rancher

package
v1.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 13, 2023 License: UPL-1.0 Imports: 71 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// note: VZ-5241 In Rancher 2.6.3 the agent was moved from cattle-fleet-system ns
	// to a new cattle-fleet-local-system ns, the rancher-operator-system ns was
	// removed, and the rancher-operator is no longer deployed
	FleetSystemNamespace      = "cattle-fleet-system"
	FleetLocalSystemNamespace = "cattle-fleet-local-system"
)

Constants for Kubernetes resource names

View Source 
const (
	CAPIMutatingWebhook                 = "mutating-webhook-configuration"
	CAPIValidatingWebhook               = "validating-webhook-configuration"
	SettingServerURL                    = "server-url"
	KontainerDriverOKE                  = "oraclecontainerengine"
	ClusterLocal                        = "local"
	AuthConfigLocal                     = "local"
	ClusterKind                         = "Cluster"
	ProviderCattleIoLabel               = "provider.cattle.io"
	UserVerrazzano                      = "u-verrazzano"
	UsernameVerrazzano                  = "verrazzano"
	UserVerrazzanoDescription           = "Verrazzano Admin"
	GlobalRoleBindingVerrazzanoPrefix   = "grb-"
	SettingUIPL                         = "ui-pl"
	SettingUIPLValueVerrazzano          = "Verrazzano"
	SettingUILogoLight                  = "ui-logo-light"
	SettingUILogoFolderBeforeRancher275 = "/usr/share/rancher/ui-dashboard/dashboard/_nuxt/pkg/verrazzano/assets/images"
	SettingUILogoFolder                 = "/usr/share/rancher/ui-dashboard/dashboard/assets/images"
	SettingUILogoLightFile              = "verrazzano-light.svg"
	SettingUILogoDark                   = "ui-logo-dark"
	SettingUILogoDarkFile               = "verrazzano-dark.svg"
	SettingUILogoValueprefix            = "data:image/svg+xml;base64,"
	SettingUIPrimaryColor               = "ui-primary-color"
	SettingUIPrimaryColorValue          = "rgb(48, 99, 142)"
	SettingUILinkColor                  = "ui-link-color"
	SettingUILinkColorValue             = "rgb(49, 118, 217)"
	SettingUIBrand                      = "ui-brand"
	SettingUIBrandValue                 = "verrazzano"
	SettingCACerts                      = "cacerts"
	SettingAuthResyncCron               = "auth-user-info-resync-cron"
	SettingAuthMaxAge                   = "auth-user-info-max-age-seconds"
	SettingAuthTTL                      = "auth-user-session-ttl-minutes"
	SettingKubeDefaultTokenTTL          = "kubeconfig-default-token-ttl-minutes" //nolint:gosec //#gosec G101
	SettingAuthResyncCronValue          = "*/15 * * * *"
	SettingAuthMaxAgeValue              = "600"
	SettingAuthTTLValue                 = "540"
	SettingKubeDefaultTokenTTLValue     = "540"
)
View Source 
const (
	AuthConfigKeycloakURLPathVerifyAuth           = "/verify-auth"
	AuthConfigKeycloakURLPathIssuer               = "/auth/realms/verrazzano-system"
	AuthConfigKeycloakURLPathAuthEndPoint         = "/auth/realms/verrazzano-system/protocol/openid-connect/auth"
	AuthConfigKeycloakClientIDRancher             = "rancher"
	AuthConfigKeycloakAccessMode                  = "unrestricted"
	AuthConfigKeycloakAttributeAccessMode         = "accessMode"
	AuthConfigKeycloakAttributeClientID           = "clientId"
	AuthConfigAttributeEnabled                    = "enabled"
	AuthConfigKeycloakAttributeGroupSearchEnabled = "groupSearchEnabled"
	AuthConfigKeycloakAttributeAuthEndpoint       = "authEndpoint"
	AuthConfigKeycloakAttributeIssuer             = "issuer"
	AuthConfigKeycloakAttributeRancherURL         = "rancherUrl"
)

auth config

View Source 
const (
	UserAttributeDisplayName                              = "displayName"
	UserAttributeUserName                                 = "username"
	UserAttributePrincipalIDs                             = "principalIds"
	UserAttributeDescription                              = "description"
	GlobalRoleBindingAttributeRoleName                    = "globalRoleName"
	GlobalRoleBindingAttributeUserName                    = "userName"
	ClusterRoleTemplateBindingAttributeClusterName        = "clusterName"
	ClusterRoleTemplateBindingAttributeGroupPrincipalName = "groupPrincipalName"
	ClusterRoleTemplateBindingAttributeRoleTemplateName   = "roleTemplateName"
	RoleTemplateAttributeBuiltin                          = "builtin"
	RoleTemplateAttributeContext                          = "context"
	RoleTemplateAttributeDisplayName                      = "displayName"
	RoleTemplateAttributeExternal                         = "external"
	RoleTemplateAttributeHidden                           = "hidden"
	RoleTemplateAttributeRules                            = "rules"
)

attributes

View Source 
const (
	ClusterAdminRoleName        = "cluster-admin"
	AdminRoleName               = "admin"
	VerrazzanoAdminRoleName     = "verrazzano-admin"
	ViewRoleName                = "view"
	VerrazzanoMonitorRoleName   = "verrazzano-monitor"
	ClusterMemberRoleName       = "cluster-member"
	VerrazzanoAdminsGroupName   = "verrazzano-admins"
	VerrazzanoMonitorsGroupName = "verrazzano-monitors"
	GroupKey                    = "group"
	ClusterRoleKey              = "clusterRole"
)

roles and groups

View Source 
const (
	UserPrincipalKeycloakPrefix  = "keycloakoidc_user://"
	GroupPrincipalKeycloakPrefix = "keycloakoidc_group://"
	UserPrincipalLocalPrefix     = "local://"
)

prefixes

View Source 
const (
	BootstrapSecret = "bootstrap-secret"
)
View Source 
const CattleGlobalDataNamespace = "cattle-global-data"

CattleGlobalDataNamespace is the multi-cluster namespace for verrazzano

View Source 
const ComponentJSONName = "rancher"

ComponentJSONName is the JSON name of the verrazzano component in CRD

View Source 
const ComponentName = common.RancherName

ComponentName is the name of the component

View Source 
const ComponentNamespace = common.CattleSystem

ComponentNamespace is the namespace of the component

View Source 
const (
	RancherSysNS = "management.cattle.io/system-namespace"
)

Variables

View Source 
var GVKCluster = common.GetRancherMgmtAPIGVKForKind("Cluster")
View Source 
var GVKClusterRoleTemplateBinding = common.GetRancherMgmtAPIGVKForKind("ClusterRoleTemplateBinding")
View Source 
var GVKGlobalRoleBinding = common.GetRancherMgmtAPIGVKForKind("GlobalRoleBinding")
View Source 
var GVKKontainerDriver = common.GetRancherMgmtAPIGVKForKind("KontainerDriver")
View Source 
var GVKRoleTemplate = common.GetRancherMgmtAPIGVKForKind("RoleTemplate")
View Source 
var GVKUser = common.GetRancherMgmtAPIGVKForKind("User")
View Source 
var GroupRolePairs = []map[string]string{
	{
		GroupKey:       VerrazzanoAdminsGroupName,
		ClusterRoleKey: ClusterAdminRoleName,
	},
	{
		GroupKey:       VerrazzanoAdminsGroupName,
		ClusterRoleKey: VerrazzanoAdminRoleName,
	},
	{
		GroupKey:       VerrazzanoAdminsGroupName,
		ClusterRoleKey: ClusterMemberRoleName,
	},
	{
		GroupKey:       VerrazzanoMonitorsGroupName,
		ClusterRoleKey: ViewRoleName,
	},
	{
		GroupKey:       VerrazzanoMonitorsGroupName,
		ClusterRoleKey: VerrazzanoMonitorRoleName,
	},
	{
		GroupKey:       VerrazzanoMonitorsGroupName,
		ClusterRoleKey: ClusterMemberRoleName,
	},
}

Functions

func AppendOverrides 

func AppendOverrides(ctx spi.ComponentContext, _ string, _ string, _ string, kvs []bom.KeyValue) ([]bom.KeyValue, error)

AppendOverrides set the Rancher overrides for Helm

func ConfigureAuthProviders added in v1.5.0 

func ConfigureAuthProviders(ctx spi.ComponentContext) error

ConfigureAuthProviders +configures Keycloak as OIDC provider for Rancher. +creates or updates default user verrazzano. +creates or updated the verrazzano cluster user +creates or updates admin clusterRole binding for user verrazzano. +disables first login setting to disable prompting for password on first login. +enables or disables Keycloak Auth provider.

func CreateOrUpdateRoleTemplate added in v1.5.0 

func CreateOrUpdateRoleTemplate(ctx spi.ComponentContext, role string) error

CreateOrUpdateRoleTemplate creates or updates RoleTemplates used to add Keycloak groups to the Rancher cluster

func DeleteLocalCluster added in v1.4.0 

func DeleteLocalCluster(log vzlog.VerrazzanoLogger, c client.Client)

Delete the local cluster

func GetOverrides added in v1.3.1 

func GetOverrides(object runtime.Object) interface{}

GetOverrides returns install overrides for a component

func IsClusterProvisionedByOCNEContainerDriver added in v1.7.0 

func IsClusterProvisionedByOCNEContainerDriver() (bool, error)

IsClusterProvisionedByOCNEContainerDriver checks if the Kubernetes cluster was provisioned by the Rancher OCNE container driver.

func IsClusterProvisionedByRancher added in v1.5.0 

func IsClusterProvisionedByRancher() (bool, error)

IsClusterProvisionedByRancher checks if the Kubernetes cluster was provisioned by Rancher.

func NewComponent 

func NewComponent() spi.Component

func SetCheckClusterProvisionedFunc added in v1.5.0 

func SetCheckClusterProvisionedFunc(newFunc checkProvisionedFuncSig)

func SetCheckContainerDriverProvisionedFunc added in v1.7.0 

func SetCheckContainerDriverProvisionedFunc(newFunc checkProvisionedFuncSig)

func SetDefaultCheckClusterProvisionedFunc added in v1.5.0 

func SetDefaultCheckClusterProvisionedFunc()

func SetDefaultCheckContainerDriverProvisionedFunc added in v1.7.0 

func SetDefaultCheckContainerDriverProvisionedFunc()

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.