本文整理汇总了Golang中github.com/openshift/origin/pkg/cmd/server/bootstrappolicy.GetBootstrapSecurityContextConstraints函数的典型用法代码示例。如果您正苦于以下问题:Golang GetBootstrapSecurityContextConstraints函数的具体用法?Golang GetBootstrapSecurityContextConstraints怎么用?Golang GetBootstrapSecurityContextConstraints使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了GetBootstrapSecurityContextConstraints函数的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: ensureDefaultSecurityContextConstraints
func (c *MasterConfig) ensureDefaultSecurityContextConstraints() {
sccSupported, err := c.securityContextConstraintsSupported()
if err != nil {
glog.Errorf("Unable to determine if security context constraints are supported. Got error: %v", err)
return
}
if !sccSupported {
glog.Infof("Ignoring default security context constraints when running on external Kubernetes.")
return
}
ns := c.Options.PolicyConfig.OpenShiftInfrastructureNamespace
bootstrapSCCGroups, bootstrapSCCUsers := bootstrappolicy.GetBoostrapSCCAccess(ns)
for _, scc := range bootstrappolicy.GetBootstrapSecurityContextConstraints(bootstrapSCCGroups, bootstrapSCCUsers) {
_, err := c.KubeClient().SecurityContextConstraints().Create(&scc)
if kapierror.IsAlreadyExists(err) {
continue
}
if err != nil {
glog.Errorf("Unable to create default security context constraint %s. Got error: %v", scc.Name, err)
continue
}
glog.Infof("Created default security context constraint %s", scc.Name)
}
}
开发者ID:RomainVabre,项目名称:origin,代码行数:26,代码来源:ensure.go
示例2: ensureDefaultSecurityContextConstraints
func (c *MasterConfig) ensureDefaultSecurityContextConstraints() {
sccList, err := c.KubeClient().SecurityContextConstraints().List(labels.Everything(), fields.Everything())
if err != nil {
glog.Errorf("Unable to initialize security context constraints: %v. This may prevent the creation of pods", err)
return
}
if len(sccList.Items) > 0 {
return
}
glog.Infof("No security context constraints detected, adding defaults")
// add the build user to the privileged SCC access
ns := c.Options.PolicyConfig.OpenShiftInfrastructureNamespace
buildControllerUsername := serviceaccount.MakeUsername(ns, c.BuildControllerServiceAccount)
bootstrapSCCGroups, bootstrapSCCUsers := bootstrappolicy.GetBoostrapSCCAccess()
bootstrapSCCUsers[bootstrappolicy.SecurityContextConstraintPrivileged] = append(bootstrapSCCUsers[bootstrappolicy.SecurityContextConstraintPrivileged], buildControllerUsername)
for _, scc := range bootstrappolicy.GetBootstrapSecurityContextConstraints(bootstrapSCCGroups, bootstrapSCCUsers) {
_, err = c.KubeClient().SecurityContextConstraints().Create(&scc)
if err != nil {
glog.Errorf("Unable to create default security context constraint %s. Got error: %v", scc.Name, err)
}
}
}
开发者ID:pstinghua,项目名称:origin,代码行数:25,代码来源:ensure.go
示例3: ChangedSCCs
// ChangedSCCs returns the SCCs that must be created and/or updated to match the
// recommended bootstrap SCCs.
func (o *ReconcileSCCOptions) ChangedSCCs() ([]*kapi.SecurityContextConstraints, error) {
changedSCCs := []*kapi.SecurityContextConstraints{}
groups, users := bootstrappolicy.GetBoostrapSCCAccess(o.InfraNamespace)
bootstrapSCCs := bootstrappolicy.GetBootstrapSecurityContextConstraints(groups, users)
for i := range bootstrapSCCs {
expectedSCC := &bootstrapSCCs[i]
actualSCC, err := o.SCCClient.Get(expectedSCC.Name)
// if not found it needs to be created
if kapierrors.IsNotFound(err) {
changedSCCs = append(changedSCCs, expectedSCC)
continue
}
if err != nil {
return nil, err
}
// if found then we need to diff to see if it needs updated
if updatedSCC, needsUpdating := o.computeUpdatedSCC(*expectedSCC, *actualSCC); needsUpdating {
changedSCCs = append(changedSCCs, updatedSCC)
}
}
return changedSCCs, nil
}
开发者ID:johnmccawley,项目名称:origin,代码行数:27,代码来源:reconcile_sccs.go
示例4: ensureDefaultSecurityContextConstraints
func (c *MasterConfig) ensureDefaultSecurityContextConstraints() {
ns := c.Options.PolicyConfig.OpenShiftInfrastructureNamespace
bootstrapSCCGroups, bootstrapSCCUsers := bootstrappolicy.GetBoostrapSCCAccess(ns)
for _, scc := range bootstrappolicy.GetBootstrapSecurityContextConstraints(bootstrapSCCGroups, bootstrapSCCUsers) {
_, err := c.KubeClient().SecurityContextConstraints().Create(&scc)
if kapierror.IsAlreadyExists(err) {
continue
}
if err != nil {
glog.Errorf("Unable to create default security context constraint %s. Got error: %v", scc.Name, err)
continue
}
glog.Infof("Created default security context constraint %s", scc.Name)
}
}
开发者ID:kimsh92,项目名称:origin,代码行数:16,代码来源:ensure.go
示例5: ensureDefaultSecurityContextConstraints
func (c *MasterConfig) ensureDefaultSecurityContextConstraints() {
sccList, err := c.KubeClient().SecurityContextConstraints().List(labels.Everything(), fields.Everything())
if err != nil {
glog.Errorf("Unable to initialize security context constraints: %v", err)
}
if len(sccList.Items) > 0 {
return
}
glog.Infof("No security context constraints detected, adding defaults")
ns := c.Options.PolicyConfig.OpenShiftInfrastructureNamespace
buildControllerUsername := serviceaccount.MakeUsername(ns, c.BuildControllerServiceAccount)
for _, scc := range bootstrappolicy.GetBootstrapSecurityContextConstraints(buildControllerUsername) {
_, err = c.KubeClient().SecurityContextConstraints().Create(&scc)
if err != nil {
glog.Errorf("Unable to create default security context constraint %s. Got error: %v", scc.Name, err)
}
}
}
开发者ID:ppitonak,项目名称:origin,代码行数:19,代码来源:ensure.go
注:本文中的github.com/openshift/origin/pkg/cmd/server/bootstrappolicy.GetBootstrapSecurityContextConstraints函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论