cli

package

v0.0.0-...-4560a53 Latest Latest Go to latest Published: Aug 31, 2023 License: Zlib Imports: 40 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/portainer/portainer

Documentation ¶

Index ¶

Constants
func GenerateYAML(obj runtime.Object) (string, error)
func UserServiceAccountName(userID int, instanceID string) string
type ClientFactory
- func NewClientFactory(signatureService portainer.DigitalSignatureService, ...) (*ClientFactory, error)
type KubeClient

Constants ¶

View Source

const (
	DefaultKubeClientQPS   = 30
	DefaultKubeClientBurst = 100
)

Variables ¶

This section is empty.

Functions ¶

func GenerateYAML ¶

func GenerateYAML(obj runtime.Object) (string, error)

func UserServiceAccountName ¶

func UserServiceAccountName(userID int, instanceID string) string

Types ¶

type ClientFactory ¶

type ClientFactory struct {
	AddrHTTPS string
	// contains filtered or unexported fields
}

ClientFactory is used to create Kubernetes clients

func NewClientFactory ¶

func NewClientFactory(signatureService portainer.DigitalSignatureService, reverseTunnelService portainer.ReverseTunnelService, dataStore dataservices.DataStore, instanceID, addrHTTPS, userSessionTimeout string) (*ClientFactory, error)

NewClientFactory returns a new instance of a ClientFactory

func (*ClientFactory) CreateClient ¶

func (factory *ClientFactory) CreateClient(endpoint *portainer.Endpoint) (*kubernetes.Clientset, error)

CreateClient returns a pointer to a new Clientset instance

func (*ClientFactory) CreateKubeClientFromKubeConfig ¶

func (factory *ClientFactory) CreateKubeClientFromKubeConfig(clusterID string, kubeConfig []byte) (*KubeClient, error)

CreateKubeClientFromKubeConfig creates a KubeClient from a clusterID, and Kubernetes config.

func (*ClientFactory) CreateRemoteMetricsClient ¶

func (factory *ClientFactory) CreateRemoteMetricsClient(endpoint *portainer.Endpoint) (*metricsv.Clientset, error)

func (*ClientFactory) GetInstanceID ¶

func (factory *ClientFactory) GetInstanceID() (instanceID string)

func (*ClientFactory) GetKubeClient ¶

func (factory *ClientFactory) GetKubeClient(endpoint *portainer.Endpoint) (*KubeClient, error)

GetKubeClient checks if an existing client is already registered for the environment(endpoint) and returns it if one is found. If no client is registered, it will create a new client, register it, and returns it.

func (*ClientFactory) GetProxyKubeClient ¶

func (factory *ClientFactory) GetProxyKubeClient(endpointID, token string) (*KubeClient, bool)

GetProxyKubeClient retrieves a KubeClient from the cache. You should be calling SetProxyKubeClient before first. It is normally, called the kubernetes middleware.

func (*ClientFactory) MigrateEndpointIngresses ¶

func (factory *ClientFactory) MigrateEndpointIngresses(e *portainer.Endpoint) error

func (*ClientFactory) RemoveKubeClient ¶

func (factory *ClientFactory) RemoveKubeClient(endpointID portainer.EndpointID)

Remove the cached kube client so a new one can be created

func (*ClientFactory) SetProxyKubeClient ¶

func (factory *ClientFactory) SetProxyKubeClient(endpointID, token string, cli *KubeClient)

SetProxyKubeClient stores a kubeclient in the cache.

type KubeClient ¶

type KubeClient struct {
	// contains filtered or unexported fields
}

KubeClient represent a service used to execute Kubernetes operations

func (*KubeClient) CreateIngress ¶

func (kcl *KubeClient) CreateIngress(namespace string, info models.K8sIngressInfo, owner string) error

CreateIngress creates a new ingress in a given namespace in a k8s endpoint.

func (*KubeClient) CreateNamespace ¶

func (kcl *KubeClient) CreateNamespace(info models.K8sNamespaceDetails) error

CreateNamespace creates a new ingress in a given namespace in a k8s endpoint.

func (*KubeClient) CreateRegistrySecret ¶

func (kcl *KubeClient) CreateRegistrySecret(registry *portainer.Registry, namespace string) (err error)

func (*KubeClient) CreateService ¶

func (kcl *KubeClient) CreateService(namespace string, info models.K8sServiceInfo) error

CreateService creates a new service in a given namespace in a k8s endpoint.

func (*KubeClient) CreateUserShellPod ¶

func (kcl *KubeClient) CreateUserShellPod(ctx context.Context, serviceAccountName, shellPodImage string) (*portainer.KubernetesShellPod, error)

CreateUserShellPod will create a kubectl based shell for the specified user by mounting their respective service account. The lifecycle of the pod is managed in this function; this entails management of the following pod operations: - The shell pod will be scoped to specified service accounts access permissions - The shell pod will be automatically removed if it's not ready after specified period of time - The shell pod will be automatically removed after a specified max life (prevent zombie pods) - The shell pod will be automatically removed if request is cancelled (or client closes websocket connection)

func (*KubeClient) DeleteIngresses ¶

func (kcl *KubeClient) DeleteIngresses(reqs models.K8sIngressDeleteRequests) error

DeleteIngresses processes a K8sIngressDeleteRequest by deleting each ingress in its given namespace.

func (*KubeClient) DeleteNamespace ¶

func (kcl *KubeClient) DeleteNamespace(namespace string) error

func (*KubeClient) DeleteRegistrySecret ¶

func (kcl *KubeClient) DeleteRegistrySecret(registry *portainer.Registry, namespace string) error

func (*KubeClient) DeleteServices ¶

func (kcl *KubeClient) DeleteServices(reqs models.K8sServiceDeleteRequests) error

DeleteServices processes a K8sServiceDeleteRequest by deleting each service in its given namespace.

func (*KubeClient) GetConfigMapsAndSecrets ¶

func (kcl *KubeClient) GetConfigMapsAndSecrets(namespace string) ([]models.K8sConfigMapOrSecret, error)

GetConfigMapsAndSecrets gets all the ConfigMaps AND all the Secrets for a given namespace in a k8s endpoint. The result is a list of both config maps and secrets. The IsSecret boolean property indicates if a given struct is a secret or configmap.

func (*KubeClient) GetIngressControllers ¶

func (kcl *KubeClient) GetIngressControllers() (models.K8sIngressControllers, error)

func (*KubeClient) GetIngresses ¶

func (kcl *KubeClient) GetIngresses(namespace string) ([]models.K8sIngressInfo, error)

GetIngresses gets all the ingresses for a given namespace in a k8s endpoint.

func (*KubeClient) GetMetrics ¶

func (kcl *KubeClient) GetMetrics() (models.K8sMetrics, error)

func (*KubeClient) GetNamespace ¶

func (kcl *KubeClient) GetNamespace(name string) (portainer.K8sNamespaceInfo, error)

GetNamespace gets the namespace in the current k8s environment(endpoint).

func (*KubeClient) GetNamespaceAccessPolicies ¶

func (kcl *KubeClient) GetNamespaceAccessPolicies() (map[string]portainer.K8sNamespaceAccessPolicy, error)

GetNamespaceAccessPolicies gets the namespace access policies from config maps in the portainer namespace

func (*KubeClient) GetNamespaces ¶

func (kcl *KubeClient) GetNamespaces() (map[string]portainer.K8sNamespaceInfo, error)

GetNamespaces gets the namespaces in the current k8s environment(endpoint).

func (*KubeClient) GetNodesLimits ¶

func (kcl *KubeClient) GetNodesLimits() (portainer.K8sNodesLimits, error)

GetNodesLimits gets the CPU and Memory limits(unused resources) of all nodes in the current k8s environment(endpoint) connection

func (*KubeClient) GetServiceAccount ¶

func (kcl *KubeClient) GetServiceAccount(tokenData *portainer.TokenData) (*v1.ServiceAccount, error)

GetServiceAccount returns the portainer ServiceAccountName associated to the specified user.

func (*KubeClient) GetServiceAccountBearerToken ¶

func (kcl *KubeClient) GetServiceAccountBearerToken(userID int) (string, error)

GetServiceAccountBearerToken returns the ServiceAccountToken associated to the specified user.

func (*KubeClient) GetServices ¶

func (kcl *KubeClient) GetServices(namespace string, lookupApplications bool) ([]models.K8sServiceInfo, error)

GetServices gets all the services for a given namespace in a k8s endpoint.

func (*KubeClient) GetStorage ¶

func (kcl *KubeClient) GetStorage() ([]portainer.KubernetesStorageClassConfig, error)

func (*KubeClient) HasStackName ¶

func (kcl *KubeClient) HasStackName(namespace string, stackName string) (bool, error)

HasStackName checks whether the given name is used in the given namespace.

func (*KubeClient) IsRBACEnabled ¶

func (kcl *KubeClient) IsRBACEnabled() (bool, error)

IsRBACEnabled checks if RBAC is enabled in the cluster by creating a service account, then checking it's access to a resourcequota before and after setting a cluster role and cluster role binding

func (*KubeClient) IsRegistrySecret ¶

func (cli *KubeClient) IsRegistrySecret(namespace, secretName string) (bool, error)

func (*KubeClient) NamespaceAccessPoliciesDeleteNamespace ¶

func (kcl *KubeClient) NamespaceAccessPoliciesDeleteNamespace(ns string) error

NamespaceAccessPoliciesDeleteNamespace removes stored policies associated with a given namespace

func (*KubeClient) SetupUserServiceAccount ¶

func (kcl *KubeClient) SetupUserServiceAccount(userID int, teamIDs []int, restrictDefaultNamespace bool) error

SetupUserServiceAccount will make sure that all the required resources are created inside the Kubernetes cluster before creating a ServiceAccount and a ServiceAccountToken for the specified Portainer user. It will also create required default RoleBinding and ClusterRoleBinding rules.

func (*KubeClient) StartExecProcess ¶

func (kcl *KubeClient) StartExecProcess(token string, useAdminToken bool, namespace, podName, containerName string, command []string, stdin io.Reader, stdout io.Writer, errChan chan error)

StartExecProcess will start an exec process inside a container located inside a pod inside a specific namespace using the specified command. The stdin parameter will be bound to the stdin process and the stdout process will write to the stdout parameter. This function only works against a local environment(endpoint) using an in-cluster config with the user's SA token. This is a blocking operation.

func (*KubeClient) ToggleSystemState ¶

func (kcl *KubeClient) ToggleSystemState(namespaceName string, isSystem bool) error

ToggleSystemState will set a namespace as a system namespace, or remove this state if isSystem is true it will set `systemNamespaceLabel` to "true" and false otherwise this will skip if namespace is "default" or if the required state is already set

func (*KubeClient) UpdateIngress ¶

func (kcl *KubeClient) UpdateIngress(namespace string, info models.K8sIngressInfo) error

UpdateIngress updates an existing ingress in a given namespace in a k8s endpoint.

func (*KubeClient) UpdateNamespace ¶

func (kcl *KubeClient) UpdateNamespace(info models.K8sNamespaceDetails) error

UpdateIngress updates an ingress in a given namespace in a k8s endpoint.

func (*KubeClient) UpdateNamespaceAccessPolicies ¶

func (kcl *KubeClient) UpdateNamespaceAccessPolicies(accessPolicies map[string]portainer.K8sNamespaceAccessPolicy) error

UpdateNamespaceAccessPolicies updates the namespace access policies

func (*KubeClient) UpdateService ¶

func (kcl *KubeClient) UpdateService(namespace string, info models.K8sServiceInfo) error

UpdateService updates service in a given namespace in a k8s endpoint.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL