server

package
v0.0.0-...-b479636 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 24, 2017 License: Apache-2.0 Imports: 31 Imported by: 0

Documentation

Overview 

 Copyright (c) 2016-2017 - CloudPerceptions, LLC. All rights reserved.

   Licensed under the Apache License, Version 2.0 (the "License"); you may
   not use this file except in compliance with the License. You may obtain
   a copy of the License at

        http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
   WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
   License for the specific language governing permissions and limitations
   under the License.

 Copyright (c) 2016-2017 - CloudPerceptions, LLC. All rights reserved.

   Licensed under the Apache License, Version 2.0 (the "License"); you may
   not use this file except in compliance with the License. You may obtain
   a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
   WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
   License for the specific language governing permissions and limitations
   under the License.

 Copyright (c) 2016-2017 - CloudPerceptions, LLC. All rights reserved.

   Licensed under the Apache License, Version 2.0 (the "License"); you may
   not use this file except in compliance with the License. You may obtain
   a copy of the License at

        http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
   WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
   License for the specific language governing permissions and limitations
   under the License.

Index

Constants

View Source 
const (
	APIGroupPrefix = "/api"
)

Variables

View Source 
var EmptyDelegate = emptyDelegate{
	// contains filtered or unexported fields
}

Functions

func BuildInsecureHandlerChain 

func BuildInsecureHandlerChain(apiHandler http.Handler, c *Config) http.Handler

func DefaultHandlerChainBuilder 

func DefaultHandlerChainBuilder(apiHandler http.Handler, c *Config) http.Handler

func GetNamedCertificateMap 

func GetNamedCertificateMap(certs []NamedTLSCert) (map[string]*tls.Certificate, error)

getNamedCertificateMap returns a map of *tls.Certificate by name. It's is suitable for use in tls.Config#NamedCertificates. Returns an error if any of the certs cannot be loaded. Returns nil if len(certs) == 0

func NewRequestInfoResolver 

func NewRequestInfoResolver(c *Config) *apirequest.RequestInfoFactory

func NonBlockingRun 

func NonBlockingRun(insecureServingInfo *InsecureServingInfo, insecureHandler http.Handler, stopCh <-chan struct{}) error

NonBlockingRun spawns the insecure http server. An error is returned if the ports cannot be listened on.

func RunServer 

func RunServer(server *http.Server, network string, stopCh <-chan struct{}) (int, error)

RunServer listens on the given port, then spawns a go-routine continuously serving until the stopCh is closed. The port is returned. This function does not block.

Types

type APIGroupInfo 

type APIGroupInfo struct {
	GroupMeta apimachinery.GroupMeta
	// Info about the resources in this group. Its a map from version to resource to the storage.
	VersionedResourcesStorageMap map[string]map[string]rest.Storage

	// Scheme includes all of the types used by this group and how to convert between them (or
	// to convert objects from outside of this group that are accepted in this API).
	Scheme *runtime.Scheme

	NegotiatedSerializer runtime.NegotiatedSerializer

	// SubresourceGroupVersionKind contains the GroupVersionKind overrides for each subresource that is
	// accessible from this API group version.
	SubresourceGroupVersionKind map[string]schema.GroupVersionKind
}

FIXME (rantuttl): Stub for now Info about an API group.

func NewDefaultAPIGroupInfo 

func NewDefaultAPIGroupInfo(group string, registry *registered.APIRegistrationManager, scheme *runtime.Scheme, parameterCodec runtime.ParameterCodec, codecs serializer.CodecFactory) APIGroupInfo

NewDefaultAPIGroupInfo returns an APIGroupInfo stubbed with "normal" values exposed for easier composition from other packages

type APIServerHandler 

type APIServerHandler struct {
	// FullHandlerChain is the one that is eventually served with.  It should include the full filter
	// chain and then call the Director.
	FullHandlerChain http.Handler
	// The registered APIs.  InstallAPIs uses this.  Other servers probably shouldn't access this directly.
	GoRestfulContainer *restful.Container
	NonGoRestfulMux    *genericmux.PathRecorderMux
	Director           http.Handler
}

func NewAPIServerHandler 

func NewAPIServerHandler(name string, handlerChainBuilder HandlerChainBuilderFn, notFoundHandler http.Handler) *APIServerHandler

func (*APIServerHandler) ServeHTTP 

func (a *APIServerHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

ServeHTTP makes it an http.Handler top-level entry point to the handler chain

type Config 

type Config struct {
	// Serializer is required and provides the interface for serializing and converting objects to and from the wire
	// The default (api.Codecs) usually works fine.
	Serializer        runtime.NegotiatedSerializer
	SecureServingInfo *SecureServingInfo
	Authenticator     authenticator.Request
	// Authorizer determines whether the subject is allowed to make the request based only
	// on the RequestURI
	Authorizer            authorizer.Authorizer
	CorsAllowedOriginList []string
	BuildHandlerChainFunc func(apiHandler http.Handler, c *Config) (secure http.Handler)
	EnableSwaggerUI       bool
	// RequestContextMapper maps requests to contexts. Exported so downstream consumers can provider their own mappers
	// TODO confirm that anyone downstream actually uses this and doesn't just need an accessor
	RequestContextMapper apirequest.RequestContextMapper
	// If specified, requests will be allocated a random timeout between this value, and twice this value.
	// Note that it is up to the request handlers to ignore or honor this timeout. In seconds.
	MinRequestTimeout int
	// MaxRequestsInFlight is the maximum number of parallel non-long-running requests. Every further
	// request has to wait. Applies only to non-mutating requests.
	MaxRequestsInFlight int
	// MaxMutatingRequestsInFlight is the maximum number of parallel mutating requests. Every further
	// request has to wait.
	MaxMutatingRequestsInFlight int
	// Predicate which is true for paths of long-running http requests
	LongRunningFunc apirequest.LongRunningRequestCheck
	Version         *version.Info
	PublicAddress   net.IP

	// RESTOptionsGetter is used to construct RESTStorage types via the generic registry.
	RESTOptionsGetter genericregistry.RESTOptionsGetter

	// TODO (rantuttl): defaults to false, but could be set to true if something like a password file is presented
	// via some command line options
	SupportsBasicAuth bool
}

Config is a structure used to configure a GenericAPIServer.

func NewConfig 

func NewConfig(codecs serializer.CodecFactory) *Config

NewConfig returns a Config struct with the default values

func (*Config) ApplyClientCert 

func (c *Config) ApplyClientCert(clientCAFile string) (*Config, error)

func (*Config) Complete 

func (c *Config) Complete() completedConfig

Complete fills in any fields not set that are required to have valid data and can be derived from other fields.

func (*Config) SkipComplete 

func (c *Config) SkipComplete() completedConfig

SkipComplete provides a way to construct a server instance without config completion.

type DelegationTarget 

type DelegationTarget interface {
	// UnprotectedHandler returns a handler that is NOT protected by a normal chain
	UnprotectedHandler() http.Handler

	// RequestContextMapper returns the existing RequestContextMapper.  Because we cannot rewire all existing
	// uses of this function, this will be used in any delegating API server
	RequestContextMapper() apirequest.RequestContextMapper
}

type GenericAPIServer 

type GenericAPIServer struct {
	SecureServingInfo *SecureServingInfo

	Serializer runtime.NegotiatedSerializer
	Handler    *APIServerHandler
	// contains filtered or unexported fields
}

func (*GenericAPIServer) EffectiveSecurePort 

func (s *GenericAPIServer) EffectiveSecurePort() int

EffectiveSecurePort returns the secure port we bound to.

func (*GenericAPIServer) InstallAPIGroup 

func (s *GenericAPIServer) InstallAPIGroup(apiGroupInfo *APIGroupInfo) error

Exposes the given api group in the API.

func (*GenericAPIServer) PrepareRun 

func (s *GenericAPIServer) PrepareRun() preparedGenericAPIServer

PrepareRun does post API installation setup steps.

func (*GenericAPIServer) RequestContextMapper 

func (s *GenericAPIServer) RequestContextMapper() apirequest.RequestContextMapper

func (*GenericAPIServer) UnprotectedHandler 

func (s *GenericAPIServer) UnprotectedHandler() http.Handler

type HandlerChainBuilderFn 

type HandlerChainBuilderFn func(apiHandler http.Handler) http.Handler

HandlerChainBuilderFn is used to wrap the GoRestfulContainer handler using the provided handler chain. It is normally used to apply filtering like authentication and authorization

type InsecureServingInfo 

type InsecureServingInfo struct {
	// BindAddress is the ip:port to serve on
	BindAddress string
	// BindNetwork is the type of network to bind to - defaults to "tcp", accepts "tcp",
	// "tcp4", and "tcp6".
	BindNetwork string
}

type NamedTLSCert 

type NamedTLSCert struct {
	TLSCert tls.Certificate

	// names is a list of domain patterns: fully qualified domain names, possibly prefixed with
	// wildcard segments.
	Names []string
}

type SecureServingInfo 

type SecureServingInfo struct {
	// BindAddress is the ip:port to serve on
	BindAddress string
	// BindNetwork is the type of network to bind to - defaults to "tcp", accepts "tcp",
	// "tcp4", and "tcp6".
	BindNetwork string

	// Cert is the main server cert which is used if SNI does not match. Cert must be non-nil and is
	// allowed to be in SNICerts.
	Cert *tls.Certificate

	// CACert is an optional certificate authority used for the loopback connection of the Admission controllers.
	// If this is nil, the certificate authority is extracted from Cert or a matching SNI certificate.
	CACert *tls.Certificate

	// ClientCA is the certificate bundle for all the signers that you'll recognize for incoming client certificates
	ClientCA *x509.CertPool

	// MinTLSVersion optionally overrides the minimum TLS version supported.
	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
	MinTLSVersion uint16

	// CipherSuites optionally overrides the list of allowed cipher suites for the server.
	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
	CipherSuites []uint16
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.