agent

package
v1.13.0-alpha2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 21, 2022 License: MPL-2.0 Imports: 121 Imported by: 170

Documentation

Index

Constants

View Source
const (
	ConfigSourceLocal configSource = iota
	ConfigSourceRemote
)
View Source
const (
	SerfLANKeyring = "serf/local.keyring"
	SerfWANKeyring = "serf/remote.keyring"
)
View Source
const (
	TestDefaultInitialManagementToken = "d9f05e83-a7ae-47ce-839e-c0d53a68c00a"
	TestDefaultAgentRecoveryToken     = "bca580d4-db07-4074-b766-48acc9676955'"
)
View Source
const ConfigEntryNotFoundErr string = "Config entry not found"
View Source
const (
	// Limit the size of a watch handlers's output to the
	// last WatchBufSize. Prevents an enormous buffer
	// from being captured
	WatchBufSize = 4 * 1024 // 4KB
)

Variables

View Source
var CatalogCounters = []prometheus.CounterDefinition{
	{
		Name: []string{"client", "api", "catalog_register"},
		Help: "Increments whenever a Consul agent receives a catalog register request.",
	},
	{
		Name: []string{"client", "rpc", "error", "catalog_register"},
		Help: "Increments whenever a Consul agent receives an RPC error for a catalog register request.",
	},
	{
		Name: []string{"client", "api", "success", "catalog_register"},
		Help: "Increments whenever a Consul agent successfully responds to a catalog register request.",
	},
	{
		Name: []string{"client", "api", "catalog_deregister"},
		Help: "Increments whenever a Consul agent receives a catalog deregister request.",
	},
	{
		Name: []string{"client", "api", "catalog_datacenters"},
		Help: "Increments whenever a Consul agent receives a request to list datacenters in the catalog.",
	},
	{
		Name: []string{"client", "rpc", "error", "catalog_deregister"},
		Help: "Increments whenever a Consul agent receives an RPC error for a catalog deregister request.",
	},
	{
		Name: []string{"client", "api", "success", "catalog_nodes"},
		Help: "Increments whenever a Consul agent successfully responds to a request to list nodes.",
	},
	{
		Name: []string{"client", "rpc", "error", "catalog_nodes"},
		Help: "Increments whenever a Consul agent receives an RPC error for a request to list nodes.",
	},
	{
		Name: []string{"client", "api", "success", "catalog_deregister"},
		Help: "Increments whenever a Consul agent successfully responds to a catalog deregister request.",
	},
	{
		Name: []string{"client", "rpc", "error", "catalog_datacenters"},
		Help: "Increments whenever a Consul agent receives an RPC error for a request to list datacenters.",
	},
	{
		Name: []string{"client", "api", "success", "catalog_datacenters"},
		Help: "Increments whenever a Consul agent successfully responds to a request to list datacenters.",
	},
	{
		Name: []string{"client", "api", "catalog_nodes"},
		Help: "Increments whenever a Consul agent receives a request to list nodes from the catalog.",
	},
	{
		Name: []string{"client", "api", "catalog_services"},
		Help: "Increments whenever a Consul agent receives a request to list services from the catalog.",
	},
	{
		Name: []string{"client", "rpc", "error", "catalog_services"},
		Help: "Increments whenever a Consul agent receives an RPC error for a request to list services.",
	},
	{
		Name: []string{"client", "api", "success", "catalog_services"},
		Help: "Increments whenever a Consul agent successfully responds to a request to list services.",
	},
	{
		Name: []string{"client", "api", "catalog_service_nodes"},
		Help: "Increments whenever a Consul agent receives a request to list nodes offering a service.",
	},
	{
		Name: []string{"client", "rpc", "error", "catalog_service_nodes"},
		Help: "Increments whenever a Consul agent receives an RPC error for a request to list nodes offering a service.",
	},
	{
		Name: []string{"client", "api", "success", "catalog_service_nodes"},
		Help: "Increments whenever a Consul agent successfully responds to a request to list nodes offering a service.",
	},
	{
		Name: []string{"client", "api", "error", "catalog_service_nodes"},
		Help: "Increments whenever a Consul agent receives an RPC error for request to list nodes offering a service.",
	},
	{
		Name: []string{"client", "api", "catalog_node_services"},
		Help: "Increments whenever a Consul agent successfully responds to a request to list nodes offering a service.",
	},
	{
		Name: []string{"client", "api", "success", "catalog_node_services"},
		Help: "Increments whenever a Consul agent successfully responds to a request to list services in a node.",
	},
	{
		Name: []string{"client", "rpc", "error", "catalog_node_services"},
		Help: "Increments whenever a Consul agent receives an RPC error for a request to list services in a node.",
	},
	{
		Name: []string{"client", "api", "catalog_node_service_list"},
		Help: "Increments whenever a Consul agent receives a request to list a node's registered services.",
	},
	{
		Name: []string{"client", "rpc", "error", "catalog_node_service_list"},
		Help: "Increments whenever a Consul agent receives an RPC error for request to list a node's registered services.",
	},
	{
		Name: []string{"client", "api", "success", "catalog_node_service_list"},
		Help: "Increments whenever a Consul agent successfully responds to a request to list a node's registered services.",
	},
	{
		Name: []string{"client", "api", "catalog_gateway_services"},
		Help: "Increments whenever a Consul agent receives a request to list services associated with a gateway.",
	},
	{
		Name: []string{"client", "rpc", "error", "catalog_gateway_services"},
		Help: "Increments whenever a Consul agent receives an RPC error for a request to list services associated with a gateway.",
	},
	{
		Name: []string{"client", "api", "success", "catalog_gateway_services"},
		Help: "Increments whenever a Consul agent successfully responds to a request to list services associated with a gateway.",
	},
}
View Source
var CertExpirationGauges = []prometheus.GaugeDefinition{
	{
		Name: metricsKeyAgentTLSCertExpiry,
		Help: "Seconds until the agent tls certificate expires. Updated every hour",
	},
}
View Source
var DNSCounters = []prometheus.CounterDefinition{
	{
		Name: []string{"dns", "stale_queries"},
		Help: "Increments when an agent serves a query within the allowed stale threshold.",
	},
}
View Source
var DNSSummaries = []prometheus.SummaryDefinition{
	{
		Name: []string{"dns", "ptr_query"},
		Help: "Measures the time spent handling a reverse DNS query for the given node.",
	},
	{
		Name: []string{"dns", "domain_query"},
		Help: "Measures the time spent handling a domain query for the given node.",
	},
}
View Source
var Gauges = []prometheus.GaugeDefinition{
	{
		Name: []string{"version"},
		Help: "Represents the Consul version.",
	},
}
View Source
var HTTPSummaries = []prometheus.SummaryDefinition{
	{
		Name: []string{"api", "http"},
		Help: "Samples how long it takes to service the given HTTP request for the given verb and path.",
	},
}

Functions

func ConfigSourceFromName added in v1.6.2

func ConfigSourceFromName(name string) (configSource, bool)

ConfigSourceFromName will unmarshal the string form of a configSource.

func ForwardSignals added in v1.0.0

func ForwardSignals(cmd *exec.Cmd, logFn func(error), shutdownCh <-chan struct{})

ForwardSignals will fire up a goroutine to forward signals to the given subprocess until the shutdown channel is closed.

func GetDNSConfig added in v1.0.0

func GetDNSConfig(conf *config.RuntimeConfig) (*dnsConfig, error)

GetDNSConfig takes global config and creates the config used by DNS server

func LocalConfig added in v1.0.1

func LocalConfig(cfg *config.RuntimeConfig) local.Config

LocalConfig takes a config.RuntimeConfig and maps the fields to a local.Config

func NewAPIServers added in v1.9.0

func NewAPIServers(logger hclog.Logger) *apiServers

NewAPIServers returns an empty apiServers that is ready to Start servers.

func NewDurationFixer added in v1.0.1

func NewDurationFixer(fields ...string) durationFixer

func NodeID added in v1.0.0

func NodeID() string

func ParseRelayFactor

func ParseRelayFactor(n int) (uint8, error)

ParseRelayFactor validates and converts the given relay factor to uint8

func TestACLConfig

func TestACLConfig() string

TestACLConfig returns a default configuration for testing an agent with ACLs.

func TestACLConfigNew added in v1.5.0

func TestACLConfigNew() string

func TestACLConfigWithParams added in v1.7.0

func TestACLConfigWithParams(params *TestACLConfigParams) string

func TestConfig

func TestConfig(logger hclog.Logger, sources ...config.Source) *config.RuntimeConfig

TestConfig returns a unique default configuration for testing an agent.

func TestConfigHCL added in v1.8.1

func TestConfigHCL(nodeID string) string

func ValidateLocalOnly added in v1.6.0

func ValidateLocalOnly(local bool, list bool) error

ValidateLocalOnly validates the local-only flag, requiring that it only be set for list requests.

Types

type AddServiceRequest added in v1.10.0

type AddServiceRequest struct {
	Service *structs.NodeService

	Source configSource
	// contains filtered or unexported fields
}

AddServiceRequest contains the fields used to register a service on the local agent using Agent.AddService.

type Agent

type Agent struct {

	// state stores a local representation of the node,
	// services and checks. Used for anti-entropy.
	State *local.State
	// contains filtered or unexported fields
}

Agent is the long running process that is run on every machine. It exposes an RPC interface that is used by the CLI to control the agent. The agent runs the query interfaces like HTTP, DNS, and RPC. However, it can run in either a client, or server mode. In server mode, it runs a full Consul server. In client-only mode, it only forwards requests to other Consul servers.

func New

func New(bd BaseDeps) (*Agent, error)

New process the desired options and creates a new Agent. This process will

  • parse the config given the config Flags
  • setup logging
  • using predefined logger given in an option OR
  • initialize a new logger from the configuration including setting up gRPC logging
  • initialize telemetry
  • create a TLS Configurator
  • build a shared connection pool
  • create the ServiceManager
  • setup the NodeID if one isn't provided in the configuration
  • create the AutoConfig object for future use in fully resolving the configuration

func (*Agent) AddCheck

func (a *Agent) AddCheck(check *structs.HealthCheck, chkType *structs.CheckType, persist bool, token string, source configSource) error

AddCheck is used to add a health check to the agent. This entry is persistent and the agent will make a best effort to ensure it is registered. The Check may include a CheckType which is used to automatically update the check status

func (*Agent) AddService

func (a *Agent) AddService(req AddServiceRequest) error

AddService is used to add a service entry and its check. Any check for this service missing from chkTypes will be deleted. This entry is persistent and the agent will make a best effort to ensure it is registered

func (*Agent) AdvertiseAddrLAN added in v1.6.2

func (a *Agent) AdvertiseAddrLAN() string

AdvertiseAddrLAN returns the AdvertiseAddrLAN config value

func (*Agent) AgentEnterpriseMeta added in v1.11.0

func (a *Agent) AgentEnterpriseMeta() *acl.EnterpriseMeta

func (*Agent) AgentLocalMember added in v1.11.0

func (a *Agent) AgentLocalMember() serf.Member

AgentLocalMember is used to retrieve the LAN member for the local node.

func (*Agent) AutoReloadConfig added in v1.12.0

func (a *Agent) AutoReloadConfig() error

func (*Agent) ConnectAuthorize added in v1.3.0

func (a *Agent) ConnectAuthorize(token string,
	req *structs.ConnectAuthorizeRequest) (allowed bool, reason string, m *cache.ResultMeta, err error)

TODO(rb/intentions): this should move back into the agent endpoint since there is no ext_authz implementation anymore.

ConnectAuthorize implements the core authorization logic for Connect. It's in a separate agent method here because we need to re-use this both in our own HTTP API authz endpoint and in the gRPX xDS/ext_authz API for envoy.

NOTE: This treats any L7 intentions as DENY.

The ACL token and the auth request are provided and the auth decision (true means authorized) and reason string are returned.

If the request input is invalid the error returned will be a BadRequest HTTPError, if the token doesn't grant necessary access then an acl.ErrPermissionDenied error is returned, otherwise error indicates an unexpected server failure. If access is denied, no error is returned but the first return value is false.

func (*Agent) DisableNodeMaintenance

func (a *Agent) DisableNodeMaintenance()

DisableNodeMaintenance removes a node from maintenance mode

func (*Agent) DisableServiceMaintenance

func (a *Agent) DisableServiceMaintenance(serviceID structs.ServiceID) error

DisableServiceMaintenance will deregister the fake maintenance mode check if the service has been marked as in maintenance.

func (*Agent) EnableNodeMaintenance

func (a *Agent) EnableNodeMaintenance(reason, token string)

EnableNodeMaintenance places a node into maintenance mode.

func (*Agent) EnableServiceMaintenance

func (a *Agent) EnableServiceMaintenance(serviceID structs.ServiceID, reason, token string) error

EnableServiceMaintenance will register a false health check against the given service ID with critical status. This will exclude the service from queries.

func (*Agent) Failed added in v1.9.0

func (a *Agent) Failed() <-chan struct{}

Failed returns a channel which is closed when the first server goroutine exits with a non-nil error.

func (*Agent) ForceLeave

func (a *Agent) ForceLeave(node string, prune bool, entMeta *acl.EnterpriseMeta) error

ForceLeave is used to remove a failed node from the cluster

func (*Agent) ForceLeaveWAN added in v1.11.0

func (a *Agent) ForceLeaveWAN(node string, prune bool, entMeta *acl.EnterpriseMeta) error

ForceLeaveWAN is used to remove a failed node from the WAN cluster

func (*Agent) GetConfig added in v1.8.1

func (a *Agent) GetConfig() *config.RuntimeConfig

GetConfig retrieves the agents config TODO make export the config field and get rid of this method This is here for now to simplify the work I am doing and make reviewing the final PR easier.

func (*Agent) GetLANCoordinate

func (a *Agent) GetLANCoordinate() (lib.CoordinateSet, error)

GetLANCoordinate returns the coordinates of this node in the local pools (assumes coordinates are enabled, so check that before calling).

func (*Agent) InstallKey

func (a *Agent) InstallKey(key, token string, relayFactor uint8) (*structs.KeyringResponses, error)

InstallKey installs a new gossip encryption key

func (*Agent) JoinLAN

func (a *Agent) JoinLAN(addrs []string, entMeta *acl.EnterpriseMeta) (n int, err error)

JoinLAN is used to have the agent join a LAN cluster

func (*Agent) JoinWAN

func (a *Agent) JoinWAN(addrs []string) (n int, err error)

JoinWAN is used to have the agent join a WAN cluster

func (*Agent) LANMembers

func (a *Agent) LANMembers(f consul.LANMemberFilter) ([]serf.Member, error)

LANMembers returns the LAN members for one of:

- the requested partition - the requested segment - all segments

This is limited to segments and partitions that the node is a member of.

func (*Agent) LANMembersInAgentPartition added in v1.11.0

func (a *Agent) LANMembersInAgentPartition() []serf.Member

LANMembersInAgentPartition is used to retrieve the LAN members for this agent's partition.

func (*Agent) LastUserEvent

func (a *Agent) LastUserEvent() *UserEvent

LastUserEvent is used to return the last user event. This will return nil if there is no recent event.

func (*Agent) Leave

func (a *Agent) Leave() error

Leave is used to prepare the agent for a graceful shutdown

func (*Agent) ListKeys

func (a *Agent) ListKeys(token string, localOnly bool, relayFactor uint8) (*structs.KeyringResponses, error)

ListKeys lists out all keys installed on the collective Consul cluster. This includes both servers and clients in all DC's.

func (*Agent) LocalBlockingQuery added in v1.6.2

func (a *Agent) LocalBlockingQuery(alwaysBlock bool, hash string, wait time.Duration,
	fn func(ws memdb.WatchSet) (string, interface{}, error)) (string, interface{}, error)

LocalBlockingQuery performs a blocking query in a generic way against local agent state that has no RPC or raft to back it. It uses `hash` parameter instead of an `index`. `alwaysBlock` determines whether we block if the provided hash is empty. Callers like the AgentService endpoint will want to return the current result if a hash isn't provided. On the other hand, for cache notifications we always want to block. This avoids an empty first response.

func (*Agent) LocalState added in v1.6.2

func (a *Agent) LocalState() *local.State

LocalState returns the agent's local state

func (*Agent) PauseSync

func (a *Agent) PauseSync()

PauseSync is used to pause anti-entropy while bulk changes are made. It also sets state that agent-local watches use to "ride out" config reloads and bulk updates which might spuriously unload state and reload it again.

func (*Agent) PickRandomMeshGatewaySuitableForDialing added in v1.8.0

func (a *Agent) PickRandomMeshGatewaySuitableForDialing(dc string) string

PickRandomMeshGatewaySuitableForDialing is a convenience function used for writing tests.

func (*Agent) PrimaryMeshGatewayAddressesReadyCh added in v1.8.0

func (a *Agent) PrimaryMeshGatewayAddressesReadyCh() <-chan struct{}

PrimaryMeshGatewayAddressesReadyCh returns a channel that will be closed when federation state replication ships back at least one primary mesh gateway (not via fallback config).

func (*Agent) RPC

func (a *Agent) RPC(method string, args interface{}, reply interface{}) error

RPC is used to make an RPC call to the Consul servers This allows the agent to implement the Consul.Interface

func (*Agent) RefreshPrimaryGatewayFallbackAddresses added in v1.8.0

func (a *Agent) RefreshPrimaryGatewayFallbackAddresses(addrs []string) error

RefreshPrimaryGatewayFallbackAddresses is used to update the list of current fallback addresses for locating mesh gateways in the primary datacenter.

func (*Agent) ReloadConfig

func (a *Agent) ReloadConfig() error

func (*Agent) RemoveCheck

func (a *Agent) RemoveCheck(checkID structs.CheckID, persist bool) error

RemoveCheck is used to remove a health check. The agent will make a best effort to ensure it is deregistered

func (*Agent) RemoveKey

func (a *Agent) RemoveKey(key, token string, relayFactor uint8) (*structs.KeyringResponses, error)

RemoveKey will remove a gossip encryption key from the keyring

func (*Agent) RemoveService

func (a *Agent) RemoveService(serviceID structs.ServiceID) error

RemoveService is used to remove a service entry. The agent will make a best effort to ensure it is deregistered

func (*Agent) ResumeSync

func (a *Agent) ResumeSync()

ResumeSync is used to unpause anti-entropy after bulk changes are make

func (*Agent) RetryJoinCh

func (a *Agent) RetryJoinCh() <-chan error

RetryJoinCh is a channel that transports errors from the retry join process.

func (*Agent) ServiceHTTPBasedChecks added in v1.6.2

func (a *Agent) ServiceHTTPBasedChecks(serviceID structs.ServiceID) []structs.CheckType

ServiceHTTPBasedChecks returns HTTP and GRPC based Checks for the given serviceID

func (*Agent) ShutdownAgent

func (a *Agent) ShutdownAgent() error

ShutdownAgent is used to hard stop the agent. Should be preceded by Leave to do it gracefully. Should be followed by ShutdownEndpoints to terminate the HTTP and DNS servers as well.

func (*Agent) ShutdownCh

func (a *Agent) ShutdownCh() <-chan struct{}

ShutdownCh is used to return a channel that can be selected to wait for the agent to perform a shutdown.

func (*Agent) ShutdownEndpoints

func (a *Agent) ShutdownEndpoints()

ShutdownEndpoints terminates the HTTP and DNS servers. Should be preceded by ShutdownAgent. TODO: remove this method, move to ShutdownAgent

func (*Agent) Start

func (a *Agent) Start(ctx context.Context) error

Start verifies its configuration and runs an agent's various subprocesses.

func (*Agent) StartSync

func (a *Agent) StartSync()

StartSync is called once Services and Checks are registered. This is called to prevent a race between clients and the anti-entropy routines

func (*Agent) Stats

func (a *Agent) Stats() map[string]map[string]string

Stats is used to get various debugging state from the sub-systems

func (*Agent) SyncPausedCh added in v1.6.2

func (a *Agent) SyncPausedCh() <-chan struct{}

SyncPausedCh returns either a channel or nil. If nil sync is not paused. If non-nil, the channel will be closed when sync resumes.

func (*Agent) TranslateAddress added in v0.9.0

func (a *Agent) TranslateAddress(dc string, addr string, taggedAddresses map[string]string, accept TranslateAddressAccept) string

TranslateAddress is used to provide the final, translated address for a node, depending on how the agent and the other node are configured. The dc parameter is the dc the datacenter this node is from.

func (*Agent) TranslateAddresses added in v0.9.0

func (a *Agent) TranslateAddresses(dc string, subj interface{}, accept TranslateAddressAccept)

TranslateAddresses translates addresses in the given structure into the final, translated address, depending on how the agent and the other node are configured. The dc parameter is the datacenter this structure is from.

func (*Agent) TranslateServiceAddress added in v1.6.0

func (a *Agent) TranslateServiceAddress(dc string, addr string, taggedAddresses map[string]structs.ServiceAddress, accept TranslateAddressAccept) string

TranslateServiceAddress is used to provide the final, translated address for a node, depending on how the agent and the other node are configured. The dc parameter is the dc the datacenter this node is from.

func (*Agent) TranslateServicePort added in v1.6.0

func (a *Agent) TranslateServicePort(dc string, port int, taggedAddresses map[string]structs.ServiceAddress) int

TranslateServicePort is used to provide the final, translated port for a service, depending on how the agent and the other node are configured. The dc parameter is the dc the datacenter this node is from.

func (*Agent) UseKey

func (a *Agent) UseKey(key, token string, relayFactor uint8) (*structs.KeyringResponses, error)

UseKey changes the primary encryption key used to encrypt messages

func (*Agent) UserEvent

func (a *Agent) UserEvent(dc, token string, params *UserEvent) error

UserEvent is used to fire an event via the Serf layer on the LAN

func (*Agent) UserEvents

func (a *Agent) UserEvents() []*UserEvent

UserEvents is used to return a slice of the most recent user events.

func (*Agent) WANMembers

func (a *Agent) WANMembers() []serf.Member

WANMembers is used to retrieve the WAN members

func (*Agent) WriteEvent added in v1.8.0

func (a *Agent) WriteEvent(eventType string, payload interface{})

WriteEvent is a noop stub for the func defined agent_ent.go

type BaseDeps added in v1.8.4

type BaseDeps struct {
	consul.Deps // TODO: un-embed

	RuntimeConfig *config.RuntimeConfig
	MetricsConfig *lib.MetricsConfig
	AutoConfig    *autoconf.AutoConfig // TODO: use an interface
	Cache         *cache.Cache
	ViewStore     *submatview.Store
	WatchedFiles  []string
}

TODO: BaseDeps should be renamed in the future once more of Agent.Start has been moved out in front of Agent.New, and we can better see the setup dependencies.

func NewBaseDeps added in v1.8.4

func NewBaseDeps(configLoader ConfigLoader, logOut io.Writer) (BaseDeps, error)

type CodeWithPayloadError added in v1.4.1

type CodeWithPayloadError struct {
	Reason      string
	StatusCode  int
	ContentType string
}

CodeWithPayloadError allow returning non HTTP 200 Error codes while not returning PlainText payload

func (CodeWithPayloadError) Error added in v1.4.1

func (e CodeWithPayloadError) Error() string

type ConfigLoader added in v1.8.4

type ConfigLoader func(source config.Source) (config.LoadResult, error)

type ConfigReloader added in v1.9.0

type ConfigReloader func(rtConfig *config.RuntimeConfig) error

ConfigReloader is a function type which may be implemented to support reloading of configuration.

type DNSServer

type DNSServer struct {
	*dns.Server
	// contains filtered or unexported fields
}

DNSServer is used to wrap an Agent and expose various service discovery endpoints using a DNS interface.

func NewDNSServer

func NewDNSServer(a *Agent) (*DNSServer, error)

func (*DNSServer) ListenAndServe

func (d *DNSServer) ListenAndServe(network, addr string, notif func()) error

func (*DNSServer) ReloadConfig added in v1.5.0

func (d *DNSServer) ReloadConfig(newCfg *config.RuntimeConfig) error

ReloadConfig hot-reloads the server config with new parameters under config.RuntimeConfig.DNS*

type Denylist added in v1.8.0

type Denylist struct {
	// contains filtered or unexported fields
}

Denylist implements an HTTP endpoint denylist based on a list of endpoint prefixes which should be blocked.

func NewDenylist added in v1.8.0

func NewDenylist(prefixes []string) *Denylist

NewDenylist returns a denylist for the given list of prefixes.

func (*Denylist) Block added in v1.8.0

func (d *Denylist) Block(path string) bool

Block will return true if the given path is included among any of the blocked prefixes.

type GatewayConfig added in v1.8.0

type GatewayConfig struct {
	AssociatedServiceCount int      `json:",omitempty"`
	Addresses              []string `json:",omitempty"`
	// contains filtered or unexported fields
}

type HTTPError added in v1.13.0

type HTTPError struct {
	StatusCode int
	Reason     string
}

HTTPError is returned by the handler when a specific http error code is needed alongside a plain text response.

func (HTTPError) Error added in v1.13.0

func (h HTTPError) Error() string

type HTTPHandlers added in v1.9.0

type HTTPHandlers struct {
	// contains filtered or unexported fields
}

HTTPHandlers provides an HTTP api for an agent.

func (*HTTPHandlers) ACLAuthMethodCRUD added in v1.9.0

func (s *HTTPHandlers) ACLAuthMethodCRUD(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLAuthMethodCreate added in v1.9.0

func (s *HTTPHandlers) ACLAuthMethodCreate(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLAuthMethodDelete added in v1.9.0

func (s *HTTPHandlers) ACLAuthMethodDelete(resp http.ResponseWriter, req *http.Request, methodName string) (interface{}, error)

func (*HTTPHandlers) ACLAuthMethodList added in v1.9.0

func (s *HTTPHandlers) ACLAuthMethodList(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLAuthMethodRead added in v1.9.0

func (s *HTTPHandlers) ACLAuthMethodRead(resp http.ResponseWriter, req *http.Request, methodName string) (interface{}, error)

func (*HTTPHandlers) ACLAuthMethodWrite added in v1.9.0

func (s *HTTPHandlers) ACLAuthMethodWrite(resp http.ResponseWriter, req *http.Request, methodName string) (interface{}, error)

func (*HTTPHandlers) ACLAuthorize added in v1.9.0

func (s *HTTPHandlers) ACLAuthorize(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLBindingRuleCRUD added in v1.9.0

func (s *HTTPHandlers) ACLBindingRuleCRUD(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLBindingRuleCreate added in v1.9.0

func (s *HTTPHandlers) ACLBindingRuleCreate(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLBindingRuleDelete added in v1.9.0

func (s *HTTPHandlers) ACLBindingRuleDelete(resp http.ResponseWriter, req *http.Request, bindingRuleID string) (interface{}, error)

func (*HTTPHandlers) ACLBindingRuleList added in v1.9.0

func (s *HTTPHandlers) ACLBindingRuleList(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLBindingRuleRead added in v1.9.0

func (s *HTTPHandlers) ACLBindingRuleRead(resp http.ResponseWriter, req *http.Request, bindingRuleID string) (interface{}, error)

func (*HTTPHandlers) ACLBindingRuleWrite added in v1.9.0

func (s *HTTPHandlers) ACLBindingRuleWrite(resp http.ResponseWriter, req *http.Request, bindingRuleID string) (interface{}, error)

func (*HTTPHandlers) ACLBootstrap added in v1.9.0

func (s *HTTPHandlers) ACLBootstrap(resp http.ResponseWriter, req *http.Request) (interface{}, error)

ACLBootstrap is used to perform a one-time ACL bootstrap operation on a cluster to get the first management token.

func (*HTTPHandlers) ACLLegacy added in v1.11.0

func (s *HTTPHandlers) ACLLegacy(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLLogin added in v1.9.0

func (s *HTTPHandlers) ACLLogin(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLLogout added in v1.9.0

func (s *HTTPHandlers) ACLLogout(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLPolicyCRUD added in v1.9.0

func (s *HTTPHandlers) ACLPolicyCRUD(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLPolicyCreate added in v1.9.0

func (s *HTTPHandlers) ACLPolicyCreate(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLPolicyDelete added in v1.9.0

func (s *HTTPHandlers) ACLPolicyDelete(resp http.ResponseWriter, req *http.Request, policyID string) (interface{}, error)

func (*HTTPHandlers) ACLPolicyList added in v1.9.0

func (s *HTTPHandlers) ACLPolicyList(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLPolicyRead added in v1.9.0

func (s *HTTPHandlers) ACLPolicyRead(resp http.ResponseWriter, req *http.Request, policyID, policyName string) (interface{}, error)

func (*HTTPHandlers) ACLPolicyReadByID added in v1.9.0

func (s *HTTPHandlers) ACLPolicyReadByID(resp http.ResponseWriter, req *http.Request, policyID string) (interface{}, error)

func (*HTTPHandlers) ACLPolicyReadByName added in v1.9.0

func (s *HTTPHandlers) ACLPolicyReadByName(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLPolicyWrite added in v1.9.0

func (s *HTTPHandlers) ACLPolicyWrite(resp http.ResponseWriter, req *http.Request, policyID string) (interface{}, error)

func (*HTTPHandlers) ACLReplicationStatus added in v1.9.0

func (s *HTTPHandlers) ACLReplicationStatus(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLRoleCRUD added in v1.9.0

func (s *HTTPHandlers) ACLRoleCRUD(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLRoleCreate added in v1.9.0

func (s *HTTPHandlers) ACLRoleCreate(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLRoleDelete added in v1.9.0

func (s *HTTPHandlers) ACLRoleDelete(resp http.ResponseWriter, req *http.Request, roleID string) (interface{}, error)

func (*HTTPHandlers) ACLRoleList added in v1.9.0

func (s *HTTPHandlers) ACLRoleList(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLRoleRead added in v1.9.0

func (s *HTTPHandlers) ACLRoleRead(resp http.ResponseWriter, req *http.Request, roleID, roleName string) (interface{}, error)

func (*HTTPHandlers) ACLRoleReadByID added in v1.9.0

func (s *HTTPHandlers) ACLRoleReadByID(resp http.ResponseWriter, req *http.Request, roleID string) (interface{}, error)

func (*HTTPHandlers) ACLRoleReadByName added in v1.9.0

func (s *HTTPHandlers) ACLRoleReadByName(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLRoleWrite added in v1.9.0

func (s *HTTPHandlers) ACLRoleWrite(resp http.ResponseWriter, req *http.Request, roleID string) (interface{}, error)

func (*HTTPHandlers) ACLTokenCRUD added in v1.9.0

func (s *HTTPHandlers) ACLTokenCRUD(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLTokenClone added in v1.9.0

func (s *HTTPHandlers) ACLTokenClone(resp http.ResponseWriter, req *http.Request, tokenID string) (interface{}, error)

func (*HTTPHandlers) ACLTokenCreate added in v1.9.0

func (s *HTTPHandlers) ACLTokenCreate(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLTokenDelete added in v1.9.0

func (s *HTTPHandlers) ACLTokenDelete(resp http.ResponseWriter, req *http.Request, tokenID string) (interface{}, error)

func (*HTTPHandlers) ACLTokenGet added in v1.9.0

func (s *HTTPHandlers) ACLTokenGet(resp http.ResponseWriter, req *http.Request, tokenID string) (interface{}, error)

func (*HTTPHandlers) ACLTokenList added in v1.9.0

func (s *HTTPHandlers) ACLTokenList(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLTokenSelf added in v1.9.0

func (s *HTTPHandlers) ACLTokenSelf(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) ACLTokenSet added in v1.9.0

func (s *HTTPHandlers) ACLTokenSet(_ http.ResponseWriter, req *http.Request, tokenID string) (interface{}, error)

func (*HTTPHandlers) AgentCheckFail added in v1.9.0

func (s *HTTPHandlers) AgentCheckFail(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentCheckPass added in v1.9.0

func (s *HTTPHandlers) AgentCheckPass(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentCheckUpdate added in v1.9.0

func (s *HTTPHandlers) AgentCheckUpdate(resp http.ResponseWriter, req *http.Request) (interface{}, error)

AgentCheckUpdate is a PUT-based alternative to the GET-based Pass/Warn/Fail APIs.

func (*HTTPHandlers) AgentCheckWarn added in v1.9.0

func (s *HTTPHandlers) AgentCheckWarn(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentChecks added in v1.9.0

func (s *HTTPHandlers) AgentChecks(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentConnectAuthorize added in v1.9.0

func (s *HTTPHandlers) AgentConnectAuthorize(resp http.ResponseWriter, req *http.Request) (interface{}, error)

AgentConnectAuthorize

POST /v1/agent/connect/authorize

NOTE: This endpoint treats any L7 intentions as DENY.

Note: when this logic changes, consider if the Intention.Check RPC method also needs to be updated.

func (*HTTPHandlers) AgentConnectCALeafCert added in v1.9.0

func (s *HTTPHandlers) AgentConnectCALeafCert(resp http.ResponseWriter, req *http.Request) (interface{}, error)

AgentConnectCALeafCert returns the certificate bundle for a service instance. This endpoint ignores all "Cache-Control" attributes. This supports blocking queries to update the returned bundle. Non-blocking queries will always verify that the cache entry is still valid.

func (*HTTPHandlers) AgentConnectCARoots added in v1.9.0

func (s *HTTPHandlers) AgentConnectCARoots(resp http.ResponseWriter, req *http.Request) (interface{}, error)

AgentConnectCARoots returns the trusted CA roots.

func (*HTTPHandlers) AgentDeregisterCheck added in v1.9.0

func (s *HTTPHandlers) AgentDeregisterCheck(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentDeregisterService added in v1.9.0

func (s *HTTPHandlers) AgentDeregisterService(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentForceLeave added in v1.9.0

func (s *HTTPHandlers) AgentForceLeave(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentHealthServiceByID added in v1.9.0

func (s *HTTPHandlers) AgentHealthServiceByID(resp http.ResponseWriter, req *http.Request) (interface{}, error)

AgentHealthServiceByID return the local Service Health given its ID

func (*HTTPHandlers) AgentHealthServiceByName added in v1.9.0

func (s *HTTPHandlers) AgentHealthServiceByName(resp http.ResponseWriter, req *http.Request) (interface{}, error)

AgentHealthServiceByName return the worse status of all the services with given name on an agent

func (*HTTPHandlers) AgentHost added in v1.9.0

func (s *HTTPHandlers) AgentHost(resp http.ResponseWriter, req *http.Request) (interface{}, error)

AgentHost

GET /v1/agent/host

Retrieves information about resources available and in-use for the host the agent is running on such as CPU, memory, and disk usage. Requires a operator:read ACL token.

func (*HTTPHandlers) AgentJoin added in v1.9.0

func (s *HTTPHandlers) AgentJoin(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentLeave added in v1.9.0

func (s *HTTPHandlers) AgentLeave(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentMembers added in v1.9.0

func (s *HTTPHandlers) AgentMembers(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentMetrics added in v1.9.0

func (s *HTTPHandlers) AgentMetrics(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentMetricsStream added in v1.11.0

func (s *HTTPHandlers) AgentMetricsStream(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentMonitor added in v1.9.0

func (s *HTTPHandlers) AgentMonitor(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentNodeMaintenance added in v1.9.0

func (s *HTTPHandlers) AgentNodeMaintenance(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentRegisterCheck added in v1.9.0

func (s *HTTPHandlers) AgentRegisterCheck(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentRegisterService added in v1.9.0

func (s *HTTPHandlers) AgentRegisterService(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentReload added in v1.9.0

func (s *HTTPHandlers) AgentReload(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentSelf added in v1.9.0

func (s *HTTPHandlers) AgentSelf(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentService added in v1.9.0

func (s *HTTPHandlers) AgentService(resp http.ResponseWriter, req *http.Request) (interface{}, error)

GET /v1/agent/service/:service_id

Returns the service definition for a single local services and allows blocking watch using hash-based blocking.

func (*HTTPHandlers) AgentServiceMaintenance added in v1.9.0

func (s *HTTPHandlers) AgentServiceMaintenance(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentServices added in v1.9.0

func (s *HTTPHandlers) AgentServices(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) AgentToken added in v1.9.0

func (s *HTTPHandlers) AgentToken(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) CatalogConnectServiceNodes added in v1.9.0

func (s *HTTPHandlers) CatalogConnectServiceNodes(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) CatalogDatacenters added in v1.9.0

func (s *HTTPHandlers) CatalogDatacenters(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) CatalogDeregister added in v1.9.0

func (s *HTTPHandlers) CatalogDeregister(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) CatalogGatewayServices added in v1.9.0

func (s *HTTPHandlers) CatalogGatewayServices(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) CatalogNodeServiceList added in v1.9.0

func (s *HTTPHandlers) CatalogNodeServiceList(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) CatalogNodeServices added in v1.9.0

func (s *HTTPHandlers) CatalogNodeServices(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) CatalogNodes added in v1.9.0

func (s *HTTPHandlers) CatalogNodes(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) CatalogRegister added in v1.9.0

func (s *HTTPHandlers) CatalogRegister(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) CatalogServiceNodes added in v1.9.0

func (s *HTTPHandlers) CatalogServiceNodes(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) CatalogServices added in v1.9.0

func (s *HTTPHandlers) CatalogServices(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) Config added in v1.9.0

func (s *HTTPHandlers) Config(resp http.ResponseWriter, req *http.Request) (interface{}, error)

Config switches on the different CRUD operations for config entries.

func (*HTTPHandlers) ConfigApply added in v1.9.0

func (s *HTTPHandlers) ConfigApply(resp http.ResponseWriter, req *http.Request) (interface{}, error)

ConfigApply applies the given config entry update.

func (*HTTPHandlers) ConnectCAConfiguration added in v1.9.0

func (s *HTTPHandlers) ConnectCAConfiguration(resp http.ResponseWriter, req *http.Request) (interface{}, error)

/v1/connect/ca/configuration

func (*HTTPHandlers) ConnectCAConfigurationGet added in v1.9.0

func (s *HTTPHandlers) ConnectCAConfigurationGet(resp http.ResponseWriter, req *http.Request) (interface{}, error)

GET /v1/connect/ca/configuration

func (*HTTPHandlers) ConnectCAConfigurationSet added in v1.9.0

func (s *HTTPHandlers) ConnectCAConfigurationSet(req *http.Request) (interface{}, error)

PUT /v1/connect/ca/configuration

func (*HTTPHandlers) ConnectCARoots added in v1.9.0

func (s *HTTPHandlers) ConnectCARoots(resp http.ResponseWriter, req *http.Request) (interface{}, error)

GET /v1/connect/ca/roots

func (*HTTPHandlers) CoordinateDatacenters added in v1.9.0

func (s *HTTPHandlers) CoordinateDatacenters(resp http.ResponseWriter, req *http.Request) (interface{}, error)

CoordinateDatacenters returns the WAN nodes in each datacenter, along with raw network coordinates.

func (*HTTPHandlers) CoordinateNode added in v1.9.0

func (s *HTTPHandlers) CoordinateNode(resp http.ResponseWriter, req *http.Request) (interface{}, error)

CoordinateNode returns the LAN node in the given datacenter, along with raw network coordinates.

func (*HTTPHandlers) CoordinateNodes added in v1.9.0

func (s *HTTPHandlers) CoordinateNodes(resp http.ResponseWriter, req *http.Request) (interface{}, error)

CoordinateNodes returns the LAN nodes in the given datacenter, along with raw network coordinates.

func (*HTTPHandlers) CoordinateUpdate added in v1.9.0

func (s *HTTPHandlers) CoordinateUpdate(resp http.ResponseWriter, req *http.Request) (interface{}, error)

CoordinateUpdate inserts or updates the LAN coordinate of a node.

func (*HTTPHandlers) DiscoveryChainRead added in v1.9.0

func (s *HTTPHandlers) DiscoveryChainRead(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) EventFire added in v1.9.0

func (s *HTTPHandlers) EventFire(resp http.ResponseWriter, req *http.Request) (interface{}, error)

EventFire is used to fire a new event

func (*HTTPHandlers) EventList added in v1.9.0

func (s *HTTPHandlers) EventList(resp http.ResponseWriter, req *http.Request) (interface{}, error)

EventList is used to retrieve the recent list of events

func (*HTTPHandlers) FederationStateGet added in v1.9.0

func (s *HTTPHandlers) FederationStateGet(resp http.ResponseWriter, req *http.Request) (interface{}, error)

GET /v1/internal/federation-state/<datacenter>

func (*HTTPHandlers) FederationStateList added in v1.9.0

func (s *HTTPHandlers) FederationStateList(resp http.ResponseWriter, req *http.Request) (interface{}, error)

GET /v1/internal/federation-states

func (*HTTPHandlers) FederationStateListMeshGateways added in v1.9.0

func (s *HTTPHandlers) FederationStateListMeshGateways(resp http.ResponseWriter, req *http.Request) (interface{}, error)

GET /v1/internal/federation-states/mesh-gateways

func (*HTTPHandlers) HealthChecksInState added in v1.9.0

func (s *HTTPHandlers) HealthChecksInState(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) HealthConnectServiceNodes added in v1.9.0

func (s *HTTPHandlers) HealthConnectServiceNodes(resp http.ResponseWriter, req *http.Request) (interface{}, error)

HealthConnectServiceNodes should return "all healthy connect-enabled endpoints (e.g. could be side car proxies or native instances) for this service so I can connect with mTLS".

func (*HTTPHandlers) HealthIngressServiceNodes added in v1.9.0

func (s *HTTPHandlers) HealthIngressServiceNodes(resp http.ResponseWriter, req *http.Request) (interface{}, error)

HealthIngressServiceNodes should return "all the healthy ingress gateway instances that I can use to access this connect-enabled service without mTLS".

func (*HTTPHandlers) HealthNodeChecks added in v1.9.0

func (s *HTTPHandlers) HealthNodeChecks(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) HealthServiceChecks added in v1.9.0

func (s *HTTPHandlers) HealthServiceChecks(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) HealthServiceNodes added in v1.9.0

func (s *HTTPHandlers) HealthServiceNodes(resp http.ResponseWriter, req *http.Request) (interface{}, error)

HealthServiceNodes should return "all the healthy instances of this service registered so I can connect directly to them".

func (*HTTPHandlers) Index added in v1.9.0

func (s *HTTPHandlers) Index(resp http.ResponseWriter, req *http.Request)

Renders a simple index page

func (*HTTPHandlers) IntentionCheck added in v1.9.0

func (s *HTTPHandlers) IntentionCheck(resp http.ResponseWriter, req *http.Request) (interface{}, error)

GET /v1/connect/intentions/check

func (*HTTPHandlers) IntentionCreate added in v1.9.0

func (s *HTTPHandlers) IntentionCreate(resp http.ResponseWriter, req *http.Request) (interface{}, error)

IntentionCreate is used to create legacy intentions. Deprecated: use IntentionPutExact.

func (*HTTPHandlers) IntentionDeleteExact added in v1.9.0

func (s *HTTPHandlers) IntentionDeleteExact(resp http.ResponseWriter, req *http.Request) (interface{}, error)

DELETE /v1/connect/intentions/exact

func (*HTTPHandlers) IntentionEndpoint added in v1.9.0

func (s *HTTPHandlers) IntentionEndpoint(resp http.ResponseWriter, req *http.Request) (interface{}, error)

/v1/connect/intentions

func (*HTTPHandlers) IntentionExact added in v1.9.0

func (s *HTTPHandlers) IntentionExact(resp http.ResponseWriter, req *http.Request) (interface{}, error)

IntentionExact handles the endpoint for /v1/connect/intentions/exact

func (*HTTPHandlers) IntentionGetExact added in v1.9.0

func (s *HTTPHandlers) IntentionGetExact(resp http.ResponseWriter, req *http.Request) (interface{}, error)

GET /v1/connect/intentions/exact

func (*HTTPHandlers) IntentionList added in v1.9.0

func (s *HTTPHandlers) IntentionList(resp http.ResponseWriter, req *http.Request) (interface{}, error)

GET /v1/connect/intentions

func (*HTTPHandlers) IntentionMatch added in v1.9.0

func (s *HTTPHandlers) IntentionMatch(resp http.ResponseWriter, req *http.Request) (interface{}, error)

GET /v1/connect/intentions/match

func (*HTTPHandlers) IntentionPutExact added in v1.9.0

func (s *HTTPHandlers) IntentionPutExact(resp http.ResponseWriter, req *http.Request) (interface{}, error)

PUT /v1/connect/intentions/exact

func (*HTTPHandlers) IntentionSpecific added in v1.9.0

func (s *HTTPHandlers) IntentionSpecific(resp http.ResponseWriter, req *http.Request) (interface{}, error)

IntentionSpecific handles the endpoint for /v1/connect/intentions/:id. Deprecated: use IntentionExact.

func (*HTTPHandlers) IntentionSpecificDelete deprecated added in v1.9.0

func (s *HTTPHandlers) IntentionSpecificDelete(id string, resp http.ResponseWriter, req *http.Request) (interface{}, error)

Deprecated: use IntentionDeleteExact.

func (*HTTPHandlers) IntentionSpecificGet deprecated added in v1.9.0

func (s *HTTPHandlers) IntentionSpecificGet(id string, resp http.ResponseWriter, req *http.Request) (interface{}, error)

Deprecated: use IntentionGetExact.

func (*HTTPHandlers) IntentionSpecificUpdate deprecated added in v1.9.0

func (s *HTTPHandlers) IntentionSpecificUpdate(id string, resp http.ResponseWriter, req *http.Request) (interface{}, error)

Deprecated: use IntentionPutExact.

func (*HTTPHandlers) IsUIEnabled added in v1.9.0

func (s *HTTPHandlers) IsUIEnabled() bool

Returns true if the UI is enabled.

func (*HTTPHandlers) KVSDelete added in v1.9.0

func (s *HTTPHandlers) KVSDelete(resp http.ResponseWriter, req *http.Request, args *structs.KeyRequest) (interface{}, error)

KVSPut handles a DELETE request

func (*HTTPHandlers) KVSEndpoint added in v1.9.0

func (s *HTTPHandlers) KVSEndpoint(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) KVSGet added in v1.9.0

func (s *HTTPHandlers) KVSGet(resp http.ResponseWriter, req *http.Request, args *structs.KeyRequest) (interface{}, error)

KVSGet handles a GET request

func (*HTTPHandlers) KVSGetKeys added in v1.9.0

func (s *HTTPHandlers) KVSGetKeys(resp http.ResponseWriter, req *http.Request, args *structs.KeyRequest) (interface{}, error)

KVSGetKeys handles a GET request for keys

func (*HTTPHandlers) KVSPut added in v1.9.0

func (s *HTTPHandlers) KVSPut(resp http.ResponseWriter, req *http.Request, args *structs.KeyRequest) (interface{}, error)

KVSPut handles a PUT request

func (*HTTPHandlers) KeyringInstall added in v1.9.0

func (s *HTTPHandlers) KeyringInstall(resp http.ResponseWriter, req *http.Request, args *keyringArgs) (interface{}, error)

KeyringInstall is used to install a new gossip encryption key into the cluster

func (*HTTPHandlers) KeyringList added in v1.9.0

func (s *HTTPHandlers) KeyringList(resp http.ResponseWriter, req *http.Request, args *keyringArgs) (interface{}, error)

KeyringList is used to list the keys installed in the cluster

func (*HTTPHandlers) KeyringRemove added in v1.9.0

func (s *HTTPHandlers) KeyringRemove(resp http.ResponseWriter, req *http.Request, args *keyringArgs) (interface{}, error)

KeyringRemove is used to list the keys installed in the cluster

func (*HTTPHandlers) KeyringUse added in v1.9.0

func (s *HTTPHandlers) KeyringUse(resp http.ResponseWriter, req *http.Request, args *keyringArgs) (interface{}, error)

KeyringUse is used to change the primary gossip encryption key

func (*HTTPHandlers) OperatorAutopilotConfiguration added in v1.9.0

func (s *HTTPHandlers) OperatorAutopilotConfiguration(resp http.ResponseWriter, req *http.Request) (interface{}, error)

OperatorAutopilotConfiguration is used to inspect the current Autopilot configuration. This supports the stale query mode in case the cluster doesn't have a leader.

func (*HTTPHandlers) OperatorAutopilotState added in v1.9.0

func (s *HTTPHandlers) OperatorAutopilotState(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) OperatorKeyringEndpoint added in v1.9.0

func (s *HTTPHandlers) OperatorKeyringEndpoint(resp http.ResponseWriter, req *http.Request) (interface{}, error)

OperatorKeyringEndpoint handles keyring operations (install, list, use, remove)

func (*HTTPHandlers) OperatorRaftConfiguration added in v1.9.0

func (s *HTTPHandlers) OperatorRaftConfiguration(resp http.ResponseWriter, req *http.Request) (interface{}, error)

OperatorRaftConfiguration is used to inspect the current Raft configuration. This supports the stale query mode in case the cluster doesn't have a leader.

func (*HTTPHandlers) OperatorRaftPeer added in v1.9.0

func (s *HTTPHandlers) OperatorRaftPeer(resp http.ResponseWriter, req *http.Request) (interface{}, error)

OperatorRaftPeer supports actions on Raft peers. Currently we only support removing peers by address.

func (*HTTPHandlers) OperatorServerHealth added in v1.9.0

func (s *HTTPHandlers) OperatorServerHealth(resp http.ResponseWriter, req *http.Request) (interface{}, error)

OperatorServerHealth is used to get the health of the servers in the local DC

func (*HTTPHandlers) PeeringEndpoint added in v1.13.0

func (s *HTTPHandlers) PeeringEndpoint(resp http.ResponseWriter, req *http.Request) (interface{}, error)

PeeringEndpoint handles GET, DELETE on v1/peering/name

func (*HTTPHandlers) PeeringEstablish added in v1.13.0

func (s *HTTPHandlers) PeeringEstablish(resp http.ResponseWriter, req *http.Request) (interface{}, error)

PeeringEstablish handles POSTs to the /v1/peering/establish endpoint. The request will always be forwarded via RPC to the local leader.

func (*HTTPHandlers) PeeringGenerateToken added in v1.13.0

func (s *HTTPHandlers) PeeringGenerateToken(resp http.ResponseWriter, req *http.Request) (interface{}, error)

PeeringGenerateToken handles POSTs to the /v1/peering/token endpoint. The request will always be forwarded via RPC to the local leader.

func (*HTTPHandlers) PeeringList added in v1.13.0

func (s *HTTPHandlers) PeeringList(resp http.ResponseWriter, req *http.Request) (interface{}, error)

PeeringList fetches all peerings in the datacenter in OSS or in a given partition in Consul Enterprise.

func (*HTTPHandlers) PreparedQueryGeneral added in v1.9.0

func (s *HTTPHandlers) PreparedQueryGeneral(resp http.ResponseWriter, req *http.Request) (interface{}, error)

PreparedQueryGeneral handles all the general prepared query requests.

func (*HTTPHandlers) PreparedQuerySpecific added in v1.9.0

func (s *HTTPHandlers) PreparedQuerySpecific(resp http.ResponseWriter, req *http.Request) (interface{}, error)

PreparedQuerySpecific handles all the prepared query requests specific to a particular query.

func (*HTTPHandlers) ReloadConfig added in v1.9.0

func (s *HTTPHandlers) ReloadConfig(newCfg *config.RuntimeConfig) error

ReloadConfig updates any internal state when the config is changed at runtime.

func (*HTTPHandlers) SessionCreate added in v1.9.0

func (s *HTTPHandlers) SessionCreate(resp http.ResponseWriter, req *http.Request) (interface{}, error)

SessionCreate is used to create a new session

func (*HTTPHandlers) SessionDestroy added in v1.9.0

func (s *HTTPHandlers) SessionDestroy(resp http.ResponseWriter, req *http.Request) (interface{}, error)

SessionDestroy is used to destroy an existing session

func (*HTTPHandlers) SessionGet added in v1.9.0

func (s *HTTPHandlers) SessionGet(resp http.ResponseWriter, req *http.Request) (interface{}, error)

SessionGet is used to get info for a particular session

func (*HTTPHandlers) SessionList added in v1.9.0

func (s *HTTPHandlers) SessionList(resp http.ResponseWriter, req *http.Request) (interface{}, error)

SessionList is used to list all the sessions

func (*HTTPHandlers) SessionRenew added in v1.9.0

func (s *HTTPHandlers) SessionRenew(resp http.ResponseWriter, req *http.Request) (interface{}, error)

SessionRenew is used to renew the TTL on an existing TTL session

func (*HTTPHandlers) SessionsForNode added in v1.9.0

func (s *HTTPHandlers) SessionsForNode(resp http.ResponseWriter, req *http.Request) (interface{}, error)

SessionsForNode returns all the nodes belonging to a node

func (*HTTPHandlers) Snapshot added in v1.9.0

func (s *HTTPHandlers) Snapshot(resp http.ResponseWriter, req *http.Request) (interface{}, error)

Snapshot handles requests to take and restore snapshots. This uses a special mechanism to make the RPC since we potentially stream large amounts of data as part of these requests.

func (*HTTPHandlers) StatusLeader added in v1.9.0

func (s *HTTPHandlers) StatusLeader(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) StatusPeers added in v1.9.0

func (s *HTTPHandlers) StatusPeers(resp http.ResponseWriter, req *http.Request) (interface{}, error)

func (*HTTPHandlers) Txn added in v1.9.0

func (s *HTTPHandlers) Txn(resp http.ResponseWriter, req *http.Request) (interface{}, error)

Txn handles requests to apply multiple operations in a single, atomic transaction. A transaction consisting of only read operations will be fast- pathed to an endpoint that supports consistency modes (but not blocking), and everything else will be routed through Raft like a normal write.

func (*HTTPHandlers) UICatalogOverview added in v1.12.0

func (s *HTTPHandlers) UICatalogOverview(resp http.ResponseWriter, req *http.Request) (interface{}, error)

UICatalogOverview is used to get a high-level overview of the health of nodes, services, and checks in the datacenter.

func (*HTTPHandlers) UIGatewayIntentions added in v1.9.0

func (s *HTTPHandlers) UIGatewayIntentions(resp http.ResponseWriter, req *http.Request) (interface{}, error)

GET /v1/internal/ui/gateway-intentions/:gateway

func (*HTTPHandlers) UIGatewayServicesNodes added in v1.9.0

func (s *HTTPHandlers) UIGatewayServicesNodes(resp http.ResponseWriter, req *http.Request) (interface{}, error)

UIGatewayServices is used to query all the nodes for services associated with a gateway along with their gateway config

func (*HTTPHandlers) UIMetricsProxy added in v1.9.0

func (s *HTTPHandlers) UIMetricsProxy(resp http.ResponseWriter, req *http.Request) (interface{}, error)

UIMetricsProxy handles the /v1/internal/ui/metrics-proxy/ endpoint which, if configured, provides a simple read-only HTTP proxy to a single metrics backend to expose it to the UI.

func (*HTTPHandlers) UINodeInfo added in v1.9.0

func (s *HTTPHandlers) UINodeInfo(resp http.ResponseWriter, req *http.Request) (interface{}, error)

UINodeInfo is used to get info on a single node in a given datacenter. We return a NodeInfo which provides overview information for the node

func (*HTTPHandlers) UINodes added in v1.9.0

func (s *HTTPHandlers) UINodes(resp http.ResponseWriter, req *http.Request) (interface{}, error)

UINodes is used to list the nodes in a given datacenter. We return a NodeDump which provides overview information for all the nodes

func (*HTTPHandlers) UIServiceTopology added in v1.9.0

func (s *HTTPHandlers) UIServiceTopology(resp http.ResponseWriter, req *http.Request) (interface{}, error)

UIServiceTopology returns the list of upstreams and downstreams for a Connect enabled service.

  • Downstreams are services that list the given service as an upstream
  • Upstreams are the upstreams defined in the given service's proxy registrations

func (*HTTPHandlers) UIServices added in v1.9.0

func (s *HTTPHandlers) UIServices(resp http.ResponseWriter, req *http.Request) (interface{}, error)

UIServices is used to list the services in a given datacenter. We return a ServiceSummary which provides overview information for the service

type MethodNotAllowedError added in v1.0.0

type MethodNotAllowedError struct {
	Method string
	Allow  []string
}

MethodNotAllowedError should be returned by a handler when the HTTP method is not allowed.

func (MethodNotAllowedError) Error added in v1.0.0

func (e MethodNotAllowedError) Error() string

type NotifyGroup

type NotifyGroup struct {
	// contains filtered or unexported fields
}

NotifyGroup is used to allow a simple notification mechanism. Channels can be marked as waiting, and when notify is invoked, all the waiting channels get a message and are cleared from the notify list.

func (*NotifyGroup) Clear

func (n *NotifyGroup) Clear(ch chan struct{})

Clear removes a channel from the notify group

func (*NotifyGroup) Notify

func (n *NotifyGroup) Notify()

Notify will do a non-blocking send to all waiting channels, and clear the notify list

func (*NotifyGroup) Wait

func (n *NotifyGroup) Wait(ch chan struct{})

Wait adds a channel to the notify group

type QueryOptionsCompat added in v1.12.0

type QueryOptionsCompat interface {
	GetAllowStale() bool
	SetAllowStale(bool)

	GetRequireConsistent() bool
	SetRequireConsistent(bool)

	GetUseCache() bool
	SetUseCache(bool)

	SetFilter(string)
	SetToken(string)

	SetMustRevalidate(bool)
	SetMaxAge(time.Duration)
	SetMaxStaleDuration(time.Duration)
	SetStaleIfError(time.Duration)

	SetMaxQueryTime(time.Duration)
	SetMinQueryIndex(uint64)
}

type Self

type Self struct {
	Config      interface{}
	DebugConfig map[string]interface{}
	Coord       *coordinate.Coordinate
	Member      serf.Member
	Stats       map[string]map[string]string
	Meta        map[string]string
	XDS         *XDSSelf `json:"xDS,omitempty"`
}

type ServiceListingSummary added in v1.9.0

type ServiceListingSummary struct {
	ServiceSummary

	ConnectedWithProxy   bool
	ConnectedWithGateway bool
}

type ServiceManager added in v1.5.0

type ServiceManager struct {
	// contains filtered or unexported fields
}

ServiceManager watches changes to central service config for all services registered with it. When a central config changes, the local service will be updated with the correct values from the central config.

func NewServiceManager added in v1.5.0

func NewServiceManager(agent *Agent) *ServiceManager

func (*ServiceManager) AddService added in v1.5.0

func (s *ServiceManager) AddService(req addServiceLockedRequest) error

AddService will (re)create a serviceConfigWatch on the given service. For each call of this function the first registration will happen inline and will read the merged global defaults for the service through the agent cache (regardless of whether or not the service was already registered). This lets validation or authorization related errors bubble back up to the caller's RPC inline with their request. Upon success a goroutine will keep this updated in the background.

If waitForCentralConfig=true is used, the initial registration blocks on fetching the merged global config through the cache. If false, no such RPC occurs and only the previousDefaults are used.

persistServiceConfig controls if the INITIAL registration will result in persisting the service config to disk again. All background updates will always persist.

service, chkTypes, persist, token, replaceExistingChecks, and source are basically pass-through arguments to Agent.addServiceInternal that follow the semantics there. The one key difference is that the service provided will be merged with the global defaults before registration.

NOTE: the caller must hold the Agent.stateLock!

func (*ServiceManager) RemoveService added in v1.5.0

func (s *ServiceManager) RemoveService(serviceID structs.ServiceID)

NOTE: the caller must hold the Agent.stateLock!

func (*ServiceManager) Stop added in v1.6.2

func (s *ServiceManager) Stop()

Stop forces all background goroutines to terminate and blocks until they complete.

NOTE: the caller must NOT hold the Agent.stateLock!

type ServiceSummary

type ServiceSummary struct {
	Kind            structs.ServiceKind `json:",omitempty"`
	Name            string
	Datacenter      string
	Tags            []string
	Nodes           []string
	ExternalSources []string

	InstanceCount    int
	ChecksPassing    int
	ChecksWarning    int
	ChecksCritical   int
	GatewayConfig    GatewayConfig
	TransparentProxy bool

	ConnectNative bool

	acl.EnterpriseMeta
	// contains filtered or unexported fields
}

ServiceSummary is used to summarize a service

func (*ServiceSummary) LessThan added in v1.9.0

func (s *ServiceSummary) LessThan(other *ServiceSummary) bool

type ServiceTopology added in v1.9.0

type ServiceTopology struct {
	Protocol         string
	TransparentProxy bool
	Upstreams        []*ServiceTopologySummary
	Downstreams      []*ServiceTopologySummary
	FilteredByACLs   bool
}

type ServiceTopologySummary added in v1.9.0

type ServiceTopologySummary struct {
	ServiceSummary

	Source    string
	Intention structs.IntentionDecisionSummary
}

type TestACLConfigParams added in v1.7.0

type TestACLConfigParams struct {
	PrimaryDatacenter      string
	DefaultPolicy          string
	InitialManagementToken string
	AgentToken             string
	DefaultToken           string
	AgentRecoveryToken     string
	ReplicationToken       string
	EnableTokenReplication bool
}

func DefaultTestACLConfigParams added in v1.11.0

func DefaultTestACLConfigParams() *TestACLConfigParams

func (*TestACLConfigParams) HasConfiguredTokens added in v1.7.0

func (p *TestACLConfigParams) HasConfiguredTokens() bool

type TestAgent

type TestAgent struct {
	// Name is an optional name of the agent.
	Name string

	HCL string

	// Config is the agent configuration. If Config is nil then
	// TestConfig() is used. If Config.DataDir is set then it is
	// the callers responsibility to clean up the data directory.
	// Otherwise, a temporary data directory is created and removed
	// when Shutdown() is called.
	Config *config.RuntimeConfig

	// LogOutput is the sink for the logs. If nil, logs are written to os.Stderr.
	// The io.Writer must allow concurrent reads and writes. Note that
	// bytes.Buffer is not safe for concurrent reads and writes.
	LogOutput io.Writer
	LogLevel  hclog.Level

	// DataDir may be set to a directory which exists. If is it not set,
	// TestAgent.Start will create one and set DataDir to the directory path.
	// In all cases the agent will be configured to use this path as the data directory,
	// and the directory will be removed once the test ends.
	DataDir string

	// UseTLS, if true, will disable the HTTP port and enable the HTTPS
	// one.
	UseTLS bool

	// overrides is an hcl config source to use to override otherwise
	// non-user settable configurations
	Overrides string

	// Agent is the embedded consul agent.
	// It is valid after Start().
	*Agent
	// contains filtered or unexported fields
}

TestAgent encapsulates an Agent with a default configuration and startup procedure suitable for testing. It panics if there are errors during creation or startup instead of returning errors. It manages a temporary data directory which is removed after shutdown.

func NewTestAgent

func NewTestAgent(t *testing.T, hcl string) *TestAgent

NewTestAgent returns a started agent with the given configuration. It fails the test if the Agent could not be started.

func NewTestAgentWithConfigFile added in v1.12.0

func NewTestAgentWithConfigFile(t *testing.T, hcl string, configFiles []string) *TestAgent

NewTestAgent returns a started agent with the given configuration. It fails the test if the Agent could not be started. The caller is responsible for calling Shutdown() to stop the agent and remove temporary directories.

func StartTestAgent added in v1.8.0

func StartTestAgent(t *testing.T, a TestAgent) *TestAgent

StartTestAgent and wait for it to become available. If the agent fails to start the test will be marked failed and execution will stop.

The caller is responsible for calling Shutdown() to stop the agent and remove temporary directories.

func (*TestAgent) Client

func (a *TestAgent) Client() *api.Client

func (*TestAgent) DNSAddr added in v1.0.0

func (a *TestAgent) DNSAddr() string

func (*TestAgent) DNSDisableCompression added in v0.9.0

func (a *TestAgent) DNSDisableCompression(b bool)

DNSDisableCompression disables compression for all started DNS servers.

func (*TestAgent) HTTPAddr

func (a *TestAgent) HTTPAddr() string

func (*TestAgent) SegmentAddr added in v0.9.3

func (a *TestAgent) SegmentAddr(name string) string

func (*TestAgent) Shutdown

func (a *TestAgent) Shutdown() error

Shutdown stops the agent and removes the data directory if it is managed by the test agent.

func (*TestAgent) Start

func (a *TestAgent) Start(t *testing.T) error

Start starts a test agent. It returns an error if the agent could not be started. If no error is returned, the caller must call Shutdown() when finished.

type TranslateAddressAccept added in v1.7.0

type TranslateAddressAccept int
const (
	TranslateAddressAcceptDomain TranslateAddressAccept = 1 << iota
	TranslateAddressAcceptIPv4
	TranslateAddressAcceptIPv6

	TranslateAddressAcceptAny TranslateAddressAccept = ^0
)

type UserEvent

type UserEvent struct {
	// ID of the user event. Automatically generated.
	ID string

	// Name of the event
	Name string `codec:"n"`

	// Optional payload
	Payload []byte `codec:"p,omitempty"`

	// NodeFilter is a regular expression to filter on nodes
	NodeFilter string `codec:"nf,omitempty"`

	// ServiceFilter is a regular expression to filter on services
	ServiceFilter string `codec:"sf,omitempty"`

	// TagFilter is a regular expression to filter on tags of a service,
	// must be provided with ServiceFilter
	TagFilter string `codec:"tf,omitempty"`

	// Version of the user event. Automatically generated.
	Version int `codec:"v"`

	// LTime is the lamport time. Automatically generated.
	LTime uint64 `codec:"-"`
}

UserEventParam is used to parameterize a user event

type XDSSelf added in v1.11.0

type XDSSelf struct {
	SupportedProxies map[string][]string
	Port             int
}

Directories

Path Synopsis
Package ae provides tools to synchronize state between local and remote consul servers.
Package ae provides tools to synchronize state between local and remote consul servers.
Package cache provides caching features for data from a Consul server.
Package cache provides caching features for data from a Consul server.
ca
The snapshot endpoint is a special non-RPC endpoint that supports streaming for taking and restoring snapshots for disaster recovery.
The snapshot endpoint is a special non-RPC endpoint that supports streaming for taking and restoring snapshots for disaster recovery.
fsm
stream
Package stream provides a publish/subscribe system for events produced by changes to the state store.
Package stream provides a publish/subscribe system for events produced by changes to the state store.
grpc
Package proxycfg contains components for sourcing the data required to configure Connect proxies.
Package proxycfg contains components for sourcing the data required to configure Connect proxies.
proxycfg-sources
local
Package local integrates the proxycfg Manager with the agent's local state.
Package local integrates the proxycfg Manager with the agent's local state.
Package servers provides a Manager interface for Manager managed metadata.Server objects.
Package servers provides a Manager interface for Manager managed metadata.Server objects.
rpc
rpcclient
xds
Package xds provides an implementation of a gRPC service that exports Envoy's xDS API for config discovery.
Package xds provides an implementation of a gRPC service that exports Envoy's xDS API for config discovery.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL