Affected by 
Documentation
¶
Index ¶
- func Manifold(cfg ManifoldConfig) dependency.Manifold
- func NewFirewaller(cfg Config) (worker.Worker, error)
- func NewRemoteRelationsFacade(apiCaller base.APICaller) *remoterelations.Client
- func NewWorker(cfg Config) (worker.Worker, error)
- type Application
- type Config
- type CrossModelFirewallerFacade
- type CrossModelFirewallerFacadeCloser
- type EnvironFirewaller
- type EnvironInstance
- type EnvironInstances
- type EnvironModelFirewaller
- type Firewaller
- type FirewallerAPI
- type Machine
- type MachineService
- type ManifoldConfig
- type PortService
- type RemoteRelationsAPI
- type Unit
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Manifold ¶
func Manifold(cfg ManifoldConfig) dependency.Manifold
Manifold returns a Manifold that encapsulates the firewaller worker.
func NewFirewaller ¶
NewFirewaller returns a new Firewaller.
func NewRemoteRelationsFacade ¶
func NewRemoteRelationsFacade(apiCaller base.APICaller) *remoterelations.Client
NewRemoteRelationsFacade creates a remote relations API facade.
Types ¶
type Application ¶
type Application interface {
Name() string
Tag() names.ApplicationTag
Watch(context.Context) (watcher.NotifyWatcher, error)
ExposeInfo(context.Context) (bool, map[string]params.ExposedEndpoint, error)
}
Application represents a model application.
type Config ¶
type Config struct {
ModelUUID string
Mode string
FirewallerAPI FirewallerAPI
RemoteRelationsApi RemoteRelationsAPI
PortsService PortService
MachineService MachineService
EnvironFirewaller EnvironFirewaller
EnvironModelFirewaller EnvironModelFirewaller
EnvironInstances EnvironInstances
EnvironIPV6CIDRSupport bool
NewCrossModelFacadeFunc newCrossModelFacadeFunc
Clock clock.Clock
Logger logger.Logger
CredentialAPI common.CredentialAPI
// WatchMachineNotify is called when the Firewaller starts watching the
// machine with the given tag (manual machines aren't watched). This
// should only be used for testing.
WatchMachineNotify func(tag names.MachineTag)
// FlushModelNotify is called when the Firewaller flushes it's model.
// This should only be used for testing
FlushModelNotify func()
// FlushMMachineNotify is called when the Firewaller flushes a machine.
// This should only be used for testing
FlushMachineNotify func(string)
}
Config defines the operation of a Worker.
type CrossModelFirewallerFacade ¶
type CrossModelFirewallerFacade interface {
PublishIngressNetworkChange(context.Context, params.IngressNetworksChangeEvent) error
WatchEgressAddressesForRelation(ctx context.Context, details params.RemoteEntityArg) (watcher.StringsWatcher, error)
}
CrossModelFirewallerFacade exposes firewaller functionality on the remote offering model to a worker.
type CrossModelFirewallerFacadeCloser ¶
type CrossModelFirewallerFacadeCloser interface {
io.Closer
CrossModelFirewallerFacade
}
CrossModelFirewallerFacadeCloser implements CrossModelFirewallerFacade and adds a Close() method.
type EnvironFirewaller ¶
type EnvironFirewaller interface {
environs.Firewaller
}
EnvironFirewaller defines methods to allow the worker to perform firewall operations (open/close ports) on a Juju global firewall.
type EnvironInstance ¶
type EnvironInstance interface {
instances.Instance
instances.InstanceFirewaller
}
EnvironInstance represents an instance with firewall apis.
type EnvironInstances ¶
type EnvironInstances interface {
Instances(ctx envcontext.ProviderCallContext, ids []instance.Id) ([]instances.Instance, error)
}
EnvironInstances defines methods to allow the worker to perform operations on instances in a Juju cloud environment.
type EnvironModelFirewaller ¶
type EnvironModelFirewaller interface {
models.ModelFirewaller
}
EnvironModelFirewaller defines methods to allow the worker to perform firewall operations (open/close port) on a Juju model firewall.
type Firewaller ¶
type Firewaller struct {
// contains filtered or unexported fields
}
Firewaller watches the state for port ranges opened or closed on machines and reflects those changes onto the backing environment. Uses Firewaller API V1.
func (*Firewaller) Wait ¶
func (fw *Firewaller) Wait() error
Wait is part of the worker.Worker interface.
type FirewallerAPI ¶
type FirewallerAPI interface {
WatchModelMachines(context.Context) (watcher.StringsWatcher, error)
WatchModelFirewallRules(context.Context) (watcher.NotifyWatcher, error)
ModelFirewallRules(context.Context) (firewall.IngressRules, error)
ModelConfig(context.Context) (*config.Config, error)
Machine(ctx context.Context, tag names.MachineTag) (Machine, error)
Unit(ctx context.Context, tag names.UnitTag) (Unit, error)
Relation(ctx context.Context, tag names.RelationTag) (*firewaller.Relation, error)
WatchEgressAddressesForRelation(ctx context.Context, tag names.RelationTag) (watcher.StringsWatcher, error)
WatchIngressAddressesForRelation(ctx context.Context, tag names.RelationTag) (watcher.StringsWatcher, error)
ControllerAPIInfoForModel(ctx context.Context, modelUUID string) (*api.Info, error)
MacaroonForRelation(ctx context.Context, relationKey string) (*macaroon.Macaroon, error)
SetRelationStatus(ctx context.Context, relationKey string, status relation.Status, message string) error
AllSpaceInfos(ctx context.Context) (network.SpaceInfos, error)
WatchSubnets(ctx context.Context) (watcher.StringsWatcher, error)
}
FirewallerAPI exposes functionality off the firewaller API facade to a worker.
func NewFirewallerFacade ¶
func NewFirewallerFacade(apiCaller base.APICaller) (FirewallerAPI, error)
NewFirewallerFacade creates a firewaller API facade.
type Machine ¶
type Machine interface {
Tag() names.MachineTag
WatchUnits(context.Context) (watcher.StringsWatcher, error)
InstanceId(context.Context) (instance.Id, error)
Life() life.Value
IsManual(context.Context) (bool, error)
}
Machine represents a model machine.
type MachineService ¶
type MachineService interface {
// GetMachineUUID returns the UUID of a machine identified by its name.
// It returns a MachineNotFound if the machine does not exist.
GetMachineUUID(ctx context.Context, name machine.Name) (string, error)
}
MachineService provides methods to query machines.
type ManifoldConfig ¶
type ManifoldConfig struct {
AgentName string
APICallerName string
DomainServicesName string
EnvironName string
Logger logger.Logger
NewControllerConnection apicaller.NewExternalControllerConnectionFunc
NewRemoteRelationsFacade func(base.APICaller) *remoterelations.Client
NewFirewallerFacade func(base.APICaller) (FirewallerAPI, error)
NewFirewallerWorker func(Config) (worker.Worker, error)
NewCredentialValidatorFacade func(base.APICaller) (common.CredentialAPI, error)
}
ManifoldConfig describes the resources used by the firewaller worker.
TODO(jack-w-shaw): This is a model worker, so domain services can be accessed directly instead of going via an API. However, not all dependencies are available as domain services, so we still need to use the API for some things. Once all dependencies are available as domain services, we can remove the APICaller.
func (ManifoldConfig) Validate ¶
func (cfg ManifoldConfig) Validate() error
Validate is called by start to check for bad configuration.
type PortService ¶
type PortService interface {
// WatchMachineOpenedPorts returns a strings watcher for opened ports. This watcher
// emits events for changes to the opened ports table. Each emitted event
// contains the machine name which is associated with the changed port range.
WatchMachineOpenedPorts(ctx context.Context) (watcher.StringsWatcher, error)
// GetMachineOpenedPorts returns the opened ports for all endpoints, for all the
// units on the machine. Opened ports are grouped first by unit name and then by
// endpoint.
GetMachineOpenedPorts(ctx context.Context, machineUUID string) (map[unit.Name]network.GroupedPortRanges, error)
}
PortService provides methods to query opened ports for machines
type RemoteRelationsAPI ¶
type RemoteRelationsAPI interface {
GetToken(context.Context, names.Tag) (string, error)
Relations(ctx context.Context, keys []string) ([]params.RemoteRelationResult, error)
RemoteApplications(ctx context.Context, names []string) ([]params.RemoteApplicationResult, error)
WatchRemoteRelations(context.Context) (watcher.StringsWatcher, error)
}
RemoteRelationsAPI provides the remote relations facade.
Source Files
Directories