Version: v2.14.5+incompatible Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Sep 1, 2020 License: Apache-2.0 Imports: 30 Imported by: 11




This section is empty.


This section is empty.


func DeploymentCreator

func DeploymentCreator(data *resources.TemplateData, enableOIDCAuthentication bool) reconciling.NamedDeploymentCreatorGetter

DeploymentCreator returns the function to create and update the API server deployment

func DexCACertificateCreator

func DexCACertificateCreator(getDexCA func() ([]*x509.Certificate, error)) reconciling.NamedSecretCreatorGetter

DexCACertificateCreator returns a function to create/update the secret with the certificate for TLS verification against dex

func EtcdClientCertificateCreator

func EtcdClientCertificateCreator(data etcdClientCertificateCreatorData) reconciling.NamedSecretCreatorGetter

EtcdClientCertificateCreator returns a function to create/update the secret with the client certificate for authenticating against etcd

func ExternalServiceCreator

func ExternalServiceCreator(exposeStrategy corev1.ServiceType) reconciling.NamedServiceCreatorGetter

ExternalServiceCreator returns the function to reconcile the external API server service

func FrontProxyClientCertificateCreator

func FrontProxyClientCertificateCreator(data frontProxyClientCertificateCreatorData) reconciling.NamedSecretCreatorGetter

FrontProxyClientCertificateCreator returns a function to create/update the secret with the client certificate for authenticating against extension apiserver

func GetEnvVars

func GetEnvVars(data kubeAPIServerEnvData) ([]corev1.EnvVar, error)

func InternalServiceCreator

func InternalServiceCreator() reconciling.NamedServiceCreatorGetter

InternalServiceCreator returns the function to reconcile the internal API server service

func IsRunningWrapper

func IsRunningWrapper(data isRunningInitContainerData, spec corev1.PodSpec, containersToWrap sets.String, crdsToWaitFor ...string) (*corev1.PodSpec, error)

IsRunningWrapper wraps the named containers in the pod with a check if the API server is reachable. This is achieved by copying a `http-prober` binary via an init container into an emptyDir volume, then mounting that volume onto all named containers and replacing the command with a call to the `http-prober` binary. The http prober binary gets the original command as serialized string and does an syscall.Exec onto it once the apiserver became reachable

func KubeletClientCertificateCreator

func KubeletClientCertificateCreator(data kubeletClientCertificateCreatorData) reconciling.NamedSecretCreatorGetter

KubeletClientCertificateCreator returns a function to create/update a secret with the client certificate for the apiserver -> kubelet connection.

func PodDisruptionBudgetCreator

func PodDisruptionBudgetCreator() reconciling.NamedPodDisruptionBudgetCreatorGetter

PodDisruptionBudgetCreator returns a func to create/update the apiserver PodDisruptionBudget

func ServiceAccountKeyCreator

func ServiceAccountKeyCreator() reconciling.NamedSecretCreatorGetter

ServiceAccountKeyCreator returns a function to create/update a secret with the ServiceAccount key

func TLSServingCertificateCreator

func TLSServingCertificateCreator(data tlsServingCertCreatorData) reconciling.NamedSecretCreatorGetter

TLSServingCertificateCreator returns a function to create/update the secret with the apiserver tls certificate used to serve https

func TokenUsersCreator

TokenUsers returns a secret containing the tokens csv

func TokenViewerCreator

func TokenViewerCreator() reconciling.NamedSecretCreatorGetter

TokenViewerCreator returns a secret containing the viewer token


This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL