ops

package
v0.0.0-...-3bfe646 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 28, 2023 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetTrustedCluster 

func GetTrustedCluster(key ops.SiteKey, operator Operator) (storage.TrustedCluster, error)

GetTrustedCluster returns a trusted cluster representing the Ops Center the specified site is connected to, currently only 1 is supported

func GetWizardTrustedCluster 

func GetWizardTrustedCluster(key ops.SiteKey, operator Operator) (storage.TrustedCluster, error)

GetWizardTrustedCluster returns a trusted cluster representing the wizard Ops Center the specified site is connected to

func NewOpsCenterConfig 

func NewOpsCenterConfig(p OpsCenterConfigParams) ([]runtime.Object, error)

NewOpsCenterConfig generates Ops Center config based on provided parameters

func ServicesFromEndpoints 

func ServicesFromEndpoints(endpoints storage.Endpoints) (publicService *v1.Service, agentsService *v1.Service, err error)

ServicesFromEndpoints returns Kubernetes specs for user and cluster traffic services based on the provided cluster endpoints

Types

type AcceptRemoteClusterRequest 

type AcceptRemoteClusterRequest struct {
	// Site defines everything required to create a copy of it on the remote
	// Ops Center
	Site SiteCopy `json:"site_copy"`
	// SiteAgent is a user the cluster wants to associate itself with on the Ops
	// Center side.
	//
	// OpsCenter will replicate this user locally so that the cluster can query
	// trust details as well as be able to update (rotate) the user.
	SiteAgent storage.RemoteAccessUser `json:"user"`
	// HandshakeToken specifies the token to use for handshaking
	HandshakeToken string `json:"handshake_token"`
	// TLSCertAuthorityPackage is cert authority package with the CA of the
	// remote cluster
	TLSCertAuthorityPackage []byte `json:"tls_ca_package"`
}

AcceptRemoteClusterRequest defines a request from a remote site to add itself as a local deployment. It describes how to create a local site entry and contains a handshake token so that the request can be verified

func (*AcceptRemoteClusterRequest) Check 

func (r *AcceptRemoteClusterRequest) Check() error

Check validates this request

func (AcceptRemoteClusterRequest) String 

func (r AcceptRemoteClusterRequest) String() string

String returns a string representation of a request

type AcceptRemoteClusterResponse 

type AcceptRemoteClusterResponse struct {
	// User defines the user OpsCenter created as a result of accepting this site.
	// After a successful handshake, the site will replicate this user locally
	// and use it to pull trust details and rotate the user itself
	User storage.RemoteAccessUser
}

AcceptRemoteClusterResponse defines the response of the OpsCenter accepting a new remote site after it has validated the request

type CheckLicenseRequest 

type CheckLicenseRequest struct {
	// License is a license string to check
	License string `json:"license"`
	// Type is an optional license type
	Type string `json:"type,omitempty"`
}

CheckLicenseRequest is a request to check a license

type ClusterCopyRequest 

type ClusterCopyRequest struct {
	// AccountID is the account ID
	AccountID string `json:"account_id"`
	// ClusterName is the name of the requested cluster
	ClusterName string `json:"cluster_name"`
	// OperationID is the install operation ID
	OperationID string `json:"operation_id"`
	// OpsURL is the URL of the remote Ops Center
	OpsURL string `json:"ops_url"`
	// OpsToken is the remote Ops Center auth token
	OpsToken string `json:"ops_token"`
}

ClusterCopyRequest is a request to clone cluster data from remote Ops Center

type DeleteTrustedClusterRequest 

type DeleteTrustedClusterRequest struct {
	// AccountID is the cluster account ID
	AccountID string `json:"account_id"`
	// ClusterName is the name of the local cluster
	ClusterName string `json:"cluster_name"`
	// TrustedClusterName is the name of the trusted cluster to delete
	TrustedClusterName string `json:"trusted_cluster_name"`
	// Delay, if not zero, specifies TTL for trusted cluster and
	// all related objects instead of deleting immediately
	Delay time.Duration `json:"delay"`
}

DeleteTrustedClusterRequest is a request to delete a trusted cluster

func (*DeleteTrustedClusterRequest) Check 

func (r *DeleteTrustedClusterRequest) Check() error

Check makes sure the request is valid

func (*DeleteTrustedClusterRequest) SiteKey 

func (r *DeleteTrustedClusterRequest) SiteKey() ops.SiteKey

SiteKey returns a site key from this request

func (DeleteTrustedClusterRequest) String 

func (r DeleteTrustedClusterRequest) String() string

String returns the request's string representation

type DownloadUpdateRequest 

type DownloadUpdateRequest struct {
	// AccountID is the site account ID
	AccountID string `json:"account_id"`
	// SiteDomain is the site domain name
	SiteDomain string `json:"site_domain"`
	// Application is the application to download
	Application loc.Locator `json:"application"`
}

DownloadUpdateRequest is a request to download a newer app version to gravity site

func (*DownloadUpdateRequest) SiteKey 

func (r *DownloadUpdateRequest) SiteKey() ops.SiteKey

SiteKey returns a site key from this request

type EnablePeriodicUpdatesRequest 

type EnablePeriodicUpdatesRequest struct {
	// AccountID is the site account ID
	AccountID string `json:"account_id"`
	// SiteDomain is the site domain name
	SiteDomain string `json:"site_domain"`
	// Interval is the periodic update interval
	Interval time.Duration `json:"interval,omitempty"`
}

EnablePeriodicUpdatesRequest is a request to turn periodic updates on or update the interval

func (*EnablePeriodicUpdatesRequest) CheckAndSetDefaults 

func (r *EnablePeriodicUpdatesRequest) CheckAndSetDefaults() error

CheckAndSetDefaults verifies the request to enable periodic updates is correct

func (EnablePeriodicUpdatesRequest) SiteKey 

func (r EnablePeriodicUpdatesRequest) SiteKey() ops.SiteKey

SiteKey is a shortcut to extract site key from this request

type Endpoints 

type Endpoints interface {
	// GetClusterEndpoints returns the cluster management endpoints such
	// as control panel advertise address and agents advertise address
	GetClusterEndpoints(ops.SiteKey) (storage.Endpoints, error)
	// UpdateClusterEndpoints updates the cluster management endpoints
	UpdateClusterEndpoints(context.Context, ops.SiteKey, storage.Endpoints) error
}

Endpoints defines cluster endpoints management interface

type Identity 

type Identity interface {
	// UpsertRole creates a new role or updates an existing one
	UpsertRole(ctx context.Context, key ops.SiteKey, role services.Role) error
	// GetRole returns a role by name
	GetRole(key ops.SiteKey, name string) (services.Role, error)
	// GetRoles returns all roles
	GetRoles(key ops.SiteKey) ([]services.Role, error)
	// DeleteRole deletes a role by name
	DeleteRole(ctx context.Context, key ops.SiteKey, name string) error
	// UpsertOIDCConnector creates or updates an OIDC connector
	UpsertOIDCConnector(ctx context.Context, key ops.SiteKey, connector services.OIDCConnector) error
	// GetOIDCConnector returns an OIDC connector by name
	GetOIDCConnector(key ops.SiteKey, name string, withSecrets bool) (services.OIDCConnector, error)
	// GetOIDCConnectors returns all OIDC connectors
	GetOIDCConnectors(key ops.SiteKey, withSecrets bool) ([]services.OIDCConnector, error)
	// DeleteOIDCConnector deletes an OIDC connector by name
	DeleteOIDCConnector(ctx context.Context, key ops.SiteKey, name string) error
	// UpsertSAMLConnector creates or updates a SAML connector
	UpsertSAMLConnector(ctx context.Context, key ops.SiteKey, connector services.SAMLConnector) error
	// GetSAMLConnector returns a SAML connector by name
	GetSAMLConnector(key ops.SiteKey, name string, withSecrets bool) (services.SAMLConnector, error)
	// GetSAMLConnectors returns all SAML connectors
	GetSAMLConnectors(key ops.SiteKey, withSecrets bool) ([]services.SAMLConnector, error)
	// DeleteSAMLConnector deletes a SAML connector by name
	DeleteSAMLConnector(ctx context.Context, key ops.SiteKey, name string) error
}

Identity provides methods for managing roles and auth connectors

type Licenses 

type Licenses interface {
	// NewLicense generates a new license signed with this Ops Center CA
	NewLicense(context.Context, NewLicenseRequest) (string, error)
	// CheckSiteLicense makes sure the license installed on cluster is correct
	CheckSiteLicense(context.Context, ops.SiteKey) error
	// UpdateLicense updates license installed on cluster and runs a respective app hook
	UpdateLicense(context.Context, UpdateLicenseRequest) error
	// GetLicenseCA returns CA certificate Ops Center uses to sign licenses
	GetLicenseCA() ([]byte, error)
}

Licenses defines available operations with cluster licenses

type NewLicenseRequest 

type NewLicenseRequest struct {
	// MaxNodes is a maximum amount of nodes supported by the license.
	MaxNodes int `json:"max_nodes"`
	// ValidFor is a validity duration for the license, in Go's duration format.
	ValidFor time.Duration `json:"valid_for"`
	// StopApp indicates whether an application should be stopped when license expires
	StopApp bool `json:"stop_app"`
}

NewLicenseRequest is a request to generate a new license.

func (NewLicenseRequest) Validate 

func (r NewLicenseRequest) Validate() error

Validate makes sure that request for a new license is sane.

type Operator 

type Operator interface {
	// Operator is the open-source operator interface
	ops.Operator
	// OpsCenter provides Ops Center specific methods
	OpsCenter
	// Endpoints provides cluster endpoints management methods
	Endpoints
	// PeriodicUpdates provides methods for checking/downloading updates
	PeriodicUpdates
	// TrustedCluster provides methods for managing trusted clusters
	TrustedClusters
	// RemoteSupport provides methods for managing cluster access
	RemoteSupport
	// Licenses provides cluster license management methods
	Licenses
	// Identity provides methods for managing roles and auth connectors
	Identity
}

Operator extends the open-source operator interface with additional enterprise functionality

type OpsCenter 

type OpsCenter interface {
	// RegisterAgent is called by install agents to determine who's installer
	// and who's joining agent when installing via Ops Center
	RegisterAgent(RegisterAgentRequest) (*RegisterAgentResponse, error)
	// RequestClusterCopy replicates the cluster specified in the provided request
	// and its data from the remote Ops Center
	//
	// It is used in Ops Center initiated installs when installer process does
	// not have the cluster and operation state locally (because the operation
	// was created in the Ops Center along with the cluster and all other data).
	//
	// The following things are replicated: cluster, install operation and its
	// progress entry, both admin and regular cluster agents, expand token.
	RequestClusterCopy(ClusterCopyRequest) error
}

OpsCenter defines methods specific to installation via Ops Center

type OpsCenterConfigParams 

type OpsCenterConfigParams struct {
	// AdvertiseAddr is the Ops Center advertise addr
	AdvertiseAddr string
	// Devmode is whether devmode should be on
	Devmode bool
}

OpsCenterConfigParams contains parameters for Ops Center config generation

type PeriodicUpdates 

type PeriodicUpdates interface {
	// EnablePeriodicUpdates turns periodic updates for the cluster on or
	// updates the interval
	EnablePeriodicUpdates(context.Context, EnablePeriodicUpdatesRequest) error
	// DisablePeriodicUpdates turns periodic updates for the cluster off and
	// stops the update fetch loop if it's running
	DisablePeriodicUpdates(context.Context, ops.SiteKey) error
	// StartPeriodicUpdates starts periodic updates check
	StartPeriodicUpdates(ops.SiteKey) error
	// StopPeriodicUpdates stops periodic updates check without disabling it
	// (so they will be resumed when the process restarts for example)
	StopPeriodicUpdates(ops.SiteKey) error
	// PeriodicUpdatesStatus returns the status of periodic updates for the
	// cluster
	PeriodicUpdatesStatus(ops.SiteKey) (*PeriodicUpdatesStatusResponse, error)
	// CheckForUpdates checks with remote OpsCenter if there is a newer version
	// of the installed application
	CheckForUpdate(ops.SiteKey) (*loc.Locator, error)
	// DownloadUpdates downloads the provided application version from remote
	// Ops Center
	DownloadUpdate(context.Context, DownloadUpdateRequest) error
}

PeriodicUpdates interface provides methods for checking for and downloading newer app versions to gravity site as well as configuring periodic updates

type PeriodicUpdatesStatusResponse 

type PeriodicUpdatesStatusResponse struct {
	// Enabled is whether the periodic updates are enabled
	Enabled bool `json:"enabled"`
	// Interval is the periodic updates interval
	Interval time.Duration `json:"interval"`
	// NextCheck is the timestamp of the upcoming updates check
	NextCheck time.Time `json:"next_check"`
}

PeriodicUpdatesStatusResponse describes periodic updates status for a site

type RegisterAgentRequest 

type RegisterAgentRequest struct {
	// AccountID is the operation account ID
	AccountID string `json:"account_id"`
	// ClusterName is the name of the cluster being installed
	ClusterName string `json:"cluster_name"`
	// OperationID is the ID of install operation
	OperationID string `json:"operation_id"`
	// AgentID is the unique agent ID
	AgentID string `json:"agent_id"`
	// AdvertiseIP is the advertise IP of the registering agent
	AdvertiseIP string `json:"advertise_ip"`
}

RegisterAgentRequest is a request to register install agent

func (RegisterAgentRequest) SiteOperationKey 

func (r RegisterAgentRequest) SiteOperationKey() ops.SiteOperationKey

SiteOperationKey makes an operation key from this request

func (RegisterAgentRequest) String 

func (r RegisterAgentRequest) String() string

String returns the request's string representation

type RegisterAgentResponse 

type RegisterAgentResponse struct {
	// InstallerID is the unique ID of the installer agent
	InstallerID string `json:"installer_id"`
	// InstallerIP is the advertise IP of the current installer process
	InstallerIP string `json:"installer_ip"`
}

RegisterAgentResponse is the agent registration response

func (RegisterAgentResponse) String 

func (r RegisterAgentResponse) String() string

String returns the response's string representation

type RemoteSupport 

type RemoteSupport interface {
	// AcceptRemoteCluster defines the handshake between a remote cluster and this
	// Ops Center.
	//
	// If the handshake is successful, the Ops Center will create a local entry
	// for the specified cluster and return a user that can be used to query
	// trust details as well as rotate (update) itself.
	AcceptRemoteCluster(AcceptRemoteClusterRequest) (*AcceptRemoteClusterResponse, error)
	// RemoveRemoteCluster removes the cluster entry specified in the request
	RemoveRemoteCluster(RemoveRemoteClusterRequest) error
}

RemoteSupport interface manages remote access to this Ops Center

type RemoveRemoteClusterRequest 

type RemoveRemoteClusterRequest struct {
	// AccountID is the system account ID
	AccountID string `json:"account_id"`
	// ClusterName is the name of the cluster to remove
	ClusterName string `json:"cluster_name"`
	// HandshakeToken is the authorization token
	HandshakeToken string `json:"handshake_token"`
}

RemoveRemoteClusterRequest is a request that a cluster sends to the Ops Center when disconnecting itself from it

func (*RemoveRemoteClusterRequest) SiteKey 

func (r *RemoveRemoteClusterRequest) SiteKey() ops.SiteKey

SiteKey returns a SiteKey from this request

func (RemoveRemoteClusterRequest) String 

func (r RemoveRemoteClusterRequest) String() string

String returns a string representation of a request

type SimpleGravityConfig 

type SimpleGravityConfig struct {
	Users   processconfig.Users     `json:"users"`
	Mode    string                  `json:"mode"`
	Pack    SimplePackServiceConfig `json:"pack"`
	Devmode bool                    `json:"devmode"`
}

SimpleGravityConfig is a simplified gravity.yaml config used to generate opscenter configuration

type SimplePackServiceConfig 

type SimplePackServiceConfig struct {
	Enabled             bool   `json:"enabled"`
	AdvertiseAddr       string `json:"advertise_addr"`
	PublicAdvertiseAddr string `json:"public_advertise_addr"`
}

SimplePackServiceConfig config is a simplified pack service config

func (SimplePackServiceConfig) GetAddr 

func (c SimplePackServiceConfig) GetAddr() string

GetAddr returns the configured advertise addr

func (SimplePackServiceConfig) GetPublicAddr 

func (c SimplePackServiceConfig) GetPublicAddr() string

GetPublicAddr returns the configured public advertise addr

type SimpleTeleportConfig 

type SimpleTeleportConfig struct {
	Auth  telecfg.Auth  `yaml:"auth_service" json:"auth_service"`
	Proxy telecfg.Proxy `yaml:"proxy_service" json:"proxy_service"`
}

SimpleTeleportConfig is a simple teleport config

type SiteCopy 

type SiteCopy struct {
	// Site is the cluster to replicate
	storage.Site `json:"site"`
	// SiteOperation is the cluster install operation
	storage.SiteOperation `json:"operation"`
	// ProgressEntry is the cluster install operation progress
	storage.ProgressEntry `json:"entry"`
}

SiteCopy defines a subset of attributes necessary to replicate a cluster in a remote Ops Center

type TrustedClusters 

type TrustedClusters interface {
	// UpsertTrustedCluster creates or updates a trusted cluster
	UpsertTrustedCluster(context.Context, ops.SiteKey, storage.TrustedCluster) error
	// DeleteTrustedCluster deletes a trusted cluster by name
	DeleteTrustedCluster(context.Context, DeleteTrustedClusterRequest) error
	// GetTrustedClusters returns a list of configured trusted clusters
	GetTrustedClusters(ops.SiteKey) ([]storage.TrustedCluster, error)
	// GetTrustedCluster returns trusted cluster by name
	GetTrustedCluster(key ops.SiteKey, name string) (storage.TrustedCluster, error)
}

TrustedClusters defines an interface for managing cluster access via remote Ops Centers using Teleport's trusted clusters concept

type UpdateLicenseRequest 

type UpdateLicenseRequest struct {
	// AccountID is the ID of the account the site belongs to
	AccountID string `json:"account_id"`
	// SiteDomain is the site name to update the license for
	SiteDomain string `json:"site_domain"`
	// License is the new license
	License string `json:"license"`
}

UpdateLicenseRequest is a request to update site's license

Source Files

View all Source files

Directories

Path Synopsis
resources
gravity
tele

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.