Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AgentConfig ¶
type Command ¶
func (*Command) Run ¶
Run bootstraps ACLs on Consul servers and writes the bootstrap token to a Kubernetes secret. Given various flags, it will also create policies and associated ACL tokens and store the tokens as Kubernetes Secrets. The function will retry its tasks indefinitely until they are complete.
type ConfigureGatewayParams ¶
type ConfigureGatewayParams struct {
// GatewayType specifies whether it is an ingress or terminating gateway.
GatewayType string
// GatewayNames is the collection of gateways that have been specified.
GatewayNames []string
// AuthMethodName is the authmethod for which to register the binding rules and policies for the gateways
AuthMethodName string
// RuleGenerator is the function that supplies the rules that will be added to the policy.
RulesGenerator gatewayRulesGenerator
// ConsulDC is the name of the DC where the gateways will be registered
ConsulDC string
// PrimaryDC is the name of the Primary Data Center
PrimaryDC string
// Primary specifies whether the ConsulDC is the Primary Data Center
Primary bool
}
ConfigureGatewayParams are parameters used to configure Ingress and Terminating Gateways.
type FakeSecretsBackend ¶
type FakeSecretsBackend struct {
// contains filtered or unexported fields
}
func (*FakeSecretsBackend) BootstrapToken ¶
func (b *FakeSecretsBackend) BootstrapToken() (string, error)
func (*FakeSecretsBackend) BootstrapTokenSecretName ¶
func (*FakeSecretsBackend) BootstrapTokenSecretName() string
func (*FakeSecretsBackend) WriteBootstrapToken ¶
func (b *FakeSecretsBackend) WriteBootstrapToken(token string) error
type KubernetesSecretsBackend ¶
type KubernetesSecretsBackend struct {
// contains filtered or unexported fields
}
func (*KubernetesSecretsBackend) BootstrapToken ¶
func (b *KubernetesSecretsBackend) BootstrapToken() (string, error)
BootstrapToken returns the existing bootstrap token if there is one by reading the Kubernetes Secret. If there is no bootstrap token yet, then it returns an empty string (not an error).
func (*KubernetesSecretsBackend) BootstrapTokenSecretName ¶
func (b *KubernetesSecretsBackend) BootstrapTokenSecretName() string
func (*KubernetesSecretsBackend) WriteBootstrapToken ¶
func (b *KubernetesSecretsBackend) WriteBootstrapToken(bootstrapToken string) error
WriteBootstrapToken writes the given bootstrap token to the Kubernetes Secret.
type SecretsBackend ¶
type SecretsBackend interface {
// BootstrapToken fetches the bootstrap token from the backend. If the
// token is not found or empty, implementations should return an empty
// string (not an error).
BootstrapToken() (string, error)
// WriteBootstrapToken writes the given bootstrap token to the backend.
// Implementations of this method do not need to retry the write until
// successful.
WriteBootstrapToken(string) error
// BootstrapTokenSecretName returns the name of the bootstrap token secret.
BootstrapTokenSecretName() string
}
type SecretsBackendType ¶
type SecretsBackendType string
const SecretsBackendTypeKubernetes SecretsBackendType = "kubernetes"
const SecretsBackendTypeVault SecretsBackendType = "vault"
type VaultSecretsBackend ¶
type VaultSecretsBackend struct {
// contains filtered or unexported fields
}
func (*VaultSecretsBackend) BootstrapToken ¶
func (b *VaultSecretsBackend) BootstrapToken() (string, error)
BootstrapToken returns the bootstrap token stored in Vault. If not found this returns an empty string (not an error).
func (*VaultSecretsBackend) BootstrapTokenSecretName ¶
func (b *VaultSecretsBackend) BootstrapTokenSecretName() string
BootstrapTokenSecretName returns the name of the bootstrap token secret.
func (*VaultSecretsBackend) WriteBootstrapToken ¶
func (b *VaultSecretsBackend) WriteBootstrapToken(bootstrapToken string) error
WriteBootstrapToken writes the bootstrap token to Vault.
Source Files