Documentation ¶
Overview ¶
Package stunner contains the public API for l7mp/stunner, a Kubernetes ingress gateway for WebRTC
Index ¶
- Constants
- Variables
- func GenerateSelfSignedKey() ([]byte, []byte, error)
- func GetStandardURLFromListener(req *stnrv1.ListenerConfig) (string, error)
- func GetTurnUris(req *stnrv1.StunnerConfig) ([]string, error)
- func GetUriFromListener(req *stnrv1.ListenerConfig) (string, error)
- func NewDefaultConfig(uri string) (*stnrv1.StunnerConfig, error)
- func NewPortRangePacketConn(c net.PacketConn, checker PortRangeChecker, log logging.LeveledLogger) net.PacketConn
- type AuthGen
- type Options
- type PortRangeChecker
- type PortRangePacketConn
- type RelayGen
- type Stunner
- func (s *Stunner) AllocationCount() int
- func (s *Stunner) Close()
- func (s *Stunner) GenPortRangeChecker(g *RelayGen) PortRangeChecker
- func (s *Stunner) GetActiveConnections() float64
- func (s *Stunner) GetAdmin() *object.Admin
- func (s *Stunner) GetAuth() *object.Auth
- func (s *Stunner) GetCluster(name string) *object.Cluster
- func (s *Stunner) GetConfig() *stnrv1.StunnerConfig
- func (s *Stunner) GetId() string
- func (s *Stunner) GetListener(name string) *object.Listener
- func (s *Stunner) GetLogger() logging.LoggerFactory
- func (s *Stunner) GetRealm() string
- func (s *Stunner) GetVersion() string
- func (s *Stunner) IsReady() bool
- func (s *Stunner) LoadConfig(origin string) (*stnrv1.StunnerConfig, error)
- func (s *Stunner) NewAuthHandler() a12n.AuthHandler
- func (s *Stunner) NewPermissionHandler(l *object.Listener) a12n.PermissionHandler
- func (s *Stunner) NewReadinessHandler() object.ReadinessHandler
- func (s *Stunner) NewRealmHandler() object.RealmHandler
- func (s *Stunner) NewStatusHandler() object.StatusHandler
- func (s *Stunner) Reconcile(req *stnrv1.StunnerConfig) error
- func (s *Stunner) SetLogLevel(levelSpec string)
- func (s *Stunner) Shutdown()
- func (s *Stunner) StartServer(l *object.Listener) error
- func (s *Stunner) Status() stnrv1.Status
- func (s *Stunner) WatchConfig(ctx context.Context, origin string, ch chan<- *stnrv1.StunnerConfig) error
- type StunnerUri
- type Turncat
- type TurncatConfig
Constants ¶
const ClusterCacheSize = 512
const DefaultLogLevel = "all:WARN"
const UDP_PACKET_SIZE = 1500
Variables ¶
var ( ErrPortProhibited = errors.New("peer port administratively prohibited") ErrInvalidPeerProtocol = errors.New("unknown peer transport protocol") )
var DefaultInstanceId = fmt.Sprintf("default/stunnerd-%s", uuid.New().String())
var LogBurst = 3
Burst size for rate-limited logging at ERROR, WARN and INFO loglevel (logging at DEBUG and TRACE levels is not rate-limited).
var LogRateLimit rate.Limit = 1.0
Number of log events per second reported at ERROR, WARN and INFO loglevel (logging at DEBUG and TRACE levels is not rate-limited).
Functions ¶
func GenerateSelfSignedKey ¶ added in v0.14.3
GenerateSelfSignedKey is a rudimentary hack to generate self-signed certificates used to bootstrap the default config for TLS/DTLS listeners and for testing. Use for testing purposes only!
func GetStandardURLFromListener ¶ added in v0.15.3
func GetStandardURLFromListener(req *stnrv1.ListenerConfig) (string, error)
GetStandardURLFromListener returns a standard URL (that can be parsed using net/url) from a listener config.
func GetTurnUris ¶ added in v0.14.3
func GetTurnUris(req *stnrv1.StunnerConfig) ([]string, error)
GetUriFromListener returns a standard TURN URI from a listener config
func GetUriFromListener ¶ added in v0.14.3
func GetUriFromListener(req *stnrv1.ListenerConfig) (string, error)
GetUriFromListener returns a standard TURN URI as per RFC7065from a listener config.
func NewDefaultConfig ¶ added in v0.10.0
func NewDefaultConfig(uri string) (*stnrv1.StunnerConfig, error)
NewDefaultConfig builds a default configuration from a TURN server URI. Example: the URI `turn://user:pass@127.0.0.1:3478?transport=udp` will be parsed into a STUNner configuration with a server running on the localhost at UDP port 3478, with plain-text authentication using the username/password pair `user:pass`. Health-checks and metric scarping are disabled.
func NewPortRangePacketConn ¶ added in v0.16.2
func NewPortRangePacketConn(c net.PacketConn, checker PortRangeChecker, log logging.LeveledLogger) net.PacketConn
NewPortRangePacketConn decorates a PacketConn with filtering on a target port range. Errors are reported per listener name.
Types ¶
type Options ¶ added in v0.10.5
type Options struct { // Name is the identifier of this stunnerd daemon instance. Defaults to hostname. Name string // DryRun suppresses sideeffects: STUNner will not initialize listener sockets and bring up // the TURN server, and it will not fire up the health-check and the metrics // servers. Intended for testing, default is false. DryRun bool // SuppressRollback controls whether to rollback to the last working configuration after a // failed reconciliation request. Default is false, which means to always do a rollback. SuppressRollback bool // LogLevel specifies the required loglevel for STUNner and each of its sub-objects, e.g., // "all:TRACE" will force maximal loglevel throughout, "all:ERROR,auth:TRACE,turn:DEBUG" // will suppress all logs except in the authentication subsystem and the TURN protocol // logic. LogLevel string // Resolver swaps the internal DNS resolver with a custom implementation. Intended for // testing. Resolver resolver.DnsResolver // UDPListenerThreadNum determines the number of readloop threads spawned per UDP listener // (default is 4, must be >0 integer). TURN allocations will be automatically load-balanced // by the kernel UDP stack based on the client 5-tuple. This setting controls the maximum // number of CPU cores UDP listeners can scale to. Note that all other listener protocol // types (TCP, TLS and DTLS) use per-client threads, so this setting affects only UDP // listeners. For more info see https://github.com/pion/turn/pull/295. UDPListenerThreadNum int // VNet will switch on testing mode, using a vnet.Net instance to run STUNner over an // emulated data-plane. Net transport.Net }
Options defines various options for the STUNner server.
type PortRangeChecker ¶ added in v0.16.2
type PortRangePacketConn ¶ added in v0.16.2
type PortRangePacketConn struct { net.PacketConn // contains filtered or unexported fields }
PortRangePacketConn is a net.PacketConn that filters on the target port range and also handles telemetry.
func (*PortRangePacketConn) Close ¶ added in v0.16.2
func (c *PortRangePacketConn) Close() error
func (*PortRangePacketConn) ReadFrom ¶ added in v0.16.2
ReadFrom reads from the PortRangePacketConn. Blocks until a packet from the speciifed port range is received and drops all other packets.
func (*PortRangePacketConn) SetReadDeadline ¶ added in v0.16.2
func (c *PortRangePacketConn) SetReadDeadline(t time.Time) error
type RelayGen ¶ added in v0.16.2
type RelayGen struct { // Listener is the listener on behalf of which the relay address generator is created. Listener *object.Listener // RelayAddress is the IP returned to the user when the relay is created. RelayAddress net.IP // Address is passed to Listen/ListenPacket when creating the Relay. Address string // ClusterCache is a cache that is used to couple relayed packets to clusters. ClusterCache *lru.Cache // PortRangeChecker is a callback to check whether a peer address is allowed by any of the // clusters of the listener. PortRangeChecker PortRangeChecker // Net is a pion/transport VNet, used for testing. Net transport.Net // Logger is a logger factory we can use to generate per-listener relay loggers. Logger *logger.LeveledLoggerFactory }
RelayGen can be used to only allocate connections inside a defined target port range. A static ip address can be set.
func NewRelayGen ¶ added in v0.16.2
func NewRelayGen(l *object.Listener, logger *logger.LeveledLoggerFactory) *RelayGen
func (*RelayGen) AllocateConn ¶ added in v0.16.2
AllocateConn generates a new Conn to receive traffic on and the IP/Port to populate the allocation response with
func (*RelayGen) AllocatePacketConn ¶ added in v0.16.2
func (r *RelayGen) AllocatePacketConn(network string, requestedPort int) (net.PacketConn, net.Addr, error)
AllocatePacketConn generates a new transport relay connection and returns the IP/Port to be returned to the client in the allocation response.
type Stunner ¶
type Stunner struct {
// contains filtered or unexported fields
}
Stunner is an instance of the STUNner deamon.
func NewStunner ¶
NewStunner creates a new STUNner deamon for the specified Options. Call Reconcile to reconcile the daemon for a new configuration. Object lifecycle is as follows: the daemon is "alive" (answers liveness probes if healthchecking is enabled) once the main object is successfully initialized, and "ready" after the first successful reconciliation (answers readiness probes if healthchecking is enabled). Calling program should catch SIGTERM signals and call Shutdown(), which will keep on serving connections but will fail readiness probes.
func (*Stunner) AllocationCount ¶ added in v0.14.4
GetAllocations returns the number of active allocations summed over all listeners. It can be used to drain the server before closing.
func (*Stunner) Close ¶
func (s *Stunner) Close()
Close stops the STUNner daemon, cleans up any internal state, and closes all connections including the health-check and the metrics server listeners.
func (*Stunner) GenPortRangeChecker ¶ added in v0.16.2
func (s *Stunner) GenPortRangeChecker(g *RelayGen) PortRangeChecker
GenPortRangeChecker finds the cluster that is responsible for routing the packet and checks whether the peer address is in the port range specified for the cluster. The RelayGen caches recent hits for simplicity.
func (*Stunner) GetActiveConnections ¶ added in v0.14.1
GetActiveConnections returns the number of active downstream (listener-side) TURN allocations.
func (*Stunner) GetAuth ¶ added in v0.10.0
GetAuth returns the authenitation object underlying STUNner.
func (*Stunner) GetCluster ¶ added in v0.10.0
GetCluster returns a STUNner cluster or nil if no cluster with the given name was found.
func (*Stunner) GetConfig ¶
func (s *Stunner) GetConfig() *stnrv1.StunnerConfig
GetConfig returns the configuration of the running STUNner daemon.
func (*Stunner) GetListener ¶ added in v0.10.0
GetListener returns a STUNner listener or nil of no listener with the given name was found.
func (*Stunner) GetLogger ¶ added in v0.10.5
func (s *Stunner) GetLogger() logging.LoggerFactory
GetLogger returns the logger factory of the running daemon. Useful for creating a sub-logger.
func (*Stunner) GetRealm ¶ added in v0.11.3
GetRealm returns the current STUN/TURN authentication realm.
func (*Stunner) GetVersion ¶ added in v0.10.0
GetVersion returns the STUNner API version.
func (*Stunner) IsReady ¶ added in v0.11.2
IsReady returns true if the STUNner instance is ready to serve allocation requests.
func (*Stunner) LoadConfig ¶ added in v0.15.1
func (s *Stunner) LoadConfig(origin string) (*stnrv1.StunnerConfig, error)
LoadConfig loads a configuration from an origin. This is a shim wrapper around ConfigOrigin.Load.
func (*Stunner) NewAuthHandler ¶ added in v0.10.0
func (s *Stunner) NewAuthHandler() a12n.AuthHandler
NewAuthHandler returns an authentication handler callback to be used with a TURN server for authenticating clients.
func (*Stunner) NewPermissionHandler ¶ added in v0.10.0
func (s *Stunner) NewPermissionHandler(l *object.Listener) a12n.PermissionHandler
NewPermissionHandler returns a callback to handle client permission requests to access peers.
func (*Stunner) NewReadinessHandler ¶ added in v0.11.3
func (s *Stunner) NewReadinessHandler() object.ReadinessHandler
NewReadinessHandler creates a helper function for checking the readiness of STUNner.
func (*Stunner) NewRealmHandler ¶ added in v0.11.3
func (s *Stunner) NewRealmHandler() object.RealmHandler
NewRealmHandler creates a helper function for listeners to find out the authentication realm.
func (*Stunner) NewStatusHandler ¶ added in v0.17.12
func (s *Stunner) NewStatusHandler() object.StatusHandler
NewStatusHandler creates a helper function for printing the status of STUNner.
func (*Stunner) Reconcile ¶
func (s *Stunner) Reconcile(req *stnrv1.StunnerConfig) error
Reconcile handles updates to the STUNner configuration. Some updates are destructive: in this case the returned error contains the names of the objects (usually, listeners) that were restarted during reconciliation (see the documentation of the corresponding STUNner objects for when STUNner may restart after a reconciliation). Reconcile returns nil no objects were restarted, v1.ErrRestarted to indicate that a shutdown-restart cycle was performed for at least one internal object (usually, a listener) for the new config (unless DryRun is enabled), and an error if an error has occurred during reconciliation, in which case it will rollback the last working configuration (unless SuppressRollback is on).
func (*Stunner) SetLogLevel ¶ added in v0.14.3
SetLogLevel sets the loglevel.
func (*Stunner) Shutdown ¶ added in v0.11.3
func (s *Stunner) Shutdown()
Shutdown causes STUNner to fail the readiness check. Manwhile, it will keep on serving connections. This function should be called after the main program catches a SIGTERM.
func (*Stunner) StartServer ¶ added in v0.11.3
Start will start the TURN server that belongs to a listener.
func (*Stunner) Status ¶ added in v0.11.2
Status returns the status for the running STUNner instance.
func (*Stunner) WatchConfig ¶ added in v0.14.1
func (s *Stunner) WatchConfig(ctx context.Context, origin string, ch chan<- *stnrv1.StunnerConfig) error
WatchConfig watches a configuration from an origin. This is a shim wrapper around ConfigOrigin.Watch.
type StunnerUri ¶
StunnerUri is the specification of a STUNner listener URI
func ParseUri ¶
func ParseUri(uri string) (*StunnerUri, error)
ParseUri parses a STUN/TURN server URI, e.g., "turn://user1:passwd1@127.0.0.1:3478?transport=udp"
func (*StunnerUri) String ¶ added in v0.15.3
func (u *StunnerUri) String() string
type Turncat ¶
type Turncat struct {
// contains filtered or unexported fields
}
Turncat is the internal structure for representing a turncat relay.
func NewTurncat ¶
func NewTurncat(config *TurncatConfig) (*Turncat, error)
NewTurncat creates a new turncat relay from the specified config, creating a listener socket for clients to connect to and relaying client connections through the speficied STUN/TURN server to the peer.
type TurncatConfig ¶
type TurncatConfig struct { // ListenAddr is the listeninging socket address (local tunnel endpoint). ListenerAddr string // ServerAddr is the TURN server addrees (e.g. "turn://turn.abc.com:3478"). ServerAddr string // PeerAddr specifies the remote peer to connect to. PeerAddr string // Realm is the STUN/TURN realm. Realm string // AuthGet specifies the function to generate auth tokens. AuthGen AuthGen // InsecureMode controls whether self-signed TLS certificates are accepted by the TURN // client. InsecureMode bool // LoggerFactory is an optional external logger. LoggerFactory logging.LoggerFactory }
TurncatConfig is the main configuration for the turncat relay.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
cmd
|
|
internal
|
|
pkg
|
|
apis/v1
Package v1 is the v1 version of the STUNner API.
|
Package v1 is the v1 version of the STUNner API. |
authentication
Package auth contains variuos routines to generate and check STUNner authentication credentials.
|
Package auth contains variuos routines to generate and check STUNner authentication credentials. |
config/client/api
Package api provides primitives to interact with the openapi HTTP API.
|
Package api provides primitives to interact with the openapi HTTP API. |
config/server/api
Package api provides primitives to interact with the openapi HTTP API.
|
Package api provides primitives to interact with the openapi HTTP API. |