cache

package
v4.3.2-dev.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 27, 2020 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package cache implements event-driven cache layer that is used by auth servers, proxies and nodes.

The cache fetches resources and then subscribes to the events watcher to receive updates.

This approach allows cache to be up to date without time based expiration and avoid re-fetching all resources reducing bandwidth.

There are two types of cache backends used:

* SQLite-based in-memory used for auth nodes * SQLite-based on disk persistent cache for nodes and proxies providing resilliency in the face of auth servers failures.

Index

Constants

View Source
const (
	// EventProcessed is emitted whenever event is processed
	EventProcessed = "event_processed"
	// WatcherStarted is emitted when a new event watcher is started
	WatcherStarted = "watcher_started"
	// WatcherFailed is emitted when event watcher has failed
	WatcherFailed = "watcher_failed"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Cache

type Cache struct {
	Config
	// Entry is a logging entry
	*log.Entry
	// contains filtered or unexported fields
}

Cache implements auth.AccessPoint interface and remembers the previously returned upstream value for each API call.

This which can be used if the upstream AccessPoint goes offline

func New

func New(config Config) (*Cache, error)

New creates a new instance of Cache

func (*Cache) Close

func (c *Cache) Close() error

Close closes all outstanding and active cache operations

func (*Cache) GetAllTunnelConnections

func (c *Cache) GetAllTunnelConnections(opts ...services.MarshalOption) (conns []services.TunnelConnection, err error)

GetAllTunnelConnections is a part of auth.AccessPoint implementation GetAllTunnelConnections are not using recent cache, as they are designed to be called periodically and always return fresh data

func (*Cache) GetAuthServers

func (c *Cache) GetAuthServers() ([]services.Server, error)

GetAuthServers returns a list of registered servers

func (*Cache) GetCertAuthorities

func (c *Cache) GetCertAuthorities(caType services.CertAuthType, loadSigningKeys bool, opts ...services.MarshalOption) ([]services.CertAuthority, error)

GetCertAuthorities returns a list of authorities of a given type loadSigningKeys controls whether signing keys should be loaded or not

func (*Cache) GetCertAuthority

func (c *Cache) GetCertAuthority(id services.CertAuthID, loadSigningKeys bool, opts ...services.MarshalOption) (services.CertAuthority, error)

GetCertAuthority returns certificate authority by given id. Parameter loadSigningKeys controls if signing keys are loaded

func (*Cache) GetClusterConfig

func (c *Cache) GetClusterConfig(opts ...services.MarshalOption) (services.ClusterConfig, error)

GetClusterConfig gets services.ClusterConfig from the backend.

func (*Cache) GetClusterName

func (c *Cache) GetClusterName(opts ...services.MarshalOption) (services.ClusterName, error)

GetClusterName gets the name of the cluster from the backend.

func (*Cache) GetNamespace

func (c *Cache) GetNamespace(name string) (*services.Namespace, error)

GetNamespace returns namespace

func (*Cache) GetNamespaces

func (c *Cache) GetNamespaces() ([]services.Namespace, error)

GetNamespaces is a part of auth.AccessPoint implementation

func (*Cache) GetNodes

func (c *Cache) GetNodes(namespace string, opts ...services.MarshalOption) ([]services.Server, error)

GetNodes is a part of auth.AccessPoint implementation

func (*Cache) GetProxies

func (c *Cache) GetProxies() ([]services.Server, error)

GetProxies is a part of auth.AccessPoint implementation

func (*Cache) GetReverseTunnels

func (c *Cache) GetReverseTunnels(opts ...services.MarshalOption) ([]services.ReverseTunnel, error)

GetReverseTunnels is a part of auth.AccessPoint implementation

func (*Cache) GetRole

func (c *Cache) GetRole(name string) (services.Role, error)

GetRole is a part of auth.AccessPoint implementation

func (*Cache) GetRoles

func (c *Cache) GetRoles() ([]services.Role, error)

GetRoles is a part of auth.AccessPoint implementation

func (*Cache) GetStaticTokens

func (c *Cache) GetStaticTokens() (services.StaticTokens, error)

GetStaticTokens gets the list of static tokens used to provision nodes.

func (*Cache) GetToken

func (c *Cache) GetToken(token string) (services.ProvisionToken, error)

GetToken finds and returns token by ID

func (*Cache) GetTokens

func (c *Cache) GetTokens(opts ...services.MarshalOption) ([]services.ProvisionToken, error)

GetTokens returns all active (non-expired) provisioning tokens

func (*Cache) GetTunnelConnections

func (c *Cache) GetTunnelConnections(clusterName string, opts ...services.MarshalOption) ([]services.TunnelConnection, error)

GetTunnelConnections is a part of auth.AccessPoint implementation GetTunnelConnections are not using recent cache as they are designed to be called periodically and always return fresh data

func (*Cache) GetUser

func (c *Cache) GetUser(name string, withSecrets bool) (user services.User, err error)

GetUser is a part of auth.AccessPoint implementation.

func (*Cache) GetUsers

func (c *Cache) GetUsers(withSecrets bool) (users []services.User, err error)

GetUsers is a part of auth.AccessPoint implementation

func (*Cache) NewWatcher

func (c *Cache) NewWatcher(ctx context.Context, watch services.Watch) (services.Watcher, error)

NewWatcher returns a new event watcher. In case of a cache this watcher will return events as seen by the cache, not the backend. This feature allows auth server to handle subscribers connected to the in-memory caches instead of reading from the backend.

type CacheEvent

type CacheEvent struct {
	// Type is event type
	Type string
	// Event is event processed
	// by the event cycle
	Event services.Event
}

CacheEvent is event used in tests

type Config

type Config struct {
	// Context is context for parent operations
	Context context.Context
	// Watches provides a list of resources
	// for the cache to watch
	Watches []services.WatchKind
	// Events provides events watchers
	Events services.Events
	// Trust is a service providing information about certificate
	// authorities
	Trust services.Trust
	// ClusterConfig is a cluster configuration service
	ClusterConfig services.ClusterConfiguration
	// Provisioner is a provisioning service
	Provisioner services.Provisioner
	// Users is a users service
	Users services.UsersService
	// Access is an access service
	Access services.Access
	// DynamicAccess is a dynamic access service
	DynamicAccess services.DynamicAccess
	// Presence is a presence service
	Presence services.Presence
	// Backend is a backend for local cache
	Backend backend.Backend
	// RetryPeriod is a period between cache retries on failures
	RetryPeriod time.Duration
	// EventsC is a channel for event notifications,
	// used in tests
	EventsC chan CacheEvent
	// OnlyRecent configures cache behavior that always uses
	// recent values, see OnlyRecent for details
	OnlyRecent OnlyRecent
	// PreferRecent configures cache behavior that prefer recent values
	// when available, but falls back to stale data, see PreferRecent
	// for details
	PreferRecent PreferRecent
	// Clock can be set to control time,
	// uses runtime clock by default
	Clock clockwork.Clock
	// Component is a component used in logs
	Component string
	// MetricComponent is a component used in metrics
	MetricComponent string
	// QueueSize is a desired queue Size
	QueueSize int
}

Config defines cache configuration parameters

func ForAuth

func ForAuth(cfg Config) Config

ForAuth sets up watch configuration for the auth server

func ForNode

func ForNode(cfg Config) Config

ForNode sets up watch configuration for node

func ForProxy

func ForProxy(cfg Config) Config

ForProxy sets up watch configuration for proxy

func (*Config) CheckAndSetDefaults

func (c *Config) CheckAndSetDefaults() error

CheckAndSetDefaults checks parameters and sets default values

type OnlyRecent

type OnlyRecent struct {
	// Enabled enables cache behavior
	Enabled bool
}

OnlyRecent defines cache behavior always using recent data and failing otherwise. Used by auth servers and other systems having direct access to the backend.

type PreferRecent

type PreferRecent struct {
	// Enabled enables cache behavior
	Enabled bool
	// MaxTTL sets maximum TTL the cache keeps the value
	// in case if there is no connection to auth servers
	MaxTTL time.Duration
	// NeverExpires if set, never expires stale cache values
	NeverExpires bool
}

PreferRecent defined cache behavior that always prefers recent data, but will serve stale data in case if disconnect is detected

func (*PreferRecent) CheckAndSetDefaults

func (p *PreferRecent) CheckAndSetDefaults() error

CheckAndSetDefaults checks parameters and sets default values

type SetupConfigFn

type SetupConfigFn func(c Config) Config

SetupConfigFn is a function that sets up configuration for cache

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL