当前位置: 首页>>代码示例>>Golang>>正文

Golang cert.EncodeCertPEM函数代码示例

本文整理汇总了Golang中k8s/io/kubernetes/pkg/util/cert.EncodeCertPEM函数的典型用法代码示例。如果您正苦于以下问题:Golang EncodeCertPEM函数的具体用法?Golang EncodeCertPEM怎么用?Golang EncodeCertPEM使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了EncodeCertPEM函数的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。

示例1: CreateCertsAndConfigForClients

func CreateCertsAndConfigForClients(cfg kubeadmapi.API, clientNames []string, caKey *rsa.PrivateKey, caCert *x509.Certificate) (map[string]*clientcmdapi.Config, error) {

	basicClientConfig := kubeadmutil.CreateBasicClientConfig(
		"kubernetes",
		// TODO this is not great, but there is only one address we can use here
		// so we'll pick the first one, there is much of chance to have an empty
		// slice by the time this gets called
		fmt.Sprintf("https://%s:%d", cfg.AdvertiseAddresses[0], cfg.BindPort),
		certutil.EncodeCertPEM(caCert),
	)

	configs := map[string]*clientcmdapi.Config{}

	for _, client := range clientNames {
		key, cert, err := newClientKeyAndCert(caCert, caKey)
		if err != nil {
			return nil, fmt.Errorf("failure while creating %s client certificate - [%v]", client, err)
		}
		config := kubeadmutil.MakeClientConfigWithCerts(
			basicClientConfig,
			"kubernetes",
			client,
			certutil.EncodePrivateKeyPEM(key),
			certutil.EncodeCertPEM(cert),
		)
		configs[client] = config
	}

	return configs, nil
}
开发者ID:jbeda,项目名称:kubernetes,代码行数:30,代码来源:kubeconfig.go

示例2: createControllerManagerKubeconfigSecret

func createControllerManagerKubeconfigSecret(clientset *client.Clientset, namespace, name, svcName, kubeconfigName string, entKeyPairs *entityKeyPairs, dryRun bool) (*api.Secret, error) {
	config := kubeadmkubeconfigphase.MakeClientConfigWithCerts(
		fmt.Sprintf("https://%s", svcName),
		name,
		"federation-controller-manager",
		certutil.EncodeCertPEM(entKeyPairs.ca.Cert),
		certutil.EncodePrivateKeyPEM(entKeyPairs.controllerManager.Key),
		certutil.EncodeCertPEM(entKeyPairs.controllerManager.Cert),
	)

	return util.CreateKubeconfigSecret(clientset, config, namespace, kubeconfigName, dryRun)
}
开发者ID:kubernetes,项目名称:kubernetes,代码行数:12,代码来源:init.go

示例3: writeKeysAndCert

func writeKeysAndCert(pkiPath string, name string, key *rsa.PrivateKey, cert *x509.Certificate) error {
	var (
		publicKeyPath   = path.Join(pkiPath, fmt.Sprintf("%s-pub.pem", name))
		privateKeyPath  = path.Join(pkiPath, fmt.Sprintf("%s-key.pem", name))
		certificatePath = path.Join(pkiPath, fmt.Sprintf("%s.pem", name))
	)

	if key != nil {
		if err := certutil.WriteKey(privateKeyPath, certutil.EncodePrivateKeyPEM(key)); err != nil {
			return fmt.Errorf("unable to write private key file (%q) [%v]", privateKeyPath, err)
		}
		if pubKey, err := certutil.EncodePublicKeyPEM(&key.PublicKey); err == nil {
			if err := certutil.WriteKey(publicKeyPath, pubKey); err != nil {
				return fmt.Errorf("unable to write public key file (%q) [%v]", publicKeyPath, err)
			}
		} else {
			return fmt.Errorf("unable to encode public key to PEM [%v]", err)
		}
	}

	if cert != nil {
		if err := certutil.WriteCert(certificatePath, certutil.EncodeCertPEM(cert)); err != nil {
			return fmt.Errorf("unable to write certificate file (%q) [%v]", certificatePath, err)
		}
	}

	return nil
}
开发者ID:pst,项目名称:kubernetes,代码行数:28,代码来源:pki.go

示例4: createAPIServerCredentialsSecret

func createAPIServerCredentialsSecret(clientset *client.Clientset, namespace, credentialsName string, entKeyPairs *entityKeyPairs) (*api.Secret, error) {
	// Build the secret object with API server credentials.
	secret := &api.Secret{
		ObjectMeta: api.ObjectMeta{
			Name:      credentialsName,
			Namespace: namespace,
		},
		Data: map[string][]byte{
			"ca.crt":     certutil.EncodeCertPEM(entKeyPairs.ca.Cert),
			"server.crt": certutil.EncodeCertPEM(entKeyPairs.server.Cert),
			"server.key": certutil.EncodePrivateKeyPEM(entKeyPairs.server.Key),
		},
	}

	// Boilerplate to create the secret in the host cluster.
	return clientset.Core().Secrets(namespace).Create(secret)
}
开发者ID:ravilr,项目名称:kubernetes,代码行数:17,代码来源:init.go

示例5: createKubeConfigFileForClient

func createKubeConfigFileForClient(masterEndpoint, kubeConfigFilePath string, config *certutil.Config, caCert *x509.Certificate, caKey *rsa.PrivateKey) error {
	key, cert, err := certphase.NewClientKeyAndCert(config, caCert, caKey)
	if err != nil {
		return fmt.Errorf("failure while creating %s client certificate [%v]", config.CommonName, err)
	}

	kubeConfig := MakeClientConfigWithCerts(
		masterEndpoint,
		"kubernetes",
		config.CommonName,
		certutil.EncodeCertPEM(caCert),
		certutil.EncodePrivateKeyPEM(key),
		certutil.EncodeCertPEM(cert),
	)

	// Write it now to a file
	return WriteKubeconfigToDisk(kubeConfigFilePath, kubeConfig)
}
开发者ID:kubernetes,项目名称:kubernetes,代码行数:18,代码来源:kubeconfig.go

示例6: updateKubeconfig

func updateKubeconfig(config util.AdminConfig, name, endpoint string, entKeyPairs *entityKeyPairs, dryRun bool) error {
	po := config.PathOptions()
	kubeconfig, err := po.GetStartingConfig()
	if err != nil {
		return err
	}

	// Populate API server endpoint info.
	cluster := clientcmdapi.NewCluster()
	// Prefix "https" as the URL scheme to endpoint.
	if !strings.HasPrefix(endpoint, "https://") {
		endpoint = fmt.Sprintf("https://%s", endpoint)
	}
	cluster.Server = endpoint
	cluster.CertificateAuthorityData = certutil.EncodeCertPEM(entKeyPairs.ca.Cert)

	// Populate credentials.
	authInfo := clientcmdapi.NewAuthInfo()
	authInfo.ClientCertificateData = certutil.EncodeCertPEM(entKeyPairs.admin.Cert)
	authInfo.ClientKeyData = certutil.EncodePrivateKeyPEM(entKeyPairs.admin.Key)
	authInfo.Username = AdminCN

	// Populate context.
	context := clientcmdapi.NewContext()
	context.Cluster = name
	context.AuthInfo = name

	// Update the config struct with API server endpoint info,
	// credentials and context.
	kubeconfig.Clusters[name] = cluster
	kubeconfig.AuthInfos[name] = authInfo
	kubeconfig.Contexts[name] = context

	if !dryRun {
		// Write the update kubeconfig.
		if err := clientcmd.ModifyConfig(po, *kubeconfig, true); err != nil {
			return err
		}
	}

	return nil
}
开发者ID:spxtr,项目名称:kubernetes,代码行数:42,代码来源:init.go

示例7: encodeKubeDiscoverySecretData

func encodeKubeDiscoverySecretData(cfg *kubeadmapi.MasterConfiguration, caCert *x509.Certificate) map[string][]byte {
	var (
		data         = map[string][]byte{}
		endpointList = []string{}
		tokenMap     = map[string]string{}
	)

	for _, addr := range cfg.API.AdvertiseAddresses {
		endpointList = append(endpointList, fmt.Sprintf("https://%s:%d", addr, cfg.API.BindPort))
	}

	tokenMap[cfg.Secrets.TokenID] = cfg.Secrets.BearerToken

	data["endpoint-list.json"], _ = json.Marshal(endpointList)
	data["token-map.json"], _ = json.Marshal(tokenMap)
	data["ca.pem"] = certutil.EncodeCertPEM(caCert)

	return data
}
开发者ID:abutcher,项目名称:kubernetes,代码行数:19,代码来源:discovery.go

示例8: encodeKubeDiscoverySecretData

func encodeKubeDiscoverySecretData(dcfg *kubeadmapi.TokenDiscovery, apicfg kubeadmapi.API, caCert *x509.Certificate) map[string][]byte {
	var (
		data         = map[string][]byte{}
		endpointList = []string{}
		tokenMap     = map[string]string{}
	)

	for _, addr := range apicfg.AdvertiseAddresses {
		endpointList = append(endpointList, fmt.Sprintf("https://%s:%d", addr, apicfg.Port))
	}

	tokenMap[dcfg.ID] = dcfg.Secret

	data["endpoint-list.json"], _ = json.Marshal(endpointList)
	data["token-map.json"], _ = json.Marshal(tokenMap)
	data["ca.pem"] = certutil.EncodeCertPEM(caCert)

	return data
}
开发者ID:johscheuer,项目名称:kubernetes,代码行数:19,代码来源:discovery.go

示例9: encodeKubeDiscoverySecretData

func encodeKubeDiscoverySecretData(s *kubeadmapi.KubeadmConfig, caCert *x509.Certificate) map[string][]byte {
	var (
		data         = map[string][]byte{}
		endpointList = []string{}
		tokenMap     = map[string]string{}
	)

	for _, addr := range s.InitFlags.API.AdvertiseAddrs {
		endpointList = append(endpointList, fmt.Sprintf("https://%s:443", addr.String()))
	}

	tokenMap[s.Secrets.TokenID] = s.Secrets.BearerToken

	data["endpoint-list.json"], _ = json.Marshal(endpointList)
	data["token-map.json"], _ = json.Marshal(tokenMap)
	data["ca.pem"] = certutil.EncodeCertPEM(caCert)

	return data
}
开发者ID:pst,项目名称:kubernetes,代码行数:19,代码来源:discovery.go


注:本文中的k8s/io/kubernetes/pkg/util/cert.EncodeCertPEM函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。