kubernetesk8s.io/kubernetes/pkg/kubelet/server Index | Files | Directories

package server

import "k8s.io/kubernetes/pkg/kubelet/server"

Package server contains functions related to serving Kubelet's external interface.

Index

Constants 

const (
	// Kubelet component name
	ComponentKubelet = "kubelet"
)

Functions

func ListenAndServeKubeletReadOnlyServer 

func ListenAndServeKubeletReadOnlyServer(
	ctx context.Context,
	host HostInterface,
	resourceAnalyzer stats.ResourceAnalyzer,
	checkers []healthz.HealthChecker,
	flagz flagz.Reader,
	address net.IP,
	port uint,
	tp oteltrace.TracerProvider)

ListenAndServeKubeletReadOnlyServer initializes a server to respond to HTTP network requests on the Kubelet.

func ListenAndServeKubeletServer 

func ListenAndServeKubeletServer(
	ctx context.Context,
	host HostInterface,
	resourceAnalyzer stats.ResourceAnalyzer,
	checkers []healthz.HealthChecker,
	flagz flagz.Reader,
	kubeCfg *kubeletconfiginternal.KubeletConfiguration,
	tlsOptions *TLSOptions,
	auth AuthInterface,
	tp oteltrace.TracerProvider)

ListenAndServeKubeletServer initializes a server to respond to HTTP network requests on the Kubelet.

func ListenAndServePodResources 

func ListenAndServePodResources(ctx context.Context, endpoint string, providers podresources.PodResourcesProviders)

ListenAndServePodResources initializes a gRPC server to serve the PodResources service

Types

type AuthInterface 

type AuthInterface interface {
	authenticator.Request
	NodeRequestAttributesGetter
	authorizer.Authorizer
}

AuthInterface contains all methods required by the auth filters

func NewKubeletAuth 

func NewKubeletAuth(authenticator authenticator.Request, authorizerAttributeGetter NodeRequestAttributesGetter, authorizer authorizer.Authorizer) AuthInterface

NewKubeletAuth returns a kubelet.AuthInterface composed of the given authenticator, attribute getter, and authorizer

type HostInterface 

type HostInterface interface {
	stats.Provider
	GetVersionInfo() (*cadvisorapi.VersionInfo, error)
	GetCachedMachineInfo() (*cadvisorapi.MachineInfo, error)
	GetRunningPods(ctx context.Context) ([]*v1.Pod, error)
	RunInContainer(ctx context.Context, name string, uid types.UID, container string, cmd []string) ([]byte, error)
	CheckpointContainer(ctx context.Context, podUID types.UID, podFullName, containerName string, options *runtimeapi.CheckpointContainerRequest) error
	GetKubeletContainerLogs(ctx context.Context, podFullName, containerName string, logOptions *v1.PodLogOptions, stdout, stderr io.Writer) error
	ServeLogs(w http.ResponseWriter, req *http.Request)
	SyncLoopHealthCheck(req *http.Request) error
	GetExec(ctx context.Context, podFullName string, podUID types.UID, containerName string, cmd []string, streamOpts remotecommandserver.Options) (*url.URL, error)
	GetAttach(ctx context.Context, podFullName string, podUID types.UID, containerName string, streamOpts remotecommandserver.Options) (*url.URL, error)
	GetPortForward(ctx context.Context, podName, podNamespace string, podUID types.UID, portForwardOpts portforward.V4Options) (*url.URL, error)
	ListMetricDescriptors(ctx context.Context) ([]*runtimeapi.MetricDescriptor, error)
	ListPodSandboxMetrics(ctx context.Context) ([]*runtimeapi.PodSandboxMetrics, error)
}

HostInterface contains all the kubelet methods required by the server. For testability.

type KubeletAuth 

type KubeletAuth struct {
	// authenticator identifies the user for requests to the Kubelet API
	authenticator.Request
	// KubeletRequestAttributesGetter builds authorization.Attributes for a request to the Kubelet API
	NodeRequestAttributesGetter
	// authorizer determines whether a given authorization.Attributes is allowed
	authorizer.Authorizer
}

KubeletAuth implements AuthInterface

type NodeRequestAttributesGetter 

type NodeRequestAttributesGetter interface {
	GetRequestAttributes(ctx context.Context, u user.Info, r *http.Request) []authorizer.Attributes
}

func NewNodeAuthorizerAttributesGetter 

func NewNodeAuthorizerAttributesGetter(nodeName types.NodeName) NodeRequestAttributesGetter

NewNodeAuthorizerAttributesGetter creates a new authorizer.RequestAttributesGetter for the node.

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server is a http.Handler which exposes kubelet functionality over HTTP.

func NewServer 

func NewServer(
	ctx context.Context,
	host HostInterface,
	resourceAnalyzer stats.ResourceAnalyzer,
	checkers []healthz.HealthChecker,
	flagz flagz.Reader,
	auth AuthInterface,
	kubeCfg *kubeletconfiginternal.KubeletConfiguration) Server

NewServer initializes and configures a kubelet.Server object to handle HTTP requests.

func (*Server) InstallAuthFilter 

func (s *Server) InstallAuthFilter(ctx context.Context)

InstallAuthFilter installs authentication filters with the restful Container.

func (*Server) InstallAuthNotRequiredHandlers 

func (s *Server) InstallAuthNotRequiredHandlers(ctx context.Context)

InstallAuthNotRequiredHandlers registers request handlers that do not require authorization, which are installed on both the unsecured and secured (TLS) servers. NOTE: This method is maintained for backwards compatibility, but no new endpoints should be added to this set. New handlers should be added under InstallAuthorizedHandlers.

func (*Server) InstallAuthRequiredHandlers 

func (s *Server) InstallAuthRequiredHandlers(ctx context.Context)

InstallAuthRequiredHandlers registers the HTTP handlers that should only be installed on servers with authorization enabled. NOTE: New endpoints must require authorization.

func (*Server) InstallDebugFlagsHandler 

func (s *Server) InstallDebugFlagsHandler(enableDebugFlagsHandler bool)

InstallDebugFlagsHandler registers the HTTP request patterns for /debug/flags/v endpoint.

func (*Server) InstallDebuggingDisabledHandlers 

func (s *Server) InstallDebuggingDisabledHandlers()

InstallDebuggingDisabledHandlers registers the HTTP request patterns that provide better error message

func (*Server) InstallProfilingHandler 

func (s *Server) InstallProfilingHandler(enableProfilingLogHandler bool, enableContentionProfiling bool)

InstallProfilingHandler registers the HTTP request patterns for /debug/pprof endpoint.

func (*Server) InstallSystemLogHandler 

func (s *Server) InstallSystemLogHandler(enableSystemLogHandler bool, enableSystemLogQuery bool)

InstallSystemLogHandler registers the HTTP request patterns for logs endpoint.

func (*Server) InstallTracingFilter 

func (s *Server) InstallTracingFilter(tp oteltrace.TracerProvider, opts ...otelrestful.Option)

InstallTracingFilter installs OpenTelemetry tracing filter with the restful Container.

func (*Server) ServeHTTP 

func (s *Server) ServeHTTP(w http.ResponseWriter, req *http.Request)

ServeHTTP responds to HTTP requests on the Kubelet.

type TLSOptions 

type TLSOptions struct {
	Config   *tls.Config
	CertFile string
	KeyFile  string
}

TLSOptions holds the TLS options.

Source Files

auth.go doc.go server.go

Directories

PathSynopsis
pkg/kubelet/server/metrics
pkg/kubelet/server/statsPackage stats handles exporting Kubelet and container stats.
pkg/kubelet/server/stats/testing
Version
v1.35.1 (latest)
Published
Feb 10, 2026
Platform
linux/amd64
Imports
72 packages
Last checked
2 months ago

Tools for package owners.