Documentation ¶
Index ¶
- Constants
- Variables
- func PermissionDenied(internalDetails string) error
- func RetryAfter(t time.Time) error
- func Unauthenticated(publicReason string) error
- func Unavailable(internal error) error
- func ValidateInstanceUUIDForm(s string) error
- func ValidateModuleSHA256Form(s string) error
- type AccessConfig
- type Authorizer
- type Config
- type Instance
- func (inst *Instance) Connect(ctx Context, r io.Reader, w io.WriteCloser) error
- func (inst *Instance) ID() string
- func (inst *Instance) Kill(ctx Context) error
- func (inst *Instance) Status() *api.Status
- func (inst *Instance) Suspend(ctx Context) error
- func (inst *Instance) Wait(ctx Context) (status *api.Status)
- type InstanceConnector
- type InstancePolicy
- type InstanceServices
- type NoAccess
- func (NoAccess) Authorize(ctx Context) (Context, error)
- func (NoAccess) AuthorizeInstance(ctx Context, _ *ResourcePolicy, _ *InstancePolicy) (Context, error)
- func (NoAccess) AuthorizeProgram(ctx Context, _ *ResourcePolicy, _ *ProgramPolicy) (Context, error)
- func (NoAccess) AuthorizeProgramInstance(ctx Context, _ *ResourcePolicy, _ *ProgramPolicy, _ *InstancePolicy) (Context, error)
- func (NoAccess) AuthorizeProgramInstanceSource(ctx Context, _ *ResourcePolicy, _ *ProgramPolicy, _ *InstancePolicy, _ string) (Context, error)
- func (NoAccess) AuthorizeProgramSource(ctx Context, _ *ResourcePolicy, _ *ProgramPolicy, _ string) (Context, error)
- type ProgramPolicy
- type PublicAccess
- func (*PublicAccess) Authorize(ctx Context) (Context, error)
- func (a *PublicAccess) AuthorizeInstance(ctx Context, res *ResourcePolicy, inst *InstancePolicy) (Context, error)
- func (a *PublicAccess) AuthorizeProgram(ctx Context, res *ResourcePolicy, prog *ProgramPolicy) (Context, error)
- func (a *PublicAccess) AuthorizeProgramInstance(ctx Context, res *ResourcePolicy, prog *ProgramPolicy, inst *InstancePolicy) (Context, error)
- func (a *PublicAccess) AuthorizeProgramInstanceSource(ctx Context, res *ResourcePolicy, prog *ProgramPolicy, inst *InstancePolicy, ...) (Context, error)
- func (a *PublicAccess) AuthorizeProgramSource(ctx Context, res *ResourcePolicy, prog *ProgramPolicy, _ string) (Context, error)
- type ResourcePolicy
- type Server
- func (s *Server) DebugInstance(ctx Context, instance string, req *api.DebugRequest) (_ *api.DebugResponse, err error)
- func (s *Server) DeleteInstance(ctx Context, instance string) (err error)
- func (s *Server) Features() *api.Features
- func (s *Server) InstanceConnection(ctx Context, instance string) (_ api.Instance, _ func(Context, io.Reader, io.WriteCloser) *api.Status, ...)
- func (s *Server) InstanceInfo(ctx Context, instance string) (_ *api.InstanceInfo, err error)
- func (s *Server) Instances(ctx Context) (_ *api.Instances, err error)
- func (s *Server) KillInstance(ctx Context, instance string) (_ api.Instance, err error)
- func (s *Server) ModuleContent(ctx Context, module string) (stream io.ReadCloser, length int64, err error)
- func (s *Server) ModuleInfo(ctx Context, module string) (_ *api.ModuleInfo, err error)
- func (s *Server) Modules(ctx Context) (_ *api.Modules, err error)
- func (s *Server) NewInstance(ctx Context, module string, launch *api.LaunchOptions) (_ api.Instance, err error)
- func (s *Server) PinModule(ctx Context, module string, know *api.ModuleOptions) (err error)
- func (s *Server) ResumeInstance(ctx Context, instance string, resume *api.ResumeOptions) (_ api.Instance, err error)
- func (s *Server) Shutdown(ctx Context) error
- func (s *Server) Snapshot(ctx Context, instance string, know *api.ModuleOptions) (module string, err error)
- func (s *Server) SourceModule(ctx Context, uri string, know *api.ModuleOptions) (module string, err error)
- func (s *Server) SourceModuleInstance(ctx Context, uri string, know *api.ModuleOptions, launch *api.LaunchOptions) (module string, _ api.Instance, err error)
- func (s *Server) SuspendInstance(ctx Context, instance string) (_ api.Instance, err error)
- func (s *Server) UUID() string
- func (s *Server) UnpinModule(ctx Context, module string) (err error)
- func (s *Server) UpdateInstance(ctx Context, instance string, update *api.InstanceUpdate) (_ *api.InstanceInfo, err error)
- func (s *Server) UploadModule(ctx Context, upload *api.ModuleUpload, know *api.ModuleOptions) (module string, err error)
- func (s *Server) UploadModuleInstance(ctx Context, upload *api.ModuleUpload, know *api.ModuleOptions, ...) (_ string, _ api.Instance, err error)
- func (s *Server) WaitInstance(ctx Context, instID string) (_ *api.Status, err error)
Constants ¶
const ( DefaultMaxModules = 64 DefaultMaxProcs = 4 DefaultTotalStorageSize = 256 * 1024 * 1024 DefaultTotalResidentSize = 64 * 1024 * 1024 DefaultMaxModuleSize = 32 * 1024 * 1024 DefaultMaxTextSize = 16 * 1024 * 1024 DefaultMaxMemorySize = 32 * 1024 * 1024 DefaultStackSize = wa.PageSize DefaultTimeResolution = time.Second / 100 )
Variables ¶
var DefaultAccessConfig = AccessConfig{ ResourcePolicy{ DefaultMaxModules, DefaultMaxProcs, DefaultTotalStorageSize, DefaultTotalResidentSize, }, ProgramPolicy{ DefaultMaxModuleSize, DefaultMaxTextSize, DefaultStackSize, }, InstancePolicy{ DefaultMaxMemorySize, DefaultStackSize, DefaultTimeResolution, nil, }, }
Functions ¶
func PermissionDenied ¶
PermissionDenied error. The details are not exposed to the client.
func RetryAfter ¶
RetryAfter creates a TooManyRequests error with the earliest time when the request should be retried.
func Unauthenticated ¶
Unauthenticated error. The reason will be shown to the client.
func Unavailable ¶
Unavailable service error. The details are not exposed to the client.
Types ¶
type AccessConfig ¶
type AccessConfig struct { ResourcePolicy ProgramPolicy InstancePolicy }
AccessConfig utility for Authorizer implementations. InstancePolicy.Services must be set explicitly, other fields have defaults.
func (*AccessConfig) ConfigureInstance ¶
func (config *AccessConfig) ConfigureInstance(p *InstancePolicy)
func (*AccessConfig) ConfigureProgram ¶
func (config *AccessConfig) ConfigureProgram(p *ProgramPolicy)
func (*AccessConfig) ConfigureResource ¶
func (config *AccessConfig) ConfigureResource(p *ResourcePolicy)
type Authorizer ¶
type Authorizer interface { Authorize(Context) (Context, error) AuthorizeProgram(Context, *ResourcePolicy, *ProgramPolicy) (Context, error) AuthorizeProgramSource(Context, *ResourcePolicy, *ProgramPolicy, string) (Context, error) AuthorizeInstance(Context, *ResourcePolicy, *InstancePolicy) (Context, error) AuthorizeProgramInstance(Context, *ResourcePolicy, *ProgramPolicy, *InstancePolicy) (Context, error) AuthorizeProgramInstanceSource(Context, *ResourcePolicy, *ProgramPolicy, *InstancePolicy, string) (Context, error) // contains filtered or unexported methods }
Authorizer and moderator of server access.
The methods should return Unauthenticated, PermissionDenied or Unavailable errors to signal successful prevention of access. Other types of errors are interpreted as failures of the authorization mechanism. Returning a nil error grants access.
An implementation should adjust the ResourcePolicy, ProgramPolicy and InstancePolicy objects' fields. The limits are enforced automatically by the server, which may also lead to denial of access.
Principal id can be obtained using the principal.ContextID(Context) function. If it is nil, the request didn't contain credentials, and the access should be denied unless the policy allows anonymous access. If the principal id is non-nil, it should be checked unless the policy allows access to everyone.
An implementation may choose to discriminate based on server operation type. It can be obtained using the ContextOp(Context) function.
Authorizer may be expanded with new methods (prefixed with the Authorize namespace) also between major releases. Implementations must inherit methods from a concrete access authorization type, and must not add unrelated methods with the Authorize prefix to avoid breakage. The conservative choice is to inherit from NoAccess. That way, new functionality will be effectively disabled.
type Config ¶
type Config struct { UUID string ImageStorage image.Storage Inventory model.Inventory ProcessFactory runtime.ProcessFactory AccessPolicy Authorizer ModuleSources map[string]source.Source SourceCache model.SourceCache OpenDebugLog func(string) io.WriteCloser // StartSpan within trace context, ending when endSpan is called. Nil // links must be ignored. [trace.ContextAutoLinks] must also be respected. StartSpan func(_ Context, op api.Op, links ...*trace.Link) (_ Context, endSpan func(Context)) // AddEvent to the current trace span, or outside of trace but in relation // to [trace.ContextAutoLinks]. AddEvent func(Context, *event.Event, error) }
type Instance ¶
type Instance struct {
// contains filtered or unexported fields
}
func (*Instance) Connect ¶
Connect to a running instance. Disconnection happens when context is canceled, the instance stops running, or the program closes the connection.
func (*Instance) Suspend ¶
Suspend the instance and make it non-transient.
type InstanceConnector ¶
type InstanceConnector interface { // Connect allocates a new I/O stream. The returned function is to be used // to transfer data between a network connection and the instance. If it's // non-nil, a connection was established. Connect(Context) func(Context, io.Reader, io.WriteCloser) error // Close causes currently blocked and future Connect calls to return nil. // Established connections will not be closed. Close() error }
type InstancePolicy ¶
type InstancePolicy struct { MaxMemorySize int // Linear memory growth limit. StackSize int // Including system/runtime overhead. TimeResolution time.Duration // Granularity of time functions. // Services function defines which services are discoverable by the // instance. Services func(Context) InstanceServices }
type InstanceServices ¶
type InstanceServices interface { InstanceConnector runtime.ServiceRegistry }
func NewInstanceServices ¶
func NewInstanceServices(c InstanceConnector, r runtime.ServiceRegistry) InstanceServices
type NoAccess ¶
type NoAccess struct{}
NoAccess permitted to any resource.
func (NoAccess) AuthorizeInstance ¶
func (NoAccess) AuthorizeInstance(ctx Context, _ *ResourcePolicy, _ *InstancePolicy) (Context, error)
func (NoAccess) AuthorizeProgram ¶
func (NoAccess) AuthorizeProgram(ctx Context, _ *ResourcePolicy, _ *ProgramPolicy) (Context, error)
func (NoAccess) AuthorizeProgramInstance ¶
func (NoAccess) AuthorizeProgramInstance(ctx Context, _ *ResourcePolicy, _ *ProgramPolicy, _ *InstancePolicy) (Context, error)
func (NoAccess) AuthorizeProgramInstanceSource ¶
func (NoAccess) AuthorizeProgramInstanceSource(ctx Context, _ *ResourcePolicy, _ *ProgramPolicy, _ *InstancePolicy, _ string) (Context, error)
func (NoAccess) AuthorizeProgramSource ¶
func (NoAccess) AuthorizeProgramSource(ctx Context, _ *ResourcePolicy, _ *ProgramPolicy, _ string) (Context, error)
type ProgramPolicy ¶
type PublicAccess ¶
type PublicAccess struct {
AccessConfig
}
PublicAccess authorization for everyone, including anonymous requests. Configurable resource limits.
func NewPublicAccess ¶
func NewPublicAccess(services func(Context) InstanceServices) *PublicAccess
func (*PublicAccess) Authorize ¶
func (*PublicAccess) Authorize(ctx Context) (Context, error)
func (*PublicAccess) AuthorizeInstance ¶
func (a *PublicAccess) AuthorizeInstance(ctx Context, res *ResourcePolicy, inst *InstancePolicy) (Context, error)
func (*PublicAccess) AuthorizeProgram ¶
func (a *PublicAccess) AuthorizeProgram(ctx Context, res *ResourcePolicy, prog *ProgramPolicy) (Context, error)
func (*PublicAccess) AuthorizeProgramInstance ¶
func (a *PublicAccess) AuthorizeProgramInstance(ctx Context, res *ResourcePolicy, prog *ProgramPolicy, inst *InstancePolicy) (Context, error)
func (*PublicAccess) AuthorizeProgramInstanceSource ¶
func (a *PublicAccess) AuthorizeProgramInstanceSource(ctx Context, res *ResourcePolicy, prog *ProgramPolicy, inst *InstancePolicy, _ string) (Context, error)
func (*PublicAccess) AuthorizeProgramSource ¶
func (a *PublicAccess) AuthorizeProgramSource(ctx Context, res *ResourcePolicy, prog *ProgramPolicy, _ string) (Context, error)
type ResourcePolicy ¶
type ResourcePolicy struct { MaxModules int // Pinned module limit. MaxProcs int // Active instance limit. TotalStorageSize int // Sum of pinned module and metadata sizes. TotalResidentSize int // Sum of all memory mapping and buffer sizes. }
TODO: ResourcePolicy is not yet enforced by server
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
func (*Server) DebugInstance ¶
func (s *Server) DebugInstance(ctx Context, instance string, req *api.DebugRequest) (_ *api.DebugResponse, err error)
func (*Server) DeleteInstance ¶
func (*Server) InstanceConnection ¶
func (*Server) InstanceInfo ¶
func (s *Server) InstanceInfo(ctx Context, instance string) (_ *api.InstanceInfo, err error)
func (*Server) KillInstance ¶
func (*Server) ModuleContent ¶
func (*Server) ModuleInfo ¶
func (s *Server) ModuleInfo(ctx Context, module string) (_ *api.ModuleInfo, err error)
func (*Server) NewInstance ¶
func (*Server) PinModule ¶
func (s *Server) PinModule(ctx Context, module string, know *api.ModuleOptions) (err error)
func (*Server) ResumeInstance ¶
func (*Server) Snapshot ¶
func (*Server) SourceModule ¶
func (*Server) SourceModuleInstance ¶
func (s *Server) SourceModuleInstance(ctx Context, uri string, know *api.ModuleOptions, launch *api.LaunchOptions) (module string, _ api.Instance, err error)
func (*Server) SuspendInstance ¶
func (*Server) UpdateInstance ¶
func (s *Server) UpdateInstance(ctx Context, instance string, update *api.InstanceUpdate) (_ *api.InstanceInfo, err error)
func (*Server) UploadModule ¶
func (s *Server) UploadModule(ctx Context, upload *api.ModuleUpload, know *api.ModuleOptions) (module string, err error)
func (*Server) UploadModuleInstance ¶
func (s *Server) UploadModuleInstance(ctx Context, upload *api.ModuleUpload, know *api.ModuleOptions, launch *api.LaunchOptions) (_ string, _ api.Instance, err error)