ibm

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 14, 2024 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// InstanceResourceType is an instance type of resource
	InstanceResourceType = "instance"
	// ClusterResourceType is a cluster type of resource
	ClusterResourceType = "cluster"

	// ClusterReadyState is the ideal running state of a cluster
	ClusterReadyState = "normal"
)
View Source 
const SharedVPC = "shared"

Variables

This section is empty.

Functions

func CRN2ID 

func CRN2ID(crn string) string

CRN2ID returns ID of resource based on its CRN

func DoCIDROverlap 

func DoCIDROverlap(cidr1, cidr2 string) (bool, error)

DoCIDROverlap returns false if cidr blocks don't share a single ip, i.e. they don't overlap.

func GenerateResourceName 

func GenerateResourceName(name string) string

GenerateResourceName returns unique paraglider resource name

func GetRemoteType 

func GetRemoteType(remote string) (string, error)

GetRemoteType returns IBM specific keyword returned by vpc1 SDK, indicating the type of remote an SG rule permits

func IBMToParagliderRules 

func IBMToParagliderRules(rules []SecurityGroupRule) ([]*paragliderpb.PermitListRule, error)

returns rules in paraglider format from IBM cloud format TODO @cohen-j-omer: handle permitList tags if required.

func IsCIDRSubset 

func IsCIDRSubset(cidr1, cidr2 string) (bool, error)

IsCIDRSubset returns true if cidr1 is a subset (including equal) to cidr2

func IsParagliderResource 

func IsParagliderResource(name string) bool

IsParagliderResource returns if a given resource (e.g. permit list) belongs to paraglider

func IsRemoteInCIDR 

func IsRemoteInCIDR(remote, cidr string) (bool, error)

IsRemoteInCIDR returns true if remote is contained in the CIDR's IP range. remote could be either an IP or a CIDR block.

Types

type CloudClient 

type CloudClient struct {
	// contains filtered or unexported fields
}

CloudClient is the client used to interact with IBM Cloud SDK

func FakeIBMCloudClient 

func FakeIBMCloudClient(fakeURL, fakeResGroupID, fakeRegion string) (*CloudClient, error)

FakeIBMCloudClient returns a fake/mock CloudClient instance without auth, that needs to be handled in the URL

func NewIBMCloudClient 

func NewIBMCloudClient(resourceGroupID, region string) (*CloudClient, error)

NewIBMCloudClient returns CloudClient instance with initialized clients Note: This will be used by IBM plugin through setupCloudClient, and should not be used directly to create a cloud client otherwise.

func (*CloudClient) AddSecurityGroupRule 

func (c *CloudClient) AddSecurityGroupRule(rule SecurityGroupRule) (string, error)

AddSecurityGroupRule adds following functions are responsible for assigning SecurityGroupRules to a security group.

func (*CloudClient) AddTransitGWConnection 

func (c *CloudClient) AddTransitGWConnection(transitGatewayID string, vpcCRN string) (TransitConnection, error)

adds VPC as a connection to an existing Transit Gateway

func (*CloudClient) ConnectVPC 

func (c *CloudClient) ConnectVPC(gatewayID string, vpcCRN string) error

Connects vpc to the specified transit gateway. ignores error if already connected.

func (*CloudClient) CreateSubnet 

func (c *CloudClient) CreateSubnet(
	vpcID, zone, addressSpace string, tags []string) (*vpcv1.Subnet, error)

CreateSubnet creates subnet in specified vpc and zone.

func (*CloudClient) CreateTransitGW 

func (c *CloudClient) CreateTransitGW(region string) (*transitgatewayapisv1.TransitGateway, error)

creates a global transit gateway (global routing) at the specified region and tags it with the specified namespace

func (*CloudClient) CreateVPC 

func (c *CloudClient) CreateVPC(tags []string, exclusive bool) (*vpcv1.VPC, error)

CreateVPC creates a Paraglider VPC for a region resources are tagged.

func (*CloudClient) DeleteSecurityGroupRule 

func (c *CloudClient) DeleteSecurityGroupRule(sgID, ruleID string) error

DeleteSecurityGroupRule deletes a rule from the security group

func (*CloudClient) DeleteSubnets 

func (c *CloudClient) DeleteSubnets(vpcID string) error

DeleteSubnets deletes all subnets in the specified VPC. NOTE: before invoking this function Set VPC client to the region the VPC is located in.

func (*CloudClient) DeleteTransitGW 

func (c *CloudClient) DeleteTransitGW(gwID string) error

deletes a gateway matching the specified ID

func (*CloudClient) DoSubnetsInVPCOverlapCIDR 

func (c *CloudClient) DoSubnetsInVPCOverlapCIDR(vpcID string,
	CIDR string) (bool, error)

returns true if any of the specified vpc's subnets' address spaces overlap with given cidr NOTE: before invoking this function Set VPC client to the region the VPC is located in.

func (*CloudClient) GetOrCreateTransitGateway 

func (c *CloudClient) GetOrCreateTransitGateway(region string) (string, error)

returns an ID for an existent global transit gateway. If doesn't exist, creates one in the specified region. NOTE: the region argument isn't relevant for the lookup process.

func (*CloudClient) GetParagliderTaggedResources 

func (c *CloudClient) GetParagliderTaggedResources(resourceType TaggedResourceType, tags []string, customQuery ResourceQuery) ([]ResourceData, error)

GetParagliderTaggedResources returns slice of IDs of tagged resources Arg resourceType: type of VPC resource, e.g. subnet, security group, instance. Arg tags: labels set by dev, e.g. {<vpcID>,<deploymentID>} Args customQueryMap: map of attributes to filter by, e.g. {"region":"<regionName>"}

func (*CloudClient) GetResourceHandlerFromDesc 

func (c *CloudClient) GetResourceHandlerFromDesc(resourceDesc []byte) (ResourceIntf, error)

GetResourceHandlerFromDesc gets the resource handler from the resource description

func (*CloudClient) GetResourceHandlerFromID 

func (c *CloudClient) GetResourceHandlerFromID(deploymentID string) (ResourceIntf, error)

GetResourceHandlerFromID gets the resource handler from the resource ID/URI

func (*CloudClient) GetRulesIDs 

func (c *CloudClient) GetRulesIDs(rules []SecurityGroupRule, sgID string) ([]string, error)

return IDs of rules matching the specified specifications.

func (*CloudClient) GetSecurityRulesOfSG 

func (c *CloudClient) GetSecurityRulesOfSG(sgID string) ([]SecurityGroupRule, error)

GetSecurityRulesOfSG gets the rules of security groups

func (*CloudClient) GetSubnetCIDR 

func (c *CloudClient) GetSubnetCIDR(subnetID string) (string, error)

GetSubnetCIDR returns address space of subnet NOTE: before invoking this function Set VPC client to the region the VPC is located in.

func (*CloudClient) GetSubnetsInVPC 

func (c *CloudClient) GetSubnetsInVPC(vpcID string) ([]ResourceData, error)

GetSubnetsInVPC returns all paraglider subnets in the specified VPC. NOTE: unlike GetSubnetsInVpcRegionBound isn't reliant on the vpcService's region.

func (*CloudClient) GetSubnetsInVpcRegionBound 

func (c *CloudClient) GetSubnetsInVpcRegionBound(vpcID string) ([]vpcv1.Subnet, error)

GetSubnetsInVpcRegionBound returns all subnets in vpc, user's and paraglider' in the region set by the client. NOTES: before invoking this function Set VPC client to the region the VPC is located in. 

This function returns more info in contrast to GetSubnetsInVPC.

func (*CloudClient) GetTransitGWConnections 

func (c *CloudClient) GetTransitGWConnections(gwID string) ([]TransitConnection, error)

returns connections of the transit gateway

func (*CloudClient) GetUniqueSGRules 

func (c *CloudClient) GetUniqueSGRules(rules []SecurityGroupRule, rulesHashValues map[uint64]bool) ([]SecurityGroupRule, error)

return the specified rules without duplicates, while keeping the rules' hash values updated for future use.

func (*CloudClient) GetVPCByID 

func (c *CloudClient) GetVPCByID(vpcID string) (*vpcv1.VPC, error)

GetVPCByID returns vpc data of specified vpc

func (*CloudClient) IsRemoteInVPC 

func (c *CloudClient) IsRemoteInVPC(vpcID string, remote string) (bool, error)

returns true if the specified remote (CIDR/IP) is a subset of the specified VPC's address space. NOTE: address space refers to that of the subnets within the VPC's, not to its address prefixes.

func (*CloudClient) Region 

func (c *CloudClient) Region() string

func (*CloudClient) RemoveTransitGWConnection 

func (c *CloudClient) RemoveTransitGWConnection(connection string, transitGW string) error

removes the specified connection from the specified transit gateway.

func (*CloudClient) RemoveTransitGWConnections 

func (c *CloudClient) RemoveTransitGWConnections(gwID string) error

removes connections attached to gateway. returns only when all connections removed.

func (*CloudClient) TerminateVPC 

func (c *CloudClient) TerminateVPC(vpcID string) error

TerminateVPC terminates a vpc, deleting its associated instances and subnets

func (*CloudClient) UpdateRegion 

func (c *CloudClient) UpdateRegion(region string) error

updates the vpc service's url service to the specified region

func (*CloudClient) UpdateSecurityGroupRule 

func (c *CloudClient) UpdateSecurityGroupRule(rule SecurityGroupRule) error

type Credentials 

type Credentials struct {
	APIKey string `yaml:"iam_api_key"`
}

Credentials extracted from local credential file

type ResourceClusterType 

type ResourceClusterType struct {
	ResourceIntf
	ID string
	// contains filtered or unexported fields
}

ResourceClusterType is the handler for cluster type resources

func (*ResourceClusterType) CreateResource 

func (c *ResourceClusterType) CreateResource(name, vpcID, subnetID string, tags []string, resourceDesc []byte) (*ResourceResponse, error)

CreateResource creates a cluster

func (*ResourceClusterType) GetID 

func (c *ResourceClusterType) GetID() string

GetID fetches the identifier of instance

func (*ResourceClusterType) GetVPC 

func (c *ResourceClusterType) GetVPC() (*vpcv1.VPCReference, error)

GetVPC returns the VPC reference of the endpoint gateway of the cluster

func (*ResourceClusterType) IsExclusiveNetworkNeeded 

func (c *ResourceClusterType) IsExclusiveNetworkNeeded() bool

IsExclusiveNetworkNeeded indicates if this resource needs an exclusive VPC to be provisioned

func (*ResourceClusterType) IsInNamespace 

func (c *ResourceClusterType) IsInNamespace(namespace, region string) (bool, error)

IsInNamespace checks if the cluster is in the namespace

type ResourceData 

type ResourceData struct {
	ID     string
	CRN    string
	Region string
	Zone   string
}

ResourceData represents the fields retrieved from tagged resources.

type ResourceInstanceType 

type ResourceInstanceType struct {
	ResourceIntf
	ID string
	// contains filtered or unexported fields
}

ResourceInstanceType is the handler for instance type resources

func (*ResourceInstanceType) CreateResource 

func (i *ResourceInstanceType) CreateResource(name, vpcID, subnetID string, tags []string, resourceDesc []byte) (*ResourceResponse, error)

CreateResource create an instance

func (*ResourceInstanceType) GetID 

func (i *ResourceInstanceType) GetID() string

GetID fetches the identifier of instance

func (*ResourceInstanceType) GetSecurityGroupID 

func (i *ResourceInstanceType) GetSecurityGroupID() (string, error)

GetSecurityGroupID returns the security group ID that's associated with the instance's network interfaces

func (*ResourceInstanceType) GetVPC 

func (i *ResourceInstanceType) GetVPC() (*vpcv1.VPCReference, error)

GetVPC returns VPC data of specified instance

func (*ResourceInstanceType) IsExclusiveNetworkNeeded 

func (i *ResourceInstanceType) IsExclusiveNetworkNeeded() bool

IsExclusiveNetworkNeeded indicates if this resource needs an exclusive VPC to be provisioned

func (*ResourceInstanceType) IsInNamespace 

func (i *ResourceInstanceType) IsInNamespace(namespace, region string) (bool, error)

IsInNamespace returns True if an instance resides inside the specified namespace region is an optional argument used to increase effectiveness of resource search

type ResourceIntf 

type ResourceIntf interface {
	CreateResource(name, vpcID, subnetID string, tags []string, resourceDesc []byte) (*ResourceResponse, error)
	IsInNamespace(namespace, region string) (bool, error)
	IsExclusiveNetworkNeeded() bool
	GetID() string
	GetSecurityGroupID() (string, error)
	GetVPC() (*vpcv1.VPCReference, error)
}

ResourceIntf is a common resource interface to be implemented for multiple resource types such as instance, k8s cluster, etc.

type ResourceQuery 

type ResourceQuery struct {
	Region string
	Zone   string
	CRN    string // cloud resource name globally identifying the resource
}

ResourceQuery represents attributes a user can filter tagged resources by. Note: ResourceQuery isn't associated with resources' tags, but their attributes.

type ResourceResponse 

type ResourceResponse struct {
	// Name is the resource name
	Name string
	// URI is the unique resource identifier of the format /resourcegroup/{id}/zone/{zone}/{resource_type}/{resource_id}
	URI string
	// IP is the endpoint IP of the resource
	IP string
}

ResourceResponse contains the required resource fields to be returned after creation of a resource

type SecurityGroupRule 

type SecurityGroupRule struct {
	ID         string // Unique identifier of this rule
	SgID       string // Unique ID of the security group to which this rule belongs
	Protocol   string // IP protocol that this rules applies to
	Remote     string // What this rule applies to (IP or CIDR block)
	RemoteType string // Type of remote, can be "IP", "CIDR", or "SG"
	PortMin    int64  // First port of the range to which this rule applies (only available for TCP/UDP rules), -1 means all ports
	PortMax    int64  // Last port of the range to which this rule applies (only available for TCP/UDP rules), -1 means all ports
	IcmpType   int64  // ICMP Type for the rule (only available for ICMP rules), -1 means all types
	IcmpCode   int64  // ICMP Code for the rule (only available for ICMP rules), -1 means all codes
	Egress     bool   // The rule affects to outbound traffic (true) or inbound (false)
}

SecurityGroupRule defines the entries of a security group rule

func ParagliderToIBMRules 

func ParagliderToIBMRules(securityGroupID string, rules []*paragliderpb.PermitListRule) (
	[]SecurityGroupRule, error)

returns rules in IBM cloud format to paraglider format NOTE: with the current PermitListRule we can't translate ICMP rules with specific type or code

type TaggedResourceType 

type TaggedResourceType string

TaggedResourceType indicates the type of tagged resource to fetch 

const (
	VPC     TaggedResourceType = "vpc"
	SUBNET  TaggedResourceType = "subnet"
	VM      TaggedResourceType = "instance"
	CLUSTER TaggedResourceType = "k8-cluster"
	// Security group of a specific instance
	SG TaggedResourceType = "security-group"
	// transit gateway for vpc-peering
	GATEWAY TaggedResourceType = "gateway"

	// ParagliderResourcePrefix is used to prefix a resource's name
	ParagliderResourcePrefix = "paraglider"
	// ParagliderTag is the default tag attached to all paraglider resources
	ParagliderTag = "pg"
)

type TransitConnection 

type TransitConnection struct {
	ID     string // connection's ID
	Name   string // connection's name
	VPCCRN string // CRN of the connected VPC
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.