Documentation ¶
Index ¶
- Constants
- Variables
- func IsRetryableError(err error) bool
- func NewHttpClient(transport *http.Transport, tlsConf TLSConfig) (*http.Client, error)
- func SetupTLSConfig(tlsConfig *TLSConfig) (*tls.Config, error)
- func ValidateGatewayConditionReason(name GatewayConditionType, status ConditionStatus, ...) error
- func ValidateRouteConditionReason(name RouteConditionType, status ConditionStatus, reason RouteConditionReason) error
- type ACL
- func (a *ACL) AuthMethodCreate(method *ACLAuthMethod, q *WriteOptions) (*ACLAuthMethod, *WriteMeta, error)
- func (a *ACL) AuthMethodDelete(methodName string, q *WriteOptions) (*WriteMeta, error)
- func (a *ACL) AuthMethodList(q *QueryOptions) ([]*ACLAuthMethodListEntry, *QueryMeta, error)
- func (a *ACL) AuthMethodRead(methodName string, q *QueryOptions) (*ACLAuthMethod, *QueryMeta, error)
- func (a *ACL) AuthMethodUpdate(method *ACLAuthMethod, q *WriteOptions) (*ACLAuthMethod, *WriteMeta, error)
- func (a *ACL) BindingRuleCreate(rule *ACLBindingRule, q *WriteOptions) (*ACLBindingRule, *WriteMeta, error)
- func (a *ACL) BindingRuleDelete(bindingRuleID string, q *WriteOptions) (*WriteMeta, error)
- func (a *ACL) BindingRuleList(methodName string, q *QueryOptions) ([]*ACLBindingRule, *QueryMeta, error)
- func (a *ACL) BindingRuleRead(bindingRuleID string, q *QueryOptions) (*ACLBindingRule, *QueryMeta, error)
- func (a *ACL) BindingRuleUpdate(rule *ACLBindingRule, q *WriteOptions) (*ACLBindingRule, *WriteMeta, error)
- func (a *ACL) Bootstrap() (*ACLToken, *WriteMeta, error)
- func (a *ACL) BootstrapWithToken(btoken string) (*ACLToken, *WriteMeta, error)
- func (a *ACL) Clone(id string, q *WriteOptions) (string, *WriteMeta, error)deprecated
- func (a *ACL) Create(acl *ACLEntry, q *WriteOptions) (string, *WriteMeta, error)deprecated
- func (a *ACL) Destroy(id string, q *WriteOptions) (*WriteMeta, error)deprecated
- func (a *ACL) Info(id string, q *QueryOptions) (*ACLEntry, *QueryMeta, error)deprecated
- func (a *ACL) List(q *QueryOptions) ([]*ACLEntry, *QueryMeta, error)deprecated
- func (a *ACL) Login(auth *ACLLoginParams, q *WriteOptions) (*ACLToken, *WriteMeta, error)
- func (a *ACL) Logout(q *WriteOptions) (*WriteMeta, error)
- func (a *ACL) OIDCAuthURL(auth *ACLOIDCAuthURLParams, q *WriteOptions) (string, *WriteMeta, error)
- func (a *ACL) OIDCCallback(auth *ACLOIDCCallbackParams, q *WriteOptions) (*ACLToken, *WriteMeta, error)
- func (a *ACL) PolicyCreate(policy *ACLPolicy, q *WriteOptions) (*ACLPolicy, *WriteMeta, error)
- func (a *ACL) PolicyDelete(policyID string, q *WriteOptions) (*WriteMeta, error)
- func (a *ACL) PolicyList(q *QueryOptions) ([]*ACLPolicyListEntry, *QueryMeta, error)
- func (a *ACL) PolicyRead(policyID string, q *QueryOptions) (*ACLPolicy, *QueryMeta, error)
- func (a *ACL) PolicyReadByName(policyName string, q *QueryOptions) (*ACLPolicy, *QueryMeta, error)
- func (a *ACL) PolicyUpdate(policy *ACLPolicy, q *WriteOptions) (*ACLPolicy, *WriteMeta, error)
- func (a *ACL) Replication(q *QueryOptions) (*ACLReplicationStatus, *QueryMeta, error)
- func (a *ACL) RoleCreate(role *ACLRole, q *WriteOptions) (*ACLRole, *WriteMeta, error)
- func (a *ACL) RoleDelete(roleID string, q *WriteOptions) (*WriteMeta, error)
- func (a *ACL) RoleList(q *QueryOptions) ([]*ACLRole, *QueryMeta, error)
- func (a *ACL) RoleRead(roleID string, q *QueryOptions) (*ACLRole, *QueryMeta, error)
- func (a *ACL) RoleReadByName(roleName string, q *QueryOptions) (*ACLRole, *QueryMeta, error)
- func (a *ACL) RoleUpdate(role *ACLRole, q *WriteOptions) (*ACLRole, *WriteMeta, error)
- func (a *ACL) RulesTranslate(rules io.Reader) (string, error)deprecated
- func (a *ACL) RulesTranslateToken(tokenID string) (string, error)deprecated
- func (a *ACL) TokenClone(accessorID string, description string, q *WriteOptions) (*ACLToken, *WriteMeta, error)
- func (a *ACL) TokenCreate(token *ACLToken, q *WriteOptions) (*ACLToken, *WriteMeta, error)
- func (a *ACL) TokenDelete(accessorID string, q *WriteOptions) (*WriteMeta, error)
- func (a *ACL) TokenList(q *QueryOptions) ([]*ACLTokenListEntry, *QueryMeta, error)
- func (a *ACL) TokenRead(accessorID string, q *QueryOptions) (*ACLToken, *QueryMeta, error)
- func (a *ACL) TokenReadExpanded(accessorID string, q *QueryOptions) (*ACLTokenExpanded, *QueryMeta, error)
- func (a *ACL) TokenReadSelf(q *QueryOptions) (*ACLToken, *QueryMeta, error)
- func (a *ACL) TokenUpdate(token *ACLToken, q *WriteOptions) (*ACLToken, *WriteMeta, error)
- func (a *ACL) Update(acl *ACLEntry, q *WriteOptions) (*WriteMeta, error)deprecated
- type ACLAuthMethod
- type ACLAuthMethodListEntry
- type ACLAuthMethodNamespaceRule
- type ACLBindingRule
- type ACLEntry
- type ACLLink
- type ACLLoginParams
- type ACLNodeIdentity
- type ACLOIDCAuthURLParams
- type ACLOIDCCallbackParams
- type ACLPolicy
- type ACLPolicyListEntry
- type ACLReplicationStatus
- type ACLRole
- type ACLRolePolicyLink
- type ACLServiceIdentity
- type ACLToken
- type ACLTokenExpanded
- type ACLTokenListEntry
- type ACLTokenPolicyLink
- type ACLTokenRoleLink
- type APIGatewayConfigEntry
- func (g *APIGatewayConfigEntry) GetCreateIndex() uint64
- func (g *APIGatewayConfigEntry) GetKind() string
- func (g *APIGatewayConfigEntry) GetMeta() map[string]string
- func (g *APIGatewayConfigEntry) GetModifyIndex() uint64
- func (g *APIGatewayConfigEntry) GetName() string
- func (g *APIGatewayConfigEntry) GetNamespace() string
- func (g *APIGatewayConfigEntry) GetPartition() string
- type APIGatewayListener
- type APIGatewayTLSConfiguration
- type AccessLogsConfig
- type Agent
- func (a *Agent) AgentHealthServiceByID(serviceID string) (string, *AgentServiceChecksInfo, error)
- func (a *Agent) AgentHealthServiceByIDOpts(serviceID string, q *QueryOptions) (string, *AgentServiceChecksInfo, error)
- func (a *Agent) AgentHealthServiceByName(service string) (string, []AgentServiceChecksInfo, error)
- func (a *Agent) AgentHealthServiceByNameOpts(service string, q *QueryOptions) (string, []AgentServiceChecksInfo, error)
- func (a *Agent) CheckDeregister(checkID string) error
- func (a *Agent) CheckDeregisterOpts(checkID string, q *QueryOptions) error
- func (a *Agent) CheckRegister(check *AgentCheckRegistration) error
- func (a *Agent) Checks() (map[string]*AgentCheck, error)
- func (a *Agent) ChecksWithFilter(filter string) (map[string]*AgentCheck, error)
- func (a *Agent) ChecksWithFilterOpts(filter string, q *QueryOptions) (map[string]*AgentCheck, error)
- func (a *Agent) ConnectAuthorize(auth *AgentAuthorizeParams) (*AgentAuthorize, error)
- func (a *Agent) ConnectCALeaf(serviceID string, q *QueryOptions) (*LeafCert, *QueryMeta, error)
- func (a *Agent) ConnectCARoots(q *QueryOptions) (*CARootList, *QueryMeta, error)
- func (a *Agent) DisableNodeMaintenance() error
- func (a *Agent) DisableServiceMaintenance(serviceID string) error
- func (a *Agent) DisableServiceMaintenanceOpts(serviceID string, q *QueryOptions) error
- func (a *Agent) EnableNodeMaintenance(reason string) error
- func (a *Agent) EnableServiceMaintenance(serviceID, reason string) error
- func (a *Agent) EnableServiceMaintenanceOpts(serviceID, reason string, q *QueryOptions) error
- func (a *Agent) FailTTL(checkID, note string) error
- func (a *Agent) ForceLeave(node string) error
- func (a *Agent) ForceLeaveOptions(node string, opts ForceLeaveOpts, q *QueryOptions) error
- func (a *Agent) ForceLeaveOpts(node string, opts ForceLeaveOpts) error
- func (a *Agent) ForceLeavePrune(node string) error
- func (a *Agent) Host() (map[string]interface{}, error)
- func (a *Agent) Join(addr string, wan bool) error
- func (a *Agent) Leave() error
- func (a *Agent) Members(wan bool) ([]*AgentMember, error)
- func (a *Agent) MembersOpts(opts MembersOpts) ([]*AgentMember, error)
- func (a *Agent) Metrics() (*MetricsInfo, error)
- func (a *Agent) MetricsStream(ctx context.Context) (io.ReadCloser, error)
- func (a *Agent) Monitor(loglevel string, stopCh <-chan struct{}, q *QueryOptions) (chan string, error)
- func (a *Agent) MonitorJSON(loglevel string, stopCh <-chan struct{}, q *QueryOptions) (chan string, error)
- func (a *Agent) NodeName() (string, error)
- func (a *Agent) PassTTL(checkID, note string) error
- func (a *Agent) Reload() error
- func (a *Agent) Self() (map[string]map[string]interface{}, error)
- func (a *Agent) Service(serviceID string, q *QueryOptions) (*AgentService, *QueryMeta, error)
- func (a *Agent) ServiceDeregister(serviceID string) error
- func (a *Agent) ServiceDeregisterOpts(serviceID string, q *QueryOptions) error
- func (a *Agent) ServiceRegister(service *AgentServiceRegistration) error
- func (a *Agent) ServiceRegisterOpts(service *AgentServiceRegistration, opts ServiceRegisterOpts) error
- func (a *Agent) Services() (map[string]*AgentService, error)
- func (a *Agent) ServicesWithFilter(filter string) (map[string]*AgentService, error)
- func (a *Agent) ServicesWithFilterOpts(filter string, q *QueryOptions) (map[string]*AgentService, error)
- func (a *Agent) UpdateACLAgentMasterToken(token string, q *WriteOptions) (*WriteMeta, error)
- func (a *Agent) UpdateACLAgentToken(token string, q *WriteOptions) (*WriteMeta, error)
- func (a *Agent) UpdateACLReplicationToken(token string, q *WriteOptions) (*WriteMeta, error)
- func (a *Agent) UpdateACLToken(token string, q *WriteOptions) (*WriteMeta, error)
- func (a *Agent) UpdateAgentACLToken(token string, q *WriteOptions) (*WriteMeta, error)
- func (a *Agent) UpdateAgentMasterACLToken(token string, q *WriteOptions) (*WriteMeta, error)
- func (a *Agent) UpdateAgentRecoveryACLToken(token string, q *WriteOptions) (*WriteMeta, error)
- func (a *Agent) UpdateConfigFileRegistrationToken(token string, q *WriteOptions) (*WriteMeta, error)
- func (a *Agent) UpdateDefaultACLToken(token string, q *WriteOptions) (*WriteMeta, error)
- func (a *Agent) UpdateReplicationACLToken(token string, q *WriteOptions) (*WriteMeta, error)
- func (a *Agent) UpdateTTL(checkID, output, status string) error
- func (a *Agent) UpdateTTLOpts(checkID, output, status string, q *QueryOptions) error
- func (a *Agent) Version() (map[string]interface{}, error)
- func (a *Agent) WarnTTL(checkID, note string) error
- type AgentAuthorize
- type AgentAuthorizeParams
- type AgentCheck
- type AgentCheckRegistration
- type AgentMember
- type AgentService
- type AgentServiceCheck
- type AgentServiceChecks
- type AgentServiceChecksInfo
- type AgentServiceConnect
- type AgentServiceConnectProxyConfig
- type AgentServiceRegistration
- type AgentToken
- type AgentWeights
- type Area
- type AreaJoinResponse
- type AssignServiceManualVIPsRequest
- type AssignServiceManualVIPsResponse
- type AutopilotConfiguration
- type AutopilotServer
- type AutopilotServerStatus
- type AutopilotServerType
- type AutopilotState
- type AutopilotUpgrade
- type AutopilotUpgradeStatus
- type AutopilotZone
- type AutopilotZoneUpgradeVersions
- type BindingRuleBindType
- type BootstrapRequest
- type CAConfig
- type CARoot
- type CARootList
- type Catalog
- func (c *Catalog) Connect(service, tag string, q *QueryOptions) ([]*CatalogService, *QueryMeta, error)
- func (c *Catalog) ConnectMultipleTags(service string, tags []string, q *QueryOptions) ([]*CatalogService, *QueryMeta, error)
- func (c *Catalog) Datacenters() ([]string, error)
- func (c *Catalog) Deregister(dereg *CatalogDeregistration, q *WriteOptions) (*WriteMeta, error)
- func (c *Catalog) GatewayServices(gateway string, q *QueryOptions) ([]*GatewayService, *QueryMeta, error)
- func (c *Catalog) Node(node string, q *QueryOptions) (*CatalogNode, *QueryMeta, error)
- func (c *Catalog) NodeServiceList(node string, q *QueryOptions) (*CatalogNodeServiceList, *QueryMeta, error)
- func (c *Catalog) Nodes(q *QueryOptions) ([]*Node, *QueryMeta, error)
- func (c *Catalog) Register(reg *CatalogRegistration, q *WriteOptions) (*WriteMeta, error)
- func (c *Catalog) Service(service, tag string, q *QueryOptions) ([]*CatalogService, *QueryMeta, error)
- func (c *Catalog) ServiceMultipleTags(service string, tags []string, q *QueryOptions) ([]*CatalogService, *QueryMeta, error)
- func (c *Catalog) Services(q *QueryOptions) (map[string][]string, *QueryMeta, error)
- type CatalogDeregistration
- type CatalogNode
- type CatalogNodeServiceList
- type CatalogRegistration
- type CatalogService
- type CheckOp
- type CheckTxnOp
- type Client
- func (c *Client) ACL() *ACL
- func (c *Client) AddHeader(key, value string)
- func (c *Client) Agent() *Agent
- func (c *Client) Catalog() *Catalog
- func (c *Client) ConfigEntries() *ConfigEntries
- func (c *Client) Connect() *Connect
- func (c *Client) Coordinate() *Coordinate
- func (c *Client) Debug() *Debug
- func (c *Client) DiscoveryChain() *DiscoveryChain
- func (c *Client) Event() *Event
- func (c *Client) Headers() http.Header
- func (c *Client) Health() *Health
- func (c *Client) Internal() *Internal
- func (c *Client) KV() *KV
- func (c *Client) LockKey(key string) (*Lock, error)
- func (c *Client) LockOpts(opts *LockOptions) (*Lock, error)
- func (c *Client) Namespaces() *Namespaces
- func (c *Client) Operator() *Operator
- func (c *Client) Partitions() *Partitions
- func (c *Client) Peerings() *Peerings
- func (c *Client) PreparedQuery() *PreparedQuery
- func (c *Client) Raw() *Raw
- func (c *Client) SemaphoreOpts(opts *SemaphoreOptions) (*Semaphore, error)
- func (c *Client) SemaphorePrefix(prefix string, limit int) (*Semaphore, error)
- func (c *Client) Session() *Session
- func (c *Client) SetHeaders(headers http.Header)
- func (c *Client) Snapshot() *Snapshot
- func (c *Client) Status() *Status
- func (c *Client) Txn() *Txn
- type ClusterDiscoveryType
- type CommonCAProviderConfig
- type CompiledDiscoveryChain
- type CompoundServiceName
- type Condition
- type ConditionStatus
- type Config
- type ConfigEntries
- func (conf *ConfigEntries) CAS(entry ConfigEntry, index uint64, w *WriteOptions) (bool, *WriteMeta, error)
- func (conf *ConfigEntries) Delete(kind string, name string, w *WriteOptions) (*WriteMeta, error)
- func (conf *ConfigEntries) DeleteCAS(kind, name string, index uint64, w *WriteOptions) (bool, *WriteMeta, error)
- func (conf *ConfigEntries) Get(kind string, name string, q *QueryOptions) (ConfigEntry, *QueryMeta, error)
- func (conf *ConfigEntries) List(kind string, q *QueryOptions) ([]ConfigEntry, *QueryMeta, error)
- func (conf *ConfigEntries) Set(entry ConfigEntry, w *WriteOptions) (bool, *WriteMeta, error)
- type ConfigEntry
- type ConfigEntryStatus
- type Connect
- func (h *Connect) CAGetConfig(q *QueryOptions) (*CAConfig, *QueryMeta, error)
- func (h *Connect) CARoots(q *QueryOptions) (*CARootList, *QueryMeta, error)
- func (h *Connect) CASetConfig(conf *CAConfig, q *WriteOptions) (*WriteMeta, error)
- func (h *Connect) IntentionCheck(args *IntentionCheck, q *QueryOptions) (bool, *QueryMeta, error)
- func (c *Connect) IntentionCreate(ixn *Intention, q *WriteOptions) (string, *WriteMeta, error)deprecated
- func (h *Connect) IntentionDelete(id string, q *WriteOptions) (*WriteMeta, error)deprecated
- func (h *Connect) IntentionDeleteExact(source, destination string, q *WriteOptions) (*WriteMeta, error)
- func (h *Connect) IntentionGet(id string, q *QueryOptions) (*Intention, *QueryMeta, error)deprecated
- func (h *Connect) IntentionGetExact(source, destination string, q *QueryOptions) (*Intention, *QueryMeta, error)
- func (h *Connect) IntentionMatch(args *IntentionMatch, q *QueryOptions) (map[string][]*Intention, *QueryMeta, error)
- func (c *Connect) IntentionUpdate(ixn *Intention, q *WriteOptions) (*WriteMeta, error)deprecated
- func (c *Connect) IntentionUpsert(ixn *Intention, q *WriteOptions) (*WriteMeta, error)
- func (h *Connect) Intentions(q *QueryOptions) ([]*Intention, *QueryMeta, error)
- type ConnectProxyConfig
- type ConsulCAProviderConfig
- type CookieConfig
- type Coordinate
- func (c *Coordinate) Datacenters() ([]*CoordinateDatacenterMap, error)
- func (c *Coordinate) Node(node string, q *QueryOptions) ([]*CoordinateEntry, *QueryMeta, error)
- func (c *Coordinate) Nodes(q *QueryOptions) ([]*CoordinateEntry, *QueryMeta, error)
- func (c *Coordinate) Update(coord *CoordinateEntry, q *WriteOptions) (*WriteMeta, error)
- type CoordinateDatacenterMap
- type CoordinateEntry
- type Debug
- type DestinationConfig
- type DiscoveryChain
- type DiscoveryChainOptions
- type DiscoveryChainResponse
- type DiscoveryFailover
- type DiscoveryGraphNode
- type DiscoveryResolver
- type DiscoveryRoute
- type DiscoverySplit
- type DiscoveryTarget
- type EnvoyExtension
- type Event
- type ExportedService
- type ExportedServicesConfigEntry
- func (e *ExportedServicesConfigEntry) GetCreateIndex() uint64
- func (e *ExportedServicesConfigEntry) GetKind() string
- func (e *ExportedServicesConfigEntry) GetMeta() map[string]string
- func (e *ExportedServicesConfigEntry) GetModifyIndex() uint64
- func (e *ExportedServicesConfigEntry) GetName() string
- func (e *ExportedServicesConfigEntry) GetNamespace() string
- func (e *ExportedServicesConfigEntry) GetPartition() string
- func (e *ExportedServicesConfigEntry) MarshalJSON() ([]byte, error)
- type ExposeConfig
- type ExposePath
- type ForceLeaveOpts
- type GatewayConditionReason
- type GatewayConditionType
- type GatewayService
- type GatewayServiceTLSConfig
- type GatewayTLSConfig
- type GatewayTLSSDSConfig
- type GaugeValue
- type HTTPFilters
- type HTTPHeaderFilter
- type HTTPHeaderMatch
- type HTTPHeaderMatchType
- type HTTPHeaderModifiers
- type HTTPMatch
- type HTTPMatchMethod
- type HTTPPathMatch
- type HTTPPathMatchType
- type HTTPQueryMatch
- type HTTPQueryMatchType
- type HTTPRouteConfigEntry
- func (r *HTTPRouteConfigEntry) GetCreateIndex() uint64
- func (r *HTTPRouteConfigEntry) GetKind() string
- func (r *HTTPRouteConfigEntry) GetMeta() map[string]string
- func (r *HTTPRouteConfigEntry) GetModifyIndex() uint64
- func (r *HTTPRouteConfigEntry) GetName() string
- func (r *HTTPRouteConfigEntry) GetNamespace() string
- func (r *HTTPRouteConfigEntry) GetPartition() string
- type HTTPRouteRule
- type HTTPService
- type HashPolicy
- type Health
- func (h *Health) Checks(service string, q *QueryOptions) (HealthChecks, *QueryMeta, error)
- func (h *Health) Connect(service, tag string, passingOnly bool, q *QueryOptions) ([]*ServiceEntry, *QueryMeta, error)
- func (h *Health) ConnectMultipleTags(service string, tags []string, passingOnly bool, q *QueryOptions) ([]*ServiceEntry, *QueryMeta, error)
- func (h *Health) Ingress(service string, passingOnly bool, q *QueryOptions) ([]*ServiceEntry, *QueryMeta, error)
- func (h *Health) Node(node string, q *QueryOptions) (HealthChecks, *QueryMeta, error)
- func (h *Health) Service(service, tag string, passingOnly bool, q *QueryOptions) ([]*ServiceEntry, *QueryMeta, error)
- func (h *Health) ServiceMultipleTags(service string, tags []string, passingOnly bool, q *QueryOptions) ([]*ServiceEntry, *QueryMeta, error)
- func (h *Health) State(state string, q *QueryOptions) (HealthChecks, *QueryMeta, error)
- type HealthCheck
- type HealthCheckDefinition
- type HealthChecks
- type HttpBasicAuth
- type IngressGatewayConfigEntry
- func (i *IngressGatewayConfigEntry) GetCreateIndex() uint64
- func (i *IngressGatewayConfigEntry) GetKind() string
- func (i *IngressGatewayConfigEntry) GetMeta() map[string]string
- func (i *IngressGatewayConfigEntry) GetModifyIndex() uint64
- func (i *IngressGatewayConfigEntry) GetName() string
- func (i *IngressGatewayConfigEntry) GetNamespace() string
- func (i *IngressGatewayConfigEntry) GetPartition() string
- type IngressListener
- type IngressService
- type IngressServiceConfig
- type InlineCertificateConfigEntry
- func (a *InlineCertificateConfigEntry) GetCreateIndex() uint64
- func (a *InlineCertificateConfigEntry) GetKind() string
- func (a *InlineCertificateConfigEntry) GetMeta() map[string]string
- func (a *InlineCertificateConfigEntry) GetModifyIndex() uint64
- func (a *InlineCertificateConfigEntry) GetName() string
- func (a *InlineCertificateConfigEntry) GetNamespace() string
- func (a *InlineCertificateConfigEntry) GetPartition() string
- type Intention
- type IntentionAction
- type IntentionCheck
- type IntentionHTTPHeaderPermission
- type IntentionHTTPPermission
- type IntentionJWTClaimVerification
- type IntentionJWTProvider
- type IntentionJWTRequirement
- type IntentionMatch
- type IntentionMatchType
- type IntentionPermission
- type IntentionSourceType
- type Internal
- type JSONWebKeySet
- type JWKSCluster
- type JWKSRetryPolicy
- type JWKSTLSCertProviderInstance
- type JWKSTLSCertTrustedCA
- type JWKSTLSCertificate
- type JWTCacheConfig
- type JWTForwardingConfig
- type JWTLocation
- type JWTLocationCookie
- type JWTLocationHeader
- type JWTLocationQueryParam
- type JWTProviderConfigEntry
- func (e *JWTProviderConfigEntry) GetCreateIndex() uint64
- func (e *JWTProviderConfigEntry) GetKind() string
- func (e *JWTProviderConfigEntry) GetMeta() map[string]string
- func (e *JWTProviderConfigEntry) GetModifyIndex() uint64
- func (e *JWTProviderConfigEntry) GetName() string
- func (e *JWTProviderConfigEntry) GetNamespace() string
- func (e *JWTProviderConfigEntry) GetPartition() string
- type KV
- func (k *KV) Acquire(p *KVPair, q *WriteOptions) (bool, *WriteMeta, error)
- func (k *KV) CAS(p *KVPair, q *WriteOptions) (bool, *WriteMeta, error)
- func (k *KV) Delete(key string, w *WriteOptions) (*WriteMeta, error)
- func (k *KV) DeleteCAS(p *KVPair, q *WriteOptions) (bool, *WriteMeta, error)
- func (k *KV) DeleteTree(prefix string, w *WriteOptions) (*WriteMeta, error)
- func (k *KV) Get(key string, q *QueryOptions) (*KVPair, *QueryMeta, error)
- func (k *KV) Keys(prefix, separator string, q *QueryOptions) ([]string, *QueryMeta, error)
- func (k *KV) List(prefix string, q *QueryOptions) (KVPairs, *QueryMeta, error)
- func (k *KV) Put(p *KVPair, q *WriteOptions) (*WriteMeta, error)
- func (k *KV) Release(p *KVPair, q *WriteOptions) (bool, *WriteMeta, error)
- func (k *KV) Txn(txn KVTxnOps, q *QueryOptions) (bool, *KVTxnResponse, *QueryMeta, error)
- type KVOp
- type KVPair
- type KVPairs
- type KVTxnOp
- type KVTxnOps
- type KVTxnResponse
- type KeyringResponse
- type KubernetesAuthMethodConfig
- type LeafCert
- type LeastRequestConfig
- type License
- type LicenseReply
- type LinkedService
- type LoadBalancer
- type LocalJWKS
- type Locality
- type Lock
- type LockOptions
- type LogSinkType
- type MemberACLMode
- type MembersOpts
- type MeshConfigEntry
- func (e *MeshConfigEntry) GetCreateIndex() uint64
- func (e *MeshConfigEntry) GetKind() string
- func (e *MeshConfigEntry) GetMeta() map[string]string
- func (e *MeshConfigEntry) GetModifyIndex() uint64
- func (e *MeshConfigEntry) GetName() string
- func (e *MeshConfigEntry) GetNamespace() string
- func (e *MeshConfigEntry) GetPartition() string
- func (e *MeshConfigEntry) MarshalJSON() ([]byte, error)
- type MeshDirectionalTLSConfig
- type MeshGatewayConfig
- type MeshGatewayMode
- type MeshHTTPConfig
- type MeshTLSConfig
- type MetricsInfo
- type MutualTLSMode
- type Namespace
- type NamespaceACLConfig
- type Namespaces
- func (n *Namespaces) Create(ns *Namespace, q *WriteOptions) (*Namespace, *WriteMeta, error)
- func (n *Namespaces) Delete(name string, q *WriteOptions) (*WriteMeta, error)
- func (n *Namespaces) List(q *QueryOptions) ([]*Namespace, *QueryMeta, error)
- func (n *Namespaces) Read(name string, q *QueryOptions) (*Namespace, *QueryMeta, error)
- func (n *Namespaces) Update(ns *Namespace, q *WriteOptions) (*Namespace, *WriteMeta, error)
- type Node
- type NodeOp
- type NodeTxnOp
- type OIDCAuthMethodConfig
- type Operator
- func (op *Operator) AreaCreate(area *Area, q *WriteOptions) (string, *WriteMeta, error)
- func (op *Operator) AreaDelete(areaID string, q *WriteOptions) (*WriteMeta, error)
- func (op *Operator) AreaGet(areaID string, q *QueryOptions) ([]*Area, *QueryMeta, error)
- func (op *Operator) AreaJoin(areaID string, addresses []string, q *WriteOptions) ([]*AreaJoinResponse, *WriteMeta, error)
- func (op *Operator) AreaList(q *QueryOptions) ([]*Area, *QueryMeta, error)
- func (op *Operator) AreaMembers(areaID string, q *QueryOptions) ([]*SerfMember, *QueryMeta, error)
- func (op *Operator) AreaUpdate(areaID string, area *Area, q *WriteOptions) (string, *WriteMeta, error)
- func (op *Operator) AutopilotCASConfiguration(conf *AutopilotConfiguration, q *WriteOptions) (bool, error)
- func (op *Operator) AutopilotGetConfiguration(q *QueryOptions) (*AutopilotConfiguration, error)
- func (op *Operator) AutopilotServerHealth(q *QueryOptions) (*OperatorHealthReply, error)
- func (op *Operator) AutopilotSetConfiguration(conf *AutopilotConfiguration, q *WriteOptions) error
- func (op *Operator) AutopilotState(q *QueryOptions) (*AutopilotState, error)
- func (op *Operator) KeyringInstall(key string, q *WriteOptions) error
- func (op *Operator) KeyringList(q *QueryOptions) ([]*KeyringResponse, error)
- func (op *Operator) KeyringRemove(key string, q *WriteOptions) error
- func (op *Operator) KeyringUse(key string, q *WriteOptions) error
- func (op *Operator) LicenseGet(q *QueryOptions) (*LicenseReply, error)
- func (op *Operator) LicenseGetSigned(q *QueryOptions) (string, error)
- func (op *Operator) LicensePut(license string, opts *WriteOptions) (*LicenseReply, error)
- func (op *Operator) LicenseReset(opts *WriteOptions) (*LicenseReply, error)
- func (op *Operator) RaftGetConfiguration(q *QueryOptions) (*RaftConfiguration, error)
- func (op *Operator) RaftLeaderTransfer(q *QueryOptions) (*TransferLeaderResponse, error)
- func (op *Operator) RaftRemovePeerByAddress(address string, q *WriteOptions) error
- func (op *Operator) RaftRemovePeerByID(id string, q *WriteOptions) error
- func (op *Operator) SegmentList(q *QueryOptions) ([]string, *QueryMeta, error)
- func (op *Operator) Usage(q *QueryOptions) (*Usage, *QueryMeta, error)
- type OperatorHealthReply
- type Partition
- type Partitions
- func (p *Partitions) Create(ctx context.Context, partition *Partition, q *WriteOptions) (*Partition, *WriteMeta, error)
- func (p *Partitions) Delete(ctx context.Context, name string, q *WriteOptions) (*WriteMeta, error)
- func (p *Partitions) List(ctx context.Context, q *QueryOptions) ([]*Partition, *QueryMeta, error)
- func (p *Partitions) Read(ctx context.Context, name string, q *QueryOptions) (*Partition, *QueryMeta, error)
- func (p *Partitions) Update(ctx context.Context, partition *Partition, q *WriteOptions) (*Partition, *WriteMeta, error)
- type PassiveHealthCheck
- type PeeredServiceName
- type Peering
- type PeeringEstablishRequest
- type PeeringEstablishResponse
- type PeeringGenerateTokenRequest
- type PeeringGenerateTokenResponse
- type PeeringListRequest
- type PeeringMeshConfig
- type PeeringReadResponse
- type PeeringRemoteInfo
- type PeeringState
- type PeeringStreamStatus
- type Peerings
- func (p *Peerings) Delete(ctx context.Context, name string, q *WriteOptions) (*WriteMeta, error)
- func (p *Peerings) Establish(ctx context.Context, i PeeringEstablishRequest, wq *WriteOptions) (*PeeringEstablishResponse, *WriteMeta, error)
- func (p *Peerings) GenerateToken(ctx context.Context, g PeeringGenerateTokenRequest, wq *WriteOptions) (*PeeringGenerateTokenResponse, *WriteMeta, error)
- func (p *Peerings) List(ctx context.Context, q *QueryOptions) ([]*Peering, *QueryMeta, error)
- func (p *Peerings) Read(ctx context.Context, name string, q *QueryOptions) (*Peering, *QueryMeta, error)
- type PointValue
- type PreparedQuery
- func (c *PreparedQuery) Create(query *PreparedQueryDefinition, q *WriteOptions) (string, *WriteMeta, error)
- func (c *PreparedQuery) Delete(queryID string, q *WriteOptions) (*WriteMeta, error)
- func (c *PreparedQuery) Execute(queryIDOrName string, q *QueryOptions) (*PreparedQueryExecuteResponse, *QueryMeta, error)
- func (c *PreparedQuery) Get(queryID string, q *QueryOptions) ([]*PreparedQueryDefinition, *QueryMeta, error)
- func (c *PreparedQuery) List(q *QueryOptions) ([]*PreparedQueryDefinition, *QueryMeta, error)
- func (c *PreparedQuery) Update(query *PreparedQueryDefinition, q *WriteOptions) (*WriteMeta, error)
- type PreparedQueryDefinition
- type PreparedQueryExecuteResponse
- type ProxyConfigEntry
- func (p *ProxyConfigEntry) GetCreateIndex() uint64
- func (p *ProxyConfigEntry) GetKind() string
- func (p *ProxyConfigEntry) GetMeta() map[string]string
- func (p *ProxyConfigEntry) GetModifyIndex() uint64
- func (p *ProxyConfigEntry) GetName() string
- func (p *ProxyConfigEntry) GetNamespace() string
- func (p *ProxyConfigEntry) GetPartition() string
- type ProxyMode
- type QueryDNSOptions
- type QueryDatacenterOptionsdeprecated
- type QueryFailoverOptions
- type QueryFailoverTarget
- type QueryMeta
- type QueryOptions
- type QueryTemplate
- type RaftConfiguration
- type RaftServer
- type RateLimitIPConfigEntry
- func (r *RateLimitIPConfigEntry) GetCreateIndex() uint64
- func (r *RateLimitIPConfigEntry) GetKind() string
- func (r *RateLimitIPConfigEntry) GetMeta() map[string]string
- func (r *RateLimitIPConfigEntry) GetModifyIndex() uint64
- func (r *RateLimitIPConfigEntry) GetName() string
- func (r *RateLimitIPConfigEntry) GetNamespace() string
- func (r *RateLimitIPConfigEntry) GetPartition() string
- type Raw
- type ReadWriteRatesConfig
- type ReadableDuration
- type RemoteJWKS
- type ResourceReference
- type RetryPolicyBackOff
- type RingHashConfig
- type RouteConditionReason
- type RouteConditionType
- type SamenessGroupConfigEntry
- func (s *SamenessGroupConfigEntry) GetCreateIndex() uint64
- func (s *SamenessGroupConfigEntry) GetKind() string
- func (s *SamenessGroupConfigEntry) GetMeta() map[string]string
- func (s *SamenessGroupConfigEntry) GetModifyIndex() uint64
- func (s *SamenessGroupConfigEntry) GetName() string
- func (s *SamenessGroupConfigEntry) GetNamespace() string
- func (s *SamenessGroupConfigEntry) GetPartition() string
- type SamenessGroupMember
- type SampledValue
- type Semaphore
- type SemaphoreOptions
- type SerfMember
- type ServerHealth
- type ServiceAddress
- type ServiceCheck
- type ServiceConfigEntry
- func (s *ServiceConfigEntry) GetCreateIndex() uint64
- func (s *ServiceConfigEntry) GetKind() string
- func (s *ServiceConfigEntry) GetMeta() map[string]string
- func (s *ServiceConfigEntry) GetModifyIndex() uint64
- func (s *ServiceConfigEntry) GetName() string
- func (s *ServiceConfigEntry) GetNamespace() string
- func (s *ServiceConfigEntry) GetPartition() string
- type ServiceConsumer
- type ServiceEntry
- type ServiceIntentionsConfigEntry
- func (e *ServiceIntentionsConfigEntry) GetCreateIndex() uint64
- func (e *ServiceIntentionsConfigEntry) GetKind() string
- func (e *ServiceIntentionsConfigEntry) GetMeta() map[string]string
- func (e *ServiceIntentionsConfigEntry) GetModifyIndex() uint64
- func (e *ServiceIntentionsConfigEntry) GetName() string
- func (e *ServiceIntentionsConfigEntry) GetNamespace() string
- func (e *ServiceIntentionsConfigEntry) GetPartition() string
- type ServiceKind
- type ServiceOp
- type ServiceQuery
- type ServiceRegisterOpts
- type ServiceResolverConfigEntry
- func (e *ServiceResolverConfigEntry) GetCreateIndex() uint64
- func (e *ServiceResolverConfigEntry) GetKind() string
- func (e *ServiceResolverConfigEntry) GetMeta() map[string]string
- func (e *ServiceResolverConfigEntry) GetModifyIndex() uint64
- func (e *ServiceResolverConfigEntry) GetName() string
- func (e *ServiceResolverConfigEntry) GetNamespace() string
- func (e *ServiceResolverConfigEntry) GetPartition() string
- func (e *ServiceResolverConfigEntry) MarshalJSON() ([]byte, error)
- func (e *ServiceResolverConfigEntry) UnmarshalJSON(data []byte) error
- type ServiceResolverFailover
- type ServiceResolverFailoverPolicy
- type ServiceResolverFailoverTarget
- type ServiceResolverPrioritizeByLocality
- type ServiceResolverRedirect
- type ServiceResolverSubset
- type ServiceRoute
- type ServiceRouteDestination
- type ServiceRouteHTTPMatch
- type ServiceRouteHTTPMatchHeader
- type ServiceRouteHTTPMatchQueryParam
- type ServiceRouteMatch
- type ServiceRouterConfigEntry
- func (e *ServiceRouterConfigEntry) GetCreateIndex() uint64
- func (e *ServiceRouterConfigEntry) GetKind() string
- func (e *ServiceRouterConfigEntry) GetMeta() map[string]string
- func (e *ServiceRouterConfigEntry) GetModifyIndex() uint64
- func (e *ServiceRouterConfigEntry) GetName() string
- func (e *ServiceRouterConfigEntry) GetNamespace() string
- func (e *ServiceRouterConfigEntry) GetPartition() string
- type ServiceSplit
- type ServiceSplitterConfigEntry
- func (e *ServiceSplitterConfigEntry) GetCreateIndex() uint64
- func (e *ServiceSplitterConfigEntry) GetKind() string
- func (e *ServiceSplitterConfigEntry) GetMeta() map[string]string
- func (e *ServiceSplitterConfigEntry) GetModifyIndex() uint64
- func (e *ServiceSplitterConfigEntry) GetName() string
- func (e *ServiceSplitterConfigEntry) GetNamespace() string
- func (e *ServiceSplitterConfigEntry) GetPartition() string
- type ServiceTxnOp
- type ServiceUsage
- type Session
- func (s *Session) Create(se *SessionEntry, q *WriteOptions) (string, *WriteMeta, error)
- func (s *Session) CreateNoChecks(se *SessionEntry, q *WriteOptions) (string, *WriteMeta, error)
- func (s *Session) Destroy(id string, q *WriteOptions) (*WriteMeta, error)
- func (s *Session) Info(id string, q *QueryOptions) (*SessionEntry, *QueryMeta, error)
- func (s *Session) List(q *QueryOptions) ([]*SessionEntry, *QueryMeta, error)
- func (s *Session) Node(node string, q *QueryOptions) ([]*SessionEntry, *QueryMeta, error)
- func (s *Session) Renew(id string, q *WriteOptions) (*SessionEntry, *WriteMeta, error)
- func (s *Session) RenewPeriodic(initialTTL string, id string, q *WriteOptions, doneCh <-chan struct{}) error
- type SessionEntry
- type SessionOp
- type SessionTxnOp
- type Snapshot
- type SourceIntention
- type Status
- type StatusError
- type TCPRouteConfigEntry
- func (a *TCPRouteConfigEntry) GetCreateIndex() uint64
- func (a *TCPRouteConfigEntry) GetKind() string
- func (a *TCPRouteConfigEntry) GetMeta() map[string]string
- func (a *TCPRouteConfigEntry) GetModifyIndex() uint64
- func (a *TCPRouteConfigEntry) GetName() string
- func (a *TCPRouteConfigEntry) GetNamespace() string
- func (a *TCPRouteConfigEntry) GetPartition() string
- type TCPService
- type TLSConfig
- type TerminatingGatewayConfigEntry
- func (g *TerminatingGatewayConfigEntry) GetCreateIndex() uint64
- func (g *TerminatingGatewayConfigEntry) GetKind() string
- func (g *TerminatingGatewayConfigEntry) GetMeta() map[string]string
- func (g *TerminatingGatewayConfigEntry) GetModifyIndex() uint64
- func (g *TerminatingGatewayConfigEntry) GetName() string
- func (g *TerminatingGatewayConfigEntry) GetNamespace() string
- func (g *TerminatingGatewayConfigEntry) GetPartition() string
- type TransferLeaderResponse
- type TransparentProxyConfig
- type TransparentProxyMeshConfig
- type Txn
- type TxnError
- type TxnErrors
- type TxnOp
- type TxnOps
- type TxnResponse
- type TxnResult
- type TxnResults
- type URLRewrite
- type Upstream
- type UpstreamConfig
- type UpstreamConfiguration
- type UpstreamDestType
- type UpstreamLimits
- type Usage
- type UserEvent
- type Weights
- type WriteMeta
- type WriteOptions
Constants ¶
const ( // ACLClientType is the client type token ACLClientType = "client" // ACLManagementType is the management type token ACLManagementType = "management" )
const ( // MemberTagKeyACLMode is the key used to indicate what ACL mode the agent is // operating in. The values of this key will be one of the MemberACLMode constants // with the key not being present indicating ACLModeUnknown. MemberTagKeyACLMode = "acls" // MemberTagRole is the key used to indicate that the member is a server or not. MemberTagKeyRole = "role" // MemberTagValueRoleServer is the value of the MemberTagKeyRole used to indicate // that the member represents a Consul server. MemberTagValueRoleServer = "consul" // MemberTagValueRoleClient is the value of the MemberTagKeyRole used to indicate // that the member represents a Consul client. MemberTagValueRoleClient = "node" // MemberTagKeyDatacenter is the key used to indicate which datacenter this member is in. MemberTagKeyDatacenter = "dc" // MemberTagKeySegment is the key name of the tag used to indicate which network // segment this member is in. // Network Segments are a Consul Enterprise feature. MemberTagKeySegment = "segment" // MemberTagKeyPartition is the key name of the tag used to indicate which partition // this member is in. // Partitions are a Consul Enterprise feature. MemberTagKeyPartition = "ap" // MemberTagKeyBootstrap is the key name of the tag used to indicate whether this // agent was started with the "bootstrap" configuration enabled MemberTagKeyBootstrap = "bootstrap" // MemberTagValueBootstrap is the value of the MemberTagKeyBootstrap key when the // agent was started with the "bootstrap" configuration enabled. MemberTagValueBootstrap = "1" // MemberTagKeyBootstrapExpect is the key name of the tag used to indicate whether // this agent was started with the "bootstrap_expect" configuration set to a non-zero // value. The value of this key will be the string for of that configuration value. MemberTagKeyBootstrapExpect = "expect" // MemberTagKeyUseTLS is the key name of the tag used to indicate whther this agent // was configured to use TLS. MemberTagKeyUseTLS = "use_tls" // MemberTagValueUseTLS is the value of the MemberTagKeyUseTLS when the agent was // configured to use TLS. Any other value indicates that it was not setup in // that manner. MemberTagValueUseTLS = "1" // MemberTagKeyReadReplica is the key used to indicate that the member is a read // replica server (will remain a Raft non-voter). // Read Replicas are a Consul Enterprise feature. MemberTagKeyReadReplica = "read_replica" // MemberTagValueReadReplica is the value of the MemberTagKeyReadReplica key when // the member is in fact a read-replica. Any other value indicates that it is not. // Read Replicas are a Consul Enterprise feature. MemberTagValueReadReplica = "1" )
const ( // HTTPAddrEnvName defines an environment variable name which sets // the HTTP address if there is no -http-addr specified. HTTPAddrEnvName = "CONSUL_HTTP_ADDR" // HTTPTokenEnvName defines an environment variable name which sets // the HTTP token. HTTPTokenEnvName = "CONSUL_HTTP_TOKEN" // HTTPTokenFileEnvName defines an environment variable name which sets // the HTTP token file. HTTPTokenFileEnvName = "CONSUL_HTTP_TOKEN_FILE" // HTTPAuthEnvName defines an environment variable name which sets // the HTTP authentication header. HTTPAuthEnvName = "CONSUL_HTTP_AUTH" // HTTPSSLEnvName defines an environment variable name which sets // whether or not to use HTTPS. HTTPSSLEnvName = "CONSUL_HTTP_SSL" // HTTPCAFile defines an environment variable name which sets the // CA file to use for talking to Consul over TLS. HTTPCAFile = "CONSUL_CACERT" // HTTPCAPath defines an environment variable name which sets the // path to a directory of CA certs to use for talking to Consul over TLS. HTTPCAPath = "CONSUL_CAPATH" // HTTPClientCert defines an environment variable name which sets the // client cert file to use for talking to Consul over TLS. HTTPClientCert = "CONSUL_CLIENT_CERT" // HTTPClientKey defines an environment variable name which sets the // client key file to use for talking to Consul over TLS. HTTPClientKey = "CONSUL_CLIENT_KEY" // HTTPTLSServerName defines an environment variable name which sets the // server name to use as the SNI host when connecting via TLS HTTPTLSServerName = "CONSUL_TLS_SERVER_NAME" // HTTPSSLVerifyEnvName defines an environment variable name which sets // whether or not to disable certificate checking. HTTPSSLVerifyEnvName = "CONSUL_HTTP_SSL_VERIFY" // GRPCAddrEnvName defines an environment variable name which sets the gRPC // address for consul connect envoy. Note this isn't actually used by the api // client in this package but is defined here for consistency with all the // other ENV names we use. GRPCAddrEnvName = "CONSUL_GRPC_ADDR" // GRPCCAFileEnvName defines an environment variable name which sets the // CA file to use for talking to Consul gRPC over TLS. GRPCCAFileEnvName = "CONSUL_GRPC_CACERT" // GRPCCAPathEnvName defines an environment variable name which sets the // path to a directory of CA certs to use for talking to Consul gRPC over TLS. GRPCCAPathEnvName = "CONSUL_GRPC_CAPATH" // HTTPNamespaceEnvVar defines an environment variable name which sets // the HTTP Namespace to be used by default. This can still be overridden. HTTPNamespaceEnvName = "CONSUL_NAMESPACE" // HTTPPartitionEnvName defines an environment variable name which sets // the HTTP Partition to be used by default. This can still be overridden. HTTPPartitionEnvName = "CONSUL_PARTITION" // QueryBackendStreaming Query backend of type streaming QueryBackendStreaming = "streaming" // QueryBackendBlockingQuery Query backend of type blocking query QueryBackendBlockingQuery = "blocking-query" )
const ( ServiceDefaults string = "service-defaults" ProxyDefaults string = "proxy-defaults" ServiceRouter string = "service-router" ServiceSplitter string = "service-splitter" ServiceResolver string = "service-resolver" IngressGateway string = "ingress-gateway" TerminatingGateway string = "terminating-gateway" ServiceIntentions string = "service-intentions" MeshConfig string = "mesh" ExportedServices string = "exported-services" SamenessGroup string = "sameness-group" RateLimitIPConfig string = "control-plane-request-limit" ProxyConfigGlobal string = "global" MeshConfigMesh string = "mesh" APIGateway string = "api-gateway" TCPRoute string = "tcp-route" InlineCertificate string = "inline-certificate" HTTPRoute string = "http-route" JWTProvider string = "jwt-provider" )
const ( BuiltinAWSLambdaExtension string = "builtin/aws/lambda" BuiltinExtAuthzExtension string = "builtin/ext-authz" BuiltinLuaExtension string = "builtin/lua" BuiltinPropertyOverrideExtension string = "builtin/property-override" BuiltinWasmExtension string = "builtin/wasm" // BuiltinValidateExtension should not be exposed directly or accepted as a valid configured // extension type, as it is only used indirectly via troubleshooting tools. It is included here // for common reference alongside other builtin extensions. BuiltinValidateExtension string = "builtin/proxy/validate" )
const ( // This condition is true when the controller managing the Gateway is // syntactically and semantically valid enough to produce some configuration // in the underlying data plane. This does not indicate whether or not the // configuration has been propagated to the data plane. // // Possible reasons for this condition to be True are: // // * "Accepted" // // Possible reasons for this condition to be False are: // // * InvalidCertificates // GatewayConditionAccepted GatewayConditionType = "Accepted" // This reason is used with the "Accepted" condition when the condition is // True. GatewayReasonAccepted GatewayConditionReason = "Accepted" // This reason is used with the "Accepted" condition when the gateway has multiple invalid // certificates and cannot bind to any routes GatewayReasonInvalidCertificates GatewayConditionReason = "InvalidCertificates" // This condition indicates that the gateway was unable to resolve // conflicting specification requirements for this Listener. If a // Listener is conflicted, its network port should not be configured // on any network elements. // // Possible reasons for this condition to be true are: // // * "RouteConflict" // // Possible reasons for this condition to be False are: // // * "NoConflict" // // Controllers may raise this condition with other reasons, // but should prefer to use the reasons listed above to improve // interoperability. GatewayConditionConflicted GatewayConditionType = "Conflicted" // This reason is used with the "Conflicted" condition when the condition // is False. GatewayReasonNoConflict GatewayConditionReason = "NoConflict" // This reason is used with the "Conflicted" condition when the route is // in a conflicted state, such as when a TCPListener attempts to bind to two routes GatewayReasonRouteConflict GatewayConditionReason = "RouteConflict" // This condition indicates whether the controller was able to // resolve all the object references for the Gateway. When setting this // condition to False, a ResourceReference to the misconfigured Listener should // be provided. // // Possible reasons for this condition to be true are: // // * "ResolvedRefs" // // Possible reasons for this condition to be False are: // // * "InvalidCertificateRef" // * "InvalidRouteKinds" // * "RefNotPermitted" // GatewayConditionResolvedRefs GatewayConditionType = "ResolvedRefs" // This reason is used with the "ResolvedRefs" condition when the condition // is true. GatewayReasonResolvedRefs GatewayConditionReason = "ResolvedRefs" // This reason is used with the "ResolvedRefs" condition when a // Listener has a TLS configuration with at least one TLS CertificateRef // that is invalid or does not exist. // A CertificateRef is considered invalid when it refers to a nonexistent // or unsupported resource or kind, or when the data within that resource // is malformed. // This reason must be used only when the reference is allowed, either by // referencing an object in the same namespace as the Gateway, or when // a cross-namespace reference has been explicitly allowed by a ReferenceGrant. // If the reference is not allowed, the reason RefNotPermitted must be used // instead. GatewayListenerReasonInvalidCertificateRef GatewayConditionReason = "InvalidCertificateRef" )
the following are directly from the k8s spec
const ( // This condition indicates whether the route has been accepted or rejected // by a Gateway, and why. // // Possible reasons for this condition to be true are: // // * "Accepted" // // Possible reasons for this condition to be False are: // // * "InvalidDiscoveryChain" // * "NoUpstreamServicesTargeted" // // // Controllers may raise this condition with other reasons, // but should prefer to use the reasons listed above to improve // interoperability. RouteConditionAccepted RouteConditionType = "Accepted" // This reason is used with the "Accepted" condition when the Route has been // accepted by the Gateway. RouteReasonAccepted RouteConditionReason = "Accepted" // This reason is used with the "Accepted" condition when the route has an // invalid discovery chain, this includes conditions like the protocol being invalid // or the discovery chain failing to compile RouteReasonInvalidDiscoveryChain RouteConditionReason = "InvalidDiscoveryChain" // This reason is used with the "Accepted" condition when the route RouteReasonNoUpstreamServicesTargeted RouteConditionReason = "NoUpstreamServicesTargeted" )
The following statuses are taken from the K8's Spec With the exception of: "RouteReasonInvalidDiscoveryChain" and "NoUpstreamServicesTargeted"
const ( // This condition indicates whether the route was able to successfully bind the // Listener on the gateway // Possible reasons for this condition to be true are: // // * "Bound" // // Possible reasons for this condition to be false are: // // * "FailedToBind" // * "GatewayNotFound" // RouteConditionBound RouteConditionType = "Bound" // This reason is used with the "Bound" condition when the condition // is true RouteReasonBound RouteConditionReason = "Bound" // This reason is used with the "Bound" condition when the route failed // to bind to the gateway RouteReasonFailedToBind RouteConditionReason = "FailedToBind" // This reason is used with the "Bound" condition when the route fails // to find the gateway RouteReasonGatewayNotFound RouteConditionReason = "GatewayNotFound" )
the following statuses are custom to Consul
const ( DiscoveryGraphNodeTypeRouter = "router" DiscoveryGraphNodeTypeSplitter = "splitter" DiscoveryGraphNodeTypeResolver = "resolver" )
const ( // HealthAny is special, and is used as a wild card, // not as a specific state. HealthAny = "any" HealthPassing = "passing" HealthWarning = "warning" HealthCritical = "critical" HealthMaint = "maintenance" )
const ( // NodeMaint is the special key set by a node in maintenance mode. NodeMaint = "_node_maintenance" // ServiceMaintPrefix is the prefix for a service in maintenance mode. ServiceMaintPrefix = "_service_maintenance:" )
const ( // DefaultLockSessionName is the Session Name we assign if none is provided DefaultLockSessionName = "Consul API Lock" // DefaultLockSessionTTL is the default session TTL if no Session is provided // when creating a new Lock. This is used because we do not have another // other check to depend upon. DefaultLockSessionTTL = "15s" // DefaultLockWaitTime is how long we block for at a time to check if lock // acquisition is possible. This affects the minimum time it takes to cancel // a Lock acquisition. DefaultLockWaitTime = 15 * time.Second // DefaultLockRetryTime is how long we wait after a failed lock acquisition // before attempting to do the lock again. This is so that once a lock-delay // is in effect, we do not hot loop retrying the acquisition. DefaultLockRetryTime = 5 * time.Second // DefaultMonitorRetryTime is how long we wait after a failed monitor check // of a lock (500 response code). This allows the monitor to ride out brief // periods of unavailability, subject to the MonitorRetries setting in the // lock options which is by default set to 0, disabling this feature. This // affects locks and semaphores. DefaultMonitorRetryTime = 2 * time.Second // LockFlagValue is a magic flag we set to indicate a key // is being used for a lock. It is used to detect a potential // conflict with a semaphore. LockFlagValue = 0x2ddccbc058a50c18 )
const ( // DefaultSemaphoreSessionName is the Session Name we assign if none is provided DefaultSemaphoreSessionName = "Consul API Semaphore" // DefaultSemaphoreSessionTTL is the default session TTL if no Session is provided // when creating a new Semaphore. This is used because we do not have another // other check to depend upon. DefaultSemaphoreSessionTTL = "15s" // DefaultSemaphoreWaitTime is how long we block for at a time to check if semaphore // acquisition is possible. This affects the minimum time it takes to cancel // a Semaphore acquisition. DefaultSemaphoreWaitTime = 15 * time.Second // DefaultSemaphoreKey is the key used within the prefix to // use for coordination between all the contenders. DefaultSemaphoreKey = ".lock" // SemaphoreFlagValue is a magic flag we set to indicate a key // is being used for a semaphore. It is used to detect a potential // conflict with a lock. SemaphoreFlagValue = 0xe0f69a2baa414de0 )
const ( // SessionBehaviorRelease is the default behavior and causes // all associated locks to be released on session invalidation. SessionBehaviorRelease = "release" // SessionBehaviorDelete is new in Consul 0.5 and changes the // behavior to delete all associated locks on session invalidation. // It can be used in a way similar to Ephemeral Nodes in ZooKeeper. SessionBehaviorDelete = "delete" )
const AllSegments = "_all"
AllSegments is used to select for all segments in MembersOpts.
const IntentionDefaultNamespace = "default"
IntentionDefaultNamespace is the default namespace value.
const PartitionDefaultName = "default"
PartitionDefaultName is the default partition value.
const TelemetryCollectorName string = "consul-telemetry-collector"
TelemetryCollectorName is the service name for the Consul Telemetry Collector
Variables ¶
var ( // ErrLockHeld is returned if we attempt to double lock ErrLockHeld = fmt.Errorf("Lock already held") // ErrLockNotHeld is returned if we attempt to unlock a lock // that we do not hold. ErrLockNotHeld = fmt.Errorf("Lock not held") // ErrLockInUse is returned if we attempt to destroy a lock // that is in use. ErrLockInUse = fmt.Errorf("Lock in use") // ErrLockConflict is returned if the flags on a key // used for a lock do not match expectation ErrLockConflict = fmt.Errorf("Existing key does not match lock use") )
var ( // ErrSemaphoreHeld is returned if we attempt to double lock ErrSemaphoreHeld = fmt.Errorf("Semaphore already held") // ErrSemaphoreNotHeld is returned if we attempt to unlock a semaphore // that we do not hold. ErrSemaphoreNotHeld = fmt.Errorf("Semaphore not held") // ErrSemaphoreInUse is returned if we attempt to destroy a semaphore // that is in use. ErrSemaphoreInUse = fmt.Errorf("Semaphore in use") // ErrSemaphoreConflict is returned if the flags on a key // used for a semaphore do not match expectation ErrSemaphoreConflict = fmt.Errorf("Existing key does not match semaphore use") )
var ErrSessionExpired = errors.New("session expired")
Functions ¶
func IsRetryableError ¶
IsRetryableError returns true for 500 errors from the Consul servers, and network connection errors. These are usually retryable at a later time. This applies to reads but NOT to writes. This may return true for errors on writes that may have still gone through, so do not use this to retry any write operations.
func NewHttpClient ¶
NewHttpClient returns an http client configured with the given Transport and TLS config.
func SetupTLSConfig ¶
TLSConfig is used to generate a TLSClientConfig that's useful for talking to Consul using TLS.
func ValidateGatewayConditionReason ¶
func ValidateGatewayConditionReason(name GatewayConditionType, status ConditionStatus, reason GatewayConditionReason) error
func ValidateRouteConditionReason ¶
func ValidateRouteConditionReason(name RouteConditionType, status ConditionStatus, reason RouteConditionReason) error
Types ¶
type ACL ¶
type ACL struct {
// contains filtered or unexported fields
}
ACL can be used to query the ACL endpoints
func (*ACL) AuthMethodCreate ¶
func (a *ACL) AuthMethodCreate(method *ACLAuthMethod, q *WriteOptions) (*ACLAuthMethod, *WriteMeta, error)
AuthMethodCreate will create a new auth method.
func (*ACL) AuthMethodDelete ¶
func (a *ACL) AuthMethodDelete(methodName string, q *WriteOptions) (*WriteMeta, error)
AuthMethodDelete deletes an auth method given its Name.
func (*ACL) AuthMethodList ¶
func (a *ACL) AuthMethodList(q *QueryOptions) ([]*ACLAuthMethodListEntry, *QueryMeta, error)
AuthMethodList retrieves a listing of all auth methods. The listing does not include some metadata for the auth method as those should be retrieved by subsequent calls to AuthMethodRead.
func (*ACL) AuthMethodRead ¶
func (a *ACL) AuthMethodRead(methodName string, q *QueryOptions) (*ACLAuthMethod, *QueryMeta, error)
AuthMethodRead retrieves the auth method. Returns nil if not found.
func (*ACL) AuthMethodUpdate ¶
func (a *ACL) AuthMethodUpdate(method *ACLAuthMethod, q *WriteOptions) (*ACLAuthMethod, *WriteMeta, error)
AuthMethodUpdate updates an auth method.
func (*ACL) BindingRuleCreate ¶
func (a *ACL) BindingRuleCreate(rule *ACLBindingRule, q *WriteOptions) (*ACLBindingRule, *WriteMeta, error)
BindingRuleCreate will create a new binding rule. It is not allowed for the binding rule parameter's ID field to be set as this will be generated by Consul while processing the request.
func (*ACL) BindingRuleDelete ¶
func (a *ACL) BindingRuleDelete(bindingRuleID string, q *WriteOptions) (*WriteMeta, error)
BindingRuleDelete deletes a binding rule given its ID.
func (*ACL) BindingRuleList ¶
func (a *ACL) BindingRuleList(methodName string, q *QueryOptions) ([]*ACLBindingRule, *QueryMeta, error)
BindingRuleList retrieves a listing of all binding rules.
func (*ACL) BindingRuleRead ¶
func (a *ACL) BindingRuleRead(bindingRuleID string, q *QueryOptions) (*ACLBindingRule, *QueryMeta, error)
BindingRuleRead retrieves the binding rule details. Returns nil if not found.
func (*ACL) BindingRuleUpdate ¶
func (a *ACL) BindingRuleUpdate(rule *ACLBindingRule, q *WriteOptions) (*ACLBindingRule, *WriteMeta, error)
BindingRuleUpdate updates a binding rule. The ID field of the role binding rule parameter must be set to an existing binding rule ID.
func (*ACL) Bootstrap ¶
Bootstrap is used to perform a one-time ACL bootstrap operation on a cluster to get the first management token.
func (*ACL) BootstrapWithToken ¶
BootstrapWithToken is used to get the initial bootstrap token or pass in the one that was provided in the API
func (*ACL) Login ¶
func (a *ACL) Login(auth *ACLLoginParams, q *WriteOptions) (*ACLToken, *WriteMeta, error)
Login is used to exchange auth method credentials for a newly-minted Consul Token.
func (*ACL) Logout ¶
func (a *ACL) Logout(q *WriteOptions) (*WriteMeta, error)
Logout is used to destroy a Consul Token created via Login().
func (*ACL) OIDCAuthURL ¶
func (a *ACL) OIDCAuthURL(auth *ACLOIDCAuthURLParams, q *WriteOptions) (string, *WriteMeta, error)
OIDCAuthURL requests an authorization URL to start an OIDC login flow.
func (*ACL) OIDCCallback ¶
func (a *ACL) OIDCCallback(auth *ACLOIDCCallbackParams, q *WriteOptions) (*ACLToken, *WriteMeta, error)
OIDCCallback is the callback endpoint to complete an OIDC login.
func (*ACL) PolicyCreate ¶
PolicyCreate will create a new policy. It is not allowed for the policy parameters ID field to be set as this will be generated by Consul while processing the request.
func (*ACL) PolicyDelete ¶
func (a *ACL) PolicyDelete(policyID string, q *WriteOptions) (*WriteMeta, error)
PolicyDelete deletes a policy given its ID.
func (*ACL) PolicyList ¶
func (a *ACL) PolicyList(q *QueryOptions) ([]*ACLPolicyListEntry, *QueryMeta, error)
PolicyList retrieves a listing of all policies. The listing does not include the rules for any policy as those should be retrieved by subsequent calls to PolicyRead.
func (*ACL) PolicyRead ¶
PolicyRead retrieves the policy details including the rule set.
func (*ACL) PolicyReadByName ¶
PolicyReadByName retrieves the policy details including the rule set with name.
func (*ACL) PolicyUpdate ¶
PolicyUpdate updates a policy. The ID field of the policy parameter must be set to an existing policy ID
func (*ACL) Replication ¶
func (a *ACL) Replication(q *QueryOptions) (*ACLReplicationStatus, *QueryMeta, error)
Replication returns the status of the ACL replication process in the datacenter
func (*ACL) RoleCreate ¶
RoleCreate will create a new role. It is not allowed for the role parameters ID field to be set as this will be generated by Consul while processing the request.
func (*ACL) RoleDelete ¶
func (a *ACL) RoleDelete(roleID string, q *WriteOptions) (*WriteMeta, error)
RoleDelete deletes a role given its ID.
func (*ACL) RoleList ¶
func (a *ACL) RoleList(q *QueryOptions) ([]*ACLRole, *QueryMeta, error)
RoleList retrieves a listing of all roles. The listing does not include some metadata for the role as those should be retrieved by subsequent calls to RoleRead.
func (*ACL) RoleReadByName ¶
RoleReadByName retrieves the role details (by name). Returns nil if not found.
func (*ACL) RoleUpdate ¶
RoleUpdate updates a role. The ID field of the role parameter must be set to an existing role ID
func (*ACL) RulesTranslateToken
deprecated
RulesTranslateToken translates the rules associated with the legacy syntax into the current syntax and returns the results.
Deprecated: Support for the legacy syntax translation has been removed. This function always returns an error.
func (*ACL) TokenClone ¶
func (a *ACL) TokenClone(accessorID string, description string, q *WriteOptions) (*ACLToken, *WriteMeta, error)
TokenClone will create a new token with the same policies and locality as the original token but will have its own auto-generated AccessorID and SecretID as well having the description passed to this function. The accessorID parameter must be a valid Accessor ID of an existing token.
func (*ACL) TokenCreate ¶
TokenCreate creates a new ACL token. If either the AccessorID or SecretID fields of the ACLToken structure are empty they will be filled in by Consul.
func (*ACL) TokenDelete ¶
func (a *ACL) TokenDelete(accessorID string, q *WriteOptions) (*WriteMeta, error)
TokenDelete removes a single ACL token. The accessorID parameter must be a valid Accessor ID of an existing token.
func (*ACL) TokenList ¶
func (a *ACL) TokenList(q *QueryOptions) ([]*ACLTokenListEntry, *QueryMeta, error)
TokenList lists all tokens. The listing does not contain any SecretIDs as those may only be retrieved by a call to TokenRead.
func (*ACL) TokenRead ¶
TokenRead retrieves the full token details. The accessorID parameter must be a valid Accessor ID of an existing token.
func (*ACL) TokenReadExpanded ¶
func (a *ACL) TokenReadExpanded(accessorID string, q *QueryOptions) (*ACLTokenExpanded, *QueryMeta, error)
TokenReadExpanded retrieves the full token details, as well as the contents of any policies affecting the token. The accessorID parameter must be a valid Accessor ID of an existing token.
func (*ACL) TokenReadSelf ¶
func (a *ACL) TokenReadSelf(q *QueryOptions) (*ACLToken, *QueryMeta, error)
TokenReadSelf retrieves the full token details of the token currently assigned to the API Client. In this manner its possible to read a token by its Secret ID.
func (*ACL) TokenUpdate ¶
TokenUpdate updates a token in place without modifying its AccessorID or SecretID. A valid AccessorID must be set in the ACLToken structure passed to this function but the SecretID may be omitted and will be filled in by Consul with its existing value.
type ACLAuthMethod ¶
type ACLAuthMethod struct { Name string Type string DisplayName string `json:",omitempty"` Description string `json:",omitempty"` MaxTokenTTL time.Duration `json:",omitempty"` // TokenLocality defines the kind of token that this auth method produces. // This can be either 'local' or 'global'. If empty 'local' is assumed. TokenLocality string `json:",omitempty"` // Configuration is arbitrary configuration for the auth method. This // should only contain primitive values and containers (such as lists and // maps). Config map[string]interface{} CreateIndex uint64 ModifyIndex uint64 // NamespaceRules apply only on auth methods defined in the default namespace. // Namespacing is a Consul Enterprise feature. NamespaceRules []*ACLAuthMethodNamespaceRule `json:",omitempty"` // Namespace is the namespace the ACLAuthMethod is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // Partition is the partition the ACLAuthMethod is associated with. // Partitions are a Consul Enterprise feature. Partition string `json:",omitempty"` }
func (*ACLAuthMethod) MarshalJSON ¶
func (m *ACLAuthMethod) MarshalJSON() ([]byte, error)
func (*ACLAuthMethod) UnmarshalJSON ¶
func (m *ACLAuthMethod) UnmarshalJSON(data []byte) error
type ACLAuthMethodListEntry ¶
type ACLAuthMethodListEntry struct { Name string Type string DisplayName string `json:",omitempty"` Description string `json:",omitempty"` MaxTokenTTL time.Duration `json:",omitempty"` // TokenLocality defines the kind of token that this auth method produces. // This can be either 'local' or 'global'. If empty 'local' is assumed. TokenLocality string `json:",omitempty"` CreateIndex uint64 ModifyIndex uint64 // Namespace is the namespace the ACLAuthMethodListEntry is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // Partition is the partition the ACLAuthMethodListEntry is associated with. // Partitions are a Consul Enterprise feature. Partition string `json:",omitempty"` }
func (*ACLAuthMethodListEntry) MarshalJSON ¶
func (m *ACLAuthMethodListEntry) MarshalJSON() ([]byte, error)
This is nearly identical to the ACLAuthMethod MarshalJSON
func (*ACLAuthMethodListEntry) UnmarshalJSON ¶
func (m *ACLAuthMethodListEntry) UnmarshalJSON(data []byte) error
This is nearly identical to the ACLAuthMethod UnmarshalJSON
type ACLAuthMethodNamespaceRule ¶
type ACLAuthMethodNamespaceRule struct { // Selector is an expression that matches against verified identity // attributes returned from the auth method during login. Selector string `json:",omitempty"` // BindNamespace is the target namespace of the binding. Can be lightly // templated using HIL ${foo} syntax from available field names. // // If empty it's created in the same namespace as the auth method. BindNamespace string `json:",omitempty"` }
type ACLBindingRule ¶
type ACLBindingRule struct { ID string Description string AuthMethod string Selector string BindType BindingRuleBindType BindName string CreateIndex uint64 ModifyIndex uint64 // Namespace is the namespace the ACLBindingRule is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // Partition is the partition the ACLBindingRule is associated with. // Partitions are a Consul Enterprise feature. Partition string `json:",omitempty"` }
type ACLEntry ¶
type ACLEntry struct { CreateIndex uint64 ModifyIndex uint64 ID string Name string Type string Rules string }
ACLEntry is used to represent a legacy ACL token The legacy tokens are deprecated.
type ACLLoginParams ¶
type ACLNodeIdentity ¶
ACLNodeIdentity represents a high-level grant of all necessary privileges to assume the identity of the named Node in the Catalog and within Connect.
type ACLOIDCAuthURLParams ¶
type ACLOIDCCallbackParams ¶
type ACLPolicy ¶
type ACLPolicy struct { ID string Name string Description string Rules string Datacenters []string Hash []byte CreateIndex uint64 ModifyIndex uint64 // Namespace is the namespace the ACLPolicy is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // Partition is the partition the ACLPolicy is associated with. // Partitions are a Consul Enterprise feature. Partition string `json:",omitempty"` }
ACLPolicy represents an ACL Policy.
type ACLPolicyListEntry ¶
type ACLPolicyListEntry struct { ID string Name string Description string Datacenters []string Hash []byte CreateIndex uint64 ModifyIndex uint64 // Namespace is the namespace the ACLPolicyListEntry is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // Partition is the partition the ACLPolicyListEntry is associated with. // Partitions are a Consul Enterprise feature. Partition string `json:",omitempty"` }
type ACLReplicationStatus ¶
type ACLReplicationStatus struct { Enabled bool Running bool SourceDatacenter string ReplicationType string ReplicatedIndex uint64 ReplicatedRoleIndex uint64 ReplicatedTokenIndex uint64 LastSuccess time.Time LastError time.Time LastErrorMessage string }
ACLReplicationStatus is used to represent the status of ACL replication.
type ACLRole ¶
type ACLRole struct { ID string Name string Description string Policies []*ACLRolePolicyLink `json:",omitempty"` ServiceIdentities []*ACLServiceIdentity `json:",omitempty"` NodeIdentities []*ACLNodeIdentity `json:",omitempty"` Hash []byte CreateIndex uint64 ModifyIndex uint64 // Namespace is the namespace the ACLRole is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // Partition is the partition the ACLRole is associated with. // Partitions are a Consul Enterprise feature. Partition string `json:",omitempty"` }
ACLRole represents an ACL Role.
type ACLRolePolicyLink ¶
type ACLRolePolicyLink = ACLLink
type ACLServiceIdentity ¶
ACLServiceIdentity represents a high-level grant of all necessary privileges to assume the identity of the named Service in the Catalog and within Connect.
type ACLToken ¶
type ACLToken struct { CreateIndex uint64 ModifyIndex uint64 AccessorID string SecretID string Description string Policies []*ACLTokenPolicyLink `json:",omitempty"` Roles []*ACLTokenRoleLink `json:",omitempty"` ServiceIdentities []*ACLServiceIdentity `json:",omitempty"` NodeIdentities []*ACLNodeIdentity `json:",omitempty"` Local bool AuthMethod string `json:",omitempty"` ExpirationTTL time.Duration `json:",omitempty"` ExpirationTime *time.Time `json:",omitempty"` CreateTime time.Time `json:",omitempty"` Hash []byte `json:",omitempty"` // DEPRECATED (ACL-Legacy-Compat) // Rules are an artifact of legacy tokens deprecated in Consul 1.4 Rules string `json:"-"` // Namespace is the namespace the ACLToken is associated with. // Namespaces are a Consul Enterprise feature. Namespace string `json:",omitempty"` // Partition is the partition the ACLToken is associated with. // Partitions are a Consul Enterprise feature. Partition string `json:",omitempty"` // AuthMethodNamespace is the namespace the token's AuthMethod is associated with. // Namespacing is a Consul Enterprise feature. AuthMethodNamespace string `json:",omitempty"` }
ACLToken represents an ACL Token
type ACLTokenExpanded ¶
type ACLTokenListEntry ¶
type ACLTokenListEntry struct { CreateIndex uint64 ModifyIndex uint64 AccessorID string SecretID string Description string Policies []*ACLTokenPolicyLink `json:",omitempty"` Roles []*ACLTokenRoleLink `json:",omitempty"` ServiceIdentities []*ACLServiceIdentity `json:",omitempty"` NodeIdentities []*ACLNodeIdentity `json:",omitempty"` Local bool AuthMethod string `json:",omitempty"` ExpirationTime *time.Time `json:",omitempty"` CreateTime time.Time Hash []byte Legacy bool `json:"-"` // DEPRECATED // Namespace is the namespace the ACLTokenListEntry is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // Partition is the partition the ACLTokenListEntry is associated with. // Partitions are a Consul Enterprise feature. Partition string `json:",omitempty"` // AuthMethodNamespace is the namespace the token's AuthMethod is associated with. // Namespacing is a Consul Enterprise feature. AuthMethodNamespace string `json:",omitempty"` }
type ACLTokenPolicyLink ¶
type ACLTokenPolicyLink = ACLLink
type ACLTokenRoleLink ¶
type ACLTokenRoleLink = ACLLink
type APIGatewayConfigEntry ¶
type APIGatewayConfigEntry struct { // Kind of the config entry. This should be set to api.APIGateway. Kind string // Name is used to match the config entry with its associated api gateway // service. This should match the name provided in the service definition. Name string Meta map[string]string `json:",omitempty"` // Listeners is the set of listener configuration to which an API Gateway // might bind. Listeners []APIGatewayListener // Status is the asynchronous status which an APIGateway propagates to the user. Status ConfigEntryStatus // CreateIndex is the Raft index this entry was created at. This is a // read-only field. CreateIndex uint64 // ModifyIndex is used for the Check-And-Set operations and can also be fed // back into the WaitIndex of the QueryOptions in order to perform blocking // queries. ModifyIndex uint64 // Partition is the partition the config entry is associated with. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Namespace is the namespace the config entry is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` }
APIGatewayConfigEntry manages the configuration for an API gateway with the given name.
func (*APIGatewayConfigEntry) GetCreateIndex ¶
func (g *APIGatewayConfigEntry) GetCreateIndex() uint64
func (*APIGatewayConfigEntry) GetKind ¶
func (g *APIGatewayConfigEntry) GetKind() string
func (*APIGatewayConfigEntry) GetMeta ¶
func (g *APIGatewayConfigEntry) GetMeta() map[string]string
func (*APIGatewayConfigEntry) GetModifyIndex ¶
func (g *APIGatewayConfigEntry) GetModifyIndex() uint64
func (*APIGatewayConfigEntry) GetName ¶
func (g *APIGatewayConfigEntry) GetName() string
func (*APIGatewayConfigEntry) GetNamespace ¶
func (g *APIGatewayConfigEntry) GetNamespace() string
func (*APIGatewayConfigEntry) GetPartition ¶
func (g *APIGatewayConfigEntry) GetPartition() string
type APIGatewayListener ¶
type APIGatewayListener struct { // Name is the name of the listener in a given gateway. This must be // unique within a gateway. Name string // Hostname is the host name that a listener should be bound to, if // unspecified, the listener accepts requests for all hostnames. Hostname string // Port is the port at which this listener should bind. Port int // Protocol is the protocol that a listener should use, it must // either be "http" or "tcp" Protocol string // TLS is the TLS settings for the listener. TLS APIGatewayTLSConfiguration }
APIGatewayListener represents an individual listener for an APIGateway
type APIGatewayTLSConfiguration ¶
type APIGatewayTLSConfiguration struct { // Certificates is a set of references to certificates // that a gateway listener uses for TLS termination. Certificates []ResourceReference // MaxVersion is the maximum TLS version that the listener // should support. MaxVersion string `json:",omitempty" alias:"tls_max_version"` // MinVersion is the minimum TLS version that the listener // should support. MinVersion string `json:",omitempty" alias:"tls_min_version"` // Define a subset of cipher suites to restrict // Only applicable to connections negotiated via TLS 1.2 or earlier CipherSuites []string `json:",omitempty" alias:"cipher_suites"` }
APIGatewayTLSConfiguration specifies the configuration of a listener’s TLS settings.
type AccessLogsConfig ¶
type AccessLogsConfig struct { // Enabled turns off all access logging Enabled bool `json:",omitempty" alias:"enabled"` // DisableListenerLogs turns off just listener logs for connections rejected by Envoy because they don't // have a matching listener filter. DisableListenerLogs bool `json:",omitempty" alias:"disable_listener_logs"` // Type selects the output for logs: "file", "stderr". "stdout" Type LogSinkType `json:",omitempty" alias:"type"` // Path is the output file to write logs Path string `json:",omitempty" alias:"path"` // The presence of one format string or the other implies the access log string encoding. // Defining Both is invalid. JSONFormat string `json:",omitempty" alias:"json_format"` TextFormat string `json:",omitempty" alias:"text_format"` }
AccessLogsConfig contains the associated default settings for all Envoy instances within the datacenter or partition
type Agent ¶
type Agent struct {
// contains filtered or unexported fields
}
Agent can be used to query the Agent endpoints
func (*Agent) AgentHealthServiceByID ¶
func (a *Agent) AgentHealthServiceByID(serviceID string) (string, *AgentServiceChecksInfo, error)
AgentHealthServiceByID returns for a given serviceID: the aggregated health status, the service definition or an error if any - If the service is not found, will return status (critical, nil, nil) - If the service is found, will return (critical|passing|warning), AgentServiceChecksInfo, nil) - In all other cases, will return an error
func (*Agent) AgentHealthServiceByIDOpts ¶
func (a *Agent) AgentHealthServiceByIDOpts(serviceID string, q *QueryOptions) (string, *AgentServiceChecksInfo, error)
func (*Agent) AgentHealthServiceByName ¶
func (a *Agent) AgentHealthServiceByName(service string) (string, []AgentServiceChecksInfo, error)
AgentHealthServiceByName returns for a given service name: the aggregated health status for all services having the specified name. - If no service is not found, will return status (critical, [], nil) - If the service is found, will return (critical|passing|warning), []api.AgentServiceChecksInfo, nil) - In all other cases, will return an error
func (*Agent) AgentHealthServiceByNameOpts ¶
func (a *Agent) AgentHealthServiceByNameOpts(service string, q *QueryOptions) (string, []AgentServiceChecksInfo, error)
func (*Agent) CheckDeregister ¶
CheckDeregister is used to deregister a check with the local agent
func (*Agent) CheckDeregisterOpts ¶
func (a *Agent) CheckDeregisterOpts(checkID string, q *QueryOptions) error
CheckDeregisterOpts is used to deregister a check with the local agent using query options
func (*Agent) CheckRegister ¶
func (a *Agent) CheckRegister(check *AgentCheckRegistration) error
CheckRegister is used to register a new check with the local agent
func (*Agent) Checks ¶
func (a *Agent) Checks() (map[string]*AgentCheck, error)
Checks returns the locally registered checks
func (*Agent) ChecksWithFilter ¶
func (a *Agent) ChecksWithFilter(filter string) (map[string]*AgentCheck, error)
ChecksWithFilter returns a subset of the locally registered checks that match the given filter expression
func (*Agent) ChecksWithFilterOpts ¶
func (a *Agent) ChecksWithFilterOpts(filter string, q *QueryOptions) (map[string]*AgentCheck, error)
ChecksWithFilterOpts returns a subset of the locally registered checks that match the given filter expression and QueryOptions.
func (*Agent) ConnectAuthorize ¶
func (a *Agent) ConnectAuthorize(auth *AgentAuthorizeParams) (*AgentAuthorize, error)
ConnectAuthorize is used to authorize an incoming connection to a natively integrated Connect service.
func (*Agent) ConnectCALeaf ¶
ConnectCALeaf gets the leaf certificate for the given service ID.
func (*Agent) ConnectCARoots ¶
func (a *Agent) ConnectCARoots(q *QueryOptions) (*CARootList, *QueryMeta, error)
ConnectCARoots returns the list of roots.
func (*Agent) DisableNodeMaintenance ¶
DisableNodeMaintenance toggles node maintenance mode off for the agent we are connected to.
func (*Agent) DisableServiceMaintenance ¶
DisableServiceMaintenance toggles service maintenance mode off for the given service ID.
func (*Agent) DisableServiceMaintenanceOpts ¶
func (a *Agent) DisableServiceMaintenanceOpts(serviceID string, q *QueryOptions) error
func (*Agent) EnableNodeMaintenance ¶
EnableNodeMaintenance toggles node maintenance mode on for the agent we are connected to.
func (*Agent) EnableServiceMaintenance ¶
EnableServiceMaintenance toggles service maintenance mode on for the given service ID.
func (*Agent) EnableServiceMaintenanceOpts ¶
func (a *Agent) EnableServiceMaintenanceOpts(serviceID, reason string, q *QueryOptions) error
func (*Agent) FailTTL ¶
FailTTL is used to set a TTL check to the failing state.
DEPRECATION NOTICE: This interface is deprecated in favor of UpdateTTL(). The client interface will be removed in 0.8 or changed to use UpdateTTL()'s endpoint and the server endpoints will be removed in 0.9.
func (*Agent) ForceLeave ¶
ForceLeave is used to have the agent eject a failed node
func (*Agent) ForceLeaveOptions ¶
func (a *Agent) ForceLeaveOptions(node string, opts ForceLeaveOpts, q *QueryOptions) error
ForceLeaveOptions is used to have the agent eject a failed node or remove it completely from the list of members. Allows usage of QueryOptions on-top of ForceLeaveOpts
func (*Agent) ForceLeaveOpts ¶
func (a *Agent) ForceLeaveOpts(node string, opts ForceLeaveOpts) error
ForceLeaveOpts is used to have the agent eject a failed node or remove it completely from the list of members.
DEPRECATED - Use ForceLeaveOptions instead.
func (*Agent) ForceLeavePrune ¶
ForceLeavePrune is used to have an a failed agent removed from the list of members
func (*Agent) Host ¶
Host is used to retrieve information about the host the agent is running on such as CPU, memory, and disk. Requires a operator:read ACL token.
func (*Agent) Members ¶
func (a *Agent) Members(wan bool) ([]*AgentMember, error)
Members returns the known gossip members. The WAN flag can be used to query a server for WAN members.
func (*Agent) MembersOpts ¶
func (a *Agent) MembersOpts(opts MembersOpts) ([]*AgentMember, error)
MembersOpts returns the known gossip members and can be passed additional options for WAN/segment filtering.
func (*Agent) Metrics ¶
func (a *Agent) Metrics() (*MetricsInfo, error)
Metrics is used to query the agent we are speaking to for its current internal metric data
func (*Agent) MetricsStream ¶
MetricsStream returns an io.ReadCloser which will emit a stream of metrics until the context is cancelled. The metrics are json encoded. The caller is responsible for closing the returned io.ReadCloser.
func (*Agent) Monitor ¶
func (a *Agent) Monitor(loglevel string, stopCh <-chan struct{}, q *QueryOptions) (chan string, error)
Monitor returns a channel which will receive streaming logs from the agent Providing a non-nil stopCh can be used to close the connection and stop the log stream. An empty string will be sent down the given channel when there's nothing left to stream, after which the caller should close the stopCh.
func (*Agent) MonitorJSON ¶
func (a *Agent) MonitorJSON(loglevel string, stopCh <-chan struct{}, q *QueryOptions) (chan string, error)
MonitorJSON is like Monitor except it returns logs in JSON format.
func (*Agent) PassTTL ¶
PassTTL is used to set a TTL check to the passing state.
DEPRECATION NOTICE: This interface is deprecated in favor of UpdateTTL(). The client interface will be removed in 0.8 or changed to use UpdateTTL()'s endpoint and the server endpoints will be removed in 0.9.
func (*Agent) Self ¶
Self is used to query the agent we are speaking to for information about itself
func (*Agent) Service ¶
func (a *Agent) Service(serviceID string, q *QueryOptions) (*AgentService, *QueryMeta, error)
Service returns a locally registered service instance and allows for hash-based blocking.
Note that this uses an unconventional blocking mechanism since it's agent-local state. That means there is no persistent raft index so we block based on object hash instead.
func (*Agent) ServiceDeregister ¶
ServiceDeregister is used to deregister a service with the local agent
func (*Agent) ServiceDeregisterOpts ¶
func (a *Agent) ServiceDeregisterOpts(serviceID string, q *QueryOptions) error
ServiceDeregisterOpts is used to deregister a service with the local agent with QueryOptions.
func (*Agent) ServiceRegister ¶
func (a *Agent) ServiceRegister(service *AgentServiceRegistration) error
ServiceRegister is used to register a new service with the local agent
func (*Agent) ServiceRegisterOpts ¶
func (a *Agent) ServiceRegisterOpts(service *AgentServiceRegistration, opts ServiceRegisterOpts) error
ServiceRegister is used to register a new service with the local agent and can be passed additional options.
func (*Agent) Services ¶
func (a *Agent) Services() (map[string]*AgentService, error)
Services returns the locally registered services
func (*Agent) ServicesWithFilter ¶
func (a *Agent) ServicesWithFilter(filter string) (map[string]*AgentService, error)
ServicesWithFilter returns a subset of the locally registered services that match the given filter expression
func (*Agent) ServicesWithFilterOpts ¶
func (a *Agent) ServicesWithFilterOpts(filter string, q *QueryOptions) (map[string]*AgentService, error)
ServicesWithFilterOpts returns a subset of the locally registered services that match the given filter expression and QueryOptions.
func (*Agent) UpdateACLAgentMasterToken ¶
func (a *Agent) UpdateACLAgentMasterToken(token string, q *WriteOptions) (*WriteMeta, error)
UpdateACLAgentMasterToken updates the agent's "acl_agent_master_token". See updateToken for more details. Deprecated in Consul 1.4.
DEPRECATED (ACL-Legacy-Compat) - Prefer UpdateAgentMasterACLToken for v1.4.3 and above
func (*Agent) UpdateACLAgentToken ¶
func (a *Agent) UpdateACLAgentToken(token string, q *WriteOptions) (*WriteMeta, error)
UpdateACLAgentToken updates the agent's "acl_agent_token". See updateToken for more details. Deprecated in Consul 1.4.
DEPRECATED (ACL-Legacy-Compat) - Prefer UpdateAgentACLToken for v1.4.3 and above
func (*Agent) UpdateACLReplicationToken ¶
func (a *Agent) UpdateACLReplicationToken(token string, q *WriteOptions) (*WriteMeta, error)
UpdateACLReplicationToken updates the agent's "acl_replication_token". See updateToken for more details. Deprecated in Consul 1.4.
DEPRECATED (ACL-Legacy-Compat) - Prefer UpdateReplicationACLToken for v1.4.3 and above
func (*Agent) UpdateACLToken ¶
func (a *Agent) UpdateACLToken(token string, q *WriteOptions) (*WriteMeta, error)
UpdateACLToken updates the agent's "acl_token". See updateToken for more details. Deprecated in Consul 1.4.
DEPRECATED (ACL-Legacy-Compat) - Prefer UpdateDefaultACLToken for v1.4.3 and above
func (*Agent) UpdateAgentACLToken ¶
func (a *Agent) UpdateAgentACLToken(token string, q *WriteOptions) (*WriteMeta, error)
UpdateAgentACLToken updates the agent's "agent" token. See updateToken for more details
func (*Agent) UpdateAgentMasterACLToken ¶
func (a *Agent) UpdateAgentMasterACLToken(token string, q *WriteOptions) (*WriteMeta, error)
UpdateAgentMasterACLToken updates the agent's "agent_master" token. See updateToken for more details.
DEPRECATED - Prefer UpdateAgentRecoveryACLToken for v1.11 and above.
func (*Agent) UpdateAgentRecoveryACLToken ¶
func (a *Agent) UpdateAgentRecoveryACLToken(token string, q *WriteOptions) (*WriteMeta, error)
UpdateAgentRecoveryACLToken updates the agent's "agent_recovery" token. See updateToken for more details.
func (*Agent) UpdateConfigFileRegistrationToken ¶
func (a *Agent) UpdateConfigFileRegistrationToken(token string, q *WriteOptions) (*WriteMeta, error)
UpdateConfigFileRegistrationToken updates the agent's "replication" token. See updateToken for more details
func (*Agent) UpdateDefaultACLToken ¶
func (a *Agent) UpdateDefaultACLToken(token string, q *WriteOptions) (*WriteMeta, error)
UpdateDefaultACLToken updates the agent's "default" token. See updateToken for more details
func (*Agent) UpdateReplicationACLToken ¶
func (a *Agent) UpdateReplicationACLToken(token string, q *WriteOptions) (*WriteMeta, error)
UpdateReplicationACLToken updates the agent's "replication" token. See updateToken for more details
func (*Agent) UpdateTTL ¶
UpdateTTL is used to update the TTL of a check. This uses the newer API that was introduced in Consul 0.6.4 and later. We translate the old status strings for compatibility (though a newer version of Consul will still be required to use this API).
func (*Agent) UpdateTTLOpts ¶
func (a *Agent) UpdateTTLOpts(checkID, output, status string, q *QueryOptions) error
func (*Agent) Version ¶
Version is used to retrieve information about the running Consul version and build.
type AgentAuthorize ¶
AgentAuthorize is the response structure for Connect authorization.
type AgentAuthorizeParams ¶
AgentAuthorizeParams are the request parameters for authorizing a request.
type AgentCheck ¶
type AgentCheck struct { Node string CheckID string Name string Status string Notes string Output string ServiceID string ServiceName string Type string ExposedPort int Definition HealthCheckDefinition Namespace string `json:",omitempty"` Partition string `json:",omitempty"` }
AgentCheck represents a check known to the agent
type AgentCheckRegistration ¶
type AgentCheckRegistration struct { ID string `json:",omitempty"` Name string `json:",omitempty"` Notes string `json:",omitempty"` ServiceID string `json:",omitempty"` AgentServiceCheck Namespace string `json:",omitempty"` Partition string `json:",omitempty"` }
AgentCheckRegistration is used to register a new check
type AgentMember ¶
type AgentMember struct { Name string Addr string Port uint16 Tags map[string]string // Status of the Member which corresponds to github.com/hashicorp/serf/serf.MemberStatus // Value is one of: // // AgentMemberNone = 0 // AgentMemberAlive = 1 // AgentMemberLeaving = 2 // AgentMemberLeft = 3 // AgentMemberFailed = 4 Status int ProtocolMin uint8 ProtocolMax uint8 ProtocolCur uint8 DelegateMin uint8 DelegateMax uint8 DelegateCur uint8 }
AgentMember represents a cluster member known to the agent
func (*AgentMember) ACLMode ¶
func (m *AgentMember) ACLMode() MemberACLMode
ACLMode returns the ACL mode this agent is operating in.
func (*AgentMember) IsConsulServer ¶
func (m *AgentMember) IsConsulServer() bool
IsConsulServer returns true when this member is a Consul server.
type AgentService ¶
type AgentService struct { Kind ServiceKind `json:",omitempty"` ID string Service string Tags []string Meta map[string]string Port int Address string SocketPath string `json:",omitempty"` TaggedAddresses map[string]ServiceAddress `json:",omitempty"` Weights AgentWeights EnableTagOverride bool CreateIndex uint64 `json:",omitempty" bexpr:"-"` ModifyIndex uint64 `json:",omitempty" bexpr:"-"` ContentHash string `json:",omitempty" bexpr:"-"` Proxy *AgentServiceConnectProxyConfig `json:",omitempty"` Connect *AgentServiceConnect `json:",omitempty"` PeerName string `json:",omitempty"` // NOTE: If we ever set the ContentHash outside of singular service lookup then we may need // to include the Namespace in the hash. When we do, then we are in for lots of fun with tests. // For now though, ignoring it works well enough. Namespace string `json:",omitempty" bexpr:"-" hash:"ignore"` Partition string `json:",omitempty" bexpr:"-" hash:"ignore"` // Datacenter is only ever returned and is ignored if presented. Datacenter string `json:",omitempty" bexpr:"-" hash:"ignore"` Locality *Locality `json:",omitempty" bexpr:"-" hash:"ignore"` }
AgentService represents a service known to the agent
type AgentServiceCheck ¶
type AgentServiceCheck struct { CheckID string `json:",omitempty"` Name string `json:",omitempty"` Args []string `json:"ScriptArgs,omitempty"` DockerContainerID string `json:",omitempty"` Shell string `json:",omitempty"` // Only supported for Docker. Interval string `json:",omitempty"` Timeout string `json:",omitempty"` TTL string `json:",omitempty"` HTTP string `json:",omitempty"` Header map[string][]string `json:",omitempty"` Method string `json:",omitempty"` Body string `json:",omitempty"` TCP string `json:",omitempty"` UDP string `json:",omitempty"` Status string `json:",omitempty"` Notes string `json:",omitempty"` TLSServerName string `json:",omitempty"` TLSSkipVerify bool `json:",omitempty"` GRPC string `json:",omitempty"` GRPCUseTLS bool `json:",omitempty"` H2PING string `json:",omitempty"` H2PingUseTLS bool `json:",omitempty"` AliasNode string `json:",omitempty"` AliasService string `json:",omitempty"` SuccessBeforePassing int `json:",omitempty"` FailuresBeforeWarning int `json:",omitempty"` FailuresBeforeCritical int `json:",omitempty"` // In Consul 0.7 and later, checks that are associated with a service // may also contain this optional DeregisterCriticalServiceAfter field, // which is a timeout in the same Go time format as Interval and TTL. If // a check is in the critical state for more than this configured value, // then its associated service (and all of its associated checks) will // automatically be deregistered. DeregisterCriticalServiceAfter string `json:",omitempty"` }
AgentServiceCheck is used to define a node or service level check
type AgentServiceChecks ¶
type AgentServiceChecks []*AgentServiceCheck
type AgentServiceChecksInfo ¶
type AgentServiceChecksInfo struct { AggregatedStatus string Service *AgentService Checks HealthChecks }
AgentServiceChecksInfo returns information about a Service and its checks
type AgentServiceConnect ¶
type AgentServiceConnect struct { Native bool `json:",omitempty"` SidecarService *AgentServiceRegistration `json:",omitempty" bexpr:"-"` }
AgentServiceConnect represents the Connect configuration of a service.
type AgentServiceConnectProxyConfig ¶
type AgentServiceConnectProxyConfig struct { EnvoyExtensions []EnvoyExtension `json:",omitempty"` DestinationServiceName string `json:",omitempty"` DestinationServiceID string `json:",omitempty"` LocalServiceAddress string `json:",omitempty"` LocalServicePort int `json:",omitempty"` LocalServiceSocketPath string `json:",omitempty"` Mode ProxyMode `json:",omitempty"` TransparentProxy *TransparentProxyConfig `json:",omitempty"` Config map[string]interface{} `json:",omitempty" bexpr:"-"` Upstreams []Upstream `json:",omitempty"` MeshGateway MeshGatewayConfig `json:",omitempty"` Expose ExposeConfig `json:",omitempty"` AccessLogs *AccessLogsConfig `json:",omitempty"` }
AgentServiceConnectProxyConfig is the proxy configuration in a connect-proxy ServiceDefinition or response.
type AgentServiceRegistration ¶
type AgentServiceRegistration struct { Kind ServiceKind `json:",omitempty"` ID string `json:",omitempty"` Name string `json:",omitempty"` Tags []string `json:",omitempty"` Port int `json:",omitempty"` Address string `json:",omitempty"` SocketPath string `json:",omitempty"` TaggedAddresses map[string]ServiceAddress `json:",omitempty"` EnableTagOverride bool `json:",omitempty"` Meta map[string]string `json:",omitempty"` Weights *AgentWeights `json:",omitempty"` Check *AgentServiceCheck Checks AgentServiceChecks Proxy *AgentServiceConnectProxyConfig `json:",omitempty"` Connect *AgentServiceConnect `json:",omitempty"` Namespace string `json:",omitempty" bexpr:"-" hash:"ignore"` Partition string `json:",omitempty" bexpr:"-" hash:"ignore"` Locality *Locality `json:",omitempty" bexpr:"-" hash:"ignore"` }
AgentServiceRegistration is used to register a new service
type AgentToken ¶
type AgentToken struct {
Token string
}
AgentToken is used when updating ACL tokens for an agent.
type AgentWeights ¶
AgentWeights represent optional weights for a service
type Area ¶
type Area struct { // ID is this identifier for an area (a UUID). This must be left empty // when creating a new area. ID string // PeerDatacenter is the peer Consul datacenter that will make up the // other side of this network area. Network areas always involve a pair // of datacenters: the datacenter where the area was created, and the // peer datacenter. This is required. PeerDatacenter string // RetryJoin specifies the address of Consul servers to join to, such as // an IPs or hostnames with an optional port number. This is optional. RetryJoin []string // UseTLS specifies whether gossip over this area should be encrypted with TLS // if possible. UseTLS bool }
Area defines a network area.
type AreaJoinResponse ¶
type AreaJoinResponse struct { // The address that was joined. Address string // Whether or not the join was a success. Joined bool // If we couldn't join, this is the message with information. Error string }
AreaJoinResponse is returned when a join occurs and gives the result for each address.
type AssignServiceManualVIPsResponse ¶
type AssignServiceManualVIPsResponse struct { ServiceFound bool `json:"Found"` UnassignedFrom []PeeredServiceName }
type AutopilotConfiguration ¶
type AutopilotConfiguration struct { // CleanupDeadServers controls whether to remove dead servers from the Raft // peer list when a new server joins CleanupDeadServers bool // LastContactThreshold is the limit on the amount of time a server can go // without leader contact before being considered unhealthy. LastContactThreshold *ReadableDuration // MaxTrailingLogs is the amount of entries in the Raft Log that a server can // be behind before being considered unhealthy. MaxTrailingLogs uint64 // MinQuorum sets the minimum number of servers allowed in a cluster before // autopilot can prune dead servers. MinQuorum uint // ServerStabilizationTime is the minimum amount of time a server must be // in a stable, healthy state before it can be added to the cluster. Only // applicable with Raft protocol version 3 or higher. ServerStabilizationTime *ReadableDuration // (Enterprise-only) RedundancyZoneTag is the node tag to use for separating // servers into zones for redundancy. If left blank, this feature will be disabled. RedundancyZoneTag string // (Enterprise-only) DisableUpgradeMigration will disable Autopilot's upgrade migration // strategy of waiting until enough newer-versioned servers have been added to the // cluster before promoting them to voters. DisableUpgradeMigration bool // (Enterprise-only) UpgradeVersionTag is the node tag to use for version info when // performing upgrade migrations. If left blank, the Consul version will be used. UpgradeVersionTag string // CreateIndex holds the index corresponding the creation of this configuration. // This is a read-only field. CreateIndex uint64 // ModifyIndex will be set to the index of the last update when retrieving the // Autopilot configuration. Resubmitting a configuration with // AutopilotCASConfiguration will perform a check-and-set operation which ensures // there hasn't been a subsequent update since the configuration was retrieved. ModifyIndex uint64 }
AutopilotConfiguration is used for querying/setting the Autopilot configuration. Autopilot helps manage operator tasks related to Consul servers like removing failed servers from the Raft quorum.
func NewAutopilotConfiguration ¶
func NewAutopilotConfiguration() AutopilotConfiguration
Defines default values for the AutopilotConfiguration type, consistent with https://www.consul.io/api-docs/operator/autopilot#parameters-1
type AutopilotServer ¶
type AutopilotServer struct { ID string Name string Address string NodeStatus string Version string LastContact *ReadableDuration LastTerm uint64 LastIndex uint64 Healthy bool StableSince time.Time RedundancyZone string `json:",omitempty"` UpgradeVersion string `json:",omitempty"` ReadReplica bool Status AutopilotServerStatus Meta map[string]string NodeType AutopilotServerType }
type AutopilotServerStatus ¶
type AutopilotServerStatus string
const ( AutopilotServerNone AutopilotServerStatus = "none" AutopilotServerLeader AutopilotServerStatus = "leader" AutopilotServerVoter AutopilotServerStatus = "voter" AutopilotServerNonVoter AutopilotServerStatus = "non-voter" AutopilotServerStaging AutopilotServerStatus = "staging" )
type AutopilotServerType ¶
type AutopilotServerType string
const ( AutopilotTypeVoter AutopilotServerType = "voter" AutopilotTypeReadReplica AutopilotServerType = "read-replica" AutopilotTypeZoneVoter AutopilotServerType = "zone-voter" AutopilotTypeZoneExtraVoter AutopilotServerType = "zone-extra-voter" AutopilotTypeZoneStandby AutopilotServerType = "zone-standby" )
type AutopilotState ¶
type AutopilotState struct { Healthy bool FailureTolerance int OptimisticFailureTolerance int Servers map[string]AutopilotServer Leader string Voters []string ReadReplicas []string `json:",omitempty"` RedundancyZones map[string]AutopilotZone `json:",omitempty"` Upgrade *AutopilotUpgrade `json:",omitempty"` }
type AutopilotUpgrade ¶
type AutopilotUpgrade struct { Status AutopilotUpgradeStatus TargetVersion string `json:",omitempty"` TargetVersionVoters []string `json:",omitempty"` TargetVersionNonVoters []string `json:",omitempty"` TargetVersionReadReplicas []string `json:",omitempty"` OtherVersionVoters []string `json:",omitempty"` OtherVersionNonVoters []string `json:",omitempty"` OtherVersionReadReplicas []string `json:",omitempty"` RedundancyZones map[string]AutopilotZoneUpgradeVersions `json:",omitempty"` }
type AutopilotUpgradeStatus ¶
type AutopilotUpgradeStatus string
const ( // AutopilotUpgradeIdle is the status when no upgrade is in progress. AutopilotUpgradeIdle AutopilotUpgradeStatus = "idle" // AutopilotUpgradeAwaitNewVoters is the status when more servers of // the target version must be added in order to start the promotion // phase of the upgrade AutopilotUpgradeAwaitNewVoters AutopilotUpgradeStatus = "await-new-voters" // AutopilotUpgradePromoting is the status when autopilot is promoting // servers of the target version. AutopilotUpgradePromoting AutopilotUpgradeStatus = "promoting" // AutopilotUpgradeDemoting is the status when autopilot is demoting // servers not on the target version AutopilotUpgradeDemoting AutopilotUpgradeStatus = "demoting" // AutopilotUpgradeLeaderTransfer is the status when autopilot is transferring // leadership from a server running an older version to a server // using the target version. AutopilotUpgradeLeaderTransfer AutopilotUpgradeStatus = "leader-transfer" // AutopilotUpgradeAwaitNewServers is the status when autpilot has finished // transferring leadership and has demoted all the other versioned // servers but wants to indicate that more target version servers // are needed to replace all the existing other version servers. AutopilotUpgradeAwaitNewServers AutopilotUpgradeStatus = "await-new-servers" // AutopilotUpgradeAwaitServerRemoval is the status when autopilot is waiting // for the servers on non-target versions to be removed AutopilotUpgradeAwaitServerRemoval AutopilotUpgradeStatus = "await-server-removal" // AutopilotUpgradeDisabled is the status when automated ugprades are // disabled in the autopilot configuration AutopilotUpgradeDisabled AutopilotUpgradeStatus = "disabled" )
type AutopilotZone ¶
type BindingRuleBindType ¶
type BindingRuleBindType string
BindingRuleBindType is the type of binding rule mechanism used.
const ( // BindingRuleBindTypeService binds to a service identity with the given name. BindingRuleBindTypeService BindingRuleBindType = "service" // BindingRuleBindTypeRole binds to pre-existing roles with the given name. BindingRuleBindTypeRole BindingRuleBindType = "role" )
type BootstrapRequest ¶
type BootstrapRequest struct {
BootstrapSecret string
}
BootstrapRequest is used for when operators provide an ACL Bootstrap Token
type CAConfig ¶
type CAConfig struct { // Provider is the CA provider implementation to use. Provider string // Configuration is arbitrary configuration for the provider. This // should only contain primitive values and containers (such as lists // and maps). Config map[string]interface{} // State is read-only data that the provider might have persisted for use // after restart or leadership transition. For example this might include // UUIDs of resources it has created. Setting this when writing a // configuration is an error. State map[string]string // ForceWithoutCrossSigning indicates that the CA reconfiguration should go // ahead even if the current CA is unable to cross sign certificates. This // risks temporary connection failures during the rollout as new leafs will be // rejected by proxies that have not yet observed the new root cert but is the // only option if a CA that doesn't support cross signing needs to be // reconfigured or mirated away from. ForceWithoutCrossSigning bool CreateIndex uint64 ModifyIndex uint64 }
CAConfig is the structure for the Connect CA configuration.
type CARoot ¶
type CARoot struct { // ID is a globally unique ID (UUID) representing this CA root. ID string // Name is a human-friendly name for this CA root. This value is // opaque to Consul and is not used for anything internally. Name string // RootCertPEM is the PEM-encoded public certificate. RootCertPEM string `json:"RootCert"` // Active is true if this is the current active CA. This must only // be true for exactly one CA. For any method that modifies roots in the // state store, tests should be written to verify that multiple roots // cannot be active. Active bool CreateIndex uint64 ModifyIndex uint64 }
CARoot represents a root CA certificate that is trusted.
type CARootList ¶
CARootList is the structure for the results of listing roots.
type Catalog ¶
type Catalog struct {
// contains filtered or unexported fields
}
Catalog can be used to query the Catalog endpoints
func (*Catalog) Connect ¶
func (c *Catalog) Connect(service, tag string, q *QueryOptions) ([]*CatalogService, *QueryMeta, error)
Connect is used to query catalog entries for a given Connect-enabled service
func (*Catalog) ConnectMultipleTags ¶
func (c *Catalog) ConnectMultipleTags(service string, tags []string, q *QueryOptions) ([]*CatalogService, *QueryMeta, error)
Supports multiple tags for filtering
func (*Catalog) Datacenters ¶
Datacenters is used to query for all the known datacenters
func (*Catalog) Deregister ¶
func (c *Catalog) Deregister(dereg *CatalogDeregistration, q *WriteOptions) (*WriteMeta, error)
func (*Catalog) GatewayServices ¶
func (c *Catalog) GatewayServices(gateway string, q *QueryOptions) ([]*GatewayService, *QueryMeta, error)
GatewayServices is used to query the services associated with an ingress gateway or terminating gateway.
func (*Catalog) Node ¶
func (c *Catalog) Node(node string, q *QueryOptions) (*CatalogNode, *QueryMeta, error)
Node is used to query for service information about a single node
func (*Catalog) NodeServiceList ¶
func (c *Catalog) NodeServiceList(node string, q *QueryOptions) (*CatalogNodeServiceList, *QueryMeta, error)
NodeServiceList is used to query for service information about a single node. It differs from the Node function only in its return type which will contain a list of services as opposed to a map of service ids to services. This different structure allows for using the wildcard specifier '*' for the Namespace in the QueryOptions.
func (*Catalog) Nodes ¶
func (c *Catalog) Nodes(q *QueryOptions) ([]*Node, *QueryMeta, error)
Nodes is used to query all the known nodes
func (*Catalog) Register ¶
func (c *Catalog) Register(reg *CatalogRegistration, q *WriteOptions) (*WriteMeta, error)
func (*Catalog) Service ¶
func (c *Catalog) Service(service, tag string, q *QueryOptions) ([]*CatalogService, *QueryMeta, error)
Service is used to query catalog entries for a given service
func (*Catalog) ServiceMultipleTags ¶
func (c *Catalog) ServiceMultipleTags(service string, tags []string, q *QueryOptions) ([]*CatalogService, *QueryMeta, error)
Supports multiple tags for filtering
type CatalogDeregistration ¶
type CatalogNode ¶
type CatalogNode struct { Node *Node Services map[string]*AgentService }
type CatalogNodeServiceList ¶
type CatalogNodeServiceList struct { Node *Node Services []*AgentService }
type CatalogRegistration ¶
type CatalogRegistration struct { ID string Node string Address string TaggedAddresses map[string]string NodeMeta map[string]string Datacenter string Service *AgentService Check *AgentCheck Checks HealthChecks SkipNodeUpdate bool Partition string `json:",omitempty"` Locality *Locality `json:",omitempty"` }
type CatalogService ¶
type CatalogService struct { ID string Node string Address string Datacenter string TaggedAddresses map[string]string NodeMeta map[string]string ServiceID string ServiceName string ServiceAddress string ServiceTaggedAddresses map[string]ServiceAddress ServiceTags []string ServiceMeta map[string]string ServicePort int ServiceWeights Weights ServiceEnableTagOverride bool ServiceProxy *AgentServiceConnectProxyConfig ServiceLocality *Locality `json:",omitempty"` CreateIndex uint64 Checks HealthChecks ModifyIndex uint64 Namespace string `json:",omitempty"` Partition string `json:",omitempty"` }
type CheckOp ¶
type CheckOp string
CheckOp constants give possible operations available in a transaction.
type CheckTxnOp ¶
type CheckTxnOp struct { Verb CheckOp Check HealthCheck }
CheckTxnOp defines a single operation inside a transaction.
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client provides a client to the Consul API
func (*Client) AddHeader ¶
AddHeader allows a single header key/value pair to be added in a race-safe fashion.
func (*Client) ConfigEntries ¶
func (c *Client) ConfigEntries() *ConfigEntries
Config returns a handle to the Config endpoints
func (*Client) Coordinate ¶
func (c *Client) Coordinate() *Coordinate
Coordinate returns a handle to the coordinate endpoints
func (*Client) DiscoveryChain ¶
func (c *Client) DiscoveryChain() *DiscoveryChain
DiscoveryChain returns a handle to the discovery-chain endpoints
func (*Client) Headers ¶
Headers gets the current set of headers used for requests. This returns a copy; to modify it call AddHeader or SetHeaders.
func (*Client) Internal ¶
Internal returns a handle to endpoints that are for internal Hashicorp usage only. There is not guarantee that these will be backwards-compatible or supported, so usage of these is not encouraged.
func (*Client) LockKey ¶
LockKey returns a handle to a lock struct which can be used to acquire and release the mutex. The key used must have write permissions.
func (*Client) LockOpts ¶
func (c *Client) LockOpts(opts *LockOptions) (*Lock, error)
LockOpts returns a handle to a lock struct which can be used to acquire and release the mutex. The key used must have write permissions.
func (*Client) Namespaces ¶
func (c *Client) Namespaces() *Namespaces
Namespaces returns a handle to the namespaces endpoints.
func (*Client) Partitions ¶
func (c *Client) Partitions() *Partitions
Operator returns a handle to the operator endpoints.
func (*Client) PreparedQuery ¶
func (c *Client) PreparedQuery() *PreparedQuery
PreparedQuery returns a handle to the prepared query endpoints.
func (*Client) SemaphoreOpts ¶
func (c *Client) SemaphoreOpts(opts *SemaphoreOptions) (*Semaphore, error)
SemaphoreOpts is used to create a Semaphore with the given options. The prefix must have write privileges, and the limit must be agreed upon by all contenders. If a Session is not provided, one will be created.
func (*Client) SemaphorePrefix ¶
SemaphorePrefix is used to created a Semaphore which will operate at the given KV prefix and uses the given limit for the semaphore. The prefix must have write privileges, and the limit must be agreed upon by all contenders.
func (*Client) SetHeaders ¶
SetHeaders clears all previous headers and uses only the given ones going forward.
type ClusterDiscoveryType ¶
type ClusterDiscoveryType string
const ( DiscoveryTypeStrictDNS ClusterDiscoveryType = "STRICT_DNS" DiscoveryTypeStatic ClusterDiscoveryType = "STATIC" DiscoveryTypeLogicalDNS ClusterDiscoveryType = "LOGICAL_DNS" DiscoveryTypeEDS ClusterDiscoveryType = "EDS" DiscoveryTypeOriginalDST ClusterDiscoveryType = "ORIGINAL_DST" )
type CommonCAProviderConfig ¶
type CommonCAProviderConfig struct { LeafCertTTL time.Duration RootCertTTL time.Duration SkipValidate bool CSRMaxPerSecond float32 CSRMaxConcurrent int }
CommonCAProviderConfig is the common options available to all CA providers.
type CompiledDiscoveryChain ¶
type CompiledDiscoveryChain struct { ServiceName string Namespace string Datacenter string // CustomizationHash is a unique hash of any data that affects the // compilation of the discovery chain other than config entries or the // name/namespace/datacenter evaluation criteria. // // If set, this value should be used to prefix/suffix any generated load // balancer data plane objects to avoid sharing customized and // non-customized versions. CustomizationHash string // Default indicates if this discovery chain is based on no // service-resolver, service-splitter, or service-router config entries. Default bool // Protocol is the overall protocol shared by everything in the chain. Protocol string // ServiceMeta is the metadata from the underlying service-defaults config // entry for the service named ServiceName. ServiceMeta map[string]string // StartNode is the first key into the Nodes map that should be followed // when walking the discovery chain. StartNode string // Nodes contains all nodes available for traversal in the chain keyed by a // unique name. You can walk this by starting with StartNode. // // NOTE: The names should be treated as opaque values and are only // guaranteed to be consistent within a single compilation. Nodes map[string]*DiscoveryGraphNode // Targets is a list of all targets used in this chain. // // NOTE: The names should be treated as opaque values and are only // guaranteed to be consistent within a single compilation. Targets map[string]*DiscoveryTarget }
type CompoundServiceName ¶
type Condition ¶
type Condition struct { // Type is a value from a bounded set of types that an object might have Type string // Status is a value from a bounded set of statuses that an object might have Status ConditionStatus // Reason is a value from a bounded set of reasons for a given status Reason string // Message is a message that gives more detailed information about // why a Condition has a given status and reason Message string // Resource is an optional reference to a resource for which this // condition applies Resource *ResourceReference // LastTransitionTime is the time at which this Condition was created LastTransitionTime *time.Time }
Condition is used for a single message and state associated with an object. For example, a ConfigEntry that references multiple other resources may have different statuses with respect to each of those resources.
type ConditionStatus ¶
type ConditionStatus string
const ( ConditionStatusTrue ConditionStatus = "True" ConditionStatusFalse ConditionStatus = "False" ConditionStatusUnknown ConditionStatus = "Unknown" )
type Config ¶
type Config struct { // Address is the address of the Consul server Address string // Scheme is the URI scheme for the Consul server Scheme string // Prefix for URIs for when consul is behind an API gateway (reverse // proxy). The API gateway must strip off the PathPrefix before // passing the request onto consul. PathPrefix string // Datacenter to use. If not provided, the default agent datacenter is used. Datacenter string // Transport is the Transport to use for the http client. Transport *http.Transport // HttpClient is the client to use. Default will be // used if not provided. HttpClient *http.Client // HttpAuth is the auth info to use for http access. HttpAuth *HttpBasicAuth // WaitTime limits how long a Watch will block. If not provided, // the agent default values will be used. WaitTime time.Duration // Token is used to provide a per-request ACL token // which overrides the agent's default token. Token string // TokenFile is a file containing the current token to use for this client. // If provided it is read once at startup and never again. TokenFile string // Namespace is the name of the namespace to send along for the request // when no other Namespace is present in the QueryOptions Namespace string // Partition is the name of the partition to send along for the request // when no other Partition is present in the QueryOptions Partition string TLSConfig TLSConfig }
Config is used to configure the creation of a client
func DefaultConfig ¶
func DefaultConfig() *Config
DefaultConfig returns a default configuration for the client. By default this will pool and reuse idle connections to Consul. If you have a long-lived client object, this is the desired behavior and should make the most efficient use of the connections to Consul. If you don't reuse a client object, which is not recommended, then you may notice idle connections building up over time. To avoid this, use the DefaultNonPooledConfig() instead.
func DefaultConfigWithLogger ¶
func DefaultConfigWithLogger(logger hclog.Logger) *Config
DefaultConfigWithLogger returns a default configuration for the client. It is exactly the same as DefaultConfig, but allows for a pre-configured logger object to be passed through.
func DefaultNonPooledConfig ¶
func DefaultNonPooledConfig() *Config
DefaultNonPooledConfig returns a default configuration for the client which does not pool connections. This isn't a recommended configuration because it will reconnect to Consul on every request, but this is useful to avoid the accumulation of idle connections if you make many client objects during the lifetime of your application.
func (*Config) GenerateEnv ¶
type ConfigEntries ¶
type ConfigEntries struct {
// contains filtered or unexported fields
}
ConfigEntries can be used to query the Config endpoints
func (*ConfigEntries) CAS ¶
func (conf *ConfigEntries) CAS(entry ConfigEntry, index uint64, w *WriteOptions) (bool, *WriteMeta, error)
func (*ConfigEntries) Delete ¶
func (conf *ConfigEntries) Delete(kind string, name string, w *WriteOptions) (*WriteMeta, error)
func (*ConfigEntries) DeleteCAS ¶
func (conf *ConfigEntries) DeleteCAS(kind, name string, index uint64, w *WriteOptions) (bool, *WriteMeta, error)
DeleteCAS performs a Check-And-Set deletion of the given config entry, and returns true if it was successful. If the provided index no longer matches the entry's ModifyIndex (i.e. it was modified by another process) then the operation will fail and return false.
func (*ConfigEntries) Get ¶
func (conf *ConfigEntries) Get(kind string, name string, q *QueryOptions) (ConfigEntry, *QueryMeta, error)
func (*ConfigEntries) List ¶
func (conf *ConfigEntries) List(kind string, q *QueryOptions) ([]ConfigEntry, *QueryMeta, error)
func (*ConfigEntries) Set ¶
func (conf *ConfigEntries) Set(entry ConfigEntry, w *WriteOptions) (bool, *WriteMeta, error)
type ConfigEntry ¶
type ConfigEntry interface { GetKind() string GetName() string GetPartition() string GetNamespace() string GetMeta() map[string]string GetCreateIndex() uint64 GetModifyIndex() uint64 }
func DecodeConfigEntry ¶
func DecodeConfigEntry(raw map[string]interface{}) (ConfigEntry, error)
DecodeConfigEntry will decode the result of using json.Unmarshal of a config entry into a map[string]interface{}.
Important caveats:
- This will NOT work if the map[string]interface{} was produced using HCL decoding as that requires more extensive parsing to work around the issues with map[string][]interface{} that arise.
- This will only decode fields using their camel case json field representations.
func DecodeConfigEntryFromJSON ¶
func DecodeConfigEntryFromJSON(data []byte) (ConfigEntry, error)
func MakeConfigEntry ¶
func MakeConfigEntry(kind, name string) (ConfigEntry, error)
type ConfigEntryStatus ¶
type ConfigEntryStatus struct { // Conditions is the set of condition objects associated with // a ConfigEntry status. Conditions []Condition }
ConfigEntryStatus is used for propagating back asynchronously calculated messages from control loops to a user
type Connect ¶
type Connect struct {
// contains filtered or unexported fields
}
Connect can be used to work with endpoints related to Connect, the feature for securely connecting services within Consul.
func (*Connect) CAGetConfig ¶
func (h *Connect) CAGetConfig(q *QueryOptions) (*CAConfig, *QueryMeta, error)
CAGetConfig returns the current CA configuration.
func (*Connect) CARoots ¶
func (h *Connect) CARoots(q *QueryOptions) (*CARootList, *QueryMeta, error)
CARoots queries the list of available roots.
func (*Connect) CASetConfig ¶
func (h *Connect) CASetConfig(conf *CAConfig, q *WriteOptions) (*WriteMeta, error)
CASetConfig sets the current CA configuration.
func (*Connect) IntentionCheck ¶
func (h *Connect) IntentionCheck(args *IntentionCheck, q *QueryOptions) (bool, *QueryMeta, error)
IntentionCheck returns whether a given source/destination would be allowed or not given the current set of intentions and the configuration of Consul.
func (*Connect) IntentionCreate
deprecated
func (*Connect) IntentionDelete
deprecated
func (h *Connect) IntentionDelete(id string, q *WriteOptions) (*WriteMeta, error)
IntentionDelete deletes a single intention.
Deprecated: use IntentionDeleteExact instead
func (*Connect) IntentionDeleteExact ¶
func (h *Connect) IntentionDeleteExact(source, destination string, q *WriteOptions) (*WriteMeta, error)
IntentionDeleteExact deletes a single intention by its unique name instead of its ID.
func (*Connect) IntentionGet
deprecated
func (*Connect) IntentionGetExact ¶
func (h *Connect) IntentionGetExact(source, destination string, q *QueryOptions) (*Intention, *QueryMeta, error)
IntentionGetExact retrieves a single intention by its unique name instead of its ID.
func (*Connect) IntentionMatch ¶
func (h *Connect) IntentionMatch(args *IntentionMatch, q *QueryOptions) (map[string][]*Intention, *QueryMeta, error)
IntentionMatch returns the list of intentions that match a given source or destination. The returned intentions are ordered by precedence where result[0] is the highest precedence (if that matches, then that rule overrides all other rules).
Matching can be done for multiple names at the same time. The resulting map is keyed by the given names. Casing is preserved.
func (*Connect) IntentionUpdate
deprecated
func (c *Connect) IntentionUpdate(ixn *Intention, q *WriteOptions) (*WriteMeta, error)
IntentionUpdate will update an existing intention. The ID in the given structure must be non-empty.
Deprecated: use IntentionUpsert instead
func (*Connect) IntentionUpsert ¶
func (c *Connect) IntentionUpsert(ixn *Intention, q *WriteOptions) (*WriteMeta, error)
IntentionUpsert will update an existing intention. The Source & Destination parameters in the structure must be non-empty. The ID must be empty.
func (*Connect) Intentions ¶
func (h *Connect) Intentions(q *QueryOptions) ([]*Intention, *QueryMeta, error)
Intentions returns the list of intentions.
type ConnectProxyConfig ¶
type ConnectProxyConfig struct { ProxyServiceID string TargetServiceID string TargetServiceName string ContentHash string Config map[string]interface{} `bexpr:"-"` Upstreams []Upstream }
ConnectProxyConfig is the response structure for agent-local proxy configuration.
type ConsulCAProviderConfig ¶
type ConsulCAProviderConfig struct { CommonCAProviderConfig `mapstructure:",squash"` PrivateKey string RootCert string IntermediateCertTTL time.Duration }
ConsulCAProviderConfig is the config for the built-in Consul CA provider.
func ParseConsulCAConfig ¶
func ParseConsulCAConfig(raw map[string]interface{}) (*ConsulCAProviderConfig, error)
ParseConsulCAConfig takes a raw config map and returns a parsed ConsulCAProviderConfig.
type CookieConfig ¶
type CookieConfig struct { // Generates a session cookie with no expiration. Session bool `json:",omitempty"` // TTL for generated cookies. Cannot be specified for session cookies. TTL time.Duration `json:",omitempty"` // The path to set for the cookie Path string `json:",omitempty"` }
CookieConfig contains configuration for the "cookie" hash policy type. This is specified to have Envoy generate a cookie for a client on its first request.
type Coordinate ¶
type Coordinate struct {
// contains filtered or unexported fields
}
Coordinate can be used to query the coordinate endpoints
func (*Coordinate) Datacenters ¶
func (c *Coordinate) Datacenters() ([]*CoordinateDatacenterMap, error)
Datacenters is used to return the coordinates of all the servers in the WAN pool.
func (*Coordinate) Node ¶
func (c *Coordinate) Node(node string, q *QueryOptions) ([]*CoordinateEntry, *QueryMeta, error)
Node is used to return the coordinates of a single node in the LAN pool.
func (*Coordinate) Nodes ¶
func (c *Coordinate) Nodes(q *QueryOptions) ([]*CoordinateEntry, *QueryMeta, error)
Nodes is used to return the coordinates of all the nodes in the LAN pool.
func (*Coordinate) Update ¶
func (c *Coordinate) Update(coord *CoordinateEntry, q *WriteOptions) (*WriteMeta, error)
Update inserts or updates the LAN coordinate of a node.
type CoordinateDatacenterMap ¶
type CoordinateDatacenterMap struct { Datacenter string AreaID string Coordinates []CoordinateEntry }
CoordinateDatacenterMap has the coordinates for servers in a given datacenter and area. Network coordinates are only compatible within the same area.
type CoordinateEntry ¶
type CoordinateEntry struct { Node string Segment string Partition string `json:",omitempty"` Coord *coordinate.Coordinate }
CoordinateEntry represents a node and its associated network coordinate.
type Debug ¶
type Debug struct {
// contains filtered or unexported fields
}
Debug can be used to query the /debug/pprof endpoints to gather profiling information about the target agent.Debug
The agent must have enable_debug set to true for profiling to be enabled and for these endpoints to function.
func (*Debug) PProf ¶
PProf returns a pprof profile for the specified number of seconds. The caller is responsible for closing the returned io.ReadCloser once all bytes are read.
type DestinationConfig ¶
type DestinationConfig struct { // Addresses of the endpoint; hostname or IP Addresses []string `json:",omitempty"` // Port allowed within this endpoint Port int `json:",omitempty"` }
DestinationConfig represents a virtual service, i.e. one that is external to Consul
type DiscoveryChain ¶
type DiscoveryChain struct {
// contains filtered or unexported fields
}
DiscoveryChain can be used to query the discovery-chain endpoints
func (*DiscoveryChain) Get ¶
func (d *DiscoveryChain) Get(name string, opts *DiscoveryChainOptions, q *QueryOptions) (*DiscoveryChainResponse, *QueryMeta, error)
type DiscoveryChainOptions ¶
type DiscoveryChainOptions struct { EvaluateInDatacenter string `json:"-"` // OverrideMeshGateway allows for the mesh gateway setting to be overridden // for any resolver in the compiled chain. OverrideMeshGateway MeshGatewayConfig `json:",omitempty"` // OverrideProtocol allows for the final protocol for the chain to be // altered. // // - If the chain ordinarily would be TCP and an L7 protocol is passed here // the chain will not include Routers or Splitters. // // - If the chain ordinarily would be L7 and TCP is passed here the chain // will not include Routers or Splitters. OverrideProtocol string `json:",omitempty"` // OverrideConnectTimeout allows for the ConnectTimeout setting to be // overridden for any resolver in the compiled chain. OverrideConnectTimeout time.Duration `json:",omitempty"` }
type DiscoveryChainResponse ¶
type DiscoveryChainResponse struct {
Chain *CompiledDiscoveryChain
}
type DiscoveryFailover ¶
type DiscoveryFailover struct { Targets []string Policy ServiceResolverFailoverPolicy `json:",omitempty"` }
compiled form of ServiceResolverFailover
type DiscoveryGraphNode ¶
type DiscoveryGraphNode struct { Type string Name string // this is NOT necessarily a service // fields for Type==router Routes []*DiscoveryRoute // fields for Type==splitter Splits []*DiscoverySplit // fields for Type==resolver Resolver *DiscoveryResolver // shared by Type==resolver || Type==splitter LoadBalancer *LoadBalancer `json:",omitempty"` }
DiscoveryGraphNode is a single node in the compiled discovery chain.
type DiscoveryResolver ¶
type DiscoveryResolver struct { Default bool ConnectTimeout time.Duration Target string Failover *DiscoveryFailover }
compiled form of ServiceResolverConfigEntry
func (*DiscoveryResolver) MarshalJSON ¶
func (r *DiscoveryResolver) MarshalJSON() ([]byte, error)
func (*DiscoveryResolver) UnmarshalJSON ¶
func (r *DiscoveryResolver) UnmarshalJSON(data []byte) error
type DiscoveryRoute ¶
type DiscoveryRoute struct { Definition *ServiceRoute NextNode string }
compiled form of ServiceRoute
type DiscoverySplit ¶
compiled form of ServiceSplit
type DiscoveryTarget ¶
type DiscoveryTarget struct { ID string Service string ServiceSubset string Namespace string Datacenter string MeshGateway MeshGatewayConfig Subset ServiceResolverSubset ConnectTimeout time.Duration External bool SNI string Name string }
DiscoveryTarget represents all of the inputs necessary to use a resolver config entry to execute a catalog query to generate a list of service instances during discovery.
func (*DiscoveryTarget) MarshalJSON ¶
func (t *DiscoveryTarget) MarshalJSON() ([]byte, error)
func (*DiscoveryTarget) UnmarshalJSON ¶
func (t *DiscoveryTarget) UnmarshalJSON(data []byte) error
type EnvoyExtension ¶
type EnvoyExtension struct { Name string Required bool Arguments map[string]interface{} `bexpr:"-"` ConsulVersion string EnvoyVersion string }
EnvoyExtension has configuration for an extension that patches Envoy resources.
type Event ¶
type Event struct {
// contains filtered or unexported fields
}
Event can be used to query the Event endpoints
func (*Event) Fire ¶
Fire is used to fire a new user event. Only the Name, Payload and Filters are respected. This returns the ID or an associated error. Cross DC requests are supported.
func (*Event) IDToIndex ¶
IDToIndex is a bit of a hack. This simulates the index generation to convert an event ID into a WaitIndex.
type ExportedService ¶
type ExportedService struct { // Name is the name of the service to be exported. Name string // Namespace is the namespace to export the service from. Namespace string `json:",omitempty"` // Consumers is a list of downstream consumers of the service to be exported. Consumers []ServiceConsumer `json:",omitempty"` }
ExportedService manages the exporting of a service in the local partition to other partitions.
type ExportedServicesConfigEntry ¶
type ExportedServicesConfigEntry struct { // Name is the name of the partition the ExportedServicesConfigEntry applies to. // Partitioning is a Consul Enterprise feature. Name string `json:",omitempty"` // Partition is the partition where the ExportedServicesConfigEntry is stored. // If the partition does not match the name, the name will overwrite the partition. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Services is a list of services to be exported and the list of partitions // to expose them to. Services []ExportedService `json:",omitempty"` Meta map[string]string `json:",omitempty"` // CreateIndex is the Raft index this entry was created at. This is a // read-only field. CreateIndex uint64 // ModifyIndex is used for the Check-And-Set operations and can also be fed // back into the WaitIndex of the QueryOptions in order to perform blocking // queries. ModifyIndex uint64 }
ExportedServicesConfigEntry manages the exported services for a single admin partition. Admin Partitions are a Consul Enterprise feature.
func (*ExportedServicesConfigEntry) GetCreateIndex ¶
func (e *ExportedServicesConfigEntry) GetCreateIndex() uint64
func (*ExportedServicesConfigEntry) GetKind ¶
func (e *ExportedServicesConfigEntry) GetKind() string
func (*ExportedServicesConfigEntry) GetMeta ¶
func (e *ExportedServicesConfigEntry) GetMeta() map[string]string
func (*ExportedServicesConfigEntry) GetModifyIndex ¶
func (e *ExportedServicesConfigEntry) GetModifyIndex() uint64
func (*ExportedServicesConfigEntry) GetName ¶
func (e *ExportedServicesConfigEntry) GetName() string
func (*ExportedServicesConfigEntry) GetNamespace ¶
func (e *ExportedServicesConfigEntry) GetNamespace() string
func (*ExportedServicesConfigEntry) GetPartition ¶
func (e *ExportedServicesConfigEntry) GetPartition() string
func (*ExportedServicesConfigEntry) MarshalJSON ¶
func (e *ExportedServicesConfigEntry) MarshalJSON() ([]byte, error)
MarshalJSON adds the Kind field so that the JSON can be decoded back into the correct type.
type ExposeConfig ¶
type ExposeConfig struct { // Checks defines whether paths associated with Consul checks will be exposed. // This flag triggers exposing all HTTP and GRPC check paths registered for the service. Checks bool `json:",omitempty"` // Paths is the list of paths exposed through the proxy. Paths []ExposePath `json:",omitempty"` }
ExposeConfig describes HTTP paths to expose through Envoy outside of Connect. Users can expose individual paths and/or all HTTP/GRPC paths for checks.
type ExposePath ¶
type ExposePath struct { // ListenerPort defines the port of the proxy's listener for exposed paths. ListenerPort int `json:",omitempty" alias:"listener_port"` // Path is the path to expose through the proxy, ie. "/metrics." Path string `json:",omitempty"` // LocalPathPort is the port that the service is listening on for the given path. LocalPathPort int `json:",omitempty" alias:"local_path_port"` // Protocol describes the upstream's service protocol. // Valid values are "http" and "http2", defaults to "http" Protocol string `json:",omitempty"` // ParsedFromCheck is set if this path was parsed from a registered check ParsedFromCheck bool }
type ForceLeaveOpts ¶
type GatewayConditionReason ¶
type GatewayConditionReason string
GatewayConditionReason defines the set of reasons that explain why a particular Gateway condition type has been raised.
type GatewayConditionType ¶
type GatewayConditionType string
GatewayConditionType is a type of condition associated with a Gateway. This type should be used with the GatewayStatus.Conditions field.
type GatewayService ¶
type GatewayService struct { Gateway CompoundServiceName Service CompoundServiceName GatewayKind ServiceKind Port int `json:",omitempty"` Protocol string `json:",omitempty"` Hosts []string `json:",omitempty"` CAFile string `json:",omitempty"` CertFile string `json:",omitempty"` KeyFile string `json:",omitempty"` SNI string `json:",omitempty"` FromWildcard bool `json:",omitempty"` }
GatewayService associates a gateway with a linked service. It also contains service-specific gateway configuration like ingress listener port and protocol.
type GatewayServiceTLSConfig ¶
type GatewayServiceTLSConfig struct { // SDS allows configuring TLS certificate from an SDS service. SDS *GatewayTLSSDSConfig `json:",omitempty"` }
type GatewayTLSConfig ¶
type GatewayTLSConfig struct { // Indicates that TLS should be enabled for this gateway service. Enabled bool // SDS allows configuring TLS certificate from an SDS service. SDS *GatewayTLSSDSConfig `json:",omitempty"` TLSMinVersion string `json:",omitempty" alias:"tls_min_version"` TLSMaxVersion string `json:",omitempty" alias:"tls_max_version"` // Define a subset of cipher suites to restrict // Only applicable to connections negotiated via TLS 1.2 or earlier CipherSuites []string `json:",omitempty" alias:"cipher_suites"` }
type GatewayTLSSDSConfig ¶
type GaugeValue ¶
GaugeValue stores one value that is updated as time goes on, such as the amount of memory allocated.
type HTTPFilters ¶
type HTTPFilters struct { Headers []HTTPHeaderFilter URLRewrite *URLRewrite }
HTTPFilters specifies a list of filters used to modify a request before it is routed to an upstream.
type HTTPHeaderFilter ¶
HTTPHeaderFilter specifies how HTTP headers should be modified.
type HTTPHeaderMatch ¶
type HTTPHeaderMatch struct { Match HTTPHeaderMatchType Name string Value string }
HTTPHeaderMatch specifies how a match should be done on a request's headers.
type HTTPHeaderMatchType ¶
type HTTPHeaderMatchType string
HTTPHeaderMatchType specifies how header matching criteria should be applied to a request.
const ( HTTPHeaderMatchExact HTTPHeaderMatchType = "exact" HTTPHeaderMatchPrefix HTTPHeaderMatchType = "prefix" HTTPHeaderMatchPresent HTTPHeaderMatchType = "present" HTTPHeaderMatchRegularExpression HTTPHeaderMatchType = "regex" HTTPHeaderMatchSuffix HTTPHeaderMatchType = "suffix" )
type HTTPHeaderModifiers ¶
type HTTPHeaderModifiers struct { // Add is a set of name -> value pairs that should be appended to the request // or response (i.e. allowing duplicates if the same header already exists). Add map[string]string `json:",omitempty"` // Set is a set of name -> value pairs that should be added to the request or // response, overwriting any existing header values of the same name. Set map[string]string `json:",omitempty"` // Remove is the set of header names that should be stripped from the request // or response. Remove []string `json:",omitempty"` }
HTTPHeaderModifiers is a set of rules for HTTP header modification that should be performed by proxies as the request passes through them. It can operate on either request or response headers depending on the context in which it is used.
type HTTPMatch ¶
type HTTPMatch struct { Headers []HTTPHeaderMatch Method HTTPMatchMethod Path HTTPPathMatch Query []HTTPQueryMatch }
HTTPMatch specifies the criteria that should be used in determining whether or not a request should be routed to a given set of services.
type HTTPMatchMethod ¶
type HTTPMatchMethod string
HTTPMatchMethod specifies which type of HTTP verb should be used for matching a given request.
const ( HTTPMatchMethodAll HTTPMatchMethod = "" HTTPMatchMethodConnect HTTPMatchMethod = "CONNECT" HTTPMatchMethodDelete HTTPMatchMethod = "DELETE" HTTPMatchMethodGet HTTPMatchMethod = "GET" HTTPMatchMethodHead HTTPMatchMethod = "HEAD" HTTPMatchMethodOptions HTTPMatchMethod = "OPTIONS" HTTPMatchMethodPatch HTTPMatchMethod = "PATCH" HTTPMatchMethodPost HTTPMatchMethod = "POST" HTTPMatchMethodPut HTTPMatchMethod = "PUT" HTTPMatchMethodTrace HTTPMatchMethod = "TRACE" )
type HTTPPathMatch ¶
type HTTPPathMatch struct { Match HTTPPathMatchType Value string }
HTTPPathMatch specifies how a match should be done on a request's path.
type HTTPPathMatchType ¶
type HTTPPathMatchType string
HTTPPathMatchType specifies how path matching criteria should be applied to a request.
const ( HTTPPathMatchExact HTTPPathMatchType = "exact" HTTPPathMatchPrefix HTTPPathMatchType = "prefix" HTTPPathMatchRegularExpression HTTPPathMatchType = "regex" )
type HTTPQueryMatch ¶
type HTTPQueryMatch struct { Match HTTPQueryMatchType Name string Value string }
HTTPQueryMatch specifies how a match should be done on a request's query parameters.
type HTTPQueryMatchType ¶
type HTTPQueryMatchType string
HTTPQueryMatchType specifies how querys matching criteria should be applied to a request.
const ( HTTPQueryMatchExact HTTPQueryMatchType = "exact" HTTPQueryMatchPresent HTTPQueryMatchType = "present" HTTPQueryMatchRegularExpression HTTPQueryMatchType = "regex" )
type HTTPRouteConfigEntry ¶
type HTTPRouteConfigEntry struct { // Kind of the config entry. This should be set to api.HTTPRoute. Kind string // Name is used to match the config entry with its associated http-route. Name string // Parents is a list of gateways that this route should be bound to Parents []ResourceReference // Rules are a list of HTTP-based routing rules that this route should // use for constructing a routing table. Rules []HTTPRouteRule // Hostnames are the hostnames for which this HTTPRoute should respond to requests. Hostnames []string Meta map[string]string `json:",omitempty"` // CreateIndex is the Raft index this entry was created at. This is a // read-only field. CreateIndex uint64 // ModifyIndex is used for the Check-And-Set operations and can also be fed // back into the WaitIndex of the QueryOptions in order to perform blocking // queries. ModifyIndex uint64 // Partition is the partition the config entry is associated with. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Namespace is the namespace the config entry is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // Status is the asynchronous status which an HTTPRoute propagates to the user. Status ConfigEntryStatus }
HTTPRouteConfigEntry manages the configuration for a HTTP route with the given name.
func (*HTTPRouteConfigEntry) GetCreateIndex ¶
func (r *HTTPRouteConfigEntry) GetCreateIndex() uint64
func (*HTTPRouteConfigEntry) GetKind ¶
func (r *HTTPRouteConfigEntry) GetKind() string
func (*HTTPRouteConfigEntry) GetMeta ¶
func (r *HTTPRouteConfigEntry) GetMeta() map[string]string
func (*HTTPRouteConfigEntry) GetModifyIndex ¶
func (r *HTTPRouteConfigEntry) GetModifyIndex() uint64
func (*HTTPRouteConfigEntry) GetName ¶
func (r *HTTPRouteConfigEntry) GetName() string
func (*HTTPRouteConfigEntry) GetNamespace ¶
func (r *HTTPRouteConfigEntry) GetNamespace() string
func (*HTTPRouteConfigEntry) GetPartition ¶
func (r *HTTPRouteConfigEntry) GetPartition() string
type HTTPRouteRule ¶
type HTTPRouteRule struct { // Filters is a list of HTTP-based filters used to modify a request prior // to routing it to the upstream service Filters HTTPFilters // Matches specified the matching criteria used in the routing table. If a // request matches the given HTTPMatch configuration, then traffic is routed // to services specified in the Services field. Matches []HTTPMatch // Services is a list of HTTP-based services to route to if the request matches // the rules specified in the Matches field. Services []HTTPService }
HTTPRouteRule specifies the routing rules used to determine what upstream service an HTTP request is routed to.
type HTTPService ¶
type HTTPService struct { Name string // Weight is an arbitrary integer used in calculating how much // traffic should be sent to the given service. Weight int // Filters is a list of HTTP-based filters used to modify a request prior // to routing it to the upstream service Filters HTTPFilters // Partition is the partition the config entry is associated with. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Namespace is the namespace the config entry is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` }
HTTPService is a service reference for HTTP-based routing rules
type HashPolicy ¶
type HashPolicy struct { // Field is the attribute type to hash on. // Must be one of "header","cookie", or "query_parameter". // Cannot be specified along with SourceIP. Field string `json:",omitempty"` // FieldValue is the value to hash. // ie. header name, cookie name, URL query parameter name // Cannot be specified along with SourceIP. FieldValue string `json:",omitempty" alias:"field_value"` // CookieConfig contains configuration for the "cookie" hash policy type. CookieConfig *CookieConfig `json:",omitempty" alias:"cookie_config"` // SourceIP determines whether the hash should be of the source IP rather than of a field and field value. // Cannot be specified along with Field or FieldValue. SourceIP bool `json:",omitempty" alias:"source_ip"` // Terminal will short circuit the computation of the hash when multiple hash policies are present. // If a hash is computed when a Terminal policy is evaluated, // then that hash will be used and subsequent hash policies will be ignored. Terminal bool `json:",omitempty"` }
HashPolicy defines which attributes will be hashed by hash-based LB algorithms
type Health ¶
type Health struct {
// contains filtered or unexported fields
}
Health can be used to query the Health endpoints
func (*Health) Checks ¶
func (h *Health) Checks(service string, q *QueryOptions) (HealthChecks, *QueryMeta, error)
Checks is used to return the checks associated with a service
func (*Health) Connect ¶
func (h *Health) Connect(service, tag string, passingOnly bool, q *QueryOptions) ([]*ServiceEntry, *QueryMeta, error)
Connect is equivalent to Service except that it will only return services which are Connect-enabled and will returns the connection address for Connect client's to use which may be a proxy in front of the named service. If passingOnly is true only instances where both the service and any proxy are healthy will be returned.
func (*Health) ConnectMultipleTags ¶
func (h *Health) ConnectMultipleTags(service string, tags []string, passingOnly bool, q *QueryOptions) ([]*ServiceEntry, *QueryMeta, error)
func (*Health) Ingress ¶
func (h *Health) Ingress(service string, passingOnly bool, q *QueryOptions) ([]*ServiceEntry, *QueryMeta, error)
Ingress is equivalent to Connect except that it will only return associated ingress gateways for the requested service.
func (*Health) Node ¶
func (h *Health) Node(node string, q *QueryOptions) (HealthChecks, *QueryMeta, error)
Node is used to query for checks belonging to a given node
func (*Health) Service ¶
func (h *Health) Service(service, tag string, passingOnly bool, q *QueryOptions) ([]*ServiceEntry, *QueryMeta, error)
Service is used to query health information along with service info for a given service. It can optionally do server-side filtering on a tag or nodes with passing health checks only.
func (*Health) ServiceMultipleTags ¶
func (h *Health) ServiceMultipleTags(service string, tags []string, passingOnly bool, q *QueryOptions) ([]*ServiceEntry, *QueryMeta, error)
func (*Health) State ¶
func (h *Health) State(state string, q *QueryOptions) (HealthChecks, *QueryMeta, error)
State is used to retrieve all the checks in a given state. The wildcard "any" state can also be used for all checks.
type HealthCheck ¶
type HealthCheck struct { Node string CheckID string Name string Status string Notes string Output string ServiceID string ServiceName string ServiceTags []string Type string Namespace string `json:",omitempty"` Partition string `json:",omitempty"` ExposedPort int PeerName string `json:",omitempty"` Definition HealthCheckDefinition CreateIndex uint64 ModifyIndex uint64 }
HealthCheck is used to represent a single check
type HealthCheckDefinition ¶
type HealthCheckDefinition struct { HTTP string Header map[string][]string Method string Body string TLSServerName string TLSSkipVerify bool TCP string UDP string GRPC string OSService string GRPCUseTLS bool IntervalDuration time.Duration `json:"-"` TimeoutDuration time.Duration `json:"-"` DeregisterCriticalServiceAfterDuration time.Duration `json:"-"` // DEPRECATED in Consul 1.4.1. Use the above time.Duration fields instead. Interval ReadableDuration Timeout ReadableDuration DeregisterCriticalServiceAfter ReadableDuration }
HealthCheckDefinition is used to store the details about a health check's execution.
func (*HealthCheckDefinition) MarshalJSON ¶
func (d *HealthCheckDefinition) MarshalJSON() ([]byte, error)
func (*HealthCheckDefinition) UnmarshalJSON ¶
func (t *HealthCheckDefinition) UnmarshalJSON(data []byte) (err error)
type HealthChecks ¶
type HealthChecks []*HealthCheck
HealthChecks is a collection of HealthCheck structs.
func (HealthChecks) AggregatedStatus ¶
func (c HealthChecks) AggregatedStatus() string
AggregatedStatus returns the "best" status for the list of health checks. Because a given entry may have many service and node-level health checks attached, this function determines the best representative of the status as as single string using the following heuristic:
maintenance > critical > warning > passing
type HttpBasicAuth ¶
type HttpBasicAuth struct { // Username to use for HTTP Basic Authentication Username string // Password to use for HTTP Basic Authentication Password string }
HttpBasicAuth is used to authenticate http client with HTTP Basic Authentication
type IngressGatewayConfigEntry ¶
type IngressGatewayConfigEntry struct { // Kind of the config entry. This should be set to api.IngressGateway. Kind string // Name is used to match the config entry with its associated ingress gateway // service. This should match the name provided in the service definition. Name string // Partition is the partition the IngressGateway is associated with. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Namespace is the namespace the IngressGateway is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // TLS holds the TLS configuration for this gateway. TLS GatewayTLSConfig // Listeners declares what ports the ingress gateway should listen on, and // what services to associated to those ports. Listeners []IngressListener Meta map[string]string `json:",omitempty"` // Defaults is default configuration for all upstream services Defaults *IngressServiceConfig `json:",omitempty"` // CreateIndex is the Raft index this entry was created at. This is a // read-only field. CreateIndex uint64 // ModifyIndex is used for the Check-And-Set operations and can also be fed // back into the WaitIndex of the QueryOptions in order to perform blocking // queries. ModifyIndex uint64 }
IngressGatewayConfigEntry manages the configuration for an ingress service with the given name.
func (*IngressGatewayConfigEntry) GetCreateIndex ¶
func (i *IngressGatewayConfigEntry) GetCreateIndex() uint64
func (*IngressGatewayConfigEntry) GetKind ¶
func (i *IngressGatewayConfigEntry) GetKind() string
func (*IngressGatewayConfigEntry) GetMeta ¶
func (i *IngressGatewayConfigEntry) GetMeta() map[string]string
func (*IngressGatewayConfigEntry) GetModifyIndex ¶
func (i *IngressGatewayConfigEntry) GetModifyIndex() uint64
func (*IngressGatewayConfigEntry) GetName ¶
func (i *IngressGatewayConfigEntry) GetName() string
func (*IngressGatewayConfigEntry) GetNamespace ¶
func (i *IngressGatewayConfigEntry) GetNamespace() string
func (*IngressGatewayConfigEntry) GetPartition ¶
func (i *IngressGatewayConfigEntry) GetPartition() string
type IngressListener ¶
type IngressListener struct { // Port declares the port on which the ingress gateway should listen for traffic. Port int // Protocol declares what type of traffic this listener is expected to // receive. Depending on the protocol, a listener might support multiplexing // services over a single port, or additional discovery chain features. The // current supported values are: (tcp | http | http2 | grpc). Protocol string // Services declares the set of services to which the listener forwards // traffic. // // For "tcp" protocol listeners, only a single service is allowed. // For "http" listeners, multiple services can be declared. Services []IngressService // TLS allows specifying some TLS configuration per listener. TLS *GatewayTLSConfig `json:",omitempty"` }
IngressListener manages the configuration for a listener on a specific port.
type IngressService ¶
type IngressService struct { // Name declares the service to which traffic should be forwarded. // // This can either be a specific service, or the wildcard specifier, // "*". If the wildcard specifier is provided, the listener must be of "http" // protocol and means that the listener will forward traffic to all services. // // A name can be specified on multiple listeners, and will be exposed on both // of the listeners. Name string // Hosts is a list of hostnames which should be associated to this service on // the defined listener. Only allowed on layer 7 protocols, this will be used // to route traffic to the service by matching the Host header of the HTTP // request. // // If a host is provided for a service that also has a wildcard specifier // defined, the host will override the wildcard-specifier-provided // "<service-name>.*" domain for that listener. // // This cannot be specified when using the wildcard specifier, "*", or when // using a "tcp" listener. Hosts []string // Namespace is the namespace where the service is located. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // Partition is the partition where the service is located. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // TLS allows specifying some TLS configuration per listener. TLS *GatewayServiceTLSConfig `json:",omitempty"` // Allow HTTP header manipulation to be configured. RequestHeaders *HTTPHeaderModifiers `json:",omitempty" alias:"request_headers"` ResponseHeaders *HTTPHeaderModifiers `json:",omitempty" alias:"response_headers"` MaxConnections *uint32 `json:",omitempty" alias:"max_connections"` MaxPendingRequests *uint32 `json:",omitempty" alias:"max_pending_requests"` MaxConcurrentRequests *uint32 `json:",omitempty" alias:"max_concurrent_requests"` // PassiveHealthCheck configuration determines how upstream proxy instances will // be monitored for removal from the load balancing pool. PassiveHealthCheck *PassiveHealthCheck `json:",omitempty" alias:"passive_health_check"` }
IngressService manages configuration for services that are exposed to ingress traffic.
type IngressServiceConfig ¶
type IngressServiceConfig struct { MaxConnections *uint32 MaxPendingRequests *uint32 MaxConcurrentRequests *uint32 // PassiveHealthCheck configuration determines how upstream proxy instances will // be monitored for removal from the load balancing pool. PassiveHealthCheck *PassiveHealthCheck `json:",omitempty" alias:"passive_health_check"` }
type InlineCertificateConfigEntry ¶
type InlineCertificateConfigEntry struct { // Kind of the config entry. This should be set to api.InlineCertificate. Kind string // Name is used to match the config entry with its associated tcp-route // service. This should match the name provided in the service definition. Name string // Certificate is the public certificate component of an x509 key pair encoded in raw PEM format. Certificate string // PrivateKey is the private key component of an x509 key pair encoded in raw PEM format. PrivateKey string `alias:"private_key"` Meta map[string]string `json:",omitempty"` // CreateIndex is the Raft index this entry was created at. This is a // read-only field. CreateIndex uint64 // ModifyIndex is used for the Check-And-Set operations and can also be fed // back into the WaitIndex of the QueryOptions in order to perform blocking // queries. ModifyIndex uint64 // Partition is the partition the config entry is associated with. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Namespace is the namespace the config entry is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` }
InlineCertificateConfigEntry -- TODO stub
func (*InlineCertificateConfigEntry) GetCreateIndex ¶
func (a *InlineCertificateConfigEntry) GetCreateIndex() uint64
func (*InlineCertificateConfigEntry) GetKind ¶
func (a *InlineCertificateConfigEntry) GetKind() string
func (*InlineCertificateConfigEntry) GetMeta ¶
func (a *InlineCertificateConfigEntry) GetMeta() map[string]string
func (*InlineCertificateConfigEntry) GetModifyIndex ¶
func (a *InlineCertificateConfigEntry) GetModifyIndex() uint64
func (*InlineCertificateConfigEntry) GetName ¶
func (a *InlineCertificateConfigEntry) GetName() string
func (*InlineCertificateConfigEntry) GetNamespace ¶
func (a *InlineCertificateConfigEntry) GetNamespace() string
func (*InlineCertificateConfigEntry) GetPartition ¶
func (a *InlineCertificateConfigEntry) GetPartition() string
type Intention ¶
type Intention struct { // ID is the UUID-based ID for the intention, always generated by Consul. ID string `json:",omitempty"` // Description is a human-friendly description of this intention. // It is opaque to Consul and is only stored and transferred in API // requests. Description string `json:",omitempty"` // SourceNS, SourceName are the namespace and name, respectively, of // the source service. Either of these may be the wildcard "*", but only // the full value can be a wildcard. Partial wildcards are not allowed. // The source may also be a non-Consul service, as specified by SourceType. // // DestinationNS, DestinationName is the same, but for the destination // service. The same rules apply. The destination is always a Consul // service. SourceNS, SourceName string DestinationNS, DestinationName string // SourcePartition and DestinationPartition cannot be wildcards "*" and // are not compatible with legacy intentions. SourcePartition string `json:",omitempty"` DestinationPartition string `json:",omitempty"` // SourcePeer cannot be a wildcard "*" and is not compatible with legacy // intentions. Cannot be used with SourcePartition, as both represent the // same level of tenancy (partition is local to cluster, peer is remote). SourcePeer string `json:",omitempty"` // SourceSamenessGroup cannot be wildcards "*" and // is not compatible with legacy intentions. SourceSamenessGroup string `json:",omitempty"` // SourceType is the type of the value for the source. SourceType IntentionSourceType // Action is whether this is an allowlist or denylist intention. Action IntentionAction `json:",omitempty"` // Permissions is the list of additional L7 attributes that extend the // intention definition. // // NOTE: This field is not editable unless editing the underlying // service-intentions config entry directly. Permissions []*IntentionPermission `json:",omitempty"` // DefaultAddr is not used. // Deprecated: DefaultAddr is not used and may be removed in a future version. DefaultAddr string `json:",omitempty"` // DefaultPort is not used. // Deprecated: DefaultPort is not used and may be removed in a future version. DefaultPort int `json:",omitempty"` // Meta is arbitrary metadata associated with the intention. This is // opaque to Consul but is served in API responses. Meta map[string]string `json:",omitempty"` // Precedence is the order that the intention will be applied, with // larger numbers being applied first. This is a read-only field, on // any intention update it is updated. Precedence int // CreatedAt and UpdatedAt keep track of when this record was created // or modified. CreatedAt, UpdatedAt time.Time // Hash of the contents of the intention // // This is needed mainly for replication purposes. When replicating from // one DC to another keeping the content Hash will allow us to detect // content changes more efficiently than checking every single field Hash []byte `json:",omitempty"` CreateIndex uint64 ModifyIndex uint64 }
Intention defines an intention for the Connect Service Graph. This defines the allowed or denied behavior of a connection between two services using Connect.
func (*Intention) DestinationString ¶
DestinationString returns the namespace/name format for the source, or just "name" if the namespace is the default namespace.
func (*Intention) SourceString ¶
SourceString returns the namespace/name format for the source, or just "name" if the namespace is the default namespace.
type IntentionAction ¶
type IntentionAction string
IntentionAction is the action that the intention represents. This can be "allow" or "deny" to allowlist or denylist intentions.
const ( IntentionActionAllow IntentionAction = "allow" IntentionActionDeny IntentionAction = "deny" )
type IntentionCheck ¶
type IntentionCheck struct {
// Source and Destination are the source and destination values to
// check. The destination is always a Consul service, but the source
// may be other values as defined by the SourceType.
Source, Destination string
// SourceType is the type of the value for the source.
SourceType IntentionSourceType
}
IntentionCheck are the arguments for the intention check API. For more documentation see the IntentionCheck function.
type IntentionHTTPPermission ¶
type IntentionHTTPPermission struct { PathExact string `json:",omitempty" alias:"path_exact"` PathPrefix string `json:",omitempty" alias:"path_prefix"` PathRegex string `json:",omitempty" alias:"path_regex"` Header []IntentionHTTPHeaderPermission `json:",omitempty"` Methods []string `json:",omitempty"` }
type IntentionJWTClaimVerification ¶
type IntentionJWTClaimVerification struct { // Path is the path to the claim in the token JSON. Path []string `json:",omitempty"` // Value is the expected value at the given path: // - If the type at the path is a list then we verify // that this value is contained in the list. // // - If the type at the path is a string then we verify // that this value matches. Value string `json:",omitempty"` }
type IntentionJWTProvider ¶
type IntentionJWTProvider struct { // Name is the name of the JWT provider. There MUST be a corresponding // "jwt-provider" config entry with this name. Name string `json:",omitempty"` // VerifyClaims is a list of additional claims to verify in a JWT's payload. VerifyClaims []*IntentionJWTClaimVerification `json:",omitempty" alias:"verify_claims"` }
type IntentionJWTRequirement ¶
type IntentionJWTRequirement struct { // Providers is a list of providers to consider when verifying a JWT. Providers []*IntentionJWTProvider `json:",omitempty"` }
type IntentionMatch ¶
type IntentionMatch struct { By IntentionMatchType Names []string }
IntentionMatch are the arguments for the intention match API.
type IntentionMatchType ¶
type IntentionMatchType string
IntentionMatchType is the target for a match request. For example, matching by source will look for all intentions that match the given source value.
const ( IntentionMatchSource IntentionMatchType = "source" IntentionMatchDestination IntentionMatchType = "destination" )
type IntentionPermission ¶
type IntentionPermission struct { Action IntentionAction HTTP *IntentionHTTPPermission `json:",omitempty"` JWT *IntentionJWTRequirement `json:",omitempty"` }
type IntentionSourceType ¶
type IntentionSourceType string
IntentionSourceType is the type of the source within an intention.
const ( // IntentionSourceConsul is a service within the Consul catalog. IntentionSourceConsul IntentionSourceType = "consul" )
type Internal ¶
type Internal struct {
// contains filtered or unexported fields
}
Internal can be used to query endpoints that are intended for Hashicorp internal-use only.
func (*Internal) AssignServiceVirtualIP ¶
func (i *Internal) AssignServiceVirtualIP( ctx context.Context, service string, manualVIPs []string, wo *WriteOptions, ) (*AssignServiceManualVIPsResponse, *QueryMeta, error)
type JSONWebKeySet ¶
type JSONWebKeySet struct { // Local specifies a local source for the key set. Local *LocalJWKS `json:",omitempty"` // Remote specifies how to fetch a key set from a remote server. Remote *RemoteJWKS `json:",omitempty"` }
JSONWebKeySet defines a key set, its location on disk, or the means with which to fetch a key set from a remote server.
Exactly one of Local or Remote must be specified.
type JWKSCluster ¶
type JWKSCluster struct { // DiscoveryType refers to the service discovery type to use for resolving the cluster. // // This defaults to STRICT_DNS. // Other options include STATIC, LOGICAL_DNS, EDS or ORIGINAL_DST. DiscoveryType ClusterDiscoveryType `json:",omitempty" alias:"discovery_type"` // TLSCertificates refers to the data containing certificate authority certificates to use // in verifying a presented peer certificate. // If not specified and a peer certificate is presented it will not be verified. // // Must be either CaCertificateProviderInstance or TrustedCA. TLSCertificates *JWKSTLSCertificate `json:",omitempty" alias:"tls_certificates"` // The timeout for new network connections to hosts in the cluster. // If not set, a default value of 5s will be used. ConnectTimeout time.Duration `json:",omitempty" alias:"connect_timeout"` }
type JWKSRetryPolicy ¶
type JWKSRetryPolicy struct { // NumRetries is the number of times to retry fetching the JWKS. // The retry strategy uses jittered exponential backoff with // a base interval of 1s and max of 10s. // // Default value is 0. NumRetries int `json:",omitempty" alias:"num_retries"` // Backoff policy // // Defaults to Envoy's backoff policy RetryPolicyBackOff *RetryPolicyBackOff `json:",omitempty" alias:"retry_policy_back_off"` }
type JWKSTLSCertProviderInstance ¶
type JWKSTLSCertProviderInstance struct { // InstanceName refers to the certificate provider instance name // // The default value is "default". InstanceName string `json:",omitempty" alias:"instance_name"` // CertificateName is used to specify certificate instances or types. For example, "ROOTCA" to specify // a root-certificate (validation context) or "example.com" to specify a certificate for a // particular domain. // // The default value is the empty string. CertificateName string `json:",omitempty" alias:"certificate_name"` }
type JWKSTLSCertTrustedCA ¶
type JWKSTLSCertTrustedCA struct { Filename string `json:",omitempty" alias:"filename"` EnvironmentVariable string `json:",omitempty" alias:"environment_variable"` InlineString string `json:",omitempty" alias:"inline_string"` InlineBytes []byte `json:",omitempty" alias:"inline_bytes"` }
JWKSTLSCertTrustedCA defines TLS certificate data containing certificate authority certificates to use in verifying a presented peer certificate.
Exactly one of Filename, EnvironmentVariable, InlineString or InlineBytes must be specified.
type JWKSTLSCertificate ¶
type JWKSTLSCertificate struct { // CaCertificateProviderInstance Certificate provider instance for fetching TLS certificates. CaCertificateProviderInstance *JWKSTLSCertProviderInstance `json:",omitempty" alias:"ca_certificate_provider_instance"` // TrustedCA defines TLS certificate data containing certificate authority certificates // to use in verifying a presented peer certificate. // // Exactly one of Filename, EnvironmentVariable, InlineString or InlineBytes must be specified. TrustedCA *JWKSTLSCertTrustedCA `json:",omitempty" alias:"trusted_ca"` }
JWKSTLSCertificate refers to the data containing certificate authority certificates to use in verifying a presented peer certificate. If not specified and a peer certificate is presented it will not be verified.
Must be either CaCertificateProviderInstance or TrustedCA.
type JWTCacheConfig ¶
type JWTCacheConfig struct { // Size specifies the maximum number of JWT verification // results to cache. // // Defaults to 0, meaning that JWT caching is disabled. Size int `json:",omitempty"` }
type JWTForwardingConfig ¶
type JWTForwardingConfig struct { // HeaderName is a header name to use when forwarding a verified // JWT to the backend. The verified JWT could have been extracted // from any location (query param, header, or cookie). // // The header value will be base64-URL-encoded, and will not be // padded unless PadForwardPayloadHeader is true. HeaderName string `json:",omitempty" alias:"header_name"` // PadForwardPayloadHeader determines whether padding should be added // to the base64 encoded token forwarded with ForwardPayloadHeader. // // Default value is false. PadForwardPayloadHeader bool `json:",omitempty" alias:"pad_forward_payload_header"` }
type JWTLocation ¶
type JWTLocation struct { // Header defines how to extract a JWT from an HTTP request header. Header *JWTLocationHeader `json:",omitempty"` // QueryParam defines how to extract a JWT from an HTTP request // query parameter. QueryParam *JWTLocationQueryParam `json:",omitempty" alias:"query_param"` // Cookie defines how to extract a JWT from an HTTP request cookie. Cookie *JWTLocationCookie `json:",omitempty"` }
JWTLocation is a location where the JWT could be present in requests.
Only one of Header, QueryParam, or Cookie can be specified.
type JWTLocationCookie ¶
type JWTLocationCookie struct { // Name is the name of the cookie containing the token. Name string `json:",omitempty"` }
JWTLocationCookie defines how to extract a JWT from an HTTP request cookie.
type JWTLocationHeader ¶
type JWTLocationHeader struct { // Name is the name of the header containing the token. Name string `json:",omitempty"` // ValuePrefix is an optional prefix that precedes the token in the // header value. // For example, "Bearer " is a standard value prefix for a header named // "Authorization", but the prefix is not part of the token itself: // "Authorization: Bearer <token>" ValuePrefix string `json:",omitempty" alias:"value_prefix"` // Forward defines whether the header with the JWT should be // forwarded after the token has been verified. If false, the // header will not be forwarded to the backend. // // Default value is false. Forward bool `json:",omitempty"` }
JWTLocationHeader defines how to extract a JWT from an HTTP request header.
type JWTLocationQueryParam ¶
type JWTLocationQueryParam struct { // Name is the name of the query param containing the token. Name string `json:",omitempty"` }
JWTLocationQueryParam defines how to extract a JWT from an HTTP request query parameter.
type JWTProviderConfigEntry ¶
type JWTProviderConfigEntry struct { // Kind is the kind of configuration entry and must be "jwt-provider". Kind string `json:",omitempty"` // Name is the name of the provider being configured. Name string `json:",omitempty"` // JSONWebKeySet defines a JSON Web Key Set, its location on disk, or the // means with which to fetch a key set from a remote server. JSONWebKeySet *JSONWebKeySet `json:",omitempty" alias:"json_web_key_set"` // Issuer is the entity that must have issued the JWT. // This value must match the "iss" claim of the token. Issuer string `json:",omitempty"` // Audiences is the set of audiences the JWT is allowed to access. // If specified, all JWTs verified with this provider must address // at least one of these to be considered valid. Audiences []string `json:",omitempty"` // Locations where the JWT will be present in requests. // Envoy will check all of these locations to extract a JWT. // If no locations are specified Envoy will default to: // 1. Authorization header with Bearer schema: // "Authorization: Bearer <token>" // 2. access_token query parameter. Locations []*JWTLocation `json:",omitempty"` // Forwarding defines rules for forwarding verified JWTs to the backend. Forwarding *JWTForwardingConfig `json:",omitempty"` // ClockSkewSeconds specifies the maximum allowable time difference // from clock skew when validating the "exp" (Expiration) and "nbf" // (Not Before) claims. // // Default value is 30 seconds. ClockSkewSeconds int `json:",omitempty" alias:"clock_skew_seconds"` // CacheConfig defines configuration for caching the validation // result for previously seen JWTs. Caching results can speed up // verification when individual tokens are expected to be handled // multiple times. CacheConfig *JWTCacheConfig `json:",omitempty" alias:"cache_config"` Meta map[string]string `json:",omitempty"` // CreateIndex is the Raft index this entry was created at. This is a // read-only field. CreateIndex uint64 `json:",omitempty"` // ModifyIndex is used for the Check-And-Set operations and can also be fed // back into the WaitIndex of the QueryOptions in order to perform blocking // queries. ModifyIndex uint64 `json:",omitempty"` // Partition is the partition the JWTProviderConfigEntry applies to. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Namespace is the namespace the JWTProviderConfigEntry applies to. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` }
func (*JWTProviderConfigEntry) GetCreateIndex ¶
func (e *JWTProviderConfigEntry) GetCreateIndex() uint64
func (*JWTProviderConfigEntry) GetKind ¶
func (e *JWTProviderConfigEntry) GetKind() string
func (*JWTProviderConfigEntry) GetMeta ¶
func (e *JWTProviderConfigEntry) GetMeta() map[string]string
func (*JWTProviderConfigEntry) GetModifyIndex ¶
func (e *JWTProviderConfigEntry) GetModifyIndex() uint64
func (*JWTProviderConfigEntry) GetName ¶
func (e *JWTProviderConfigEntry) GetName() string
func (*JWTProviderConfigEntry) GetNamespace ¶
func (e *JWTProviderConfigEntry) GetNamespace() string
func (*JWTProviderConfigEntry) GetPartition ¶
func (e *JWTProviderConfigEntry) GetPartition() string
type KV ¶
type KV struct {
// contains filtered or unexported fields
}
KV is used to manipulate the K/V API
func (*KV) Acquire ¶
Acquire is used for a lock acquisition operation. The Key, Flags, Value and Session are respected. Returns true on success or false on failures.
func (*KV) CAS ¶
CAS is used for a Check-And-Set operation. The Key, ModifyIndex, Flags and Value are respected. Returns true on success or false on failures.
func (*KV) Delete ¶
func (k *KV) Delete(key string, w *WriteOptions) (*WriteMeta, error)
Delete is used to delete a single key
func (*KV) DeleteCAS ¶
DeleteCAS is used for a Delete Check-And-Set operation. The Key and ModifyIndex are respected. Returns true on success or false on failures.
func (*KV) DeleteTree ¶
func (k *KV) DeleteTree(prefix string, w *WriteOptions) (*WriteMeta, error)
DeleteTree is used to delete all keys under a prefix
func (*KV) Get ¶
Get is used to lookup a single key. The returned pointer to the KVPair will be nil if the key does not exist.
func (*KV) Keys ¶
Keys is used to list all the keys under a prefix. Optionally, a separator can be used to limit the responses.
func (*KV) Put ¶
func (k *KV) Put(p *KVPair, q *WriteOptions) (*WriteMeta, error)
Put is used to write a new value. Only the Key, Flags and Value is respected.
func (*KV) Release ¶
Release is used for a lock release operation. The Key, Flags, Value and Session are respected. Returns true on success or false on failures.
func (*KV) Txn ¶
func (k *KV) Txn(txn KVTxnOps, q *QueryOptions) (bool, *KVTxnResponse, *QueryMeta, error)
The Txn function has been deprecated from the KV object; please see the Txn object for more information about Transactions.
type KVOp ¶
type KVOp string
KVOp constants give possible operations available in a transaction.
const ( KVSet KVOp = "set" KVDelete KVOp = "delete" KVDeleteCAS KVOp = "delete-cas" KVDeleteTree KVOp = "delete-tree" KVCAS KVOp = "cas" KVLock KVOp = "lock" KVUnlock KVOp = "unlock" KVGet KVOp = "get" KVGetOrEmpty KVOp = "get-or-empty" KVGetTree KVOp = "get-tree" KVCheckSession KVOp = "check-session" KVCheckIndex KVOp = "check-index" KVCheckNotExists KVOp = "check-not-exists" )
type KVPair ¶
type KVPair struct { // Key is the name of the key. It is also part of the URL path when accessed // via the API. Key string // CreateIndex holds the index corresponding the creation of this KVPair. This // is a read-only field. CreateIndex uint64 // ModifyIndex is used for the Check-And-Set operations and can also be fed // back into the WaitIndex of the QueryOptions in order to perform blocking // queries. ModifyIndex uint64 // LockIndex holds the index corresponding to a lock on this key, if any. This // is a read-only field. LockIndex uint64 // Flags are any user-defined flags on the key. It is up to the implementer // to check these values, since Consul does not treat them specially. Flags uint64 // Value is the value for the key. This can be any value, but it will be // base64 encoded upon transport. Value []byte // Session is a string representing the ID of the session. Any other // interactions with this key over the same session must specify the same // session ID. Session string // Namespace is the namespace the KVPair is associated with // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // Partition is the partition the KVPair is associated with // Admin Partition is a Consul Enterprise feature. Partition string `json:",omitempty"` }
KVPair is used to represent a single K/V entry
type KVTxnOp ¶
type KVTxnOp struct { Verb KVOp Key string Value []byte Flags uint64 Index uint64 Session string Namespace string `json:",omitempty"` Partition string `json:",omitempty"` }
KVTxnOp defines a single operation inside a transaction.
type KVTxnOps ¶
type KVTxnOps []*KVTxnOp
KVTxnOps defines a set of operations to be performed inside a single transaction.
type KVTxnResponse ¶
KVTxnResponse has the outcome of a transaction.
type KeyringResponse ¶
type KeyringResponse struct { // Whether this response is for a WAN ring WAN bool // The datacenter name this request corresponds to Datacenter string // Segment has the network segment this request corresponds to. Segment string // Partition has the admin partition this request corresponds to. Partition string `json:",omitempty"` // Messages has information or errors from serf Messages map[string]string `json:",omitempty"` // A map of the encryption keys to the number of nodes they're installed on Keys map[string]int // A map of the encryption primary keys to the number of nodes they're installed on PrimaryKeys map[string]int // The total number of nodes in this ring NumNodes int }
KeyringResponse is returned when listing the gossip encryption keys
type KubernetesAuthMethodConfig ¶
type KubernetesAuthMethodConfig struct { Host string `json:",omitempty"` CACert string `json:",omitempty"` ServiceAccountJWT string `json:",omitempty"` }
KubernetesAuthMethodConfig is the config for the built-in Consul auth method for Kubernetes.
func ParseKubernetesAuthMethodConfig ¶
func ParseKubernetesAuthMethodConfig(raw map[string]interface{}) (*KubernetesAuthMethodConfig, error)
ParseKubernetesAuthMethodConfig takes a raw config map and returns a parsed KubernetesAuthMethodConfig.
func (*KubernetesAuthMethodConfig) RenderToConfig ¶
func (c *KubernetesAuthMethodConfig) RenderToConfig() map[string]interface{}
RenderToConfig converts this into a map[string]interface{} suitable for use in the ACLAuthMethod.Config field.
type LeafCert ¶
type LeafCert struct { // SerialNumber is the unique serial number for this certificate. // This is encoded in standard hex separated by :. SerialNumber string // CertPEM and PrivateKeyPEM are the PEM-encoded certificate and private // key for that cert, respectively. This should not be stored in the // state store, but is present in the sign API response. CertPEM string `json:",omitempty"` PrivateKeyPEM string `json:",omitempty"` // Service is the name of the service for which the cert was issued. // ServiceURI is the cert URI value. Service string ServiceURI string // ValidAfter and ValidBefore are the validity periods for the // certificate. ValidAfter time.Time ValidBefore time.Time CreateIndex uint64 ModifyIndex uint64 }
LeafCert is a certificate that has been issued by a Connect CA.
type LeastRequestConfig ¶
type LeastRequestConfig struct { // ChoiceCount determines the number of random healthy hosts from which to select the one with the least requests. ChoiceCount uint32 `json:",omitempty" alias:"choice_count"` }
LeastRequestConfig contains configuration for the "least_request" policy type
type License ¶
type License struct { // The unique identifier of the license LicenseID string `json:"license_id"` // The customer ID associated with the license CustomerID string `json:"customer_id"` // If set, an identifier that should be used to lock the license to a // particular site, cluster, etc. InstallationID string `json:"installation_id"` // The time at which the license was issued IssueTime time.Time `json:"issue_time"` // The time at which the license starts being valid StartTime time.Time `json:"start_time"` // The time after which the license expires ExpirationTime time.Time `json:"expiration_time"` // The time at which the license ceases to function and can // no longer be used in any capacity TerminationTime time.Time `json:"termination_time"` // Whether the license will ignore termination IgnoreTermination bool `json:"ignore_termination"` // The product the license is valid for Product string `json:"product"` // License Specific Flags Flags map[string]interface{} `json:"flags"` // Modules is a list of the licensed enterprise modules Modules []string `json:"modules"` // List of features enabled by the license Features []string `json:"features"` }
type LicenseReply ¶
type LinkedService ¶
type LinkedService struct { // Namespace is where the service is registered. Namespace string `json:",omitempty"` // Name is the name of the service, as defined in Consul's catalog. Name string `json:",omitempty"` // CAFile is the optional path to a CA certificate to use for TLS connections // from the gateway to the linked service. CAFile string `json:",omitempty" alias:"ca_file"` // CertFile is the optional path to a client certificate to use for TLS connections // from the gateway to the linked service. CertFile string `json:",omitempty" alias:"cert_file"` // KeyFile is the optional path to a private key to use for TLS connections // from the gateway to the linked service. KeyFile string `json:",omitempty" alias:"key_file"` // SNI is the optional name to specify during the TLS handshake with a linked service. SNI string `json:",omitempty"` }
A LinkedService is a service represented by a terminating gateway
type LoadBalancer ¶
type LoadBalancer struct { // Policy is the load balancing policy used to select a host Policy string `json:",omitempty"` // RingHashConfig contains configuration for the "ring_hash" policy type RingHashConfig *RingHashConfig `json:",omitempty" alias:"ring_hash_config"` // LeastRequestConfig contains configuration for the "least_request" policy type LeastRequestConfig *LeastRequestConfig `json:",omitempty" alias:"least_request_config"` // HashPolicies is a list of hash policies to use for hashing load balancing algorithms. // Hash policies are evaluated individually and combined such that identical lists // result in the same hash. // If no hash policies are present, or none are successfully evaluated, // then a random backend host will be selected. HashPolicies []HashPolicy `json:",omitempty" alias:"hash_policies"` }
LoadBalancer determines the load balancing policy and configuration for services issuing requests to this upstream service.
type LocalJWKS ¶
type LocalJWKS struct { // JWKS contains a base64 encoded JWKS. JWKS string `json:",omitempty"` // Filename configures a location on disk where the JWKS can be // found. If specified, the file must be present on the disk of ALL // proxies with intentions referencing this provider. Filename string `json:",omitempty"` }
LocalJWKS specifies a location for a local JWKS.
Only one of String and Filename can be specified.
type Locality ¶
type Locality struct { // Region is region the zone belongs to. Region string // Zone is the zone the entity is running in. Zone string }
Locality identifies where a given entity is running.
type Lock ¶
type Lock struct {
// contains filtered or unexported fields
}
Lock is used to implement client-side leader election. It is follows the algorithm as described here: https://www.consul.io/docs/guides/leader-election.html.
func (*Lock) Destroy ¶
Destroy is used to cleanup the lock entry. It is not necessary to invoke. It will fail if the lock is in use.
func (*Lock) Lock ¶
Lock attempts to acquire the lock and blocks while doing so. Providing a non-nil stopCh can be used to abort the lock attempt. Returns a channel that is closed if our lock is lost or an error. This channel could be closed at any time due to session invalidation, communication errors, operator intervention, etc. It is NOT safe to assume that the lock is held until Unlock() unless the Session is specifically created without any associated health checks. By default Consul sessions prefer liveness over safety and an application must be able to handle the lock being lost.
type LockOptions ¶
type LockOptions struct { Key string // Must be set and have write permissions Value []byte // Optional, value to associate with the lock Session string // Optional, created if not specified SessionOpts *SessionEntry // Optional, options to use when creating a session SessionName string // Optional, defaults to DefaultLockSessionName (ignored if SessionOpts is given) SessionTTL string // Optional, defaults to DefaultLockSessionTTL (ignored if SessionOpts is given) MonitorRetries int // Optional, defaults to 0 which means no retries MonitorRetryTime time.Duration // Optional, defaults to DefaultMonitorRetryTime LockWaitTime time.Duration // Optional, defaults to DefaultLockWaitTime LockTryOnce bool // Optional, defaults to false which means try forever LockDelay time.Duration // Optional, defaults to 15s Namespace string `json:",omitempty"` // Optional, defaults to API client config, namespace of ACL token, or "default" namespace }
LockOptions is used to parameterize the Lock behavior.
type LogSinkType ¶
type LogSinkType string
const ( DefaultLogSinkType LogSinkType = "" FileLogSinkType LogSinkType = "file" StdErrLogSinkType LogSinkType = "stderr" StdOutLogSinkType LogSinkType = "stdout" )
type MemberACLMode ¶
type MemberACLMode string
const ( // ACLModeDisables indicates that ACLs are disabled for this agent ACLModeDisabled MemberACLMode = "0" // ACLModeEnabled indicates that ACLs are enabled and operating in new ACL // mode (v1.4.0+ ACLs) ACLModeEnabled MemberACLMode = "1" // ACLModeLegacy has been deprecated, and will be treated as ACLModeUnknown. ACLModeLegacy MemberACLMode = "2" // DEPRECATED // ACLModeUnkown is used to indicate that the AgentMember.Tags didn't advertise // an ACL mode at all. This is the case for Consul versions before v1.4.0 and // should be treated the same as ACLModeLegacy. ACLModeUnknown MemberACLMode = "3" )
type MembersOpts ¶
type MembersOpts struct { // WAN is whether to show members from the WAN. WAN bool // Segment is the LAN segment to show members for. Setting this to the // AllSegments value above will show members in all segments. Segment string Filter string }
MembersOpts is used for querying member information.
type MeshConfigEntry ¶
type MeshConfigEntry struct { // Partition is the partition the MeshConfigEntry applies to. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Namespace is the namespace the MeshConfigEntry applies to. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // TransparentProxy applies configuration specific to proxies // in transparent mode. TransparentProxy TransparentProxyMeshConfig `alias:"transparent_proxy"` // AllowEnablingPermissiveMutualTLS must be true in order to allow setting // MutualTLSMode=permissive in either service-defaults or proxy-defaults. AllowEnablingPermissiveMutualTLS bool `json:",omitempty" alias:"allow_enabling_permissive_mutual_tls"` TLS *MeshTLSConfig `json:",omitempty"` HTTP *MeshHTTPConfig `json:",omitempty"` Peering *PeeringMeshConfig `json:",omitempty"` Meta map[string]string `json:",omitempty"` // CreateIndex is the Raft index this entry was created at. This is a // read-only field. CreateIndex uint64 // ModifyIndex is used for the Check-And-Set operations and can also be fed // back into the WaitIndex of the QueryOptions in order to perform blocking // queries. ModifyIndex uint64 }
MeshConfigEntry manages the global configuration for all service mesh proxies.
func (*MeshConfigEntry) GetCreateIndex ¶
func (e *MeshConfigEntry) GetCreateIndex() uint64
func (*MeshConfigEntry) GetKind ¶
func (e *MeshConfigEntry) GetKind() string
func (*MeshConfigEntry) GetMeta ¶
func (e *MeshConfigEntry) GetMeta() map[string]string
func (*MeshConfigEntry) GetModifyIndex ¶
func (e *MeshConfigEntry) GetModifyIndex() uint64
func (*MeshConfigEntry) GetName ¶
func (e *MeshConfigEntry) GetName() string
func (*MeshConfigEntry) GetNamespace ¶
func (e *MeshConfigEntry) GetNamespace() string
func (*MeshConfigEntry) GetPartition ¶
func (e *MeshConfigEntry) GetPartition() string
func (*MeshConfigEntry) MarshalJSON ¶
func (e *MeshConfigEntry) MarshalJSON() ([]byte, error)
MarshalJSON adds the Kind field so that the JSON can be decoded back into the correct type.
type MeshGatewayConfig ¶
type MeshGatewayConfig struct { // Mode is the mode that should be used for the upstream connection. Mode MeshGatewayMode `json:",omitempty"` }
MeshGatewayConfig controls how Mesh Gateways are used for upstream Connect services
type MeshGatewayMode ¶
type MeshGatewayMode string
const ( // MeshGatewayModeDefault represents no specific mode and should // be used to indicate that a different layer of the configuration // chain should take precedence MeshGatewayModeDefault MeshGatewayMode = "" // MeshGatewayModeNone represents that the Upstream Connect connections // should be direct and not flow through a mesh gateway. MeshGatewayModeNone MeshGatewayMode = "none" // MeshGatewayModeLocal represents that the Upstream Connect connections // should be made to a mesh gateway in the local datacenter. MeshGatewayModeLocal MeshGatewayMode = "local" // MeshGatewayModeRemote represents that the Upstream Connect connections // should be made to a mesh gateway in a remote datacenter. MeshGatewayModeRemote MeshGatewayMode = "remote" )
type MeshHTTPConfig ¶
type MeshHTTPConfig struct {
SanitizeXForwardedClientCert bool `alias:"sanitize_x_forwarded_client_cert"`
}
type MeshTLSConfig ¶
type MeshTLSConfig struct { Incoming *MeshDirectionalTLSConfig `json:",omitempty"` Outgoing *MeshDirectionalTLSConfig `json:",omitempty"` }
type MetricsInfo ¶
type MetricsInfo struct { Timestamp string Gauges []GaugeValue Points []PointValue Counters []SampledValue Samples []SampledValue }
Metrics info is used to store different types of metric values from the agent.
type MutualTLSMode ¶
type MutualTLSMode string
const ( // MutualTLSModeDefault represents no specific mode and should // be used to indicate that a different layer of the configuration // chain should take precedence. MutualTLSModeDefault MutualTLSMode = "" // MutualTLSModeStrict requires mTLS for incoming traffic. MutualTLSModeStrict MutualTLSMode = "strict" // MutualTLSModePermissive allows incoming non-mTLS traffic. MutualTLSModePermissive MutualTLSMode = "permissive" )
type Namespace ¶
type Namespace struct { // Name is the name of the Namespace. It must be unique and // must be a DNS hostname. There are also other reserved names // that may not be used. Name string `json:"Name"` // Description is where the user puts any information they want // about the namespace. It is not used internally. Description string `json:"Description,omitempty"` // ACLs is the configuration of ACLs for this namespace. It has its // own struct so that we can add more to it in the future. // This is nullable so that we can omit if empty when encoding in JSON ACLs *NamespaceACLConfig `json:"ACLs,omitempty"` // Meta is a map that can be used to add kv metadata to the namespace definition Meta map[string]string `json:"Meta,omitempty"` // DeletedAt is the time when the Namespace was marked for deletion // This is nullable so that we can omit if empty when encoding in JSON DeletedAt *time.Time `json:"DeletedAt,omitempty" alias:"deleted_at"` // Partition which contains the Namespace. Partition string `json:"Partition,omitempty"` // CreateIndex is the Raft index at which the Namespace was created CreateIndex uint64 `json:"CreateIndex,omitempty"` // ModifyIndex is the latest Raft index at which the Namespace was modified. ModifyIndex uint64 `json:"ModifyIndex,omitempty"` }
Namespace is the configuration of a single namespace. Namespacing is a Consul Enterprise feature.
func (*Namespace) UnmarshalJSON ¶
type NamespaceACLConfig ¶
type NamespaceACLConfig struct { // PolicyDefaults is the list of policies that should be used for the parent authorizer // of all tokens in the associated namespace. PolicyDefaults []ACLLink `json:"PolicyDefaults" alias:"policy_defaults"` // RoleDefaults is the list of roles that should be used for the parent authorizer // of all tokens in the associated namespace. RoleDefaults []ACLLink `json:"RoleDefaults" alias:"role_defaults"` }
NamespaceACLConfig is the Namespace specific ACL configuration container
func (*NamespaceACLConfig) UnmarshalJSON ¶
func (n *NamespaceACLConfig) UnmarshalJSON(data []byte) error
type Namespaces ¶
type Namespaces struct {
// contains filtered or unexported fields
}
Namespaces can be used to manage Namespaces in Consul Enterprise..
func (*Namespaces) Create ¶
func (n *Namespaces) Create(ns *Namespace, q *WriteOptions) (*Namespace, *WriteMeta, error)
func (*Namespaces) Delete ¶
func (n *Namespaces) Delete(name string, q *WriteOptions) (*WriteMeta, error)
func (*Namespaces) List ¶
func (n *Namespaces) List(q *QueryOptions) ([]*Namespace, *QueryMeta, error)
func (*Namespaces) Read ¶
func (n *Namespaces) Read(name string, q *QueryOptions) (*Namespace, *QueryMeta, error)
func (*Namespaces) Update ¶
func (n *Namespaces) Update(ns *Namespace, q *WriteOptions) (*Namespace, *WriteMeta, error)
type NodeOp ¶
type NodeOp string
NodeOp constants give possible operations available in a transaction.
type OIDCAuthMethodConfig ¶
type OIDCAuthMethodConfig struct { // common for type=oidc and type=jwt JWTSupportedAlgs []string `json:",omitempty"` BoundAudiences []string `json:",omitempty"` ClaimMappings map[string]string `json:",omitempty"` ListClaimMappings map[string]string `json:",omitempty"` OIDCDiscoveryURL string `json:",omitempty"` OIDCDiscoveryCACert string `json:",omitempty"` // just for type=oidc OIDCClientID string `json:",omitempty"` OIDCClientSecret string `json:",omitempty"` OIDCScopes []string `json:",omitempty"` OIDCACRValues []string `json:",omitempty"` AllowedRedirectURIs []string `json:",omitempty"` VerboseOIDCLogging bool `json:",omitempty"` // just for type=jwt JWKSURL string `json:",omitempty"` JWKSCACert string `json:",omitempty"` JWTValidationPubKeys []string `json:",omitempty"` BoundIssuer string `json:",omitempty"` ExpirationLeeway time.Duration `json:",omitempty"` NotBeforeLeeway time.Duration `json:",omitempty"` ClockSkewLeeway time.Duration `json:",omitempty"` }
OIDCAuthMethodConfig is the config for the built-in Consul auth method for OIDC and JWT.
func (*OIDCAuthMethodConfig) RenderToConfig ¶
func (c *OIDCAuthMethodConfig) RenderToConfig() map[string]interface{}
RenderToConfig converts this into a map[string]interface{} suitable for use in the ACLAuthMethod.Config field.
type Operator ¶
type Operator struct {
// contains filtered or unexported fields
}
Operator can be used to perform low-level operator tasks for Consul.
func (*Operator) AreaCreate ¶
AreaCreate will create a new network area. The ID in the given structure must be empty and a generated ID will be returned on success.
func (*Operator) AreaDelete ¶
func (op *Operator) AreaDelete(areaID string, q *WriteOptions) (*WriteMeta, error)
AreaDelete deletes the given network area.
func (*Operator) AreaJoin ¶
func (op *Operator) AreaJoin(areaID string, addresses []string, q *WriteOptions) ([]*AreaJoinResponse, *WriteMeta, error)
AreaJoin attempts to join the given set of join addresses to the given network area. See the Area structure for details about join addresses.
func (*Operator) AreaList ¶
func (op *Operator) AreaList(q *QueryOptions) ([]*Area, *QueryMeta, error)
AreaList returns all the available network areas.
func (*Operator) AreaMembers ¶
func (op *Operator) AreaMembers(areaID string, q *QueryOptions) ([]*SerfMember, *QueryMeta, error)
AreaMembers lists the Serf information about the members in the given area.
func (*Operator) AreaUpdate ¶
func (op *Operator) AreaUpdate(areaID string, area *Area, q *WriteOptions) (string, *WriteMeta, error)
AreaUpdate will update the configuration of the network area with the given ID.
func (*Operator) AutopilotCASConfiguration ¶
func (op *Operator) AutopilotCASConfiguration(conf *AutopilotConfiguration, q *WriteOptions) (bool, error)
AutopilotCASConfiguration is used to perform a Check-And-Set update on the Autopilot configuration. The ModifyIndex value will be respected. Returns true on success or false on failures.
func (*Operator) AutopilotGetConfiguration ¶
func (op *Operator) AutopilotGetConfiguration(q *QueryOptions) (*AutopilotConfiguration, error)
AutopilotGetConfiguration is used to query the current Autopilot configuration.
func (*Operator) AutopilotServerHealth ¶
func (op *Operator) AutopilotServerHealth(q *QueryOptions) (*OperatorHealthReply, error)
AutopilotServerHealth
func (*Operator) AutopilotSetConfiguration ¶
func (op *Operator) AutopilotSetConfiguration(conf *AutopilotConfiguration, q *WriteOptions) error
AutopilotSetConfiguration is used to set the current Autopilot configuration.
func (*Operator) AutopilotState ¶
func (op *Operator) AutopilotState(q *QueryOptions) (*AutopilotState, error)
func (*Operator) KeyringInstall ¶
func (op *Operator) KeyringInstall(key string, q *WriteOptions) error
KeyringInstall is used to install a new gossip encryption key into the cluster
func (*Operator) KeyringList ¶
func (op *Operator) KeyringList(q *QueryOptions) ([]*KeyringResponse, error)
KeyringList is used to list the gossip keys installed in the cluster
func (*Operator) KeyringRemove ¶
func (op *Operator) KeyringRemove(key string, q *WriteOptions) error
KeyringRemove is used to remove a gossip encryption key from the cluster
func (*Operator) KeyringUse ¶
func (op *Operator) KeyringUse(key string, q *WriteOptions) error
KeyringUse is used to change the active gossip encryption key
func (*Operator) LicenseGet ¶
func (op *Operator) LicenseGet(q *QueryOptions) (*LicenseReply, error)
func (*Operator) LicenseGetSigned ¶
func (op *Operator) LicenseGetSigned(q *QueryOptions) (string, error)
func (*Operator) LicensePut ¶
func (op *Operator) LicensePut(license string, opts *WriteOptions) (*LicenseReply, error)
LicensePut will configure the Consul Enterprise license for the target datacenter
DEPRECATED: Consul 1.10 removes the corresponding HTTP endpoint as licenses are now set via agent configuration instead of through the API
func (*Operator) LicenseReset ¶
func (op *Operator) LicenseReset(opts *WriteOptions) (*LicenseReply, error)
LicenseReset will reset the license to the builtin one if it is still valid. If the builtin license is invalid, the current license stays active.
DEPRECATED: Consul 1.10 removes the corresponding HTTP endpoint as licenses are now set via agent configuration instead of through the API
func (*Operator) RaftGetConfiguration ¶
func (op *Operator) RaftGetConfiguration(q *QueryOptions) (*RaftConfiguration, error)
RaftGetConfiguration is used to query the current Raft peer set.
func (*Operator) RaftLeaderTransfer ¶
func (op *Operator) RaftLeaderTransfer(q *QueryOptions) (*TransferLeaderResponse, error)
RaftLeaderTransfer is used to transfer the current raft leader to another node
func (*Operator) RaftRemovePeerByAddress ¶
func (op *Operator) RaftRemovePeerByAddress(address string, q *WriteOptions) error
RaftRemovePeerByAddress is used to kick a stale peer (one that it in the Raft quorum but no longer known to Serf or the catalog) by address in the form of "IP:port".
func (*Operator) RaftRemovePeerByID ¶
func (op *Operator) RaftRemovePeerByID(id string, q *WriteOptions) error
RaftRemovePeerByID is used to kick a stale peer (one that it in the Raft quorum but no longer known to Serf or the catalog) by ID.
func (*Operator) SegmentList ¶
func (op *Operator) SegmentList(q *QueryOptions) ([]string, *QueryMeta, error)
SegmentList returns all the available LAN segments.
type OperatorHealthReply ¶
type OperatorHealthReply struct { // Healthy is true if all the servers in the cluster are healthy. Healthy bool // FailureTolerance is the number of healthy servers that could be lost without // an outage occurring. FailureTolerance int // Servers holds the health of each server. Servers []ServerHealth }
OperatorHealthReply is a representation of the overall health of the cluster
type Partition ¶
type Partition struct { // Name is the name of the Partition. Name string `json:"Name"` // Description is where the user puts any information they want // about the admin partition. It is not used internally. Description string `json:"Description,omitempty"` // DeletedAt is the time when the Partition was marked for deletion // This is nullable so that we can omit if empty when encoding in JSON DeletedAt *time.Time `json:"DeletedAt,omitempty" alias:"deleted_at"` // CreateIndex is the Raft index at which the Partition was created CreateIndex uint64 `json:"CreateIndex,omitempty"` // ModifyIndex is the latest Raft index at which the Partition was modified. ModifyIndex uint64 `json:"ModifyIndex,omitempty"` }
Partition is the configuration of a single admin partition. Admin Partitions are a Consul Enterprise feature.
type Partitions ¶
type Partitions struct {
// contains filtered or unexported fields
}
Partitions can be used to manage Partitions in Consul Enterprise.
func (*Partitions) Create ¶
func (p *Partitions) Create(ctx context.Context, partition *Partition, q *WriteOptions) (*Partition, *WriteMeta, error)
func (*Partitions) Delete ¶
func (p *Partitions) Delete(ctx context.Context, name string, q *WriteOptions) (*WriteMeta, error)
func (*Partitions) List ¶
func (p *Partitions) List(ctx context.Context, q *QueryOptions) ([]*Partition, *QueryMeta, error)
func (*Partitions) Read ¶
func (p *Partitions) Read(ctx context.Context, name string, q *QueryOptions) (*Partition, *QueryMeta, error)
func (*Partitions) Update ¶
func (p *Partitions) Update(ctx context.Context, partition *Partition, q *WriteOptions) (*Partition, *WriteMeta, error)
type PassiveHealthCheck ¶
type PassiveHealthCheck struct { // Interval between health check analysis sweeps. Each sweep may remove // hosts or return hosts to the pool. Interval time.Duration `json:",omitempty"` // MaxFailures is the count of consecutive failures that results in a host // being removed from the pool. MaxFailures uint32 `alias:"max_failures"` // EnforcingConsecutive5xx is the % chance that a host will be actually ejected // when an outlier status is detected through consecutive 5xx. // This setting can be used to disable ejection or to ramp it up slowly. EnforcingConsecutive5xx *uint32 `json:",omitempty" alias:"enforcing_consecutive_5xx"` // The maximum % of an upstream cluster that can be ejected due to outlier detection. // Defaults to 10% but will eject at least one host regardless of the value. MaxEjectionPercent *uint32 `json:",omitempty" alias:"max_ejection_percent"` // The base time that a host is ejected for. The real time is equal to the base time // multiplied by the number of times the host has been ejected and is capped by // max_ejection_time (Default 300s). Defaults to 30000ms or 30s. BaseEjectionTime *time.Duration `json:",omitempty" alias:"base_ejection_time"` }
type PeeredServiceName ¶
type PeeredServiceName struct { ServiceName CompoundServiceName Peer string }
type Peering ¶
type Peering struct { // ID is a datacenter-scoped UUID for the peering. ID string // Name is the local alias for the peering relationship. Name string // Partition is the local partition connecting to the peer. Partition string `json:",omitempty"` // DeletedAt is the time when the Peering was marked for deletion DeletedAt *time.Time `json:",omitempty" alias:"deleted_at"` // Meta is a mapping of some string value to any other string value Meta map[string]string `json:",omitempty"` // State is one of the valid PeeringState values to represent the status of // peering relationship. State PeeringState // PeerID is the ID that our peer assigned to this peering. This ID is to // be used when dialing the peer, so that it can know who dialed it. PeerID string `json:",omitempty"` // PeerCAPems contains all the CA certificates for the remote peer. PeerCAPems []string `json:",omitempty"` // PeerServerName is the name of the remote server as it relates to TLS. PeerServerName string `json:",omitempty"` // PeerServerAddresses contains all the connection addresses for the remote peer. PeerServerAddresses []string `json:",omitempty"` // StreamStatus contains information computed on read based on the state of the stream. StreamStatus PeeringStreamStatus // CreateIndex is the Raft index at which the Peering was created. CreateIndex uint64 // ModifyIndex is the latest Raft index at which the Peering was modified. ModifyIndex uint64 // Remote contains metadata for the remote peer. Remote PeeringRemoteInfo }
type PeeringEstablishRequest ¶
type PeeringEstablishRequest struct { // Name of the remote peer. PeerName string // The peering token returned from the peer's GenerateToken endpoint. PeeringToken string `json:",omitempty"` // Partition to be peered. Partition string `json:",omitempty"` // Meta is a mapping of some string value to any other string value Meta map[string]string `json:",omitempty"` }
type PeeringEstablishResponse ¶
type PeeringEstablishResponse struct { }
type PeeringGenerateTokenRequest ¶
type PeeringGenerateTokenRequest struct { // PeerName is the name of the remote peer. PeerName string // Partition to be peered. Partition string `json:",omitempty"` // Meta is a mapping of some string value to any other string value Meta map[string]string `json:",omitempty"` // ServerExternalAddresses is a list of addresses to put into the generated token. This could be used to specify // load balancer(s) or external IPs to reach the servers from the dialing side, and will override any server // addresses obtained from the "consul" service. ServerExternalAddresses []string `json:",omitempty"` }
type PeeringGenerateTokenResponse ¶
type PeeringGenerateTokenResponse struct { // PeeringToken is an opaque string provided to the remote peer for it to complete // the peering initialization handshake. PeeringToken string }
type PeeringListRequest ¶
type PeeringListRequest struct { }
type PeeringMeshConfig ¶
type PeeringMeshConfig struct {
PeerThroughMeshGateways bool `json:",omitempty" alias:"peer_through_mesh_gateways"`
}
type PeeringReadResponse ¶
type PeeringReadResponse struct {
Peering *Peering
}
type PeeringRemoteInfo ¶
type PeeringState ¶
type PeeringState string
PeeringState enumerates all the states a peering can be in
const ( // PeeringStateUndefined represents an unset value for PeeringState during // writes. PeeringStateUndefined PeeringState = "UNDEFINED" // PeeringStatePending means the peering was created by generating a peering token. // Peerings stay in a pending state until the peer uses the token to dial // the local cluster. PeeringStatePending PeeringState = "PENDING" // PeeringStateEstablishing means the peering is being established from a peering token. // This is the initial state for dialing peers. PeeringStateEstablishing PeeringState = "ESTABLISHING" // PeeringStateActive means that the peering connection is active and // healthy. PeeringStateActive PeeringState = "ACTIVE" // PeeringStateFailing means the peering connection has been interrupted // but has not yet been terminated. PeeringStateFailing PeeringState = "FAILING" // PeeringStateDeleting means a peering was marked for deletion and is in the process // of being deleted. PeeringStateDeleting PeeringState = "DELETING" // PeeringStateTerminated means the peering relationship has been removed. PeeringStateTerminated PeeringState = "TERMINATED" )
type PeeringStreamStatus ¶
type PeeringStreamStatus struct { // ImportedServices is the list of services imported from this peering. ImportedServices []string // ExportedServices is the list of services exported to this peering. ExportedServices []string // LastHeartbeat represents when the last heartbeat message was received. LastHeartbeat *time.Time // LastReceive represents when any message was last received, regardless of success or error. LastReceive *time.Time // LastSend represents when any message was last sent, regardless of success or error. LastSend *time.Time }
type Peerings ¶
type Peerings struct {
// contains filtered or unexported fields
}
func (*Peerings) Establish ¶
func (p *Peerings) Establish(ctx context.Context, i PeeringEstablishRequest, wq *WriteOptions) (*PeeringEstablishResponse, *WriteMeta, error)
TODO(peering): verify this is the ultimate signature we want
func (*Peerings) GenerateToken ¶
func (p *Peerings) GenerateToken(ctx context.Context, g PeeringGenerateTokenRequest, wq *WriteOptions) (*PeeringGenerateTokenResponse, *WriteMeta, error)
TODO(peering): verify this is the ultimate signature we want
type PointValue ¶
PointValue holds a series of points for a metric.
type PreparedQuery ¶
type PreparedQuery struct {
// contains filtered or unexported fields
}
PreparedQuery can be used to query the prepared query endpoints.
func (*PreparedQuery) Create ¶
func (c *PreparedQuery) Create(query *PreparedQueryDefinition, q *WriteOptions) (string, *WriteMeta, error)
Create makes a new prepared query. The ID of the new query is returned.
func (*PreparedQuery) Delete ¶
func (c *PreparedQuery) Delete(queryID string, q *WriteOptions) (*WriteMeta, error)
Delete is used to delete a specific prepared query.
func (*PreparedQuery) Execute ¶
func (c *PreparedQuery) Execute(queryIDOrName string, q *QueryOptions) (*PreparedQueryExecuteResponse, *QueryMeta, error)
Execute is used to execute a specific prepared query. You can execute using a query ID or name.
func (*PreparedQuery) Get ¶
func (c *PreparedQuery) Get(queryID string, q *QueryOptions) ([]*PreparedQueryDefinition, *QueryMeta, error)
Get is used to fetch a specific prepared query.
func (*PreparedQuery) List ¶
func (c *PreparedQuery) List(q *QueryOptions) ([]*PreparedQueryDefinition, *QueryMeta, error)
List is used to fetch all the prepared queries (always requires a management token).
func (*PreparedQuery) Update ¶
func (c *PreparedQuery) Update(query *PreparedQueryDefinition, q *WriteOptions) (*WriteMeta, error)
Update makes updates to an existing prepared query.
type PreparedQueryDefinition ¶
type PreparedQueryDefinition struct { // ID is this UUID-based ID for the query, always generated by Consul. ID string // Name is an optional friendly name for the query supplied by the // user. NOTE - if this feature is used then it will reduce the security // of any read ACL associated with this query/service since this name // can be used to locate nodes with supplying any ACL. Name string // Session is an optional session to tie this query's lifetime to. If // this is omitted then the query will not expire. Session string // Token is the ACL token used when the query was created, and it is // used when a query is subsequently executed. This token, or a token // with management privileges, must be used to change the query later. Token string // Service defines a service query (leaving things open for other types // later). Service ServiceQuery // DNS has options that control how the results of this query are // served over DNS. DNS QueryDNSOptions // Template is used to pass through the arguments for creating a // prepared query with an attached template. If a template is given, // interpolations are possible in other struct fields. Template QueryTemplate }
PreparedQueryDefinition defines a complete prepared query.
type PreparedQueryExecuteResponse ¶
type PreparedQueryExecuteResponse struct { // Service is the service that was queried. Service string // Namespace of the service that was queried Namespace string `json:",omitempty"` // Nodes has the nodes that were output by the query. Nodes []ServiceEntry // DNS has the options for serving these results over DNS. DNS QueryDNSOptions // Datacenter is the datacenter that these results came from. Datacenter string // Failovers is a count of how many times we had to query a remote // datacenter. Failovers int }
PreparedQueryExecuteResponse has the results of executing a query.
type ProxyConfigEntry ¶
type ProxyConfigEntry struct { Kind string Name string Partition string `json:",omitempty"` Namespace string `json:",omitempty"` Mode ProxyMode `json:",omitempty"` TransparentProxy *TransparentProxyConfig `json:",omitempty" alias:"transparent_proxy"` MutualTLSMode MutualTLSMode `json:",omitempty" alias:"mutual_tls_mode"` Config map[string]interface{} `json:",omitempty"` MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"` Expose ExposeConfig `json:",omitempty"` AccessLogs *AccessLogsConfig `json:",omitempty" alias:"access_logs"` EnvoyExtensions []EnvoyExtension `json:",omitempty" alias:"envoy_extensions"` FailoverPolicy *ServiceResolverFailoverPolicy `json:",omitempty" alias:"failover_policy"` PrioritizeByLocality *ServiceResolverPrioritizeByLocality `json:",omitempty" alias:"prioritize_by_locality"` Meta map[string]string `json:",omitempty"` CreateIndex uint64 ModifyIndex uint64 }
func (*ProxyConfigEntry) GetCreateIndex ¶
func (p *ProxyConfigEntry) GetCreateIndex() uint64
func (*ProxyConfigEntry) GetKind ¶
func (p *ProxyConfigEntry) GetKind() string
func (*ProxyConfigEntry) GetMeta ¶
func (p *ProxyConfigEntry) GetMeta() map[string]string
func (*ProxyConfigEntry) GetModifyIndex ¶
func (p *ProxyConfigEntry) GetModifyIndex() uint64
func (*ProxyConfigEntry) GetName ¶
func (p *ProxyConfigEntry) GetName() string
func (*ProxyConfigEntry) GetNamespace ¶
func (p *ProxyConfigEntry) GetNamespace() string
func (*ProxyConfigEntry) GetPartition ¶
func (p *ProxyConfigEntry) GetPartition() string
type ProxyMode ¶
type ProxyMode string
const ( // ProxyModeDefault represents no specific mode and should // be used to indicate that a different layer of the configuration // chain should take precedence ProxyModeDefault ProxyMode = "" // ProxyModeTransparent represents that inbound and outbound application // traffic is being captured and redirected through the proxy. ProxyModeTransparent ProxyMode = "transparent" // ProxyModeDirect represents that the proxy's listeners must be dialed directly // by the local application and other proxies. ProxyModeDirect ProxyMode = "direct" )
type QueryDNSOptions ¶
type QueryDNSOptions struct { // TTL is the time to live for the served DNS results. TTL string }
QueryDNSOptions controls settings when query results are served over DNS.
type QueryDatacenterOptions
deprecated
type QueryDatacenterOptions = QueryFailoverOptions
Deprecated: use QueryFailoverOptions instead.
type QueryFailoverOptions ¶
type QueryFailoverOptions struct { // NearestN is set to the number of remote datacenters to try, based on // network coordinates. NearestN int // Datacenters is a fixed list of datacenters to try after NearestN. We // never try a datacenter multiple times, so those are subtracted from // this list before proceeding. Datacenters []string // Targets is a fixed list of datacenters and peers to try. This field cannot // be populated with NearestN or Datacenters. Targets []QueryFailoverTarget }
QueryFailoverOptions sets options about how we fail over if there are no healthy nodes in the local datacenter.
type QueryFailoverTarget ¶
type QueryFailoverTarget struct { // Peer specifies a peer to try during failover. Peer string // Datacenter specifies a datacenter to try during failover. Datacenter string // Partition specifies a partition to try during failover // Note: Partition are available only in Consul Enterprise Partition string `json:",omitempty"` // Namespace specifies a namespace to try during failover // Note: Namespaces are available only in Consul Enterprise Namespace string `json:",omitempty"` }
type QueryMeta ¶
type QueryMeta struct { // LastIndex. This can be used as a WaitIndex to perform // a blocking query LastIndex uint64 // LastContentHash. This can be used as a WaitHash to perform a blocking query // for endpoints that support hash-based blocking. Endpoints that do not // support it will return an empty hash. LastContentHash string // Time of last contact from the leader for the // server servicing the request LastContact time.Duration // Is there a known leader KnownLeader bool // How long did the request take RequestTime time.Duration // Is address translation enabled for HTTP responses on this agent AddressTranslationEnabled bool // CacheHit is true if the result was served from agent-local cache. CacheHit bool // CacheAge is set if request was ?cached and indicates how stale the cached // response is. CacheAge time.Duration // QueryBackend represent which backend served the request. QueryBackend string // DefaultACLPolicy is used to control the ACL interaction when there is no // defined policy. This can be "allow" which means ACLs are used to // deny-list, or "deny" which means ACLs are allow-lists. DefaultACLPolicy string // ResultsFilteredByACLs is true when some of the query's results were // filtered out by enforcing ACLs. It may be false because nothing was // removed, or because the endpoint does not yet support this flag. ResultsFilteredByACLs bool }
QueryMeta is used to return meta data about a query
type QueryOptions ¶
type QueryOptions struct { // Namespace overrides the `default` namespace // Note: Namespaces are available only in Consul Enterprise Namespace string // Partition overrides the `default` partition // Note: Partitions are available only in Consul Enterprise Partition string // Providing a datacenter overwrites the DC provided // by the Config Datacenter string // Providing a peer name in the query option Peer string // AllowStale allows any Consul server (non-leader) to service // a read. This allows for lower latency and higher throughput AllowStale bool // RequireConsistent forces the read to be fully consistent. // This is more expensive but prevents ever performing a stale // read. RequireConsistent bool // UseCache requests that the agent cache results locally. See // https://www.consul.io/api/features/caching.html for more details on the // semantics. UseCache bool // MaxAge limits how old a cached value will be returned if UseCache is true. // If there is a cached response that is older than the MaxAge, it is treated // as a cache miss and a new fetch invoked. If the fetch fails, the error is // returned. Clients that wish to allow for stale results on error can set // StaleIfError to a longer duration to change this behavior. It is ignored // if the endpoint supports background refresh caching. See // https://www.consul.io/api/features/caching.html for more details. MaxAge time.Duration // StaleIfError specifies how stale the client will accept a cached response // if the servers are unavailable to fetch a fresh one. Only makes sense when // UseCache is true and MaxAge is set to a lower, non-zero value. It is // ignored if the endpoint supports background refresh caching. See // https://www.consul.io/api/features/caching.html for more details. StaleIfError time.Duration // WaitIndex is used to enable a blocking query. Waits // until the timeout or the next index is reached WaitIndex uint64 // WaitHash is used by some endpoints instead of WaitIndex to perform blocking // on state based on a hash of the response rather than a monotonic index. // This is required when the state being blocked on is not stored in Raft, for // example agent-local proxy configuration. WaitHash string // WaitTime is used to bound the duration of a wait. // Defaults to that of the Config, but can be overridden. WaitTime time.Duration // Token is used to provide a per-request ACL token // which overrides the agent's default token. Token string // Near is used to provide a node name that will sort the results // in ascending order based on the estimated round trip time from // that node. Setting this to "_agent" will use the agent's node // for the sort. Near string // NodeMeta is used to filter results by nodes with the given // metadata key/value pairs. Currently, only one key/value pair can // be provided for filtering. NodeMeta map[string]string // RelayFactor is used in keyring operations to cause responses to be // relayed back to the sender through N other random nodes. Must be // a value from 0 to 5 (inclusive). RelayFactor uint8 // LocalOnly is used in keyring list operation to force the keyring // query to only hit local servers (no WAN traffic). LocalOnly bool // Connect filters prepared query execution to only include Connect-capable // services. This currently affects prepared query execution. Connect bool // Filter requests filtering data prior to it being returned. The string // is a go-bexpr compatible expression. Filter string // MergeCentralConfig returns a service definition merged with the // proxy-defaults/global and service-defaults/:service config entries. // This can be used to ensure a full service definition is returned in the response // especially when the service might not be written into the catalog that way. MergeCentralConfig bool // Global is used to request information from all datacenters. Currently only // used for operator usage requests. Global bool // contains filtered or unexported fields }
QueryOptions are used to parameterize a query
func (*QueryOptions) Context ¶
func (o *QueryOptions) Context() context.Context
func (*QueryOptions) WithContext ¶
func (o *QueryOptions) WithContext(ctx context.Context) *QueryOptions
type QueryTemplate ¶
type QueryTemplate struct { // Type specifies the type of the query template. Currently only // "name_prefix_match" is supported. This field is required. Type string // Regexp allows specifying a regex pattern to match against the name // of the query being executed. Regexp string // RemoveEmptyTags if set to true, will cause the Tags list inside // the Service structure to be stripped of any empty strings. This is useful // when interpolating into tags in a way where the tag is optional, and // where searching for an empty tag would yield no results from the query. RemoveEmptyTags bool }
QueryTemplate carries the arguments for creating a templated query.
type RaftConfiguration ¶
type RaftConfiguration struct { // Servers has the list of servers in the Raft configuration. Servers []*RaftServer // Index has the Raft index of this configuration. Index uint64 }
RaftConfiguration is returned when querying for the current Raft configuration.
type RaftServer ¶
type RaftServer struct { // ID is the unique ID for the server. These are currently the same // as the address, but they will be changed to a real GUID in a future // release of Consul. ID string // Node is the node name of the server, as known by Consul, or this // will be set to "(unknown)" otherwise. Node string // Address is the IP:port of the server, used for Raft communications. Address string // Leader is true if this server is the current cluster leader. Leader bool // Protocol version is the raft protocol version used by the server ProtocolVersion string // Voter is true if this server has a vote in the cluster. This might // be false if the server is staging and still coming online, or if // it's a non-voting server, which will be added in a future release of // Consul. Voter bool // LastIndex is the last log index this server has a record of in its Raft log. LastIndex uint64 }
RaftServer has information about a server in the Raft configuration.
type RateLimitIPConfigEntry ¶
type RateLimitIPConfigEntry struct { // Kind of the config entry. This will be set to structs.RateLimitIPConfig Kind string Name string Mode string // {permissive, enforcing, disabled} Meta map[string]string `json:",omitempty"` // overall limits ReadRate float64 WriteRate float64 //limits specific to a type of call ACL *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryACL OperationCategory = "ACL" Catalog *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryCatalog OperationCategory = "Catalog" ConfigEntry *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryConfigEntry OperationCategory = "ConfigEntry" ConnectCA *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryConnectCA OperationCategory = "ConnectCA" Coordinate *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryCoordinate OperationCategory = "Coordinate" DiscoveryChain *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryDiscoveryChain OperationCategory = "DiscoveryChain" ServerDiscovery *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryServerDiscovery OperationCategory = "ServerDiscovery" Health *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryHealth OperationCategory = "Health" Intention *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryIntention OperationCategory = "Intention" KV *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryKV OperationCategory = "KV" Tenancy *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryPartition OperationCategory = "Tenancy" PreparedQuery *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryPreparedQuery OperationCategory = "PreparedQuery" Session *ReadWriteRatesConfig `json:",omitempty"` // OperationCategorySession OperationCategory = "Session" Txn *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryTxn OperationCategory = "Txn" AutoConfig *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryAutoConfig OperationCategory = "AutoConfig" FederationState *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryFederationState OperationCategory = "FederationState" Internal *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryInternal OperationCategory = "Internal" PeerStream *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryPeerStream OperationCategory = "PeerStream" Peering *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryPeering OperationCategory = "Peering" DataPlane *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryDataPlane OperationCategory = "DataPlane" DNS *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryDNS OperationCategory = "DNS" Subscribe *ReadWriteRatesConfig `json:",omitempty"` // OperationCategorySubscribe OperationCategory = "Subscribe" Resource *ReadWriteRatesConfig `json:",omitempty"` // OperationCategoryResource OperationCategory = "Resource" // Partition is the partition the config entry is associated with. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Namespace is the namespace the config entry is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` // CreateIndex is the Raft index this entry was created at. This is a // read-only field. CreateIndex uint64 // ModifyIndex is used for the Check-And-Set operations and can also be fed // back into the WaitIndex of the QueryOptions in order to perform blocking // queries. ModifyIndex uint64 }
func (*RateLimitIPConfigEntry) GetCreateIndex ¶
func (r *RateLimitIPConfigEntry) GetCreateIndex() uint64
func (*RateLimitIPConfigEntry) GetKind ¶
func (r *RateLimitIPConfigEntry) GetKind() string
func (*RateLimitIPConfigEntry) GetMeta ¶
func (r *RateLimitIPConfigEntry) GetMeta() map[string]string
func (*RateLimitIPConfigEntry) GetModifyIndex ¶
func (r *RateLimitIPConfigEntry) GetModifyIndex() uint64
func (*RateLimitIPConfigEntry) GetName ¶
func (r *RateLimitIPConfigEntry) GetName() string
func (*RateLimitIPConfigEntry) GetNamespace ¶
func (r *RateLimitIPConfigEntry) GetNamespace() string
func (*RateLimitIPConfigEntry) GetPartition ¶
func (r *RateLimitIPConfigEntry) GetPartition() string
type Raw ¶
type Raw struct {
// contains filtered or unexported fields
}
Raw can be used to do raw queries against custom endpoints
type ReadWriteRatesConfig ¶
type ReadableDuration ¶
ReadableDuration is a duration type that is serialized to JSON in human readable format.
func NewReadableDuration ¶
func NewReadableDuration(dur time.Duration) *ReadableDuration
func (*ReadableDuration) Duration ¶
func (d *ReadableDuration) Duration() time.Duration
func (*ReadableDuration) MarshalJSON ¶
func (d *ReadableDuration) MarshalJSON() ([]byte, error)
func (*ReadableDuration) String ¶
func (d *ReadableDuration) String() string
func (*ReadableDuration) UnmarshalJSON ¶
func (d *ReadableDuration) UnmarshalJSON(raw []byte) (err error)
type RemoteJWKS ¶
type RemoteJWKS struct { // URI is the URI of the server to query for the JWKS. URI string `json:",omitempty"` // RequestTimeoutMs is the number of milliseconds to // time out when making a request for the JWKS. RequestTimeoutMs int `json:",omitempty" alias:"request_timeout_ms"` // CacheDuration is the duration after which cached keys // should be expired. // // Default value is 5 minutes. CacheDuration time.Duration `json:",omitempty" alias:"cache_duration"` // FetchAsynchronously indicates that the JWKS should be fetched // when a client request arrives. Client requests will be paused // until the JWKS is fetched. // If false, the proxy listener will wait for the JWKS to be // fetched before being activated. // // Default value is false. FetchAsynchronously bool `json:",omitempty" alias:"fetch_asynchronously"` // RetryPolicy defines a retry policy for fetching JWKS. // // There is no retry by default. RetryPolicy *JWKSRetryPolicy `json:",omitempty" alias:"retry_policy"` // JWKSCluster defines how the specified Remote JWKS URI is to be fetched. JWKSCluster *JWKSCluster `json:",omitempty" alias:"jwks_cluster"` }
RemoteJWKS specifies how to fetch a JWKS from a remote server.
type ResourceReference ¶
type ResourceReference struct { // Kind is the kind of ConfigEntry that this resource refers to. Kind string // Name is the identifier for the ConfigEntry this resource refers to. Name string // SectionName is a generic subresource identifier that specifies // a subset of the ConfigEntry to which this reference applies. Usage // of this field should be up to the controller that leverages it. If // unused, this should be blank. SectionName string // Partition is the partition the config entry is associated with. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Namespace is the namespace the config entry is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` }
ResourceReference is a reference to a ConfigEntry with an optional reference to a subsection of that ConfigEntry that can be specified as SectionName
type RetryPolicyBackOff ¶
type RetryPolicyBackOff struct { // BaseInterval to be used for the next back off computation // // The default value from envoy is 1s BaseInterval time.Duration `json:",omitempty" alias:"base_interval"` // MaxInternal to be used to specify the maximum interval between retries. // Optional but should be greater or equal to BaseInterval. // // Defaults to 10 times BaseInterval MaxInterval time.Duration `json:",omitempty" alias:"max_interval"` }
type RingHashConfig ¶
type RingHashConfig struct { // MinimumRingSize determines the minimum number of entries in the hash ring MinimumRingSize uint64 `json:",omitempty" alias:"minimum_ring_size"` // MaximumRingSize determines the maximum number of entries in the hash ring MaximumRingSize uint64 `json:",omitempty" alias:"maximum_ring_size"` }
RingHashConfig contains configuration for the "ring_hash" policy type
type RouteConditionReason ¶
type RouteConditionReason string
RouteConditionReason is a reason for a route condition.
type RouteConditionType ¶
type RouteConditionType string
RouteConditionType is a type of condition for a route.
type SamenessGroupConfigEntry ¶
type SamenessGroupConfigEntry struct { Kind string Name string Partition string `json:",omitempty"` DefaultForFailover bool `json:",omitempty" alias:"default_for_failover"` IncludeLocal bool `json:",omitempty" alias:"include_local"` Members []SamenessGroupMember Meta map[string]string `json:",omitempty"` CreateIndex uint64 ModifyIndex uint64 }
func (*SamenessGroupConfigEntry) GetCreateIndex ¶
func (s *SamenessGroupConfigEntry) GetCreateIndex() uint64
func (*SamenessGroupConfigEntry) GetKind ¶
func (s *SamenessGroupConfigEntry) GetKind() string
func (*SamenessGroupConfigEntry) GetMeta ¶
func (s *SamenessGroupConfigEntry) GetMeta() map[string]string
func (*SamenessGroupConfigEntry) GetModifyIndex ¶
func (s *SamenessGroupConfigEntry) GetModifyIndex() uint64
func (*SamenessGroupConfigEntry) GetName ¶
func (s *SamenessGroupConfigEntry) GetName() string
func (*SamenessGroupConfigEntry) GetNamespace ¶
func (s *SamenessGroupConfigEntry) GetNamespace() string
func (*SamenessGroupConfigEntry) GetPartition ¶
func (s *SamenessGroupConfigEntry) GetPartition() string
type SamenessGroupMember ¶
type SampledValue ¶
type SampledValue struct { Name string Count int Sum float64 Min float64 Max float64 Mean float64 Stddev float64 Labels map[string]string }
SampledValue stores info about a metric that is incremented over time, such as the number of requests to an HTTP endpoint.
type Semaphore ¶
type Semaphore struct {
// contains filtered or unexported fields
}
Semaphore is used to implement a distributed semaphore using the Consul KV primitives.
func (*Semaphore) Acquire ¶
Acquire attempts to reserve a slot in the semaphore, blocking until success, interrupted via the stopCh or an error is encountered. Providing a non-nil stopCh can be used to abort the attempt. On success, a channel is returned that represents our slot. This channel could be closed at any time due to session invalidation, communication errors, operator intervention, etc. It is NOT safe to assume that the slot is held until Release() unless the Session is specifically created without any associated health checks. By default Consul sessions prefer liveness over safety and an application must be able to handle the session being lost.
type SemaphoreOptions ¶
type SemaphoreOptions struct { Prefix string // Must be set and have write permissions Limit int // Must be set, and be positive Value []byte // Optional, value to associate with the contender entry Session string // Optional, created if not specified SessionName string // Optional, defaults to DefaultLockSessionName SessionTTL string // Optional, defaults to DefaultLockSessionTTL MonitorRetries int // Optional, defaults to 0 which means no retries MonitorRetryTime time.Duration // Optional, defaults to DefaultMonitorRetryTime SemaphoreWaitTime time.Duration // Optional, defaults to DefaultSemaphoreWaitTime SemaphoreTryOnce bool // Optional, defaults to false which means try forever Namespace string `json:",omitempty"` // Optional, defaults to API client config, namespace of ACL token, or "default" namespace }
SemaphoreOptions is used to parameterize the Semaphore
type SerfMember ¶
type SerfMember struct { // ID is the node identifier (a UUID). ID string // Name is the node name. Name string // Addr has the IP address. Addr net.IP // Port is the RPC port. Port uint16 // Datacenter is the DC name. Datacenter string // Role is "client", "server", or "unknown". Role string // Build has the version of the Consul agent. Build string // Protocol is the protocol of the Consul agent. Protocol int // Status is the Serf health status "none", "alive", "leaving", "left", // or "failed". Status string // RTT is the estimated round trip time from the server handling the // request to the this member. This will be negative if no RTT estimate // is available. RTT time.Duration }
SerfMember is a generic structure for reporting information about members in a Serf cluster. This is only used by the area endpoints right now, but this could be expanded to other endpoints in the future.
type ServerHealth ¶
type ServerHealth struct { // ID is the raft ID of the server. ID string // Name is the node name of the server. Name string // Address is the address of the server. Address string // The status of the SerfHealth check for the server. SerfStatus string // Version is the Consul version of the server. Version string // Leader is whether this server is currently the leader. Leader bool // LastContact is the time since this node's last contact with the leader. LastContact *ReadableDuration // LastTerm is the highest leader term this server has a record of in its Raft log. LastTerm uint64 // LastIndex is the last log index this server has a record of in its Raft log. LastIndex uint64 // Healthy is whether or not the server is healthy according to the current // Autopilot config. Healthy bool // Voter is whether this is a voting server. Voter bool // StableSince is the last time this server's Healthy value changed. StableSince time.Time }
ServerHealth is the health (from the leader's point of view) of a server.
type ServiceAddress ¶
func ParseServiceAddr ¶
func ParseServiceAddr(addrPort string) (ServiceAddress, error)
type ServiceCheck ¶
type ServiceConfigEntry ¶
type ServiceConfigEntry struct { Kind string Name string Partition string `json:",omitempty"` Namespace string `json:",omitempty"` Protocol string `json:",omitempty"` Mode ProxyMode `json:",omitempty"` TransparentProxy *TransparentProxyConfig `json:",omitempty" alias:"transparent_proxy"` MutualTLSMode MutualTLSMode `json:",omitempty" alias:"mutual_tls_mode"` MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"` Expose ExposeConfig `json:",omitempty"` ExternalSNI string `json:",omitempty" alias:"external_sni"` UpstreamConfig *UpstreamConfiguration `json:",omitempty" alias:"upstream_config"` Destination *DestinationConfig `json:",omitempty"` MaxInboundConnections int `json:",omitempty" alias:"max_inbound_connections"` LocalConnectTimeoutMs int `json:",omitempty" alias:"local_connect_timeout_ms"` LocalRequestTimeoutMs int `json:",omitempty" alias:"local_request_timeout_ms"` BalanceInboundConnections string `json:",omitempty" alias:"balance_inbound_connections"` EnvoyExtensions []EnvoyExtension `json:",omitempty" alias:"envoy_extensions"` Meta map[string]string `json:",omitempty"` CreateIndex uint64 ModifyIndex uint64 }
func (*ServiceConfigEntry) GetCreateIndex ¶
func (s *ServiceConfigEntry) GetCreateIndex() uint64
func (*ServiceConfigEntry) GetKind ¶
func (s *ServiceConfigEntry) GetKind() string
func (*ServiceConfigEntry) GetMeta ¶
func (s *ServiceConfigEntry) GetMeta() map[string]string
func (*ServiceConfigEntry) GetModifyIndex ¶
func (s *ServiceConfigEntry) GetModifyIndex() uint64
func (*ServiceConfigEntry) GetName ¶
func (s *ServiceConfigEntry) GetName() string
func (*ServiceConfigEntry) GetNamespace ¶
func (s *ServiceConfigEntry) GetNamespace() string
func (*ServiceConfigEntry) GetPartition ¶
func (s *ServiceConfigEntry) GetPartition() string
type ServiceConsumer ¶
type ServiceConsumer struct { // Partition is the admin partition to export the service to. Partition string `json:",omitempty"` // Peer is the name of the peer to export the service to. Peer string `json:",omitempty" alias:"peer_name"` // SamenessGroup is the name of the sameness group to export the service to. SamenessGroup string `json:",omitempty" alias:"sameness_group"` }
ServiceConsumer represents a downstream consumer of the service to be exported. At most one of Partition or Peer must be specified.
type ServiceEntry ¶
type ServiceEntry struct { Node *Node Service *AgentService Checks HealthChecks }
ServiceEntry is used for the health service endpoint
type ServiceIntentionsConfigEntry ¶
type ServiceIntentionsConfigEntry struct { Kind string Name string Partition string `json:",omitempty"` Namespace string `json:",omitempty"` Sources []*SourceIntention JWT *IntentionJWTRequirement `json:",omitempty"` Meta map[string]string `json:",omitempty"` CreateIndex uint64 ModifyIndex uint64 }
func (*ServiceIntentionsConfigEntry) GetCreateIndex ¶
func (e *ServiceIntentionsConfigEntry) GetCreateIndex() uint64
func (*ServiceIntentionsConfigEntry) GetKind ¶
func (e *ServiceIntentionsConfigEntry) GetKind() string
func (*ServiceIntentionsConfigEntry) GetMeta ¶
func (e *ServiceIntentionsConfigEntry) GetMeta() map[string]string
func (*ServiceIntentionsConfigEntry) GetModifyIndex ¶
func (e *ServiceIntentionsConfigEntry) GetModifyIndex() uint64
func (*ServiceIntentionsConfigEntry) GetName ¶
func (e *ServiceIntentionsConfigEntry) GetName() string
func (*ServiceIntentionsConfigEntry) GetNamespace ¶
func (e *ServiceIntentionsConfigEntry) GetNamespace() string
func (*ServiceIntentionsConfigEntry) GetPartition ¶
func (e *ServiceIntentionsConfigEntry) GetPartition() string
type ServiceKind ¶
type ServiceKind string
ServiceKind is the kind of service being registered.
const ( // ServiceKindTypical is a typical, classic Consul service. This is // represented by the absence of a value. This was chosen for ease of // backwards compatibility: existing services in the catalog would // default to the typical service. ServiceKindTypical ServiceKind = "" // ServiceKindConnectProxy is a proxy for the Connect feature. This // service proxies another service within Consul and speaks the connect // protocol. ServiceKindConnectProxy ServiceKind = "connect-proxy" // ServiceKindMeshGateway is a Mesh Gateway for the Connect feature. This // service will proxy connections based off the SNI header set by other // connect proxies ServiceKindMeshGateway ServiceKind = "mesh-gateway" // ServiceKindTerminatingGateway is a Terminating Gateway for the Connect // feature. This service will proxy connections to services outside the mesh. ServiceKindTerminatingGateway ServiceKind = "terminating-gateway" // ServiceKindIngressGateway is an Ingress Gateway for the Connect feature. // This service will ingress connections based of configuration defined in // the ingress-gateway config entry. ServiceKindIngressGateway ServiceKind = "ingress-gateway" // ServiceKindAPIGateway is an API Gateway for the Connect feature. // This service will ingress connections based of configuration defined in // the api-gateway config entry. ServiceKindAPIGateway ServiceKind = "api-gateway" )
type ServiceOp ¶
type ServiceOp string
ServiceOp constants give possible operations available in a transaction.
type ServiceQuery ¶
type ServiceQuery struct { // Service is the service to query. Service string // SamenessGroup specifies a sameness group to query. The first member of the Sameness Group will // be targeted first on PQ execution and subsequent members will be targeted during failover scenarios. // This field is mutually exclusive with Failover. SamenessGroup string `json:",omitempty"` // Namespace of the service to query Namespace string `json:",omitempty"` // Partition of the service to query Partition string `json:",omitempty"` // Near allows baking in the name of a node to automatically distance- // sort from. The magic "_agent" value is supported, which sorts near // the agent which initiated the request by default. Near string // Failover controls what we do if there are no healthy nodes in the // local datacenter. Failover QueryFailoverOptions `json:",omitempty"` // IgnoreCheckIDs is an optional list of health check IDs to ignore when // considering which nodes are healthy. It is useful as an emergency measure // to temporarily override some health check that is producing false negatives // for example. IgnoreCheckIDs []string // If OnlyPassing is true then we will only include nodes with passing // health checks (critical AND warning checks will cause a node to be // discarded) OnlyPassing bool // Tags are a set of required and/or disallowed tags. If a tag is in // this list it must be present. If the tag is preceded with "!" then // it is disallowed. Tags []string // NodeMeta is a map of required node metadata fields. If a key/value // pair is in this map it must be present on the node in order for the // service entry to be returned. NodeMeta map[string]string // ServiceMeta is a map of required service metadata fields. If a key/value // pair is in this map it must be present on the node in order for the // service entry to be returned. ServiceMeta map[string]string // Connect if true will filter the prepared query results to only // include Connect-capable services. These include both native services // and proxies for matching services. Note that if a proxy matches, // the constraints in the query above (Near, OnlyPassing, etc.) apply // to the _proxy_ and not the service being proxied. In practice, proxies // should be directly next to their services so this isn't an issue. Connect bool }
ServiceQuery is used to query for a set of healthy nodes offering a specific service.
type ServiceRegisterOpts ¶
type ServiceRegisterOpts struct { // Missing healthchecks will be deleted from the agent. // Using this parameter allows to idempotently register a service and its checks without // having to manually deregister checks. ReplaceExistingChecks bool // contains filtered or unexported fields }
ServiceRegisterOpts is used to pass extra options to the service register.
func (ServiceRegisterOpts) WithContext ¶
func (o ServiceRegisterOpts) WithContext(ctx context.Context) ServiceRegisterOpts
WithContext sets the context to be used for the request on a new ServiceRegisterOpts, and returns the opts.
type ServiceResolverConfigEntry ¶
type ServiceResolverConfigEntry struct { Kind string Name string Partition string `json:",omitempty"` Namespace string `json:",omitempty"` DefaultSubset string `json:",omitempty" alias:"default_subset"` Subsets map[string]ServiceResolverSubset `json:",omitempty"` Redirect *ServiceResolverRedirect `json:",omitempty"` Failover map[string]ServiceResolverFailover `json:",omitempty"` ConnectTimeout time.Duration `json:",omitempty" alias:"connect_timeout"` RequestTimeout time.Duration `json:",omitempty" alias:"request_timeout"` // PrioritizeByLocality controls whether the locality of services within the // local partition will be used to prioritize connectivity. PrioritizeByLocality *ServiceResolverPrioritizeByLocality `json:",omitempty" alias:"prioritize_by_locality"` // LoadBalancer determines the load balancing policy and configuration for services // issuing requests to this upstream service. LoadBalancer *LoadBalancer `json:",omitempty" alias:"load_balancer"` Meta map[string]string `json:",omitempty"` CreateIndex uint64 ModifyIndex uint64 }
func (*ServiceResolverConfigEntry) GetCreateIndex ¶
func (e *ServiceResolverConfigEntry) GetCreateIndex() uint64
func (*ServiceResolverConfigEntry) GetKind ¶
func (e *ServiceResolverConfigEntry) GetKind() string
func (*ServiceResolverConfigEntry) GetMeta ¶
func (e *ServiceResolverConfigEntry) GetMeta() map[string]string
func (*ServiceResolverConfigEntry) GetModifyIndex ¶
func (e *ServiceResolverConfigEntry) GetModifyIndex() uint64
func (*ServiceResolverConfigEntry) GetName ¶
func (e *ServiceResolverConfigEntry) GetName() string
func (*ServiceResolverConfigEntry) GetNamespace ¶
func (e *ServiceResolverConfigEntry) GetNamespace() string
func (*ServiceResolverConfigEntry) GetPartition ¶
func (e *ServiceResolverConfigEntry) GetPartition() string
func (*ServiceResolverConfigEntry) MarshalJSON ¶
func (e *ServiceResolverConfigEntry) MarshalJSON() ([]byte, error)
func (*ServiceResolverConfigEntry) UnmarshalJSON ¶
func (e *ServiceResolverConfigEntry) UnmarshalJSON(data []byte) error
type ServiceResolverFailover ¶
type ServiceResolverFailover struct { Service string `json:",omitempty"` ServiceSubset string `json:",omitempty" alias:"service_subset"` // Referencing other partitions is not supported. Namespace string `json:",omitempty"` Datacenters []string `json:",omitempty"` Targets []ServiceResolverFailoverTarget `json:",omitempty"` Policy *ServiceResolverFailoverPolicy `json:",omitempty"` SamenessGroup string `json:",omitempty" alias:"sameness_group"` }
type ServiceResolverPrioritizeByLocality ¶
type ServiceResolverPrioritizeByLocality struct { // Mode specifies the type of prioritization that will be performed // when selecting nodes in the local partition. // Valid values are: "" (default "none"), "none", and "failover". Mode string `json:",omitempty"` }
type ServiceResolverRedirect ¶
type ServiceResolverRedirect struct { Service string `json:",omitempty"` ServiceSubset string `json:",omitempty" alias:"service_subset"` Namespace string `json:",omitempty"` Partition string `json:",omitempty"` Datacenter string `json:",omitempty"` Peer string `json:",omitempty"` SamenessGroup string `json:",omitempty" alias:"sameness_group"` }
type ServiceResolverSubset ¶
type ServiceRoute ¶
type ServiceRoute struct { Match *ServiceRouteMatch `json:",omitempty"` Destination *ServiceRouteDestination `json:",omitempty"` }
type ServiceRouteDestination ¶
type ServiceRouteDestination struct { Service string `json:",omitempty"` ServiceSubset string `json:",omitempty" alias:"service_subset"` Namespace string `json:",omitempty"` Partition string `json:",omitempty"` PrefixRewrite string `json:",omitempty" alias:"prefix_rewrite"` RequestTimeout time.Duration `json:",omitempty" alias:"request_timeout"` IdleTimeout time.Duration `json:",omitempty" alias:"idle_timeout"` NumRetries uint32 `json:",omitempty" alias:"num_retries"` RetryOnConnectFailure bool `json:",omitempty" alias:"retry_on_connect_failure"` RetryOnStatusCodes []uint32 `json:",omitempty" alias:"retry_on_status_codes"` RetryOn []string `json:",omitempty" alias:"retry_on"` RequestHeaders *HTTPHeaderModifiers `json:",omitempty" alias:"request_headers"` ResponseHeaders *HTTPHeaderModifiers `json:",omitempty" alias:"response_headers"` }
func (*ServiceRouteDestination) MarshalJSON ¶
func (e *ServiceRouteDestination) MarshalJSON() ([]byte, error)
func (*ServiceRouteDestination) UnmarshalJSON ¶
func (e *ServiceRouteDestination) UnmarshalJSON(data []byte) error
type ServiceRouteHTTPMatch ¶
type ServiceRouteHTTPMatch struct { PathExact string `json:",omitempty" alias:"path_exact"` PathPrefix string `json:",omitempty" alias:"path_prefix"` PathRegex string `json:",omitempty" alias:"path_regex"` Header []ServiceRouteHTTPMatchHeader `json:",omitempty"` QueryParam []ServiceRouteHTTPMatchQueryParam `json:",omitempty" alias:"query_param"` Methods []string `json:",omitempty"` }
type ServiceRouteMatch ¶
type ServiceRouteMatch struct {
HTTP *ServiceRouteHTTPMatch `json:",omitempty"`
}
type ServiceRouterConfigEntry ¶
type ServiceRouterConfigEntry struct { Kind string Name string Partition string `json:",omitempty"` Namespace string `json:",omitempty"` Routes []ServiceRoute `json:",omitempty"` Meta map[string]string `json:",omitempty"` CreateIndex uint64 ModifyIndex uint64 }
func (*ServiceRouterConfigEntry) GetCreateIndex ¶
func (e *ServiceRouterConfigEntry) GetCreateIndex() uint64
func (*ServiceRouterConfigEntry) GetKind ¶
func (e *ServiceRouterConfigEntry) GetKind() string
func (*ServiceRouterConfigEntry) GetMeta ¶
func (e *ServiceRouterConfigEntry) GetMeta() map[string]string
func (*ServiceRouterConfigEntry) GetModifyIndex ¶
func (e *ServiceRouterConfigEntry) GetModifyIndex() uint64
func (*ServiceRouterConfigEntry) GetName ¶
func (e *ServiceRouterConfigEntry) GetName() string
func (*ServiceRouterConfigEntry) GetNamespace ¶
func (e *ServiceRouterConfigEntry) GetNamespace() string
func (*ServiceRouterConfigEntry) GetPartition ¶
func (e *ServiceRouterConfigEntry) GetPartition() string
type ServiceSplit ¶
type ServiceSplit struct { Weight float32 Service string `json:",omitempty"` ServiceSubset string `json:",omitempty" alias:"service_subset"` Namespace string `json:",omitempty"` Partition string `json:",omitempty"` RequestHeaders *HTTPHeaderModifiers `json:",omitempty" alias:"request_headers"` ResponseHeaders *HTTPHeaderModifiers `json:",omitempty" alias:"response_headers"` }
type ServiceSplitterConfigEntry ¶
type ServiceSplitterConfigEntry struct { Kind string Name string Partition string `json:",omitempty"` Namespace string `json:",omitempty"` Splits []ServiceSplit `json:",omitempty"` Meta map[string]string `json:",omitempty"` CreateIndex uint64 ModifyIndex uint64 }
func (*ServiceSplitterConfigEntry) GetCreateIndex ¶
func (e *ServiceSplitterConfigEntry) GetCreateIndex() uint64
func (*ServiceSplitterConfigEntry) GetKind ¶
func (e *ServiceSplitterConfigEntry) GetKind() string
func (*ServiceSplitterConfigEntry) GetMeta ¶
func (e *ServiceSplitterConfigEntry) GetMeta() map[string]string
func (*ServiceSplitterConfigEntry) GetModifyIndex ¶
func (e *ServiceSplitterConfigEntry) GetModifyIndex() uint64
func (*ServiceSplitterConfigEntry) GetName ¶
func (e *ServiceSplitterConfigEntry) GetName() string
func (*ServiceSplitterConfigEntry) GetNamespace ¶
func (e *ServiceSplitterConfigEntry) GetNamespace() string
func (*ServiceSplitterConfigEntry) GetPartition ¶
func (e *ServiceSplitterConfigEntry) GetPartition() string
type ServiceTxnOp ¶
type ServiceTxnOp struct { Verb ServiceOp Node string Service AgentService }
ServiceTxnOp defines a single operation inside a transaction.
type ServiceUsage ¶
type ServiceUsage struct { Nodes int Services int ServiceInstances int ConnectServiceInstances map[string]int // Billable services are of "typical" service kind (i.e. non-connect or connect-native), // excluding the "consul" service. BillableServiceInstances int // A map of partition+namespace to number of unique services registered in that namespace PartitionNamespaceServices map[string]map[string]int // A map of partition+namespace to number of service instances registered in that namespace PartitionNamespaceServiceInstances map[string]map[string]int // A map of partition+namespace+kind to number of service-mesh instances registered in that namespace PartitionNamespaceConnectServiceInstances map[string]map[string]map[string]int // A map of partition+namespace to number of billable instances registered in that namespace PartitionNamespaceBillableServiceInstances map[string]map[string]int }
ServiceUsage contains information about the number of services and service instances for a datacenter.
type Session ¶
type Session struct {
// contains filtered or unexported fields
}
Session can be used to query the Session endpoints
func (*Session) Create ¶
func (s *Session) Create(se *SessionEntry, q *WriteOptions) (string, *WriteMeta, error)
Create makes a new session. Providing a session entry can customize the session. It can also be nil to use defaults.
func (*Session) CreateNoChecks ¶
func (s *Session) CreateNoChecks(se *SessionEntry, q *WriteOptions) (string, *WriteMeta, error)
CreateNoChecks is like Create but is used specifically to create a session with no associated health checks.
func (*Session) Destroy ¶
func (s *Session) Destroy(id string, q *WriteOptions) (*WriteMeta, error)
Destroy invalidates a given session
func (*Session) Info ¶
func (s *Session) Info(id string, q *QueryOptions) (*SessionEntry, *QueryMeta, error)
Info looks up a single session
func (*Session) List ¶
func (s *Session) List(q *QueryOptions) ([]*SessionEntry, *QueryMeta, error)
List gets all active sessions
func (*Session) Node ¶
func (s *Session) Node(node string, q *QueryOptions) ([]*SessionEntry, *QueryMeta, error)
List gets sessions for a node
func (*Session) Renew ¶
func (s *Session) Renew(id string, q *WriteOptions) (*SessionEntry, *WriteMeta, error)
Renew renews the TTL on a given session
func (*Session) RenewPeriodic ¶
func (s *Session) RenewPeriodic(initialTTL string, id string, q *WriteOptions, doneCh <-chan struct{}) error
RenewPeriodic is used to periodically invoke Session.Renew on a session until a doneCh is closed. This is meant to be used in a long running goroutine to ensure a session stays valid.
type SessionEntry ¶
type SessionEntry struct { CreateIndex uint64 ID string Name string Node string LockDelay time.Duration Behavior string TTL string Namespace string `json:",omitempty"` // Deprecated for Consul Enterprise in v1.7.0. Checks []string // NodeChecks and ServiceChecks are new in Consul 1.7.0. // When associating checks with sessions, namespaces can be specified for service checks. NodeChecks []string ServiceChecks []ServiceCheck }
SessionEntry represents a session in consul
type SessionOp ¶
type SessionOp string
SessionOp constants give possible operations available in a transaction.
const (
SessionDelete SessionOp = "delete"
)
type SessionTxnOp ¶
SessionTxnOp defines a single operation inside a transaction.
type Snapshot ¶
type Snapshot struct {
// contains filtered or unexported fields
}
Snapshot can be used to query the /v1/snapshot endpoint to take snapshots of Consul's internal state and restore snapshots for disaster recovery.
func (*Snapshot) Restore ¶
func (s *Snapshot) Restore(q *WriteOptions, in io.Reader) error
Restore streams in an existing snapshot and attempts to restore it.
func (*Snapshot) Save ¶
func (s *Snapshot) Save(q *QueryOptions) (io.ReadCloser, *QueryMeta, error)
Save requests a new snapshot and provides an io.ReadCloser with the snapshot data to save. If this doesn't return an error, then it's the responsibility of the caller to close it. Only a subset of the QueryOptions are supported: Datacenter, AllowStale, and Token.
type SourceIntention ¶
type SourceIntention struct { Name string Peer string `json:",omitempty"` Partition string `json:",omitempty"` Namespace string `json:",omitempty"` SamenessGroup string `json:",omitempty" alias:"sameness_group"` Action IntentionAction `json:",omitempty"` Permissions []*IntentionPermission `json:",omitempty"` Precedence int Type IntentionSourceType Description string `json:",omitempty"` LegacyID string `json:",omitempty" alias:"legacy_id"` LegacyMeta map[string]string `json:",omitempty" alias:"legacy_meta"` LegacyCreateTime *time.Time `json:",omitempty" alias:"legacy_create_time"` LegacyUpdateTime *time.Time `json:",omitempty" alias:"legacy_update_time"` }
type Status ¶
type Status struct {
// contains filtered or unexported fields
}
Status can be used to query the Status endpoints
func (*Status) LeaderWithQueryOptions ¶
func (s *Status) LeaderWithQueryOptions(q *QueryOptions) (string, error)
Leader is used to query for a known leader
func (*Status) PeersWithQueryOptions ¶
func (s *Status) PeersWithQueryOptions(q *QueryOptions) ([]string, error)
Peers is used to query for a known raft peers
type StatusError ¶
func (StatusError) Error ¶
func (e StatusError) Error() string
type TCPRouteConfigEntry ¶
type TCPRouteConfigEntry struct { // Kind of the config entry. This should be set to api.TCPRoute. Kind string // Name is used to match the config entry with its associated tcp-route // service. This should match the name provided in the service definition. Name string // Parents is a list of gateways that this route should be bound to. Parents []ResourceReference // Services is a list of TCP-based services that this should route to. // Currently, this must specify at maximum one service. Services []TCPService Meta map[string]string `json:",omitempty"` // Status is the asynchronous status which a TCPRoute propagates to the user. Status ConfigEntryStatus // CreateIndex is the Raft index this entry was created at. This is a // read-only field. CreateIndex uint64 // ModifyIndex is used for the Check-And-Set operations and can also be fed // back into the WaitIndex of the QueryOptions in order to perform blocking // queries. ModifyIndex uint64 // Partition is the partition the config entry is associated with. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Namespace is the namespace the config entry is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` }
TCPRouteConfigEntry -- TODO stub
func (*TCPRouteConfigEntry) GetCreateIndex ¶
func (a *TCPRouteConfigEntry) GetCreateIndex() uint64
func (*TCPRouteConfigEntry) GetKind ¶
func (a *TCPRouteConfigEntry) GetKind() string
func (*TCPRouteConfigEntry) GetMeta ¶
func (a *TCPRouteConfigEntry) GetMeta() map[string]string
func (*TCPRouteConfigEntry) GetModifyIndex ¶
func (a *TCPRouteConfigEntry) GetModifyIndex() uint64
func (*TCPRouteConfigEntry) GetName ¶
func (a *TCPRouteConfigEntry) GetName() string
func (*TCPRouteConfigEntry) GetNamespace ¶
func (a *TCPRouteConfigEntry) GetNamespace() string
func (*TCPRouteConfigEntry) GetPartition ¶
func (a *TCPRouteConfigEntry) GetPartition() string
type TCPService ¶
type TCPService struct { Name string // Partition is the partition the config entry is associated with. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Namespace is the namespace the config entry is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` }
TCPService is a service reference for a TCPRoute
type TLSConfig ¶
type TLSConfig struct { // Address is the optional address of the Consul server. The port, if any // will be removed from here and this will be set to the ServerName of the // resulting config. Address string // CAFile is the optional path to the CA certificate used for Consul // communication, defaults to the system bundle if not specified. CAFile string // CAPath is the optional path to a directory of CA certificates to use for // Consul communication, defaults to the system bundle if not specified. CAPath string // CAPem is the optional PEM-encoded CA certificate used for Consul // communication, defaults to the system bundle if not specified. CAPem []byte // CertFile is the optional path to the certificate for Consul // communication. If this is set then you need to also set KeyFile. CertFile string // CertPEM is the optional PEM-encoded certificate for Consul // communication. If this is set then you need to also set KeyPEM. CertPEM []byte // KeyFile is the optional path to the private key for Consul communication. // If this is set then you need to also set CertFile. KeyFile string // KeyPEM is the optional PEM-encoded private key for Consul communication. // If this is set then you need to also set CertPEM. KeyPEM []byte // InsecureSkipVerify if set to true will disable TLS host verification. InsecureSkipVerify bool }
TLSConfig is used to generate a TLSClientConfig that's useful for talking to Consul using TLS.
type TerminatingGatewayConfigEntry ¶
type TerminatingGatewayConfigEntry struct { // Kind of the config entry. This should be set to api.TerminatingGateway. Kind string // Name is used to match the config entry with its associated terminating gateway // service. This should match the name provided in the service definition. Name string // Services is a list of service names represented by the terminating gateway. Services []LinkedService `json:",omitempty"` Meta map[string]string `json:",omitempty"` // CreateIndex is the Raft index this entry was created at. This is a // read-only field. CreateIndex uint64 // ModifyIndex is used for the Check-And-Set operations and can also be fed // back into the WaitIndex of the QueryOptions in order to perform blocking // queries. ModifyIndex uint64 // Partition is the partition the config entry is associated with. // Partitioning is a Consul Enterprise feature. Partition string `json:",omitempty"` // Namespace is the namespace the config entry is associated with. // Namespacing is a Consul Enterprise feature. Namespace string `json:",omitempty"` }
TerminatingGatewayConfigEntry manages the configuration for a terminating gateway with the given name.
func (*TerminatingGatewayConfigEntry) GetCreateIndex ¶
func (g *TerminatingGatewayConfigEntry) GetCreateIndex() uint64
func (*TerminatingGatewayConfigEntry) GetKind ¶
func (g *TerminatingGatewayConfigEntry) GetKind() string
func (*TerminatingGatewayConfigEntry) GetMeta ¶
func (g *TerminatingGatewayConfigEntry) GetMeta() map[string]string
func (*TerminatingGatewayConfigEntry) GetModifyIndex ¶
func (g *TerminatingGatewayConfigEntry) GetModifyIndex() uint64
func (*TerminatingGatewayConfigEntry) GetName ¶
func (g *TerminatingGatewayConfigEntry) GetName() string
func (*TerminatingGatewayConfigEntry) GetNamespace ¶
func (g *TerminatingGatewayConfigEntry) GetNamespace() string
func (*TerminatingGatewayConfigEntry) GetPartition ¶
func (g *TerminatingGatewayConfigEntry) GetPartition() string
type TransferLeaderResponse ¶
type TransferLeaderResponse struct {
Success bool
}
TransferLeaderResponse is returned when querying for the current Raft configuration.
type TransparentProxyConfig ¶
type TransparentProxyConfig struct { // The port of the listener where outbound application traffic is being redirected to. OutboundListenerPort int `json:",omitempty" alias:"outbound_listener_port"` // DialedDirectly indicates whether transparent proxies can dial this proxy instance directly. // The discovery chain is not considered when dialing a service instance directly. // This setting is useful when addressing stateful services, such as a database cluster with a leader node. DialedDirectly bool `json:",omitempty" alias:"dialed_directly"` }
type TransparentProxyMeshConfig ¶
type TransparentProxyMeshConfig struct {
MeshDestinationsOnly bool `alias:"mesh_destinations_only"`
}
type Txn ¶
type Txn struct {
// contains filtered or unexported fields
}
Txn is used to manipulate the Txn API
func (*Txn) Txn ¶
func (t *Txn) Txn(txn TxnOps, q *QueryOptions) (bool, *TxnResponse, *QueryMeta, error)
Txn is used to apply multiple Consul operations in a single, atomic transaction.
Note that Go will perform the required base64 encoding on the values automatically because the type is a byte slice. Transactions are defined as a list of operations to perform, using the different fields in the TxnOp structure to define operations. If any operation fails, none of the changes are applied to the state store.
Even though this is generally a write operation, we take a QueryOptions input and return a QueryMeta output. If the transaction contains only read ops, then Consul will fast-path it to a different endpoint internally which supports consistency controls, but not blocking. If there are write operations then the request will always be routed through raft and any consistency settings will be ignored.
Here's an example:
ops := KVTxnOps{ &KVTxnOp{ Verb: KVLock, Key: "test/lock", Session: "adf4238a-882b-9ddc-4a9d-5b6758e4159e", Value: []byte("hello"), }, &KVTxnOp{ Verb: KVGet, Key: "another/key", }, &CheckTxnOp{ Verb: CheckSet, HealthCheck: HealthCheck{ Node: "foo", CheckID: "redis:a", Name: "Redis Health Check", Status: "passing", }, } } ok, response, _, err := kv.Txn(&ops, nil)
If there is a problem making the transaction request then an error will be returned. Otherwise, the ok value will be true if the transaction succeeded or false if it was rolled back. The response is a structured return value which will have the outcome of the transaction. Its Results member will have entries for each operation. For KV operations, Deleted keys will have a nil entry in the results, and to save space, the Value of each key in the Results will be nil unless the operation is a KVGet. If the transaction was rolled back, the Errors member will have entries referencing the index of the operation that failed along with an error message.
type TxnOp ¶
type TxnOp struct { KV *KVTxnOp Node *NodeTxnOp Service *ServiceTxnOp Check *CheckTxnOp }
TxnOp is the internal format we send to Consul. Currently only K/V and check operations are supported.
type TxnResponse ¶
type TxnResponse struct { Results TxnResults Errors TxnErrors }
TxnResponse is the internal format we receive from Consul.
type TxnResult ¶
type TxnResult struct { KV *KVPair Node *Node Service *CatalogService Check *HealthCheck }
TxnResult is the internal format we receive from Consul.
type URLRewrite ¶
type URLRewrite struct {
Path string
}
type Upstream ¶
type Upstream struct { DestinationType UpstreamDestType `json:",omitempty"` DestinationPartition string `json:",omitempty"` DestinationNamespace string `json:",omitempty"` DestinationPeer string `json:",omitempty"` DestinationName string Datacenter string `json:",omitempty"` LocalBindAddress string `json:",omitempty"` LocalBindPort int `json:",omitempty"` LocalBindSocketPath string `json:",omitempty"` LocalBindSocketMode string `json:",omitempty"` Config map[string]interface{} `json:",omitempty" bexpr:"-"` MeshGateway MeshGatewayConfig `json:",omitempty"` CentrallyConfigured bool `json:",omitempty" bexpr:"-"` }
Upstream is the response structure for a proxy upstream configuration.
type UpstreamConfig ¶
type UpstreamConfig struct { // Name is only accepted within service-defaults.upstreamConfig.overrides . Name string `json:",omitempty"` // Partition is only accepted within service-defaults.upstreamConfig.overrides . Partition string `json:",omitempty"` // Namespace is only accepted within service-defaults.upstreamConfig.overrides . Namespace string `json:",omitempty"` // Peer is only accepted within service-defaults.upstreamConfig.overrides . Peer string `json:",omitempty"` // EnvoyListenerJSON is a complete override ("escape hatch") for the upstream's // listener. // // Note: This escape hatch is NOT compatible with the discovery chain and // will be ignored if a discovery chain is active. EnvoyListenerJSON string `json:",omitempty" alias:"envoy_listener_json"` // EnvoyClusterJSON is a complete override ("escape hatch") for the upstream's // cluster. The Connect client TLS certificate and context will be injected // overriding any TLS settings present. // // Note: This escape hatch is NOT compatible with the discovery chain and // will be ignored if a discovery chain is active. EnvoyClusterJSON string `json:",omitempty" alias:"envoy_cluster_json"` // Protocol describes the upstream's service protocol. Valid values are "tcp", // "http" and "grpc". Anything else is treated as tcp. The enables protocol // aware features like per-request metrics and connection pooling, tracing, // routing etc. Protocol string `json:",omitempty"` // ConnectTimeoutMs is the number of milliseconds to timeout making a new // connection to this upstream. Defaults to 5000 (5 seconds) if not set. ConnectTimeoutMs int `json:",omitempty" alias:"connect_timeout_ms"` // Limits are the set of limits that are applied to the proxy for a specific upstream of a // service instance. Limits *UpstreamLimits `json:",omitempty"` // PassiveHealthCheck configuration determines how upstream proxy instances will // be monitored for removal from the load balancing pool. PassiveHealthCheck *PassiveHealthCheck `json:",omitempty" alias:"passive_health_check"` // MeshGatewayConfig controls how Mesh Gateways are configured and used MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway" ` // BalanceOutboundConnections indicates that the proxy should attempt to evenly distribute // outbound connections across worker threads. Only used by envoy proxies. BalanceOutboundConnections string `json:",omitempty" alias:"balance_outbound_connections"` }
type UpstreamConfiguration ¶
type UpstreamConfiguration struct { // Overrides is a slice of per-service configuration. The name field is // required. Overrides []*UpstreamConfig `json:",omitempty"` // Defaults contains default configuration for all upstreams of a given // service. The name field must be empty. Defaults *UpstreamConfig `json:",omitempty"` }
type UpstreamDestType ¶
type UpstreamDestType string
UpstreamDestType is the type of upstream discovery mechanism.
const ( // UpstreamDestTypeService discovers instances via healthy service lookup. UpstreamDestTypeService UpstreamDestType = "service" // UpstreamDestTypePreparedQuery discovers instances via prepared query // execution. UpstreamDestTypePreparedQuery UpstreamDestType = "prepared_query" )
type UpstreamLimits ¶
type UpstreamLimits struct { // MaxConnections is the maximum number of connections the local proxy can // make to the upstream service. MaxConnections *int `alias:"max_connections"` // MaxPendingRequests is the maximum number of requests that will be queued // waiting for an available connection. This is mostly applicable to HTTP/1.1 // clusters since all HTTP/2 requests are streamed over a single // connection. MaxPendingRequests *int `alias:"max_pending_requests"` // MaxConcurrentRequests is the maximum number of in-flight requests that will be allowed // to the upstream cluster at a point in time. This is mostly applicable to HTTP/2 // clusters since all HTTP/1.1 requests are limited by MaxConnections. MaxConcurrentRequests *int `alias:"max_concurrent_requests"` }
UpstreamLimits describes the limits that are associated with a specific upstream of a service instance.
type Usage ¶
type Usage struct { // Usage is a map of datacenter -> usage information Usage map[string]ServiceUsage }
type UserEvent ¶
type UserEvent struct { ID string Name string Payload []byte NodeFilter string ServiceFilter string TagFilter string Version int LTime uint64 }
UserEvent represents an event that was fired by the user
type WriteOptions ¶
type WriteOptions struct { // Namespace overrides the `default` namespace // Note: Namespaces are available only in Consul Enterprise Namespace string // Partition overrides the `default` partition // Note: Partitions are available only in Consul Enterprise Partition string // Providing a datacenter overwrites the DC provided // by the Config Datacenter string // Token is used to provide a per-request ACL token // which overrides the agent's default token. Token string // RelayFactor is used in keyring operations to cause responses to be // relayed back to the sender through N other random nodes. Must be // a value from 0 to 5 (inclusive). RelayFactor uint8 // contains filtered or unexported fields }
WriteOptions are used to parameterize a write
func (*WriteOptions) Context ¶
func (o *WriteOptions) Context() context.Context
func (*WriteOptions) WithContext ¶
func (o *WriteOptions) WithContext(ctx context.Context) *WriteOptions
Source Files ¶
- acl.go
- agent.go
- api.go
- catalog.go
- config_entry.go
- config_entry_discoverychain.go
- config_entry_exports.go
- config_entry_gateways.go
- config_entry_inline_certificate.go
- config_entry_intentions.go
- config_entry_jwt_provider.go
- config_entry_mesh.go
- config_entry_rate_limit_ip.go
- config_entry_routes.go
- config_entry_sameness_group.go
- config_entry_status.go
- connect.go
- connect_ca.go
- connect_intention.go
- coordinate.go
- debug.go
- discovery_chain.go
- event.go
- health.go
- internal.go
- kv.go
- lock.go
- namespace.go
- operator.go
- operator_area.go
- operator_autopilot.go
- operator_keyring.go
- operator_license.go
- operator_raft.go
- operator_segment.go
- operator_usage.go
- partition.go
- peering.go
- prepared_query.go
- raw.go
- semaphore.go
- session.go
- snapshot.go
- status.go
- txn.go