Documentation
¶
Index ¶
- func AppArmorProfile() string
- func CheckJwtToken(r *http.Request, trustedCerts map[string]x509.Certificate) (bool, string, *x509.Certificate)
- func CheckTrustState(cert x509.Certificate, trustedCerts map[string]x509.Certificate, ...) (bool, string)
- func CompareConfigs(config1, config2 map[string]string, exclude []string) error
- func CompareVersions(version1, version2 [2]int, checkExtensions bool) (int, error)
- func CopyConfig(config map[string]string) map[string]string
- func DebugJSON(title string, r *bytes.Buffer, l logger.Logger)
- func EtagCheck(r *http.Request, data any) error
- func EtagHash(data any) (string, error)
- func GenerateSequenceInt64(begin, end, step int) ([]int64, error)
- func GetArchitectures() ([]int, error)
- func GetExecPath() string
- func GetStableRandomGenerator(seed string) (*rand.Rand, error)
- func GetStableRandomInt64FromList(seed int64, list []int64) (int64, error)
- func HTTPClient(certificate string, proxy proxyFunc) (*http.Client, error)
- func HugepagesPath() (string, error)
- func InMemoryNetwork() (net.Listener, func() net.Conn)
- func IsJSONRequest(r *http.Request) bool
- func IsRecursionRequest(r *http.Request) bool
- func ListenAddresses(configListenAddress string) ([]string, error)
- func ReplaceDaemon() error
- func ServerTLSConfig(cert *localtls.CertInfo) *tls.Config
- func SupportsFilesystem(filesystem string) bool
- func SysctlGet(path string) (string, error)
- func SysctlSet(parts ...string) error
- func WriteJSON(w http.ResponseWriter, body any, debugLogger logger.Logger) error
- type ContextAwareRequest
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AppArmorProfile ¶
func AppArmorProfile() string
AppArmorProfile returns the current apparmor profile.
func CheckJwtToken ¶
func CheckJwtToken(r *http.Request, trustedCerts map[string]x509.Certificate) (bool, string, *x509.Certificate)
CheckJwtToken checks whether the given request has JWT token that is valid and signed with client certificate from the trusted certificates. Returns whether or not the token is valid, the fingerprint of the certificate and the certificate.
func CheckTrustState ¶
func CheckTrustState(cert x509.Certificate, trustedCerts map[string]x509.Certificate, networkCert *localtls.CertInfo, trustCACertificates bool) (bool, string)
CheckTrustState checks whether the given client certificate is trusted (i.e. it has a valid time span and it belongs to the given list of trusted certificates). Returns whether or not the certificate is trusted, and the fingerprint of the certificate.
func CompareConfigs ¶
CompareConfigs compares two config maps and returns an error if they differ.
func CompareVersions ¶
CompareVersions compares the versions of two cluster members.
A version consists of the version the member's schema and the number of API extensions it supports.
Return 0 if they equal, 1 if the first version is greater than the second and 2 if the second is greater than the first.
Return an error if inconsistent versions are detected, for example the first member's schema is greater than the second's, but the number of extensions is smaller.
func CopyConfig ¶
CopyConfig creates a new map with a copy of the given config.
func DebugJSON ¶
DebugJSON helper to log JSON. Accepts a title to prefix the JSON log with, a *bytes.Buffer containing the JSON and a logger to use for logging the JSON (allowing for custom context to be added to the log).
func EtagCheck ¶
EtagCheck validates the hash of the current state with the hash provided by the client.
func GenerateSequenceInt64 ¶
GenerateSequenceInt64 returns a sequence within a given range with given steps.
func GetArchitectures ¶
GetArchitectures returns the list of supported architectures.
func GetStableRandomGenerator ¶
GetStableRandomGenerator returns a stable random generator. Uses the FNV-1a hash algorithm to convert the seed string into an int64 for use as seed to the non-cryptographic random number generator.
func GetStableRandomInt64FromList ¶
GetStableRandomInt64FromList returns a stable random value from a given list.
func HTTPClient ¶
HTTPClient returns an http.Client using the given certificate and proxy.
func HugepagesPath ¶
HugepagesPath attempts to locate the mount point of the hugepages filesystem.
func InMemoryNetwork ¶
InMemoryNetwork creates a fully in-memory listener and dial function.
Each time the dial function is invoked a new pair of net.Conn objects will be created using net.Pipe: the listener's Accept method will unblock and return one end of the pipe and the other end will be returned by the dial function.
func IsJSONRequest ¶
IsJSONRequest returns true if the content type of the HTTP request is JSON.
func IsRecursionRequest ¶
IsRecursionRequest checks whether the given HTTP request is marked with the "recursion" flag in its form values.
func ListenAddresses ¶
ListenAddresses returns a list of <host>:<port> combinations at which this machine can be reached. It accepts the configured listen address in the following formats: <host>, <host>:<port> or :<port>. If a listen port is not specified then then ports.HTTPSDefaultPort is used instead. If a non-empty and non-wildcard host is passed in then this functions returns a single element list with the listen address specified. Otherwise if an empty host or wildcard address is specified then all global unicast addresses actively configured on the host are returned. If an IPv4 wildcard address (0.0.0.0) is specified as the host then only IPv4 addresses configured on the host are returned.
Example ¶
listenAddressConfigs := []string{
"",
"127.0.0.1:8000", // Valid IPv4 address with port.
"127.0.0.1", // Valid IPv4 address without port.
"[127.0.0.1]", // Valid wrapped IPv4 address without port.
"[::1]:8000", // Valid IPv6 address with port.
"::1:8000", // Valid IPv6 address without port (that might look like a port).
"::1", // Valid IPv6 address without port.
"[::1]", // Valid wrapped IPv6 address without port.
"example.com", // Valid hostname without port.
"example.com:8000", // Valid hostname with port.
"foo:8000:9000", // Invalid host and port combination.
":::8000", // Invalid host and port combination.
}
for _, listlistenAddressConfig := range listenAddressConfigs {
listenAddress, err := ListenAddresses(listlistenAddressConfig)
fmt.Printf("%q: %v %v\n", listlistenAddressConfig, listenAddress, err)
}
Output: "": [] <nil> "127.0.0.1:8000": [127.0.0.1:8000] <nil> "127.0.0.1": [127.0.0.1:8443] <nil> "[127.0.0.1]": [127.0.0.1:8443] <nil> "[::1]:8000": [[::1]:8000] <nil> "::1:8000": [[::1:8000]:8443] <nil> "::1": [[::1]:8443] <nil> "[::1]": [[::1]:8443] <nil> "example.com": [example.com:8443] <nil> "example.com:8000": [example.com:8000] <nil> "foo:8000:9000": [] address foo:8000:9000: too many colons in address ":::8000": [] address :::8000: too many colons in address
func ReplaceDaemon ¶
func ReplaceDaemon() error
ReplaceDaemon replaces the daemon by re-execing the binary.
func ServerTLSConfig ¶
ServerTLSConfig returns a new server-side tls.Config generated from the give certificate info.
func SupportsFilesystem ¶
SupportsFilesystem checks whether a given filesystem is already supported by the kernel. Note that if the filesystem is a module, you may need to load it first.
Source Files