ops

package
v0.0.0-...-3bfe646 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 28, 2023 License: Apache-2.0 Imports: 50 Imported by: 21

Documentation

Overview

Site state transitions ----------------------

1. Site states transition schema during install

created -> install_initiated -> 

only if on prem provisioners:
   install_setting_plan ->
   instal_plan_set ->

install_provisioning -> install_provisioned -> install_deploying -> 

(if ok ) -> active
(if failed during any of the stages) -> failed

2. Site states transition during uninstall

uninstall_in_progress -> 

(if ok ) -> created
(if failed during any of the stages) -> failed

Progress indicator transitions -------------------------------

in_progress -> 

failed
or
completed

Index

Constants

View Source 
const (
	// SiteLabelName defines the name of the cluster name label
	SiteLabelName = "Name"
	// SystemRepository is the system package repository
	SystemRepository = "gravitational.io"
	// ProgressStateCompleted signifies the operation completed progress value
	ProgressStateCompleted = "completed"
	// ProgressStateInProgress signifies the operation in-progress progress value
	ProgressStateInProgress = "in_progress"
	// ProgressStateFailed signifies the operation failed progress value
	ProgressStateFailed = "failed"
	// ServiceAccountTokenSecretType defines the secret type for service account tokens
	//nolint:gosec // not a hardcoded credential
	ServiceAccountTokenSecretType = "kubernetes.io/service-account-token"

	// SiteStateNotInstalled is a state where a site has just been created or uninstalled and
	// no active operation for it is in progress
	SiteStateNotInstalled = "not_installed"
	// SiteStateFailed indicates that the site is in an invalid state, e.g. its installation
	// or uninstallation failed
	SiteStateFailed = "failed"
	// SiteStateActive means that a site is properly deployed and its application is functional
	SiteStateActive = "active"
	// SiteStateInstalling means that the site is being installed
	SiteStateInstalling = "installing"
	// SiteStateUpdating means that there's an update operation in progress
	SiteStateUpdating = "updating"
	// SiteStateExpanding means that the site is being expanded
	SiteStateExpanding = "expanding"
	// SiteStateShrinking means that the site is being shrunk
	SiteStateShrinking = "shrinking"
	// SiteStateUninstalling means that the site is being uninstalled
	SiteStateUninstalling = "uninstalling"
	// SiteStateGarbageCollecting is the state of the cluster when it's removing unused resources
	SiteStateGarbageCollecting = "collecting_garbage"
	// SiteStateUpdatingEnviron is the state of the cluster when it's updating runtime environment variables on nodes
	SiteStateUpdatingEnviron = "updating_cluster_environ"
	// SiteStateUpdatingConfig is the state of the cluster when it's updating configuration
	SiteStateUpdatingConfig = "updating_cluster_config"
	// SiteStateReconfiguring is the state of the cluster when its advertise IP is being reconfigured
	SiteStateReconfiguring = "reconfiguring"
	// SiteStateDegraded means that the application installed on a deployed site is failing its health check
	SiteStateDegraded = "degraded"
	// SiteStateOffline means that OpsCenter cannot connect to remote site
	SiteStateOffline = "offline"

	// OperationInstall identifies the install operation
	OperationInstall = "operation_install"
	// OperationStateInstallInitiated signifies the install operation initiated state
	OperationStateInstallInitiated = "install_initiated"
	// OperationStateInstallPrechecks signifies the install operation prechecks state
	OperationStateInstallPrechecks = "install_prechecks"
	// OperationStateInstallProvisioning signifies the install operation provisioning state
	OperationStateInstallProvisioning = "install_provisioning"
	// OperationStateInstallDeploying signifies the install operation deploying state
	OperationStateInstallDeploying = "install_deploying"

	// OperationReconfigure is the name of the operation that reconfigures
	// the cluster advertise IP.
	OperationReconfigure = "operation_reconfigure"
	// OperationReconfigureInProgress is the operation state indicating
	// cluster advertise IP is being reconfigured.
	OperationReconfigureInProgress = "reconfigure_in_progress"

	// OperationStateReady indicates that the operation is ready to
	// be executed by the installer process
	OperationStateReady = "ready"

	// OperationExpand identifies the expand operation
	OperationExpand = "operation_expand"
	// OperationStateExpandInitiated defines the expand operation initiated state
	OperationStateExpandInitiated = "expand_initiated"
	// OperationStateExpandPrechecks defines the expand operation prechecks state
	OperationStateExpandPrechecks = "expand_prechecks"
	// OperationStateExpandProvisioning defines the expand operation provisioning state
	OperationStateExpandProvisioning = "expand_provisioning"
	// OperationStateExpandDeploying defines the expand operation deploying state
	OperationStateExpandDeploying = "expand_deploying"

	// OperationUpdate identifies the update operation
	OperationUpdate = "operation_update"
	// OperationStateUpdateInProgress defines the update operation in-progress state
	OperationStateUpdateInProgress = "update_in_progress"

	// OperationShrink identifies the shrink operation
	OperationShrink = "operation_shrink"
	// OperationStateShrinkInProgress defines the shrink operation in-progress state
	OperationStateShrinkInProgress = "shrink_in_progress"

	// OperationUninstall identifies the uninstall operation
	OperationUninstall = "operation_uninstall"
	// OperationStateUninstallInProgress defines the uninstall operation in-progress state
	OperationStateUninstallInProgress = "uninstall_in_progress"

	// OperationGarbageCollect identifies the gc operation
	OperationGarbageCollect = "operation_gc"
	// OperationGarbageCollectInProgress defines the gc operation in-progress state
	OperationGarbageCollectInProgress = "gc_in_progress"

	// OperationUpdateRuntimeEnviron identifies the runtime environment update operation
	OperationUpdateRuntimeEnviron = "operation_update_environ"
	// OperationUpdateRuntimeEnvironInProgress defines the runtime environment update operation in-progress state
	OperationUpdateRuntimeEnvironInProgress = "update_environ_in_progress"

	// OperationUpdateConfig identifies the cluster configuration update operation
	OperationUpdateConfig = "operation_update_config"
	// OperationUpdateConfigInProgress defines the cluster configuration update operation in-progress state
	OperationUpdateConfigInProgress = "update_config_in_progress"

	// OperationStateCompleted signifies a completed operation
	OperationStateCompleted = "completed"
	// OperationStateFailed signifies a failed operation
	OperationStateFailed = "failed"

	// AdvertiseIP defines a label with advertise IP address
	AdvertiseIP = "advertise-ip"
	// ServerFQDN defines a label with FQDN
	ServerFQDN = "fqdn"
	// AppRole defines a label with an application role
	AppRole = "app-role"
	// InstanceType defines a label with a cloud instance type
	InstanceType = "instance-type"
	// Hostname defines a label with hostname
	Hostname = "hostname"

	// TagServiceRole defines a tag used to denote a node role in context of kubernetes
	TagServiceRole = "KubernetesRole"

	// TagKubernetesCluster is a name of the tag containing cluster name AWS resources
	// are usually marked with
	TagKubernetesCluster = "KubernetesCluster"

	// TagRole defines a tag used to denote a node role in the application context
	TagRole = "Role"

	// AgentProvisioner defines the provisioner to the agent.
	// Agent might use specific functionality depending on the set provisioner
	AgentProvisioner = "provisioner"

	// AgentAutoRole defines an agent role that is yet to be determined.
	// The value is used as a role placeholder in the agent download URL in automatic
	// provisioning mode.
	//
	// Currently, provisioner code is responsible for assigning roles to agents
	// based on the following heuristics:
	//  > AWS provisioner uses instance tags to determine the role of an instance
	//
	// Ideally, with an provision script for each role, the assignment should
	// happen in the script by hard-coding a role value into the agent download URL.
	AgentAutoRole = "auto"

	// AgentMode is used to indicate what mode the agent is started in (e.g. shrink)
	AgentMode = "mode"

	// AgentModeShrink means that the agent is started on a node to assist in performing
	// a shrink operation
	AgentModeShrink = "shrink"

	// InstallToken names the query parameter with a one-time install token
	InstallToken = "install_token"

	// AdvertiseAddrParam specifies the name of the agent parameter for advertise address
	AdvertiseAddrParam = "advertise_addr"
)

Variables

View Source 
var (
	// OperationStartedToClusterState defines states the cluster transitions
	// into when a certain operation starts
	OperationStartedToClusterState = map[string]string{
		OperationInstall:              SiteStateInstalling,
		OperationExpand:               SiteStateExpanding,
		OperationUpdate:               SiteStateUpdating,
		OperationShrink:               SiteStateShrinking,
		OperationUninstall:            SiteStateUninstalling,
		OperationGarbageCollect:       SiteStateGarbageCollecting,
		OperationUpdateRuntimeEnviron: SiteStateUpdatingEnviron,
		OperationUpdateConfig:         SiteStateUpdatingConfig,
		OperationReconfigure:          SiteStateReconfiguring,
	}

	// OperationSucceededToClusterState defines states the cluster transitions
	// into when a certain operation completes successfully
	OperationSucceededToClusterState = map[string]string{
		OperationInstall:              SiteStateActive,
		OperationExpand:               SiteStateActive,
		OperationUpdate:               SiteStateActive,
		OperationShrink:               SiteStateActive,
		OperationUninstall:            SiteStateNotInstalled,
		OperationGarbageCollect:       SiteStateActive,
		OperationUpdateRuntimeEnviron: SiteStateActive,
		OperationUpdateConfig:         SiteStateActive,
		OperationReconfigure:          SiteStateActive,
	}

	// OperationFailedToClusterState defines states the cluster transitions
	// into when a certain operation fails.
	// If an state transition for a specific operation is missing, the cluster
	// state is left unchanged
	OperationFailedToClusterState = map[string]string{
		OperationInstall:              SiteStateFailed,
		OperationExpand:               SiteStateActive,
		OperationUpdate:               SiteStateUpdating,
		OperationShrink:               SiteStateActive,
		OperationUninstall:            SiteStateFailed,
		OperationGarbageCollect:       SiteStateActive,
		OperationUpdateRuntimeEnviron: SiteStateUpdatingEnviron,
		OperationUpdateConfig:         SiteStateUpdatingConfig,
		OperationReconfigure:          SiteStateFailed,
	}
)

Functions

func CheckServers 

func CheckServers(ctx context.Context,
	opKey SiteOperationKey,
	infos checks.ServerInfos,
	servers []storage.Server,
	agentService AgentService,
	manifest schema.Manifest,
) ([]*agentpb.Probe, error)

CheckServers executes a set of preflight tests on a set of servers as part of the install operation given with opKey. agentService is the access point to the agent cluster for running remote commands. manifest specifies the application manifest with requirements.

func CompleteOperation 

func CompleteOperation(ctx context.Context, key SiteOperationKey, operator OperationStateSetter) error

CompleteOperation marks the specified operation as completed

func ConvertOpsSite 

func ConvertOpsSite(in Site) storage.Site

ConvertOpsSite converts ops.Site to storage.Site

func DescribeOperation 

func DescribeOperation(o storage.Operation) string

DescribeOperation returns a human friendly description of the operation.

func EnableLeaderElection 

func EnableLeaderElection(ctx context.Context, clusterName string, node storage.Server, log logrus.FieldLogger) error

EnableLeaderElection turns on leader election for the specified node.

func FailOperation 

func FailOperation(ctx context.Context, key SiteOperationKey, operator OperationStateSetter, message string) error

FailOperation marks the specified operation as failed

func FailOperationAndResetCluster 

func FailOperationAndResetCluster(ctx context.Context, key SiteOperationKey, operator Operator, message string) error

FailOperationAndResetCluster completes the specified operation and resets cluster state to active

func FindServerByInstanceID 

func FindServerByInstanceID(cluster *Site, instanceID string) (*storage.Server, error)

FindServerByInstanceID finds server in the cluster state by instance ID if not found, returns NotFound error

func FormatValidationError 

func FormatValidationError(err error) error

FormatValidationError formats validation error as a human-readable text

func GetClusters 

func GetClusters(operator Operator, clusterName string) ([]storage.Cluster, error)

GetClusters returns cluster or list of clusters

func GetInstallOperation 

func GetInstallOperation(siteKey SiteKey, operator Operator) (op *SiteOperation, progress *ProgressEntry, err error)

GetInstallOperation returns an install operation for the specified siteKey

func GetLastFinishedOperation 

func GetLastFinishedOperation(siteKey SiteKey, operator Operator) (op *SiteOperation, progress *ProgressEntry, err error)

GetLastFinishedOperation returns the cluster's last completed operation

func GetLastOperation 

func GetLastOperation(siteKey SiteKey, operator Operator) (op *SiteOperation, progress *ProgressEntry, err error)

GetLastOperation returns the most recent operation and its progress for the specified site

func GetLastUninstallOperation 

func GetLastUninstallOperation(siteKey SiteKey, operator Operator) (op *SiteOperation, progress *ProgressEntry, err error)

GetLastUninstallOperation returns the last uninstall operation for the specified siteKey

func GetOperationWithProgress 

func GetOperationWithProgress(opKey SiteOperationKey, operator Operator) (*SiteOperation, *ProgressEntry, error)

GetOperationWithProgress returns the operation and its progress for the provided operation key

func IsInstalledState 

func IsInstalledState(siteState string) bool

IsInstalledState takes a site state and returns true/false depending on whether this state represents one of "installed" states

func MakeClusterInfoMap 

func MakeClusterInfoMap(cluster storage.Site) *v1.ConfigMap

MakeClusterInfoMap creates a config map with information about the provided cluster that will be made available to all hooks.

func NewClusterFromSite 

func NewClusterFromSite(site Site) *storage.ClusterV2

NewClusterFromSite creates cluster resource from Site object

func NewOperation 

func NewOperation(op storage.SiteOperation) (storage.Operation, error)

NewOperation creates a new operation resource from storage operation.

func NewOperatorContext 

func NewOperatorContext(ctx context.Context, operator Operator) context.Context

NewOperatorContext returns a new context with the specified user name

func NewSessionContext 

func NewSessionContext(ctx context.Context, session teleservices.WebSession) context.Context

NewSessionContext returns a new context with the specified web session

func NewUserContext 

func NewUserContext(ctx context.Context, user string) context.Context

NewUserContext returns a new context with the specified user name

func PauseLeaderElection 

func PauseLeaderElection(ctx context.Context, clusterName string, node storage.Server, log logrus.FieldLogger) error

PauseLeaderElection pauses leader election for the specified node.

func SessionFromContext 

func SessionFromContext(ctx context.Context) teleservices.WebSession

SessionFromContext extracts the web session from the specified context if present.

func UserFromContext 

func UserFromContext(ctx context.Context) string

UserFromContext extracts name of the user attached to the provided context.

Returns an empty string if no user is attached.

func VerifyLicense 

func VerifyLicense(packages pack.PackageService, license string) error

VerifyLicense verifies the provided license

Types

type APIKeys 

type APIKeys interface {
	// CreateAPIKey creates a new API key for a user
	CreateAPIKey(context.Context, NewAPIKeyRequest) (*storage.APIKey, error)

	// GetAPIKeys returns API keys for the specified user
	GetAPIKeys(userEmail string) ([]storage.APIKey, error)

	// DeleteAPIKey deletes an API key
	DeleteAPIKey(ctx context.Context, userEmail, token string) error
}

APIKeys represents a collection of user API keys

type Account 

type Account storage.Account

Account is a collection of sites and represents some company

func UpsertSystemAccount 

func UpsertSystemAccount(operator Operator) (*Account, error)

UpsertSystemAccount creates a new system account if one has not been created. Returns the system account

type AccountKey 

type AccountKey struct {
	// AccountID is id of the account
	AccountID string `json:"account_id"`
}

AccountKey used to identify account

func (AccountKey) String 

func (k AccountKey) String() string

String represents debug-friendly representation of AccountKey

type Accounts 

type Accounts interface {
	// GetAccount returns account by id
	GetAccount(accountID string) (*Account, error)

	// GetAccounts returns a list of accounts registered in the system
	GetAccounts() ([]Account, error)

	// CreateAccount creates a new account
	CreateAccount(NewAccountRequest) (*Account, error)
}

Accounts represents a collection of accounts in the portal

type ActivateSiteRequest 

type ActivateSiteRequest struct {
	// AccountID is the ID of the account the site belongs to
	AccountID string `json:"account_id"`
	// SiteDomain is the site name to activate
	SiteDomain string `json:"site_domain"`
	// StartApp controls whether the site's app should be started
	StartApp bool `json:"start_app"`
}

ActivateSiteRequest is a request to activate a site

type AgentCreds 

type AgentCreds struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

AgentCreds represent install agent username and password used to identify install agents for the site

type AgentReport 

type AgentReport struct {
	// Message is a human readable message presented to the user
	Message string `json:"message"`
	// Servers returns a list of servers that have agents
	// installed on them
	Servers []checks.ServerInfo `json:"servers"`
}

AgentReport provides information about servers as collected by remote install agents run on site during install and upgrade procedures

func (*AgentReport) Diff 

func (s *AgentReport) Diff(previous *AgentReport) (added, removed []checks.ServerInfo)

Diff returns added/removed servers this agent report has compared to the provided previous report.

func (*AgentReport) Has 

func (s *AgentReport) Has(advertiseAddr string) bool

Has returns true if this agent report contains server with the provided IP.

func (*AgentReport) MatchFlavor 

func (s *AgentReport) MatchFlavor(flavor schema.Flavor) (needed map[string]int, extra []checks.ServerInfo)

MatchFlavor verifies if agents from this report satisfy the provided flavor.

Returns number/roles of agents that still need to join as well as any extra servers that are not a part of the flavor.

func (*AgentReport) String 

func (s *AgentReport) String() string

String returns textual representation of the report

func (*AgentReport) Transport 

func (s *AgentReport) Transport() (*RawAgentReport, error)

Transport returns transport-friendly representation of agent report

type AgentService 

type AgentService interface {
	// ServerAddr returns the address of the server for agents
	// to connect to
	ServerAddr() string

	// GetServerInfos returns a list of server information objects
	GetServerInfos(ctx context.Context, key SiteOperationKey) (checks.ServerInfos, error)

	// Exec executes the command specified with args on a remote server given with addr.
	// It streams the process's output to the given writer out.
	Exec(ctx context.Context, opKey SiteOperationKey, addr string, args []string, stdout, stderr io.Writer) error

	// ExecNoLog executes the command specified with args on a remote server given with addr.
	// It streams the process's output to the given writer out.
	// Underlying remote call output is not logged
	ExecNoLog(ctx context.Context, opKey SiteOperationKey, addr string, args []string, stdout, stderr io.Writer) error

	// Validate executes preflight checks on the node specified with addr
	// against the specified manifest and profile.
	Validate(ctx context.Context, opKey SiteOperationKey, addr string,
		manifest schema.Manifest, profileName string) ([]*agentpb.Probe, error)

	// Wait blocks until the specified number of agents have connected for the
	// the given operation. Context can be used for canceling the operation.
	Wait(ctx context.Context, key SiteOperationKey, numAgents int) error

	// CheckPorts executes port availability test in agent cluster
	CheckPorts(context.Context, SiteOperationKey, checks.PingPongGame) (checks.PingPongGameResults, error)

	// CheckBandwidth executes bandwidth network test in agent cluster
	CheckBandwidth(context.Context, SiteOperationKey, checks.PingPongGame) (checks.PingPongGameResults, error)

	// CheckDisks executes disk performance test on the specified node
	CheckDisks(ctx context.Context, key SiteOperationKey, addr string, req *proto.CheckDisksRequest) (*proto.CheckDisksResponse, error)

	// StopAgents instructs all remote agents to stop operation
	// and rejects all consequitive requests to connect for any agent
	// for this site
	StopAgents(context.Context, SiteOperationKey) error

	// AbortAgents instructs all remote agents to abort operation
	// and uninstall state
	AbortAgents(context.Context, SiteOperationKey) error

	// CompleteAgents sends an operation completed notification to all remote
	// agents
	CompleteAgents(context.Context, SiteOperationKey) error
}

AgentService coordinates install agents that are started on every server and report system information as well as receive instructions from the operator service

type AppInstallerRequest 

type AppInstallerRequest struct {
	// AccountID is the cluster account ID.
	AccountID string
	// Application is the application package to generate installer for.
	Application loc.Locator
	// CACert is the CA certificate to include in the installer.
	CACert string
	// EncryptionKey is an optional key to GPG-encrypt installer packages with.
	EncryptionKey string
}

AppInstallerRequest is a request to generate installer tarball.

type Application 

type Application struct {
	// Package is application package information
	Package loc.Locator `json:"package"`
	// PackageEnvelope provides complete information about the underlying package
	PackageEnvelope pack.PackageEnvelope `json:"envelope"`
	// Manifest is a site install manifest that specifies it's configuration
	Manifest schema.Manifest `json:"manifest"`
}

Application holds information about application, such as package name and version, manifest and runtime information

type Applications 

type Applications interface {
	// GetAppInstaller generates an application installer tarball and returns
	// a binary data stream
	GetAppInstaller(AppInstallerRequest) (io.ReadCloser, error)
	// ListReleases returns all currently installed application releases in a cluster.
	ListReleases(ListReleasesRequest) ([]storage.Release, error)
}

Applications interface handles application-specific tasks

type Audit 

type Audit interface {
	// EmitAuditEvent saves the provided event in the audit log.
	EmitAuditEvent(context.Context, AuditEventRequest) error
}

Audit provides interface for emitting audit log events.

type AuditEventRequest 

type AuditEventRequest struct {
	// SiteKey is the ID of the cluster the request is for.
	SiteKey
	// Event is the audit event to emit.
	Event events.Event `json:"event"`
	// Fields is the audit event additional fields.
	Fields events.EventFields `json:"fields"`
}

AuditEventRequest describes an audit log event.

func (*AuditEventRequest) Check 

func (r *AuditEventRequest) Check() error

Check validates the audit log event request.

func (AuditEventRequest) String 

func (r AuditEventRequest) String() string

String returns the event's string representation.

type Certificates 

type Certificates interface {
	// GetClusterCertificate returns the cluster TLS certificate that is
	// presented by the cluster's local web endpoint
	GetClusterCertificate(key SiteKey, withSecrets bool) (*ClusterCertificate, error)
	// UpdateClusterCertificate updates the cluster TLS certificate that is
	// presented by the cluster's local web endpoint
	UpdateClusterCertificate(context.Context, UpdateCertificateRequest) (*ClusterCertificate, error)
	// DeleteClusterCertificate deletes the cluster TLS certificate
	DeleteClusterCertificate(context.Context, SiteKey) error
}

Certificates contains methods for operating on cluster certificates

type ClusterAgentRequest 

type ClusterAgentRequest struct {
	// AccountID is the ID of the cluster account
	AccountID string `json:"account_id"`
	// ClusterName is the cluster name
	ClusterName string `json:"cluster_name"`
	// Admin is whether to retrieve a regular or admin agent
	Admin bool `json:"admin"`
}

ClusterAgentRequest is a request to retrieve a cluster agent

type ClusterCertificate 

type ClusterCertificate struct {
	// Certificate is the cluster certificate
	Certificate []byte `json:"certificate"`
	// PrivateKey is the private key
	PrivateKey []byte `json:"private_key"`
}

ClusterCertificate represents the cluster certificate

type ClusterConfiguration 

type ClusterConfiguration interface {
	// CreateUpdateConfigOperation creates a new operation to update cluster configuration
	CreateUpdateConfigOperation(context.Context, CreateUpdateConfigOperationRequest) (*SiteOperationKey, error)
	// GetClusterConfiguration retrieves the cluster configuration
	GetClusterConfiguration(SiteKey) (clusterconfig.Interface, error)
	// UpdateClusterConfiguration updates the cluster configuration from the specified request
	UpdateClusterConfiguration(UpdateClusterConfigRequest) error
}

ClusterConfiguration manages configuration in cluster

type ClusterEndpoints 

type ClusterEndpoints struct {
	// Internal contains internal cluster endpoints.
	Internal clusterEndpoints
	// Public contains public cluster endpoints.
	Public clusterEndpoints
}

ClusterEndpoints contains system cluster endpoints such as Teleport proxy address or cluster control panel URL.

func GetClusterEndpoints 

func GetClusterEndpoints(operator Operator, key SiteKey) (*ClusterEndpoints, error)

GetClusterEndpoints returns system endpoints for the specified cluster.

func (ClusterEndpoints) AuthGateways 

func (e ClusterEndpoints) AuthGateways() []string

AuthGateways returns all auth gateway endpoints.

func (ClusterEndpoints) FirstAuthGateway 

func (e ClusterEndpoints) FirstAuthGateway() string

FirstAuthGateway returns the first auth gateway endpoint.

func (ClusterEndpoints) ManagementURLs 

func (e ClusterEndpoints) ManagementURLs() []string

ManagementURLs returns all cluster management URLs.

type ClusterMetricsRates 

type ClusterMetricsRates struct {
	// Current is the instantaneous usage rate.
	Current int `json:"current"`
	// Max is the peak usage rate on a certain interval.
	Max int `json:"max"`
	// Historic is a historic usage rate for a certain interval.
	Historic monitoring.Series `json:"historic"`
}

ClusterMetricsRates encapsulates usage rates.

type ClusterMetricsRequest 

type ClusterMetricsRequest struct {
	// SiteKey is the cluster routing key.
	SiteKey
	// Interval is the requested metrics interval.
	//
	// If left unspecified, defaults to an hour.
	Interval time.Duration `json:"interval"`
	// Step is the optional maximum time b/w two datapoints.
	//
	// If left unspecified, defaults to 15 seconds.
	Step time.Duration `json:"step"`
}

ClusterMetricsRequest is a request for cluster metrics.

func (*ClusterMetricsRequest) CheckAndSetDefaults 

func (r *ClusterMetricsRequest) CheckAndSetDefaults() error

CheckAndSetDefaults validates the request and fills in defaults.

type ClusterMetricsResponse 

type ClusterMetricsResponse struct {
	// TotalCPUCores is the total number of CPU cores in the cluster.
	TotalCPUCores int `json:"total_cpu_cores"`
	// TotalMemoryBytes is the total amount of memory in the cluster.
	TotalMemoryBytes int64 `json:"total_memory_bytes"`
	// CPURates contains current/max/historic CPU usage rates.
	CPURates ClusterMetricsRates `json:"cpu_rates"`
	// MemoryRates contains current/max/historic memory usage rates.
	MemoryRates ClusterMetricsRates `json:"memory_rates"`
}

ClusterMetricsResponse is the response containing cluster CPU/RAM metrics.

type CompleteFinalInstallStepRequest 

type CompleteFinalInstallStepRequest struct {
	// AccountID is the ID of the account the site belongs to
	AccountID string `json:"account_id"`
	// SiteDomain is the site name to activate
	SiteDomain string `json:"site_domain"`
	// WizardConnectionTTL is when to expire connection to wizard process
	WizardConnectionTTL time.Duration `json:"delay"`
}

CompleteFinalInstallStepRequest is a request to mark site final install step as completed

func (*CompleteFinalInstallStepRequest) CheckAndSetDefaults 

func (r *CompleteFinalInstallStepRequest) CheckAndSetDefaults() error

CheckAndSetDefaults validates the request and fills in default values

type ConfigureNodeRequest 

type ConfigureNodeRequest struct {
	// AccountID is the account id of the local cluster
	AccountID string `json:"account_id"`
	// ClusterName is the local cluster name
	ClusterName string `json:"cluster_name"`
	// OperationID is the id of the operation
	OperationID string `json:"operation_id"`
	// Server is the server to configure
	Server storage.Server `json:"server"`
}

ConfigureNodeRequest is a request to prepare a node for the upgrade

func (ConfigureNodeRequest) SiteKey 

func (r ConfigureNodeRequest) SiteKey() SiteKey

SiteKey returns cluster key for this request

func (ConfigureNodeRequest) SiteOperationKey 

func (r ConfigureNodeRequest) SiteOperationKey() SiteOperationKey

SiteOperationKey returns operation key for this request

type ConfigurePackagesRequest 

type ConfigurePackagesRequest struct {
	// OperationKey identifies the operation
	SiteOperationKey `json:"operation_key"`
	// Env specifies optional cluster environment variables to set
	Env map[string]string `json:"env,omitempty"`
	// Config specifies optional cluster configuration resource in raw form
	Config []byte `json:"config,omitempty"`
}

ConfigurePackagesRequest is a request to create configuration packages

func (ConfigurePackagesRequest) Check 

func (r ConfigurePackagesRequest) Check() error

Check validates this request

func (ConfigurePackagesRequest) ClusterKey 

func (r ConfigurePackagesRequest) ClusterKey() SiteKey

ClusterKey returns a cluster key from this request

type CreateClusterGarbageCollectOperationRequest 

type CreateClusterGarbageCollectOperationRequest struct {
	// AccountID is id of the account
	AccountID string `json:"account_id"`
	// ClusterName is the name of the cluster
	ClusterName string `json:"cluster_name"`
}

CreateClusterGarbageCollectOperationRequest is a request to start garbage collection in the cluster

func (CreateClusterGarbageCollectOperationRequest) Check 

func (r CreateClusterGarbageCollectOperationRequest) Check() error

Check validates this request

type CreateClusterReconfigureOperationRequest 

type CreateClusterReconfigureOperationRequest struct {
	// SiteKey is the cluster ID.
	SiteKey
	// AdvertiseAddr is the new node advertise address.
	AdvertiseAddr string `json:"advertise_addr"`
	// Servers contains the node whose IP is being reconfigured.
	Servers []storage.Server `json:"servers"`
	// InstallExpand is the original install operation state.
	InstallExpand *storage.InstallExpandOperationState `json:"install_expand"`
}

CreateClusterReconfigureOperationRequest is a request to initialize node advertise IP reconfiguration operation.

func (*CreateClusterReconfigureOperationRequest) Check 

func (r *CreateClusterReconfigureOperationRequest) Check() error

Check validates the request.

type CreateSiteAppUpdateOperationRequest 

type CreateSiteAppUpdateOperationRequest struct {
	// AccountID is the ID of the account the site belongs to
	AccountID string `json:"account_id"`
	// SiteDomain is the ID of the site that should be updated
	SiteDomain string `json:"site_domain"`
	// App specifies a new application package in the "locator" form, e.g. gravitational.io/mattermost:1.2.3
	App string `json:"package"`
	// StartAgents specifies whether the operation will automatically start the update agents
	StartAgents bool `json:"start_agents"`
	// Vars are variables specific to this operation
	Vars storage.OperationVariables `json:"vars"`
	// Force allows to override the otherwise failed preconditions
	Force bool `json:"force"`
}

CreateSiteAppUpdateOperationRequest is a request to update an application installed on a site to a new version

type CreateSiteExpandOperationRequest 

type CreateSiteExpandOperationRequest struct {
	// AccountID is account id of this operation
	AccountID string `json:"account_id"`
	// SiteDomain is a site of the operation
	SiteDomain string `json:"site_domain"`
	// Variables are used to set up operation specific parameters,
	// e.g. AWS image flavor for AWS install
	Variables storage.OperationVariables `json:"variables"`
	// Servers specifies how many servers of each role this operation adds,
	// e.g. {"master": 1, "database": 2}
	Servers map[string]int `json:"servers"`
	// Provisioner to use for this operation
	Provisioner string `json:"provisioner"`
}

CreateSiteExpandOperationRequest is a request to add new nodes to the cluster

func (*CreateSiteExpandOperationRequest) CheckAndSetDefaults 

func (r *CreateSiteExpandOperationRequest) CheckAndSetDefaults() error

CheckAndSetDefaults makes sure the request is correct and fills in some unset fields with default values if they have them

type CreateSiteInstallOperationRequest 

type CreateSiteInstallOperationRequest struct {
	// AccountID is account id of this operation
	AccountID string `json:"account_id"`
	// SiteID is a site of the operation
	SiteDomain string `json:"site_domain"`
	// Variables are used to set up operation specific parameters,
	// e.g. AWS image flavor for AWS install
	Variables storage.OperationVariables `json:"variables"`
	// Provisioner defines the provisioner for this operation
	Provisioner string `json:"provisioner"`
	// Profiles specifies server (role -> server profile) requirements
	Profiles map[string]storage.ServerProfileRequest `json:"profiles"`
}

CreateSiteInstallOperationRequest is a request to create install operation - the operation that provisions servers, gravity software and sets up everything

func (*CreateSiteInstallOperationRequest) CheckAndSetDefaults 

func (r *CreateSiteInstallOperationRequest) CheckAndSetDefaults() error

CheckAndSetDefaults validates the request and provides defaults to unset fields

type CreateSiteShrinkOperationRequest 

type CreateSiteShrinkOperationRequest struct {
	// AccountID is account id of this operation
	AccountID string `json:"account_id"`
	// SiteDomain is a site of the operation
	SiteDomain string `json:"site_domain"`
	// Variables are used to set up operation specific parameters, e.g. AWS keys
	Variables storage.OperationVariables `json:"variables"`
	// Servers specifies server names to remove
	Servers []string `json:"servers"`
	// Provisioner to use for this operation
	Provisioner string `json:"provisioner"`
	// Force allows to remove offline nodes
	Force bool `json:"force"`
	// NodeRemoved indicates whether the node has already been removed from the cluster
	// Used in cases where we receive an event where the node is being terminated, but may
	// not have disconnected from the cluster yet.
	NodeRemoved bool `json:"node_removed"`
}

CreateSiteShrinkOperationRequest is a request to remove nodes from the cluster

func (*CreateSiteShrinkOperationRequest) CheckAndSetDefaults 

func (r *CreateSiteShrinkOperationRequest) CheckAndSetDefaults() error

CheckAndSetDefaults makes sure the request is correct and fills in some unset fields with default values if they have them

type CreateSiteUninstallOperationRequest 

type CreateSiteUninstallOperationRequest struct {
	// AccountID is id of the account
	AccountID string `json:"account_id"`
	// SiteDomain is the site id
	SiteDomain string `json:"site_domain"`
	// Force forces gravity to unprovision site without uninstall
	// used in development in case of broken installs
	Force bool `json:"force"`
	// Variables are used to set up operation specific parameters,
	// e.g. AWS image flavor for AWS install
	Variables storage.OperationVariables `json:"variables"`
}

CreateSiteUninstallOperationRequest creates uninstall operation entry, it does not kick off the operation

type CreateUpdateConfigOperationRequest 

type CreateUpdateConfigOperationRequest struct {
	// ClusterKey identifies the cluster
	ClusterKey SiteKey `json:"cluster_key"`
	// Config specifies the new configuration as JSON-encoded payload
	Config []byte `json:"config"`
}

CreateUpdateConfigOperationRequest is a request to create an operation to update cluster configuration

type CreateUpdateEnvarsOperationRequest 

type CreateUpdateEnvarsOperationRequest struct {
	// ClusterKey identifies the cluster
	ClusterKey SiteKey `json:"cluster_key"`
	// Env specifies the new cluster environment variables
	Env map[string]string `json:"env"`
}

CreateUpdateEnvarsOperationRequest is a request to update cluster environment variables

type CreateUserInviteRequest 

type CreateUserInviteRequest struct {
	// SiteKey is the key of the cluster to route request to.
	SiteKey
	// Name is the new user name.
	Name string `json:"name"`
	// Roles is the new user roles.
	Roles []string `json:"roles"`
	// TTL specifies how long the generated invite token is valid for.
	TTL time.Duration `json:"ttl"`
}

CreateUserInviteRequest is a request to generate a new user invite token.

func (*CreateUserInviteRequest) Check 

func (r *CreateUserInviteRequest) Check() error

Check validates the request.

type CreateUserResetRequest 

type CreateUserResetRequest struct {
	// SiteKey is the key of the cluster to route request to.
	SiteKey
	// Name is the user name to reset.
	Name string `json:"name"`
	// TTL specifies how long the generated reset token is valid for.
	TTL time.Duration `json:"ttl"`
}

CreateUserResetRequest is a request to generate a new user reset token.

func (*CreateUserResetRequest) Check 

func (r *CreateUserResetRequest) Check() error

Check validates the request.

type DeactivateSiteRequest 

type DeactivateSiteRequest struct {
	// AccountID is the ID of the account the site belongs to
	AccountID string `json:"account_id"`
	// SiteDomain is the site name to deactivate
	SiteDomain string `json:"site_domain"`
	// Reason is the deactivation reason
	Reason storage.Reason `json:"reason"`
	// StopApp controls whether the site's app should be stopped
	StopApp bool `json:"stop_app"`
}

DeactivateSiteRequest describes a request to deactivate a site

type DeleteUserInviteRequest 

type DeleteUserInviteRequest struct {
	// SiteKey is the key of the cluster to route request to.
	SiteKey
	// Name is the invited user name.
	Name string `json:"name"`
}

DeleteUserInviteRequest is a request to delete a user invite token.

func (*DeleteUserInviteRequest) Check 

func (r *DeleteUserInviteRequest) Check() error

Check validates the request.

type Endpoint 

type Endpoint struct {
	// Name is a display name of the endpoint
	Name string `json:"name"`
	// Description is a verbose description of the endpoint
	Description string `json:"description"`
	// Addresses if a list of URLs for the endpoint
	Addresses []string `json:"addresses"`
}

Endpoint respresents an application endpoint

type Endpoints 

type Endpoints interface {
	// GetApplicationEndpoints returns a list of application endpoints of
	// the specified cluster
	GetApplicationEndpoints(SiteKey) ([]Endpoint, error)
}

Endpoints defines cluster and application endpoints management interface

type GetClusterReportRequest 

type GetClusterReportRequest struct {
	// SiteKey is a key used to identify site
	SiteKey
	// Since is used to filter collected logs by time
	Since time.Duration `json:"since,omitempty"`
}

GetClusterReportRequest specifies the request to get the cluster report

type Identity 

type Identity interface {
	// UpsertUser creates or updates a user
	UpsertUser(ctx context.Context, key SiteKey, user teleservices.User) error
	// GetUser returns a user by name
	GetUser(key SiteKey, name string) (teleservices.User, error)
	// GetUsers returns all users
	GetUsers(key SiteKey) ([]teleservices.User, error)
	// DeleteUser deletes a user by name
	DeleteUser(ctx context.Context, key SiteKey, name string) error
	// UpsertClusterAuthPreference updates cluster authentication preference
	UpsertClusterAuthPreference(ctx context.Context, key SiteKey, auth teleservices.AuthPreference) error
	// GetClusterAuthPreference returns cluster authentication preference
	GetClusterAuthPreference(key SiteKey) (teleservices.AuthPreference, error)
	// UpsertGithubConnector creates or updates a Github connector
	UpsertGithubConnector(ctx context.Context, key SiteKey, conn teleservices.GithubConnector) error
	// GetGithubConnector returns a Github connector by its name
	GetGithubConnector(key SiteKey, name string, withSecrets bool) (teleservices.GithubConnector, error)
	// GetGithubConnectors returns all Github connectors
	GetGithubConnectors(key SiteKey, withSecrets bool) ([]teleservices.GithubConnector, error)
	// DeleteGithubConnector deletes a Github connector by name
	DeleteGithubConnector(ctx context.Context, key SiteKey, name string) error
	// UpsertAuthGateway updates auth gateway configuration
	UpsertAuthGateway(context.Context, SiteKey, storage.AuthGateway) error
	// GetAuthGateway returns auth gateway configuration
	GetAuthGateway(SiteKey) (storage.AuthGateway, error)
}

Identity provides methods for managing users, roles and authentication settings

type Install 

type Install interface {
	// ConfigurePackages configures packages for the specified operation
	ConfigurePackages(ConfigurePackagesRequest) error
	// StreamOperationLogs appends the logs from the provided reader to the
	// specified operation (user-facing) log file
	StreamOperationLogs(SiteOperationKey, io.Reader) error
}

Install provides install-specific methods

type Leader 

type Leader interface {
	// StepDown asks the process to pause its leader election heartbeat so it can
	// give up its leadership
	StepDown(SiteKey) error
}

Leader defines leadership-related operations

type License 

type License struct {
	// Raw is a raw license string, be it our certificate or JSON-based customer license
	Raw string `json:"raw"`
	// Payload is the parsed license payload
	Payload license.Payload `json:"payload"`
}

License represents a license installed on site

type ListReleasesRequest 

type ListReleasesRequest struct {
	// SiteKey is the cluster routing key.
	SiteKey
	// IncludeIcons is whether to retrieve application icons as well.
	IncludeIcons bool `json:"include_icons"`
}

ListReleasesRequest is a request to list installed application releases.

type LogEntry 

type LogEntry struct {
	// AccountID is the ID of the account for the operation
	AccountID string `json:"account_id"`
	// ClusterName is the name of the cluster for the operation
	ClusterName string `json:"cluster_name"`
	// OperationID is the ID of the operation the log entry is for
	OperationID string `json:"operation_id"`
	// Severity is the log entry severity: info, warning or error
	Severity string `json:"severity"`
	// Message is the log entry text message
	Message string `json:"message"`
	// Server is an optional server that generated the log entry
	Server *storage.Server `json:"server,omitempty"`
	// Created is the log entry timestamp
	Created time.Time `json:"created"`
}

LogEntry represents a single log line for an operation

func (LogEntry) String 

func (l LogEntry) String() string

String formats the log entry as a string

type LogForwarders 

type LogForwarders interface {
	// GetLogForwarders retrieves the list of active log forwarders
	GetLogForwarders(key SiteKey) ([]storage.LogForwarder, error)
	// CreateLogForwarder creates a new log forwarder
	CreateLogForwarder(ctx context.Context, key SiteKey, forwarder storage.LogForwarder) error
	// UpsertLogForwarder updates an existing log forwarder
	UpdateLogForwarder(ctx context.Context, key SiteKey, forwarder storage.LogForwarder) error
	// DeleteLogForwarder deletes a log forwarder
	DeleteLogForwarder(ctx context.Context, key SiteKey, name string) error
}

LogForwarders defines the interface to manage log forwarders

type Monitoring 

type Monitoring interface {
	// GetAlerts returns the list of configured monitoring alerts
	GetAlerts(SiteKey) ([]storage.Alert, error)
	// UpdateAlert updates the specified monitoring alert
	UpdateAlert(context.Context, SiteKey, storage.Alert) error
	// DeleteAlert deletes the monitoring alert specified with name
	DeleteAlert(ctx context.Context, key SiteKey, name string) error
	// GetAlertTargets returns the list of configured monitoring alert targets
	GetAlertTargets(SiteKey) ([]storage.AlertTarget, error)
	// UpdateAlertTarget updates cluster's alert target to the specified
	UpdateAlertTarget(context.Context, SiteKey, storage.AlertTarget) error
	// DeleteAlertTarget deletes the monitoring alert target
	DeleteAlertTarget(context.Context, SiteKey) error
	// GetClusterMetrics returns basic CPU/RAM metrics for the specified cluster.
	GetClusterMetrics(context.Context, ClusterMetricsRequest) (*ClusterMetricsResponse, error)
}

Monitoring defines the interface to manage monitoring and metrics

type NewAPIKeyRequest 

type NewAPIKeyRequest struct {
	// Expires is the key expiration time
	Expires time.Time `json:"expires"`
	// UserEmail is the username to create a new key for
	UserEmail string `json:"user_email"`
	// Token is an optional predefined API key value, will be
	// generated if not provided
	Token string `json:"token"`
	// Upsert controls whether existing key should be updated
	Upsert bool `json:"upsert"`
}

NewAPIKeyRequest is a request to create a new api key

type NewAccountRequest 

type NewAccountRequest struct {
	// ID is an optional account ID.
	// If specified, account with this ID will be created
	ID string `json:"id"`
	// Org is a unique organisation name
	Org string `json:"org"`
}

NewAccountRequest is a request to create a new account

type NewInstallTokenRequest 

type NewInstallTokenRequest struct {
	// AccountID links this token to the specified account
	AccountID string `json:"account"`
	// Application references an optional application package to associate
	// with the install token
	Application string `json:"app"`
	// UserType defines the type of user to associate with this token
	UserType string `json:"type"`
	// UserEmail defines the existing user to associate with this install token.
	// If unspecified, a new user will be created
	UserEmail string `json:"email"`
	// Token is an optional predefined token value, if not passed,
	// will be generated
	Token string `json:"token"`
}

NewInstallTokenRequest is a request to generate a one-time install token

func (NewInstallTokenRequest) Check 

func (r NewInstallTokenRequest) Check() error

type NewSiteRequest 

type NewSiteRequest struct {
	// AppPackage is application package, e.g. `gravitaional.io/mattermost:1.2.1`
	AppPackage string `json:"app_package"`
	// AccountID  is the id of the account
	AccountID string `json:"account_id"`
	// Email is the email address of a user who created the site
	Email string `json:"email"`
	// Provider, e.g. 'aws_terraform' or 'onprem'
	Provider string `json:"provider"`
	// DomainName is a name that uniquely identifies the installation
	DomainName string `json:"domain_name"`
	// License is the license that will be installed on site
	License string `json:"license"`
	// Labels is a custom key/value metadata to attach to a new site
	Labels map[string]string `json:"labels"`
	// Resources is a string with additional K8s resources injected at a runtime
	Resources []byte `json:"resources"`
	// Location describes the location where a new site is about to be deployed,
	// for example AWS region name
	Location string `json:"location"`
	// Flavor is the name of the initial cluster flavor.
	Flavor string `json:"flavor"`
	// DisabledWebUI specifies whether OpsCenter and WebInstallWizard are disabled
	DisabledWebUI bool `json:"disabled_web_ui"`
	// InstallToken is install token for site to create for agents
	InstallToken string `json:"install_token"`
	// ServiceUser specifies the user to use for planet container services
	// and unprivileged kubernetes resources
	ServiceUser storage.OSUser `json:"service_user"`
	// CloudConfig describes additional cloud configuration
	CloudConfig storage.CloudConfig `json:"cloud_config"`
	// DNSOverrides specifies DNS host/zone overrides for the cluster
	DNSOverrides storage.DNSOverrides `json:"dns_overrides"`
	// DNSConfig specifies the cluster local DNS server configuration
	DNSConfig storage.DNSConfig `json:"dns_config"`
	// Docker specifies the cluster Docker configuration
	Docker storage.DockerConfig `json:"docker"`
}

NewSiteRequest is a request to create a new site entry

type NewUserRequest 

type NewUserRequest struct {
	// Name is the user name
	Name string `json:"email"`
	// Type is the type of user to create (e.g. agent or admin)
	Type string `json:"type"`
	// Password is the password to set for the created user
	Password string `json:"password"`
}

NewUserRequest is a request to create a new user

func (NewUserRequest) Check 

func (r NewUserRequest) Check() error

type Node 

type Node struct {
	// Hostname is the node hostname
	Hostname string `json:"hostname"`
	// AdvertiseIP is the node advertise IP
	AdvertiseIP string `json:"advertise_ip"`
	// PublicIP is the node public IP
	PublicIP string `json:"public_ip"`
	// Profile is the node profile
	Profile string `json:"profile"`
	// Role is the node service role
	Role string `json:"role"`
	// InstanceType is the node cloud specific instance type
	InstanceType string `json:"instance_type"`
}

Node represents a cluster node information based on Teleport node

type NodeResponse 

type NodeResponse struct {
	// Name identifies a node
	Name string `json:"name"`
	// Output is the output from the executed command
	Output []byte `json:"output"`
}

NodeResponse defines the result of executing a remote command on a node

type Nodes 

type Nodes []Node

Nodes is a list of nodes.

func (Nodes) FindByIP 

func (n Nodes) FindByIP(ip string) *Node

FindByIP returns node with specified IP or nil.

type OperationMatcher 

type OperationMatcher func(SiteOperation) bool

OperationMatcher is a function type that matches the given operation

func MatchByType 

func MatchByType(opType string) OperationMatcher

MatchByType returns an OperationMatcher to match operations by type

type OperationStateFunc 

type OperationStateFunc func(context.Context, SiteOperationKey, SetOperationStateRequest) error

OperationStateFunc is a function handler for setting the operation state

func (OperationStateFunc) SetOperationState 

func (r OperationStateFunc) SetOperationState(ctx context.Context, key SiteOperationKey, req SetOperationStateRequest) error

SetOperationState implements the OperationStateSetter by invoking this handler

type OperationStateSetter 

type OperationStateSetter interface {
	// SetOperationState updates state of the operation
	// specified with given operation key
	SetOperationState(context.Context, SiteOperationKey, SetOperationStateRequest) error
}

OperationStateSetter defines an interface to set/update operation state

type OperationUpdateRequest 

type OperationUpdateRequest struct {
	// Profiles updates server profiles (role -> server profile)
	Profiles map[string]storage.ServerProfileRequest `json:"profiles"`
	// Servers sets a list of running user-configured server instances
	Servers []storage.Server `json:"servers"`
	// ValidateServers specifies whether the update should validate the servers
	ValidateServers bool `json:"validate,omitempty"`
}

OperationUpdateRequest defines the user-customized subset of the provisioner configuration

type Operations 

type Operations interface {
	// GetSiteInstructions returns shell script with instructions
	// to execute for particular install agent
	// params are url query parameters that are optional
	// and can specify selected interface, and other things
	GetSiteInstructions(token string, serverProfile string, params url.Values) (string, error)

	// GetSiteOperations returns a list of operations executed for this site
	GetSiteOperations(key SiteKey, filter OperationsFilter) (SiteOperations, error)

	// CreateSiteInstallOperation initiates install operation for the site
	// this operation can be currently run only once
	//
	// 1. This method is called as a first step to initiate install operation.
	CreateSiteInstallOperation(context.Context, CreateSiteInstallOperationRequest) (*SiteOperationKey, error)

	// GetSiteInstallOperationAgentReport returns runtime information
	// about servers as reported by remote install agents
	//
	// 2. This method is called as a second step to get information
	// about servers participating in the operations
	GetSiteInstallOperationAgentReport(context.Context, SiteOperationKey) (*AgentReport, error)

	// SiteInstallOperationStart begins actual install using
	// the Operation plan configured as a previous step
	//
	// 3. This method is called as a third step to begin install
	SiteInstallOperationStart(SiteOperationKey) error

	// CreateSiteUninstallOperation initiates uninstall operation
	// for this site that will delete all machines and state including
	// it kicks off uninstall of the site immediately
	CreateSiteUninstallOperation(context.Context, CreateSiteUninstallOperationRequest) (*SiteOperationKey, error)

	// CreateClusterGarbageCollectOperation creates a new garbage collection operation
	// in the cluster
	CreateClusterGarbageCollectOperation(context.Context, CreateClusterGarbageCollectOperationRequest) (*SiteOperationKey, error)

	// CreateClusterReconfigureOperation create a new cluster reconfiguration operation.
	CreateClusterReconfigureOperation(context.Context, CreateClusterReconfigureOperationRequest) (*SiteOperationKey, error)

	// GetsiteOperation returns the operation information based on it's key
	GetSiteOperation(SiteOperationKey) (*SiteOperation, error)

	// GetOperationLogs returns a stream of actions executed
	// in the context of this operation
	//
	// This method is called after operation start to retrieve a stream of logs
	// related to this operation periodically
	GetSiteOperationLogs(SiteOperationKey) (io.ReadCloser, error)

	// CreateLogEntry appends the provided log entry to the operation's log file
	CreateLogEntry(SiteOperationKey, LogEntry) error

	// GetSiteOperationProgress returns last progress entry of a given operation
	//
	// This method is called periodically after operation start
	// process to get the progress report
	GetSiteOperationProgress(SiteOperationKey) (*ProgressEntry, error)

	// CreateProgressEntry creates a new progress entry for the specified
	// operation
	CreateProgressEntry(SiteOperationKey, ProgressEntry) error

	// CreateSiteExpandOperation initiates operation that adds nodes
	// to the cluster
	//
	// 1. This method is called as a first step to initiate expand operation
	CreateSiteExpandOperation(context.Context, CreateSiteExpandOperationRequest) (*SiteOperationKey, error)

	// GetSiteExpandOperationAgentReport returns runtime information
	// about servers as reported by remote install agents
	//
	// 2. This method is called as a second step to get information
	// about servers participating in the operations
	GetSiteExpandOperationAgentReport(context.Context, SiteOperationKey) (*AgentReport, error)

	// SiteExpandOperationStart begins actual expand using
	// the Operation plan configured as a previous step
	//
	// 3. This method is called as a third step to begin expansion
	SiteExpandOperationStart(SiteOperationKey) error

	// CreateSiteShrinkOperation initiates an operation that removes nodes
	// from the cluster
	CreateSiteShrinkOperation(context.Context, CreateSiteShrinkOperationRequest) (*SiteOperationKey, error)

	// CreateSiteAppUpdateOpeation initiates an operation that updates an application
	// installed on a site to a new version
	CreateSiteAppUpdateOperation(context.Context, CreateSiteAppUpdateOperationRequest) (*SiteOperationKey, error)

	// ResumeShrink resumes the started shrink operation if the node being shrunk gave up
	// its leadership
	ResumeShrink(key SiteKey) (*SiteOperationKey, error)

	// UpdateInstallOperationState updates the state of an install operation
	UpdateInstallOperationState(key SiteOperationKey, req OperationUpdateRequest) error

	// UpdateExpandOperationState updates the state of an expand operation
	UpdateExpandOperationState(key SiteOperationKey, req OperationUpdateRequest) error

	// DeleteSiteOperation removes an unstarted operation
	DeleteSiteOperation(SiteOperationKey) error

	// SetOperationState moves operation into specified state
	SetOperationState(ctx context.Context, key SiteOperationKey, req SetOperationStateRequest) error

	// CreateOperationPlan saves the provided operation plan
	CreateOperationPlan(SiteOperationKey, storage.OperationPlan) error

	// CreateOperationPlanChange creates a new changelog entry for a plan
	CreateOperationPlanChange(SiteOperationKey, storage.PlanChange) error

	// GetOperationPlan returns plan for the specified operation
	GetOperationPlan(SiteOperationKey) (*storage.OperationPlan, error)
}

Operations installs and uninstalls gravity on a given site, it takes care of provisioning, configuring and deploying end user application as well as our system packages like planet and teleport

type OperationsFilter 

type OperationsFilter struct {
	// Last indicates to only return the last operation
	Last bool

	// First indicates to only return the first operation
	First bool

	// Complete indicates to only return completed operations
	Complete bool

	// Finished indicates to only return finished operations (complete or failed)
	Finished bool

	// Active indicate to only return active operations
	Active bool

	// Types indicates to only return an operation type (ie OperationExpand)
	Types []string
}

OperationsFilter represents a filter to apply to results when listing operations

func FilterFromURLValues 

func FilterFromURLValues(v url.Values) (f OperationsFilter)

FilterFromURLValues returns an operations filter based on set URL values

func (OperationsFilter) Filter 

func (filter OperationsFilter) Filter(in SiteOperations) SiteOperations

Filter takes a list of operations and filters the results based on the set filter parameters

func (OperationsFilter) URLValues 

func (filter OperationsFilter) URLValues() (res url.Values)

URLValues converts the filter to a set of URL values that can be passed via the API

type Operator 

type Operator interface {
	Accounts
	Applications
	Users
	APIKeys
	Sites
	Status
	Operations
	Validation
	LogForwarders
	Monitoring
	SMTP
	Endpoints
	Tokens
	Certificates
	Leader
	Install
	Updates
	Identity
	RuntimeEnvironment
	ClusterConfiguration
	PersistentStorage
	Audit
}

Operator is capable of adding and deleting sites, updgrades and downgrades and modifying existing sites

func OperatorFromContext 

func OperatorFromContext(ctx context.Context) Operator

OperatorFromContext extracts the operator from the specified context if present.

type OperatorACL 

type OperatorACL struct {
	log.FieldLogger
	// contains filtered or unexported fields
}

OperatorACL is a wrapper around any Operator service that implements ACLs - access control lists for every operation

func OperatorWithACL 

func OperatorWithACL(operator Operator, users users.Identity, user storage.User, checker teleservices.AccessChecker) *OperatorACL

OperatorWithACL retruns new instance of the Operator interface that is checking every action against this username privileges

func (*OperatorACL) Action 

func (o *OperatorACL) Action(resourceKind, action string) error

Action checks access to the specified action on the specified resource kind

func (*OperatorACL) ActivateSite 

func (o *OperatorACL) ActivateSite(req ActivateSiteRequest) error

func (*OperatorACL) AuthConnectorActions 

func (o *OperatorACL) AuthConnectorActions(connectorKind string, actions ...string) error

AuthConnectorActions checks access to the specified actions on the "auth connector" resource

First, access to the provided specific connector type is checked, e.g. "oidc" or "saml". If that fails, then access to a generic "auth_connector" resource type (that encompasses all kinds of connectors) is checked.

func (*OperatorACL) CheckSiteStatus 

func (o *OperatorACL) CheckSiteStatus(ctx context.Context, key SiteKey) error

func (*OperatorACL) ClusterAction 

func (o *OperatorACL) ClusterAction(clusterName, resourceKind, action string) error

func (*OperatorACL) CompleteFinalInstallStep 

func (o *OperatorACL) CompleteFinalInstallStep(req CompleteFinalInstallStepRequest) error

func (*OperatorACL) ConfigureNode 

func (o *OperatorACL) ConfigureNode(req ConfigureNodeRequest) error

func (*OperatorACL) ConfigurePackages 

func (o *OperatorACL) ConfigurePackages(req ConfigurePackagesRequest) error

ConfigurePackages packages configures packages for the specified operation

func (*OperatorACL) CreateAPIKey 

func (o *OperatorACL) CreateAPIKey(ctx context.Context, req NewAPIKeyRequest) (*storage.APIKey, error)

func (*OperatorACL) CreateAccount 

func (o *OperatorACL) CreateAccount(req NewAccountRequest) (*Account, error)

func (*OperatorACL) CreateClusterGarbageCollectOperation 

func (o *OperatorACL) CreateClusterGarbageCollectOperation(ctx context.Context, req CreateClusterGarbageCollectOperationRequest) (*SiteOperationKey, error)

CreateClusterGarbageCollectOperation creates a new garbage collection operation in the cluster

func (*OperatorACL) CreateClusterReconfigureOperation 

func (o *OperatorACL) CreateClusterReconfigureOperation(ctx context.Context, req CreateClusterReconfigureOperationRequest) (*SiteOperationKey, error)

CreateClusterReconfigureOperation creates a new cluster reconfiguration operation.

func (*OperatorACL) CreateInstallToken 

func (o *OperatorACL) CreateInstallToken(req NewInstallTokenRequest) (*storage.InstallToken, error)

func (*OperatorACL) CreateLogEntry 

func (o *OperatorACL) CreateLogEntry(key SiteOperationKey, entry LogEntry) error

func (*OperatorACL) CreateLogForwarder 

func (o *OperatorACL) CreateLogForwarder(ctx context.Context, key SiteKey, forwarder storage.LogForwarder) error

CreateLogForwarder creates a new log forwarder

func (*OperatorACL) CreateOperationPlan 

func (o *OperatorACL) CreateOperationPlan(key SiteOperationKey, plan storage.OperationPlan) error

CreateOperationPlan saves the provided operation plan

func (*OperatorACL) CreateOperationPlanChange 

func (o *OperatorACL) CreateOperationPlanChange(key SiteOperationKey, change storage.PlanChange) error

CreateOperationPlanChange creates a new changelog entry for a plan

func (*OperatorACL) CreateProgressEntry 

func (o *OperatorACL) CreateProgressEntry(key SiteOperationKey, entry ProgressEntry) error

func (*OperatorACL) CreateProvisioningToken 

func (o *OperatorACL) CreateProvisioningToken(token storage.ProvisioningToken) error

func (*OperatorACL) CreateSite 

func (o *OperatorACL) CreateSite(req NewSiteRequest) (*Site, error)

func (*OperatorACL) CreateSiteAppUpdateOperation 

func (o *OperatorACL) CreateSiteAppUpdateOperation(ctx context.Context, req CreateSiteAppUpdateOperationRequest) (*SiteOperationKey, error)

func (*OperatorACL) CreateSiteExpandOperation 

func (o *OperatorACL) CreateSiteExpandOperation(ctx context.Context, req CreateSiteExpandOperationRequest) (*SiteOperationKey, error)

func (*OperatorACL) CreateSiteInstallOperation 

func (o *OperatorACL) CreateSiteInstallOperation(ctx context.Context, req CreateSiteInstallOperationRequest) (*SiteOperationKey, error)

func (*OperatorACL) CreateSiteShrinkOperation 

func (o *OperatorACL) CreateSiteShrinkOperation(ctx context.Context, req CreateSiteShrinkOperationRequest) (*SiteOperationKey, error)

func (*OperatorACL) CreateSiteUninstallOperation 

func (o *OperatorACL) CreateSiteUninstallOperation(ctx context.Context, req CreateSiteUninstallOperationRequest) (*SiteOperationKey, error)

func (*OperatorACL) CreateUpdateConfigOperation 

func (o *OperatorACL) CreateUpdateConfigOperation(ctx context.Context, req CreateUpdateConfigOperationRequest) (*SiteOperationKey, error)

CreateUpdateConfigOperation creates a new operation to update cluster configuration

func (*OperatorACL) CreateUpdateEnvarsOperation 

func (o *OperatorACL) CreateUpdateEnvarsOperation(ctx context.Context, req CreateUpdateEnvarsOperationRequest) (*SiteOperationKey, error)

CreateUpdateEnvarsOperation creates a new operation to update cluster environment variables

func (*OperatorACL) CreateUser 

func (o *OperatorACL) CreateUser(req NewUserRequest) error

func (*OperatorACL) CreateUserInvite 

func (o *OperatorACL) CreateUserInvite(ctx context.Context, req CreateUserInviteRequest) (*storage.UserToken, error)

CreateUserInvite creates a new invite token for a user.

func (*OperatorACL) CreateUserReset 

func (o *OperatorACL) CreateUserReset(ctx context.Context, req CreateUserResetRequest) (*storage.UserToken, error)

CreateUserReset creates a new reset token for a user.

func (*OperatorACL) DeactivateSite 

func (o *OperatorACL) DeactivateSite(req DeactivateSiteRequest) error

func (*OperatorACL) DeleteAPIKey 

func (o *OperatorACL) DeleteAPIKey(ctx context.Context, userEmail, token string) error

func (*OperatorACL) DeleteAlert 

func (o *OperatorACL) DeleteAlert(ctx context.Context, key SiteKey, name string) error

func (*OperatorACL) DeleteAlertTarget 

func (o *OperatorACL) DeleteAlertTarget(ctx context.Context, key SiteKey) error

func (*OperatorACL) DeleteClusterCertificate 

func (o *OperatorACL) DeleteClusterCertificate(ctx context.Context, key SiteKey) error

func (*OperatorACL) DeleteGithubConnector 

func (o *OperatorACL) DeleteGithubConnector(ctx context.Context, key SiteKey, name string) error

DeleteGithubConnector deletes a Github connector by name

func (*OperatorACL) DeleteLocalUser 

func (o *OperatorACL) DeleteLocalUser(name string) error

func (*OperatorACL) DeleteLogForwarder 

func (o *OperatorACL) DeleteLogForwarder(ctx context.Context, key SiteKey, forwarderName string) error

DeleteLogForwarder deletes a log forwarder

func (*OperatorACL) DeleteSMTPConfig 

func (o *OperatorACL) DeleteSMTPConfig(ctx context.Context, key SiteKey) error

func (*OperatorACL) DeleteSite 

func (o *OperatorACL) DeleteSite(siteKey SiteKey) error

func (*OperatorACL) DeleteSiteOperation 

func (o *OperatorACL) DeleteSiteOperation(key SiteOperationKey) error

func (*OperatorACL) DeleteUser 

func (o *OperatorACL) DeleteUser(ctx context.Context, key SiteKey, name string) error

DeleteUser deletes a user by name

func (*OperatorACL) DeleteUserInvite 

func (o *OperatorACL) DeleteUserInvite(ctx context.Context, req DeleteUserInviteRequest) error

DeleteUserInvite deletes the specified user invite.

func (*OperatorACL) EmitAuditEvent 

func (o *OperatorACL) EmitAuditEvent(ctx context.Context, req AuditEventRequest) error

EmitAuditEvent saves the provided event in the audit log.

func (*OperatorACL) GetAPIKeys 

func (o *OperatorACL) GetAPIKeys(userEmail string) ([]storage.APIKey, error)

func (*OperatorACL) GetAccount 

func (o *OperatorACL) GetAccount(accountID string) (*Account, error)

func (*OperatorACL) GetAccounts 

func (o *OperatorACL) GetAccounts() ([]Account, error)

func (*OperatorACL) GetAlertTargets 

func (o *OperatorACL) GetAlertTargets(key SiteKey) ([]storage.AlertTarget, error)

func (*OperatorACL) GetAlerts 

func (o *OperatorACL) GetAlerts(key SiteKey) ([]storage.Alert, error)

func (*OperatorACL) GetAppInstaller 

func (o *OperatorACL) GetAppInstaller(req AppInstallerRequest) (io.ReadCloser, error)

func (*OperatorACL) GetApplicationEndpoints 

func (o *OperatorACL) GetApplicationEndpoints(key SiteKey) ([]Endpoint, error)

func (*OperatorACL) GetAuthGateway 

func (o *OperatorACL) GetAuthGateway(key SiteKey) (storage.AuthGateway, error)

GetAuthGateway returns auth gateway configuration.

func (*OperatorACL) GetClusterAgent 

func (o *OperatorACL) GetClusterAgent(req ClusterAgentRequest) (*storage.LoginEntry, error)

func (*OperatorACL) GetClusterAuthPreference 

func (o *OperatorACL) GetClusterAuthPreference(key SiteKey) (teleservices.AuthPreference, error)

GetClusterAuthPreference returns cluster authentication preference

func (*OperatorACL) GetClusterCertificate 

func (o *OperatorACL) GetClusterCertificate(key SiteKey, withSecrets bool) (*ClusterCertificate, error)

func (*OperatorACL) GetClusterConfiguration 

func (o *OperatorACL) GetClusterConfiguration(key SiteKey) (clusterconfig.Interface, error)

GetClusterConfiguration retrieves the cluster configuration

func (*OperatorACL) GetClusterEnvironmentVariables 

func (o *OperatorACL) GetClusterEnvironmentVariables(key SiteKey) (storage.EnvironmentVariables, error)

GetClusterEnvironmentVariables retrieves the cluster runtime environment variables

func (*OperatorACL) GetClusterMetrics 

func (o *OperatorACL) GetClusterMetrics(ctx context.Context, req ClusterMetricsRequest) (*ClusterMetricsResponse, error)

GetClusterMetrics returns basic CPU/RAM metrics for the specified cluster.

func (*OperatorACL) GetClusterNodes 

func (o *OperatorACL) GetClusterNodes(key SiteKey) ([]Node, error)

GetClusterNodes returns a real-time information about cluster nodes

func (*OperatorACL) GetCurrentUser 

func (o *OperatorACL) GetCurrentUser() (storage.User, error)

func (*OperatorACL) GetCurrentUserInfo 

func (o *OperatorACL) GetCurrentUserInfo() (*UserInfo, error)

func (*OperatorACL) GetExpandToken 

func (o *OperatorACL) GetExpandToken(key SiteKey) (*storage.ProvisioningToken, error)

func (*OperatorACL) GetGithubConnector 

func (o *OperatorACL) GetGithubConnector(key SiteKey, name string, withSecrets bool) (teleservices.GithubConnector, error)

GetGithubConnector returns a Github connector by name

Returned connector exclude client secret unless withSecrets is true.

func (*OperatorACL) GetGithubConnectors 

func (o *OperatorACL) GetGithubConnectors(key SiteKey, withSecrets bool) ([]teleservices.GithubConnector, error)

GetGithubConnectors returns all Github connectors

Returned connectors exclude client secret unless withSecrets is true.

func (*OperatorACL) GetLocalSite 

func (o *OperatorACL) GetLocalSite(ctx context.Context) (*Site, error)

func (*OperatorACL) GetLocalUser 

func (o *OperatorACL) GetLocalUser(key SiteKey) (storage.User, error)

func (*OperatorACL) GetLogForwarders 

func (o *OperatorACL) GetLogForwarders(key SiteKey) ([]storage.LogForwarder, error)

GetLogForwarders returns a list of configured log forwarders

func (*OperatorACL) GetOperationPlan 

func (o *OperatorACL) GetOperationPlan(key SiteOperationKey) (*storage.OperationPlan, error)

GetOperationPlan returns plan for the specified operation

func (*OperatorACL) GetPersistentStorage 

func (o *OperatorACL) GetPersistentStorage(ctx context.Context, key SiteKey) (storage.PersistentStorage, error)

GetPersistentStorage retrieves cluster persistent storage configuration.

func (*OperatorACL) GetSMTPConfig 

func (o *OperatorACL) GetSMTPConfig(key SiteKey) (storage.SMTPConfig, error)

func (*OperatorACL) GetSite 

func (o *OperatorACL) GetSite(siteKey SiteKey) (site *Site, err error)

func (*OperatorACL) GetSiteByDomain 

func (o *OperatorACL) GetSiteByDomain(domainName string) (*Site, error)

func (*OperatorACL) GetSiteExpandOperationAgentReport 

func (o *OperatorACL) GetSiteExpandOperationAgentReport(ctx context.Context, key SiteOperationKey) (*AgentReport, error)

func (*OperatorACL) GetSiteInstallOperationAgentReport 

func (o *OperatorACL) GetSiteInstallOperationAgentReport(ctx context.Context, key SiteOperationKey) (*AgentReport, error)

func (*OperatorACL) GetSiteInstructions 

func (o *OperatorACL) GetSiteInstructions(tokenID string, serverProfile string, params url.Values) (string, error)

func (*OperatorACL) GetSiteOperation 

func (o *OperatorACL) GetSiteOperation(key SiteOperationKey) (*SiteOperation, error)

func (*OperatorACL) GetSiteOperationLogs 

func (o *OperatorACL) GetSiteOperationLogs(key SiteOperationKey) (io.ReadCloser, error)

func (*OperatorACL) GetSiteOperationProgress 

func (o *OperatorACL) GetSiteOperationProgress(key SiteOperationKey) (*ProgressEntry, error)

func (*OperatorACL) GetSiteOperations 

func (o *OperatorACL) GetSiteOperations(key SiteKey, f OperationsFilter) (SiteOperations, error)

func (*OperatorACL) GetSiteReport 

func (o *OperatorACL) GetSiteReport(ctx context.Context, req GetClusterReportRequest) (io.ReadCloser, error)

func (*OperatorACL) GetSites 

func (o *OperatorACL) GetSites(accountID string) ([]Site, error)

func (*OperatorACL) GetTrustedClusterToken 

func (o *OperatorACL) GetTrustedClusterToken(key SiteKey) (storage.Token, error)

func (*OperatorACL) GetUser 

func (o *OperatorACL) GetUser(key SiteKey, name string) (teleservices.User, error)

GetUser returns a user by name

func (*OperatorACL) GetUserInvites 

func (o *OperatorACL) GetUserInvites(ctx context.Context, key SiteKey) ([]storage.UserInvite, error)

GetUserInvites returns all active user invites.

func (*OperatorACL) GetUsers 

func (o *OperatorACL) GetUsers(key SiteKey) ([]teleservices.User, error)

GetUsers returns all users

func (*OperatorACL) GetVersion 

func (o *OperatorACL) GetVersion(ctx context.Context) (*proto.Version, error)

GetVersion returns the server version information.

func (*OperatorACL) ListReleases 

func (o *OperatorACL) ListReleases(req ListReleasesRequest) ([]storage.Release, error)

ListReleases returns all currently installed application releases in a cluster.

func (*OperatorACL) ResetUserPassword 

func (o *OperatorACL) ResetUserPassword(req ResetUserPasswordRequest) (string, error)

func (*OperatorACL) ResumeShrink 

func (o *OperatorACL) ResumeShrink(key SiteKey) (*SiteOperationKey, error)

func (*OperatorACL) RotatePlanetConfig 

func (o *OperatorACL) RotatePlanetConfig(req RotatePlanetConfigRequest) (*RotatePackageResponse, error)

func (*OperatorACL) RotateSecrets 

func (o *OperatorACL) RotateSecrets(req RotateSecretsRequest) (*RotatePackageResponse, error)

func (*OperatorACL) RotateTeleportConfig 

func (o *OperatorACL) RotateTeleportConfig(req RotateTeleportConfigRequest) (*RotatePackageResponse, *RotatePackageResponse, error)

func (*OperatorACL) SetOperationState 

func (o *OperatorACL) SetOperationState(ctx context.Context, key SiteOperationKey, req SetOperationStateRequest) error

func (*OperatorACL) SignSSHKey 

func (o *OperatorACL) SignSSHKey(req SSHSignRequest) (*SSHSignResponse, error)

SignSSHKey signs SSH Public Key with SSH user certificate authority of this site

func (*OperatorACL) SignTLSKey 

func (o *OperatorACL) SignTLSKey(req TLSSignRequest) (*TLSSignResponse, error)

SignTLSKey signs X509 Public Key with X509 certificate authority of this site

func (*OperatorACL) SiteExpandOperationStart 

func (o *OperatorACL) SiteExpandOperationStart(key SiteOperationKey) error

func (*OperatorACL) SiteInstallOperationStart 

func (o *OperatorACL) SiteInstallOperationStart(key SiteOperationKey) error

func (*OperatorACL) StepDown 

func (o *OperatorACL) StepDown(key SiteKey) error

StepDown asks the process to pause its leader election heartbeat so it can give up its leadership

func (*OperatorACL) StreamOperationLogs 

func (o *OperatorACL) StreamOperationLogs(key SiteOperationKey, reader io.Reader) error

StreamOperationLogs appends the logs from the provided reader to the specified operation (user-facing) log file

func (*OperatorACL) UpdateAlert 

func (o *OperatorACL) UpdateAlert(ctx context.Context, key SiteKey, alert storage.Alert) error

func (*OperatorACL) UpdateAlertTarget 

func (o *OperatorACL) UpdateAlertTarget(ctx context.Context, key SiteKey, target storage.AlertTarget) error

func (*OperatorACL) UpdateClusterCertificate 

func (o *OperatorACL) UpdateClusterCertificate(ctx context.Context, req UpdateCertificateRequest) (*ClusterCertificate, error)

func (*OperatorACL) UpdateClusterConfiguration 

func (o *OperatorACL) UpdateClusterConfiguration(req UpdateClusterConfigRequest) error

UpdateClusterConfiguration updates the cluster configuration from the specified request

func (*OperatorACL) UpdateClusterEnvironmentVariables 

func (o *OperatorACL) UpdateClusterEnvironmentVariables(req UpdateClusterEnvironRequest) error

UpdateClusterEnvironmentVariables updates the cluster runtime environment variables from the specified request

func (*OperatorACL) UpdateExpandOperationState 

func (o *OperatorACL) UpdateExpandOperationState(key SiteOperationKey, req OperationUpdateRequest) error

func (*OperatorACL) UpdateInstallOperationState 

func (o *OperatorACL) UpdateInstallOperationState(key SiteOperationKey, req OperationUpdateRequest) error

func (*OperatorACL) UpdateLogForwarder 

func (o *OperatorACL) UpdateLogForwarder(ctx context.Context, key SiteKey, forwarder storage.LogForwarder) error

UpdateLogForwarder updates an existing log forwarder

func (*OperatorACL) UpdatePersistentStorage 

func (o *OperatorACL) UpdatePersistentStorage(ctx context.Context, req UpdatePersistentStorageRequest) error

UpdatePersistentStorage updates persistent storage configuration.

func (*OperatorACL) UpdateSMTPConfig 

func (o *OperatorACL) UpdateSMTPConfig(ctx context.Context, key SiteKey, config storage.SMTPConfig) error

func (*OperatorACL) UpdateUser 

func (o *OperatorACL) UpdateUser(ctx context.Context, req UpdateUserRequest) error

UpdateUser updates the specified user information.

func (*OperatorACL) UpsertAuthGateway 

func (o *OperatorACL) UpsertAuthGateway(ctx context.Context, key SiteKey, gw storage.AuthGateway) error

UpsertAuthGateway updates auth gateway configuration.

func (*OperatorACL) UpsertClusterAuthPreference 

func (o *OperatorACL) UpsertClusterAuthPreference(ctx context.Context, key SiteKey, auth teleservices.AuthPreference) error

UpsertClusterAuthPreference updates cluster authentication preference

func (*OperatorACL) UpsertGithubConnector 

func (o *OperatorACL) UpsertGithubConnector(ctx context.Context, key SiteKey, connector teleservices.GithubConnector) error

UpsertGithubConnector creates or updates a Github connector

func (*OperatorACL) UpsertUser 

func (o *OperatorACL) UpsertUser(ctx context.Context, key SiteKey, user teleservices.User) error

UpsertUser creates or updates a user

func (*OperatorACL) ValidateDomainName 

func (o *OperatorACL) ValidateDomainName(domainName string) error

func (*OperatorACL) ValidateRemoteAccess 

func (o *OperatorACL) ValidateRemoteAccess(req ValidateRemoteAccessRequest) (*ValidateRemoteAccessResponse, error)

func (*OperatorACL) ValidateServers 

func (o *OperatorACL) ValidateServers(ctx context.Context, req ValidateServersRequest) (*ValidateServersResponse, error)

ValidateServers runs pre-installation checks

type PersistentStorage 

type PersistentStorage interface {
	// GetPersistentStorage retrieves cluster persistent storage configuration.
	GetPersistentStorage(context.Context, SiteKey) (storage.PersistentStorage, error)
	// UpdatePersistentStorage updates cluster persistent storage configuration.
	UpdatePersistentStorage(context.Context, UpdatePersistentStorageRequest) error
}

PersistentStorage provides access to persistent storage providers configurations.

type ProgressEntry 

type ProgressEntry storage.ProgressEntry

ProgressEntry is a log entry indicating operation progress

ProgressEntry state goes through the following transitions:

in_progress -> 

failed
or
completed

func (ProgressEntry) IsCompleted 

func (r ProgressEntry) IsCompleted() bool

IsCompleted returns whether this progress entry identifies a completed (successful or failed) operation

func (ProgressEntry) IsEqual 

func (r ProgressEntry) IsEqual(other ProgressEntry) bool

IsEqual determines if this progress entry equals to other

func (ProgressEntry) IsFailed 

func (r ProgressEntry) IsFailed() bool

IsFailed returns whether this progress entry identifies a failed operation

type Proxy 

type Proxy interface {
	GetService(storage.OpsCenterLink) (Operator, error)
}

Proxy helps to manage connections and clients to remote ops centers

type RawAgentReport 

type RawAgentReport struct {
	// Message is a human readable message presented to the user
	Message string `json:"message"`
	// Servers returns a list of servers that have agents
	// installed on them
	Servers []checks.RawServerInfo `json:"servers"`
}

RawAgentReport is a transport-friendly agent report representation

func (*RawAgentReport) FromTransport 

func (r *RawAgentReport) FromTransport() (*AgentReport, error)

FromTransport converts from transport-friendly representation of agent report

type ResetUserPasswordRequest 

type ResetUserPasswordRequest struct {
	// AccountID is the ID of the account the site belongs to
	AccountID string `json:"account_id"`
	// SiteDomain is the site name to deactivate
	SiteDomain string `json:"site_domain"`
	// Email is the email of the user to reset password for
	Email string `json:"email"`
}

ResetUserPasswordRequest is a request to reset gravity site user password

type RotatePackageResponse 

type RotatePackageResponse struct {
	// Locator identifies the package
	loc.Locator `json:"locator"`
	// Reader is the package's contents
	io.Reader `json:"-"`
	// Labels specifies the labels for the new package
	Labels map[string]string `json:"labels,omitempty"`
}

RotatePackageResponse describes a response to generate a new package for an existing one.

type RotatePlanetConfigRequest 

type RotatePlanetConfigRequest struct {
	// Key identifies the cluster operation
	Key SiteOperationKey `json:"key"`
	// Server is the server to rotate configuration for
	Server storage.Server `json:"server"`
	// Manifest specifies the manifest to generate configuration with
	Manifest schema.Manifest `json:"manifest"`
	// Env specifies optional environment variables to set
	Env map[string]string `json:"env,omitempty"`
	// Config specifies optional cluster configuration resource
	Config []byte `json:"cluster_config,omitempty"`
	// RuntimePackage specifies the runtime package locator
	RuntimePackage loc.Locator `json:"runtime_package"`
	// Package specifies the configuration package locator to use.
	// If unspecified, one will be automatically generated
	Package *loc.Locator `json:"package,omitempty"`
	// DryRun specifies whether only the package locator is generated
	DryRun bool `json:"dry_run"`
}

RotatePlanetConfigRequest is a request to rotate planet server's configuration package

func (RotatePlanetConfigRequest) CheckAndSetDefaults 

func (r RotatePlanetConfigRequest) CheckAndSetDefaults() error

CheckAndSetDefaults validates this request and sets defaults

type RotateSecretsRequest 

type RotateSecretsRequest struct {
	// Key identifies the cluster
	Key SiteKey `json:"key"`
	// Server is the server to rotate secrets for
	Server storage.Server `json:"server"`
	// RuntimePackage specifies the runtime package locator
	RuntimePackage loc.Locator `json:"runtime_package"`
	// Package specifies the secrets package to use.
	// If unspecified, one will be automatically generated
	Package *loc.Locator `json:"package,omitempty"`
	// ServiceCIDR optionally specifies the new service IP range
	ServiceCIDR string `json:"service_cidr,omitempty"`
	// DryRun specifies whether only the package locator is generated
	DryRun bool `json:"dry_run"`
}

RotateSecretsRequest is a request to rotate server's secrets package

func (RotateSecretsRequest) CheckAndSetDefaults 

func (r RotateSecretsRequest) CheckAndSetDefaults() error

CheckAndSetDefaults validates this request and sets defaults

type RotateTeleportConfigRequest 

type RotateTeleportConfigRequest struct {
	// Key identifies the cluster operation
	Key SiteOperationKey `json:"key"`
	// Server is the server to rotate configuration for
	Server storage.Server `json:"server"`
	// MasterIPs lists IP addresses of all cluster master servers
	MasterIPs []string `json:"masters"`
	// TeleportPackage specifies the teleport package locator
	TeleportPackage loc.Locator `json:"teleport_package"`
	// MasterPackage specifies the configuration package to use for the cluster controller teleport service.
	// If unspecified, one will be automatically generated
	MasterPackage *loc.Locator `json:"master_package,omitempty"`
	// NodePackage specifies the configuration package to use for the teleport service on host.
	// If unspecified, one will be automatically generated
	NodePackage *loc.Locator `json:"node_package,omitempty"`
	// DryRun specifies whether only the package locator is generated
	DryRun bool `json:"dry_run"`
}

RotateTeleportConfigRequest is a request to rotate teleport server's configuration package

func (RotateTeleportConfigRequest) CheckAndSetDefaults 

func (r RotateTeleportConfigRequest) CheckAndSetDefaults() error

CheckAndSetDefaults validates this request and sets defaults

type RuntimeEnvironment 

type RuntimeEnvironment interface {
	// CreateUpdateEnvarsOperation creates a new operation to update cluster runtime environment variables
	CreateUpdateEnvarsOperation(context.Context, CreateUpdateEnvarsOperationRequest) (*SiteOperationKey, error)
	// GetClusterEnvironmentVariables retrieves the cluster runtime environment variables
	GetClusterEnvironmentVariables(SiteKey) (storage.EnvironmentVariables, error)
	// UpdateClusterEnvironmentVariables updates the cluster runtime environment variables
	// from the specified request
	UpdateClusterEnvironmentVariables(UpdateClusterEnvironRequest) error
}

RuntimeEnvironment manages runtime environment variables in cluster

type SMTP 

type SMTP interface {
	// GetSMTPConfig returns the cluster SMTP configuration
	GetSMTPConfig(SiteKey) (storage.SMTPConfig, error)
	// UpdateSMTPConfig updates the cluster SMTP configuration
	UpdateSMTPConfig(context.Context, SiteKey, storage.SMTPConfig) error
	// DeleteSMTPConfig deletes the cluster STMP configuration
	DeleteSMTPConfig(context.Context, SiteKey) error
}

SMTP defines the interface to manage cluster SMTP configuration

type SSHSignRequest 

type SSHSignRequest struct {
	// User is SSH user to get with certificate
	User string `json:"user"`
	// AccountID is Site Account ID
	AccountID string `json:"account_id"`
	// PublicKey is SSH public key to sign
	PublicKey []byte `json:"public_key"`
	// TTL is a desired TTL for the cert (max is still capped by server,
	// however user can shorten the time)
	TTL time.Duration `json:"ttl"`
	// AllowedLogins is a list of linux allowed logins
	// is set by access controller and is ignored from request
	AllowedLogins []string `json:"-"`
	// CSR is x509 request to sign a certificate using teleport's certificate
	CSR []byte `json:"csr"`
}

SSHSignRequest is a request to sign SSH public Key with teleport's certificate

type SSHSignResponse 

type SSHSignResponse struct {
	// Cert is a signed SSH certificate
	Cert []byte `json:"cert"`
	// TrustedHostAuthorities is a list of trusted host authorities of sites
	TrustedHostAuthorities []teleservices.CertAuthority `json:"trusted_authorities"`
	// TLSCert is the signed x590 certificate
	TLSCert []byte `json:"tls_cert"`
	// CACert is the teleport TLS CA certificate
	CACert []byte `json:"ca_cert"`
}

SSHSignResponse is a response to SSHSignRequest

func (*SSHSignResponse) ToRaw 

func (s *SSHSignResponse) ToRaw() (*SSHSignResponseRaw, error)

ToRaw returns wire-friendly representation of the request that does not uses any interfaces

type SSHSignResponseRaw 

type SSHSignResponseRaw struct {
	// Cert is a signed SSH certificate
	Cert []byte `json:"cert"`
	// TrustedHostAuthorities is a list of trusted host authorities of sites
	TrustedHostAuthorities []json.RawMessage `json:"trusted_authorities"`
	// TLSCert is the signed x590 certificate
	TLSCert []byte `json:"tls_cert"`
	// CACert is the teleport TLS CA certificate
	CACert []byte `json:"ca_cert"`
}

SSHSignResponseRaw is a response to SSHSignRequest that has cert authorities marshaled in old format

func (*SSHSignResponseRaw) ToNative 

func (s *SSHSignResponseRaw) ToNative() (*SSHSignResponse, error)

ToNative converts back to request that has all interfaces inside

type SeedConfig 

type SeedConfig struct {
	// Account defines an optional account to create on OpsCenter start
	Account *storage.Account `yaml:"account,omitempty"`
	// TrustedClusters is a list of externally supplied trusted clusters
	TrustedClusters []storage.TrustedCluster `yaml:"trusted_clusters,omitempty"`
	// SNIHost is the Ops Center SNI host (i.e. public endpoint hostname)
	SNIHost string `yaml:"sni_host,omitempty"`
}

SeedConfig defines optional configuration to apply on OpsCenter start

func (SeedConfig) SNIHosts 

func (c SeedConfig) SNIHosts() []string

SNIHosts returns a list of deduplicated Ops Center SNI hosts extracted from trusted clusters

func (SeedConfig) String 

func (c SeedConfig) String() string

String returns a string representation of a seed config

type SetOperationStateRequest 

type SetOperationStateRequest struct {
	// State defines the new state of the operation
	State string `json:"state"`
	// Progress is an optional progress entry to create
	Progress *ProgressEntry `json:"progress,omitempty"`
}

SetOperationStateRequest specifies the request to update operation with a given state

type Site 

type Site struct {
	// Created records site creation time
	Created time.Time `json:"created"`
	// CreatedBy is the email of a user who created the site
	CreatedBy string `json:"created_by"`
	// Domain is a site specific unique domain name (e.g. site.example.com)
	Domain string `json:"domain"`
	// AccountID is the id of the account this site belongs to
	AccountID string `json:"account_id"`
	// State is a runtime site of this installation
	State string `json:"state"`
	// Reason is the code describing the state the site is currently in
	Reason storage.Reason `json:"reason"`
	// App provides application information
	App Application `json:"app"`
	// Local specifies whether this site is local to the running
	// process (opscenter or site)
	Local bool `json:"local"`
	// Provider defines the provider this site is created with
	// Provider is either a cloud provider - i.e. AWS or Azure, a VM provider
	// such as bare-metal
	Provider string `json:"provider"`
	// Resources is additional Kubernetes resources injected at site creation
	Resources []byte `json:"resources"`
	// License is the license currently installed on this site
	License *License `json:"license,omitempty"`
	// Labels is a custom key/value metadata attached to the site
	Labels map[string]string `json:"labels"`
	// FinalInstallStepComplete indicates whether the site has completed its final installation step
	FinalInstallStepComplete bool `json:"final_install_step_complete"`
	// Location is a location where the site is deployed, for example AWS region name
	Location string `json:"location"`
	// Flavor is the initial cluster flavor.
	Flavor string `json:"flavor"`
	// UpdateInterval is how often the site checks for and downloads newer versions of the
	// installed application
	UpdateInterval time.Duration `json:"update_interval"`
	// NextUpdateCheck is the timestamp of the upcoming updates check for the site
	NextUpdateCheck time.Time `json:"next_update_check"`
	// ClusterState contains a list of servers in the running cluster
	ClusterState storage.ClusterState `json:"cluster_state"`
	// ServiceUser specifies the user to use for planet container services
	// and unprivileged kubernetes resources
	ServiceUser storage.OSUser `json:"service_user"`
	// CloudConfig describes additional cloud configuration
	CloudConfig storage.CloudConfig `json:"cloud_config"`
	// DNSOverrides contains DNS overrides for this cluster
	DNSOverrides storage.DNSOverrides `json:"dns_overrides"`
	// DNSConfig specifies the cluster local DNS server configuration
	DNSConfig storage.DNSConfig `json:"dns_config"`
	// InstallToken specifies the original token the cluster was installed with
	InstallToken string `json:"install_token"`
	// SELinux specifies whether the cluster is using SELinux support
	SELinux bool `json:"selinux,omitempty"`
}

Site represents portal site entry - a collection of servers used to support one particular application

func GetWizardCluster 

func GetWizardCluster(operator Operator) (*Site, error)

GetWizardCluster returns the cluster created by wizard install process

func (*Site) FirstMaster 

func (s *Site) FirstMaster() (*storage.Server, error)

FirstMaster returns the first cluster master node.

func (*Site) IsAWS 

func (s *Site) IsAWS() bool

IsAWS returns true if the cluster is installed using AWS provisioner

func (*Site) IsGravity 

func (s *Site) IsGravity() bool

IsGravity returns true if the cluster is running bare Gravity image.

func (*Site) IsOnline 

func (s *Site) IsOnline() bool

IsOnline returns whether this site is online

func (*Site) IsOpsCenter 

func (s *Site) IsOpsCenter() bool

IsOpsCenter returns true if the cluster is running Ops Center image.

func (*Site) Key 

func (s *Site) Key() SiteKey

Key is a helper function to return site key from a site

func (*Site) Masters 

func (s *Site) Masters() (masters storage.Servers)

Masters returns a list of master nodes from the cluster's state

func (*Site) OperationKey 

func (s *Site) OperationKey(operationID string) SiteOperationKey

OperationKey constructs an operation key for this site and provided operation ID

func (*Site) ReleaseStatus 

func (s *Site) ReleaseStatus() string

ReleaseStatus converts the cluster state to an appropriate Helm release status.

This is needed to represent the "application bundle" deployed on a cluster as an application catalog app.

func (*Site) String 

func (s *Site) String() string

String is a debug friendly representation of the site

type SiteKey 

type SiteKey struct {
	// AccountID is a unique id of the account this site belongs to
	AccountID string `json:"account_id"`
	// SiteDomain is a unique domain name of this site
	SiteDomain string `json:"site_domain"`
}

SiteKey is a key used to identify site

func (*SiteKey) Check 

func (k *SiteKey) Check() error

Check checks parameters

func (SiteKey) IsEqualTo 

func (k SiteKey) IsEqualTo(other SiteKey) bool

IsEqualTo returns true if the two cluster keys are equal.

func (SiteKey) String 

func (k SiteKey) String() string

String returns log and debug friendly representation of SiteKey

type SiteOperation 

type SiteOperation storage.SiteOperation

SiteOperation represents any operation that is performed on the site e.g. installing and uninstalling applications, adding and removing nodes performing rolling updates

func GetActiveOperations 

func GetActiveOperations(siteKey SiteKey, operator Operator) (active []SiteOperation, err error)

GetActiveOperations returns a list of currently active cluster operations

func GetActiveOperationsByType 

func GetActiveOperationsByType(siteKey SiteKey, operator Operator, opType string) (active []SiteOperation, err error)

GetActiveOperationsByType returns a list of cluster operations of the specified type that are currently in progress

func GetCompletedInstallOperation 

func GetCompletedInstallOperation(siteKey SiteKey, operator Operator) (*SiteOperation, error)

GetCompletedInstallOperation returns a completed install operation for the specified site

func GetExpandOperation 

func GetExpandOperation(backend storage.Backend) (*SiteOperation, error)

GetExpandOperation returns the first available expand operation from the provided backend

func GetLastCompletedUpdateOperation 

func GetLastCompletedUpdateOperation(siteKey SiteKey, operator Operator) (op *SiteOperation, err error)

GetLastCompletedUpdateOperation returns the last completed update operation

func GetLastShrinkOperation 

func GetLastShrinkOperation(siteKey SiteKey, operator Operator) (*SiteOperation, error)

GetLastShrinkOperation returns the last shrink operation

If there're no operations or the last operation is not of type 'shrink', returns NotFound error

func GetLastUpgradeOperation 

func GetLastUpgradeOperation(siteKey SiteKey, operator Operator) (*SiteOperation, error)

GetLastUpgradeOperation returns the most recent upgrade operation or NotFound.

func GetWizardOperation 

func GetWizardOperation(operator Operator) (*SiteOperation, error)

GetWizardOperation returns the install operation assuming that the provided operator talks to an install wizard process

func (*SiteOperation) ClusterKey 

func (s *SiteOperation) ClusterKey() SiteKey

ClusterKey returns the cluster key for this operation

func (*SiteOperation) ClusterState 

func (s *SiteOperation) ClusterState() (string, error)

ClusterState returns the respective cluster state based on the operation progress

func (*SiteOperation) GetVars 

func (s *SiteOperation) GetVars() storage.OperationVariables

GetVars returns operation specific variables

func (*SiteOperation) IsAWS 

func (s *SiteOperation) IsAWS() bool

IsAWS returns true if the operation has AWS provisioner

func (*SiteOperation) IsCompleted 

func (s *SiteOperation) IsCompleted() bool

IsCompleted returns whether the operation has completed successfully

func (*SiteOperation) IsFailed 

func (s *SiteOperation) IsFailed() bool

IsFailed returns whether operation is failed

func (*SiteOperation) IsFinished 

func (s *SiteOperation) IsFinished() bool

IsFinished returns true if the operation has finished (succeeded or failed)

func (*SiteOperation) Key 

func (s *SiteOperation) Key() SiteOperationKey

Key returns key structure that can uniquely identify this operation

func (*SiteOperation) String 

func (s *SiteOperation) String() string

String returns the textual representation of this operation

func (*SiteOperation) TypeString 

func (s *SiteOperation) TypeString() string

TypeString returns the textual representation of the operation's type

type SiteOperationKey 

type SiteOperationKey struct {
	// AccountID is account id of this operation
	AccountID string `json:"account_id"`
	// SiteDomain is a site id of the operation
	SiteDomain string `json:"site_domain"`
	// OperationID is a unique id of the operation
	OperationID string `json:"operation_id"`
}

SiteOperationKey identifies key to retrieve an opertaion

func CreateCluster 

func CreateCluster(operator Operator, clusterI storage.Cluster) (*SiteOperationKey, error)

CreateCluster is a shortcut function to create clusters, works for AWS only at the moment. If successful returns key to a started install operation.

func RemoveCluster 

func RemoveCluster(operator Operator, clusterName string) (*SiteOperationKey, error)

RemoveCluster starts cluster removal process, returns operation key

func RemoveClusterByCluster 

func RemoveClusterByCluster(operator Operator, cluster storage.Cluster) (*SiteOperationKey, error)

RemoveClusterByCluster launches uninstall operation for the provided cluster

func (SiteOperationKey) Check 

func (s SiteOperationKey) Check() error

Check makes sure the key is valid

func (SiteOperationKey) SiteKey 

func (s SiteOperationKey) SiteKey() SiteKey

SiteKey extracts site key from the operation key

func (SiteOperationKey) String 

func (s SiteOperationKey) String() string

String returns a text representation of this operation key

type SiteOperations 

type SiteOperations []storage.SiteOperation

SiteOperations groups several site operations

type Sites 

type Sites interface {
	// CreateSite creates a new site record
	CreateSite(NewSiteRequest) (*Site, error)

	// DeleteSite deletes the site record without
	// uninstalling actual resources, the site must be
	// explicitly uninstalled for resources to be freed,
	// see SiteUninstallOperation methods
	DeleteSite(SiteKey) error

	// GetSiteByDomain returns site record by it's domain name for a given
	// account
	GetSiteByDomain(domainName string) (*Site, error)

	// GetSite returns site by it's key
	GetSite(SiteKey) (*Site, error)

	// GetLocalSite returns local site for this ops center
	GetLocalSite(context.Context) (*Site, error)

	// GetSites sites lists all site records for account
	GetSites(accountID string) ([]Site, error)

	// DeactivateSite puts the site in the degraded state and, if requested,
	// stops an application
	DeactivateSite(DeactivateSiteRequest) error

	// ActivateSite moves site to the active state and, if requested, starts
	// an application
	ActivateSite(ActivateSiteRequest) error

	// CompleteFinalInstallStep marks the site as having completed the mandatory last installation step
	CompleteFinalInstallStep(CompleteFinalInstallStepRequest) error

	// GetSiteReport returns a tarball that contains all debugging information gathered for the site
	GetSiteReport(context.Context, GetClusterReportRequest) (io.ReadCloser, error)

	// SignTLSKey signs X509 Public Key with X509 certificate authority of this site
	SignTLSKey(TLSSignRequest) (*TLSSignResponse, error)

	// SignSSHKey signs SSH Public Key with teleport's certificate
	SignSSHKey(SSHSignRequest) (*SSHSignResponse, error)
}

Sites represents a collection of site records, where each site is a group of servers and installed application

type Status 

type Status interface {
	// CheckSiteStatus runs app status hook and updates site status appropriately
	CheckSiteStatus(ctx context.Context, key SiteKey) error
	// GetClusterNodes returns a real-time information about cluster nodes
	GetClusterNodes(SiteKey) ([]Node, error)
	// GetVersion returns the gravity binary version information.
	GetVersion(context.Context) (*rpcproto.Version, error)
}

Status defines operations with site status

type TLSSignRequest 

type TLSSignRequest struct {
	// AccountID is account id
	AccountID string `json:"account_id"`
	// SiteDomain is a site domain
	SiteDomain string `json:"site_domain"`
	// CSR is x509 CSR sign request
	CSR []byte `json:"csr"`
	// Subject is checked and set by Access Control Layer
	// if not provided, CSR values will be used
	Subject *signer.Subject `json:"-"`
	// TTL is a desired TTL, will be capped by server settings
	TTL time.Duration `json:"ttl"`
}

TLSSignRequest is a request to sign x509 PublicKey with site's local certificate authority

func (*TLSSignRequest) SiteKey 

func (req *TLSSignRequest) SiteKey() SiteKey

type TLSSignResponse 

type TLSSignResponse struct {
	// Cert is x509 Certificate
	Cert []byte `json:"cert"`
	// CACert is TLS CA certificate to trust
	CACert []byte `json:"ca_cert"`
}

TLSSignResponse is the response to TLSSignRequest

type TeleportProxyService 

type TeleportProxyService interface {
	// ReverseTunnelAddr is the address for
	// remote teleport cluster nodes to dial back
	ReverseTunnelAddr() string

	// CertAuthorities returns a list of certificate
	// authorities proxy wants remote teleport sites to trust.
	// withPrivateKey defines if the private key is also exported
	CertAuthorities(withPrivateKey bool) ([]teleservices.CertAuthority, error)

	// DeleteAuthority deletes teleport authorities for the provided
	// site name
	DeleteAuthority(domainName string) error

	// DeleteRemoteCluster deletes remote cluster resource
	DeleteRemoteCluster(clusterName string) error

	// TrustCertAuthority sets up trust for certificate authority
	TrustCertAuthority(teleservices.CertAuthority) error

	// GetServers returns a list of servers matching particular label key value
	// pair expression and returns a list of servers
	// domainName is a site domain name
	GetServers(ctx context.Context, domainName string, labels map[string]string) ([]teleservices.Server, error)

	// GetServerCount returns a number of servers belonging to a particular site
	GetServerCount(ctx context.Context, domainName string) (int, error)

	// ExecuteCommand executes a command on a remote node addrress
	// for a given site domain
	ExecuteCommand(ctx context.Context, domainName, nodeAddr, command string, stdout, stderr io.Writer) error

	// GetClient returns admin client to local proxy
	GetClient() teleauth.ClientI

	// GenerateUserCert signs SSH public key with certificate authority of this proxy's user CA
	GenerateUserCert(pub []byte, user string, ttl time.Duration) ([]byte, error)

	// GetLocalAuthorityDomain returns domain for local CA authority
	GetLocalAuthorityDomain() string

	// GetCertAuthorities returns a list of cert authorities this proxy trusts
	GetCertAuthorities(caType teleservices.CertAuthType) ([]teleservices.CertAuthority, error)

	// GetCertAuthority returns the requested certificate authority
	GetCertAuthority(id teleservices.CertAuthID, loadSigningKeys bool) (*authority.TLSKeyPair, error)

	// GetPlanetLeaderIP returns the IP address of the active planet leader
	GetPlanetLeaderIP() string

	// GetProxyClient returns proxy client
	GetProxyClient(ctx context.Context, siteName string, labels map[string]string) (*teleclient.ProxyClient, error)
}

TeleportProxyService is SSH proxy access portal - gives access to remote sites via SSH

type Tokens 

type Tokens interface {
	// CreateInstallToken creates a one-time install token
	CreateInstallToken(NewInstallTokenRequest) (*storage.InstallToken, error)
	// CreateProvisioningToken creates a new provisioning token
	CreateProvisioningToken(storage.ProvisioningToken) error
	// GetExpandToken returns the cluster's expand token
	GetExpandToken(SiteKey) (*storage.ProvisioningToken, error)
	// GetTrustedClusterToken returns the cluster's trusted cluster token
	GetTrustedClusterToken(SiteKey) (storage.Token, error)
}

Tokens represents a token management layer

type UpdateCertificateRequest 

type UpdateCertificateRequest struct {
	// AccountID is the cluster's account ID
	AccountID string `json:"account_id"`
	// SiteDomain is the cluster name
	SiteDomain string `json:"site_domain"`
	// Certificate is the new cluster certificate
	Certificate []byte `json:"certificate"`
	// PrivateKey is the certificate's private key
	PrivateKey []byte `json:"private_key"`
	// Intermediate is an optional certificate chain
	Intermediate []byte `json:"intermediate"`
}

UpdateCertificateRequest is the request to update the cluster certificate

func (UpdateCertificateRequest) Check 

func (r UpdateCertificateRequest) Check() error

Check makes sure the update certificate request is valid

type UpdateClusterConfigRequest 

type UpdateClusterConfigRequest struct {
	// ClusterKey identifies the cluster
	ClusterKey SiteKey `json:"cluster_key"`
	// Config specifies the new configuration as JSON-encoded payload
	Config []byte `json:"config,omitempty"`
}

UpdateClusterConfigRequest is a request to update cluster configuration

type UpdateClusterEnvironRequest 

type UpdateClusterEnvironRequest struct {
	// ClusterKey identifies the cluster
	ClusterKey SiteKey `json:"cluster_key"`
	// Env specifies the new runtime environment
	Env map[string]string `json:"env,omitempty"`
}

UpdateClusterEnvironRequest is a request to update cluster runtime environment

type UpdateClusterEnvironmentVariablesRequest 

type UpdateClusterEnvironmentVariablesRequest struct {
	// Key identifies the cluster
	Key SiteKey
	// Env specifies the new environment
	Env storage.EnvironmentVariables `json:"env"`
}

UpdateClusterEnvironmentVariablesRequest describes the request to update cluster runtime environment variables

func (UpdateClusterEnvironmentVariablesRequest) Check 

func (r UpdateClusterEnvironmentVariablesRequest) Check() error

Check validates this request

type UpdatePersistentStorageRequest 

type UpdatePersistentStorageRequest struct {
	// SiteKey identifies the cluster.
	SiteKey
	// Resource is the new persistent storage configuration resource.
	Resource storage.PersistentStorage
}

UpdatePersistentStorageRequest is a request to update cluster persistent storage configuration.

type UpdateUserRequest 

type UpdateUserRequest struct {
	// SiteKey is the key of the cluster to route request to.
	SiteKey
	// Name is the name of the user to update.
	Name string `json:"name"`
	// FullName is the full user name.
	FullName string `json:"full_name"`
	// Roles is a new list of user roles.
	Roles []string `json:"roles"`
}

UpdateUserRequest is a request to update existing user information.

func (*UpdateUserRequest) Check 

func (r *UpdateUserRequest) Check() error

Check validates the request.

type Updates 

type Updates interface {
	// RotateSecrets rotates secrets package for the server specified in the request
	RotateSecrets(RotateSecretsRequest) (*RotatePackageResponse, error)

	// RotatePlanetConfig rotates planet configuration package for the server specified in the request
	RotatePlanetConfig(RotatePlanetConfigRequest) (*RotatePackageResponse, error)

	// RotateTeleportConfig rotates teleport configuration package for the server specified in the request
	RotateTeleportConfig(RotateTeleportConfigRequest) (masterConfig *RotatePackageResponse, nodeConfig *RotatePackageResponse, err error)

	// ConfigureNode prepares the node for the upgrade
	ConfigureNode(ConfigureNodeRequest) error
}

Updates enables manual cluster update management

type UserInfo 

type UserInfo struct {
	// User identifies the user
	User storage.User `json:"user"`
	// KubernetesGroups lists all groups the user has access to
	KubernetesGroups []string `json:"kubernetes_groups"`
}

UserInfo represents information about current user

func (UserInfo) ToCSR 

func (u UserInfo) ToCSR() csr.CertificateRequest

ToCSR returns a certificate signing request for this user

func (*UserInfo) ToRaw 

func (u *UserInfo) ToRaw() (*UserInfoRaw, error)

ToRaw returns wire-friendly representation of the request that does not uses any interfaces

type UserInfoRaw 

type UserInfoRaw struct {
	// User defines the user details in unstructured form
	User json.RawMessage `json:"user"`
	// KubernetesGroups lists all groups the user has access to
	KubernetesGroups []string `json:"kubernetes_groups"`
}

UserInfoRaw defines a wire-friendly user representation

func (*UserInfoRaw) ToNative 

func (u *UserInfoRaw) ToNative() (*UserInfo, error)

ToNative converts back to request that has all interfaces inside

type Users 

type Users interface {
	// CreateUser creates a new user
	CreateUser(NewUserRequest) error

	// DeleteLocalUser deletes a user by name
	DeleteLocalUser(name string) error

	// GetCurrentUser returns user that is currently logged in
	GetCurrentUser() (storage.User, error)

	// GetCurrentUserInfo returns extended information
	// about user
	GetCurrentUserInfo() (*UserInfo, error)

	// GetLocalUser returns the local gravity site user
	GetLocalUser(SiteKey) (storage.User, error)

	// ResetUserPassword resets the user password and returns the new one
	ResetUserPassword(ResetUserPasswordRequest) (string, error)

	// GetClusterAgent returns the specified cluster agent
	GetClusterAgent(ClusterAgentRequest) (*storage.LoginEntry, error)

	// UpdateUser updates the specified user information.
	UpdateUser(context.Context, UpdateUserRequest) error
	// CreateUserInvite creates a new invite token for a user.
	CreateUserInvite(context.Context, CreateUserInviteRequest) (*storage.UserToken, error)
	// CreateUserReset creates a new reset token for a user.
	CreateUserReset(context.Context, CreateUserResetRequest) (*storage.UserToken, error)
	// GetUserInvites returns all active user invites.
	GetUserInvites(context.Context, SiteKey) ([]storage.UserInvite, error)
	// DeleteUserInvite deletes the specified user invite.
	DeleteUserInvite(context.Context, DeleteUserInviteRequest) error
}

Users represents a collection of users in the portal

type ValidateRemoteAccessRequest 

type ValidateRemoteAccessRequest struct {
	// AccountID is the site's account ID
	AccountID string `json:"account_id"`
	// SiteDomain is the site domain name
	SiteDomain string `json:"site_domain"`
	// NodeLabels specifies an optional set of labels to filter nodes with.
	// If empty, all nodes are used
	NodeLabels map[string]string `json:"labels"`
}

ValidateRemoteAccessRequest describes a request to run a set of commands on nodes in the cluster

func (ValidateRemoteAccessRequest) SiteKey 

func (r ValidateRemoteAccessRequest) SiteKey() SiteKey

SiteKey returns a site key from this request

type ValidateRemoteAccessResponse 

type ValidateRemoteAccessResponse struct {
	// Results lists results from nodes
	Results []NodeResponse `json:"results"`
}

ValidateRemoteAccessResponse describes a request to run a set of commands on nodes in the cluster

type ValidateServersRequest 

type ValidateServersRequest struct {
	// AccountID is the site's account ID
	AccountID string `json:"account_id"`
	// SiteDomain is the site domain name
	SiteDomain string `json:"site_domain"`
	// Servers is onprem servers to run checks for
	Servers []storage.Server `json:"servers"`
	// OperationID identifies the operation
	OperationID string `json:"operation_id"`
}

ValidateServersRequest is a request to run pre-installation checks

func (ValidateServersRequest) Check 

func (r ValidateServersRequest) Check() error

Check validates this request

func (ValidateServersRequest) OperationKey 

func (r ValidateServersRequest) OperationKey() SiteOperationKey

OperationKey returns the operation key from this request

func (ValidateServersRequest) SiteKey 

func (r ValidateServersRequest) SiteKey() SiteKey

SiteKey returns a site key from this request

type ValidateServersResponse 

type ValidateServersResponse struct {
	// Probes is a list of failed probes.
	Probes []*agentpb.Probe
}

ValidateServersResponse contains servers validation results.

func (*ValidateServersResponse) Failures 

func (r *ValidateServersResponse) Failures() (probes []*agentpb.Probe)

Failures returns all failed probes.

func (*ValidateServersResponse) Warnings 

func (r *ValidateServersResponse) Warnings() (probes []*agentpb.Probe)

Warnings returns all warning-level probes.

type Validation 

type Validation interface {
	// ValidateDomainName validates that the chosen domain name is unique
	ValidateDomainName(domainName string) error
	// ValidateServers runs pre-installation checks
	ValidateServers(context.Context, ValidateServersRequest) (*ValidateServersResponse, error)
	// ValidateRemoteAccess verifies that the cluster nodes are accessible remotely
	ValidateRemoteAccess(ValidateRemoteAccessRequest) (*ValidateRemoteAccessResponse, error)
}

Validation defines a set of data validation primitives

Source Files

View all Source files

Directories

Path Synopsis
gravity
package suite contains a ops service acceptance test suite that is backend implementation independent, used both for services and clients
 package suite contains a ops service acceptance test suite that is backend implementation independent, used both for services and clients

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.