Documentation
¶
Index ¶
- Constants
- func GetIstioComponentNamespace(component string) string
- func GetIstioNamespaces(exclude []string) []string
- func GetSignedTokenString(claims jwt.Claims) (string, error)
- func IsIstioNamespace(namespace string) bool
- func Marshal(conf *Config) (yamlString string, err error)
- func SaveToFile(filename string, conf *Config) (err error)
- func Set(conf *Config)
- func ValidateToken(tokenString string) (string, error)
- type ApiConfig
- type ApiDocAnnotations
- type ApiDocumentation
- type ApiNamespacesConfig
- type Auth
- type AuthConfig
- type Config
- type DeploymentConfig
- type ExternalServices
- type GrafanaConfig
- type GrafanaDashboardConfig
- type GrafanaVariablesConfig
- type IanaClaims
- type IstioComponentNamespaces
- type IstioConfig
- type IstioLabels
- type KubernetesConfig
- type LDAPConfig
- type LoginToken
- type PrometheusConfig
- type Server
- type ThreeScaleConfig
- type TokenGenerated
- type TracingConfig
Constants ¶
View Source
const ( EnvActiveNamespace = "ACTIVE_NAMESPACE" EnvApiDocAnnotationNameApiType = "APIDOC_ANNOTATION_NAME_API_TYPE" EnvApiDocAnnotationNameApiSpec = "APIDOC_ANNOTATION_NAME_API_SPEC" EnvApiNamespacesExclude = "API_NAMESPACES_EXCLUDE" EnvAuthStrategy = "AUTH_STRATEGY" EnvAuthSuffixCAFile = "_CA_FILE" EnvAuthSuffixInsecureSkipVerify = "_INSECURE_SKIP_VERIFY" EnvAuthSuffixPassword = "_PASSWORD" EnvAuthSuffixToken = "_TOKEN" EnvAuthSuffixType = "_AUTH_TYPE" EnvAuthSuffixUseKialiToken = "_USE_KIALI_TOKEN" EnvAuthSuffixUsername = "_USERNAME" EnvGrafanaEnabled = "GRAFANA_ENABLED" EnvGrafanaInClusterURL = "GRAFANA_IN_CLUSTER_URL" EnvGrafanaURL = "GRAFANA_URL" EnvIdentityCertFile = "IDENTITY_CERT_FILE" EnvIdentityPrivateKeyFile = "IDENTITY_PRIVATE_KEY_FILE" EnvInCluster = "IN_CLUSTER" EnvInstallationTag = "KIALI_INSTALLATION_TAG" EnvIstioComponentNamespaces = "ISTIO_COMPONENT_NAMESPACES" EnvIstioIdentityDomain = "ISTIO_IDENTITY_DOMAIN" EnvIstioLabelNameApp = "ISTIO_LABEL_NAME_APP" EnvIstioLabelNameVersion = "ISTIO_LABEL_NAME_VERSION" EnvIstioNamespace = "ISTIO_NAMESPACE" EnvIstioSidecarAnnotation = "ISTIO_SIDECAR_ANNOTATION" EnvIstioUrlServiceVersion = "ISTIO_URL_SERVICE_VERSION" EnvKubernetesBurst = "KUBERNETES_BURST" EnvKubernetesQPS = "KUBERNETES_QPS" EnvKubernetesCacheEnabled = "KUBERNETES_CACHE_ENABLED" EnvKubernetesCacheDuration = "KUBERNETES_CACHE_DURATION" EnvLdapBase = "LDAP_BASE" EnvLdapBindDN = "LDAP_BIND_DN" EnvLdapGroupFilter = "LDAP_GROUP_FILTER" EnvLdapHost = "LDAP_HOST" EnvLdapInsecureSkipVerify = "LDAP_INSECURE_SKIP_VERIFY" EnvLdapMailIdKey = "LDAP_MAIL_ID_KEY" EnvLdapMemberOfKey = "LDAP_MEMBER_OF_KEY" EnvLdapPort = "LDAP_PORT" EnvLdapRoleFilter = "LDAP_ROLE_FILTER" EnvLdapSearchFilter = "LDAP_SEARCH_FILTER" EnvLdapUserFilter = "LDAP_USER_FILTER" EnvLdapUserIdKey = "LDAP_USER_ID_KEY" EnvLdapUseSSL = "LDAP_USE_SSL" EnvLoginTokenExpirationSeconds = "LOGIN_TOKEN_EXPIRATION_SECONDS" EnvLoginTokenSigningKey = "LOGIN_TOKEN_SIGNING_KEY" EnvNamespaceLabelSelector = "NAMESPACE_LABEL_SELECTOR" EnvPrometheusCustomMetricsURL = "PROMETHEUS_CUSTOM_METRICS_URL" EnvPrometheusServiceURL = "PROMETHEUS_SERVICE_URL" EnvServerAddress = "SERVER_ADDRESS" EnvServerAuditLog = "SERVER_AUDIT_LOG" EnvServerCORSAllowAll = "SERVER_CORS_ALLOW_ALL" EnvServerGzipEnabled = "SERVER_GZIP_ENABLED" EnvServerMetricsPort = "SERVER_METRICS_PORT" EnvServerMetricsEnabled = "SERVER_METRICS_ENABLED" EnvServerPort = "SERVER_PORT" EnvServerStaticContentRootDirectory = "SERVER_STATIC_CONTENT_ROOT_DIRECTORY" EnvThreeScaleAdapterName = "THREESCALE_ADAPTER_NAME" EnvThreeScaleServiceName = "THREESCALE_SERVICE_NAME" EnvThreeScaleServicePort = "THREESCALE_SERVICE_PORT" EnvTracingEnabled = "TRACING_ENABLED" EnvTracingInClusterURL = "TRACING_IN_CLUSTER_URL" EnvTracingServiceNamespace = "TRACING_SERVICE_NAMESPACE" EnvTracingServicePort = "TRACING_SERVICE_PORT" EnvTracingURL = "TRACING_URL" EnvWebRoot = "SERVER_WEB_ROOT" )
Environment vars can define some default values. This list is ALPHABETIZED for readability.
View Source
const ( IstioVersionSupported = ">= 1.0" MaistraVersionSupported = ">= 0.7.0" OSSMVersionSupported = ">= 1.0" )
The versions that Kiali requires
View Source
const ( AuthStrategyOpenshift = "openshift" AuthStrategyLogin = "login" AuthStrategyAnonymous = "anonymous" AuthStrategyLDAP = "ldap" TokenCookieName = "kiali-token" AuthStrategyOpenshiftIssuer = "kiali-openshift" AuthStrategyLoginIssuer = "kiali-login" // These constants are used for external services auth (Prometheus, Grafana ...) ; not for Kiali auth AuthTypeBasic = "basic" AuthTypeBearer = "bearer" AuthTypeNone = "none" )
The valid auth strategies and values for cookie handling
View Source
const ( LoginSecretUsername = "/kiali-secret/username" LoginSecretPassphrase = "/kiali-secret/passphrase" )
the paths we expect the login secret to be located
View Source
const (
IstioMultiClusterHostSuffix = "global"
)
Variables ¶
This section is empty.
Functions ¶
func GetIstioComponentNamespace ¶ added in v1.4.0
GetIstioComponentNamespace returns the Istio component namespace (defaulting to IstioNamespace)
func GetIstioNamespaces ¶ added in v1.4.0
GetIstioNamespaces returns all Istio namespaces, less the exclusions
func GetSignedTokenString ¶ added in v0.16.0
func IsIstioNamespace ¶ added in v1.4.0
IsIstioNamespace returns true if the namespace is the default istio namespace or an Istio component namespace
func SaveToFile ¶
SaveToFile converts the Config object and stores its YAML string into the given file, overwriting any data that is in the file.
func Set ¶
func Set(conf *Config)
Set the global Config This function should not be called outside of main or tests. If possible keep config unmutated and use globals and/or appstate package for mutable states to avoid concurrent writes risk.
func ValidateToken ¶
ValidateToken checks if the input token is still valid
Types ¶
type ApiConfig ¶ added in v0.9.1
type ApiConfig struct {
Namespaces ApiNamespacesConfig
}
ApiConfig contains API specific configuration.
type ApiDocAnnotations ¶ added in v1.3.0
type ApiDocAnnotations struct {
ApiTypeAnnotationName string `yaml:"api_type_annotation_name,omitempty" json:"apiTypeAnnotationName"`
ApiSpecAnnotationName string `yaml:"api_spec_annotation_name,omitempty" json:"apiSpecAnnotationName"`
}
ApiDocAnnotations contains the annotation names used for API documentation
type ApiDocumentation ¶ added in v1.3.0
type ApiDocumentation struct {
Annotations ApiDocAnnotations `yaml:"annotations,omitempty" json:"annotations"`
}
ApiDocumentation is the top level configuration for API documentation
type ApiNamespacesConfig ¶ added in v0.9.1
type ApiNamespacesConfig struct {
Exclude []string
LabelSelector string `yaml:"label_selector,omitempty" json:"labelSelector"`
}
ApiNamespacesConfig provides a list of regex strings defining namespaces to blacklist.
type Auth ¶ added in v0.21.0
type Auth struct {
Type string `yaml:"type"`
Username string `yaml:"username"`
Password string `yaml:"password"`
Token string `yaml:"token"`
UseKialiToken bool `yaml:"use_kiali_token"`
CAFile string `yaml:"ca_file"`
InsecureSkipVerify bool `yaml:"insecure_skip_verify"`
}
Auth provides authentication data for external services
type AuthConfig ¶ added in v0.16.0
type AuthConfig struct {
Strategy string `yaml:"strategy,omitempty"`
LDAP LDAPConfig `yaml:"ldap,omitempty"`
}
AuthConfig provides details on how users are to authenticate
type Config ¶
type Config struct {
Identity security.Identity `yaml:",omitempty"`
Server Server `yaml:",omitempty"`
InCluster bool `yaml:"in_cluster,omitempty"`
ExternalServices ExternalServices `yaml:"external_services,omitempty"`
LoginToken LoginToken `yaml:"login_token,omitempty"`
IstioNamespace string `yaml:"istio_namespace,omitempty"` // default component namespace
IstioComponentNamespaces IstioComponentNamespaces `yaml:"istio_component_namespaces,omitempty"`
InstallationTag string `yaml:"installation_tag,omitempty"`
IstioLabels IstioLabels `yaml:"istio_labels,omitempty"`
KubernetesConfig KubernetesConfig `yaml:"kubernetes_config,omitempty"`
API ApiConfig `yaml:"api,omitempty"`
Auth AuthConfig `yaml:"auth,omitempty"`
Deployment DeploymentConfig `yaml:"deployment,omitempty"`
ApiDocumentation ApiDocumentation `yaml:"apidocs,omitempty"`
}
Config defines full YAML configuration.
func LoadFromFile ¶
LoadFromFile reads the YAML from the given file, parses the content, and returns its Config object representation.
type DeploymentConfig ¶ added in v0.21.0
type DeploymentConfig struct {
AccessibleNamespaces []string `yaml:"accessible_namespaces"`
Namespace string `yaml:"namespace,omitempty"` // Kiali deployment namespace
}
DeploymentConfig provides details on how Kiali was deployed.
type ExternalServices ¶
type ExternalServices struct {
Istio IstioConfig `yaml:"istio,omitempty"`
Prometheus PrometheusConfig `yaml:"prometheus,omitempty"`
Grafana GrafanaConfig `yaml:"grafana,omitempty"`
Tracing TracingConfig `yaml:"tracing,omitempty"`
ThreeScale ThreeScaleConfig `yaml:"threescale,omitempty"`
}
ExternalServices holds configurations for other systems that Kiali depends on
type GrafanaConfig ¶
type GrafanaConfig struct {
// Enable or disable Grafana support in Kiali
Enabled bool `yaml:"enabled"`
InClusterURL string `yaml:"in_cluster_url"`
URL string `yaml:"url"`
Auth Auth `yaml:"auth"`
Dashboards []GrafanaDashboardConfig `yaml:"dashboards"`
}
GrafanaConfig describes configuration used for Grafana links
type GrafanaDashboardConfig ¶ added in v1.5.0
type GrafanaDashboardConfig struct {
Name string `yaml:"name"`
Variables GrafanaVariablesConfig `yaml:"variables"`
}
type GrafanaVariablesConfig ¶ added in v1.5.0
type GrafanaVariablesConfig struct {
Namespace string `yaml:"namespace" json:"namespace,omitempty"`
App string `yaml:"app" json:"app,omitempty"`
Service string `yaml:"service" json:"service,omitempty"`
Version string `yaml:"version" json:"version,omitempty"`
Workload string `yaml:"workload" json:"workload,omitempty"`
}
type IanaClaims ¶ added in v0.16.0
type IanaClaims struct {
SessionId string `json:"sid,omitempty"`
jwt.StandardClaims
}
Structured version of Claims Section, as referenced at https://tools.ietf.org/html/rfc7519#section-4.1 See examples for how to use this with your own claim types
func GetTokenClaimsIfValid ¶ added in v0.16.0
func GetTokenClaimsIfValid(tokenString string) (*IanaClaims, error)
type IstioComponentNamespaces ¶ added in v1.4.0
IstioComponentNamespaces holds the component-specific Istio namespaces. Any missing component defaults to the namespace configured for IstioNamespace (which itself defaults to 'istio-system').
type IstioConfig ¶
type IstioConfig struct {
UrlServiceVersion string `yaml:"url_service_version"`
IstioIdentityDomain string `yaml:"istio_identity_domain,omitempty"`
IstioSidecarAnnotation string `yaml:"istio_sidecar_annotation,omitempty"`
}
IstioConfig describes configuration used for istio links
type IstioLabels ¶ added in v0.7.0
type IstioLabels struct {
AppLabelName string `yaml:"app_label_name,omitempty" json:"appLabelName"`
VersionLabelName string `yaml:"version_label_name,omitempty" json:"versionLabelName"`
}
IstioLabels holds configuration about the labels required by Istio
type KubernetesConfig ¶ added in v0.9.0
type KubernetesConfig struct {
Burst int `yaml:"burst,omitempty"`
QPS float32 `yaml:"qps,omitempty"`
CacheEnabled bool `yaml:"cache_enabled,omitempty"`
CacheDuration int64 `yaml:"cache_duration,omitempty"`
}
KubernetesConfig holds the k8s client configuration
type LDAPConfig ¶ added in v1.4.0
type LDAPConfig struct {
LDAPBase string `yaml:"ldap_base,omitempty"`
LDAPBindDN string `yaml:"ldap_bind_dn,omitempty"`
LDAPInsecureSkipVerify bool `yaml:"ldap_insecure_skip_verify,omitempty"`
LDAPGroupFilter string `yaml:"ldap_group_filter,omitempty"`
LDAPHost string `yaml:"ldap_host,omitempty"`
LDAPMailIDKey string `yaml:"ldap_mail_id_key,omitempty"`
LDAPMemberOfKey string `yaml:"ldap_member_of_key,omitempty"`
LDAPPort int `yaml:"ldap_port,omitempty"`
LDAPRoleFilter string `yaml:"ldap_role_filter,omitempty"`
LDAPSearchFilter string `yaml:"ldap_search_filter,omitempty"`
LDAPUserFilter string `yaml:"ldap_user_filter,omitempty"`
LDAPUserIDKey string `yaml:"ldap_user_id_key,omitempty"`
LDAPUseSSL bool `yaml:"ldap_use_ssl,omitempty"`
}
LDAPConfig provides the details of the LDAP related configuration
type LoginToken ¶ added in v0.6.0
type LoginToken struct {
SigningKey string `yaml:"signing_key,omitempty"`
ExpirationSeconds int64 `yaml:"expiration_seconds,omitempty"`
}
LoginToken holds config used in token-based authentication
type PrometheusConfig ¶ added in v0.18.0
type PrometheusConfig struct {
URL string `yaml:"url,omitempty"`
CustomMetricsURL string `yaml:"custom_metrics_url,omitempty"`
Auth Auth `yaml:"auth,omitempty"`
}
PrometheusConfig describes configuration of the Prometheus component
type Server ¶
type Server struct {
Address string `yaml:",omitempty"`
AuditLog bool `yaml:"audit_log,omitempty"`
CORSAllowAll bool `yaml:"cors_allow_all,omitempty"`
Credentials security.Credentials `yaml:",omitempty"`
GzipEnabled bool `yaml:"gzip_enabled,omitempty"`
MetricsEnabled bool `yaml:"metrics_enabled,omitempty"`
MetricsPort int `yaml:"metrics_port,omitempty"`
Port int `yaml:",omitempty"`
StaticContentRootDirectory string `yaml:"static_content_root_directory,omitempty"`
WebRoot string `yaml:"web_root,omitempty"`
}
Server configuration
type ThreeScaleConfig ¶ added in v0.20.0
type ThreeScaleConfig struct {
AdapterName string `yaml:"adapter_name"`
AdapterService string `yaml:"adapter_service"`
AdapterPort string `yaml:"adapter_port"`
}
ThreeScaleConfig describes configuration used for 3Scale adapter
type TokenGenerated ¶
type TokenGenerated struct {
Username string `json:"username"`
Token string `json:"token"`
ExpiresOn time.Time `json:"expiresOn"`
}
func GenerateToken ¶
func GenerateToken(username string) (TokenGenerated, error)
GenerateToken generates a signed token with an expiration of <ExpirationSeconds> seconds
type TracingConfig ¶ added in v0.20.0
type TracingConfig struct {
// Enable autodiscover and Jaeger in Kiali
Enabled bool `yaml:"enabled"`
Namespace string `yaml:"namespace"`
Service string `yaml:"service"`
Port int32 `yaml:"port"`
URL string `yaml:"url"`
Auth Auth `yaml:"auth"`
InClusterURL string `yaml:"in_cluster_url"`
// Path store the value of QUERY_BASE_PATH
Path string `yaml:"-"`
}
TracingConfig describes configuration used for tracing links
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.