Commit Graph

14 Commits

Author SHA1 Message Date
Matt Moyer
e5902533eb Add "--cluster-signing-*-file" flags pointing at a host volume mount.
This is a somewhat more basic way to get access to the certificate and private key we need to issue short lived certificates.

The host path, tolerations, and node selector here should work on any kubeadm-derived cluster including TKG-S and Kind.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-07-24 15:45:49 -05:00
Mo Khan
5fdc20886d
Initial aggregated API server (#15)
Add initial aggregated API server (squashed from a bunch of commits).

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
Signed-off-by: Aram Price <pricear@vmware.com>
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-07-23 10:05:21 -05:00
Monis Khan
549da37805
Encode git version info into binary and user agent
Signed-off-by: Monis Khan <mok@vmware.com>
2020-07-20 00:32:11 -04:00
Monis Khan
5fa5b9a9a9
Do not hard code API version
Signed-off-by: Monis Khan <mok@vmware.com>
2020-07-19 01:28:24 -04:00
Monis Khan
9118869d04
Use protobuf with built-in Kube REST APIs
Signed-off-by: Monis Khan <mok@vmware.com>
2020-07-19 01:28:24 -04:00
Matt Moyer
092cc26789 Refactor app.go and wire in autoregistration.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-07-17 12:10:33 -05:00
Andrew Keesler
63f5416b21
Define initial config file format
- Users may want to consume pkg/config to generate configuration files.
- This also involved putting config-related utilities in the config
  package for ease of consumption.
- We did not add in versioning into the Config type for now...this is
  something we will likely do in the future, but it is not deemed
  necessary this early in the project.
- The config file format tries to follow the patterns of Kube. One such
  example of this is requiring the use of base64-encoded CA bundle PEM
  bytes instead of a file path. This also slightly simplifies the config
  file handling because we don't have to 1) read in a file or 2) deal
  with the error case of the file not being there.

- The webhook code from k8s.io/apiserver is really exactly what we want
  here. If this dependency gets too burdensome, we can always drop it,
  but the pros outweigh the cons at the moment.
- Writing out a kubeconfig to disk to configure the webhook is a little
  janky, but hopefully this won't hurt performance too much in the year
  2020.

- Also bonus: call the right *Serve*() function when starting our
  servers.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-07-14 11:50:28 -04:00
Matt Moyer
2596ddfa25 Add initial CA code.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-07-13 16:23:54 -05:00
Andrew Keesler
619ae2b178
Add -c/--config flag
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-07-08 13:06:44 -04:00
Andrew Keesler
68d01f97a4 Add a log statement so we can tell that things are starting
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-07-07 13:20:07 -07:00
Matt Moyer
82f89c501a Fix initial lint violations.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-07-07 14:55:50 -05:00
Ryan Richard
57a22f99aa Add a simple /healthz endpoint
- Also remove the old hello world code

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-07-06 16:07:21 -07:00
Matt Moyer
c85507e46d Add Apache 2.0 license.
See https://www.apache.org/licenses/LICENSE-2.0.txt.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-07-06 13:50:31 -05:00
Ryan Richard
911f8736f1 Hello, world! 2020-07-02 17:05:59 -07:00