app

package
v11.3.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 13, 2022 License: Apache-2.0 Imports: 50 Imported by: 0

Documentation

Overview

app package runs the application proxy process. It keeps dynamic labels updated, heart beats its presence, checks access controls, and forwards connections between the tunnel and the target host.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func FindPublicAddr

func FindPublicAddr(authClient auth.ReadAppsAccessPoint, appPublicAddr string, appName string) (string, error)

FindPublicAddr tries to resolve the public address of the proxy of this cluster.

Types

type AWSSigninRequest

type AWSSigninRequest struct {
	// Identity is the identity of the user requesting signin URL.
	Identity *tlsca.Identity
	// TargetURL is the target URL within the console.
	TargetURL string
	// Issuer is the application public URL.
	Issuer string
	// ExternalID is the AWS external ID.
	ExternalID string
}

AWSSigninRequest is a request to generate AWS console signin URL.

func (*AWSSigninRequest) CheckAndSetDefaults

func (r *AWSSigninRequest) CheckAndSetDefaults() error

CheckAndSetDefaults validates the request.

type AWSSigninResponse

type AWSSigninResponse struct {
	// SigninURL is the console signin URL.
	SigninURL string
}

AWSSigninResponse contains AWS console signin URL.

type Cloud

type Cloud interface {
	// GetAWSSigninURL generates AWS management console federation sign-in URL.
	GetAWSSigninURL(AWSSigninRequest) (*AWSSigninResponse, error)
}

Cloud provides cloud provider access related methods such as generating sign in URLs for management consoles.

func NewCloud

func NewCloud(cfg CloudConfig) (Cloud, error)

NewCloud creates a new cloud service.

type CloudConfig

type CloudConfig struct {
	// Session is AWS session.
	Session *awssession.Session
	// Clock is used to override time in tests.
	Clock clockwork.Clock
}

CloudConfig is the configuration for cloud service.

func (*CloudConfig) CheckAndSetDefaults

func (c *CloudConfig) CheckAndSetDefaults() error

CheckAndSetDefaults validates the config.

type Config

type Config struct {
	// Clock is used to control time.
	Clock clockwork.Clock

	// DataDir is the path to the data directory for the server.
	DataDir string

	// AuthClient is a client directly connected to the Auth server.
	AuthClient *auth.Client

	// AccessPoint is a caching client connected to the Auth Server.
	AccessPoint auth.AppsAccessPoint

	// TLSConfig is the *tls.Config for this server.
	TLSConfig *tls.Config

	// CipherSuites is the list of TLS cipher suites that have been configured
	// for this process.
	CipherSuites []uint16

	// Hostname is the hostname where this application agent is running.
	Hostname string

	// HostID is the id of the host where this application agent is running.
	HostID string

	// Authorizer is used to authorize requests.
	Authorizer auth.Authorizer

	// GetRotation returns the certificate rotation state.
	GetRotation services.RotationGetter

	// Apps is a list of statically registered apps this agent proxies.
	Apps types.Apps

	// CloudLabels is a service that imports labels from a cloud provider. The labels are shared
	// between all apps.
	CloudLabels labels.Importer

	// OnHeartbeat is called after every heartbeat. Used to update process state.
	OnHeartbeat func(error)

	// Cloud provides cloud provider access related functionality.
	Cloud Cloud

	// ResourceMatchers is a list of app resource matchers.
	ResourceMatchers []services.ResourceMatcher

	// OnReconcile is called after each database resource reconciliation.
	OnReconcile func(types.Apps)

	// ConnectedProxyGetter gets the proxies teleport is connected to.
	ConnectedProxyGetter *reversetunnel.ConnectedProxyGetter

	// LockWatcher is the lock watcher for app access targets.
	LockWatcher *services.LockWatcher

	// Emitter is an event emitter.
	Emitter events.Emitter

	// MonitorCloseChannel will be signaled when the monitor closes a connection.
	// Used only for testing. Optional.
	MonitorCloseChannel chan struct{}
}

Config is the configuration for an application server.

func (*Config) CheckAndSetDefaults

func (c *Config) CheckAndSetDefaults() error

CheckAndSetDefaults makes sure the configuration has the minimum required to function.

type Server

type Server struct {
	// contains filtered or unexported fields
}

Server is an application server. It authenticates requests from the web proxy and forwards them to internal applications.

func New

func New(ctx context.Context, c *Config) (*Server, error)

New returns a new application server.

func (*Server) Close

func (s *Server) Close() error

Close will shut the server down and unblock any resources.

func (*Server) ForceHeartbeat

func (s *Server) ForceHeartbeat() error

ForceHeartbeat is used in tests to force updating of app servers.

func (*Server) HandleConnection

func (s *Server) HandleConnection(conn net.Conn)

HandleConnection takes a connection and wraps it in a listener so it can be passed to http.Serve to process as a HTTP request.

func (*Server) ServeHTTP

func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request)

ServeHTTP will forward the *http.Request to the target application.

func (*Server) Start

func (s *Server) Start(ctx context.Context) (err error)

Start starts proxying all registered apps.

func (*Server) Wait

func (s *Server) Wait() error

Wait will block while the server is running.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL