Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertManager ¶
type CertManager struct {
// contains filtered or unexported fields
}
CertManager is responsible for requesting and renewing the leaf cert for server agents. The server certificate is managed internally and used for peering control-plane traffic to the TLS-enabled external gRPC port.
func NewCertManager ¶
func NewCertManager(deps Deps) *CertManager
type Deps ¶
type Deps struct { Config Config Logger hclog.Logger LeafCertManager LeafCertManager GetStore func() Store TLSConfigurator TLSConfigurator // contains filtered or unexported fields }
type LeafCertManager ¶ added in v1.16.0
type LeafCertManager interface {
Notify(ctx context.Context, req *leafcert.ConnectCALeafRequest, correlationID string, ch chan<- cache.UpdateEvent) error
}
LeafCertManager is an interface to represent the necessary methods of the agent/leafcert.Manager. It is used to request and renew the server leaf certificate.
type Store ¶
type Store interface { CAConfig(ws memdb.WatchSet) (uint64, *structs.CAConfiguration, error) SystemMetadataGet(ws memdb.WatchSet, key string) (uint64, *structs.SystemMetadataEntry, error) AbandonCh() <-chan struct{} }
Store is an interface to represent the necessary methods of the state.Store. It is used to fetch the CA Config to getStore the trust domain in the TLSConfigurator.
type TLSConfigurator ¶
type TLSConfigurator interface { UpdateAutoTLSCert(pub, priv string) error UpdateAutoTLSPeeringServerName(name string) }
TLSConfigurator is an interface to represent the necessary methods of the tlsutil.Configurator. It is used to apply the server leaf certificate and server name.