config

package
v1.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 4, 2019 License: Apache-2.0 Imports: 14 Imported by: 169

Documentation

Index

Constants

View Source
const (
	EnvActiveNamespace                  = "ACTIVE_NAMESPACE"
	EnvApiDocAnnotationNameApiType      = "APIDOC_ANNOTATION_NAME_API_TYPE"
	EnvApiDocAnnotationNameApiSpec      = "APIDOC_ANNOTATION_NAME_API_SPEC"
	EnvApiNamespacesExclude             = "API_NAMESPACES_EXCLUDE"
	EnvAuthStrategy                     = "AUTH_STRATEGY"
	EnvAuthSuffixCAFile                 = "_CA_FILE"
	EnvAuthSuffixInsecureSkipVerify     = "_INSECURE_SKIP_VERIFY"
	EnvAuthSuffixPassword               = "_PASSWORD"
	EnvAuthSuffixToken                  = "_TOKEN"
	EnvAuthSuffixType                   = "_AUTH_TYPE"
	EnvAuthSuffixUseKialiToken          = "_USE_KIALI_TOKEN"
	EnvAuthSuffixUsername               = "_USERNAME"
	EnvGrafanaEnabled                   = "GRAFANA_ENABLED"
	EnvGrafanaInClusterURL              = "GRAFANA_IN_CLUSTER_URL"
	EnvGrafanaURL                       = "GRAFANA_URL"
	EnvIdentityCertFile                 = "IDENTITY_CERT_FILE"
	EnvIdentityPrivateKeyFile           = "IDENTITY_PRIVATE_KEY_FILE"
	EnvInCluster                        = "IN_CLUSTER"
	EnvInstallationTag                  = "KIALI_INSTALLATION_TAG"
	EnvIstioComponentNamespaces         = "ISTIO_COMPONENT_NAMESPACES"
	EnvIstioIdentityDomain              = "ISTIO_IDENTITY_DOMAIN"
	EnvIstioLabelNameApp                = "ISTIO_LABEL_NAME_APP"
	EnvIstioLabelNameVersion            = "ISTIO_LABEL_NAME_VERSION"
	EnvIstioNamespace                   = "ISTIO_NAMESPACE"
	EnvIstioSidecarAnnotation           = "ISTIO_SIDECAR_ANNOTATION"
	EnvIstioUrlServiceVersion           = "ISTIO_URL_SERVICE_VERSION"
	EnvKubernetesBurst                  = "KUBERNETES_BURST"
	EnvKubernetesQPS                    = "KUBERNETES_QPS"
	EnvKubernetesCacheEnabled           = "KUBERNETES_CACHE_ENABLED"
	EnvKubernetesCacheDuration          = "KUBERNETES_CACHE_DURATION"
	EnvLdapBase                         = "LDAP_BASE"
	EnvLdapBindDN                       = "LDAP_BIND_DN"
	EnvLdapGroupFilter                  = "LDAP_GROUP_FILTER"
	EnvLdapHost                         = "LDAP_HOST"
	EnvLdapInsecureSkipVerify           = "LDAP_INSECURE_SKIP_VERIFY"
	EnvLdapMailIdKey                    = "LDAP_MAIL_ID_KEY"
	EnvLdapMemberOfKey                  = "LDAP_MEMBER_OF_KEY"
	EnvLdapPort                         = "LDAP_PORT"
	EnvLdapRoleFilter                   = "LDAP_ROLE_FILTER"
	EnvLdapSearchFilter                 = "LDAP_SEARCH_FILTER"
	EnvLdapUserFilter                   = "LDAP_USER_FILTER"
	EnvLdapUserIdKey                    = "LDAP_USER_ID_KEY"
	EnvLdapUseSSL                       = "LDAP_USE_SSL"
	EnvLoginTokenExpirationSeconds      = "LOGIN_TOKEN_EXPIRATION_SECONDS"
	EnvLoginTokenSigningKey             = "LOGIN_TOKEN_SIGNING_KEY"
	EnvNamespaceLabelSelector           = "NAMESPACE_LABEL_SELECTOR"
	EnvPrometheusCustomMetricsURL       = "PROMETHEUS_CUSTOM_METRICS_URL"
	EnvPrometheusServiceURL             = "PROMETHEUS_SERVICE_URL"
	EnvServerAddress                    = "SERVER_ADDRESS"
	EnvServerAuditLog                   = "SERVER_AUDIT_LOG"
	EnvServerCORSAllowAll               = "SERVER_CORS_ALLOW_ALL"
	EnvServerGzipEnabled                = "SERVER_GZIP_ENABLED"
	EnvServerMetricsPort                = "SERVER_METRICS_PORT"
	EnvServerMetricsEnabled             = "SERVER_METRICS_ENABLED"
	EnvServerPort                       = "SERVER_PORT"
	EnvServerStaticContentRootDirectory = "SERVER_STATIC_CONTENT_ROOT_DIRECTORY"
	EnvThreeScaleAdapterName            = "THREESCALE_ADAPTER_NAME"
	EnvThreeScaleServiceName            = "THREESCALE_SERVICE_NAME"
	EnvThreeScaleServicePort            = "THREESCALE_SERVICE_PORT"
	EnvTracingEnabled                   = "TRACING_ENABLED"
	EnvTracingInClusterURL              = "TRACING_IN_CLUSTER_URL"
	EnvTracingServiceNamespace          = "TRACING_SERVICE_NAMESPACE"
	EnvTracingServicePort               = "TRACING_SERVICE_PORT"
	EnvTracingURL                       = "TRACING_URL"
	EnvWebRoot                          = "SERVER_WEB_ROOT"
)

Environment vars can define some default values. This list is ALPHABETIZED for readability.

View Source
const (
	IstioVersionSupported   = ">= 1.0"
	MaistraVersionSupported = ">= 0.7.0"
	OSSMVersionSupported    = ">= 1.0"
)

The versions that Kiali requires

View Source
const (
	AuthStrategyOpenshift = "openshift"
	AuthStrategyLogin     = "login"
	AuthStrategyAnonymous = "anonymous"
	AuthStrategyLDAP      = "ldap"

	TokenCookieName             = "kiali-token"
	AuthStrategyOpenshiftIssuer = "kiali-openshift"
	AuthStrategyLoginIssuer     = "kiali-login"

	// These constants are used for external services auth (Prometheus, Grafana ...) ; not for Kiali auth
	AuthTypeBasic  = "basic"
	AuthTypeBearer = "bearer"
	AuthTypeNone   = "none"
)

The valid auth strategies and values for cookie handling

View Source
const (
	LoginSecretUsername   = "/kiali-secret/username"
	LoginSecretPassphrase = "/kiali-secret/passphrase"
)

the paths we expect the login secret to be located

View Source
const (
	IstioMultiClusterHostSuffix = "global"
)

Variables

This section is empty.

Functions

func GetIstioComponentNamespace added in v1.4.0

func GetIstioComponentNamespace(component string) string

GetIstioComponentNamespace returns the Istio component namespace (defaulting to IstioNamespace)

func GetIstioNamespaces added in v1.4.0

func GetIstioNamespaces(exclude []string) []string

GetIstioNamespaces returns all Istio namespaces, less the exclusions

func GetSignedTokenString added in v0.16.0

func GetSignedTokenString(claims jwt.Claims) (string, error)

func IsIstioNamespace added in v1.4.0

func IsIstioNamespace(namespace string) bool

IsIstioNamespace returns true if the namespace is the default istio namespace or an Istio component namespace

func Marshal

func Marshal(conf *Config) (yamlString string, err error)

Marshal converts the Config object and returns its YAML string.

func SaveToFile

func SaveToFile(filename string, conf *Config) (err error)

SaveToFile converts the Config object and stores its YAML string into the given file, overwriting any data that is in the file.

func Set

func Set(conf *Config)

Set the global Config This function should not be called outside of main or tests. If possible keep config unmutated and use globals and/or appstate package for mutable states to avoid concurrent writes risk.

func ValidateToken

func ValidateToken(tokenString string) (string, error)

ValidateToken checks if the input token is still valid

Types

type ApiConfig added in v0.9.1

type ApiConfig struct {
	Namespaces ApiNamespacesConfig
}

ApiConfig contains API specific configuration.

type ApiDocAnnotations added in v1.3.0

type ApiDocAnnotations struct {
	ApiTypeAnnotationName string `yaml:"api_type_annotation_name,omitempty" json:"apiTypeAnnotationName"`
	ApiSpecAnnotationName string `yaml:"api_spec_annotation_name,omitempty" json:"apiSpecAnnotationName"`
}

ApiDocAnnotations contains the annotation names used for API documentation

type ApiDocumentation added in v1.3.0

type ApiDocumentation struct {
	Annotations ApiDocAnnotations `yaml:"annotations,omitempty" json:"annotations"`
}

ApiDocumentation is the top level configuration for API documentation

type ApiNamespacesConfig added in v0.9.1

type ApiNamespacesConfig struct {
	Exclude       []string
	LabelSelector string `yaml:"label_selector,omitempty" json:"labelSelector"`
}

ApiNamespacesConfig provides a list of regex strings defining namespaces to blacklist.

type Auth added in v0.21.0

type Auth struct {
	Type               string `yaml:"type"`
	Username           string `yaml:"username"`
	Password           string `yaml:"password"`
	Token              string `yaml:"token"`
	UseKialiToken      bool   `yaml:"use_kiali_token"`
	CAFile             string `yaml:"ca_file"`
	InsecureSkipVerify bool   `yaml:"insecure_skip_verify"`
}

Auth provides authentication data for external services

type AuthConfig added in v0.16.0

type AuthConfig struct {
	Strategy string     `yaml:"strategy,omitempty"`
	LDAP     LDAPConfig `yaml:"ldap,omitempty"`
}

AuthConfig provides details on how users are to authenticate

type Config

type Config struct {
	Identity                 security.Identity        `yaml:",omitempty"`
	Server                   Server                   `yaml:",omitempty"`
	InCluster                bool                     `yaml:"in_cluster,omitempty"`
	ExternalServices         ExternalServices         `yaml:"external_services,omitempty"`
	LoginToken               LoginToken               `yaml:"login_token,omitempty"`
	IstioNamespace           string                   `yaml:"istio_namespace,omitempty"` // default component namespace
	IstioComponentNamespaces IstioComponentNamespaces `yaml:"istio_component_namespaces,omitempty"`
	InstallationTag          string                   `yaml:"installation_tag,omitempty"`
	IstioLabels              IstioLabels              `yaml:"istio_labels,omitempty"`
	KubernetesConfig         KubernetesConfig         `yaml:"kubernetes_config,omitempty"`
	API                      ApiConfig                `yaml:"api,omitempty"`
	Auth                     AuthConfig               `yaml:"auth,omitempty"`
	Deployment               DeploymentConfig         `yaml:"deployment,omitempty"`
	ApiDocumentation         ApiDocumentation         `yaml:"apidocs,omitempty"`
}

Config defines full YAML configuration.

func Get

func Get() (conf *Config)

Get the global Config

func LoadFromFile

func LoadFromFile(filename string) (conf *Config, err error)

LoadFromFile reads the YAML from the given file, parses the content, and returns its Config object representation.

func NewConfig

func NewConfig() (c *Config)

NewConfig creates a default Config struct

func Unmarshal

func Unmarshal(yamlString string) (conf *Config, err error)

Unmarshal parses the given YAML string and returns its Config object representation.

func (Config) String

func (conf Config) String() (str string)

String marshals the given Config into a YAML string

type DeploymentConfig added in v0.21.0

type DeploymentConfig struct {
	AccessibleNamespaces []string `yaml:"accessible_namespaces"`
	Namespace            string   `yaml:"namespace,omitempty"` // Kiali deployment namespace
}

DeploymentConfig provides details on how Kiali was deployed.

type ExternalServices

type ExternalServices struct {
	Istio      IstioConfig      `yaml:"istio,omitempty"`
	Prometheus PrometheusConfig `yaml:"prometheus,omitempty"`
	Grafana    GrafanaConfig    `yaml:"grafana,omitempty"`
	Tracing    TracingConfig    `yaml:"tracing,omitempty"`
	ThreeScale ThreeScaleConfig `yaml:"threescale,omitempty"`
}

ExternalServices holds configurations for other systems that Kiali depends on

type GrafanaConfig

type GrafanaConfig struct {
	// Enable or disable Grafana support in Kiali
	Enabled      bool                     `yaml:"enabled"`
	InClusterURL string                   `yaml:"in_cluster_url"`
	URL          string                   `yaml:"url"`
	Auth         Auth                     `yaml:"auth"`
	Dashboards   []GrafanaDashboardConfig `yaml:"dashboards"`
}

GrafanaConfig describes configuration used for Grafana links

type GrafanaDashboardConfig added in v1.5.0

type GrafanaDashboardConfig struct {
	Name      string                 `yaml:"name"`
	Variables GrafanaVariablesConfig `yaml:"variables"`
}

type GrafanaVariablesConfig added in v1.5.0

type GrafanaVariablesConfig struct {
	Namespace string `yaml:"namespace" json:"namespace,omitempty"`
	App       string `yaml:"app" json:"app,omitempty"`
	Service   string `yaml:"service" json:"service,omitempty"`
	Version   string `yaml:"version" json:"version,omitempty"`
	Workload  string `yaml:"workload" json:"workload,omitempty"`
}

type IanaClaims added in v0.16.0

type IanaClaims struct {
	SessionId string `json:"sid,omitempty"`
	jwt.StandardClaims
}

Structured version of Claims Section, as referenced at https://tools.ietf.org/html/rfc7519#section-4.1 See examples for how to use this with your own claim types

func GetTokenClaimsIfValid added in v0.16.0

func GetTokenClaimsIfValid(tokenString string) (*IanaClaims, error)

type IstioComponentNamespaces added in v1.4.0

type IstioComponentNamespaces map[string]string

IstioComponentNamespaces holds the component-specific Istio namespaces. Any missing component defaults to the namespace configured for IstioNamespace (which itself defaults to 'istio-system').

type IstioConfig

type IstioConfig struct {
	UrlServiceVersion      string `yaml:"url_service_version"`
	IstioIdentityDomain    string `yaml:"istio_identity_domain,omitempty"`
	IstioSidecarAnnotation string `yaml:"istio_sidecar_annotation,omitempty"`
}

IstioConfig describes configuration used for istio links

type IstioLabels added in v0.7.0

type IstioLabels struct {
	AppLabelName     string `yaml:"app_label_name,omitempty" json:"appLabelName"`
	VersionLabelName string `yaml:"version_label_name,omitempty" json:"versionLabelName"`
}

IstioLabels holds configuration about the labels required by Istio

type KubernetesConfig added in v0.9.0

type KubernetesConfig struct {
	Burst         int     `yaml:"burst,omitempty"`
	QPS           float32 `yaml:"qps,omitempty"`
	CacheEnabled  bool    `yaml:"cache_enabled,omitempty"`
	CacheDuration int64   `yaml:"cache_duration,omitempty"`
}

KubernetesConfig holds the k8s client configuration

type LDAPConfig added in v1.4.0

type LDAPConfig struct {
	LDAPBase               string `yaml:"ldap_base,omitempty"`
	LDAPBindDN             string `yaml:"ldap_bind_dn,omitempty"`
	LDAPInsecureSkipVerify bool   `yaml:"ldap_insecure_skip_verify,omitempty"`
	LDAPGroupFilter        string `yaml:"ldap_group_filter,omitempty"`
	LDAPHost               string `yaml:"ldap_host,omitempty"`
	LDAPMailIDKey          string `yaml:"ldap_mail_id_key,omitempty"`
	LDAPMemberOfKey        string `yaml:"ldap_member_of_key,omitempty"`
	LDAPPort               int    `yaml:"ldap_port,omitempty"`
	LDAPRoleFilter         string `yaml:"ldap_role_filter,omitempty"`
	LDAPSearchFilter       string `yaml:"ldap_search_filter,omitempty"`
	LDAPUserFilter         string `yaml:"ldap_user_filter,omitempty"`
	LDAPUserIDKey          string `yaml:"ldap_user_id_key,omitempty"`
	LDAPUseSSL             bool   `yaml:"ldap_use_ssl,omitempty"`
}

LDAPConfig provides the details of the LDAP related configuration

type LoginToken added in v0.6.0

type LoginToken struct {
	SigningKey        string `yaml:"signing_key,omitempty"`
	ExpirationSeconds int64  `yaml:"expiration_seconds,omitempty"`
}

LoginToken holds config used in token-based authentication

type PrometheusConfig added in v0.18.0

type PrometheusConfig struct {
	URL              string `yaml:"url,omitempty"`
	CustomMetricsURL string `yaml:"custom_metrics_url,omitempty"`
	Auth             Auth   `yaml:"auth,omitempty"`
}

PrometheusConfig describes configuration of the Prometheus component

type Server

type Server struct {
	Address                    string               `yaml:",omitempty"`
	AuditLog                   bool                 `yaml:"audit_log,omitempty"`
	CORSAllowAll               bool                 `yaml:"cors_allow_all,omitempty"`
	Credentials                security.Credentials `yaml:",omitempty"`
	GzipEnabled                bool                 `yaml:"gzip_enabled,omitempty"`
	MetricsEnabled             bool                 `yaml:"metrics_enabled,omitempty"`
	MetricsPort                int                  `yaml:"metrics_port,omitempty"`
	Port                       int                  `yaml:",omitempty"`
	StaticContentRootDirectory string               `yaml:"static_content_root_directory,omitempty"`
	WebRoot                    string               `yaml:"web_root,omitempty"`
}

Server configuration

type ThreeScaleConfig added in v0.20.0

type ThreeScaleConfig struct {
	AdapterName    string `yaml:"adapter_name"`
	AdapterService string `yaml:"adapter_service"`
	AdapterPort    string `yaml:"adapter_port"`
}

ThreeScaleConfig describes configuration used for 3Scale adapter

type TokenGenerated

type TokenGenerated struct {
	Username  string    `json:"username"`
	Token     string    `json:"token"`
	ExpiresOn time.Time `json:"expiresOn"`
}

func GenerateToken

func GenerateToken(username string) (TokenGenerated, error)

GenerateToken generates a signed token with an expiration of <ExpirationSeconds> seconds

type TracingConfig added in v0.20.0

type TracingConfig struct {
	// Enable autodiscover and Jaeger in Kiali
	Enabled      bool   `yaml:"enabled"`
	Namespace    string `yaml:"namespace"`
	Service      string `yaml:"service"`
	Port         int32  `yaml:"port"`
	URL          string `yaml:"url"`
	Auth         Auth   `yaml:"auth"`
	InClusterURL string `yaml:"in_cluster_url"`
	// Path store the value of QUERY_BASE_PATH
	Path string `yaml:"-"`
}

TracingConfig describes configuration used for tracing links

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL