Package io.fabric8.openshift.api.model.operator.network.v1

Class OperatorPKI

  • All Implemented Interfaces:
    io.fabric8.kubernetes.api.builder.Editable<OperatorPKIBuilder>, io.fabric8.kubernetes.api.model.HasMetadata, io.fabric8.kubernetes.api.model.KubernetesResource, io.fabric8.kubernetes.api.model.Namespaced, Serializable
    @Generated("io.fabric8.kubernetes.schema.generator.model.ModelGenerator")
public class OperatorPKI
extends Object
implements io.fabric8.kubernetes.api.builder.Editable<OperatorPKIBuilder>, io.fabric8.kubernetes.api.model.HasMetadata, io.fabric8.kubernetes.api.model.Namespaced
    OperatorPKI is a simple certificate authority. It is not intended for external use - rather, it is internal to the network operator. The CNO creates a CA and a certificate signed by that CA. The certificate has both ClientAuth and ServerAuth extended usages enabled.


    More specifically, given an OperatorPKI with <name>, the CNO will manage:


    - A Secret called <name>-ca with two data keys:

    - tls.key - the private key

    - tls.crt - the CA certificate


    - A ConfigMap called <name>-ca with a single data key:

    - cabundle.crt - the CA certificate(s)


    - A Secret called <name>-cert with two data keys:

    - tls.key - the private key

    - tls.crt - the certificate, signed by the CA


    The CA certificate will have a validity of 10 years, rotated after 9. The target certificate will have a validity of 6 months, rotated after 3


    The CA certificate will have a CommonName of "<namespace>_<name>-ca@<timestamp>", where <timestamp> is the last rotation time.

    See Also:
    Serialized Form

    • Constructor Detail

      • OperatorPKI

        public OperatorPKI()
        No args constructor for use in serialization

    • Method Detail

      • getApiVersion

        public String getApiVersion()
        APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
        Specified by:
        getApiVersion in interface io.fabric8.kubernetes.api.model.HasMetadata

      • setApiVersion

        public void setApiVersion​(String apiVersion)
        APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
        Specified by:
        setApiVersion in interface io.fabric8.kubernetes.api.model.HasMetadata

      • getKind

        public String getKind()
        Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
        Specified by:
        getKind in interface io.fabric8.kubernetes.api.model.HasMetadata

      • setKind

        public void setKind​(String kind)
        Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

      • getMetadata

        public io.fabric8.kubernetes.api.model.ObjectMeta getMetadata()
        OperatorPKI is a simple certificate authority. It is not intended for external use - rather, it is internal to the network operator. The CNO creates a CA and a certificate signed by that CA. The certificate has both ClientAuth and ServerAuth extended usages enabled.


        More specifically, given an OperatorPKI with <name>, the CNO will manage:


        - A Secret called <name>-ca with two data keys:

        - tls.key - the private key

        - tls.crt - the CA certificate


        - A ConfigMap called <name>-ca with a single data key:

        - cabundle.crt - the CA certificate(s)


        - A Secret called <name>-cert with two data keys:

        - tls.key - the private key

        - tls.crt - the certificate, signed by the CA


        The CA certificate will have a validity of 10 years, rotated after 9. The target certificate will have a validity of 6 months, rotated after 3


        The CA certificate will have a CommonName of "<namespace>_<name>-ca@<timestamp>", where <timestamp> is the last rotation time.

        Specified by:
        getMetadata in interface io.fabric8.kubernetes.api.model.HasMetadata

      • setMetadata

        public void setMetadata​(io.fabric8.kubernetes.api.model.ObjectMeta metadata)
        OperatorPKI is a simple certificate authority. It is not intended for external use - rather, it is internal to the network operator. The CNO creates a CA and a certificate signed by that CA. The certificate has both ClientAuth and ServerAuth extended usages enabled.


        More specifically, given an OperatorPKI with <name>, the CNO will manage:


        - A Secret called <name>-ca with two data keys:

        - tls.key - the private key

        - tls.crt - the CA certificate


        - A ConfigMap called <name>-ca with a single data key:

        - cabundle.crt - the CA certificate(s)


        - A Secret called <name>-cert with two data keys:

        - tls.key - the private key

        - tls.crt - the certificate, signed by the CA


        The CA certificate will have a validity of 10 years, rotated after 9. The target certificate will have a validity of 6 months, rotated after 3


        The CA certificate will have a CommonName of "<namespace>_<name>-ca@<timestamp>", where <timestamp> is the last rotation time.

        Specified by:
        setMetadata in interface io.fabric8.kubernetes.api.model.HasMetadata

      • getSpec

        public OperatorPKISpec getSpec()
        OperatorPKI is a simple certificate authority. It is not intended for external use - rather, it is internal to the network operator. The CNO creates a CA and a certificate signed by that CA. The certificate has both ClientAuth and ServerAuth extended usages enabled.


        More specifically, given an OperatorPKI with <name>, the CNO will manage:


        - A Secret called <name>-ca with two data keys:

        - tls.key - the private key

        - tls.crt - the CA certificate


        - A ConfigMap called <name>-ca with a single data key:

        - cabundle.crt - the CA certificate(s)


        - A Secret called <name>-cert with two data keys:

        - tls.key - the private key

        - tls.crt - the certificate, signed by the CA


        The CA certificate will have a validity of 10 years, rotated after 9. The target certificate will have a validity of 6 months, rotated after 3


        The CA certificate will have a CommonName of "<namespace>_<name>-ca@<timestamp>", where <timestamp> is the last rotation time.

      • setSpec

        public void setSpec​(OperatorPKISpec spec)
        OperatorPKI is a simple certificate authority. It is not intended for external use - rather, it is internal to the network operator. The CNO creates a CA and a certificate signed by that CA. The certificate has both ClientAuth and ServerAuth extended usages enabled.


        More specifically, given an OperatorPKI with <name>, the CNO will manage:


        - A Secret called <name>-ca with two data keys:

        - tls.key - the private key

        - tls.crt - the CA certificate


        - A ConfigMap called <name>-ca with a single data key:

        - cabundle.crt - the CA certificate(s)


        - A Secret called <name>-cert with two data keys:

        - tls.key - the private key

        - tls.crt - the certificate, signed by the CA


        The CA certificate will have a validity of 10 years, rotated after 9. The target certificate will have a validity of 6 months, rotated after 3


        The CA certificate will have a CommonName of "<namespace>_<name>-ca@<timestamp>", where <timestamp> is the last rotation time.

      • getStatus

        public OperatorPKIStatus getStatus()
        OperatorPKI is a simple certificate authority. It is not intended for external use - rather, it is internal to the network operator. The CNO creates a CA and a certificate signed by that CA. The certificate has both ClientAuth and ServerAuth extended usages enabled.


        More specifically, given an OperatorPKI with <name>, the CNO will manage:


        - A Secret called <name>-ca with two data keys:

        - tls.key - the private key

        - tls.crt - the CA certificate


        - A ConfigMap called <name>-ca with a single data key:

        - cabundle.crt - the CA certificate(s)


        - A Secret called <name>-cert with two data keys:

        - tls.key - the private key

        - tls.crt - the certificate, signed by the CA


        The CA certificate will have a validity of 10 years, rotated after 9. The target certificate will have a validity of 6 months, rotated after 3


        The CA certificate will have a CommonName of "<namespace>_<name>-ca@<timestamp>", where <timestamp> is the last rotation time.

      • setStatus

        public void setStatus​(OperatorPKIStatus status)
        OperatorPKI is a simple certificate authority. It is not intended for external use - rather, it is internal to the network operator. The CNO creates a CA and a certificate signed by that CA. The certificate has both ClientAuth and ServerAuth extended usages enabled.


        More specifically, given an OperatorPKI with <name>, the CNO will manage:


        - A Secret called <name>-ca with two data keys:

        - tls.key - the private key

        - tls.crt - the CA certificate


        - A ConfigMap called <name>-ca with a single data key:

        - cabundle.crt - the CA certificate(s)


        - A Secret called <name>-cert with two data keys:

        - tls.key - the private key

        - tls.crt - the certificate, signed by the CA


        The CA certificate will have a validity of 10 years, rotated after 9. The target certificate will have a validity of 6 months, rotated after 3


        The CA certificate will have a CommonName of "<namespace>_<name>-ca@<timestamp>", where <timestamp> is the last rotation time.

      • getAdditionalProperties

        public Map<String,​Object> getAdditionalProperties()

      • setAdditionalProperty

        public void setAdditionalProperty​(String name,
                                  Object value)

      • setAdditionalProperties

        public void setAdditionalProperties​(Map<String,​Object> additionalProperties)