Class V1PodCertificateProjection

PodCertificateProjection provides a private key and X.509 certificate in the pod filesystem.

Inheritance
object
V1PodCertificateProjection
Implements
Inherited Members
Namespace: k8s.Models
Assembly: KubernetesClient.dll
Syntax
public record V1PodCertificateProjection : IEquatable<V1PodCertificateProjection>

Constructors

View Source

V1PodCertificateProjection()

Declaration
public V1PodCertificateProjection()
View Source

V1PodCertificateProjection(V1PodCertificateProjection)

Declaration
protected V1PodCertificateProjection(V1PodCertificateProjection original)
Parameters
Type Name Description
V1PodCertificateProjection original

Properties

View Source

CertificateChainPath

Write the certificate chain at this path in the projected volume.

Most applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.

Declaration
[JsonPropertyName("certificateChainPath")]
public string CertificateChainPath { get; set; }
Property Value
Type Description
string
View Source

CredentialBundlePath

Write the credential bundle at this path in the projected volume.

The credential bundle is a single file that contains multiple PEM blocks. The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private key.

The remaining blocks are CERTIFICATE blocks, containing the issued certificate chain from the signer (leaf and any intermediates).

Using credentialBundlePath lets your Pod's application code make a single atomic read that retrieves a consistent key and certificate chain. If you project them to separate files, your application code will need to additionally check that the leaf certificate was issued to the key.

Declaration
[JsonPropertyName("credentialBundlePath")]
public string CredentialBundlePath { get; set; }
Property Value
Type Description
string
View Source

EqualityContract

Declaration
protected virtual Type EqualityContract { get; }
Property Value
Type Description
Type
View Source

KeyPath

Write the key at this path in the projected volume.

Most applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.

Declaration
[JsonPropertyName("keyPath")]
public string KeyPath { get; set; }
Property Value
Type Description
string
View Source

KeyType

The type of keypair Kubelet will generate for the pod.

Valid values are "RSA3072", "RSA4096", "ECDSAP256", "ECDSAP384", "ECDSAP521", and "ED25519".

Declaration
[JsonPropertyName("keyType")]
public string KeyType { get; set; }
Property Value
Type Description
string
View Source

MaxExpirationSeconds

maxExpirationSeconds is the maximum lifetime permitted for the certificate.

Kubelet copies this value verbatim into the PodCertificateRequests it generates for this projection.

If omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver will reject values shorter than 3600 (1 hour). The maximum allowable value is 7862400 (91 days).

The signer implementation is then free to issue a certificate with any lifetime shorter than MaxExpirationSeconds, but no shorter than 3600 seconds (1 hour). This constraint is enforced by kube-apiserver. kubernetes.io signers will never issue certificates with a lifetime longer than 24 hours.

Declaration
[JsonPropertyName("maxExpirationSeconds")]
public int? MaxExpirationSeconds { get; set; }
Property Value
Type Description
int?
View Source

SignerName

Kubelet's generated CSRs will be addressed to this signer.

Declaration
[JsonPropertyName("signerName")]
public string SignerName { get; set; }
Property Value
Type Description
string

Methods

View Source

Equals(object?)

Declaration
public override bool Equals(object? obj)
Parameters
Type Name Description
object obj
Returns
Type Description
bool
Overrides
View Source

Equals(V1PodCertificateProjection?)

Declaration
public virtual bool Equals(V1PodCertificateProjection? other)
Parameters
Type Name Description
V1PodCertificateProjection other
Returns
Type Description
bool
View Source

GetHashCode()

Declaration
public override int GetHashCode()
Returns
Type Description
int
Overrides
View Source

PrintMembers(StringBuilder)

Declaration
protected virtual bool PrintMembers(StringBuilder builder)
Parameters
Type Name Description
StringBuilder builder
Returns
Type Description
bool
View Source

ToString()

Declaration
public override string ToString()
Returns
Type Description
string
Overrides

Operators

View Source

operator ==(V1PodCertificateProjection?, V1PodCertificateProjection?)

Declaration
public static bool operator ==(V1PodCertificateProjection? left, V1PodCertificateProjection? right)
Parameters
Type Name Description
V1PodCertificateProjection left
V1PodCertificateProjection right
Returns
Type Description
bool
View Source

operator !=(V1PodCertificateProjection?, V1PodCertificateProjection?)

Declaration
public static bool operator !=(V1PodCertificateProjection? left, V1PodCertificateProjection? right)
Parameters
Type Name Description
V1PodCertificateProjection left
V1PodCertificateProjection right
Returns
Type Description
bool

Implements