Documentation
¶
Index ¶
- Constants
- Variables
- type Client
- type Cluster
- type ClusterHealth
- type Config
- type Endpoint
- type EndpointStatus
- type HeaderConfig
- func (headerConfig *HeaderConfig) Done(connector *client.RestConnector)
- func (headerConfig *HeaderConfig) Process(req *http.Request) error
- func (headerConfig *HeaderConfig) SetConfigXallowOverwrite(value bool) *HeaderConfig
- func (headerConfig *HeaderConfig) SetNSXEnablePartialPatch(value bool) *HeaderConfig
- func (headerConfig *HeaderConfig) SetXAllowOverrite(value bool) *HeaderConfig
- type Jar
- type NSXHealthChecker
- type NSXVersionChecker
- type NsxVersion
- type Transport
Constants ¶
View Source
const ( VPC = iota SecurityPolicy ServiceAccount ServiceAccountRestore ServiceAccountCertRotation StaticRoute VpcAviRule AllFeatures )
Variables ¶
View Source
var FeaturesName = [AllFeatures]string{"VPC", "SECURITY_POLICY", "NSX_SERVICE_ACCOUNT", "NSX_SERVICE_ACCOUNT_RESTORE", "NSX_SERVICE_ACCOUNT_CERT_ROTATION", "STATIC_ROUTE", "VPC_AVI_RULE"}
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct {
NsxConfig *config.NSXOperatorConfig
RestConnector *client.RestConnector
QueryClient search.QueryClient
GroupClient domains.GroupsClient
SecurityClient domains.SecurityPoliciesClient
RuleClient security_policies.RulesClient
InfraClient nsx_policy.InfraClient
ClusterControlPlanesClient enforcement_points.ClusterControlPlanesClient
HostTransPortNodesClient enforcement_points.HostTransportNodesClient
SubnetStatusClient subnets.StatusClient
RealizedEntitiesClient realized_state.RealizedEntitiesClient
MPQueryClient mpsearch.QueryClient
CertificatesClient trust_management.CertificatesClient
PrincipalIdentitiesClient trust_management.PrincipalIdentitiesClient
WithCertificateClient principal_identities.WithCertificateClient
// for AVI security policy rule
VPCSecurityClient vpcs.SecurityPoliciesClient
VPCRuleClient vpc_sp.RulesClient
OrgRootClient nsx_policy.OrgRootClient
ProjectInfraClient projects.InfraClient
VPCClient projects.VpcsClient
IPBlockClient infra.IpBlocksClient
StaticRouteClient vpcs.StaticRoutesClient
NATRuleClient nat.NatRulesClient
VpcGroupClient vpcs.GroupsClient
PortClient subnets.PortsClient
PortStateClient ports.StateClient
IPPoolClient subnets.IpPoolsClient
IPAllocationClient ip_pools.IpAllocationsClient
SubnetsClient vpcs.SubnetsClient
RealizedStateClient realized_state.RealizedEntitiesClient
NSXChecker NSXHealthChecker
NSXVerChecker NSXVersionChecker
}
func (*Client) FeatureEnabled ¶ added in v0.0.3
func (*Client) NSXCheckVersion ¶
type Cluster ¶
Cluster consists of endpoint and provides http.Client used to send http requests.
func NewCluster ¶
NewCluster creates a cluster based on nsx Config.
func (*Cluster) GetVersion ¶
func (cluster *Cluster) GetVersion() (*NsxVersion, error)
func (*Cluster) Health ¶
func (cluster *Cluster) Health() ClusterHealth
Health checks cluster health status.
func (*Cluster) NewRestConnector ¶
func (cluster *Cluster) NewRestConnector() (*policyclient.RestConnector, *HeaderConfig)
NewRestConnector creates a RestConnector used for SDK client. HeaderConfig is used to use http header for request, it could be ignored if no extra header needed.
type ClusterHealth ¶
type ClusterHealth string
ClusterHealth indicates cluster status.
const ( // RED means all endpoints status are DOWN. RED ClusterHealth = "RED" // ORANGE means not all endpoints status are UP. ORANGE ClusterHealth = "ORANGE" // GREEN means endpoints status are UP. GREEN ClusterHealth = "GREEN" )
type Config ¶
type Config struct {
// List of IP addresses of the NSX managers. Each address should be of the form:[<scheme>://]<ip_address>[:<port>]
// If scheme is not provided https is used. If port is not provided port 80 is used for http and port 443 for
// https.
APIManagers []string
// User name for the NSX manager.
Username string
// Password for the NSX manager.
Password string
// Specify a CA bundle file to use in verifying the NSX Manager server certificate. This option is ignored if
// "Insecure" is set to True. If "Insecure" is set to False and "CAFile" is unset, the "Thumbprint" will be used.
// If "Thumbprint" is unset, the system root CAs will be used to verify the server certificate.
CAFile []string
// Specify a Thumbprint string to use in verifying the NSX Manager server certificate. This option is ignored
// if "Insecure" is set to True or "CAFile" is defined.
Thumbprint []string
// Maximum concurrent connections to each NSX manager.
ConcurrentConnections int
// If True, the client will retry requests failed on "Too many requests" error.
Retries int
// The time in seconds before aborting a HTTP connection to a NSX manager.
HTTPTimeout int
// The amount of time in seconds to wait before ensuring connectivity to the NSX manager if no manager connection
// has been used.
ConnIdleTimeout int
// If true, the NSX Manager server certificate is not verified. If false the CA bundle specified via "CAFile"
// will be used or if unset the "Thumbprint" will be used. If "Thumbprint" is unset, the default system root CAs
// will be used.
Insecure bool
// If True, a default header of X-Allow-Overwrite:true will be added to all the requests, to allow admin user to
// update/delete all entries.
AllowOverwriteHeader bool
// If True, use nsx manager api for cases which are not supported by the policy manager api.
AllowPassThrough bool
// Algorithm used to adaptively adjust max API rate limit. If not set, the max rate will not be automatically
// changed. If set to 'AIMD', max API rate will be increase by 1 after successful calls that was blocked before
// sent, and will be decreased by half after 429/503 error for each period. The rate has hard max limit of
// min(100/s, param api_rate_limit_per_endpoint).
APIRateMode ratelimiter.Type
// None, or instance of implemented AbstractJWTProvider which will return the JSON Web Token used in the requests
// in NSX for authorization.
TokenProvider auth.TokenProvider
// None, or ClientCertProvider object. If specified, client cert will be used instead of basic authentication.
ClientCertProvider auth.ClientCertProvider
}
Config holds all the configuration parameters used by the nsx code.
func NewConfig ¶
func NewConfig(apiManagers, username, password string, caFile []string, concurrentConnections, retries, httpTimeout, connIdleTimeout int, insecure, allowOverwriteHeader, allowPassThrough bool, apiRateMode ratelimiter.Type, tokenProvider auth.TokenProvider, clientCertProvider auth.ClientCertProvider, thumbprint []string) *Config
NewConfig creates a nsx configuration. It provides default values for those items not in function parameters.
type Endpoint ¶
Endpoint represents one nsx-t manager. It will run a go routine to check nsx-t manager status. It also maintains connection number to nsx-t manager.
func NewEndpoint ¶
func NewEndpoint(url string, client *http.Client, noBClient *http.Client, r ratelimiter.RateLimiter, tokenProvider auth.TokenProvider) (*Endpoint, error)
NewEndpoint creates an endpoint.
func (*Endpoint) ConnNumber ¶
ConnNumber get the connection number of nsx-t.
func (*Endpoint) KeepAlive ¶
func (ep *Endpoint) KeepAlive()
KeepAlive maintains a heart beat for each endpoint.
func (*Endpoint) Status ¶
func (ep *Endpoint) Status() EndpointStatus
Status return status of endpoint.
func (*Endpoint) UpdateHttpRequestAuth ¶
type EndpointStatus ¶
type EndpointStatus string
EndpointStatus is endpoint status.
const ( // UP means endpoint is available. UP EndpointStatus = "UP" // DOWN means endpoint is not available. DOWN EndpointStatus = "DOWN" )
type HeaderConfig ¶
type HeaderConfig struct {
// contains filtered or unexported fields
}
HeaderConfig updates http request header.
func CreateHeaderConfig ¶
func CreateHeaderConfig(xAllowOverwrite bool, nsxEnablePartialPatch bool, configXallowOverwrite bool) *HeaderConfig
CreateHeaderConfig creates HeaderConfig.
func (*HeaderConfig) Done ¶
func (headerConfig *HeaderConfig) Done(connector *client.RestConnector)
Done updates request process of RestConnector.
func (*HeaderConfig) Process ¶
func (headerConfig *HeaderConfig) Process(req *http.Request) error
Process adds header to http.Request depending on configuration.
func (*HeaderConfig) SetConfigXallowOverwrite ¶
func (headerConfig *HeaderConfig) SetConfigXallowOverwrite(value bool) *HeaderConfig
SetConfigXallowOverwrite sets configXallowOverwrite.
func (*HeaderConfig) SetNSXEnablePartialPatch ¶
func (headerConfig *HeaderConfig) SetNSXEnablePartialPatch(value bool) *HeaderConfig
SetNSXEnablePartialPatch sets NSXEnablePartialPatch.
func (*HeaderConfig) SetXAllowOverrite ¶
func (headerConfig *HeaderConfig) SetXAllowOverrite(value bool) *HeaderConfig
SetXAllowOverrite sets XAllowoverrite.
type Jar ¶
Jar holds cookie from different host
type NSXHealthChecker ¶
type NSXHealthChecker struct {
// contains filtered or unexported fields
}
func (*NSXHealthChecker) CheckNSXHealth ¶
func (ck *NSXHealthChecker) CheckNSXHealth(req *http.Request) error
type NSXVersionChecker ¶
type NSXVersionChecker struct {
// contains filtered or unexported fields
}
type NsxVersion ¶
type NsxVersion struct {
NodeVersion string `json:"node_version"`
}
func (*NsxVersion) Validate ¶
func (nsxVersion *NsxVersion) Validate() error
type Transport ¶
type Transport struct {
Base http.RoundTripper
// contains filtered or unexported fields
}
Transport is used in http.Client to replace default implement. It selects the endpoint before sending HTTP reqeust and it will retry the request based on HTTP response.
func (*Transport) RoundTrip ¶
RoundTrip is the core of the transport. It accepts a request, replaces host with the URl provided by the endpoint. It will block the request if the speed is too fast. It will retry the request if nsx-t returns error and error type is retriable or ground It returns the response to the caller.
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.