github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-30 15:05:27 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #85431 from irbull/api-doc

Browse Source 
Add public documentation for kubelet/apis/config
This commit is contained in:
Kubernetes Prow Robot 2020-01-06 23:12:18 -08:00 committed by GitHub
commit 8b8f2aa4a5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hack/.golint_failures
View File

@ -102,7 +102,6 @@ pkg/features
pkg/kubeapiserver
pkg/kubeapiserver/options
pkg/kubectl/cmd/convert
pkg/kubelet/apis/config
pkg/kubelet/apis/config/v1beta1
pkg/kubelet/checkpointmanager/testing/example_checkpoint_formats/v1
pkg/kubelet/cm

8
pkg/kubelet/apis/config/types.go
View File

@ -337,6 +337,7 @@ type KubeletConfiguration struct {
ReservedSystemCPUs string
}
// KubeletAuthorizationMode denotes the authorization mode for the kubelet
type KubeletAuthorizationMode string
const (
@ -346,6 +347,7 @@ const (
KubeletAuthorizationModeWebhook KubeletAuthorizationMode = "Webhook"
)
// KubeletAuthorization holds the state related to the authorization in the kublet.
type KubeletAuthorization struct {
// mode is the authorization mode to apply to requests to the kubelet server.
// Valid values are AlwaysAllow and Webhook.
@ -356,6 +358,8 @@ type KubeletAuthorization struct {
Webhook KubeletWebhookAuthorization
}
// KubeletWebhookAuthorization holds the state related to the Webhook
// Authorization in the Kubelet.
type KubeletWebhookAuthorization struct {
// cacheAuthorizedTTL is the duration to cache 'authorized' responses from the webhook authorizer.
CacheAuthorizedTTL metav1.Duration
@ -363,6 +367,7 @@ type KubeletWebhookAuthorization struct {
CacheUnauthorizedTTL metav1.Duration
}
// KubeletAuthentication holds the Kubetlet Authentication setttings.
type KubeletAuthentication struct {
// x509 contains settings related to x509 client certificate authentication
X509 KubeletX509Authentication
@ -372,6 +377,7 @@ type KubeletAuthentication struct {
Anonymous KubeletAnonymousAuthentication
}
// KubeletX509Authentication contains settings related to x509 client certificate authentication
type KubeletX509Authentication struct {
// clientCAFile is the path to a PEM-encoded certificate bundle. If set, any request presenting a client certificate
// signed by one of the authorities in the bundle is authenticated with a username corresponding to the CommonName,
@ -379,6 +385,7 @@ type KubeletX509Authentication struct {
ClientCAFile string
}
// KubeletWebhookAuthentication contains settings related to webhook authentication
type KubeletWebhookAuthentication struct {
// enabled allows bearer token authentication backed by the tokenreviews.authentication.k8s.io API
Enabled bool
@ -386,6 +393,7 @@ type KubeletWebhookAuthentication struct {
CacheTTL metav1.Duration
}
// KubeletAnonymousAuthentication enables anonymous requests to the kubetlet server.
type KubeletAnonymousAuthentication struct {
// enabled allows anonymous requests to the kubelet server.
// Requests that are not rejected by another authentication method are treated as anonymous requests.