constants

Documentation

Overview

Package constants contains the constants used by Constellation. Constants should never be overwritable by command line flags or configuration files.

Index

• Constants
• Variables

Constants

const (

	// ConstellationNameLength is the maximum length of a Constellation's name.
	ConstellationNameLength = 37
	// ConstellationMasterSecretStoreName is the name for the Constellation secrets in Kubernetes.
	ConstellationMasterSecretStoreName = "constellation-mastersecret"
	// ConstellationMasterSecretKey is the name of the key for the master secret in the master secret kubernetes secret.
	ConstellationMasterSecretKey = "mastersecret"
	// ConstellationSaltKey is the name of the key for the salt in the master secret kubernetes secret.
	ConstellationSaltKey = "salt"

	// JoinServicePort is the port for reaching the join service within Kubernetes.
	JoinServicePort = 9090
	// JoinServiceNodePort is the port for reaching the join service outside of Kubernetes.
	JoinServiceNodePort       = 30090
	VerifyServicePortHTTP     = 8080
	VerifyServicePortGRPC     = 9090
	VerifyServiceNodePortHTTP = 30080
	VerifyServiceNodePortGRPC = 30081
	// KMSPort is the port the KMS server listens on.
	KMSPort          = 9000
	BootstrapperPort = 9000
	KubernetesPort   = 6443
	RecoveryPort     = 9999
	EnclaveSSHPort   = 2222
	SSHPort          = 22
	NVMEOverTCPPort  = 8009
	DebugdPort       = 4000
	KonnectivityPort = 8132
	// Default NodePort Range
	// https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
	NodePortFrom = 30000
	NodePortTo   = 32767

	//
	// Filenames.
	//
	ClusterIDsFileName            = "constellation-id.json"
	ConfigFilename                = "constellation-conf.yaml"
	LicenseFilename               = "constellation.license"
	DebugdConfigFilename          = "cdbg-conf.yaml"
	AdminConfFilename             = "constellation-admin.conf"
	MasterSecretFilename          = "constellation-mastersecret.json"
	ControlPlaneAdminConfFilename = "/etc/kubernetes/admin.conf"
	KubeadmCertificateDir         = "/etc/kubernetes/pki"
	KubectlPath                   = "/run/state/bin/kubectl"

	// ServiceBasePath is the base path for the mounted micro service's files.
	ServiceBasePath = "/var/config"
	// MeasurementsFilename is the filename of CC measurements.
	MeasurementsFilename = "measurements"
	// EnforcedPCRsFilename is the filename for a list PCRs that are required to pass attestation.
	EnforcedPCRsFilename = "enforcedPCRs"
	// MeasurementSaltFilename is the filename of the salt used in creation of the clusterID.
	MeasurementSaltFilename = "measurementSalt"
	// MeasurementSecretFilename is the filename of the secret used in creation of the clusterID.
	MeasurementSecretFilename = "measurementSecret"
	// IDKeyDigestFilename is the name of the file holding the currently enforced idkeydigest.
	IDKeyDigestFilename = "idkeydigest"
	// EnforceIDKeyDigestFilename is the name of the file configuring whether idkeydigest is enforced or not.
	EnforceIDKeyDigestFilename = "enforceIdKeyDigest"
	// AzureCVM is the name of the file indicating whether the cluster is expected to run on CVMs or not.
	AzureCVM = "azureCVM"
	// K8sVersion is the filename of the mapped "k8s-version" configMap file.
	K8sVersion = "k8s-version"

	MinControllerCount = 1
	MinWorkerCount     = 1

	KubernetesJoinTokenTTL = 15 * time.Minute
	ConstellationNamespace = "kube-system"
	JoinConfigMap          = "join-config"
	InternalConfigMap      = "internal-config"

	HelmNamespace = "kube-system"

	// S3PublicBucket contains measurements & releases.
	S3PublicBucket = "https://public-edgeless-constellation.s3.us-east-2.amazonaws.com/"
	// CosignPublicKey signs all our releases.
	CosignPublicKey = `` /* 178-byte string literal not displayed */

)

Variables

var VersionInfo = "0.0.0"

VersionInfo is the version of a binary. Left as a separate variable to allow override during build.