package serviceaccount

kubernetes – k8s.io/kubernetes/pkg/controller/serviceaccount Index | Files

package serviceaccount

import "k8s.io/kubernetes/pkg/controller/serviceaccount"

Package serviceaccount provides implementations to manage service accounts and service account tokens

Index ¶

Constants
func NewGetterFromClient(c client.Interface) serviceaccount.ServiceAccountTokenGetter
func NewGetterFromRegistries(serviceAccounts serviceaccountregistry.Registry, secrets secret.Registry) serviceaccount.ServiceAccountTokenGetter
func NewGetterFromStorageInterface(s storage.Interface) serviceaccount.ServiceAccountTokenGetter
type ServiceAccountsController

func NewServiceAccountsController(cl client.Interface, options ServiceAccountsControllerOptions) *ServiceAccountsController
func (e *ServiceAccountsController) Run()
func (e *ServiceAccountsController) Stop()

type ServiceAccountsControllerOptions

func DefaultServiceAccountsControllerOptions() ServiceAccountsControllerOptions

type TokensController

func NewTokensController(cl client.Interface, options TokensControllerOptions) *TokensController
func (e *TokensController) Run()
func (e *TokensController) Stop()

type TokensControllerOptions

Constants ¶

const NumServiceAccountRemoveReferenceRetries = 10

Functions ¶

func NewGetterFromClient ¶

func NewGetterFromClient(c client.Interface) serviceaccount.ServiceAccountTokenGetter

NewGetterFromClient returns a ServiceAccountTokenGetter that uses the specified client to retrieve service accounts and secrets. The client should NOT authenticate using a service account token the returned getter will be used to retrieve, or recursion will result.

func NewGetterFromRegistries ¶

func NewGetterFromRegistries(serviceAccounts serviceaccountregistry.Registry, secrets secret.Registry) serviceaccount.ServiceAccountTokenGetter

NewGetterFromRegistries returns a ServiceAccountTokenGetter that uses the specified registries to retrieve service accounts and secrets.

func NewGetterFromStorageInterface ¶

func NewGetterFromStorageInterface(s storage.Interface) serviceaccount.ServiceAccountTokenGetter

NewGetterFromStorageInterface returns a ServiceAccountTokenGetter that uses the specified storage to retrieve service accounts and secrets.

Types ¶

type ServiceAccountsController ¶

type ServiceAccountsController struct {
	// contains filtered or unexported fields
}

ServiceAccountsController manages ServiceAccount objects inside Namespaces

func NewServiceAccountsController ¶

func NewServiceAccountsController(cl client.Interface, options ServiceAccountsControllerOptions) *ServiceAccountsController

NewServiceAccountsController returns a new *ServiceAccountsController.

func (*ServiceAccountsController) Run ¶

func (e *ServiceAccountsController) Run()

Runs controller loops and returns immediately

func (*ServiceAccountsController) Stop ¶

func (e *ServiceAccountsController) Stop()

Stop gracefully shuts down this controller

type ServiceAccountsControllerOptions ¶

type ServiceAccountsControllerOptions struct {
	// ServiceAccounts is the list of service accounts to ensure exist in every namespace
	ServiceAccounts []api.ServiceAccount

	// ServiceAccountResync is the interval between full resyncs of ServiceAccounts.
	// If non-zero, all service accounts will be re-listed this often.
	// Otherwise, re-list will be delayed as long as possible (until the watch is closed or times out).
	ServiceAccountResync time.Duration

	// NamespaceResync is the interval between full resyncs of Namespaces.
	// If non-zero, all namespaces will be re-listed this often.
	// Otherwise, re-list will be delayed as long as possible (until the watch is closed or times out).
	NamespaceResync time.Duration
}

ServiceAccountsControllerOptions contains options for running a ServiceAccountsController

func DefaultServiceAccountsControllerOptions ¶

func DefaultServiceAccountsControllerOptions() ServiceAccountsControllerOptions

type TokensController ¶

type TokensController struct {
	// contains filtered or unexported fields
}

TokensController manages ServiceAccountToken secrets for ServiceAccount objects

func NewTokensController ¶

func NewTokensController(cl client.Interface, options TokensControllerOptions) *TokensController

NewTokensController returns a new *TokensController.

func (*TokensController) Run ¶

func (e *TokensController) Run()

Runs controller loops and returns immediately

func (*TokensController) Stop ¶

func (e *TokensController) Stop()

Stop gracefully shuts down this controller

type TokensControllerOptions ¶

type TokensControllerOptions struct {
	// TokenGenerator is the generator to use to create new tokens
	TokenGenerator serviceaccount.TokenGenerator
	// ServiceAccountResync is the time.Duration at which to fully re-list service accounts.
	// If zero, re-list will be delayed as long as possible
	ServiceAccountResync time.Duration
	// SecretResync is the time.Duration at which to fully re-list secrets.
	// If zero, re-list will be delayed as long as possible
	SecretResync time.Duration
	// This CA will be added in the secretes of service accounts
	RootCA []byte
}

TokensControllerOptions contains options for the TokensController

Source Files ¶

doc.go serviceaccounts_controller.go tokengetter.go tokens_controller.go

Version: v1.2.0-alpha.6
Published: Jan 13, 2016
Platform: js/wasm
Imports: 22 packages
Last checked: 46 seconds ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples