Documentation ¶
Index ¶
Constants ¶
View Source
const ( // RemotePeerAuthorizationPath is the path remote peers use to send an authorization request. RemotePeerAuthorizationPath = "/authz" // ImportNameHeader holds the name of the imported service. ImportNameHeader = "x-import-name" // ImportNamespaceHeader holds the namespace of the imported service. ImportNamespaceHeader = "x-import-namespace" // ClientIPHeader holds the IP address of the source client. ClientIPHeader = "x-client-ip" // AuthorizationHeader holds a signed token allowing ingress connections to access the dataplane. AuthorizationHeader = "authorization" // TargetClusterHeader holds the name of the target cluster. TargetClusterHeader = "host" // AccessTokenHeader holds the access token for an exported service, sent back by the server. AccessTokenHeader = "x-access-token" // JWTSignatureAlgorithm defines the signing algorithm for JWT tokens. JWTSignatureAlgorithm = jwa.RS256 // ExportNameJWTClaim holds the name of the requested exported service. ExportNameJWTClaim = "export_name" // ExportNamespaceJWTClaim holds the namespace of the requested exported service. ExportNamespaceJWTClaim = "export_namespace" )
View Source
const ( // ControlplaneCluster is the cluster name of the controlplane gRPC server. ControlplaneCluster = "controlplane" // EgressRouterCluster is the cluster name of the internal egress router. EgressRouterCluster = "egress-router" // ExportClusterPrefix is the prefix of clusters representing exported services. ExportClusterPrefix = "export-" // RemotePeerClusterPrefix is the prefix of clusters representing remote peers. RemotePeerClusterPrefix = "remote-peer-" // EgressRouterListener is the listener name of the internal egress router. EgressRouterListener = "egress-router" // ImportListenerPrefix is the prefix of listeners representing imported services. ImportListenerPrefix = "import-" // IngressRouterListener is the listener name of the ingress router. IngressRouterListener = "ingress-router" // ValidationSecret is the secret name of the dataplane certificate validation context // (which includes the CA certificate). ValidationSecret = "validation" // CertificateSecret is the secret name of the dataplane certificate. CertificateSecret = "certificate" )
View Source
const (
// HeartbeatPath is the path for Heartbeat requests from remote peers.
HeartbeatPath = "/healthz"
)
View Source
const (
// ListenPort is the port used by the dataplane to access the controlplane.
ListenPort = 4444
)
Variables ¶
This section is empty.
Functions ¶
func ExportClusterName ¶
ExportClusterName returns the cluster name of an exported service.
func ImportListenerName ¶
ImportListenerName returns the listener name of an imported service.
func RemotePeerClusterName ¶
RemotePeerClusterName returns the cluster name of a remote peer.
Types ¶
type AuthorizationRequest ¶
type AuthorizationRequest struct { // ServiceName is the name of the requested exported service. ServiceName string // ServiceNamespace is the namespace of the requested exported service. ServiceNamespace string // Attributes of the source workload, to be used by the PDP on the remote peer SrcAttributes connectivitypdp.WorkloadAttrs }
AuthorizationRequest represents an authorization request for accessing an exported service.
Click to show internal directories.
Click to hide internal directories.