peering

package
v1.14.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 13, 2022 License: MPL-2.0 Imports: 29 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func TestPeering

func TestPeering(peerName string, state pbpeering.PeeringState, meta map[string]string) *pbpeering.Peering

TestPeering is a test utility for generating a pbpeering.Peering with valid data along with the peerName, state and index.

func TestPeeringToken

func TestPeeringToken(peerID string) structs.PeeringToken

TestPeeringToken is a test utility for generating a valid peering token with the given peerID for use in test cases

Types

type Backend

type Backend interface {
	// ResolveTokenAndDefaultMeta returns an acl.Authorizer which authorizes
	// actions based on the permissions granted to the token.
	// If either entMeta or authzContext are non-nil they will be populated with the
	// partition and namespace from the token.
	ResolveTokenAndDefaultMeta(token string, entMeta *acl.EnterpriseMeta, authzCtx *acl.AuthorizerContext) (resolver.Result, error)

	// GetTLSMaterials returns the TLS materials for the dialer to dial the acceptor using TLS.
	// It returns the server name to validate, and the CA certificate to validate with.
	GetTLSMaterials(generatingToken bool) (string, []string, error)

	// GetLocalServerAddresses returns the addresses used for establishing a peering connection.
	// These may be server addresses or mesh gateway addresses if peering through mesh gateways.
	GetLocalServerAddresses() ([]string, error)

	// EncodeToken packages a peering token into a slice of bytes.
	EncodeToken(tok *structs.PeeringToken) ([]byte, error)

	// DecodeToken unpackages a peering token from a slice of bytes.
	DecodeToken([]byte) (*structs.PeeringToken, error)

	// GetDialAddresses returns: the addresses to cycle through when dialing a peer's servers,
	// an optional buffer of just gateway addresses,  and an optional error.
	// The resulting ring buffer is front-loaded with the local mesh gateway addresses if the local
	// datacenter is configured to dial through mesh gateways.
	GetDialAddresses(logger hclog.Logger, ws memdb.WatchSet, peerID string) (*ring.Ring, *ring.Ring, error)

	EnterpriseCheckPartitions(partition string) error

	EnterpriseCheckNamespaces(namespace string) error

	Subscribe(req *stream.SubscribeRequest) (*stream.Subscription, error)

	// IsLeader indicates whether the consul server is in a leader state or not.
	IsLeader() bool

	// SetLeaderAddress is called on a raft.LeaderObservation in a go routine
	// in the consul server; see trackLeaderChanges()
	SetLeaderAddress(string)

	// GetLeaderAddress provides the best hint for the current address of the
	// leader. There is no guarantee that this is the actual address of the
	// leader.
	GetLeaderAddress() string

	// CheckPeeringUUID returns true if the given UUID is not associated with
	// an existing peering.
	CheckPeeringUUID(id string) (bool, error)

	ValidateProposedPeeringSecret(id string) (bool, error)

	PeeringWrite(req *pbpeering.PeeringWriteRequest) error

	Store() Store
}

Backend defines the core integrations the Peering endpoint depends on. A functional implementation will integrate with various subcomponents of Consul such as the State store for reading and writing data, the CA machinery for providing access to CA data and the RPC system for forwarding requests to other servers.

type Config

type Config struct {
	Backend        Backend
	Tracker        *peerstream.Tracker
	Logger         hclog.Logger
	ForwardRPC     func(structs.RPCInfo, func(*grpc.ClientConn) error) (bool, error)
	Datacenter     string
	ConnectEnabled bool
	PeeringEnabled bool
}

type Server

type Server struct {
	Config
}

Server implements pbpeering.PeeringService to provide RPC operations for managing peering relationships.

func NewServer

func NewServer(cfg Config) *Server

func (*Server) Establish

Establish implements the PeeringService RPC method to finalize peering registration. Given a valid token output from a peer's GenerateToken endpoint, a peering is registered.

func (*Server) GenerateToken

GenerateToken implements the PeeringService RPC method to generate a peering token which is the initial step in establishing a peering relationship with other Consul clusters.

func (*Server) PeeringList

OPTIMIZE: Handle blocking queries

func (*Server) PeeringRead

OPTIMIZE: Handle blocking queries

func (*Server) PeeringWrite

TODO(peering): As of writing, this method is only used in tests to set up Peerings in the state store. Consider removing if we can find another way to populate state store in peering_endpoint_test.go

func (*Server) Register

func (s *Server) Register(grpcServer *grpc.Server)

func (*Server) TrustBundleListByService

TODO(peering): rename rpc & request/response to drop the "service" part OPTIMIZE: Handle blocking queries

func (*Server) TrustBundleRead

OPTIMIZE: Handle blocking queries

type Store

type Store interface {
	PeeringRead(ws memdb.WatchSet, q state.Query) (uint64, *pbpeering.Peering, error)
	PeeringReadByID(ws memdb.WatchSet, id string) (uint64, *pbpeering.Peering, error)
	PeeringList(ws memdb.WatchSet, entMeta acl.EnterpriseMeta) (uint64, []*pbpeering.Peering, error)
	PeeringTrustBundleRead(ws memdb.WatchSet, q state.Query) (uint64, *pbpeering.PeeringTrustBundle, error)
	PeeringTrustBundleList(ws memdb.WatchSet, entMeta acl.EnterpriseMeta) (uint64, []*pbpeering.PeeringTrustBundle, error)
	TrustBundleListByService(ws memdb.WatchSet, service, dc string, entMeta acl.EnterpriseMeta) (uint64, []*pbpeering.PeeringTrustBundle, error)
}

Store provides a read-only interface for querying Peering data.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL