juju: github.com/juju/juju/controller Index | Files | Directories

package controller

import "github.com/juju/juju/controller"

Index

Package Files

config.go

Constants

const (
    // MongoProfLow represents the most conservative mongo memory profile.
    MongoProfLow = "low"
    // MongoProfDefault represents the mongo memory profile shipped by default.
    MongoProfDefault = "default"
)
const (
    // APIPort is the port used for api connections.
    APIPort = "api-port"

    // ControllerAPIPort is an optional port that may be set for controllers
    // that have a very heavy load. If this port is set, this port is used by
    // the controllers to talk to each other - used for the local API connection
    // as well as the pubsub forwarders, and the raft workers. If this value is
    // set, the api-port isn't opened until the controllers have started
    // properly.
    ControllerAPIPort = "controller-api-port"

    // APIPortOpenDelay is a duration that the controller will wait
    // between when the controller has been deemed to be ready to open
    // the api-port and when the api-port is actually opened. This value
    // is only used when a controller-api-port value is set.
    APIPortOpenDelay = "api-port-open-delay"

    // AuditingEnabled determines whether the controller will record
    // auditing information.
    AuditingEnabled = "auditing-enabled"

    // AuditLogCaptureArgs determines whether the audit log will
    // contain the arguments passed to API methods.
    AuditLogCaptureArgs = "audit-log-capture-args"

    // AuditLogMaxSize is the maximum size for the current audit log
    // file, eg "250M".
    AuditLogMaxSize = "audit-log-max-size"

    // AuditLogMaxBackups is the number of old audit log files to keep
    // (compressed).
    AuditLogMaxBackups = "audit-log-max-backups"

    // AuditLogExcludeMethods is a list of Facade.Method names that
    // aren't interesting for audit logging purposes. A conversation
    // with only calls to these will be excluded from the
    // log. (They'll still appear in conversations that have other
    // interesting calls though.)
    AuditLogExcludeMethods = "audit-log-exclude-methods"

    // ReadOnlyMethodsWildcard is the special value that can be added
    // to the exclude-methods list that represents all of the read
    // only methods (see apiserver/observer/auditfilter.go). This
    // value will be stored in the DB (rather than being expanded at
    // write time) so any changes to the set of read-only methods in
    // new versions of Juju will be honoured.
    ReadOnlyMethodsWildcard = "ReadOnlyMethods"

    // StatePort is the port used for mongo connections.
    StatePort = "state-port"

    // CACertKey is the key for the controller's CA certificate attribute.
    CACertKey = "ca-cert"

    // CharmStoreURL is the key for the url to use for charmstore API calls
    CharmStoreURL = "charmstore-url"

    // ControllerUUIDKey is the key for the controller UUID attribute.
    ControllerUUIDKey = "controller-uuid"

    // IdentityURL sets the url of the identity manager.
    IdentityURL = "identity-url"

    // IdentityPublicKey sets the public key of the identity manager.
    IdentityPublicKey = "identity-public-key"

    // SetNUMAControlPolicyKey stores the value for this setting
    SetNUMAControlPolicyKey = "set-numa-control-policy"

    // AutocertDNSNameKey sets the DNS name of the controller. If a
    // client connects to this name, an official certificate will be
    // automatically requested. Connecting to any other host name
    // will use the usual self-generated certificate.
    AutocertDNSNameKey = "autocert-dns-name"

    // AutocertURLKey sets the URL used to obtain official TLS
    // certificates when a client connects to the API. By default,
    // certficates are obtains from LetsEncrypt. A good value for
    // testing is
    // "https://acme-staging.api.letsencrypt.org/directory".
    AutocertURLKey = "autocert-url"

    // AllowModelAccessKey sets whether the controller will allow users to
    // connect to models they have been authorized for even when
    // they don't have any access rights to the controller itself.
    AllowModelAccessKey = "allow-model-access"

    // MongoMemoryProfile sets whether mongo uses the least possible memory or the
    // detault
    MongoMemoryProfile = "mongo-memory-profile"

    // MaxDebugLogDuration is used to provide a backstop to the execution of a debug-log
    // command. If someone starts a debug-log session in a remote screen for example, it
    // is very easy to disconnect from the screen while leaving the debug-log process
    // running. This causes unnecessary load on the API Server. The max debug-log duration
    // has a default of 24 hours, which should be more than enough time for a debugging
    // session. If the user needs more information, perhaps debug-log isn't the right source.
    MaxDebugLogDuration = "max-debug-log-duration"

    // MaxLogsAge is the maximum age for log entries, eg "72h"
    MaxLogsAge = "max-logs-age"

    // MaxLogsSize is the maximum size the log collection can grow to
    // before it is pruned, eg "4M"
    MaxLogsSize = "max-logs-size"

    // ModelLogsSize is the size of the capped collections used to hold the
    // logs for the models, eg "20M". Size is per model.
    ModelLogsSize = "model-logs-size"

    // MaxTxnLogSize is the maximum size the of capped txn log collection, eg "10M"
    MaxTxnLogSize = "max-txn-log-size"

    // MaxPruneTxnBatchSize (deprecated) is the maximum number of transactions
    // we will evaluate in one go when pruning. Default is 1M transactions.
    // A value <= 0 indicates to do all transactions at once.
    MaxPruneTxnBatchSize = "max-prune-txn-batch-size"

    // MaxPruneTxnPasses (deprecated) is the maximum number of batches that we will process.
    // So total number of transactions that can be processed is MaxPruneTxnBatchSize * MaxPruneTxnPasses.
    // A value <= 0 implies 'do a single pass'. If both MaxPruneTxnBatchSize and MaxPruneTxnPasses are 0, then the
    // default value of 1M BatchSize and 100 passes will be used instead.
    MaxPruneTxnPasses = "max-prune-txn-passes"

    // PruneTxnQueryCount is the number of transactions to read in a single query.
    // Minimum of 10, a value of 0 will indicate to use the default value (1000)
    PruneTxnQueryCount = "prune-txn-query-count"

    // PruneTxnSleepTime is the amount of time to sleep between processing each
    // batch query. This is used to reduce load on the system, allowing other queries
    // to time to operate. On large controllers, processing 1000 txs seems to take
    // about 100ms, so a sleep time of 10ms represents a 10% slowdown, but allows
    // other systems to operate concurrently.
    // A negative number will indicate to use the default, a value of 0 indicates
    // to not sleep at all.
    PruneTxnSleepTime = "prune-txn-sleep-time"

    // DefaultAuditingEnabled contains the default value for the
    // AuditingEnabled config value.
    DefaultAuditingEnabled = true

    // DefaultAuditLogCaptureArgs is the default for the
    // AuditLogCaptureArgs setting (which is not to capture them).
    DefaultAuditLogCaptureArgs = false

    // DefaultAuditLogMaxSizeMB is the default size in MB at which we
    // roll the audit log file.
    DefaultAuditLogMaxSizeMB = 300

    // DefaultAuditLogMaxBackups is the default number of files to
    // keep.
    DefaultAuditLogMaxBackups = 10

    // DefaultNUMAControlPolicy should not be used by default.
    // Only use numactl if user specifically requests it
    DefaultNUMAControlPolicy = false

    // DefaultStatePort is the default port the controller is listening on.
    DefaultStatePort int = 37017

    // DefaultAPIPort is the default port the API server is listening on.
    DefaultAPIPort int = 17070

    // DefaultAPIPortOpenDelay is the default value for api-port-open-delay.
    // It is a string representation of a time.Duration.
    DefaultAPIPortOpenDelay = "2s"

    // DefaultMongoMemoryProfile is the default profile used by mongo.
    DefaultMongoMemoryProfile = MongoProfDefault

    // DefaultMaxDebugLogDuration is the default duration that debug-log commands
    // can run before being terminated by the API server.
    DefaultMaxDebugLogDuration = 24 * time.Hour

    // DefaultMaxLogsAgeDays is the maximum age in days of log entries.
    DefaultMaxLogsAgeDays = 3

    // DefaultMaxLogCollectionMB is the maximum size the log collection can
    // grow to before being pruned.
    DefaultMaxLogCollectionMB = 4 * 1024 // 4 GB

    // DefaultMaxTxnLogCollectionMB is the maximum size the txn log collection.
    DefaultMaxTxnLogCollectionMB = 10 // 10 MB

    // DefaultMaxPruneTxnBatchSize is the normal number of transaction we will prune in a given pass (1M) (deprecated)
    DefaultMaxPruneTxnBatchSize = 1 * 1000 * 1000

    // DefaultMaxPruneTxnPasses is the default number of batches we will process (deprecated)
    DefaultMaxPruneTxnPasses = 100

    // DefaultModelLogsSizeMB is the size in MB of the capped logs collection
    // for each model.
    DefaultModelLogsSizeMB = 20

    // DefaultPruneTxnQueryCount is the number of transactions to read in a single query.
    DefaultPruneTxnQueryCount = 1000

    // DefaultPruneTxnSleepTime is the amount of time to sleep between processing each
    // batch query. This is used to reduce load on the system, allowing other queries
    // to time to operate. On large controllers, processing 1000 txs seems to take
    // about 100ms, so a sleep time of 10ms represents a 10% slowdown, but allows
    // other systems to operate concurrently.
    DefaultPruneTxnSleepTime = "10ms"

    // JujuHASpace is the network space within which the MongoDB replica-set
    // should communicate.
    JujuHASpace = "juju-ha-space"

    // JujuManagementSpace is the network space that agents should use to
    // communicate with controllers.
    JujuManagementSpace = "juju-mgmt-space"

    // CAASOperatorImagePath sets the url of the docker image
    // used for the application operator.
    // Deprecated: use CAASImageRepo
    CAASOperatorImagePath = "caas-operator-image-path"

    // CAASImageRepo sets the docker repo to use
    // for the jujud operator and mongo images.
    CAASImageRepo = "caas-image-repo"

    // Features allows a list of runtime changeable features to be updated.
    Features = "features"

    // MeteringURL is the key for the url to use for metrics
    MeteringURL = "metering-url"
)

Variables

var (
    // ControllerOnlyConfigAttributes are attributes which are only relevant
    // for a controller, never a model.
    ControllerOnlyConfigAttributes = []string{
        AllowModelAccessKey,
        APIPort,
        APIPortOpenDelay,
        AutocertDNSNameKey,
        AutocertURLKey,
        CACertKey,
        CharmStoreURL,
        ControllerAPIPort,
        ControllerUUIDKey,
        IdentityPublicKey,
        IdentityURL,
        SetNUMAControlPolicyKey,
        StatePort,
        MongoMemoryProfile,
        MaxDebugLogDuration,

        MaxLogsSize,
        MaxLogsAge,
        MaxTxnLogSize,
        MaxPruneTxnBatchSize,
        MaxPruneTxnPasses,
        ModelLogsSize,
        PruneTxnQueryCount,
        PruneTxnSleepTime,
        JujuHASpace,
        JujuManagementSpace,
        AuditingEnabled,
        AuditLogCaptureArgs,
        AuditLogMaxSize,
        AuditLogMaxBackups,
        AuditLogExcludeMethods,
        CAASOperatorImagePath,
        CAASImageRepo,
        Features,
        MeteringURL,
    }

    // AllowedUpdateConfigAttributes contains all of the controller
    // config attributes that are allowed to be updated after the
    // controller has been created.
    AllowedUpdateConfigAttributes = set.NewStrings(
        APIPortOpenDelay,
        AuditingEnabled,
        AuditLogCaptureArgs,
        AuditLogExcludeMethods,

        ControllerAPIPort,
        MaxDebugLogDuration,
        MaxPruneTxnBatchSize,
        MaxPruneTxnPasses,

        MaxLogsSize,
        MaxLogsAge,
        ModelLogsSize,
        MongoMemoryProfile,
        PruneTxnQueryCount,
        PruneTxnSleepTime,
        JujuHASpace,
        JujuManagementSpace,
        CAASOperatorImagePath,
        CAASImageRepo,
        Features,
    )

    // DefaultAuditLogExcludeMethods is the default list of methods to
    // exclude from the audit log.
    DefaultAuditLogExcludeMethods = []string{

        ReadOnlyMethodsWildcard,
    }
)
var ConfigSchema = environschema.Fields{
    AuditingEnabled: {
        Description: "Determines if the controller records auditing information",
        Type:        environschema.Tbool,
    },
    AuditLogCaptureArgs: {
        Description: `Determines if the audit log contains the arguments passed to API methods`,
        Type:        environschema.Tbool,
    },
    AuditLogMaxSize: {
        Description: "The maximum size for the current controller audit log file",
        Type:        environschema.Tstring,
    },
    AuditLogMaxBackups: {
        Type:        environschema.Tint,
        Description: "The number of old audit log files to keep (compressed)",
    },
    AuditLogExcludeMethods: {
        Type:        environschema.FieldType("list of strings"),
        Description: "The list of Facade.Method names that aren't interesting for audit logging purposes.",
    },
    APIPort: {
        Type:        environschema.Tint,
        Description: "The port used for api connections",
    },
    APIPortOpenDelay: {
        Type:        environschema.Tstring,
        Description: "" /* 218 byte string literal not displayed */,
    },
    ControllerAPIPort: {
        Type:        environschema.Tint,
        Description: "" /* 344 byte string literal not displayed */,
    },
    StatePort: {
        Type:        environschema.Tint,
        Description: `The port used for mongo connections`,
    },
    IdentityURL: {
        Type:        environschema.Tstring,
        Description: `The url of the identity manager`,
    },
    IdentityPublicKey: {
        Type:        environschema.Tstring,
        Description: `The public key of the identity manager`,
    },
    SetNUMAControlPolicyKey: {
        Type:        environschema.Tbool,
        Description: `Determines if the NUMA control policy is set`,
    },
    AutocertURLKey: {
        Type:        environschema.Tstring,
        Description: `The URL used to obtain official TLS certificates when a client connects to the API`,
    },
    AutocertDNSNameKey: {
        Type:        environschema.Tstring,
        Description: `The DNS name of the controller`,
    },
    AllowModelAccessKey: {
        Type:        environschema.Tbool,
        Description: "" /* 165 byte string literal not displayed */,
    },
    MongoMemoryProfile: {
        Type:        environschema.Tstring,
        Description: `Sets mongo memory profile`,
    },
    MaxDebugLogDuration: {
        Type:        environschema.Tstring,
        Description: `The maximum amout of time a debug-log session is allowed to run`,
    },
    MaxLogsAge: {
        Type:        environschema.Tstring,
        Description: `The maximum age for log entries`,
    },
    MaxLogsSize: {
        Type:        environschema.Tstring,
        Description: `The maximum size the log collection can grow to before it is pruned`,
    },
    MaxTxnLogSize: {
        Type:        environschema.Tstring,
        Description: `The maximum size the of capped txn log collection`,
    },
    MaxPruneTxnBatchSize: {
        Type:        environschema.Tint,
        Description: `(deprecated) The maximum number of transactions evaluated in one go when pruning`,
    },
    MaxPruneTxnPasses: {
        Type:        environschema.Tint,
        Description: `(deprecated) The maximum number of batches processed when pruning`,
    },
    ModelLogsSize: {
        Type:        environschema.Tstring,
        Description: `The size of the capped collections used to hold the logs for the models`,
    },
    PruneTxnQueryCount: {
        Type:        environschema.Tint,
        Description: `The number of transactions to read in a single query`,
    },
    PruneTxnSleepTime: {
        Type:        environschema.Tstring,
        Description: `The amount of time to sleep between processing each batch query`,
    },
    JujuHASpace: {
        Type:        environschema.Tstring,
        Description: `The network space within which the MongoDB replica-set should communicate`,
    },
    JujuManagementSpace: {
        Type:        environschema.Tstring,
        Description: `The network space that agents should use to communicate with controllers`,
    },
    CAASOperatorImagePath: {
        Type: environschema.Tstring,
        Description: `(deprected) The url of the docker image used for the application operator.
Use "caas-image-repo" instead.`,
    },
    CAASImageRepo: {
        Type:        environschema.Tstring,
        Description: `The docker repo to use for the jujud operator and mongo images`,
    },
    Features: {
        Type:        environschema.FieldType("list of strings"),
        Description: `A list of runtime changeable features to be updated`,
    },
    CharmStoreURL: {
        Type:        environschema.Tstring,
        Description: `The url for charmstore API calls`,
    },
    MeteringURL: {
        Type:        environschema.Tstring,
        Description: `The url for metrics`,
    },
}

ConfigSchema holds information on all the fields defined by the config package.

func ControllerOnlyAttribute Uses

func ControllerOnlyAttribute(attr string) bool

ControllerOnlyAttribute returns true if the specified attribute name is only relevant for a controller.

func GenerateControllerCertAndKey Uses

func GenerateControllerCertAndKey(caCert, caKey string, hostAddresses []string) (string, string, error)

GenerateControllerCertAndKey makes sure that the config has a CACert and CAPrivateKey, generates and returns new certificate and key.

func Validate Uses

func Validate(c Config) error

Validate ensures that config is a valid configuration.

type Config Uses

type Config map[string]interface{}

Config is a string-keyed map of controller configuration attributes.

func NewConfig Uses

func NewConfig(controllerUUID, caCert string, attrs map[string]interface{}) (Config, error)

NewConfig creates a new Config from the supplied attributes. Default values will be used where defaults are available.

The controller UUID and CA certificate must be passed in. The UUID is typically generated by the immediate caller, and the CA certificate generated by environs/bootstrap.NewConfig.

func (Config) APIPort Uses

func (c Config) APIPort() int

APIPort returns the API server port for the environment.

func (Config) APIPortOpenDelay Uses

func (c Config) APIPortOpenDelay() time.Duration

APIPortOpenDelay returns the duration to wait before opening the APIPort once the controller has started up. Only used when the ControllerAPIPort is non-zero.

func (Config) AllowModelAccess Uses

func (c Config) AllowModelAccess() bool

AllowModelAccess reports whether users are allowed to access models they have been granted permission for even when they can't access the controller.

func (Config) AsSpaceConstraints Uses

func (c Config) AsSpaceConstraints(spaces *[]string) *[]string

AsSpaceConstraints checks to see whether config has spaces names populated for management and/or HA (Mongo). Non-empty values are merged with any input spaces and returned as a new slice reference. A slice pointer is used for congruence with the Spaces member in constraints.Value.

func (Config) AuditLogCaptureArgs Uses

func (c Config) AuditLogCaptureArgs() bool

AuditLogCaptureArgs returns whether audit logging should capture the arguments to API methods. The default is false.

func (Config) AuditLogExcludeMethods Uses

func (c Config) AuditLogExcludeMethods() set.Strings

AuditLogExcludeMethods returns the set of method names that are considered uninteresting for audit logging. Conversations containing only these will be excluded from the audit log.

func (Config) AuditLogMaxBackups Uses

func (c Config) AuditLogMaxBackups() int

AuditLogMaxBackups returns the maximum number of backup audit log files to keep.

func (Config) AuditLogMaxSizeMB Uses

func (c Config) AuditLogMaxSizeMB() int

AuditLogMaxSizeMB returns the maximum size for an audit log file in MB.

func (Config) AuditingEnabled Uses

func (c Config) AuditingEnabled() bool

AuditingEnabled returns whether or not auditing has been enabled for the environment. The default is false.

func (Config) AutocertDNSName Uses

func (c Config) AutocertDNSName() string

AutocertDNSName returns the DNS name of the controller. See AutocertDNSNameKey for more details.

func (Config) AutocertURL Uses

func (c Config) AutocertURL() string

AutocertURL returns the URL used to obtain official TLS certificates when a client connects to the API. See AutocertURLKey for more details.

func (Config) CAASImageRepo Uses

func (c Config) CAASImageRepo() string

CAASImageRepo sets the url of the docker repo used for the jujud operator and mongo images.

func (Config) CAASOperatorImagePath Uses

func (c Config) CAASOperatorImagePath() string

CAASOperatorImagePath sets the url of the docker image used for the application operator.

func (Config) CACert Uses

func (c Config) CACert() (string, bool)

CACert returns the certificate of the CA that signed the controller certificate, in PEM format, and whether the setting is available.

TODO(axw) once the controller config is completely constructed, there will always be a CA certificate. Get rid of the bool result.

func (Config) CharmStoreURL Uses

func (c Config) CharmStoreURL() string

CharmStoreURL returns the URL to use for charmstore api calls.

func (Config) ControllerAPIPort Uses

func (c Config) ControllerAPIPort() int

ControllerAPIPort returns the optional API port to be used for the controllers to talk to each other. A zero value means that it is not set.

func (Config) ControllerUUID Uses

func (c Config) ControllerUUID() string

ControllerUUID returns the uuid for the controller.

func (Config) Features Uses

func (c Config) Features() set.Strings

Features returns the controller config set features flags.

func (Config) IdentityPublicKey Uses

func (c Config) IdentityPublicKey() *bakery.PublicKey

IdentityPublicKey returns the public key of the identity manager.

func (Config) IdentityURL Uses

func (c Config) IdentityURL() string

IdentityURL returns the url of the identity manager.

func (Config) JujuHASpace Uses

func (c Config) JujuHASpace() string

JujuHASpace is the network space within which the MongoDB replica-set should communicate.

func (Config) JujuManagementSpace Uses

func (c Config) JujuManagementSpace() string

JujuManagementSpace is the network space that agents should use to communicate with controllers.

func (Config) MaxDebugLogDuration Uses

func (c Config) MaxDebugLogDuration() time.Duration

MaxDebugLogDuration is the maximum time a debug-log session is allowed to run before it is terminated by the server.

func (Config) MaxPruneTxnBatchSize Uses

func (c Config) MaxPruneTxnBatchSize() int

MaxPruneTxnBatchSize is the maximum size of the txn log collection.

func (Config) MaxPruneTxnPasses Uses

func (c Config) MaxPruneTxnPasses() int

MaxPruneTxnPasses is the maximum number of batches of the txn log collection we will process at a time.

func (Config) MaxTxnLogSizeMB Uses

func (c Config) MaxTxnLogSizeMB() int

MaxTxnLogSizeMB is the maximum size in MiB of the txn log collection.

func (Config) MeteringURL Uses

func (c Config) MeteringURL() string

MeteringURL returns the URL to use for metering api calls.

func (Config) ModelLogsSizeMB Uses

func (c Config) ModelLogsSizeMB() int

ModelLogsSizeMB is the size of the capped collection used to store the model logs. Total size on disk will be ModelLogsSizeMB * number of models.

func (Config) MongoMemoryProfile Uses

func (c Config) MongoMemoryProfile() string

MongoMemoryProfile returns the selected profile or low.

func (Config) NUMACtlPreference Uses

func (c Config) NUMACtlPreference() bool

NUMACtlPreference returns if numactl is preferred.

func (Config) PruneTxnQueryCount Uses

func (c Config) PruneTxnQueryCount() int

PruneTxnQueryCount is the size of small batches for pruning

func (Config) PruneTxnSleepTime Uses

func (c Config) PruneTxnSleepTime() time.Duration

PruneTxnSleepTime is the amount of time to sleep between batches.

func (Config) StatePort Uses

func (c Config) StatePort() int

StatePort returns the mongo server port for the environment.

func (Config) Validate Uses

func (c Config) Validate() error

Validate validates the controller configuration.

Directories

PathSynopsis
authentication
modelmanagerPackage modelmanager provides the business logic for model management operations in the controller.

Package controller imports 16 packages (graph) and is imported by 417 packages. Updated 2019-08-24. Refresh now. Tools for package owners.