skv2enterprise

package

v1.1.2 Latest Latest Go to latest Published: Sep 29, 2021 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/solo-io/gloo-mesh

Documentation ¶

Index ¶

func DialIdentityServer(ctx context.Context, relayServerDialOpts grpcutils.DialOpts, ...) (*grpc.ClientConn, error)
func ParseCert(certPem, keyPem []byte) (tls.Certificate, error)
func SecretToTLSConfig(secret *corev1.Secret, client bool) (*tls.Config, error)
func TLSConfig(root, certPem, keyPem []byte, client bool) (*tls.Config, error)
type Options
- func (opts *Options) AddToFlags(flags *pflag.FlagSet)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DialIdentityServer ¶

func DialIdentityServer(
	ctx context.Context,
	relayServerDialOpts grpcutils.DialOpts,
	secretClient v1.SecretClient,
	rootCertSecretRef client.ObjectKey,
) (*grpc.ClientConn, error)

Copied from https://github.com/solo-io/skv2-enterprise/blob/b6945a04e5ff216469ccbc5feee0d201fc8266cc/relay/pkg/grpc/dialer.go#L146 creates the initial TLS connection from agent to server for establishing identity by decorating grpcutils.DialOpts with TLS credentials derived from the rootCertSecretRef for verifying server identity exposed for usage in validation contexts

func ParseCert ¶

func ParseCert(certPem, keyPem []byte) (tls.Certificate, error)

Copied from https://github.com/solo-io/skv2-enterprise/blob/4faa29210abf6591325ffe0bbdac09f1bda2befe/relay/pkg/identity/utils/utils.go#L46-L52

func SecretToTLSConfig ¶

func SecretToTLSConfig(secret *corev1.Secret, client bool) (*tls.Config, error)

Copied from https://github.com/solo-io/skv2-enterprise/blob/4faa29210abf6591325ffe0bbdac09f1bda2befe/relay/pkg/identity/server/ca/secret.go#L50 SecretToTLSConfig parses TLS config data from a k8s secret storing tls certs

func TLSConfig ¶

func TLSConfig(root, certPem, keyPem []byte, client bool) (*tls.Config, error)

Copied from https://github.com/solo-io/skv2-enterprise/blob/4faa29210abf6591325ffe0bbdac09f1bda2befe/relay/pkg/identity/utils/utils.go#L54-L85

Types ¶

type Options ¶

type Options struct {
	Server      grpcutils.DialOpts
	Cluster     string
	RelayHost   string
	AgentLabels map[string]string

	// Reference to a Secret containing the Client TLS Certificates used to identify the Relay Agent to the Server.
	// If the secret does not exist, a Token and Root cert secret are required.
	ClientCertSecret client.ObjectKey

	// Reference to a Secret containing a Root TLS Certificates used to verify the Relay Server Certificate.
	// The secret can also optionally specify a `tls.key` which will be used to generate the Agent Client Certificate.
	RootTlsSecret client.ObjectKey

	// Reference to a Secret containing a shared Token for authenticating to the Relay Server
	TokenSecret struct {
		Name      string
		Namespace string
		Key       string
	}
}

Copied from https://github.com/solo-io/skv2-enterprise/blob/1bcee7a74da086a121e876c9f1f7e9ff83ab0f90/relay/pkg/agent/agent_setup.go#L21-L61

func (*Options) AddToFlags ¶

func (opts *Options) AddToFlags(flags *pflag.FlagSet)

Source Files ¶

View all Source files

skv2_enterprise_copy.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL