plugin

package

v0.0.5 Latest Latest Go to latest Published: Sep 20, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/jc-lab/k8s-tpm-kms-plugin

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func RecordCryptoOperation(operationType string, start time.Time)
type HealthChecker
type HealthCheckerManager
- func NewHealthChecker(plugin HealthChecker, keyService *kms.Service, unixSocketPath string, ...) *HealthCheckerManager
type Metrics
- func (m *Metrics) Serve() chan error
type Plugin
type PluginManager
- func NewManager(plugin Plugin, unixSocketFilePath string) *PluginManager
- func (m *PluginManager) Start() (*grpc.Server, <-chan error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	TpmFailuresTotal = prometheus.NewCounterVec(
		prometheus.CounterOpts{
			Name: "failures_count",
			Help: "Total number of failed TPM operations.",
		},
		[]string{"operation_type"},
	)

	CryptoOperationalLatencies = prometheus.NewHistogramVec(
		prometheus.HistogramOpts{
			Name: "crypto_latencies",
			Help: "Latencies in milliseconds of tpm crypto operations.",

			Buckets: prometheus.ExponentialBuckets(5, 2, 14),
		},
		[]string{"operation_type"},
	)
)

Functions ¶

func RecordCryptoOperation ¶

func RecordCryptoOperation(operationType string, start time.Time)

Types ¶

type HealthChecker ¶

type HealthChecker interface {
	PingRPC(context.Context, *grpc.ClientConn) error
	PingKMS(context.Context, *grpc.ClientConn) error
}

type HealthCheckerManager ¶

type HealthCheckerManager struct {
	KeyService *kms.Service
	// contains filtered or unexported fields
}

HealthCheckerManager types that encapsulates healthz functionality of kms-plugin. The following health checks are performed: 1. Getting version of the plugin - validates gRPC connectivity. 2. Asserting that the caller has encrypt and decrypt permissions on the crypto key.

func NewHealthChecker ¶

func NewHealthChecker(
	plugin HealthChecker,
	keyService *kms.Service,
	unixSocketPath string,
	callTimeout time.Duration,
	servingURL *url.URL,
) *HealthCheckerManager

func (*HealthCheckerManager) HandlerFunc ¶

func (m *HealthCheckerManager) HandlerFunc(w http.ResponseWriter, r *http.Request)

func (*HealthCheckerManager) Serve ¶

func (m *HealthCheckerManager) Serve() chan error

Serve creates http server for hosting healthz.

func (*HealthCheckerManager) TestTpm ¶

func (h *HealthCheckerManager) TestTpm() error

type Metrics ¶

type Metrics struct {
	ServingURL *url.URL
}

Metrics encapsulates functionality related to serving Prometheus metrics for kms-plugin.

func (*Metrics) Serve ¶

func (m *Metrics) Serve() chan error

Serve creates http server for hosting Prometheus metrics.

type Plugin ¶

type Plugin interface {
	Register(s *grpc.Server)
}

Plugin is a KMS plugin for K8S.

type PluginManager ¶

type PluginManager struct {

	// Embedding these only to shorten access to fields.
	net.Listener
	// contains filtered or unexported fields
}

func NewManager ¶

func NewManager(plugin Plugin, unixSocketFilePath string) *PluginManager

NewManager creates a new plugin manager.

func (*PluginManager) Start ¶

func (m *PluginManager) Start() (*grpc.Server, <-chan error)

Start starts gRPC server or dies.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
v1
v2

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL