Documentation
¶
Index ¶
- Constants
- Variables
- func ClientTLSConfig(tlsCrt string, tlsKey string, rootCA string, addr string) (*tls.Config, error)
- func ClientTLSConfigFromBytes(tlsCrt []byte, tlsKey []byte, rootPEM []byte, addr string) (*tls.Config, error)
- func DialinMetric(w http.ResponseWriter)
- func GetRemoteCertID(conn *tls.Conn) (string, error)
- func SendPeerProbe(chnl chan<- string, clustersni string)
- func ServerTLSConfigFromBytes(certList []utils.SNICertificate, rootCAs []string, nextprotos ...string) (*tls.Config, error)
- func StartCDServer(ctx context.Context, log *relaylogger.RelayLog, auditPath string, ...)
- func StartClient(ctx context.Context, log *relaylogger.RelayLog, file string, ...)
- func StartDialinPoolMgr(ctx context.Context, log *relaylogger.RelayLog, exitChan chan<- bool)
- func StartPeeringMgr(ctx context.Context, log *relaylogger.RelayLog, exitChan chan<- bool, ...)
- func StartServer(ctx context.Context, log *relaylogger.RelayLog, auditPath string, ...)
- type Backoff
- type BackoffConfig
- type Client
- type ClientConfig
- type ControllerInfo
- type Dialin
- type Dialout
- type Relay
- type RelayConn
- type Server
- func (srv *Server) AddToDialinPool(rconn *RelayConn, remoteAddr string) (string, error)
- func (srv *Server) ProcessCDPeerForwards(ctx context.Context, conn net.Conn, lg *relaylogger.RelayLog, relayIP string, ...)
- func (srv *Server) ProcessPeerForwards(w http.ResponseWriter, r *http.Request, lg *relaylogger.RelayLog, ...)
- func (srv *Server) ProcessRelayRequest(w http.ResponseWriter, r *http.Request, lg *relaylogger.RelayLog)
- func (srv *Server) ServeHTTP(w http.ResponseWriter, r *http.Request)
- type ServerConfig
- type ServerListen
Constants ¶
View Source
const ( DefaultBackoffInterval = 500 * time.Millisecond DefaultBackoffMultiplier = 1.5 DefaultBackoffMaxInterval = 20 * time.Second DefaultBackoffMaxTime = 2 * time.Minute )
Default backoff configuration.
Variables ¶
View Source
var ( //Config server config Config *ServerConfig //Servers map, key by ServerName Servers = make(map[string]*Server) //ServerAddrs Servers grouped with listen address ServerAddrs = make(map[string][]*Server) //ServerListeners list of listen objects ServerListeners []*ServerListen )
View Source
var ( //PeerProbeChanel to push cluster connection probe. //The RPC picks the sni and sends to core PeerProbeChanel = make(chan string, 256) )
View Source
var ( //Clients map, key by ServerName //Clients = make(map[string]*Client) ScaleClients = make(chan bool, 5) )
Functions ¶
func ClientTLSConfig ¶
ClientTLSConfig sets tls config
func ClientTLSConfigFromBytes ¶
func ClientTLSConfigFromBytes(tlsCrt []byte, tlsKey []byte, rootPEM []byte, addr string) (*tls.Config, error)
ClientTLSConfigFromBytes sets tls config
func GetRemoteCertID ¶
GetRemoteCertID extract peer ID
func SendPeerProbe ¶
func ServerTLSConfigFromBytes ¶
func ServerTLSConfigFromBytes(certList []utils.SNICertificate, rootCAs []string, nextprotos ...string) (*tls.Config, error)
ServerTLSConfigFromBytes prepare a tls config from cert,key,rootCA
func StartCDServer ¶
func StartCDServer(ctx context.Context, log *relaylogger.RelayLog, auditPath string, exitChan chan<- bool)
StartCDServer starts server
func StartClient ¶
func StartClient(ctx context.Context, log *relaylogger.RelayLog, file string, rnc utils.RelayNetworkConfig, exitChan chan<- bool)
StartClient starts relay clients
func StartDialinPoolMgr ¶
func StartDialinPoolMgr(ctx context.Context, log *relaylogger.RelayLog, exitChan chan<- bool)
StartDialinPoolMgr starting dialin connection manager
func StartPeeringMgr ¶
func StartPeeringMgr(ctx context.Context, log *relaylogger.RelayLog, exitChan chan<- bool, config *ServerConfig)
StartPeeringMgr will start the peering RPCs
func StartServer ¶
func StartServer(ctx context.Context, log *relaylogger.RelayLog, auditPath string, exitChan chan<- bool)
StartServer starts server
Types ¶
type Backoff ¶
type Backoff interface {
// Next returns the duration to sleep before retrying to reconnect.
// If the returned value is negative, the retry is aborted.
NextBackOff() time.Duration
// Reset is used to signal a reconnection was successful and next
// call to Next should return desired time duration for 1st reconnection
// attempt.
Reset()
}
Backoff defines behavior of staggering reconnection retries.
type BackoffConfig ¶
type BackoffConfig struct {
Interval time.Duration
Multiplier float64
MaxInterval time.Duration
MaxTime time.Duration
}
BackoffConfig defines behavior of staggering reconnection retries.
type ClientConfig ¶
type ClientConfig struct {
//ServiceName name of the service
ServiceName string
// ServerAddr specifies address of the tunnel server.
ServerAddr string
//Upstream upstream address
Upstream string
//Protocol ..
Protocol string
// TLSClientConfig specifies the tls configuration to use with
// tls.Client.
TLSClientConfig *tls.Config
// Backoff specifies backoff policy on server connection retry. If nil
// when dial fails it will not be retried.
Backoff Backoff
//ServiceProxy is Func responsible for transferring data between server and local services.
ServiceProxy proxy.Func
// Logger is optional logger. If nil logging is disabled.
Logger *relaylogger.RelayLog
}
ClientConfig ..
type ControllerInfo ¶
type ControllerInfo struct {
Addr string
PeerProbeSNI string
RootCA string
ClientCRT string
ClientKEY string
}
ControllerInfo defines controller info.
type Dialin ¶
type Dialin struct {
Protocol string
Addr string
ServerName string
RootCA []byte
ServerCRT []byte
ServerKEY []byte
Version string
}
Dialin defines a dialin.
type Dialout ¶
type Dialout struct {
Protocol string
Addr string
ServiceSNI string
RootCA string
ClientCRT string
ClientKEY string
Upstream string
UpstreamClientCRT string
UpstreamClientKEY string
UpstreamRootCA string
UpstreamSkipVerify bool
UpstreamKubeConfig string
Version string
}
Dialout defines the dialout.
type Relay ¶
type Relay struct {
Protocol string
Addr string
DialinSfx string
ServerName string
RootCA []byte
ServerCRT []byte
ServerKEY []byte
Version string
}
Relay defines a relay.
type RelayConn ¶
type RelayConn struct {
// Conn is the network connection
Conn net.Conn
// Type of the server. Relay means user-facing
// Dialin means cluster-facing
Type string
// ServerName of the server which accepted the connection
ServerName string
// CertSNI derived from client certificate
CertSNI string
// PeerID derived from client certificate
PeerID string
// contains filtered or unexported fields
}
RelayConn connection info
type Server ¶
type Server struct {
// Type of the server. Relay means user-facing
// Dialin means cluster-facing
Type string
// Name specifies the service names example kubectl, kubeweb, etc.
Name string
// ServerName of the listening server.
ServerName string
// Protocol specifies protocol used http(s)
Protocol string
// RootCA used to verify TLS client connections
RootCA []byte
// ServerCRT used for the server
ServerCRT []byte
// ServerKEY used for the server
ServerKEY []byte
// DialinServerName specify the dialin server name
// valid only for relay server types.
DialinServerName string
// DialinPool where dialin connections are parked
// valid only for dialin server types
DialinPool *dialinPool
Provisioner *authzProvisioner
// contains filtered or unexported fields
}
Server server definition
func (*Server) AddToDialinPool ¶
AddToDialinPool add connection to dialin pool of the server
func (*Server) ProcessCDPeerForwards ¶
func (srv *Server) ProcessCDPeerForwards(ctx context.Context, conn net.Conn, lg *relaylogger.RelayLog, relayIP string, state tls.ConnectionState)
ProcessCDPeerForwards ...
func (*Server) ProcessPeerForwards ¶
func (srv *Server) ProcessPeerForwards(w http.ResponseWriter, r *http.Request, lg *relaylogger.RelayLog, relayIP string, certIssue int64)
ProcessPeerForwards ...
func (*Server) ProcessRelayRequest ¶
func (srv *Server) ProcessRelayRequest(w http.ResponseWriter, r *http.Request, lg *relaylogger.RelayLog)
ProcessRelayRequest process user-facing request
type ServerConfig ¶
type ServerConfig struct {
RelayAddr string
Relays map[string]*Relay
CDRelays map[string]*Relay
Dialins map[string]*Dialin
Controller ControllerInfo
AuditPath string
}
ServerConfig is the configuration for relay server
type ServerListen ¶
type ServerListen struct {
// Addr specifies the listen address
Addr string
// Protocol of all servers listening in above address
Protocol string
// RootCAs used to verify TLS client connections
RootCAs []string
// List of certs used to terminate listening *.format supported
Certs []utils.SNICertificate
// ServerList are the servers using above listen address
ServerList []*Server
//Mux tls sni muxer
Mux *vhost.TLSMuxer
}
ServerListen defines a listen object
func (*ServerListen) StartHTTPSListen ¶
func (sl *ServerListen) StartHTTPSListen(ctx context.Context)
StartHTTPSListen start TLS listen on address Both user & dialin endpoint listen on 443 Based on SNI traffic is routed/muxed to appropriate handler
Source Files
Click to show internal directories.
Click to hide internal directories.