Documentation
¶
Index ¶
- func CreateRemoteStateBucket(logger *logrus.Logger, bucket string) error
- func EnsureLatestTfVarsFile(...) error
- func Perturb(po *PerturbOptions, logger *logrus.Logger) (*string, error)
- type Option
- func WithAttackRepo(attackRepo string) Option
- func WithAttackTag(attackTag string) Option
- func WithBucketName(bucketName string) Option
- func WithExtraCIDRs(extraCIDRs string) Option
- func WithLogger(logger *logrus.Logger) Option
- func WithScenarioID(scenarioID string) Option
- func WithScenariosDir(scenariosDir string) Option
- func WithTfDir(tfDir string) Option
- func WithTfVarsDir(tfVarsDir string) Option
- func WithoutIPDetection(disableIPDetection bool) Option
- type PerturbOptions
- type SSHConfig
- type Simulator
- func (s *Simulator) Attack() error
- func (s *Simulator) Create() error
- func (s *Simulator) Destroy() error
- func (s *Simulator) InitIfNeeded() error
- func (s *Simulator) Launch() error
- func (s *Simulator) PrepareTfArgs(cmd string) []string
- func (s *Simulator) SSHConfig() (*string, error)
- func (s *Simulator) Status() (*TerraformOutput, error)
- func (s *Simulator) Terraform(cmd string) (*string, error)
- type StringOutput
- type StringSliceOutput
- type TerraformOutput
- type TfVars
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateRemoteStateBucket ¶
CreateRemoteStateBucket initialises a remote-state bucket
func EnsureLatestTfVarsFile ¶
func EnsureLatestTfVarsFile(tfVarsDir, publicKey, accessCIDR, bucket, attackTag, attackRepo, extraCIDRs string) error
EnsureLatestTfVarsFile always writes an tfvars file
Types ¶
type Option ¶
type Option func(*Simulator)
Option is a type used to configure a `Simulator` instance
func WithAttackRepo ¶ added in v0.6.0
WithAttackRepo returns a configurer for creating a `Simulator` instance with `NewSimulator`
func WithAttackTag ¶
WithAttackTag returns a configurer for creating a `Simulator` instance with `NewSimulator`
func WithBucketName ¶
WithBucketName returns a configurer for creating a `Simulator` instance with `NewSimulator`
func WithExtraCIDRs ¶ added in v0.6.0
WithExtraCIDRs returns a configurer for creating a `Simulator` instance with `NewSimulator`
func WithLogger ¶
WithLogger returns a configurer for creating a `Simulator` instance with `NewSimulator`
func WithScenarioID ¶
WithScenarioID returns a configurer for creating a `Simulator` instance with `NewSimulator`
func WithScenariosDir ¶
WithScenariosDir returns a configurer for creating a `Simulator` instance with `NewSimulator`
func WithTfDir ¶
WithTfDir returns a configurer for creating a `Simulator` instance with `NewSimulator`
func WithTfVarsDir ¶
WithTfVarsDir returns a configurer for creating a `Simulator` instance with `NewSimulator`
func WithoutIPDetection ¶ added in v0.6.0
WithoutIPDetection returns a configurer for creating a `Simulator` instance with `NewSimulator`
type PerturbOptions ¶
PerturbOptions represents the parameters required by the perturb.sh script
func MakePerturbOptions ¶
func MakePerturbOptions(tfo TerraformOutput, path string) PerturbOptions
MakePerturbOptions takes a TerraformOutput and a path to a scenario and makes a struct of PerturbOptions
func (*PerturbOptions) String ¶
func (po *PerturbOptions) String() string
func (*PerturbOptions) ToArguments ¶
func (po *PerturbOptions) ToArguments() []string
ToArguments converts a PerturbOptions struct into a slice of strings containing the command line options to pass to perturb
type SSHConfig ¶
type SSHConfig struct {
Alias string
Hostname string
KeyFilePath string
KnownHostsFilePath string
BastionIP string
}
SSHConfig represents the values needed to produce a config block to allow SSH to the private kubernetes nodes via the bastion
type Simulator ¶
type Simulator struct {
// Logger is the logger the simulator will use
Logger *logrus.Logger
// TfDir is the path to the terraform code used to standup the simulator cluster
TfDir string
// BucketName is the remote state bucket to use for terraform
BucketName string
// AttackTag is the docker tag for the attack container that terraform will use
// when creating the infrastructure: e.g. latest
AttackTag string
// AttackRepo is the docker repo for the attack container that terraform will use
// when creating the infrastructure: e.g. controlplane/simulator-attack
AttackRepo string
// scenarioID is the unique identifier of the scenario used for the launch function
ScenarioID string
// TfVarsDir is the location to store the terraform variables file that are detected
// automatically for use when creating the infrastructure
TfVarsDir string
// ScenariosDir is the location of the scenarios for perturb to use when perturbing
// the cluster
ScenariosDir string
// disableIPDetection enables IP checks used for cidr access. Enabled by default.
DisableIPDetection bool
// Extra CIDRs to be added to the bastion security group to allow SSH from arbitrary
// locations
ExtraCIDRs string
}
Simulator represents a session with simulator and holds all the configuration necessary to run simulator
func NewSimulator ¶
NewSimulator constructs a new instance of `Simulator`
func (*Simulator) Attack ¶
Attack establishes an SSH connection to the attack container running on the bastion host ready for the user to attempt to complete a scenario
func (*Simulator) Create ¶
Create runs terraform init, plan, apply to create the necessary infrastructure to run scenarios
func (*Simulator) InitIfNeeded ¶
InitIfNeeded checks the IP address and SSH key and updates the tfvars if needed
func (*Simulator) Launch ¶
Launch runs perturb.sh to setup a scenario with the supplied `id` assuming the infrastructure has been created. Returns an error if the infrastructure is not ready or something goes wrong
func (*Simulator) PrepareTfArgs ¶
PrepareTfArgs takes a string with the terraform command desired and returns a slice of strings containing the complete list of arguments including the command to use when exec'ing terraform
func (*Simulator) SSHConfig ¶
SSHConfig returns a pointer to string containing the stanzas to add to an ssh config file so that the kubernetes nodes are connectable directly via the bastion or an error if the infrastructure has not been created
func (*Simulator) Status ¶
func (s *Simulator) Status() (*TerraformOutput, error)
Status calls terraform output to get the state of the infrastruture and parses the output for programmatic use
type StringOutput ¶
type StringOutput struct {
Sensitive bool `json:"sensitive"`
Type string `json:"type"`
Value string `json:"value"`
}
StringOutput is a struct representing an output from terraform that contains a string
type StringSliceOutput ¶
type StringSliceOutput struct {
Sensitive bool `json:"sensitive"`
Type []interface{} `json:"type"`
Value []string `json:"value"`
}
StringSliceOutput is a struct representing an output from terraform that contains a slice of strings
type TerraformOutput ¶
type TerraformOutput struct {
BastionPublicIP StringOutput `json:"bastion_public_ip"`
ClusterNodesPrivateIP StringSliceOutput `json:"cluster_nodes_private_ip"`
MasterNodesPrivateIP StringSliceOutput `json:"master_nodes_private_ip"`
}
TerraformOutput is a struct representing the expected output variables from the terraform script
func ParseTerraformOutput ¶
func ParseTerraformOutput(output string) (*TerraformOutput, error)
ParseTerraformOutput takes a string containing the stdout from `terraform output -json` and returns a TerraformOutput struct
func (*TerraformOutput) IsUsable ¶
func (tfo *TerraformOutput) IsUsable() bool
IsUsable checks whether the TerraformOutput has all the necessary information to be converted for use with perturb
func (*TerraformOutput) ToSSHConfig ¶
func (tfo *TerraformOutput) ToSSHConfig() (*string, error)
ToSSHConfig produces the SSH config
type TfVars ¶
type TfVars struct {
PublicKey string
AccessCIDR string
BucketName string
AttackTag string
AttackRepo string
ExtraCIDRs string
}
TfVars struct representing the input variables for terraform to create the infrastructure
Source Files