package cleaner
import "k8s.io/kubernetes/pkg/controller/certificates/cleaner"
Package cleaner implements an automated cleaner that does garbage collection on CSRs that meet specific criteria. With automated CSR requests and automated approvals, the volume of CSRs only increases over time, at a rapid rate if the certificate duration is short.
Index ¶
- type CSRCleanerController
- func NewCSRCleanerController( csrClient csrclient.CertificateSigningRequestInterface, csrInformer certificatesinformers.CertificateSigningRequestInformer, ) *CSRCleanerController
- func (ccc *CSRCleanerController) Run(ctx context.Context, workers int)
- type PCRCleanerController
Types ¶
type CSRCleanerController ¶
type CSRCleanerController struct {
// contains filtered or unexported fields
}
CSRCleanerController is a controller that garbage collects old certificate signing requests (CSRs). Since there are mechanisms that automatically create CSRs, and mechanisms that automatically approve CSRs, in order to prevent a build up of CSRs over time, it is necessary to GC them. CSRs will be removed if they meet one of the following criteria: the CSR is Approved with a certificate and is old enough to be past the GC issued deadline, the CSR is denied and is old enough to be past the GC denied deadline, the CSR is Pending and is old enough to be past the GC pending deadline, the CSR is approved with a certificate and the certificate is expired.
func NewCSRCleanerController ¶
func NewCSRCleanerController( csrClient csrclient.CertificateSigningRequestInterface, csrInformer certificatesinformers.CertificateSigningRequestInformer, ) *CSRCleanerController
NewCSRCleanerController creates a new CSRCleanerController.
func (*CSRCleanerController) Run ¶
func (ccc *CSRCleanerController) Run(ctx context.Context, workers int)
Run the main goroutine responsible for watching and syncing jobs.
type PCRCleanerController ¶
type PCRCleanerController struct {
// contains filtered or unexported fields
}
PCRCleanerController garbage-collects PodCertificateRequests older than 30 minutes.
func NewPCRCleanerController ¶
func NewPCRCleanerController( client kubernetes.Interface, pcrLister certinformersv1alpha1.PodCertificateRequestInformer, clock clock.PassiveClock, threshold time.Duration, pollingInterval time.Duration, ) *PCRCleanerController
NewPCRCleanerController creates a PCRCleanerController.
func (*PCRCleanerController) Run ¶
func (c *PCRCleanerController) Run(ctx context.Context, workers int)
Source Files ¶
cleaner.go pcrcleaner.go
- Version
- v1.35.0-alpha.0
- Published
- Aug 2, 2025
- Platform
- darwin/amd64
- Imports
- 21 packages
- Last checked
- 7 minutes ago –
Tools for package owners.