Documentation ¶
Index ¶
- type Client
- func (c *Client) ClientConfig(ctx context.Context, cluster string) (client.Config, error)
- func (c *Client) Close() error
- func (c *Client) ClusterDetails(ctx context.Context) (ClusterDetails, error)
- func (c *Client) ClusterName() string
- func (c *Client) DialHost(ctx context.Context, target, cluster string, keyring agent.ExtendedAgent) (net.Conn, ClusterDetails, error)
- func (c *Client) Ping(ctx context.Context) error
- func (c *Client) SSHConfig(user string) *ssh.ClientConfig
- type ClientConfig
- type ClusterDetails
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client is a client to the Teleport Proxy SSH server on behalf of a user. The Proxy SSH port used to serve only SSH, however portions of the api are being migrated to gRPC to reduce latency. The Client is capable of communicating to the Proxy via both mechanism; by default it will choose to use gRPC over SSH where it is able to.
func NewClient ¶
func NewClient(ctx context.Context, cfg ClientConfig) (*Client, error)
NewClient creates a new Client that attempts to connect to the gRPC server being served by the Proxy SSH port by default. If unable to connect the Client falls back to connecting to the Proxy SSH port via SSH.
If it is known that the gRPC server doesn't serve the required API of the caller, then prefer to use NewSSHClient instead which omits the gRPC dialing altogether.
func (*Client) ClientConfig ¶
ClientConfig returns a client.Config that may be used to connect to the Auth server in the provided cluster via client.New or similar. The client.Config returned will have the correct credentials and dialer set based on the ClientConfig that was provided to create this Client.
func (*Client) ClusterDetails ¶
func (c *Client) ClusterDetails(ctx context.Context) (ClusterDetails, error)
ClusterDetails retrieves cluster information as seen by the Proxy.
func (*Client) ClusterName ¶
ClusterName returns the name of the cluster that the connected Proxy is a member of.
func (*Client) DialHost ¶
func (c *Client) DialHost(ctx context.Context, target, cluster string, keyring agent.ExtendedAgent) (net.Conn, ClusterDetails, error)
DialHost establishes a connection to the `target` in cluster named `cluster`. If a keyring is provided it will only be forwarded if proxy recording mode is enabled in the cluster.
func (*Client) SSHConfig ¶
func (c *Client) SSHConfig(user string) *ssh.ClientConfig
SSHConfig returns the ssh.ClientConfig for the provided user which should be used when creating a [tracessh.Client] with the returned net.Conn from Client.DialHost.
type ClientConfig ¶
type ClientConfig struct { // ProxyAddress is the address of the Proxy server. ProxyAddress string // TLSRoutingEnabled indicates if the cluster is using TLS Routing. TLSRoutingEnabled bool // TLSConfigFunc produces the [tls.Config] required for mTLS connections to a specific cluster. TLSConfigFunc func(cluster string) (*tls.Config, error) // UnaryInterceptors are optional [grpc.UnaryClientInterceptor] to apply // to the gRPC client. UnaryInterceptors []grpc.UnaryClientInterceptor // StreamInterceptors are optional [grpc.StreamClientInterceptor] to apply // to the gRPC client. StreamInterceptors []grpc.StreamClientInterceptor // SSHConfig is the [ssh.ClientConfig] used to connect to the Proxy SSH server. SSHConfig *ssh.ClientConfig // DialTimeout defines how long to attempt dialing before timing out. DialTimeout time.Duration // DialOpts define options for dialing the client connection. DialOpts []grpc.DialOption // ALPNConnUpgradeRequired indicates that ALPN connection upgrades are // required for making TLS routing requests. ALPNConnUpgradeRequired bool // InsecureSkipVerify is an option to skip HTTPS cert check InsecureSkipVerify bool // ViaJumpHost indicates if the connection to the cluster is direct // or via another cluster. ViaJumpHost bool // PROXYHeaderGetter is used if present to get signed PROXY headers to propagate client's IP. // Used by proxy's web server to make calls on behalf of connected clients. PROXYHeaderGetter client.PROXYHeaderGetter // contains filtered or unexported fields }
ClientConfig contains configuration needed for a Client to be able to connect to the cluster.
func (*ClientConfig) CheckAndSetDefaults ¶
func (c *ClientConfig) CheckAndSetDefaults(ctx context.Context) error
CheckAndSetDefaults ensures required options are present and sets the default value of any that are omitted.
type ClusterDetails ¶
type ClusterDetails struct { // FIPS dictates whether FIPS mode is enabled. FIPS bool }
ClusterDetails provide cluster configuration details as known by the connected Proxy.