Documentation ¶
Index ¶
- type Config
- type Endpoints
- func (e *Endpoints) Down() error
- func (e *Endpoints) NetworkAddress() string
- func (e *Endpoints) NetworkCert() *shared.CertInfo
- func (e *Endpoints) NetworkPrivateKey() []byte
- func (e *Endpoints) NetworkPublicKey() []byte
- func (e *Endpoints) NetworkUpdateAddress(address string) error
- func (e *Endpoints) NetworkUpdateCert(cert *shared.CertInfo)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct { // The LXD var directory to create Unix sockets in. Dir string // HTTP server handling requests for the LXD RESTful API. RestServer *http.Server // HTTP server for the internal /dev/lxd API exposed to containers. DevLxdServer *http.Server // The TLS keypair and optional CA to use for the network endpoint. It // must be always provided, since the pubblic key will be included in // the response of the /1.0 REST API as part of the server info. // // It can be updated after the endpoints are up using NetworkUpdateCert(). Cert *shared.CertInfo // System group name to which the unix socket for the local endpoint should be // chgrp'ed when starting. The default is to use the process group. An empty // string means "use the default". LocalUnixSocketGroup string // NetworkSetAddress sets the address for the network endpoint. If not // set, the network endpoint won't be started (unless it's passed via // socket-based activation). // // It can be updated after the endpoints are up using UpdateNetworkAddress(). NetworkAddress string }
Config holds various configuration values that affect LXD endpoints initialization.
type Endpoints ¶
type Endpoints struct {
// contains filtered or unexported fields
}
Endpoints are in charge of bringing up and down the HTTP endpoints for serving the LXD RESTful API.
When LXD starts up, they start listen to the appropriate sockets and attach the relevant HTTP handlers to them. When LXD shuts down they close all sockets.
func Up ¶
Up brings up all applicable LXD endpoints and starts accepting HTTP requests.
The endpoints will be activated in the following order and according to the following rules:
local endpoint (unix socket) ----------------------------
If socket-based activation is detected, look for a unix socket among the inherited file descriptors and use it for the local endpoint (or if no such file descriptor exists, don't bring up the local endpoint at all).
If no socket-based activation is detected, create a unix socket using the default <lxd-var-dir>/unix.socket path. The file mode of this socket will be set to 660, the file owner will be set to the process' UID, and the file group will be set to the process GID, or to the GID of the system group name specified via config.LocalUnixSocketGroup.
devlxd endpoint (unix socket) ----------------------------
Created using <lxd-var-dir>/devlxd/sock, with file mode set to 666 (actual authorization will be performed by the HTTP server using the socket ucred struct).
remote endpoint (TCP socket with TLS) -------------------------------------
If socket-based activation is detected, look for a network socket among the inherited file descriptors and use it for the network endpoint.
If a network address was set via config.NetworkAddress, then close any listener that was detected via socket-based activation and create a new network socket bound to the given address.
The network endpoint socket will use TLS encryption, using the certificate keypair and CA passed via config.Cert.
func (*Endpoints) NetworkAddress ¶
NetworkAddress returns the network addresss of the network endpoint, or an empty string if there's no network endpoint
func (*Endpoints) NetworkCert ¶
NetworkCert returns the full TLS certificate information for this endpoint.
func (*Endpoints) NetworkPrivateKey ¶
NetworkPrivateKey returns the private key of the TLS certificate used by the network endpoint.
func (*Endpoints) NetworkPublicKey ¶
NetworkPublicKey returns the public key of the TLS certificate used by the network endpoint.
func (*Endpoints) NetworkUpdateAddress ¶
NetworkUpdateAddress updates the address for the network endpoint, shutting it down and restarting it.
func (*Endpoints) NetworkUpdateCert ¶
NetworkUpdateCert updates the TLS keypair and CA used by the network endpoint.
If the network endpoint is active, in-flight requests will continue using the old certificate, and only new requests will use the new one.