Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BaseReconciler ¶
type BaseReconciler struct {
client.Client
ObjectReconciler
Scheme *runtime.Scheme
RootID *spiretypes.SPIFFEID
SpireClient entryv1.EntryClient
Log logr.Logger
}
BaseReconciler reconciles... something This implements the polling solution documented here: https://docs.google.com/document/d/19BDGrCRh9rjj09to1D2hlDJZXRuwOlY4hL5c4n7_bVc By using name+namespace as a key we are able to maintain a 1:1 mapping from k8s resources to SPIRE registration entries. The base reconciler implements the common functionality required to maintain that mapping, including a watcher on the given resource, and a watcher which receives notifications from polling the SPIRE Entry API.
func NewNodeReconciler ¶
func NewNodeReconciler(client client.Client, log logr.Logger, scheme *runtime.Scheme, serverID *spiretypes.SPIFFEID, cluster string, rootID *spiretypes.SPIFFEID, spireClient entryv1.EntryClient) *BaseReconciler
func NewPodReconciler ¶
func NewPodReconciler(client client.Client, log logr.Logger, scheme *runtime.Scheme, trustDomain string, rootID *spiretypes.SPIFFEID, spireClient entryv1.EntryClient, mode PodReconcilerMode, value string, clusterDNSZone string, addPodDNSNames bool, disabledNamespaces []string) *BaseReconciler
func (*BaseReconciler) SetupWithManager ¶
func (r *BaseReconciler) SetupWithManager(mgr ctrl.Manager) error
type NodeReconciler ¶
type NodeReconciler struct {
RootID *spiretypes.SPIFFEID
SpireClient entryv1.EntryClient
Cluster string
ServerID *spiretypes.SPIFFEID
}
NodeReconciler reconciles a Node object
func (*NodeReconciler) SetupWithManager ¶
func (r *NodeReconciler) SetupWithManager(_ ctrl.Manager, _ *ctrlBuilder.Builder) error
type NodeSelectorSubType ¶
type NodeSelectorSubType string
const ( NodeNameSelector NodeSelectorSubType = "agent_node_name" ClusterSelector NodeSelectorSubType = "cluster" )
type ObjectReconciler ¶
type ObjectReconciler interface {
// Perform any additional manager setup required
SetupWithManager(ctrl.Manager, *ctrlBuilder.Builder) error
// contains filtered or unexported methods
}
type ObjectWithMetadata ¶
type ObjectWithMetadata interface {
RuntimeObject
V1Object
}
type PodReconciler ¶
type PodReconciler struct {
client.Client
TrustDomain string
Mode PodReconcilerMode
Value string
RootID *spiretypes.SPIFFEID
SpireClient entryv1.EntryClient
ClusterDNSZone string
AddPodDNSNames bool
DisabledNamespaces map[string]bool
}
PodReconciler reconciles a Pod object
func (*PodReconciler) SetupWithManager ¶
func (r *PodReconciler) SetupWithManager(mgr ctrl.Manager, builder *ctrlBuilder.Builder) error
type PodReconcilerMode ¶
type PodReconcilerMode int32
const ( PodReconcilerModeServiceAccount PodReconcilerMode = iota PodReconcilerModeLabel PodReconcilerModeAnnotation )
type RuntimeObject ¶
type SpirePoller ¶
type SpirePoller struct {
// contains filtered or unexported fields
}
type WorkloadSelectorSubType ¶
type WorkloadSelectorSubType string
const ( PodNamespaceSelector WorkloadSelectorSubType = "ns" PodNameSelector WorkloadSelectorSubType = "pod-name" )
Source Files
Click to show internal directories.
Click to hide internal directories.