdate or OnDelete.

func (*BlockingEventHandler) Enqueue 

func (b *BlockingEventHandler) Enqueue(obj interface{})

func (*BlockingEventHandler) OnAdd 

func (b *BlockingEventHandler) OnAdd(obj interface{})

func (*BlockingEventHandler) OnDelete 

func (b *BlockingEventHandler) OnDelete(obj interface{})

func (*BlockingEventHandler) OnUpdate 

func (b *BlockingEventHandler) OnUpdate(old, new interface{})

type CertificateOptions added in v0.6.0 

type CertificateOptions struct {
	// EnableOwnerRef controls wheter wheter the certificate is configured as an owner of
	// secret where the effective TLS certificate is stored.
	EnableOwnerRef bool
}

type Constructor 

type Constructor func(ctx *Context) Interface

Constructor is a function that creates a new control loop given a controller Context.

type Context 

type Context struct {
	// Client is a Kubernetes clientset
	Client kubernetes.Interface
	// CMClient is a cert-manager clientset
	CMClient clientset.Interface
	// Recorder to record events to
	Recorder record.EventRecorder

	// KubeSharedInformerFactory can be used to obtain shared
	// SharedIndexInformer instances for Kubernetes types
	KubeSharedInformerFactory kubeinformers.SharedInformerFactory
	// SharedInformerFactory can be used to obtain shared SharedIndexInformer
	// instances
	SharedInformerFactory informers.SharedInformerFactory

	// Namespace is the namespace to operate within.
	// If unset, operates on all namespaces
	Namespace string

	IssuerOptions
	ACMEOptions
	IngressShimOptions
	CertificateOptions
}

Context contains various types that are used by controller implementations. We purposely don't have specific informers/listers here, and instead keep a reference to a SharedInformerFactory so that controllers can choose themselves which listers are required.

func (*Context) IssuerFactory 

func (c *Context) IssuerFactory() IssuerFactory

type Helper added in v0.5.0 

type Helper interface {
	GetGenericIssuer(ref cmapi.ObjectReference, ns string) (cmapi.GenericIssuer, error)
}

func NewHelper added in v0.5.0 

func NewHelper(issuerLister cmlisters.IssuerLister, clusterIssuerLister cmlisters.ClusterIssuerLister) Helper

NewHelper will construct a new instance of a Helper using values supplied on the provided controller context.

type IngressShimOptions added in v0.5.0 

type IngressShimOptions struct {
	// Default issuer/certificates details consumed by ingress-shim
	DefaultIssuerKind                  string
	DefaultIssuerName                  string
	DefaultACMEIssuerChallengeType     string
	DefaultACMEIssuerDNS01ProviderName string
	DefaultAutoCertificateAnnotations  []string
}

type Interface 

type Interface func(workers int, stopCh <-chan struct{}) error

Interface represents a controller that can run. 'workers' should be the number of independent goroutines for this controller in question that are to be run, and the workers should shut down upon a signal on stopCh. This method should block until all workers have exited cleanly, thus allowing for graceful shutdown of control loops.

type IssuerConstructor added in v0.5.0 

type IssuerConstructor func(*Context, v1alpha1.GenericIssuer) (issuer.Interface, error)

issuerConstructor constructs an issuer given an Issuer resource and a Context. An error will be returned if the appropriate issuer is not registered.

type IssuerFactory added in v0.5.0 

type IssuerFactory interface {
	IssuerFor(v1alpha1.GenericIssuer) (issuer.Interface, error)
}

IssuerFactory is an interface that can be used to obtain Issuer implementations. It determines which issuer implementation to use by introspecting the given Issuer resource.

func NewIssuerFactory added in v0.5.0 

func NewIssuerFactory(ctx *Context) IssuerFactory

NewIssuerFactory returns a new issuer factory with the given issuer context. The context will be injected into each Issuer upon creation.

type IssuerOptions added in v0.5.0 

type IssuerOptions struct {
	// ClusterResourceNamespace is the namespace to store resources created by
	// non-namespaced resources (e.g. ClusterIssuer) in.
	ClusterResourceNamespace string

	// ClusterIssuerAmbientCredentials controls whether a cluster issuer should
	// pick up ambient credentials, such as those from metadata services, to
	// construct clients.
	ClusterIssuerAmbientCredentials bool

	// IssuerAmbientCredentials controls whether an issuer should pick up ambient
	// credentials, such as those from metadata services, to construct clients.
	IssuerAmbientCredentials bool

	// RenewBeforeExpiryDuration is the default 'renew before expiry' time for Certificates.
	// Once a certificate is within this duration until expiry, a new Certificate
	// will be attempted to be issued.
	RenewBeforeExpiryDuration time.Duration
}

func (IssuerOptions) CanUseAmbientCredentials added in v0.5.0 

func (o IssuerOptions) CanUseAmbientCredentials(iss cmapi.GenericIssuer) bool

func (IssuerOptions) CertificateNeedsRenew added in v0.5.0 

func (o IssuerOptions) CertificateNeedsRenew(cert *x509.Certificate, renewBefore *metav1.Duration) bool

func (IssuerOptions) ResourceNamespace added in v0.5.0 

func (o IssuerOptions) ResourceNamespace(iss cmapi.GenericIssuer) string

type QueuingEventHandler 

type QueuingEventHandler struct {
	Queue workqueue.RateLimitingInterface
}

QueuingEventHandler is an implementation of cache.ResourceEventHandler that simply queues objects that are added/updated/deleted.

func (*QueuingEventHandler) Enqueue 

func (q *QueuingEventHandler) Enqueue(obj interface{})

func (*QueuingEventHandler) OnAdd 

func (q *QueuingEventHandler) OnAdd(obj interface{})

func (*QueuingEventHandler) OnDelete 

func (q *QueuingEventHandler) OnDelete(obj interface{})

func (*QueuingEventHandler) OnUpdate 

func (q *QueuingEventHandler) OnUpdate(old, new interface{})

Source Files

View all Source files

Directories

Path Synopsis
scheduler
Package test contains testing utilities used for constructing fake Contexts which can be used during tests.
 Package test contains testing utilities used for constructing fake Contexts which can be used during tests.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.