bootstrap

package module

v0.0.0-...-c645305 Latest Latest Go to latest Published: Feb 18, 2023 License: Apache-2.0 Imports: 11 Imported by: 4

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/costinm/grpc-mesh

Links

Open Source Insights

README ¶

XDS Bootstrap

NAMESPACE
Location

GCP specific config

From MDS:

PROJECT_ID
PROJECT_NUMBER

From GKE MDS (only when running in GKE):

CLUSTER_NAME
CLUSTER_LOCATION

MDS

instanceID
Tokens
project id

K8S JWT

{
  "aud": [
    "https://container.googleapis.com/v1/projects/costin-asm1/locations/us-central1-c/clusters/big1"
  ],
  "exp": 1706276151,
  "iat": 1674740151,
  "iss": "https://container.googleapis.com/v1/projects/costin-asm1/locations/us-central1-c/clusters/big1",
  "kubernetes.io": {
    "namespace": "fortio-asm",
    "pod": {
      "name": "fortio-7b8dd44578-m8l5g",
      "uid": "b32a3b54-31c9-429c-bddf-25fbe9960a96"
    },
    "serviceaccount": {
      "name": "default",
      "uid": "3f5d5c4f-0e16-4c0c-9339-3df707d47e2c"
    },
    "warnafter": 1674743758
  },
  "nbf": 1674740151,
  "sub": "system:serviceaccount:fortio-asm:default"
}

Documentation ¶

Index ¶

Constants
func GenerateBootstrapFile(opts *GenerateBootstrapOptions, path string) error
func InitCerts(bootstrap *Bootstrap, opts *GenerateBootstrapOptions)
func LoadKubeconfig() (*meshauth.KubeConfig, error)
type Bootstrap
- func GenerateBootstrap(opts *GenerateBootstrapOptions) (*Bootstrap, error)
- func LoadBootstrap(file string) (*Bootstrap, error)
- func (b *Bootstrap) FileWatcherProvider() *FileWatcherCertProviderConfig
type CertificateProvider
- func (cp *CertificateProvider) UnmarshalJSON(data []byte) error
type ChannelCreds
type FileWatcherCertProviderConfig
- func (c *FileWatcherCertProviderConfig) FilePaths() []string
type GenerateBootstrapOptions
type XdsServer

Constants ¶

View Source

const (
	ServerListenerNamePrefix = "xds.istio.io/grpc/lds/inbound/"
	// ServerListenerNameTemplate for the name of the Listener resource to subscribe to for a gRPC
	// server. If the token `%s` is present in the string, all instances of the
	// token will be replaced with the server's listening "IP:port" (e.g.,
	// "0.0.0.0:8080", "[::]:8080").
	ServerListenerNameTemplate = ServerListenerNamePrefix + "%s"
)

View Source

const FileWatcherCertProviderName = "file_watcher"

Variables ¶

This section is empty.

Functions ¶

func GenerateBootstrapFile ¶

func GenerateBootstrapFile(opts *GenerateBootstrapOptions, path string) error

GenerateBootstrapFile generates and writes atomically as JSON to the given file path.

func InitCerts ¶

func InitCerts(bootstrap *Bootstrap, opts *GenerateBootstrapOptions)

func LoadKubeconfig ¶

func LoadKubeconfig() (*meshauth.KubeConfig, error)

Types ¶

type Bootstrap ¶

type Bootstrap struct {
	XDSServers                 []XdsServer                    `json:"xds_servers,omitempty"`
	Node                       *core.Node                     `json:"node,omitempty"`
	CertProviders              map[string]CertificateProvider `json:"certificate_providers,omitempty"`
	ServerListenerNameTemplate string                         `json:"server_listener_resource_name_template,omitempty"`
}

Bootstrap contains the general structure of what's expected by GRPC's XDS implementation. See https://github.com/grpc/grpc-go/blob/master/xds/internal/xdsclient/bootstrap/bootstrap.go TODO use structs from gRPC lib if created/exported

func GenerateBootstrap ¶

func GenerateBootstrap(opts *GenerateBootstrapOptions) (*Bootstrap, error)

GenerateBootstrap generates the bootstrap structure for gRPC XDS integration. This is used for 'agentless' - but should also work if an agent is used (or some other provider handles the XDS proxy).

func LoadBootstrap ¶

func LoadBootstrap(file string) (*Bootstrap, error)

LoadBootstrap loads a Bootstrap from the given file path.

func (*Bootstrap) FileWatcherProvider ¶

func (b *Bootstrap) FileWatcherProvider() *FileWatcherCertProviderConfig

FileWatcherProvider returns the FileWatcherCertProviderConfig if one exists in CertProviders

type CertificateProvider ¶

type CertificateProvider struct {
	PluginName string      `json:"plugin_name,omitempty"`
	Config     interface{} `json:"config,omitempty"`
}

func (*CertificateProvider) UnmarshalJSON ¶

func (cp *CertificateProvider) UnmarshalJSON(data []byte) error

type ChannelCreds ¶

type ChannelCreds struct {
	Type   string      `json:"type,omitempty"`
	Config interface{} `json:"config,omitempty"`
}

type FileWatcherCertProviderConfig ¶

type FileWatcherCertProviderConfig struct {
	CertificateFile   string `json:"certificate_file,omitempty"`
	PrivateKeyFile    string `json:"private_key_file,omitempty"`
	CACertificateFile string `json:"ca_certificate_file,omitempty"`
	RefreshDuration   string `json:"refresh_interval,omitempty"`
}

func (*FileWatcherCertProviderConfig) FilePaths ¶

func (c *FileWatcherCertProviderConfig) FilePaths() []string

type GenerateBootstrapOptions ¶

type GenerateBootstrapOptions struct {
	// Original: Node             *model.Node
	ID string

	NodeMetadata     map[string]interface{}
	XdsUdsPath       string
	DiscoveryAddress string
	CertDir          string
	Locality         *core.Locality
}

type XdsServer ¶

type XdsServer struct {
	ServerURI      string         `json:"server_uri,omitempty"`
	ChannelCreds   []ChannelCreds `json:"channel_creds,omitempty"`
	ServerFeatures []string       `json:"server_features,omitempty"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL