config

package
v1.26.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 10, 2020 License: Apache-2.0 Imports: 11 Imported by: 169

Documentation

Index

Constants

View Source
const (
	// External services auth
	EnvGrafanaPassword    = "GRAFANA_PASSWORD"
	EnvGrafanaToken       = "GRAFANA_TOKEN"
	EnvPrometheusPassword = "PROMETHEUS_PASSWORD"
	EnvPrometheusToken    = "PROMETHEUS_TOKEN"
	EnvTracingPassword    = "TRACING_PASSWORD"
	EnvTracingToken       = "TRACING_TOKEN"

	// Login Token signing key used to prepare the token for user login
	EnvLoginTokenSigningKey = "LOGIN_TOKEN_SIGNING_KEY"
)

Environment variables that can override the ConfigMap yaml values

View Source
const (
	IstioVersionSupported   = ">= 1.0"
	MaistraVersionSupported = ">= 0.7.0"
	OSSMVersionSupported    = ">= 1.0"
	Iter8VersionSupported   = ">= 0.2"
)

The versions that Kiali requires

View Source
const (
	AuthStrategyOpenshift = "openshift"
	AuthStrategyAnonymous = "anonymous"
	AuthStrategyToken     = "token"
	AuthStrategyOpenId    = "openid"

	TokenCookieName             = "kiali-token"
	AuthStrategyOpenshiftIssuer = "kiali-openshift"
	AuthStrategyTokenIssuer     = "kiali-token"
	AuthStrategyOpenIdIssuer    = "kiali-open-id"

	// These constants are used for external services auth (Prometheus, Grafana ...) ; not for Kiali auth
	AuthTypeBasic  = "basic"
	AuthTypeBearer = "bearer"
	AuthTypeNone   = "none"
)

The valid auth strategies and values for cookie handling

View Source
const (
	IstioMultiClusterHostSuffix = "global"
	OidcClientSecretFile        = "/kiali-secret/oidc-secret"
)

Variables

This section is empty.

Functions

func GetIstioNamespaces added in v1.4.0

func GetIstioNamespaces(exclude []string) []string

GetIstioNamespaces returns all Istio namespaces, less the exclusions

func GetSignedTokenString added in v0.16.0

func GetSignedTokenString(claims jwt.Claims) (string, error)

func GetSigningKey added in v1.0.10

func GetSigningKey() string

func IsIstioNamespace added in v1.4.0

func IsIstioNamespace(namespace string) bool

IsIstioNamespace returns true if the namespace is the default istio namespace or an Istio component namespace

func Marshal

func Marshal(conf *Config) (yamlString string, err error)

Marshal converts the Config object and returns its YAML string.

func SaveToFile

func SaveToFile(filename string, conf *Config) (err error)

SaveToFile converts the Config object and stores its YAML string into the given file, overwriting any data that is in the file.

func Set

func Set(conf *Config)

Set the global Config This function should not be called outside of main or tests. If possible keep config unmutated and use globals and/or appstate package for mutable states to avoid concurrent writes risk.

func ValidateSigningKey added in v1.17.0

func ValidateSigningKey(signingKey string, authStrategy string) error

Types

type AdditionalDisplayItem added in v1.10.0

type AdditionalDisplayItem struct {
	Annotation     string `yaml:"annotation"`
	IconAnnotation string `yaml:"icon_annotation"`
	Title          string `yaml:"title"`
}

AdditionalDisplayItem holds some display-related configuration, like which annotations are to be displayed

type ApiConfig added in v0.9.1

type ApiConfig struct {
	Namespaces ApiNamespacesConfig
}

ApiConfig contains API specific configuration.

type ApiNamespacesConfig added in v0.9.1

type ApiNamespacesConfig struct {
	Exclude       []string
	LabelSelector string `yaml:"label_selector,omitempty" json:"labelSelector"`
}

ApiNamespacesConfig provides a list of regex strings defining namespaces to blacklist.

type Auth added in v0.21.0

type Auth struct {
	CAFile             string `yaml:"ca_file"`
	InsecureSkipVerify bool   `yaml:"insecure_skip_verify"`
	Password           string `yaml:"password"`
	Token              string `yaml:"token"`
	Type               string `yaml:"type"`
	UseKialiToken      bool   `yaml:"use_kiali_token"`
	Username           string `yaml:"username"`
}

Auth provides authentication data for external services

func (*Auth) Obfuscate added in v1.13.0

func (a *Auth) Obfuscate()

type AuthConfig added in v0.16.0

type AuthConfig struct {
	OpenId    OpenIdConfig    `yaml:"openid,omitempty"`
	OpenShift OpenShiftConfig `yaml:"openshift,omitempty"`
	Strategy  string          `yaml:"strategy,omitempty"`
}

AuthConfig provides details on how users are to authenticate

type ComponentStatus added in v1.22.1

type ComponentStatus struct {
	AppLabel  string `yaml:"app_label,omitempty"`
	IsCore    bool   `yaml:"is_core,omitempty"`
	Namespace string `yaml:"namespace,omitempty"`
}

type ComponentStatuses added in v1.22.1

type ComponentStatuses struct {
	Enabled    bool              `yaml:"enabled,omitempty"`
	Components []ComponentStatus `yaml:"components,omitempty"`
}

type Config

type Config struct {
	AdditionalDisplayDetails []AdditionalDisplayItem  `yaml:"additional_display_details,omitempty"`
	API                      ApiConfig                `yaml:"api,omitempty"`
	Auth                     AuthConfig               `yaml:"auth,omitempty"`
	Deployment               DeploymentConfig         `yaml:"deployment,omitempty"`
	Extensions               Extensions               `yaml:"extensions,omitempty"`
	ExternalServices         ExternalServices         `yaml:"external_services,omitempty"`
	HealthConfig             HealthConfig             `yaml:"health_config,omitempty" json:"healthConfig"`
	Identity                 security.Identity        `yaml:",omitempty"`
	InCluster                bool                     `yaml:"in_cluster,omitempty"`
	InstallationTag          string                   `yaml:"installation_tag,omitempty"`
	IstioComponentNamespaces IstioComponentNamespaces `yaml:"istio_component_namespaces,omitempty"`
	IstioLabels              IstioLabels              `yaml:"istio_labels,omitempty"`
	IstioNamespace           string                   `yaml:"istio_namespace,omitempty"` // default component namespace
	KialiFeatureFlags        KialiFeatureFlags        `yaml:"kiali_feature_flags,omitempty"`
	KubernetesConfig         KubernetesConfig         `yaml:"kubernetes_config,omitempty"`
	LoginToken               LoginToken               `yaml:"login_token,omitempty"`
	Server                   Server                   `yaml:",omitempty"`
}

Config defines full YAML configuration.

func Get

func Get() (conf *Config)

Get the global Config

func LoadFromFile

func LoadFromFile(filename string) (conf *Config, err error)

LoadFromFile reads the YAML from the given file, parses the content, and returns its Config object representation.

func NewConfig

func NewConfig() (c *Config)

NewConfig creates a default Config struct

func Unmarshal

func Unmarshal(yamlString string) (conf *Config, err error)

Unmarshal parses the given YAML string and returns its Config object representation.

func (*Config) AddHealthDefault added in v1.24.0

func (conf *Config) AddHealthDefault()

AddHealthDefault Configuration

func (Config) String

func (conf Config) String() (str string)

String marshals the given Config into a YAML string WARNING: do NOT use the result of this function to retrieve any configuration: some fields are obfuscated for security reasons.

type CustomDashboardsConfig added in v1.22.1

type CustomDashboardsConfig struct {
	Enabled        bool             `yaml:"enabled,omitempty"`
	NamespaceLabel string           `yaml:"namespace_label,omitempty"`
	Prometheus     PrometheusConfig `yaml:"prometheus,omitempty"`
}

CustomDashboardsConfig describes configuration specific to Custom Dashboards

type DeploymentConfig added in v0.21.0

type DeploymentConfig struct {
	AccessibleNamespaces []string `yaml:"accessible_namespaces"`
	Namespace            string   `yaml:"namespace,omitempty"` // Kiali deployment namespace
}

DeploymentConfig provides details on how Kiali was deployed.

type Extensions added in v1.14.0

type Extensions struct {
	Iter8 Iter8Config `yaml:"iter_8,omitempty"`
}

Extensions struct describes configuration for Kiali add-ons (extensions) New add-on/extension configuration should create a specif config and be located under this

type ExternalServices

type ExternalServices struct {
	Grafana          GrafanaConfig          `yaml:"grafana,omitempty"`
	Istio            IstioConfig            `yaml:"istio,omitempty"`
	Prometheus       PrometheusConfig       `yaml:"prometheus,omitempty"`
	CustomDashboards CustomDashboardsConfig `yaml:"custom_dashboards,omitempty"`
	Tracing          TracingConfig          `yaml:"tracing,omitempty"`
}

ExternalServices holds configurations for other systems that Kiali depends on

type GrafanaConfig

type GrafanaConfig struct {
	Auth            Auth                     `yaml:"auth"`
	ComponentStatus ComponentStatus          `yaml:"component_status,omitempty"`
	Dashboards      []GrafanaDashboardConfig `yaml:"dashboards"`
	Enabled         bool                     `yaml:"enabled"` // Enable or disable Grafana support in Kiali
	InClusterURL    string                   `yaml:"in_cluster_url"`
	URL             string                   `yaml:"url"`
}

GrafanaConfig describes configuration used for Grafana links

type GrafanaDashboardConfig added in v1.5.0

type GrafanaDashboardConfig struct {
	Name      string                 `yaml:"name"`
	Variables GrafanaVariablesConfig `yaml:"variables"`
}

type GrafanaVariablesConfig added in v1.5.0

type GrafanaVariablesConfig struct {
	App       string `yaml:"app" json:"app,omitempty"`
	Namespace string `yaml:"namespace" json:"namespace,omitempty"`
	Service   string `yaml:"service" json:"service,omitempty"`
	Version   string `yaml:"version" json:"version,omitempty"`
	Workload  string `yaml:"workload" json:"workload,omitempty"`
}

type HealthConfig added in v1.24.0

type HealthConfig struct {
	Rate []Rate `yaml:"rate,omitempty" json:"rate"`
}

HealthConfig

type IanaClaims added in v0.16.0

type IanaClaims struct {
	SessionId string `json:"sid,omitempty"`
	jwt.StandardClaims
}

Structured version of Claims Section, as referenced at https://tools.ietf.org/html/rfc7519#section-4.1 See examples for how to use this with your own claim types

func GetTokenClaimsIfValid added in v0.16.0

func GetTokenClaimsIfValid(tokenString string) (*IanaClaims, error)

type IstioComponentNamespaces added in v1.4.0

type IstioComponentNamespaces map[string]string

IstioComponentNamespaces holds the component-specific Istio namespaces. Any missing component defaults to the namespace configured for IstioNamespace (which itself defaults to 'istio-system').

type IstioConfig

type IstioConfig struct {
	ComponentStatuses        ComponentStatuses `yaml:"component_status,omitempty"`
	ConfigMapName            string            `yaml:"config_map_name,omitempty"`
	IstioIdentityDomain      string            `yaml:"istio_identity_domain,omitempty"`
	IstioInjectionAnnotation string            `yaml:"istio_injection_annotation,omitempty"`
	IstioSidecarAnnotation   string            `yaml:"istio_sidecar_annotation,omitempty"`
	UrlServiceVersion        string            `yaml:"url_service_version"`
}

IstioConfig describes configuration used for istio links

type IstioLabels added in v0.7.0

type IstioLabels struct {
	AppLabelName       string `yaml:"app_label_name,omitempty" json:"appLabelName"`
	InjectionLabelName string `yaml:"injection_label,omitempty" json:"injectionLabelName"`
	VersionLabelName   string `yaml:"version_label_name,omitempty" json:"versionLabelName"`
}

IstioLabels holds configuration about the labels required by Istio

type Iter8Config added in v1.15.0

type Iter8Config struct {
	Enabled bool `yaml:"enabled"`
	// Defein which namespace Iter8 is installed on, default to iter8
	Namespace string `yaml:"namespace"`
}

type KialiFeatureFlags added in v1.22.1

type KialiFeatureFlags struct {
	IstioInjectionAction bool `yaml:"istio_injection_action,omitempty" json:"istioInjectionAction"`
}

type KubernetesConfig added in v0.9.0

type KubernetesConfig struct {
	Burst int `yaml:"burst,omitempty"`
	// Cache duration expressed in seconds
	// Cache uses watchers to sync with the backend, after a CacheDuration watchers are closed and re-opened
	CacheDuration int `yaml:"cache_duration,omitempty"`
	// Enable cache for kubernetes and istio resources
	CacheEnabled bool `yaml:"cache_enabled,omitempty"`
	// Kiali can cache VirtualService,DestinationRule,Gateway and ServiceEntry Istio resources if they are present
	// on this list of Istio types. Other Istio types are not yet supported.
	CacheIstioTypes []string `yaml:"cache_istio_types,omitempty"`
	// List of namespaces or regex defining namespaces to include in a cache
	CacheNamespaces []string `yaml:"cache_namespaces,omitempty"`
	// Cache duration expressed in seconds
	// Kiali cache list of namespaces per user, this is typically short lived cache compared with the duration of the
	// namespace cache defined by previous CacheDuration parameter
	CacheTokenNamespaceDuration int `yaml:"cache_token_namespace_duration,omitempty"`
	// List of controllers that won't be used for Workload calculation
	// Kiali queries Deployment,ReplicaSet,ReplicationController,DeploymentConfig,StatefulSet,Job and CronJob controllers
	// Deployment and ReplicaSet will be always queried, but ReplicationController,DeploymentConfig,StatefulSet,Job and CronJobs
	// can be skipped from Kiali workloads query if they are present in this list
	ExcludeWorkloads []string `yaml:"excluded_workloads,omitempty"`
	QPS              float32  `yaml:"qps,omitempty"`
}

KubernetesConfig holds the k8s client, caching and performance configuration

type LoginToken added in v0.6.0

type LoginToken struct {
	ExpirationSeconds int64  `yaml:"expiration_seconds,omitempty"`
	SigningKey        string `yaml:"signing_key,omitempty"`
}

LoginToken holds config used for generating the Kiali session tokens.

func (*LoginToken) Obfuscate added in v1.13.0

func (lt *LoginToken) Obfuscate()

type OpenIdConfig added in v1.19.0

type OpenIdConfig struct {
	ApiProxy              string   `yaml:"api_proxy,omitempty"`
	ApiProxyCAData        string   `yaml:"api_proxy_ca_data,omitempty"`
	AuthenticationTimeout int      `yaml:"authentication_timeout,omitempty"`
	AuthorizationEndpoint string   `yaml:"authorization_endpoint,omitempty"`
	ClientId              string   `yaml:"client_id,omitempty"`
	ClientSecret          string   `yaml:"client_secret,omitempty"`
	DisableRBAC           bool     `yaml:"disable_rbac,omitempty"`
	InsecureSkipVerifyTLS bool     `yaml:"insecure_skip_verify_tls,omitempty"`
	IssuerUri             string   `yaml:"issuer_uri,omitempty"`
	Scopes                []string `yaml:"scopes,omitempty"`
	UsernameClaim         string   `yaml:"username_claim,omitempty"`
}

OpenIdConfig contains specific configuration for authentication using an OpenID provider

type OpenShiftConfig added in v1.22.1

type OpenShiftConfig struct {
	ClientIdPrefix string `yaml:"client_id_prefix,omitempty"`
}

OpenShiftConfig contains specific configuration for authentication when on OpenShift

type PrometheusConfig added in v0.18.0

type PrometheusConfig struct {
	Auth Auth `yaml:"auth,omitempty"`
	// Cache duration per query expressed in seconds
	CacheDuration int `yaml:"cache_duration,omitempty"`
	// Enable cache for Prometheus queries
	CacheEnabled bool `yaml:"cache_enabled,omitempty"`
	// Global cache expiration expressed in seconds
	CacheExpiration int             `yaml:"cache_expiration:omitempty"`
	ComponentStatus ComponentStatus `yaml:"component_status,omitempty"`
	URL             string          `yaml:"url,omitempty"`
}

PrometheusConfig describes configuration of the Prometheus component

type Rate added in v1.24.0

type Rate struct {
	Namespace string      `yaml:"namespace,omitempty" json:"namespace"`
	Kind      string      `yaml:"kind,omitempty" json:"kind"`
	Name      string      `yaml:"name,omitempty" json:"name"`
	Tolerance []Tolerance `yaml:"tolerance,omitempty" json:"tolerance"`
}

RateConfig

type Server

type Server struct {
	Address                    string `yaml:",omitempty"`
	AuditLog                   bool   `yaml:"audit_log,omitempty"` // When true, allows additional audit logging on Write operations
	CORSAllowAll               bool   `yaml:"cors_allow_all,omitempty"`
	GzipEnabled                bool   `yaml:"gzip_enabled,omitempty"`
	MetricsEnabled             bool   `yaml:"metrics_enabled,omitempty"`
	MetricsPort                int    `yaml:"metrics_port,omitempty"`
	Port                       int    `yaml:",omitempty"`
	StaticContentRootDirectory string `yaml:"static_content_root_directory,omitempty"`
	WebFQDN                    string `yaml:"web_fqdn,omitempty"`
	WebRoot                    string `yaml:"web_root,omitempty"`
	WebHistoryMode             string `yaml:"web_history_mode,omitempty"`
	WebSchema                  string `yaml:"web_schema,omitempty"`
}

Server configuration

type TokenGenerated

type TokenGenerated struct {
	Username  string    `json:"username"`
	Token     string    `json:"token"`
	ExpiresOn time.Time `json:"expiresOn"`
}

func GenerateToken

func GenerateToken(username string) (TokenGenerated, error)

GenerateToken generates a signed token with an expiration of <ExpirationSeconds> seconds

type Tolerance added in v1.24.0

type Tolerance struct {
	Code      string  `yaml:"code,omitempty" json:"code"`
	Degraded  float32 `yaml:"degraded,omitempty" json:"degraded"`
	Failure   float32 `yaml:"failure,omitempty" json:"failure"`
	Protocol  string  `yaml:"protocol,omitempty" json:"protocol"`
	Direction string  `yaml:"direction,omitempty" json:"direction"`
}

ToleranceConfig

type TracingConfig added in v0.20.0

type TracingConfig struct {
	Auth                 Auth            `yaml:"auth"`
	ComponentStatus      ComponentStatus `yaml:"component_status,omitempty"`
	Enabled              bool            `yaml:"enabled"` // Enable Jaeger in Kiali
	InClusterURL         string          `yaml:"in_cluster_url"`
	NamespaceSelector    bool            `yaml:"namespace_selector"`
	URL                  string          `yaml:"url"`
	WhiteListIstioSystem []string        `yaml:"whitelist_istio_system"`
}

TracingConfig describes configuration used for tracing links

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL