README
¶
Neco is a project to build and maintain highly automated on-premise data centers using Kubernetes at the center of its system. The project is led by a CNCF Silver member Cybozu which is also known as Kintone in the United States.
Neco is also the name of the architecture for systems built on the deliverables of the project.
Please read about Project Neco: Building Cloud Native On-Premise Data Centers.
Table of Contents:
Resources
Blogs
- English: https://blog.kintone.io/archive/category/neco
- Japanese: https://blog.cybozu.io/archive/category/Neco
Repositories
The project consists of a lot of repositories including:
- cybozu-go/neco: The main repository.
- cybozu-go/neco-apps: Kubernetes application manifests for Argo CD.
- cybozu/neco-containers: Dockerfiles to build container images.
- cybozu-go/sabakan: Versatile network boot server.
- cybozu-go/cke: Cybozu Kubernetes Engine.
- cybozu-go/coil: CNI plugin in favor of UNIX philosophy.
- cybozu-go/topolvm: Capacity-aware CSI plugin using LVM.
- cybozu-go/placemat: Virtual data center construction tool.
System overview
A Neco data center consists of a few (from 3 to 5) management servers called boot sever and thousands of servers for a Kubernetes cluster; pretty big, huh? In fact, Neco is designed to manage such large clusters.
Boot servers
Boot servers are symmetrical with each other except for host names and IP addresses.
All persistent data are stored in an etcd cluster. Thanks to etcd, adding or removing a boot server can be done easily.
Sabakan is a network boot server that supports DHCP and HTTP. It can also manage an inventory of Node servers and assign IP addresses automatically. Node servers should use UEFI HTTP boot to load Flatcar from sabakan.
CKE, or Cybozu Kubernetes Engines, is a CNCF certified Kubernetes installer. It queries Node server status to Sabakan and chooses Nodes to construct Kubernetes control plane and worker nodes. TLS certificates required for Kubernetes are issued by Vault.
Boot servers are set up using a custom Ubuntu installer. installer directory contains the tools to build the custom installer.
Neco Continuous Delivery System (Neco CD)
To bootstrap and maintain boot servers, a simple continuous delivery system called Neco CD is implemented in this repository.
Neco CD consists of these programs and artifacts:
neco-updater: a daemon to watch GitHub and notifyneco-workerof new artifacts.neco-worker: a daemon to install/update programs on a boot server.neco: CLI tool to bootstrap and configure boot servers.- Neco debian package: archive of program binaries to be installed on boot servers.
Debian packages are built by CircleCI and released on GitHub releases.
Read docs/cicd.md for details.
Kubernetes
A Kubernetes cluster created with CKE is a vanilla installation; it almost has nothing useful.
We have selected a set of applications such as MetalLB, Calico, or Teleport to make the vanilla Kubernetes fully featured. The manifests of the applications are maintained in neco-apps repository and continuously delivered by Argo CD.
Network
Design
Network of Neco is designed with these goals:
- Bare-metal performance, i.e., no overlays like VXLAN
- Scalability, especially for east-west traffic
- Vendor neutrality
The data center network for Neco should employ leaf-spine topology. More specifically, each data center rack works as an autonomous system (AS) and exchanges routes with BGP.
Since BGP is a layer-3 routing protocol, use of layer-2 can be limited within a single rack.
Node BGP and redundancy
Kubernetes nodes need to route packets for Pods. Without overlay networking, this means that each node needs to advertise routing information. In Neco, each node runs BIRD to speak BGP and advertise routes for Pods.
For high availability, network links must be redundant. Therefore, Neco requires that each rack has two Top-of-Rack (ToR) switches and each server has two ethernet links. To reduce convergence time of BGP, BFD is used together.
This means that ToR switches and node servers in a rack are all BGP speakers and need to connect each other as iBGP peers. To make configurations simple and flexible, ToR switches are configured as route reflectors.
The two ToR switches are independent; each has its own managing subnet. As a result, each server has two IP addresses for each ToR switch. To tolerate single link or ToR switch failure, the server has another IP address called the node address with /32 netmask and advertises it via BGP.
DHCP and location of boot servers
UEFI HTTP Boot requires a DHCP server which requires layer-2 broadcast domain. Without DHCP relay servers, a dedicated server must be run as a boot server for each rack because layer-2 domain does not span racks.
If ToR switches can provide DHCP relay, this requirement can be relaxed.
Tests
Virtual data center
To make continuous delivery reliable enough, thorough and comprehensive system tests need to be performed. Since Neco is the system to bootstrap and maintain an on-premise data center, this means that the tests should do the same thing, that is, to bootstrap and maintain a data center!
To simulate an on-premise data center, we have created placemat, a tool to construct a virtual data center using containers, virtual machines and Linux network stacks.
The virtual data center implements the aforementioned leaf-spine networks with BGP routers. To create the virtual data center, run the following commands on Ubuntu 20.04:
$ sudo add-apt-repository ppa:smoser/swtpm
$ echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/ /' | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
$ curl -fsSL https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_20.04/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_stable.gpg > /dev/null
$ wget -O - https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
$ sudo apt update
$ sudo apt install -y build-essential systemd-container lldpd qemu qemu-kvm socat picocom swtpm cloud-utils bird2 squid chrony dnsmasq jq freeipmi-tools unzip skopeo fakeroot docker-ce docker-ce-cli containerd.io
$ wget https://github.com/qemu/qemu/raw/master/pc-bios/bios.bin
$ wget https://github.com/qemu/qemu/raw/master/pc-bios/bios-256k.bin
$ sudo install -m 0644 -b bios.bin bios-256k.bin /usr/share/seabios/
$ wget https://github.com/cybozu-go/placemat/releases/download/v2.2.0/placemat2_2.2.0_amd64.deb
$ sudo dpkg -i ./placemat2_2.2.0_amd64.deb
$ git clone https://github.com/cybozu-go/neco
$ cd neco/dctest
$ make setup
$ make placemat
$ make test
- To login a boot server in the virtual data center, run
./dcssh boot-0. - To stop and delete the virtual data center, run
make stop.
The setup commands above are examined on a GCP VM based on the Ubuntu 20.04 disk image. Some more setup steps are needed for the GCP environment.
- Enable nested virtualization by creating a custom image.
- Select a machine configuration with many vCPUs and much memory, e.g. n1-standard-32.
- Mount an additional local SSD scratch disk at
/var/scratch. - Stop and disable
systemd-resolved.serviceand prepareresolv.conf. - Install the latest Go and set
GOPATH.
Large tests
dctest directory contains test suites to run large tests using the virtual data center. Details are described in docs/dctest.md.
Middle/Small tests
Other than large tests, this repository contains smaller tests that can be run as follows:
- Setup the environment by
make setup. This is a one shot job. - Run etcd by
make start-etcd - Run tests by
go test -v -count 1 -race ./... - Stop etcd by
make stop-etcd
Directories
Other than Go packages, this repository has the following directories:
Documentation
¶
Index ¶
- Constants
- Variables
- func BootNode0IP(lrn int) net.IP
- func DisableService(ctx context.Context, name string) error
- func DisableTimer(ctx context.Context, name string) error
- func EtcdClient() (*clientv3.Client, error)
- func EtcdEndpoints(lrns []int) []string
- func GetDebianVersion(pkg string) (string, error)
- func IsActiveService(ctx context.Context, name string) (bool, error)
- func MyCluster() (string, error)
- func MyLRN() (int, error)
- func NewGitHubClient(c *http.Client) *github.Client
- func OSCodename() (string, error)
- func RestartService(ctx context.Context, name string) error
- func RetryWithSleep(ctx context.Context, max int, d time.Duration, ...) error
- func ServiceFile(name string) string
- func SleepContext(ctx context.Context, d time.Duration) error
- func StartService(ctx context.Context, name string) error
- func StartTimer(ctx context.Context, name string) error
- func StopService(ctx context.Context, name string) error
- func StopTimer(ctx context.Context, name string) error
- func TimerFile(name string) string
- func UpdateCompleted(version string, lrns []int, statuses map[int]*UpdateStatus) bool
- func VaultClient(lrn int) (*api.Client, error)
- func WaitVaultLeader(ctx context.Context, vc *api.Client) error
- func WriteFile(filename string, data string) error
- type ArtifactSet
- type Bind
- type ContainerImage
- type ContainerRuntime
- type ContentsUpdateStatus
- type DebianPackage
- type HardwareType
- type ImageFetcher
- type OSImage
- type UpdateCondition
- type UpdateRequest
- type UpdateStatus
Constants ¶
const ( NecoDir = "/etc/neco" NecoDataDir = "/usr/share/neco" // NecoPrefix is the etcd key prefix for Neco tools. NecoPrefix = "/neco/" NecoPackageName = "neco" NecoUserAgent = "github.com/cybozu-go/neco" )
Neco params
const ( GitHubRepoOwner = "cybozu-go" GitHubRepoName = "neco" )
Neco repository
const ( EtcdDir = "/etc/etcd" EtcdUID = 10000 EtcdGID = 10000 EtcdDataDir = "/var/lib/etcd-container" EtcdBackupDir = "/var/lib/etcd-backup" EtcdService = "etcd-container" )
Etcd params
const ( VaultDir = "/etc/vault" VaultUID = 10000 VaultGID = 10000 CAServer = "ca/server" CAEtcdPeer = "ca/boot-etcd-peer" CAEtcdClient = "ca/boot-etcd-client" TTL100Year = "876000h" TTL10Year = "87600h" VaultService = "vault" // VaultPrefix is the etcd key prefix for vault. VaultPrefix = "/vault/" )
Vault params
const ( EtcdpasswdDir = "/etc/etcdpasswd" EtcdpasswdService = "ep-agent" EtcdpasswdPrefix = "/passwd/" )
Etcdpasswd params
const ( TeleportDir = "/etc/teleport" TeleportService = "teleport-node" )
Teleport params
const ( SabakanDir = "/etc/sabakan" SabakanService = "sabakan" SabakanPrefix = "/sabakan/" SabakanDataDir = "/var/lib/sabakan" SabakanLocalEndpoint = "http://127.0.0.1:10080" )
Sabakan params
const ( SerfService = "serf" SerfDir = "/etc/serf" )
Serf params
const ( CKEDir = "/etc/cke" CKEService = "cke" CKEPrefix = "/cke/" CKELocalProxyService = "cke-localproxy" )
CKE params
const ( PromtailDir = "/etc/promtail" PromtailService = "promtail" )
Promtail params
const ( NoneEnv = "none" TestEnv = "test" StagingEnv = "staging" ProdEnv = "prod" )
Environments to use release or pre-release neco
const ( CondNotRunning = iota CondRunning CondAbort CondComplete )
Possible update conditions.
const (
BashCompletionDir = "/etc/bash_completion.d"
)
Bash completion
const (
SabakanStateSetterService = "sabakan-state-setter"
)
SabakanStateSetter params
const (
SetupHWService = "setup-hw"
)
setup-hw params
const (
WorkerAssetsPath = "/usr/libexec/neco"
)
Assets path for worker node
Variables ¶
var ( RackFile = filepath.Join(NecoDir, "rack") ClusterFile = filepath.Join(NecoDir, "cluster") SabakanIPAMFile = filepath.Join(NecoDir, "sabakan_ipam.json") DCTestFile = filepath.Join(NecoDir, "dctest") ServerCAFile = "/usr/local/share/ca-certificates/neco.crt" ServerCertFile = filepath.Join(NecoDir, "server.crt") ServerKeyFile = filepath.Join(NecoDir, "server.key") EtcdPeerCAFile = filepath.Join(EtcdDir, "ca-peer.crt") EtcdClientCAFile = filepath.Join(EtcdDir, "ca-client.crt") EtcdPeerCertFile = filepath.Join(EtcdDir, "peer.crt") EtcdPeerKeyFile = filepath.Join(EtcdDir, "peer.key") EtcdConfFile = filepath.Join(EtcdDir, "etcd.conf.yml") EtcdBackupCertFile = filepath.Join(EtcdDir, "backup.crt") EtcdBackupKeyFile = filepath.Join(EtcdDir, "backup.key") VaultCertFile = filepath.Join(VaultDir, "etcd.crt") VaultKeyFile = filepath.Join(VaultDir, "etcd.key") VaultConfFile = filepath.Join(VaultDir, "config.hcl") EtcdpasswdCertFile = filepath.Join(EtcdpasswdDir, "etcd.crt") EtcdpasswdKeyFile = filepath.Join(EtcdpasswdDir, "etcd.key") EtcdpasswdConfFile = filepath.Join(EtcdpasswdDir, "config.yml") EtcdpasswdDropIn = "/etc/systemd/system/ep-agent.service.d/10-check-certificate.conf" TeleportConfFile = filepath.Join(TeleportDir, "teleport.yaml") SabakanCertFile = filepath.Join(SabakanDir, "etcd.crt") SabakanKeyFile = filepath.Join(SabakanDir, "etcd.key") SabakanConfFile = filepath.Join(SabakanDir, "config.yml") SabactlBin = "/usr/local/bin/sabactl" SabactlBashCompletionFile = filepath.Join(BashCompletionDir, "sabactl") SabakanDHCPJSONFile = filepath.Join(NecoDataDir, "dhcp.json") SerfConfFile = filepath.Join(SerfDir, "serf.json") CKECertFile = filepath.Join(CKEDir, "etcd.crt") CKEKeyFile = filepath.Join(CKEDir, "etcd.key") CKEConfFile = filepath.Join(CKEDir, "config.yml") CKECLIBin = "/usr/bin/ckecli" CKETemplateFile = filepath.Join(NecoDataDir, "cke-template.yml") CKETemplateFilePre = filepath.Join(NecoDataDir, "cke-template-pre.yml") CKEUserResourceFiles = []string{ filepath.Join(NecoDataDir, "namespaces.yml"), filepath.Join(NecoDataDir, "cilium.yaml"), filepath.Join(NecoDataDir, "coil.yaml"), filepath.Join(NecoDataDir, "unbound.yml"), filepath.Join(NecoDataDir, "squid.yml"), } CKEUserResourceFilesPre = []string{ filepath.Join(NecoDataDir, "namespaces.yml"), filepath.Join(NecoDataDir, "cilium-pre.yaml"), filepath.Join(NecoDataDir, "coil.yaml"), filepath.Join(NecoDataDir, "unbound.yml"), filepath.Join(NecoDataDir, "squid.yml"), } NecoCertFile = filepath.Join(NecoDir, "etcd.crt") NecoKeyFile = filepath.Join(NecoDir, "etcd.key") NecoConfFile = filepath.Join(NecoDir, "config.yml") NecoBin = "/usr/bin/neco" PromtailConfFile = filepath.Join(PromtailDir, "promtail.yaml") IgnitionDirectory = filepath.Join(NecoDataDir, "ignitions") )
File locations
var BootImages = []string{"etcd", "promtail", "setup-hw", "sabakan", "serf", "vault"}
BootImages is the list of container image names to be run on boot servers.
var CurrentArtifacts = ArtifactSet{ Images: []ContainerImage{ {Name: "coil", Repository: "ghcr.io/cybozu-go/coil", Tag: "2.0.14", Private: false}, {Name: "bird", Repository: "quay.io/cybozu/bird", Tag: "2.0.9.1", Private: false}, {Name: "chrony", Repository: "quay.io/cybozu/chrony", Tag: "4.2.0.1", Private: false}, {Name: "etcd", Repository: "quay.io/cybozu/etcd", Tag: "3.5.4.1", Private: false}, {Name: "promtail", Repository: "quay.io/cybozu/promtail", Tag: "2.5.0.1", Private: false}, {Name: "sabakan", Repository: "quay.io/cybozu/sabakan", Tag: "2.13.0", Private: false}, {Name: "serf", Repository: "quay.io/cybozu/serf", Tag: "0.9.7.1", Private: false}, {Name: "setup-hw", Repository: "quay.io/cybozu/setup-hw", Tag: "1.12.0", Private: true}, {Name: "squid", Repository: "quay.io/cybozu/squid", Tag: "5.4.1.1", Private: false}, {Name: "vault", Repository: "quay.io/cybozu/vault", Tag: "1.10.2.1", Private: false}, {Name: "cilium", Repository: "quay.io/cybozu/cilium", Tag: "1.11.5.1", Private: false}, {Name: "cilium-operator-generic", Repository: "quay.io/cybozu/cilium-operator-generic", Tag: "1.11.5.1", Private: false}, {Name: "hubble-relay", Repository: "quay.io/cybozu/hubble-relay", Tag: "1.11.5.1", Private: false}, {Name: "cilium-certgen", Repository: "quay.io/cybozu/cilium-certgen", Tag: "0.1.5.1", Private: false}, }, Debs: []DebianPackage{ {Name: "etcdpasswd", Owner: "cybozu-go", Repository: "etcdpasswd", Release: "v1.4.0"}, }, OSImage: OSImage{Channel: "stable", Version: "3139.2.1"}, }
var SabakanImages = []string{"bird", "chrony", "coil", "serf", "setup-hw", "squid", "cilium", "cilium-operator-generic", "hubble-relay", "cilium-certgen"}
SabakanImages is the list of container image names to be uploaded to sabakan.
Functions ¶
func BootNode0IP ¶
BootNode0IP returns IP address of node0 for bootserver
func DisableService ¶
DisableService disables the service.
func DisableTimer ¶
DisableTimer disables the timer.
func EtcdClient ¶
EtcdClient returns etcd client for Neco tools.
func EtcdEndpoints ¶
EtcdEndpoints returns a list of etcd endpoints for LRNs.
func GetDebianVersion ¶
GetDebianVersion returns debian package version.
func IsActiveService ¶
IsActiveService returns true if the service is active.
func NewGitHubClient ¶
NewGitHubClient returns a properly configured *github.Client.
func OSCodename ¶
OSCodename returns the OS release codename of the host. See man os-release e.g. bionic, focal
func RestartService ¶
RestartService restarts the service simply.
func RetryWithSleep ¶
func RetryWithSleep(ctx context.Context, max int, d time.Duration, f func(ctx context.Context) error, logger func(err error)) error
RetryWithSleep invoke f until it succeeds or reach to max.
func ServiceFile ¶
ServiceFile returns the filesystem path of a systemd service.
func SleepContext ¶
SleepContext sleeps for d, Returned err is not nil if ctx is canceled
func StartService ¶
StartService does following: 1. systemctl daemon-reload 2. systemctl enable NAME.service 3. systemctl start NAME.service
func StartTimer ¶
StartTimer does following: 1. systemctl daemon-reload 2. systemctl enable NAME.timer 3. systemctl start NAME.timer
func StopService ¶
StopService stops the service.
func UpdateCompleted ¶
func UpdateCompleted(version string, lrns []int, statuses map[int]*UpdateStatus) bool
UpdateCompleted returns true if the current update process has completed successfully.
func VaultClient ¶
VaultClient returns an authorized Vault client.
If "VAULT_TOKEN" environment variable is set, its value is used as the token to access Vault. Otherwise, this will ask the user Vault username and password.
func WaitVaultLeader ¶
WaitVaultLeader waits for Vault to elect a new leader after restart.
Vault wrongly recognizes that the old leader is still a leader after restarting all Vault servers at once. This is probably because the leader information is stored in etcd and Vault references that data to determine the current leader.
While a leader is not yet elected, still Vault servers forward requests to the old non-leader. What's bad is that although the old leader denies the forwarded requests, Vault's Go client library cannot return error.
Specifically, without this workaround, api.Client.Logical.Write() to issue certificates would return (nil, nil)!
Types ¶
type ArtifactSet ¶
type ArtifactSet struct {
// Container image list
Images []ContainerImage
// Debian package list
Debs []DebianPackage
// OSImage image version
OSImage OSImage
}
ArtifactSet represents a set of artifacts.
func (ArtifactSet) FindContainerImage ¶
func (a ArtifactSet) FindContainerImage(name string) (ContainerImage, error)
FindContainerImage finds a ContainerImage from name
func (ArtifactSet) FindDebianPackage ¶
func (a ArtifactSet) FindDebianPackage(name string) (DebianPackage, error)
FindDebianPackage finds a DebianPackage from name
type ContainerImage ¶
type ContainerImage struct {
// Name is a unique name of this object.
Name string
// Repository is a docker repository name.
Repository string
// Tag is the image tag.
Tag string
// Private indicates that there is a private version of this image.
Private bool
}
ContainerImage represents a Docker container image.
func ParseContainerImageName ¶
func ParseContainerImageName(name string) (ContainerImage, error)
ParseContainerImageName parses image name like "quay.io/cybozu/etcd:3.3.9-4"
func (ContainerImage) FullName ¶
func (c ContainerImage) FullName(hasSecret bool) string
FullName returns full container image name. hasSecret should be true if the system has credentials to access private images.
func (ContainerImage) MajorVersion ¶
func (c ContainerImage) MajorVersion() int
MajorVersion returns major version of this image.
func (ContainerImage) MarshalGo ¶
func (c ContainerImage) MarshalGo() string
MarshalGo formats the struct in Go syntax.
func (ContainerImage) NeedAuth ¶
func (c ContainerImage) NeedAuth() bool
NeedAuth returns true if fetching this image needs authentication
type ContainerRuntime ¶
type ContainerRuntime interface {
// ImageFullName returns the fully-qualified container image name.
// The result for private images may vary depending on whether the container runtime
// can access private image repositories.
ImageFullName(img ContainerImage) string
// Pull pulls the image.
Pull(ctx context.Context, img ContainerImage) error
// Run runs a container for the given image in front.
Run(ctx context.Context, img ContainerImage, binds []Bind, args []string) error
// Exec executes the given command in a running container named `name`.
// The returned error is the error returned by exec.Cmd.Run().
// If `stdio` is true, the command uses os.Stdin,out,err for I/O.
Exec(ctx context.Context, name string, stdio bool, command []string) error
// IsRunning returns true if there is a running container for the image.
IsRunning(img ContainerImage) (bool, error)
}
ContainerRuntime defines a set of operations to run containers on boot servers.
func GetContainerRuntime ¶
func GetContainerRuntime(proxy string) (ContainerRuntime, error)
GetContainerRuntime() returns the container runtime for the running server. proxy may be used for some container runtimes.
type ContentsUpdateStatus ¶
ContentsUpdateStatus represents update status of uploaded assets.
type DebianPackage ¶
type DebianPackage struct {
// Package name.
Name string
// Github Owner
Owner string
// GitHub repository.
Repository string
// GitHub releases (tag name).
Release string
}
DebianPackage represents a Debian package hosted in GitHub releases.
func (DebianPackage) MarshalGo ¶
func (deb DebianPackage) MarshalGo() string
MarshalGo formats the struct in Go syntax.
type HardwareType ¶
type HardwareType int
HardwareType represents
const ( HWTypeNil HardwareType = iota HWTypeVM HWTypeContainer HWTypeDell )
hardware type
func DetectHardware ¶
func DetectHardware() (HardwareType, error)
DetectHardware detects hardware type.
type ImageFetcher ¶
type ImageFetcher struct {
// contains filtered or unexported fields
}
ImageFetcher retrieves Docker image from registries.
func NewImageFetcher ¶
func NewImageFetcher(transport http.RoundTripper, auth authn.Authenticator) ImageFetcher
NewImageFetcher creates a new ImageFetcher. `transport` must not be nil. `auth` can be nil for public repositories.
func (ImageFetcher) GetTarball ¶
func (f ImageFetcher) GetTarball(ctx context.Context, img ContainerImage, w io.Writer) error
GetTarball fetches an image from the registry and write it as a tarball. The tarball can be loaded into Docker with `docker load`.
type OSImage ¶
OSImage represents Flatcar Container Linux kernel and initrd images.
type UpdateCondition ¶
type UpdateCondition int
UpdateCondition is the condition of the update process.
func (UpdateCondition) String ¶
func (c UpdateCondition) String() string
String implements io.Stringer
type UpdateRequest ¶
type UpdateRequest struct {
Version string `json:"version"`
Servers []int `json:"servers"`
Stop bool `json:"stop"`
StartedAt time.Time `json:"started_at"`
}
UpdateRequest represents request from neco-updater
func (UpdateRequest) IsMember ¶
func (r UpdateRequest) IsMember(lrn int) bool
IsMember returns true if a boot server is the member of this update request.
type UpdateStatus ¶
type UpdateStatus struct {
Version string `json:"version"`
Step int `json:"step"`
Cond UpdateCondition `json:"cond"`
Message string `json:"message"`
}
UpdateStatus represents status report from neco-worker
Source Files
Directories