kubernetesk8s.io/kubernetes/cmd/kubeadm/app/phases/kubeconfig Index | Files

package kubeconfig

import "k8s.io/kubernetes/cmd/kubeadm/app/phases/kubeconfig"

Index

Functions

func CreateDefaultKubeConfigsAndCSRFiles 

func CreateDefaultKubeConfigsAndCSRFiles(out io.Writer, kubeConfigDir string, kubeadmConfig *kubeadmapi.InitConfiguration) error

CreateDefaultKubeConfigsAndCSRFiles is used in ExternalCA mode to create kubeconfig files and adjacent CSR files.

func CreateJoinControlPlaneKubeConfigFiles 

func CreateJoinControlPlaneKubeConfigFiles(outDir string, cfg *kubeadmapi.InitConfiguration) error

CreateJoinControlPlaneKubeConfigFiles will create and write to disk the kubeconfig files required by kubeadm join --control-plane workflow, plus the admin kubeconfig file used by the administrator and kubeadm itself; the kubelet.conf file must not be created because it will be created and signed by the kubelet TLS bootstrap process. When not using external CA mode, if a kubeconfig file already exists it is used only if evaluated equal, otherwise an error is returned. For external CA mode, the creation of kubeconfig files is skipped.

func CreateKubeConfigFile 

func CreateKubeConfigFile(kubeConfigFileName string, outDir string, cfg *kubeadmapi.InitConfiguration) error

CreateKubeConfigFile creates a kubeconfig file. If the kubeconfig file already exists, it is used only if evaluated equal; otherwise an error is returned.

func EnsureAdminClusterRoleBinding 

func EnsureAdminClusterRoleBinding(outDir string, ensureRBACFunc EnsureRBACFunc) (clientset.Interface, error)

EnsureAdminClusterRoleBinding constructs a client from admin.conf and optionally constructs a client from super-admin.conf if the file exists. It then proceeds to pass the clients to EnsureAdminClusterRoleBindingImpl. The function returns a usable client from admin.conf with RBAC properly constructed or an error.

func EnsureAdminClusterRoleBindingImpl 

func EnsureAdminClusterRoleBindingImpl(ctx context.Context, adminClient, superAdminClient clientset.Interface,
	retryInterval, retryTimeout time.Duration) (clientset.Interface, error)

EnsureAdminClusterRoleBindingImpl first attempts to see if the ClusterRoleBinding kubeadm:cluster-admins exists by using adminClient. If it already exists, it would mean the adminClient is usable. If it does not, attempt to create the ClusterRoleBinding by using superAdminClient.

func ValidateKubeconfigsForExternalCA 

func ValidateKubeconfigsForExternalCA(outDir string, cfg *kubeadmapi.InitConfiguration) error

ValidateKubeconfigsForExternalCA check if the kubeconfig file exist and has the expected CA and server URL using kubeadmapi.InitConfiguration.

func WriteKubeConfigWithClientCert 

func WriteKubeConfigWithClientCert(out io.Writer, cfg *kubeadmapi.InitConfiguration, clientName string, organizations []string, notAfter time.Time) error

WriteKubeConfigWithClientCert writes a kubeconfig file - with a client certificate as authentication info - to the given writer.

func WriteKubeConfigWithToken 

func WriteKubeConfigWithToken(out io.Writer, cfg *kubeadmapi.InitConfiguration, clientName, token string, notAfter time.Time) error

WriteKubeConfigWithToken writes a kubeconfig file - with a token as client authentication info - to the given writer.

Types

type EnsureRBACFunc 

type EnsureRBACFunc func(context.Context, clientset.Interface, clientset.Interface, time.Duration, time.Duration) (clientset.Interface, error)

EnsureRBACFunc defines a function type that can be passed to EnsureAdminClusterRoleBinding().

Source Files

doc.go kubeconfig.go

Version
v1.33.0 (latest)
Published
Apr 23, 2025
Platform
linux/amd64
Imports
26 packages
Last checked
6 hours ago

Tools for package owners.