Documentation ¶
Index ¶
- Constants
- func CloudID(id string) string
- func DBSubnetGroupName(vpcID string) string
- func ExternalDatabaseName(installationID string) string
- func IAMSecretName(cloudID string) string
- func IsErrorCode(err error, code string) bool
- func IsErrorResourceInUseException(err error) bool
- func IsErrorResourceNotFound(err error) bool
- func KMSAliasNameRDS(awsID string) string
- func KMSKeyDescriptionRDS(awsID string) string
- func MattermostMultitenantDatabaseUsername(installationID string) string
- func MattermostMultitenantS3Name(environmentName, vpcID string) string
- func MattermostMySQLConnStrings(schema, username, password string, dbCluster *rds.DBCluster) (string, string)
- func MattermostPGBouncerDatabaseUsername(installationID string) string
- func MattermostPostgresConnStrings(schema, username, password string, dbCluster *rds.DBCluster) (string, string)
- func MattermostPostgresPGBouncerConnStrings(username, password, database string) (string, string, string)
- func MattermostRDSDatabaseName(installationID string) string
- func NewAWSSessionWithLogger(config *aws.Config, logger log.FieldLogger) (*session.Session, error)
- func PGBouncerAuthUserSecretName(vpcID string) string
- func RDSMasterInstanceID(installationID string) string
- func RDSMigrationInstanceID(installationID string) string
- func RDSMultitenantClusterSecretDescription(installationID, rdsClusterID string) string
- func RDSMultitenantPGBouncerClusterSecretDescription(vpcID string) string
- func RDSMultitenantPGBouncerSecretName(id string) string
- func RDSMultitenantSecretName(id string) string
- func RDSMySQLConnString(schema, endpoint, username, password string) string
- func RDSPostgresConnString(schema, endpoint, username, password string) string
- func RDSReplicaInstanceID(installationID string, id int) string
- func RDSSecretName(cloudID string) string
- func RDSSnapshotTagValue(cloudID string) string
- type AWS
- type BifrostFilestore
- func (f *BifrostFilestore) GenerateFilestoreSpecAndSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*model.FilestoreConfig, *corev1.Secret, error)
- func (f *BifrostFilestore) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (f *BifrostFilestore) Teardown(keepData bool, store model.InstallationDatabaseStoreInterface, ...) error
- type Client
- func (c *Client) AddSQLStore(store model.InstallationDatabaseStoreInterface)
- func (a *Client) AttachPolicyToRole(roleName, policyName string, logger log.FieldLogger) error
- func (a *Client) ClaimVPC(vpcID string, cluster *model.Cluster, owner string, logger log.FieldLogger) (ClusterResources, error)
- func (a *Client) CreateEKSCluster(cluster *model.Cluster, resources ClusterResources, ...) (*eks.Cluster, error)
- func (a *Client) CreateNodeGroups(clusterName string, resources ClusterResources, eksMetadata model.EKSMetadata) ([]*eks.Nodegroup, error)
- func (a *Client) CreatePrivateCNAME(dnsName string, dnsEndpoints []string, logger log.FieldLogger) error
- func (a *Client) CreatePublicCNAME(dnsName string, dnsEndpoints []string, dnsIdentifier string, ...) error
- func (a *Client) DeletePrivateCNAME(dnsName string, logger log.FieldLogger) error
- func (a *Client) DeletePublicCNAME(dnsName string, logger log.FieldLogger) error
- func (a *Client) DeletePublicCNAMEs(dnsNames []string, logger log.FieldLogger) error
- func (a *Client) DetachPolicyFromRole(roleName, policyName string, logger log.FieldLogger) error
- func (a *Client) DynamoDBEnsureTableDeleted(tableName string, logger log.FieldLogger) error
- func (a *Client) EnsureEKSCluster(cluster *model.Cluster, resources ClusterResources, ...) (*eks.Cluster, error)
- func (a *Client) EnsureEKSClusterDeleted(cluster *model.Cluster) (bool, error)
- func (a *Client) EnsureEKSClusterNodeGroups(cluster *model.Cluster, resources ClusterResources, ...) ([]*eks.Nodegroup, error)
- func (a *Client) EnsureNodeGroupsDeleted(cluster *model.Cluster) (bool, error)
- func (a *Client) GenerateBifrostUtilitySecret(clusterID string, logger log.FieldLogger) (*corev1.Secret, error)
- func (a *Client) GetAccountAliases() (*iam.ListAccountAliasesOutput, error)
- func (a *Client) GetAccountID() (string, error)
- func (a *Client) GetAndClaimVpcResources(cluster *model.Cluster, owner string, logger log.FieldLogger) (ClusterResources, error)
- func (a *Client) GetCIDRByVPCTag(vpcTagName string, logger log.FieldLogger) (string, error)
- func (a *Client) GetCertificateSummaryByTag(key, value string, logger log.FieldLogger) (*acm.CertificateSummary, error)
- func (c *Client) GetCloudEnvironmentName() string
- func (a *Client) GetEKSCluster(clusterName string) (*eks.Cluster, error)
- func (a *Client) GetHostedZonesWithTag(tag Tag) ([]*route53.HostedZone, error)
- func (client *Client) GetMultitenantBucketNameForInstallation(installationID string, store model.InstallationDatabaseStoreInterface) (string, error)
- func (a *Client) GetPrivateHostedZoneID() string
- func (a *Client) GetPrivateZoneDomainName(logger log.FieldLogger) (string, error)
- func (a *Client) GetPublicHostedZoneNames() []string
- func (a *Client) GetSecurityGroupsWithFilters(filters []*ec2.Filter) ([]*ec2.SecurityGroup, error)
- func (a *Client) GetSubnetsWithFilters(filters []*ec2.Filter) ([]*ec2.Subnet, error)
- func (a *Client) GetTagByKeyAndZoneID(key string, id string, logger log.FieldLogger) (*Tag, error)
- func (a *Client) GetVpcResources(clusterID string, logger log.FieldLogger) (ClusterResources, error)
- func (a *Client) GetVpcResourcesByVpcID(vpcID string, logger log.FieldLogger) (ClusterResources, error)
- func (a *Client) GetVpcsWithFilters(filters []*ec2.Filter) ([]*ec2.Vpc, error)
- func (c *Client) HasSQLStore() bool
- func (a *Client) IsClusterReady(clusterName string) (bool, error)
- func (a *Client) IsProvisionedPrivateCNAME(dnsName string, logger log.FieldLogger) bool
- func (a *Client) IsValidAMI(AMIImage string, logger log.FieldLogger) (bool, error)
- func (a *Client) RDSDBCLusterExists(awsID string) (bool, error)
- func (a *Client) ReleaseVpc(cluster *model.Cluster, logger log.FieldLogger) error
- func (a *Client) S3EnsureBucketDeleted(bucketName string, logger log.FieldLogger) error
- func (a *Client) S3EnsureBucketDirectoryDeleted(bucketName, directory string, logger log.FieldLogger) error
- func (a *Client) S3EnsureObjectDeleted(bucketName, path string) error
- func (a *Client) S3LargeCopy(srcBucketName, srcBucketKey, destBucketName, destBucketKey *string) error
- func (a *Client) SecretsManagerGetPGBouncerAuthUserPassword(vpcID string) (string, error)
- func (a *Client) SecretsManagerRestoreSecret(secretName string, logger log.FieldLogger) error
- func (a *Client) SecretsManagerValidateExternalDatabaseSecret(name string) error
- func (c *Client) Service() *Service
- func (a *Client) SwitchClusterTags(clusterID string, targetClusterID string, logger log.FieldLogger) error
- func (a *Client) TagResource(resourceID, key, value string, logger log.FieldLogger) error
- func (a *Client) TagResourcesByCluster(clusterResources ClusterResources, cluster *model.Cluster, owner string, ...) error
- func (a *Client) UntagResource(resourceID, key, value string, logger log.FieldLogger) error
- func (a *Client) UpdatePublicRecordIDForCNAME(dnsName, newID string, logger log.FieldLogger) error
- func (a *Client) UpsertPublicCNAMEs(dnsNames []string, endpoints []string, logger log.FieldLogger) error
- type ClusterResources
- type ExternalDatabase
- func (d *ExternalDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)
- func (d *ExternalDatabase) IsValid() error
- func (d *ExternalDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, ...) error
- func (d *ExternalDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, ...) error
- func (d *ExternalDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (d *ExternalDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (d *ExternalDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, ...) error
- func (d *ExternalDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (d *ExternalDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, ...) error
- func (d *ExternalDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, ...) error
- type IAMAccessKey
- type InstallationDBSecret
- type RDSDatabase
- func (d *RDSDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)
- func (d *RDSDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, ...) error
- func (d *RDSDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, ...) error
- func (d *RDSDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (d *RDSDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (d *RDSDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, ...) error
- func (d *RDSDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (d *RDSDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, ...) error
- func (d *RDSDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, ...) error
- type RDSDatabaseMigration
- type RDSMultitenantDatabase
- func (d *RDSMultitenantDatabase) DatabaseTypeTagValue() string
- func (d *RDSMultitenantDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)
- func (d *RDSMultitenantDatabase) IsValid() error
- func (d *RDSMultitenantDatabase) MaxSupportedDatabases() int
- func (d *RDSMultitenantDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, ...) error
- func (d *RDSMultitenantDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, ...) error
- func (d *RDSMultitenantDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (d *RDSMultitenantDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (d *RDSMultitenantDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, ...) error
- func (d *RDSMultitenantDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (d *RDSMultitenantDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, ...) error
- func (d *RDSMultitenantDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, ...) error
- type RDSMultitenantPGBouncerDatabase
- func (d *RDSMultitenantPGBouncerDatabase) DatabaseTypeTagValue() string
- func (d *RDSMultitenantPGBouncerDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)
- func (d *RDSMultitenantPGBouncerDatabase) IsValid() error
- func (d *RDSMultitenantPGBouncerDatabase) MaxSupportedDatabases() int
- func (d *RDSMultitenantPGBouncerDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, ...) error
- func (d *RDSMultitenantPGBouncerDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, ...) error
- func (d *RDSMultitenantPGBouncerDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (d *RDSMultitenantPGBouncerDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (d *RDSMultitenantPGBouncerDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, ...) error
- func (d *RDSMultitenantPGBouncerDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (d *RDSMultitenantPGBouncerDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, ...) error
- func (d *RDSMultitenantPGBouncerDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, ...) error
- type RDSSecret
- type S3Filestore
- func (f *S3Filestore) GenerateFilestoreSpecAndSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*model.FilestoreConfig, *corev1.Secret, error)
- func (f *S3Filestore) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (f *S3Filestore) Teardown(keepData bool, store model.InstallationDatabaseStoreInterface, ...) error
- type S3MultitenantFilestore
- func (f *S3MultitenantFilestore) GenerateFilestoreSpecAndSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*model.FilestoreConfig, *corev1.Secret, error)
- func (f *S3MultitenantFilestore) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
- func (f *S3MultitenantFilestore) Teardown(keepData bool, store model.InstallationDatabaseStoreInterface, ...) error
- type SQLDatabaseManager
- type Service
- type Tag
Constants ¶
const ( // S3URL is the S3 URL for making bucket API calls. S3URL = "s3.amazonaws.com" // DefaultAWSRegion is the default AWS region for AWS resources. DefaultAWSRegion = "us-east-1" // VpcAvailableTagKey is the tag key to determine if a VPC is currently in // use by a cluster or not. VpcAvailableTagKey = "tag:Available" // VpcAvailableTagValueTrue is the tag value for VpcAvailableTagKey when the // VPC is currently not in use by a cluster and can be claimed. VpcAvailableTagValueTrue = "true" // VpcAvailableTagValueFalse is the tag value for VpcAvailableTagKey when the // VPC is currently in use by a cluster and cannot be claimed. VpcAvailableTagValueFalse = "false" // VpcClusterIDTagKey is the tag key used to store the cluster ID of the // cluster running in that VPC. VpcClusterIDTagKey = "tag:CloudClusterID" // VpcClusterOwnerKey is the tag key used to store the owner of the // cluster's human name so that the VPC's owner can be identified VpcClusterOwnerKey = "tag:CloudClusterOwner" // VpcNameTagKey is the tag key used to store name of the VPC. VpcNameTagKey = "tag:Name" // VpcClusterOwnerValueNone is the tag value for VpcClusterOwnerKey when // there is no cluster running in the VPC. VpcClusterOwnerValueNone = "none" // VpcClusterIDTagValueNone is the tag value for VpcClusterIDTagKey when // there is no cluster running in the VPC. VpcClusterIDTagValueNone = "none" // DefaultDatabaseMySQLVersion is the default version of MySQL used when // creating databases. DefaultDatabaseMySQLVersion = "5.7" // DefaultDatabasePostgresVersion is the default version of PostgreSQL used // when creating databases. DefaultDatabasePostgresVersion = "11.13" // DefaultDBSubnetGroupName is the default DB subnet group name used when // creating DB clusters. This group name is defined by the owner of the AWS // accounts and can be the same across all accounts. // Note: This needs to be manually created before RDS databases can be used. DefaultDBSubnetGroupName = "mattermost-databases" // DatabaseTypeMySQLAurora is a MySQL database running on AWS RDS Aurora. DatabaseTypeMySQLAurora = "MySQL/Aurora" // DatabaseTypePostgresSQLAurora is a PostgreSQL database running on AWS // RDS Aurora. DatabaseTypePostgresSQLAurora = "PostgreSQL/Aurora" // CloudInstallationDatabaseTagKey is the common tag key for determing // database type. CloudInstallationDatabaseTagKey = "tag:MattermostCloudInstallationDatabase" // DefaultDBSecurityGroupTagKey is the default DB security group tag key // that is used to find security groups to use in configuration of the RDS // database. // Note: This needs to be manually created before RDS databases can be used. DefaultDBSecurityGroupTagKey = "tag:MattermostCloudInstallationDatabase" // DefaultDBSecurityGroupTagMySQLValue is the default DB security group tag // value that is used to find MySQL security groups to use in configuration // of the RDS database. // Note: This needs to be manually created before MySQL RDS databases can be // used. DefaultDBSecurityGroupTagMySQLValue = DatabaseTypeMySQLAurora // DefaultDBSecurityGroupTagPostgresValue is the default DB security group // tag value that is used to find Postgres security groups to use in // configuration of the RDS database. // Note: This needs to be manually created before MySQL RDS databases can be // used. DefaultDBSecurityGroupTagPostgresValue = DatabaseTypePostgresSQLAurora // DefaultDBSubnetGroupTagKey is the default DB subnet group tag key that is // used to find subnet groups to use in configuration of the RDS database. // Note: This needs to be manually created before RDS databases can be used. DefaultDBSubnetGroupTagKey = "tag:MattermostCloudInstallationDatabase" // DefaultDBSubnetGroupTagValue is the default DB subnet group tag value // that is used to find subnet groups to use in configuration of the RDS // database. // Note: This needs to be manually created before RDS databases can be used. DefaultDBSubnetGroupTagValue = DatabaseTypeMySQLAurora // DefaultInstallPrivateCertificatesTagKey is the default key used to find the private // TLS certificate ARN. DefaultInstallPrivateCertificatesTagKey = "tag:MattermostCloudPrivateCertificates" // DefaultInstallPrivateCertificatesTagValue is the default value used to find the private // TLS certificate ARN. DefaultInstallPrivateCertificatesTagValue = "true" // DefaultInstallCertificatesTagKey is the default key used to find the server // TLS certificate ARN. DefaultInstallCertificatesTagKey = "tag:MattermostCloudInstallationCertificates" // DefaultInstallCertificatesTagValue is the default value used to find the server // TLS certificate ARN. DefaultInstallCertificatesTagValue = "true" // DefaultCloudDNSTagKey is the default key used to find private and public hosted // zone IDs in AWS Route53. DefaultCloudDNSTagKey = "tag:MattermostCloudDNS" // DefaultAuditLogsCoreSecurityTagKey is the default key used to find its value which // has the format URL:port in which we send audit logs for each environment. // This URL is in Core Account and port is different for each environment //This tag exists in the Route53 Private hosted zones DefaultAuditLogsCoreSecurityTagKey = "tag:AuditLogsCoreSecurity" // DefaultPrivateCloudDNSTagValue is the default value used to find private hosted // zone ID in AWS Route53. DefaultPrivateCloudDNSTagValue = "private" // DefaultPublicCloudDNSTagValue is the default value used to find public hosted // zone ID in AWS Route53. DefaultPublicCloudDNSTagValue = "public" // HibernatingInstallationResourceRecordIDPrefix is a prefix given to AWS // route53 resource records when the installation it points to is hibernating. HibernatingInstallationResourceRecordIDPrefix = "[hibernating] " // CustomNodePolicyName is the name of the custom IAM policy that will be // attached in Kops Instance Profile. CustomNodePolicyName = "cloud-provisioning-node-policy" // VeleroNodePolicyName is the name of the velero IAM policy that will be // attached in Kops Instance Profile. VeleroNodePolicyName = "cloud-provisioning-node-policy-velero" // DefaultMultitenantDatabaseCounterTagKey is the default key used to // identify the counter tag used in RDS multitenant database clusters. DefaultMultitenantDatabaseCounterTagKey = "tag:Counter" // DefaultClusterInstallationSnapshotTagKey is used for tagging snapshots // of a cluster installation. DefaultClusterInstallationSnapshotTagKey = "tag:ClusterInstallationSnapshot" // DefaultAWSClientRetries supplies how many time the AWS client will // retry a failed call. DefaultAWSClientRetries = 3 // KMSMaxTimeEncryptionKeyDeletion is the maximum number of days that // AWS will take to delete an encryption key. KMSMaxTimeEncryptionKeyDeletion = 30 // DefaultMySQLContextTimeSeconds is the number of seconds that a SQL // client will take before cancel a call to the database. DefaultMySQLContextTimeSeconds = 15 // DefaultRDSMultitenantDatabaseMySQLCountLimit is the maximum number of // schemas allowed in a MySQL multitenant RDS database cluster. DefaultRDSMultitenantDatabaseMySQLCountLimit = 10 // DefaultRDSMultitenantDatabasePostgresCountLimit is the maximum number of // schemas allowed in a Postgres multitenant RDS database cluster. DefaultRDSMultitenantDatabasePostgresCountLimit = 300 // DefaultRDSMultitenantPGBouncerDatabasePostgresCountLimit is the maximum // number of schemas allowed in a Postgres multitenant RDS database cluster // with a PGBouncer proxy. DefaultRDSMultitenantPGBouncerDatabasePostgresCountLimit = 2500 // RDSMultitenantDBClusterResourceNamePrefix identifies the prefix // used for naming multitenant RDS DB cluster resources. // For example: "rds-cluster-multitenant-00000000000000000-a0000000" // Warning: // changing this value may cause the provisioner to not find some AWS resources. RDSMultitenantDBClusterResourceNamePrefix = "rds-cluster-multitenant" // DefaultMattermostInstallationIDTagKey is the default name used for // tagging resources with an installation ID. DefaultMattermostInstallationIDTagKey = "tag:InstallationId" // DefaultMattermostDatabaseUsername is the default username used for // connecting to a Mattermost database. // Warning: // changing this value may break the connection to existing installations. DefaultMattermostDatabaseUsername = "mmcloud" // DefaultPGBouncerAuthUsername is the default username used for authorizing // pgbouncer connections to a shared database. // Warning: // changing this value may break the connection to existing databases. DefaultPGBouncerAuthUsername = "pgbouncer" // DefaultResourceTypeClusterRDS is the default resource type used by // AWS to identify an RDS cluster. DefaultResourceTypeClusterRDS = "rds:cluster" // DefaultRDSStatusAvailable identify that a RDS cluster is in available // state. DefaultRDSStatusAvailable = "available" // DefaultRDSEncryptionTagKey in the default tag key used for tagging // RDS encryption keys // Warning: // changing this value will break the connection to AWS resources for existing installations. DefaultRDSEncryptionTagKey = "rds-encryption-key" // VpcIDTagKey is the key used to identify resources belonging to a given // VPC. // Warning: // changing this value will break the connection to AWS resources for existing installations. VpcIDTagKey = "tag:VpcID" // FilestoreMultitenantS3TagKey is the key used to identify S3 buckets that // provide multitenant filestores. // Warning: // changing this value will break the connection to AWS resources for existing installations. FilestoreMultitenantS3TagKey = "tag:Filestore" // FilestoreMultitenantS3TagValue is FilestoreMultitenantS3TagKey value for // S3 multitenant databases. // Warning: // changing this value will break the connection to AWS resources for existing installations. FilestoreMultitenantS3TagValue = "Multitenant" // DefaultRDSMultitenantDatabaseIDTagKey is the key used to identify a // multitenant RDS database clusters. // Warning: // changing this value will break the connection to AWS resources for existing installations. DefaultRDSMultitenantDatabaseIDTagKey = "tag:MultitenantDatabaseID" // DefaultRDSMultitenantDatabaseTypeTagKey is the key used to identify a // multitenant RDS database clusters. // Warning: // changing this value will break the connection to AWS resources for existing installations. DefaultRDSMultitenantDatabaseTypeTagKey = "tag:DatabaseType" // DefaultRDSMultitenantDatabaseTypeTagValue key used to identify a // multitenant database cluster of type multitenant-rds. // Warning: // changing this value will break the connection to AWS resources for existing installations. DefaultRDSMultitenantDatabaseTypeTagValue = "multitenant-rds" // DefaultRDSMultitenantDatabaseDBProxyTypeTagValue key used to identify a // multitenant database cluster with pooled connections of type // multitenant-rds-dbproxy. // Warning: // changing this value will break the connection to AWS resources for existing installations. DefaultRDSMultitenantDatabaseDBProxyTypeTagValue = "multitenant-rds-dbproxy" // RDSMultitenantPurposeTagKey is the key used to identify the purpose // of an RDS cluster. // Warning: // changing this value will break the connection to AWS resources for existing installations. RDSMultitenantPurposeTagKey = "tag:Purpose" // RDSMultitenantPurposeTagValueProvisioning is one of the purposes of // an RDS cluster. // Warning: // changing this value will break the connection to AWS resources for existing installations. RDSMultitenantPurposeTagValueProvisioning = "provisioning" // RDSMultitenantOwnerTagKey identifies who owns the RDS cluster. // Warning: // changing this value will break the connection to AWS resources for existing installations. RDSMultitenantOwnerTagKey = "tag:Owner" // RDSMultitenantInstallationCounterTagKey identifies the number of // installations in the RDS cluster. // Warning: // changing this value will break the connection to AWS resources for existing installations. RDSMultitenantInstallationCounterTagKey = "tag:Counter" // RDSMultitenantOwnerTagValueCloudTeam identifies that cloud team // owns the RDS cluster. // Warning: // changing this value will break the connection to AWS resources for existing installations. RDSMultitenantOwnerTagValueCloudTeam = "cloud-team" // DefaultAWSTerraformProvisionedKey identifies wether or not a AWS // resource has been provisioned via Terraform. // Warning: // changing this value will break the connection to AWS resources for existing installations. DefaultAWSTerraformProvisionedKey = "Terraform" // DefaultAWSTerraformProvisionedValueTrue indicates that the AWS // resource has been provisioned via Terraform. // Warning: // changing this value will break the connection to AWS resources for existing installations. DefaultAWSTerraformProvisionedValueTrue = "true" // VpcSecondaryClusterIDTagKey is the tag key used to store the secondary cluster ID of the // cluster running in that VPC. VpcSecondaryClusterIDTagKey = "tag:CloudSecondaryClusterID" )
Variables ¶
This section is empty.
Functions ¶
func CloudID ¶ added in v0.7.0
CloudID returns the standard ID used for AWS resource names. This ID is used to correlate installations to AWS resources.
func DBSubnetGroupName ¶ added in v0.17.0
DBSubnetGroupName formats the subnet group name used for RDS databases.
func ExternalDatabaseName ¶ added in v0.63.0
ExternalDatabaseName formats the name of an externally managed database.
func IAMSecretName ¶ added in v0.8.0
IAMSecretName returns the IAM Access Key secret name for a given Cloud ID.
func IsErrorCode ¶ added in v0.18.0
IsErrorCode asserts that an AWS error has a certain code.
func IsErrorResourceInUseException ¶ added in v0.63.0
IsErrorResourceInUseException asserts that an AWS error is ResourceInUseException.
func IsErrorResourceNotFound ¶ added in v0.63.0
IsErrorResourceNotFound asserts that an AWS error is ResourceNotFoundException.
func KMSAliasNameRDS ¶ added in v0.19.0
KMSAliasNameRDS formats the alias name associated with a KMS encryption key used specifically for RDS databases.
func KMSKeyDescriptionRDS ¶ added in v0.19.0
KMSKeyDescriptionRDS formats the description of an KMS key used for encrypting a RDS cluster.
func MattermostMultitenantDatabaseUsername ¶ added in v0.47.0
MattermostMultitenantDatabaseUsername formats the name of a Mattermost user for use in a multitenant database.
func MattermostMultitenantS3Name ¶ added in v0.29.0
MattermostMultitenantS3Name formats the name of a Mattermost S3 multitenant filestore bucket name.
func MattermostMySQLConnStrings ¶ added in v0.30.0
func MattermostMySQLConnStrings(schema, username, password string, dbCluster *rds.DBCluster) (string, string)
MattermostMySQLConnStrings formats the connection string used for accessing a Mattermost database.
func MattermostPGBouncerDatabaseUsername ¶ added in v0.46.1
MattermostPGBouncerDatabaseUsername formats the name of a Mattermost user for use in a PGBouncer database.
func MattermostPostgresConnStrings ¶ added in v0.30.0
func MattermostPostgresConnStrings(schema, username, password string, dbCluster *rds.DBCluster) (string, string)
MattermostPostgresConnStrings formats the connection strings used by Mattermost servers to access a PostgreSQL database.
func MattermostPostgresPGBouncerConnStrings ¶ added in v0.46.1
func MattermostPostgresPGBouncerConnStrings(username, password, database string) (string, string, string)
MattermostPostgresPGBouncerConnStrings formats the connection strings used by Mattermost servers to access a PostgreSQL database with a PGBouncer proxy.
Regarding binary_parameters: https://blog.bullgare.com/2019/06/pgbouncer-and-prepared-statements
func MattermostRDSDatabaseName ¶ added in v0.19.0
MattermostRDSDatabaseName formats the name of a Mattermost RDS database schema.
func NewAWSSessionWithLogger ¶ added in v0.17.0
NewAWSSessionWithLogger initializes an AWS session instance with logging handler for debuging only.
func PGBouncerAuthUserSecretName ¶ added in v0.46.1
PGBouncerAuthUserSecretName formats the name of a secret used for the pgbouncer auth user.
func RDSMasterInstanceID ¶ added in v0.17.0
RDSMasterInstanceID formats the name used for RDS database master instances.
func RDSMigrationInstanceID ¶ added in v0.18.0
RDSMigrationInstanceID formats the name used for migrated RDS database instances.
func RDSMultitenantClusterSecretDescription ¶ added in v0.19.0
RDSMultitenantClusterSecretDescription formats the text used for describing a multitenant database's secret key.
func RDSMultitenantPGBouncerClusterSecretDescription ¶ added in v0.46.1
RDSMultitenantPGBouncerClusterSecretDescription formats the text used for describing a PGBouncer auth user secret key.
func RDSMultitenantPGBouncerSecretName ¶ added in v0.46.1
RDSMultitenantPGBouncerSecretName formats the name of a secret used in a multitenant PGBouncer RDS database.
func RDSMultitenantSecretName ¶ added in v0.19.0
RDSMultitenantSecretName formats the name of a secret used in a multitenant RDS database.
func RDSMySQLConnString ¶ added in v0.19.0
RDSMySQLConnString formats the connection string used by the provisioner for accessing a MySQL RDS cluster.
func RDSPostgresConnString ¶ added in v0.25.0
RDSPostgresConnString formats the connection string used by the provisioner for accessing a Postgres RDS cluster.
func RDSReplicaInstanceID ¶ added in v0.35.0
RDSReplicaInstanceID formats the name used for RDS database replica instances.
func RDSSecretName ¶ added in v0.8.0
RDSSecretName returns the RDS secret name for a given Cloud ID.
func RDSSnapshotTagValue ¶ added in v0.17.0
RDSSnapshotTagValue returns the value for tagging a RDS snapshot.
Types ¶
type AWS ¶
type AWS interface { GetCertificateSummaryByTag(key, value string, logger log.FieldLogger) (*acm.CertificateSummary, error) GetCloudEnvironmentName() string GetAndClaimVpcResources(cluster *model.Cluster, owner string, logger log.FieldLogger) (ClusterResources, error) ClaimVPC(vpcID string, cluster *model.Cluster, owner string, logger log.FieldLogger) (ClusterResources, error) GetVpcResources(clusterID string, logger log.FieldLogger) (ClusterResources, error) ReleaseVpc(cluster *model.Cluster, logger log.FieldLogger) error AttachPolicyToRole(roleName, policyName string, logger log.FieldLogger) error DetachPolicyFromRole(roleName, policyName string, logger log.FieldLogger) error GetPrivateZoneDomainName(logger log.FieldLogger) (string, error) GetPrivateHostedZoneID() string GetPublicHostedZoneNames() []string GetTagByKeyAndZoneID(key string, id string, logger log.FieldLogger) (*Tag, error) CreatePrivateCNAME(dnsName string, dnsEndpoints []string, logger log.FieldLogger) error CreatePublicCNAME(dnsName string, dnsEndpoints []string, dnsIdentifier string, logger log.FieldLogger) error UpdatePublicRecordIDForCNAME(dnsName, newID string, logger log.FieldLogger) error IsProvisionedPrivateCNAME(dnsName string, logger log.FieldLogger) bool DeletePrivateCNAME(dnsName string, logger log.FieldLogger) error DeletePublicCNAME(dnsName string, logger log.FieldLogger) error DeletePublicCNAMEs(dnsName []string, logger log.FieldLogger) error UpsertPublicCNAMEs(dnsNames []string, endpoints []string, logger log.FieldLogger) error TagResource(resourceID, key, value string, logger log.FieldLogger) error UntagResource(resourceID, key, value string, logger log.FieldLogger) error IsValidAMI(AMIImage string, logger log.FieldLogger) (bool, error) DynamoDBEnsureTableDeleted(tableName string, logger log.FieldLogger) error S3EnsureBucketDeleted(bucketName string, logger log.FieldLogger) error S3EnsureObjectDeleted(bucketName, path string) error S3LargeCopy(srcBucketName, srcKey, destBucketName, destKey *string) error GetMultitenantBucketNameForInstallation(installationID string, store model.InstallationDatabaseStoreInterface) (string, error) GenerateBifrostUtilitySecret(clusterID string, logger log.FieldLogger) (*corev1.Secret, error) GetCIDRByVPCTag(vpcTagName string, logger log.FieldLogger) (string, error) GetVpcResourcesByVpcID(vpcID string, logger log.FieldLogger) (ClusterResources, error) TagResourcesByCluster(clusterResources ClusterResources, cluster *model.Cluster, owner string, logger log.FieldLogger) error SecretsManagerGetPGBouncerAuthUserPassword(vpcID string) (string, error) SecretsManagerValidateExternalDatabaseSecret(name string) error SwitchClusterTags(clusterID string, targetClusterID string, logger log.FieldLogger) error EnsureEKSCluster(cluster *model.Cluster, resources ClusterResources, eksMetadata model.EKSMetadata) (*eks.Cluster, error) EnsureEKSClusterNodeGroups(cluster *model.Cluster, resources ClusterResources, eksMetadata model.EKSMetadata) ([]*eks.Nodegroup, error) GetEKSCluster(clusterName string) (*eks.Cluster, error) IsClusterReady(clusterName string) (bool, error) EnsureNodeGroupsDeleted(cluster *model.Cluster) (bool, error) EnsureEKSClusterDeleted(cluster *model.Cluster) (bool, error) }
AWS interface for use by other packages.
type BifrostFilestore ¶ added in v0.33.0
type BifrostFilestore struct {
// contains filtered or unexported fields
}
BifrostFilestore is a filestore backed by a shared AWS S3 bucket with access controlled by bifrost.
func NewBifrostFilestore ¶ added in v0.33.0
func NewBifrostFilestore(installationID string, awsClient *Client) *BifrostFilestore
NewBifrostFilestore returns a new NewBifrostFilestore interface.
func (*BifrostFilestore) GenerateFilestoreSpecAndSecret ¶ added in v0.33.0
func (f *BifrostFilestore) GenerateFilestoreSpecAndSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*model.FilestoreConfig, *corev1.Secret, error)
GenerateFilestoreSpecAndSecret creates the k8s filestore spec and secret for accessing the shared S3 bucket.
func (*BifrostFilestore) Provision ¶ added in v0.33.0
func (f *BifrostFilestore) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Provision completes all the steps necessary to provision an S3 multitenant filestore.
func (*BifrostFilestore) Teardown ¶ added in v0.33.0
func (f *BifrostFilestore) Teardown(keepData bool, store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Teardown removes all AWS resources related to a shared S3 filestore.
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client is a client for interacting with AWS resources in a single AWS account.
func NewAWSClientWithConfig ¶ added in v0.17.0
NewAWSClientWithConfig returns a new instance of Client with a custom configuration.
func (*Client) AddSQLStore ¶ added in v0.10.0
func (c *Client) AddSQLStore(store model.InstallationDatabaseStoreInterface)
AddSQLStore adds SQLStore functionality to the AWS client.
func (*Client) AttachPolicyToRole ¶ added in v0.24.0
func (a *Client) AttachPolicyToRole(roleName, policyName string, logger log.FieldLogger) error
AttachPolicyToRole attaches a pre-created IAM policy to an IAM role.
func (*Client) ClaimVPC ¶ added in v0.63.0
func (a *Client) ClaimVPC(vpcID string, cluster *model.Cluster, owner string, logger log.FieldLogger) (ClusterResources, error)
ClaimVPC claims specified VPC for specified cluster.
func (*Client) CreateEKSCluster ¶ added in v0.63.0
func (a *Client) CreateEKSCluster(cluster *model.Cluster, resources ClusterResources, eksMetadata model.EKSMetadata) (*eks.Cluster, error)
CreateEKSCluster creates EKS cluster.
func (*Client) CreateNodeGroups ¶ added in v0.63.0
func (a *Client) CreateNodeGroups(clusterName string, resources ClusterResources, eksMetadata model.EKSMetadata) ([]*eks.Nodegroup, error)
CreateNodeGroups creates node groups for EKS cluster.
func (*Client) CreatePrivateCNAME ¶ added in v0.11.0
func (a *Client) CreatePrivateCNAME(dnsName string, dnsEndpoints []string, logger log.FieldLogger) error
CreatePrivateCNAME creates a record in Route53 for a private domain name.
func (*Client) CreatePublicCNAME ¶ added in v0.11.0
func (a *Client) CreatePublicCNAME(dnsName string, dnsEndpoints []string, dnsIdentifier string, logger log.FieldLogger) error
CreatePublicCNAME creates a record in Route53 for a public domain name.
func (*Client) DeletePrivateCNAME ¶ added in v0.11.0
func (a *Client) DeletePrivateCNAME(dnsName string, logger log.FieldLogger) error
DeletePrivateCNAME deletes an AWS route53 record for a private domain name.
func (*Client) DeletePublicCNAME ¶ added in v0.11.0
func (a *Client) DeletePublicCNAME(dnsName string, logger log.FieldLogger) error
DeletePublicCNAME deletes a AWS route53 record for a public domain name.
func (*Client) DeletePublicCNAMEs ¶ added in v0.59.0
func (a *Client) DeletePublicCNAMEs(dnsNames []string, logger log.FieldLogger) error
DeletePublicCNAMEs deletes AWS route53 records for a public domain name.
func (*Client) DetachPolicyFromRole ¶ added in v0.24.0
func (a *Client) DetachPolicyFromRole(roleName, policyName string, logger log.FieldLogger) error
DetachPolicyFromRole detaches an IAM policy from an IAM role.
func (*Client) DynamoDBEnsureTableDeleted ¶ added in v0.24.0
func (a *Client) DynamoDBEnsureTableDeleted(tableName string, logger log.FieldLogger) error
DynamoDBEnsureTableDeleted is used to check if DynamoDB table exists and delete it.
func (*Client) EnsureEKSCluster ¶ added in v0.63.0
func (a *Client) EnsureEKSCluster(cluster *model.Cluster, resources ClusterResources, eksMetadata model.EKSMetadata) (*eks.Cluster, error)
EnsureEKSCluster ensures EKS cluster is created.
func (*Client) EnsureEKSClusterDeleted ¶ added in v0.63.0
EnsureEKSClusterDeleted ensures EKS cluster is deleted.
func (*Client) EnsureEKSClusterNodeGroups ¶ added in v0.63.0
func (a *Client) EnsureEKSClusterNodeGroups(cluster *model.Cluster, resources ClusterResources, eksMetadata model.EKSMetadata) ([]*eks.Nodegroup, error)
EnsureEKSClusterNodeGroups ensures EKS cluster node groups are created.
func (*Client) EnsureNodeGroupsDeleted ¶ added in v0.63.0
EnsureNodeGroupsDeleted ensures EKS node groups are deleted.
func (*Client) GenerateBifrostUtilitySecret ¶ added in v0.33.0
func (a *Client) GenerateBifrostUtilitySecret(clusterID string, logger log.FieldLogger) (*corev1.Secret, error)
GenerateBifrostUtilitySecret creates the secret needed by the bifrost service to access the shared S3 bucket for a given cluster.
func (*Client) GetAccountAliases ¶ added in v0.20.0
func (a *Client) GetAccountAliases() (*iam.ListAccountAliasesOutput, error)
GetAccountAliases returns the AWS account name aliases.
func (*Client) GetAccountID ¶ added in v0.24.0
GetAccountID gets the current AWS Account ID
func (*Client) GetAndClaimVpcResources ¶ added in v0.9.0
func (a *Client) GetAndClaimVpcResources(cluster *model.Cluster, owner string, logger log.FieldLogger) (ClusterResources, error)
GetAndClaimVpcResources creates ClusterResources from an available VPC and tags them appropriately.
func (*Client) GetCIDRByVPCTag ¶ added in v0.36.0
GetCIDRByVPCTag fetches VPC CIDR block by 'Name' tag.
func (*Client) GetCertificateSummaryByTag ¶ added in v0.11.0
func (a *Client) GetCertificateSummaryByTag(key, value string, logger log.FieldLogger) (*acm.CertificateSummary, error)
GetCertificateSummaryByTag returns the certificate summary associated with a valid tag key and value in AWS.
func (*Client) GetCloudEnvironmentName ¶ added in v0.29.0
GetCloudEnvironmentName looks for a standard cloud account environment name and returns it.
func (*Client) GetEKSCluster ¶ added in v0.63.0
GetEKSCluster returns EKS cluster with given name.
func (*Client) GetHostedZonesWithTag ¶ added in v0.53.0
func (a *Client) GetHostedZonesWithTag(tag Tag) ([]*route53.HostedZone, error)
GetHostedZonesWithTag returns R53 hosted zone for a given tag
func (*Client) GetMultitenantBucketNameForInstallation ¶ added in v0.45.0
func (client *Client) GetMultitenantBucketNameForInstallation(installationID string, store model.InstallationDatabaseStoreInterface) (string, error)
GetMultitenantBucketNameForInstallation is a convenience function for determining the name of the S3 bucket used by an Installation which is configured to use the multitenant-s3-filestore or bifrost filestore types
func (*Client) GetPrivateHostedZoneID ¶ added in v0.41.0
GetPrivateHostedZoneID returns the private R53 hosted zone ID for the AWS account.
func (*Client) GetPrivateZoneDomainName ¶ added in v0.13.0
func (a *Client) GetPrivateZoneDomainName(logger log.FieldLogger) (string, error)
GetPrivateZoneDomainName gets the private Route53 domain name.
func (*Client) GetPublicHostedZoneNames ¶ added in v0.54.1
GetPublicHostedZoneNames returns the public R53 hosted zone Name list for the AWS account.
func (*Client) GetSecurityGroupsWithFilters ¶ added in v0.17.0
GetSecurityGroupsWithFilters returns SGs matching a given filter.
func (*Client) GetSubnetsWithFilters ¶ added in v0.17.0
GetSubnetsWithFilters returns subnets matching a given filter.
func (*Client) GetTagByKeyAndZoneID ¶ added in v0.22.0
GetTagByKeyAndZoneID returns a Tag of a given tag:key and of a given route53 id
func (*Client) GetVpcResources ¶ added in v0.38.0
func (a *Client) GetVpcResources(clusterID string, logger log.FieldLogger) (ClusterResources, error)
GetVpcResources retrieves the VPC information for a particulary cluster.
func (*Client) GetVpcResourcesByVpcID ¶ added in v0.45.0
func (a *Client) GetVpcResourcesByVpcID(vpcID string, logger log.FieldLogger) (ClusterResources, error)
GetVpcResourcesByVpcID retrieve the VPC information for a particulary cluster.
func (*Client) GetVpcsWithFilters ¶ added in v0.17.0
GetVpcsWithFilters returns VPCs matching a given filter.
func (*Client) HasSQLStore ¶ added in v0.10.0
HasSQLStore returns whether the AWS client has a SQL store or not.
func (*Client) IsClusterReady ¶ added in v0.63.0
IsClusterReady checks if EKS cluster is ready.
func (*Client) IsProvisionedPrivateCNAME ¶ added in v0.19.0
func (a *Client) IsProvisionedPrivateCNAME(dnsName string, logger log.FieldLogger) bool
IsProvisionedPrivateCNAME returns true if a record has been registered in the private hosted zone for the given CNAME (full FQDN required as input)
func (*Client) IsValidAMI ¶ added in v0.11.0
IsValidAMI check if the provided AMI exists
func (*Client) RDSDBCLusterExists ¶ added in v0.54.0
RDSDBCLusterExists check whether RDS cluster with specified ID exists.
func (*Client) ReleaseVpc ¶ added in v0.9.0
ReleaseVpc changes the tags on a VPC to mark it as "available" again.
func (*Client) S3EnsureBucketDeleted ¶ added in v0.24.0
func (a *Client) S3EnsureBucketDeleted(bucketName string, logger log.FieldLogger) error
S3EnsureBucketDeleted is used to check if S3 bucket exists, clean it and delete it.
func (*Client) S3EnsureBucketDirectoryDeleted ¶ added in v0.29.0
func (a *Client) S3EnsureBucketDirectoryDeleted(bucketName, directory string, logger log.FieldLogger) error
S3EnsureBucketDirectoryDeleted is used to ensure that a bucket directory is deleted.
func (*Client) S3EnsureObjectDeleted ¶ added in v0.44.0
S3EnsureObjectDeleted is used to ensure that the file is deleted.
func (*Client) S3LargeCopy ¶ added in v0.45.0
func (a *Client) S3LargeCopy(srcBucketName, srcBucketKey, destBucketName, destBucketKey *string) error
S3LargeCopy uses the "Upload Part - Copy API" from AWS to copy srcBucketName/srcBucketKey to destBucketName/destBucketKey in the case that the file being copied may be greater than 5GB in size
func (*Client) SecretsManagerGetPGBouncerAuthUserPassword ¶ added in v0.46.1
SecretsManagerGetPGBouncerAuthUserPassword returns the pgbouncer auth user password.
func (*Client) SecretsManagerRestoreSecret ¶ added in v0.45.0
func (a *Client) SecretsManagerRestoreSecret(secretName string, logger log.FieldLogger) error
SecretsManagerRestoreSecret restores a deleted secret.
func (*Client) SecretsManagerValidateExternalDatabaseSecret ¶ added in v0.63.0
SecretsManagerValidateExternalDatabaseSecret pulls down the secret with the provided name and validates it as an external database secret.
func (*Client) Service ¶ added in v0.17.0
Service contructs an AWS session if not yet successfully done and returns AWS clients.
func (*Client) SwitchClusterTags ¶ added in v0.46.1
func (a *Client) SwitchClusterTags(clusterID string, targetClusterID string, logger log.FieldLogger) error
SwitchClusterTags after migration.
func (*Client) TagResource ¶
func (a *Client) TagResource(resourceID, key, value string, logger log.FieldLogger) error
TagResource tags an AWS EC2 resource.
func (*Client) TagResourcesByCluster ¶ added in v0.45.0
func (a *Client) TagResourcesByCluster(clusterResources ClusterResources, cluster *model.Cluster, owner string, logger log.FieldLogger) error
TagResourcesByCluster for secondary cluster.
func (*Client) UntagResource ¶
func (a *Client) UntagResource(resourceID, key, value string, logger log.FieldLogger) error
UntagResource deletes tags from an AWS EC2 resource.
func (*Client) UpdatePublicRecordIDForCNAME ¶ added in v0.40.0
func (a *Client) UpdatePublicRecordIDForCNAME(dnsName, newID string, logger log.FieldLogger) error
UpdatePublicRecordIDForCNAME updates the record ID for the record corresponding to a DNS value in the public hosted zone.
func (*Client) UpsertPublicCNAMEs ¶ added in v0.54.1
func (a *Client) UpsertPublicCNAMEs(dnsNames []string, endpoints []string, logger log.FieldLogger) error
UpsertPublicCNAMEs updates or creates specified dnsNames. The record ID will be set to DNS name with idSuffix appended after '-'.
type ClusterResources ¶ added in v0.9.0
type ClusterResources struct { VpcID string VpcCIDR string PrivateSubnetIDs []string PublicSubnetsIDs []string MasterSecurityGroupIDs []string WorkerSecurityGroupIDs []string CallsSecurityGroupIDs []string }
ClusterResources is a collection of AWS resources that will be used to create a kops cluster.
func (*ClusterResources) IsValid ¶ added in v0.9.0
func (cr *ClusterResources) IsValid() error
IsValid returns whether or not ClusterResources is valid or not.
type ExternalDatabase ¶ added in v0.63.0
type ExternalDatabase struct {
// contains filtered or unexported fields
}
ExternalDatabase is a database that is created and managed outside of the cloud provisioner.
func NewExternalDatabase ¶ added in v0.63.0
func NewExternalDatabase(installationID string, client *Client) *ExternalDatabase
NewExternalDatabase returns a new instance of ExternalDatabase that implements database interface.
func (*ExternalDatabase) GenerateDatabaseSecret ¶ added in v0.63.0
func (d *ExternalDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)
GenerateDatabaseSecret creates the k8s database spec and secret for accessing the external database.
func (*ExternalDatabase) IsValid ¶ added in v0.63.0
func (d *ExternalDatabase) IsValid() error
IsValid returns if the given external database configuration is valid.
func (*ExternalDatabase) MigrateOut ¶ added in v0.63.0
func (d *ExternalDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
MigrateOut is not supported for external databases.
func (*ExternalDatabase) MigrateTo ¶ added in v0.63.0
func (d *ExternalDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
MigrateTo is not supported for external databases.
func (*ExternalDatabase) Provision ¶ added in v0.63.0
func (d *ExternalDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Provision logs that no further setup is needed for the precreated external database.
func (*ExternalDatabase) RefreshResourceMetadata ¶ added in v0.63.0
func (d *ExternalDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
RefreshResourceMetadata ensures various database resource's metadata are correct.
func (*ExternalDatabase) RollbackMigration ¶ added in v0.63.0
func (d *ExternalDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
RollbackMigration is not supported for external databases.
func (*ExternalDatabase) Snapshot ¶ added in v0.63.0
func (d *ExternalDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Snapshot is not supported for external databases.
func (*ExternalDatabase) Teardown ¶ added in v0.63.0
func (d *ExternalDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, logger log.FieldLogger) error
Teardown logs that no further actions are required for external database teardown.
func (*ExternalDatabase) TeardownMigrated ¶ added in v0.63.0
func (d *ExternalDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, migrationOp *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
TeardownMigrated is not supported for external databases.
type IAMAccessKey ¶ added in v0.7.0
IAMAccessKey is the ID and Secret of an AWS IAM user's access key.
func (*IAMAccessKey) Validate ¶ added in v0.8.0
func (s *IAMAccessKey) Validate() error
Validate performs a basic sanity check on the IAM Access Key secret.
type InstallationDBSecret ¶ added in v0.59.0
type InstallationDBSecret struct { InstallationSecretName string ConnectionString string DBCheckURL string ReadReplicasURL string }
InstallationDBSecret represents data required for creating database secret for an Installation.
func (InstallationDBSecret) ToK8sSecret ¶ added in v0.59.0
func (s InstallationDBSecret) ToK8sSecret(disableDBCheck bool) *corev1.Secret
ToK8sSecret creates Kubernetes secret from InstallationDBSecret.
type RDSDatabase ¶ added in v0.8.0
type RDSDatabase struct {
// contains filtered or unexported fields
}
RDSDatabase is a database backed by AWS RDS.
func NewRDSDatabase ¶ added in v0.8.0
func NewRDSDatabase(databaseType, installationID string, client *Client, disableDBCheck bool) *RDSDatabase
NewRDSDatabase returns a new RDSDatabase interface.
func (*RDSDatabase) GenerateDatabaseSecret ¶ added in v0.38.0
func (d *RDSDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)
GenerateDatabaseSecret creates the k8s database spec and secret for accessing the RDS database.
func (*RDSDatabase) MigrateOut ¶ added in v0.45.0
func (d *RDSDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
MigrateOut migration is not supported for single tenant RDS.
func (*RDSDatabase) MigrateTo ¶ added in v0.45.0
func (d *RDSDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
MigrateTo migration is not supported for single tenant RDS.
func (*RDSDatabase) Provision ¶ added in v0.8.0
func (d *RDSDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Provision completes all the steps necessary to provision a RDS database.
func (*RDSDatabase) RefreshResourceMetadata ¶ added in v0.43.0
func (d *RDSDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
RefreshResourceMetadata ensures various database resource's metadata are correct.
func (*RDSDatabase) RollbackMigration ¶ added in v0.45.0
func (d *RDSDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
RollbackMigration rolling back migration is not supported for single tenant RDS.
func (*RDSDatabase) Snapshot ¶ added in v0.17.0
func (d *RDSDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Snapshot creates a snapshot of the RDS database.
func (*RDSDatabase) Teardown ¶ added in v0.8.0
func (d *RDSDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, logger log.FieldLogger) error
Teardown removes all AWS resources related to a RDS database.
func (*RDSDatabase) TeardownMigrated ¶ added in v0.45.0
func (d *RDSDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, migrationOp *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
TeardownMigrated tearing down migrated databases is not supported for single tenant RDS.
type RDSDatabaseMigration ¶ added in v0.18.0
type RDSDatabaseMigration struct {
// contains filtered or unexported fields
}
RDSDatabaseMigration is a migrated database backed by AWS RDS.
func NewRDSDatabaseMigration ¶ added in v0.18.0
func NewRDSDatabaseMigration(masterInstallationID, slaveInstallationID string, awsClient *Client) *RDSDatabaseMigration
NewRDSDatabaseMigration returns a new RDSDatabaseMigration.
func (*RDSDatabaseMigration) Replicate ¶ added in v0.18.0
func (d *RDSDatabaseMigration) Replicate(logger log.FieldLogger) (string, error)
Replicate starts the process for replicating an master RDS database. This method must return an resplication status or an error.
func (*RDSDatabaseMigration) Setup ¶ added in v0.18.0
func (d *RDSDatabaseMigration) Setup(logger log.FieldLogger) (string, error)
Setup sets access from one RDS database to another and sets any configuration needed for replication.
func (*RDSDatabaseMigration) Teardown ¶ added in v0.18.0
func (d *RDSDatabaseMigration) Teardown(logger log.FieldLogger) (string, error)
Teardown removes access from one RDS database to another and rollback any previous database configuration.
type RDSMultitenantDatabase ¶ added in v0.19.0
type RDSMultitenantDatabase struct {
// contains filtered or unexported fields
}
RDSMultitenantDatabase is a database backed by RDS that supports multi-tenancy.
func NewRDSMultitenantDatabase ¶ added in v0.19.0
func NewRDSMultitenantDatabase(databaseType, instanceID, installationID string, client *Client, installationsLimit int, diableDBCheck bool) *RDSMultitenantDatabase
NewRDSMultitenantDatabase returns a new instance of RDSMultitenantDatabase that implements database interface.
func (*RDSMultitenantDatabase) DatabaseTypeTagValue ¶ added in v0.25.0
func (d *RDSMultitenantDatabase) DatabaseTypeTagValue() string
DatabaseTypeTagValue returns the tag value used for filtering RDS cluster resources based on database type.
func (*RDSMultitenantDatabase) GenerateDatabaseSecret ¶ added in v0.38.0
func (d *RDSMultitenantDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)
GenerateDatabaseSecret creates the k8s database spec and secret for accessing a single database inside a RDS multitenant cluster.
func (*RDSMultitenantDatabase) IsValid ¶ added in v0.25.0
func (d *RDSMultitenantDatabase) IsValid() error
IsValid returns if the given RDSMultitenantDatabase configuration is valid.
func (*RDSMultitenantDatabase) MaxSupportedDatabases ¶ added in v0.25.0
func (d *RDSMultitenantDatabase) MaxSupportedDatabases() int
MaxSupportedDatabases returns the maximum number of databases supported on one RDS cluster for this database type.
func (*RDSMultitenantDatabase) MigrateOut ¶ added in v0.45.0
func (d *RDSMultitenantDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
MigrateOut marks Installation as migrated from the database but does not remove the actual data.
func (*RDSMultitenantDatabase) MigrateTo ¶ added in v0.45.0
func (d *RDSMultitenantDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
MigrateTo creates new logical database in the database cluster for already existing Installation.
func (*RDSMultitenantDatabase) Provision ¶ added in v0.19.0
func (d *RDSMultitenantDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Provision claims a multitenant RDS cluster and creates a database schema for the installation.
func (*RDSMultitenantDatabase) RefreshResourceMetadata ¶ added in v0.43.0
func (d *RDSMultitenantDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
RefreshResourceMetadata ensures various multitenant database resource's metadata are correct.
func (*RDSMultitenantDatabase) RollbackMigration ¶ added in v0.45.0
func (d *RDSMultitenantDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
RollbackMigration rollbacks Installation to the source database.
func (*RDSMultitenantDatabase) Snapshot ¶ added in v0.19.0
func (d *RDSMultitenantDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Snapshot creates a snapshot of single RDS multitenant database.
func (*RDSMultitenantDatabase) Teardown ¶ added in v0.19.0
func (d *RDSMultitenantDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, logger log.FieldLogger) error
Teardown removes all AWS resources related to a RDS multitenant database.
func (*RDSMultitenantDatabase) TeardownMigrated ¶ added in v0.45.0
func (d *RDSMultitenantDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, migrationOp *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
TeardownMigrated removes database from which Installation was migrated out.
type RDSMultitenantPGBouncerDatabase ¶ added in v0.46.1
type RDSMultitenantPGBouncerDatabase struct {
// contains filtered or unexported fields
}
RDSMultitenantPGBouncerDatabase is a database backed by RDS that supports multi-tenancy and pooled connections.
func NewRDSMultitenantPGBouncerDatabase ¶ added in v0.46.1
func NewRDSMultitenantPGBouncerDatabase(databaseType, instanceID, installationID string, client *Client, installationsLimit int, disableDBCheck bool) *RDSMultitenantPGBouncerDatabase
NewRDSMultitenantPGBouncerDatabase returns a new instance of RDSMultitenantPGBouncerDatabase that implements database interface.
func (*RDSMultitenantPGBouncerDatabase) DatabaseTypeTagValue ¶ added in v0.46.1
func (d *RDSMultitenantPGBouncerDatabase) DatabaseTypeTagValue() string
DatabaseTypeTagValue returns the tag value used for filtering RDS cluster resources based on database type.
func (*RDSMultitenantPGBouncerDatabase) GenerateDatabaseSecret ¶ added in v0.46.1
func (d *RDSMultitenantPGBouncerDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)
GenerateDatabaseSecret creates the k8s database spec and secret for accessing a single schema inside a RDS multitenant cluster with a PGBouncer proxy.
func (*RDSMultitenantPGBouncerDatabase) IsValid ¶ added in v0.46.1
func (d *RDSMultitenantPGBouncerDatabase) IsValid() error
IsValid returns if the given RDSMultitenantDatabase configuration is valid.
func (*RDSMultitenantPGBouncerDatabase) MaxSupportedDatabases ¶ added in v0.46.1
func (d *RDSMultitenantPGBouncerDatabase) MaxSupportedDatabases() int
MaxSupportedDatabases returns the maximum number of databases supported on one RDS cluster for this database type.
func (*RDSMultitenantPGBouncerDatabase) MigrateOut ¶ added in v0.46.1
func (d *RDSMultitenantPGBouncerDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
MigrateOut migrating out of MySQL Operator managed database is not supported.
func (*RDSMultitenantPGBouncerDatabase) MigrateTo ¶ added in v0.46.1
func (d *RDSMultitenantPGBouncerDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
MigrateTo migration to MySQL Operator managed database is not supported.
func (*RDSMultitenantPGBouncerDatabase) Provision ¶ added in v0.46.1
func (d *RDSMultitenantPGBouncerDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Provision claims a multitenant RDS cluster and creates a database schema for the installation.
func (*RDSMultitenantPGBouncerDatabase) RefreshResourceMetadata ¶ added in v0.46.1
func (d *RDSMultitenantPGBouncerDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
RefreshResourceMetadata ensures various operator database resource's metadata are correct.
func (*RDSMultitenantPGBouncerDatabase) RollbackMigration ¶ added in v0.46.1
func (d *RDSMultitenantPGBouncerDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
RollbackMigration rolling back migration is not supported for MySQL Operator managed database.
func (*RDSMultitenantPGBouncerDatabase) Snapshot ¶ added in v0.46.1
func (d *RDSMultitenantPGBouncerDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Snapshot creates a snapshot of single RDS multitenant database.
func (*RDSMultitenantPGBouncerDatabase) Teardown ¶ added in v0.46.1
func (d *RDSMultitenantPGBouncerDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, logger log.FieldLogger) error
Teardown removes all AWS resources related to a RDS multitenant database.
func (*RDSMultitenantPGBouncerDatabase) TeardownMigrated ¶ added in v0.46.1
func (d *RDSMultitenantPGBouncerDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, migrationOp *model.InstallationDBMigrationOperation, logger log.FieldLogger) error
TeardownMigrated tearing down migrated databases is not supported for MySQL Operator managed database.
type S3Filestore ¶ added in v0.7.0
type S3Filestore struct {
// contains filtered or unexported fields
}
S3Filestore is a filestore backed by AWS S3.
func NewS3Filestore ¶ added in v0.7.0
func NewS3Filestore(installationID string, awsClient *Client) *S3Filestore
NewS3Filestore returns a new S3Filestore interface.
func (*S3Filestore) GenerateFilestoreSpecAndSecret ¶ added in v0.7.0
func (f *S3Filestore) GenerateFilestoreSpecAndSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*model.FilestoreConfig, *corev1.Secret, error)
GenerateFilestoreSpecAndSecret creates the k8s filestore spec and secret for accessing the S3 bucket.
func (*S3Filestore) Provision ¶ added in v0.7.0
func (f *S3Filestore) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Provision completes all the steps necessary to provision an S3 filestore.
func (*S3Filestore) Teardown ¶ added in v0.7.0
func (f *S3Filestore) Teardown(keepData bool, store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Teardown removes all AWS resources related to an S3 filestore.
type S3MultitenantFilestore ¶ added in v0.29.0
type S3MultitenantFilestore struct {
// contains filtered or unexported fields
}
S3MultitenantFilestore is a filestore backed by a shared AWS S3 bucket.
func NewS3MultitenantFilestore ¶ added in v0.29.0
func NewS3MultitenantFilestore(installationID string, awsClient *Client) *S3MultitenantFilestore
NewS3MultitenantFilestore returns a new NewS3MultitenantFilestore interface.
func (*S3MultitenantFilestore) GenerateFilestoreSpecAndSecret ¶ added in v0.29.0
func (f *S3MultitenantFilestore) GenerateFilestoreSpecAndSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*model.FilestoreConfig, *corev1.Secret, error)
GenerateFilestoreSpecAndSecret creates the k8s filestore spec and secret for accessing the shared S3 bucket.
func (*S3MultitenantFilestore) Provision ¶ added in v0.29.0
func (f *S3MultitenantFilestore) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Provision completes all the steps necessary to provision an S3 multitenant filestore.
func (*S3MultitenantFilestore) Teardown ¶ added in v0.29.0
func (f *S3MultitenantFilestore) Teardown(keepData bool, store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error
Teardown removes all AWS resources related to a shared S3 filestore.
type SQLDatabaseManager ¶ added in v0.19.0
type SQLDatabaseManager interface { QueryContext(ctx context.Context, query string, args ...interface{}) (*sql.Rows, error) Close() error }
SQLDatabaseManager is an interface that describes operations to query and to close connection with a database. It's used mainly to implement a client that needs to perform non-complex queries in a SQL database instance.
type Service ¶ added in v0.17.0
type Service struct {
// contains filtered or unexported fields
}
Service hold AWS clients for each service.
func NewService ¶ added in v0.17.0
NewService creates a new instance of Service.
Source Files ¶
- acm.go
- client.go
- cluster_management.go
- constants.go
- database.go
- database_external.go
- database_migration.go
- database_multitenant.go
- database_multitenant_pgbouncer.go
- dynamodb.go
- ec2.go
- eks.go
- filestore.go
- filestore_bifrost.go
- filestore_multitenant.go
- general.go
- helpers.go
- helpers_sql.go
- iam.go
- kms.go
- rds.go
- resource_tagging.go
- route53.go
- s3.go
- secret.go
- secrets_manager.go
- session.go
- sts.go
- vpc.go