Documentation
¶
Index ¶
- Constants
- Variables
- func BuildKubeConfigFromSpec(spec *KubeConfigSpec, clustername string) (*clientcmdapi.Config, error)
- func CreateBasic(serverURL, clusterName, userName string, caCert []byte) *clientcmdapi.Config
- func CreateWithCerts(serverURL, clusterName, userName string, caCert []byte, clientKey []byte, ...) *clientcmdapi.Config
- func EncodeCertPEM(cert *x509.Certificate) []byte
- func EncodePublicKeyPEM(key crypto.PublicKey) ([]byte, error)
- func FingerprintKey(k ssh.PublicKey) string
- func GenerateCACertificateAndWriteToFile(caCert, caKey string) error
- func GenerateKey(seed string) ([]byte, error)
- func GenerateKubeconfig(clustername string, server string, caFile, keyFile string) (*clientcmdapi.Config, error)
- func HandleTCPStream(src io.ReadWriteCloser, remote string)
- func LoadCaAuthorityCertAndKey(caCert, caKey string) (*x509.Certificate, crypto.Signer, error)
- func NewCertAndKey(caCert *x509.Certificate, caKey crypto.Signer, config *certutil.Config) (*x509.Certificate, crypto.Signer, error)
- func NewCertificateAuthority(config *certutil.Config) (*x509.Certificate, crypto.Signer, error)
- func NewDetermRand(seed []byte) io.Reader
- func NewPrivateKey() (crypto.Signer, error)
- func NewSignedCert(cfg *certutil.Config, key crypto.Signer, caCert *x509.Certificate, ...) (*x509.Certificate, error)
- func NewSshConn(conn GetSSHConn, remote string) net.Conn
- func NewWebSocketConn(websocketConn *websocket.Conn) net.Conn
- func Pipe(src io.ReadWriteCloser, dst io.ReadWriteCloser) (int64, int64)
- type Agents
- type DetermRand
- type GetSSHConn
- type KubeConfigIssuer
- type KubeConfigSpec
- type Remote
- type SshConn
- func (s *SshConn) Close() error
- func (s *SshConn) LocalAddr() net.Addr
- func (s *SshConn) Network() string
- func (s *SshConn) Read(b []byte) (n int, err error)
- func (s *SshConn) RemoteAddr() net.Addr
- func (s *SshConn) SetDeadline(t time.Time) error
- func (s *SshConn) SetReadDeadline(t time.Time) error
- func (s *SshConn) SetWriteDeadline(t time.Time) error
- func (s *SshConn) String() string
- func (s *SshConn) Write(b []byte) (n int, err error)
Constants ¶
View Source
const ( // ECPrivateKeyBlockType is a possible value for pem.Block.Type. ECPrivateKeyBlockType = "EC PRIVATE KEY" // PrivateKeyBlockType is a possible value for pem.Block.Type. PrivateKeyBlockType = "PRIVATE KEY" // PublicKeyBlockType is a possible value for pem.Block.Type. PublicKeyBlockType = "PUBLIC KEY" // CertificateBlockType is a possible value for pem.Block.Type. CertificateBlockType = "CERTIFICATE" // RSAPrivateKeyBlockType is a possible value for pem.Block.Type. RSAPrivateKeyBlockType = "RSA PRIVATE KEY" // CertificateValidity defines the validity for all the signed certificates generated by kubeadm CertificateValidity = time.Hour * 24 * 365 * 10 )
View Source
const DetermRandIter = 2048
View Source
const (
SystemPrivilegedGroup = "system:masters"
)
Variables ¶
View Source
var ErrInvalidRemoteFormat = errors.New("invalid remote, should be format like LocalHost:LocalPort:RemoteHost:RemotePort")
View Source
var ErrInvalidRemoteValue = errors.New("invalid port number or host")
View Source
var ErrorInvalidConnection = errors.New("invalid connection")
Functions ¶
func BuildKubeConfigFromSpec ¶
func BuildKubeConfigFromSpec(spec *KubeConfigSpec, clustername string) (*clientcmdapi.Config, error)
func CreateBasic ¶
func CreateBasic(serverURL, clusterName, userName string, caCert []byte) *clientcmdapi.Config
CreateBasic creates a basic, general KubeConfig object that then can be extended
func CreateWithCerts ¶
func CreateWithCerts(serverURL, clusterName, userName string, caCert []byte, clientKey []byte, clientCert []byte) *clientcmdapi.Config
CreateWithCerts creates a KubeConfig object with access to the API server with client certificates
func EncodeCertPEM ¶
func EncodeCertPEM(cert *x509.Certificate) []byte
EncodeCertPEM returns PEM-endcoded certificate data
func EncodePublicKeyPEM ¶
EncodePublicKeyPEM returns PEM-encoded public data
func FingerprintKey ¶
func GenerateKey ¶
func GenerateKubeconfig ¶
func HandleTCPStream ¶
func HandleTCPStream(src io.ReadWriteCloser, remote string)
func NewCertAndKey ¶
func NewCertAndKey(caCert *x509.Certificate, caKey crypto.Signer, config *certutil.Config) (*x509.Certificate, crypto.Signer, error)
NewCertAndKey creates new certificate and key by passing the certificate authority certificate and key
func NewCertificateAuthority ¶
func NewDetermRand ¶
func NewPrivateKey ¶
NewPrivateKey creates an RSA private key
func NewSignedCert ¶
func NewSignedCert(cfg *certutil.Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)
NewSignedCert creates a signed certificate using the given CA certificate and key
func NewSshConn ¶
func NewSshConn(conn GetSSHConn, remote string) net.Conn
func Pipe ¶
func Pipe(src io.ReadWriteCloser, dst io.ReadWriteCloser) (int64, int64)
Types ¶
type Agents ¶
func FakeAgents ¶
func FakeAgents() *Agents
type DetermRand ¶
type DetermRand struct {
// contains filtered or unexported fields
}
type GetSSHConn ¶
type KubeConfigIssuer ¶
type KubeConfigIssuer interface {
IssueKubeConfig(clustername string, proxyPort uint16) ([]byte, error)
}
func NewSimpleKubeConfigIssuer ¶
func NewSimpleKubeConfigIssuer(caCert, caKey, proxyServer string) (KubeConfigIssuer, error)
type KubeConfigSpec ¶
type KubeConfigSpec struct {
CACert *x509.Certificate
APIServer string
ClientName string
ClientCertAuth *clientCertAuth
}
type Remote ¶
type Remote struct {
LocalHost, LocalPort, RemoteHost, RemotePort string
}
Remote represents address forwarding, format like following LocalHost:LocalPort:RemoteHost:RemotePort
func DecodeRemote ¶
type SshConn ¶
type SshConn struct {
// contains filtered or unexported fields
}
func (*SshConn) RemoteAddr ¶
Source Files
Click to show internal directories.
Click to hide internal directories.