Documentation
¶
Index ¶
- func CreateDownstreamTLSContext(requireClientCerts bool) *tlsv3.DownstreamTlsContext
- func CreateTransportSocket(upstreamOrDownstreamTLSContext proto.Message) (*corev3.TransportSocket, error)
- func CreateUpstreamTLSContext(namespace string, serviceAccountName string, requireClientCerts bool) *tlsv3.UpstreamTlsContext
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateDownstreamTLSContext ¶
func CreateDownstreamTLSContext(requireClientCerts bool) *tlsv3.DownstreamTlsContext
CreateDownstreamTLSContext configures: 1. gRPC server TLS certificate provider 2. Envoy static secret name for TLS certificates and private keys 3. Certificate authorities (CAs) to validate gRPC client certificates.
func CreateTransportSocket ¶
func CreateTransportSocket(upstreamOrDownstreamTLSContext proto.Message) (*corev3.TransportSocket, error)
CreateTransportSocket creates a TLS transport socket for LDS Listeners and CDS Clusters.
func CreateUpstreamTLSContext ¶
func CreateUpstreamTLSContext(namespace string, serviceAccountName string, requireClientCerts bool) *tlsv3.UpstreamTlsContext
CreateUpstreamTLSContext configures: 1. gRPC client TLS certificate provider 2. Envoy static secret name for TLS certificates and private keys 3. Certificate authorities (CAs) to validate gRPC server certificates, including server authorization. Important: Assumes that the client application k8s Service account name matches the application name!
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.