const errInvalid … const errExist … type configMutatorsFunc … type KubeadmCert … // GetConfig returns the definition for the given cert given the provided InitConfiguration func (k *KubeadmCert) GetConfig(ic *kubeadmapi.InitConfiguration) (*pkiutil.CertConfig, error) { … } // CreateFromCA makes and writes a certificate using the given CA cert and key. func (k *KubeadmCert) CreateFromCA(ic *kubeadmapi.InitConfiguration, caCert *x509.Certificate, caKey crypto.Signer) error { … } // CreateAsCA creates a certificate authority, writing the files to disk and also returning the created CA so it can be used to sign child certs. func (k *KubeadmCert) CreateAsCA(ic *kubeadmapi.InitConfiguration) (*x509.Certificate, crypto.Signer, error) { … } type CertificateTree … // CreateTree creates the CAs, certs signed by the CAs, and writes them all to disk. func (t CertificateTree) CreateTree(ic *kubeadmapi.InitConfiguration) error { … } type CertificateMap … // CertTree returns a one-level-deep tree, mapping a CA cert to an array of certificates that should be signed by it. func (m CertificateMap) CertTree() (CertificateTree, error) { … } type Certificates … // AsMap returns the list of certificates as a map, keyed by name. func (c Certificates) AsMap() CertificateMap { … } // GetDefaultCertList returns all of the certificates kubeadm requires to function. func GetDefaultCertList() Certificates { … } // GetCertsWithoutEtcd returns all of the certificates kubeadm needs when etcd is hosted externally. func GetCertsWithoutEtcd() Certificates { … } // KubeadmCertRootCA is the definition of the Kubernetes Root CA for the API Server and kubelet. func KubeadmCertRootCA() *KubeadmCert { … } // KubeadmCertAPIServer is the definition of the cert used to serve the Kubernetes API. func KubeadmCertAPIServer() *KubeadmCert { … } // KubeadmCertKubeletClient is the definition of the cert used by the API server to access the kubelet. func KubeadmCertKubeletClient() *KubeadmCert { … } // KubeadmCertFrontProxyCA is the definition of the CA used for the front end proxy. func KubeadmCertFrontProxyCA() *KubeadmCert { … } // KubeadmCertFrontProxyClient is the definition of the cert used by the API server to access the front proxy. func KubeadmCertFrontProxyClient() *KubeadmCert { … } // KubeadmCertEtcdCA is the definition of the root CA used by the hosted etcd server. func KubeadmCertEtcdCA() *KubeadmCert { … } // KubeadmCertEtcdServer is the definition of the cert used to serve etcd to clients. func KubeadmCertEtcdServer() *KubeadmCert { … } // KubeadmCertEtcdPeer is the definition of the cert used by etcd peers to access each other. func KubeadmCertEtcdPeer() *KubeadmCert { … } // KubeadmCertEtcdHealthcheck is the definition of the cert used by Kubernetes to check the health of the etcd server. func KubeadmCertEtcdHealthcheck() *KubeadmCert { … } // KubeadmCertEtcdAPIClient is the definition of the cert used by the API server to access etcd. func KubeadmCertEtcdAPIClient() *KubeadmCert { … } func makeAltNamesMutator(f func(*kubeadmapi.InitConfiguration) (*certutil.AltNames, error)) configMutatorsFunc { … } func setCommonNameToNodeName() configMutatorsFunc { … } // leafCertificates returns non-CA certificates from the supplied Certificates. func leafCertificates(c Certificates) (Certificates, error) { … } func createKeyAndCSR(kubeadmConfig *kubeadmapi.InitConfiguration, cert *KubeadmCert) error { … } // CreateDefaultKeysAndCSRFiles is used in ExternalCA mode to create key files // and adjacent CSR files. func CreateDefaultKeysAndCSRFiles(out io.Writer, config *kubeadmapi.InitConfiguration) error { … }
Codebase Browser
kubernetes