consul

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 23, 2022 License: MPL-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	RootCAFile           = "root-ca.pem"
	ClientCertFile       = "client.crt"
	ClientPrivateKeyFile = "client.pem"
	SDSCertConfigFile    = "tls-sds.json"
	SDSCAConfigFile      = "validation-context-sds.json"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Authenticator 

type Authenticator struct {
	// contains filtered or unexported fields
}

Authenticator handles Consul auth login logic.

func NewAuthenticator 

func NewAuthenticator(logger hclog.Logger, consul *api.Client, method, namespace string) *Authenticator

NewAuthenticator initializes a new Authenticator instance.

func (*Authenticator) Authenticate 

func (a *Authenticator) Authenticate(ctx context.Context, service, bearerToken string) (string, error)

Authenticate logs into Consul using the given auth method and returns the generated token.

func (*Authenticator) WithTries 

func (a *Authenticator) WithTries(tries uint64) *Authenticator

type CertManager 

type CertManager struct {
	// contains filtered or unexported fields
}

CertManager handles Consul leaf certificate management and certificate rotation. Once a leaf certificate has expired, it generates a new certificate and writes it to the location given in the configuration options with which it was created.

func NewCertManager 

func NewCertManager(logger hclog.Logger, consul *api.Client, service string, options *CertManagerOptions) *CertManager

NewCertManager creates a new CertManager instance.

func (*CertManager) Certificate 

func (c *CertManager) Certificate() []byte

Certificate returns the current leaf cert

func (*CertManager) Manage 

func (c *CertManager) Manage(ctx context.Context) error

Manage is the main run loop of the manager and should be run in a go routine. It should be passed a cancellable context that signals when the manager should stop and return. If it receives an unexpected error the loop exits.

func (*CertManager) PrivateKey 

func (c *CertManager) PrivateKey() []byte

PrivateKey returns the current leaf cert private key

func (*CertManager) RenderSDSConfig 

func (c *CertManager) RenderSDSConfig() (string, error)

func (*CertManager) RootCA 

func (c *CertManager) RootCA() []byte

RootCA returns the current CA cert

func (*CertManager) RootPool 

func (c *CertManager) RootPool() *x509.CertPool

RootPool returns the certificate pool for the connect root CA

func (*CertManager) SPIFFE 

func (c *CertManager) SPIFFE() *url.URL

func (*CertManager) TLSCertificate 

func (c *CertManager) TLSCertificate() *tls.Certificate

TLSCertificate returns the current leaf certificate as a parsed structure

func (*CertManager) WaitForWrite 

func (c *CertManager) WaitForWrite(ctx context.Context) error

WaitForWrite acts as a signalling mechanism for when the certificates are written to disk. It is intended to be used for use-cases where initial certificates must be in place prior to being referenced by a consumer.

type CertManagerOptions 

type CertManagerOptions struct {
	Directory  string
	SDSAddress string
	SDSPort    int
}

CertManagerOptions contains the optional configuration used to initialize a CertManager.

func DefaultCertManagerOptions 

func DefaultCertManagerOptions() *CertManagerOptions

DefaultCertManagerOptions returns the default options for a CertManager instance.

type ConfigEntryIndex 

type ConfigEntryIndex struct {
	// contains filtered or unexported fields
}

func NewConfigEntryIndex 

func NewConfigEntryIndex(kind string) *ConfigEntryIndex

func (*ConfigEntryIndex) Add 

func (i *ConfigEntryIndex) Add(entry api.ConfigEntry)

func (*ConfigEntryIndex) Count 

func (i *ConfigEntryIndex) Count() int

func (*ConfigEntryIndex) Difference 

func (i *ConfigEntryIndex) Difference(other *ConfigEntryIndex) *ConfigEntryIndex

Difference will return an ConfigEntryIndex with entries that not found in the current ConfigEntryIndex

func (*ConfigEntryIndex) Get 

func (i *ConfigEntryIndex) Get(name string) (api.ConfigEntry, bool)

func (*ConfigEntryIndex) Intersection 

func (i *ConfigEntryIndex) Intersection(other *ConfigEntryIndex) *ConfigEntryIndex

func (*ConfigEntryIndex) Merge 

func (i *ConfigEntryIndex) Merge(other *ConfigEntryIndex)

func (*ConfigEntryIndex) ToArray 

func (i *ConfigEntryIndex) ToArray() []api.ConfigEntry

type IntentionsReconciler 

type IntentionsReconciler struct {
	// contains filtered or unexported fields
}

IntentionsReconciler maintains a reconcile loop that computes the changes required to the intention graph to allow traffic from the api gateway to target services. Changes are detected by watching the service's computed discovery chain and iterating through the included targets.

func NewIntentionsReconciler 

func NewIntentionsReconciler(consul *api.Client, ingress *api.IngressGatewayConfigEntry, logger hclog.Logger) *IntentionsReconciler

func (*IntentionsReconciler) Reconcile 

func (r *IntentionsReconciler) Reconcile() error

Reconcile forces a synchronous reconcile, returning any errors that occurred as a result

func (*IntentionsReconciler) SetIngressServices 

func (r *IntentionsReconciler) SetIngressServices(igw *api.IngressGatewayConfigEntry)

func (*IntentionsReconciler) Stop 

func (r *IntentionsReconciler) Stop()

type ServiceRegistry 

type ServiceRegistry struct {
	// contains filtered or unexported fields
}

ServiceRegistry handles the logic for registering a consul-api-gateway service in Consul. Note that the registry is *not* thread safe and should only ever call Register/Deregister from a single managing goroutine.

func NewServiceRegistry 

func NewServiceRegistry(logger hclog.Logger, consul *api.Client, service, namespace, host string) *ServiceRegistry

NewServiceRegistry creates a new service registry instance

func (*ServiceRegistry) Deregister 

func (s *ServiceRegistry) Deregister(ctx context.Context) error

Deregister de-registers a service from Consul.

func (*ServiceRegistry) ID 

func (s *ServiceRegistry) ID() string

func (*ServiceRegistry) Namespace 

func (s *ServiceRegistry) Namespace() string

func (*ServiceRegistry) Register 

func (s *ServiceRegistry) Register(ctx context.Context) error

Register registers a service with Consul.

func (*ServiceRegistry) WithTries 

func (s *ServiceRegistry) WithTries(tries uint64) *ServiceRegistry

WithTries tells the service registry to retry on any remote operations.

Source Files

View all Source files

Directories

Path Synopsis
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.