Documentation ¶
Index ¶
- Constants
- type AwsClientImpl
- func (ci *AwsClientImpl) GetAgentCredential() ([]byte, error)
- func (ci *AwsClientImpl) GetCredentialType() string
- func (ci *AwsClientImpl) GetDialOptions(cfg *ClientConfig) ([]grpc.DialOption, error)
- func (ci *AwsClientImpl) GetServiceIdentity() (string, error)
- func (ci *AwsClientImpl) IsProperPlatform() bool
- type Client
- type ClientConfig
- type GcpClientImpl
- func (ci *GcpClientImpl) GetAgentCredential() ([]byte, error)
- func (ci *GcpClientImpl) GetCredentialType() string
- func (ci *GcpClientImpl) GetDialOptions(cfg *ClientConfig) ([]grpc.DialOption, error)
- func (ci *GcpClientImpl) GetServiceIdentity() (string, error)
- func (ci *GcpClientImpl) IsProperPlatform() bool
- type OnPremClientImpl
- func (ci *OnPremClientImpl) GetAgentCredential() ([]byte, error)
- func (ci *OnPremClientImpl) GetCredentialType() string
- func (ci *OnPremClientImpl) GetDialOptions(cfg *ClientConfig) ([]grpc.DialOption, error)
- func (ci *OnPremClientImpl) GetServiceIdentity() (string, error)
- func (ci *OnPremClientImpl) IsProperPlatform() bool
Constants ¶
const ( // AWSCertificatePem is the official public certificate for AWS // copied from https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-identity-documents.html AWSCertificatePem = `` /* 1073-byte string literal not displayed */ )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AwsClientImpl ¶
type AwsClientImpl struct {
// contains filtered or unexported fields
}
AwsClientImpl is the implementation of AWS metadata client.
func NewAwsClientImpl ¶
func NewAwsClientImpl() *AwsClientImpl
NewAwsClientImpl creates a new AwsClientImpl.
func (*AwsClientImpl) GetAgentCredential ¶
func (ci *AwsClientImpl) GetAgentCredential() ([]byte, error)
GetAgentCredential retrieves the instance identity document as the agent credential used by node agent
func (*AwsClientImpl) GetCredentialType ¶
func (ci *AwsClientImpl) GetCredentialType() string
GetCredentialType returns the credential type as "aws".
func (*AwsClientImpl) GetDialOptions ¶
func (ci *AwsClientImpl) GetDialOptions(cfg *ClientConfig) ([]grpc.DialOption, error)
GetDialOptions returns the GRPC dial options to connect to the CA.
func (*AwsClientImpl) GetServiceIdentity ¶
func (ci *AwsClientImpl) GetServiceIdentity() (string, error)
GetServiceIdentity extracts service identity from userdata. This function should be pluggable for different AWS deployments in the future.
func (*AwsClientImpl) IsProperPlatform ¶
func (ci *AwsClientImpl) IsProperPlatform() bool
IsProperPlatform returns whether the AWS platform client is available.
type Client ¶
type Client interface { GetDialOptions(*ClientConfig) ([]grpc.DialOption, error) // Whether the node agent is running on the right platform, e.g., if gcpPlatformImpl should only // run on GCE. IsProperPlatform() bool // Get the service identity. GetServiceIdentity() (string, error) // Get node agent credential GetAgentCredential() ([]byte, error) // Get type of the credential GetCredentialType() string }
Client is the interface for implementing the client to access platform metadata.
type ClientConfig ¶
type ClientConfig struct { // Root CA cert file to validate the gRPC service in CA. RootCACertFile string // The private key file KeyFile string // The cert chain file CertChainFile string }
ClientConfig consists of the platform client configuration.
type GcpClientImpl ¶
type GcpClientImpl struct {
// contains filtered or unexported fields
}
GcpClientImpl is the implementation of GCP metadata client.
func NewGcpClientImpl ¶
func NewGcpClientImpl(caAddr string) *GcpClientImpl
NewGcpClientImpl creates a new GcpClientImpl.
func (*GcpClientImpl) GetAgentCredential ¶
func (ci *GcpClientImpl) GetAgentCredential() ([]byte, error)
GetAgentCredential returns the GCP JWT for the serivce account.
func (*GcpClientImpl) GetCredentialType ¶
func (ci *GcpClientImpl) GetCredentialType() string
GetCredentialType returns the credential type as "gcp".
func (*GcpClientImpl) GetDialOptions ¶
func (ci *GcpClientImpl) GetDialOptions(cfg *ClientConfig) ([]grpc.DialOption, error)
GetDialOptions returns the GRPC dial options to connect to the CA.
func (*GcpClientImpl) GetServiceIdentity ¶
func (ci *GcpClientImpl) GetServiceIdentity() (string, error)
GetServiceIdentity gets the identity of the GCE service.
func (*GcpClientImpl) IsProperPlatform ¶
func (ci *GcpClientImpl) IsProperPlatform() bool
IsProperPlatform returns whether the client is on GCE.
type OnPremClientImpl ¶
type OnPremClientImpl struct {
// contains filtered or unexported fields
}
OnPremClientImpl is the implementation of on premise metadata client.
func NewOnPremClientImpl ¶
func NewOnPremClientImpl(certChainFile string) *OnPremClientImpl
NewOnPremClientImpl creates a new OnPremClientImpl.
func (*OnPremClientImpl) GetAgentCredential ¶
func (ci *OnPremClientImpl) GetAgentCredential() ([]byte, error)
GetAgentCredential passes the certificate to control plane to authenticate
func (*OnPremClientImpl) GetCredentialType ¶
func (ci *OnPremClientImpl) GetCredentialType() string
GetCredentialType returns "onprem".
func (*OnPremClientImpl) GetDialOptions ¶
func (ci *OnPremClientImpl) GetDialOptions(cfg *ClientConfig) ([]grpc.DialOption, error)
GetDialOptions returns the GRPC dial options to connect to the CA.
func (*OnPremClientImpl) GetServiceIdentity ¶
func (ci *OnPremClientImpl) GetServiceIdentity() (string, error)
GetServiceIdentity gets the service account from the cert SAN field.
func (*OnPremClientImpl) IsProperPlatform ¶
func (ci *OnPremClientImpl) IsProperPlatform() bool
IsProperPlatform returns whether the platform is on premise.