package node

kubernetes – k8s.io/kubernetes/cmd/kubeadm/app/phases/bootstraptoken/node Index | Files

import "k8s.io/kubernetes/cmd/kubeadm/app/phases/bootstraptoken/node"

Index ¶

Constants
func AllowBootstrapTokensToPostCSRs(client clientset.Interface, k8sVersion *version.Version) error
func AutoApproveNodeBootstrapTokens(client clientset.Interface, k8sVersion *version.Version) error
func CreateNewToken(client clientset.Interface, token string, tokenDuration time.Duration, usages []string, extraGroups []string, description string) error
func UpdateOrCreateToken(client clientset.Interface, token string, failIfExists bool, tokenDuration time.Duration, usages []string, extraGroups []string, description string) error

Constants ¶

const (
	// NodeBootstrapperClusterRoleName defines the name of the auto-bootstrapped ClusterRole for letting someone post a CSR
	// TODO: This value should be defined in an other, generic authz package instead of here
	NodeBootstrapperClusterRoleName = "system:node-bootstrapper"
	// NodeKubeletBootstrap defines the name of the ClusterRoleBinding that lets kubelets post CSRs
	NodeKubeletBootstrap = "kubeadm:kubelet-bootstrap"

	// CSRAutoApprovalClusterRoleName defines the name of the auto-bootstrapped ClusterRole for making the csrapprover controller auto-approve the CSR
	// TODO: This value should be defined in an other, generic authz package instead of here
	CSRAutoApprovalClusterRoleName = "system:certificates.k8s.io:certificatesigningrequests:nodeclient"
	// NodeAutoApproveBootstrapClusterRoleBinding defines the name of the ClusterRoleBinding that makes the csrapprover approve node CSRs
	NodeAutoApproveBootstrapClusterRoleBinding = "kubeadm:node-autoapprove-bootstrap"
)

Functions ¶

func AllowBootstrapTokensToPostCSRs ¶

func AllowBootstrapTokensToPostCSRs(client clientset.Interface, k8sVersion *version.Version) error

AllowBootstrapTokensToPostCSRs creates RBAC rules in a way the makes Node Bootstrap Tokens able to post CSRs

func AutoApproveNodeBootstrapTokens ¶

func AutoApproveNodeBootstrapTokens(client clientset.Interface, k8sVersion *version.Version) error

AutoApproveNodeBootstrapTokens creates RBAC rules in a way that makes Node Bootstrap Tokens' CSR auto-approved by the csrapprover controller

func CreateNewToken ¶

func CreateNewToken(client clientset.Interface, token string, tokenDuration time.Duration, usages []string, extraGroups []string, description string) error

CreateNewToken tries to create a token and fails if one with the same ID already exists

func UpdateOrCreateToken ¶

func UpdateOrCreateToken(client clientset.Interface, token string, failIfExists bool, tokenDuration time.Duration, usages []string, extraGroups []string, description string) error

UpdateOrCreateToken attempts to update a token with the given ID, or create if it does not already exist.

Source Files ¶

tlsbootstrap.go token.go

Version: v1.8.0
Published: Sep 28, 2017
Platform: js/wasm
Imports: 14 packages
Last checked: 3 minutes ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples