storage

package
v0.0.0-...-3bfe646 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 28, 2023 License: Apache-2.0 Imports: 38 Imported by: 31

Documentation

Overview

Package storage implements storage backends for objects in portal - Accounts, Sites and others these implementations are supposed to be dumb - no business logic just storage logic should be handled to keep the backend implementations small.

Index

Constants

View Source 
const (
	// OperationPhaseStateUnstarted means that the phase or all of its subphases haven't started executing yet
	OperationPhaseStateUnstarted = "unstarted"
	// OperationPhaseStateInProgress means that the phase or any of its subphases haven't reached any of the final states yet
	OperationPhaseStateInProgress = "in_progress"
	// OperationPhaseStateCompleted means that the phase or all of its subphases have been completed
	OperationPhaseStateCompleted = "completed"
	// OperationPhaseStateFailed means that the phase or all of its subphases have failed
	OperationPhaseStateFailed = "failed"
	// OperationPhaseStateRolledBack means that the phase or all of its subphases have been rolled back
	OperationPhaseStateRolledBack = "rolled_back"
)
View Source 
const (
	// KindCluster is a resource kind for gravity clusters
	KindCluster = "cluster"
	// KindRepository represents repositories
	KindRepository = "repository"
	// KindApp represents applications and packages
	KindApp = "app"
	// KindObject represents binary object BLOB
	KindObject = "object"
	// KindAccount represents account resource
	KindAccount = "account"
	// KindToken is security token (e.g. API Key)
	KindToken = "token"
	// KindLicense represents Gravity software license
	KindLicense = "license"
	// VerbRegister is used to allow registering new clusters
	// within an Ops Center
	VerbRegister = "register"
	// VerbConnect is used to allow users to connect to clusters
	VerbConnect = "connect"
	// VerbReadSecrets is used to allow reading secrets
	VerbReadSecrets = "readsecrets"
	// KindLogForwarder is log forwarder resource kind
	KindLogForwarder = "logforwarder"
	// KindTLSKeyPair is a TLS key pair
	KindTLSKeyPair = "tlskeypair"
	// KindSMTPConfig defines the monitoring SMTP configuration resource type
	KindSMTPConfig = "smtp"
	// KindAlert defines the monitoring alert resource type
	KindAlert = "alert"
	// KindAlertTarget defines the monitoring alert target resource type
	KindAlertTarget = "alerttarget"
	// KindSystemInfo defines the system information resource
	KindSystemInfo = "systeminfo"
	// KindEndpoints defines the Ops Center endpoints resource type
	KindEndpoints = "endpoints"
	// KindAuthGateway defines the auth gateway resource type
	KindAuthGateway = "authgateway"
	// KindRuntimeEnvironment defines the resource that manages cluster environment variables
	KindRuntimeEnvironment = "runtimeenvironment"
	// KindClusterConfiguration defines the resource that manages cluster configuration
	KindClusterConfiguration = "clusterconfiguration"
	// KindPersistentStorage is the resource for managing persistent storage in the cluster
	KindPersistentStorage = "persistentstorage"
	// KindOperation is the cluster operation resource type.
	KindOperation = "operation"
	// KindRelease defines the application release resource type
	KindRelease = "release"
	// KindInvite defines the user invite token.
	KindInvite = "invite"
)
View Source 
const (
	// UserTokenTypeInvite adds new user to existing account
	UserTokenTypeInvite = "invite"
	// UserTokenTypeReset resets user credentials
	UserTokenTypeReset = "reset"
)
View Source 
const (
	// ProvisioningTokenTypeInstall is cluster agent token
	ProvisioningTokenTypeInstall = "install"
	// ProvisioningTokenTypeExpand is used to validate joining nodes
	ProvisioningTokenTypeExpand = "expand"
	// ProvisioningTokenTypeTeleport is used by Teleport nodes to authenticate with auth server
	ProvisioningTokenTypeTeleport = "teleport"
)
View Source 
const (
	// NodeTypeNode is a type of teleport node - SSH Node
	NodeTypeNode = "node"
	// NodeTypeProxy is a type of teleport node - SSH Proxy server
	NodeTypeProxy = "proxy"
	// NodeTypeAuth is a type of teleport node - SSH Auth server
	NodeTypeAuth = "auth"
)
View Source 
const (
	// OpsCenterRemoteAccessLink is a link used to provide remote access via Teleport
	OpsCenterRemoteAccessLink = "remote_access"
	// OpsCenterUpdateLink is a link to fetch periodic updates
	OpsCenterUpdateLink = "update"
)
View Source 
const (
	// MaxLimit sets maximum pagination limit
	MaxLimit = 1000
	// Forever indicates to store value forever
	Forever = 0
)
View Source 
const (
	// ServerUpdateStart is the value of the operation state at start
	ServerUpdateStart = ""
	// ServerUpdateSuccess signifies successfully completed operation
	ServerUpdateSuccess = "update_success"
	// ServerUpdateInProgress signifies an ongoing operation
	ServerUpdateInProgress = "update_in_progress"
	// ServerUpdateRollbackInProgress signifies the ongoing rollback operation
	ServerUpdateRollbackInProgress = "rollback_in_progress"
	// ServerUpdateRollbackSuccess signifies a successfully rolled back operation
	ServerUpdateRollbackSuccess = "rollback_success"
	// ServerUpdateFailed signifies an update operation failure state
	ServerUpdateFailed = "failed"
)
View Source 
const (
	// AgentUser defines a restricted user type used during OpsCenter operations
	AgentUser = "agent"
	// AdminUser defines a user type with maximum permissions
	AdminUser = "admin"
	// RegularUser user is standard interactive user
	RegularUser = "regular"
)
View Source 
const AlertSpecV2Schema = `` /* 321-byte string literal not displayed */

AlertSpecV2Schema is JSON schema for a monitoring alert

View Source 
const AlertTargetSpecV2Schema = `` /* 135-byte string literal not displayed */

AlertTargetSpecV2Schema is JSON schema for a monitoring alert target

View Source 
const ClusterSpecV2Schema = `` /* 915-byte string literal not displayed */

ClusterSpecV2Schema is JSON schema for server

View Source 
const EndpointsSpecV2Schema = `` /* 216-byte string literal not displayed */

EndpointsSpecV2Schema is the endpoints resource JSON schema

View Source 
const EnvironmentSpecSchema = `` /* 875-byte string literal not displayed */

EnvironmentSpecSchema is JSON schema for the cluster runtime environment variables resource

View Source 
const LogForwarderV2Schema = `` /* 175-byte string literal not displayed */

LogForwarderV2Schema is the log forwarder JSON schema

View Source 
const MetadataSchema = `` /* 441-byte string literal not displayed */

MetadataSchema is a copy of teleport/lib/services.MetadataSchema but with optional 'name' property because some Gravity resources do not require it

View Source 
const RepositorySpecV2Schema = `{
  "type": "object",
  "additionalProperties": false,
  "properties": {}
}`

RepositorySpecV2Schema is JSON schema for repository spec

View Source 
const SMTPConfigSpecV2Schema = `` /* 238-byte string literal not displayed */

SMTPConfigSpecV2Schema is JSON schema for SMTP configuration

View Source 
const SystemSpecV2Schema = `` /* 3210-byte string literal not displayed */

SystemSpecV2Schema is JSON schema for host system information

View Source 
const TLSKeyPairSpecV2Schema = `` /* 187-byte string literal not displayed */

TLSKeyPairSpecV2Schema is JSON schema for TLS keypair

View Source 
const TokenSpecV2Schema = `` /* 133-byte string literal not displayed */

TokenSpecV2Schema is JSON schema for server

View Source 
const TrustedClusterSpecV2Extension = `
  "sni_host": {"type": "string"},
  "pull_updates": {"type": "boolean"},
  "wizard": {"type": "boolean"}
`
View Source 
const UserSpecV2Extension = `` /* 279-byte string literal not displayed */

UserSpecV2Extension is our extension to Teleport's user

Variables

View Source 
var AuthGatewaySpecV1Schema = fmt.Sprintf(`{
  "type": "object",
  "additionalProperties": false,
  "properties": {
    "connection_limits": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "max_connections": {"type": "number"},
        "max_users": {"type": "number"}
      }
    },
    "authentication": %v,
    "client_idle_timeout": {"type": "string"},
    "disconnect_expired_cert": {"type": "boolean"},
    "public_addr": {"type": "array", "items": {"type": "string"}},
    "ssh_public_addr": {"type": "array", "items": {"type": "string"}},
    "kubernetes_public_addr": {"type": "array", "items": {"type": "string"}},
    "web_public_addr": {"type": "array", "items": {"type": "string"}}
  }
}`, fmt.Sprintf(teleservices.AuthPreferenceSpecSchemaTemplate, ""))

AuthGatewaySpecV1Schema defines the auth gateway spec schema.

View Source 
var DefaultDNSConfig = DNSConfig{
	Port:  defaults.DNSPort,
	Addrs: []string{defaults.DNSListenAddr},
}

DefaultDNSConfig defines the default cluster local DNS configuration

View Source 
var DefaultSubnets = Subnets{
	Overlay: defaults.PodSubnet,
	Service: defaults.ServiceSubnet,
}

DefaultSubnets defines a default Subnets descriptor to use for onprem installations

View Source 
var LegacyDNSConfig = DNSConfig{
	Port:  defaults.DNSPort,
	Addrs: []string{"127.0.0.1"},
}

LegacyDNSConfig defines the local DNS configuration on older clusters

View Source 
var OperationNodeSchema = `` /* 176-byte string literal not displayed */

OperationNodeSchema is a single operation node json schema.

View Source 
var OperationPhaseStates = []string{
	OperationPhaseStateUnstarted,
	OperationPhaseStateInProgress,
	OperationPhaseStateCompleted,
	OperationPhaseStateFailed,
	OperationPhaseStateRolledBack,
}

OperationPhaseStates is a list of all supported phase states.

View Source 
var OperationSpecV2Schema = fmt.Sprintf(`{
  "type": "object",
  "additionalProperties": false,
  "properties": {
    "type": {"type": "string"},
    "created": {"type": "string"},
    "install": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "nodes": {
          "type": "array",
          "items": %[1]v
        }
      }
    },
    "expand": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "node": %[1]v
      }
    },
    "shrink": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "node": %[1]v
      }
    },
    "upgrade": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "package": {"type": "string"}
      }
    },
    "updateEnviron": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "env": {"type": "object"}
      }
    },
    "updateConfig": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "config": {"type": "string"}
      }
    },
    "reconfigure": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "ip": {"type": "string"}
      }
    }
  }
}`, OperationNodeSchema)

OperationSpecV2Schema is the operation json schema.

View Source 
var PersistentStorageSpecV1Schema = `` /* 1194-byte string literal not displayed */

PersistentStorageSpecV1Schema is the persistent storage resource spec schema.

View Source 
var ReleaseV1Schema = `` /* 464-byte string literal not displayed */

ReleaseV1Schema defines the release resource schema.

View Source 
var (
	// ResourceNameExpr is identifier that specifies resource name
	ResourceNameExpr = IdentifierExpr("resource.metadata.name")
)
View Source 
var SupportedGravityResources = []string{
	teleservices.KindClusterAuthPreference,
	teleservices.KindGithubConnector,
	teleservices.KindAuthConnector,
	teleservices.KindUser,
	KindToken,
	KindLogForwarder,
	KindSMTPConfig,
	KindAlert,
	KindAlertTarget,
	KindTLSKeyPair,
	KindAuthGateway,
	KindRuntimeEnvironment,
	KindClusterConfiguration,
	KindPersistentStorage,
	KindOperation,
}

SupportedGravityResources is a list of resources supported by "gravity resource create/get" subcommands

View Source 
var SupportedGravityResourcesToRemove = []string{
	teleservices.KindGithubConnector,
	teleservices.KindUser,
	KindToken,
	KindLogForwarder,
	KindSMTPConfig,
	KindAlert,
	KindAlertTarget,
	KindTLSKeyPair,
	KindRuntimeEnvironment,
	KindClusterConfiguration,
}

SupportedGravityResourcesToRemove is a list of resources supported by "gravity resource rm" subcommand

View Source 
var SupportedUserTypes = []string{AgentUser, AdminUser, RegularUser}

SupportedUserTypes lists all supported user types

Functions

func CanonicalKind 

func CanonicalKind(kind string) string

CanonicalKind translates the specified kind to canonical form. Returns the kind unmodified if it did not match any known resource

func CheckUserToken 

func CheckUserToken(s string) error

CheckUserToken returns nil if the value is correct, error otherwise

func ClusterAdminAgent 

func ClusterAdminAgent(clusterName string) string

ClusterAdminAgent generates the name of the admin agent user for the specified cluster

func ClusterAgent 

func ClusterAgent(cluster string) string

ClusterAgent generates the name of the agent user for the specified cluster

func DeepComparePhases 

func DeepComparePhases(c *check.C, expected, actual OperationPhase)

DeepComparePhases compares the actual phase to the expected phase omitting some insignificant fields like description or UI step number

func DisableAccess 

func DisableAccess(backend Backend, name string, delay time.Duration) error

DisableAccess disables access for the remote Teleport cluster (Ops Center or installer wizard) with the specified name.

All objects that comprise remote access such as reverse tunnels, trusted clusters and certificate authorities are deleted from backend.

If non-0 delay is specified, the access is scheduled to be removed after the specified interval.

func Encode 

func Encode(resources []UnknownResource, w io.Writer) error

Encode YAML-encodes the specified list of resources into w

func GetAlertSchema 

func GetAlertSchema() string

GetAlertSchema returns alert schema for version V2

func GetAlertTargetSchema 

func GetAlertTargetSchema() string

GetAlertTargetSchema returns alert target schema for version V2

func GetAllowedLogins 

func GetAllowedLogins(currentUser *user.User) []string

GetAllowedLogins returns a list of unix logins that are set by default for admin users, this feature is going to be deprecated once we will be able to set roles via UI

func GetAuthGatewaySchema 

func GetAuthGatewaySchema() string

GetAuthGatewaySchema returns the full auth gateway resource schema.

func GetClusterSchema 

func GetClusterSchema() string

GetClusterSchema returns cluster schema for V2 resource

func GetEndpointsSchema 

func GetEndpointsSchema() string

GetEndpointsSchema returns the endpoints resource schema

func GetEnvironmentSpecSchema 

func GetEnvironmentSpecSchema() string

GetEnvironmentSpecSchema returns the formatted JSON schema for the cluster runtime environment variables resource

func GetLocalPackage 

func GetLocalPackage(backend Backend) (*loc.Locator, error)

GetLocalPackage returns the local cluster application package

func GetLogForwarderSchema 

func GetLogForwarderSchema() string

GetLogForwarderSchema returns log forwarder JSON schema

func GetOperationSchema 

func GetOperationSchema() string

GetOperationSchema returns a cluster operation schema.

func GetPersistentStorageSchema 

func GetPersistentStorageSchema() string

GetPersistentStorageSchema returns the full persistent storage resource schema.

func GetReleaseSchema 

func GetReleaseSchema() string

GetReleaseSchema returns the full release resource schema.

func GetRepositorySchema 

func GetRepositorySchema() string

GetRepositorySchema returns V2 schema of the repository

func GetSMTPConfigSchema 

func GetSMTPConfigSchema() string

GetSMTPConfigSchema returns SMTP configuration schema for version V2

func GetSystemInfoSchema 

func GetSystemInfoSchema() string

GetSystemInfoSchema returns system information schema for version V2

func GetTLSKeyPairSchema 

func GetTLSKeyPairSchema() string

GetTLSKeyPairSchema returns TLS keypair schema for V2 resource

func GetTokenSchema 

func GetTokenSchema() string

GetTokenSchema returns token schema for V2 resource

func Hostnames 

func Hostnames(servers []Server) (hostnames []string)

Hostnames returns a list of hostnames for the provided servers

func IsValidOperationPhaseState 

func IsValidOperationPhaseState(state string) bool

IsValidOperationPhaseState returns true if the provided phase state is valid.

func MarshalAlert 

func MarshalAlert(alert Alert, opts ...teleservices.MarshalOption) ([]byte, error)

MarshalAlert marshals an alert into JSON

func MarshalAlertTarget 

func MarshalAlertTarget(target AlertTarget, opts ...teleservices.MarshalOption) ([]byte, error)

MarshalAlertTarget marshals an alert target into JSON

func MarshalAuthGateway 

func MarshalAuthGateway(gw AuthGateway, opts ...teleservices.MarshalOption) ([]byte, error)

MarshalAuthGateway marshals provided auth gateway resource to JSON.

func MarshalCluster 

func MarshalCluster(cluster Cluster, opts ...teleservices.MarshalOption) ([]byte, error)

MarshalCluster marshals cluster into JSON

func MarshalEndpoints 

func MarshalEndpoints(endpoints Endpoints, opts ...teleservices.MarshalOption) ([]byte, error)

MarshalEndpoints marshals the endpoints resource to JSON

func MarshalEnvironment 

func MarshalEnvironment(env EnvironmentVariables, opts ...teleservices.MarshalOption) ([]byte, error)

MarshalEnvironment marshals this resource as JSON

func MarshalOperation 

func MarshalOperation(operation Operation, opts ...services.MarshalOption) ([]byte, error)

MarshalOperation marshals operation resource as json.

func MarshalPersistentStorage 

func MarshalPersistentStorage(ps PersistentStorage, opts ...services.MarshalOption) ([]byte, error)

MarshalPersistentStorage marshals persistent storage resource into a json.

func MarshalRelease 

func MarshalRelease(release Release, opts ...services.MarshalOption) ([]byte, error)

MarshalRelease marshals provided release resource to JSON.

func MarshalRepository 

func MarshalRepository(r Repository, opts ...teleservices.MarshalOption) ([]byte, error)

MarshalRepository marshalls repository into JSON

func MarshalSMTPConfig 

func MarshalSMTPConfig(config SMTPConfig, opts ...teleservices.MarshalOption) ([]byte, error)

MarshalSMTPConfig marshals SMTP config into JSON

func MarshalSystemInfo 

func MarshalSystemInfo(info System, opts ...teleservices.MarshalOption) ([]byte, error)

MarshalSystemInfo marshals the specified system info object to JSON

func MarshalTLSKeyPair 

func MarshalTLSKeyPair(keyPair TLSKeyPair, opts ...teleservices.MarshalOption) ([]byte, error)

MarshalTLSKeyPair marshals TLS keypair into JSON

func MarshalTrustedCluster 

func MarshalTrustedCluster(cluster teleservices.TrustedCluster) ([]byte, error)

MarshalTrustedCluster marshals the provided trusted cluster into JSON

func MarshalUser 

func MarshalUser(u teleservices.User, opts ...teleservices.MarshalOption) ([]byte, error)

MarshalUser marshals user to some representation

func NewGithubConnector 

func NewGithubConnector(name string, spec teleservices.GithubConnectorSpecV3) *teleservices.GithubConnectorV3

NewGithubConnector returns a new Github connector with specified name and spec

func NewOIDCConnector 

func NewOIDCConnector(name string, spec teleservices.OIDCConnectorSpecV2) *teleservices.OIDCConnectorV2

NewOIDCConnector returns a new OIDC connector with specified name and spec

func NewSAMLConnector 

func NewSAMLConnector(name string, spec teleservices.SAMLConnectorSpecV2) *teleservices.SAMLConnectorV2

NewSAMLConnector returns a new SAML connector with specified name and spec

func UpsertCluster 

func UpsertCluster(backend Backend, cluster Site) error

UpsertCluster creates or updates cluster in the provided backend.

func UpsertOperation 

func UpsertOperation(backend Backend, operation SiteOperation) error

UpsertOperation creates or updates operation in the provided backend.

Types

type APIKey 

type APIKey struct {
	// Token is the api key itself
	Token string `json:"token"`
	// Expires is the key expiration time
	Expires time.Time `json:"expires"`
	// UserEmail is the name of the user the api key belongs to
	UserEmail string `json:"user_email"`
}

APIKey is a token that agent users use to access the API

func (*APIKey) Check 

func (a *APIKey) Check() error

Check checks api key for parameters

func (*APIKey) V2 

func (a *APIKey) V2() *TokenV2

V2 returns V2 from token spec

type APIKeys 

type APIKeys interface {
	// CreateAPIKey creates a new api key
	CreateAPIKey(APIKey) (*APIKey, error)
	// UpsertAPIKey creates or updates an api key
	UpsertAPIKey(APIKey) (*APIKey, error)
	// GetAPIKeys returns api keys for a user
	GetAPIKeys(username string) ([]APIKey, error)
	// GetAPIKey returns an api key entry by token
	GetAPIKey(token string) (*APIKey, error)
	// DeleteAPIKey deletes an api key
	DeleteAPIKey(username, token string) error
}

APIKeys provides operations with api keys

type AWSVariables 

type AWSVariables struct {
	// AMI is the Amazon Machine Image name
	AMI string `json:"ami"`
	// Region is the AWS region
	Region string `json:"region"`
	// AccessKey is the AWS API access key
	AccessKey string `json:"access_key"`
	// SecretKey is the AWS API secret key
	SecretKey string `json:"secret_key"`
	// SessionToken is the AWS API session token
	SessionToken string `json:"session_token"`
	// VPCID is the AWS VPC ID
	VPCID string `json:"vpc_id"`
	// VPCCIDR is the AWS VPC CIDR
	VPCCIDR string `json:"vpc_cidr"`
	// SubnetID is the AWS subnet ID
	SubnetID string `json:"subnet_id"`
	// SubnetCIDR is the AWS subnet CIDR
	SubnetCIDR string `json:"subnet_cidr"`
	// InternetGatewayID is the AWS internet gateway ID
	InternetGatewayID string `json:"igw_id"`
	// KeyPair is the AWS key pair name
	KeyPair string `json:"key_pair"`
}

AWSVariables is a set of operation variables specific to AWS provider

func (*AWSVariables) SetDefaults 

func (v *AWSVariables) SetDefaults()

SetDefaults fills in some unset fields with their default values if they have them

type Account 

type Account struct {
	// ID is a unique organization identifier
	ID string `json:"id"`
	// Org is organisation name
	Org string `json:"org"`
}

Account represents some organization or company that can have multiple sites

func (Account) String 

func (a Account) String() string

String returns a string representation of an account

type Accounts 

type Accounts interface {
	// CreateAccount creates account entry
	CreateAccount(a Account) (*Account, error)
	// DeleteAccount deletes account entry and all associated data, e.g.
	// sites and all site-specific stuff
	DeleteAccount(id string) error
	// GetAccounts returns list of accounts
	GetAccounts() ([]Account, error)
	// GetAccount returns account entry by it's id
	GetAccount(id string) (*Account, error)
}

Accounts collection modifies and updates account entries, where each account is related to some organization

type AgentProfile 

type AgentProfile struct {
	// Instructions defines the set of shell commands to download and start an agent
	// on a host
	Instructions string `json:"instructions"`
	// AgentURL is connection string for install agent
	AgentURL string `json:"agent_url"`
	// Token is the token used to connect to the agent server
	Token string `json:"token"`
}

type Alert 

type Alert interface {
	// Resource provides common resource methods
	teleservices.Resource
	// CheckAndSetDefaults that the object is valid
	CheckAndSetDefaults() error
	// GetGroupName returns the alerting rule group name
	GetGroupName() string
	// GetAlertName returns the alerting rule name
	GetAlertName() string
	// GetFormula returns the kapacitor formula
	GetFormula() string
	// GetDelay returns the delay before alert fires
	GetDelay() time.Duration
	// GetLabels returns the alerting rule labels
	GetLabels() map[string]string
	// GetAnnotations returns the alerting rule annotations
	GetAnnotations() map[string]string
}

Alert describes a monitoring alert

type AlertSpecV2 

type AlertSpecV2 struct {
	// GroupName optionally specifies alerting rule group.
	//
	// If not specified, group name will be constructed based on
	// the resource name.
	GroupName string `json:"group_name,omitempty"`
	// AlertName optionally specifies alerting rule name.
	//
	// If not specified, rule name will be equal to the resource name.
	AlertName string `json:"alert_name,omitempty"`
	// Formula defines a formula for kapacitor
	Formula string `json:"formula"`
	// Delay is an optional delay before firing an alert.
	Delay time.Duration `json:"duration,omitempty"`
	// Labels specifies additional labels to be attached to alert.
	Labels map[string]string `json:"labels,omitempty"`
	// Annotations specifies informational labels that can be used
	// to store longer additional information.
	Annotations map[string]string `json:"annotations,omitempty"`
}

AlertSpecV2 defines a monitoring alert

type AlertTarget 

type AlertTarget interface {
	// Resource provides common resource methods
	teleservices.Resource
	// CheckAndSetDefaults that the object is valid
	CheckAndSetDefaults() error
	// GetEmail returns the recipient's email
	GetEmail() string
}

AlertTarget describes a monitoring alert target

type AlertTargetSpecV2 

type AlertTargetSpecV2 struct {
	// Email specifies recipient's email
	Email string `json:"email"`
}

AlertTargetSpecV2 defines a monitoring alert target

type AlertTargetV2 

type AlertTargetV2 struct {
	// Metadata is resource metadata
	teleservices.Metadata `json:"metadata"`
	// Kind is a resource kind
	Kind string `json:"kind"`
	// Version is a resource version
	Version string `json:"version"`
	// Spec defines the alert target
	Spec AlertTargetSpecV2 `json:"spec"`
}

AlertTargetV2 defines a monitoring alert target

func UnmarshalAlertTarget 

func UnmarshalAlertTarget(data []byte) (*AlertTargetV2, error)

UnmarshalAlertTarget unmarshals an alert target from JSON

func (*AlertTargetV2) CheckAndSetDefaults 

func (r *AlertTargetV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults

func (*AlertTargetV2) GetEmail 

func (r *AlertTargetV2) GetEmail() string

GetEmail returns recipient's email

type AlertV2 

type AlertV2 struct {
	// Metadata is resource metadata
	teleservices.Metadata `json:"metadata"`
	// Kind is a resource kind
	Kind string `json:"kind"`
	// Version is a resource version
	Version string `json:"version"`
	// Spec defines the monitoring alert
	Spec AlertSpecV2 `json:"spec"`
}

AlertV2 defines a monitoring alert

func UnmarshalAlert 

func UnmarshalAlert(data []byte) (*AlertV2, error)

UnmarshalAlert unmarshals an alert from JSON

func (*AlertV2) CheckAndSetDefaults 

func (r *AlertV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults

func (*AlertV2) GetAlertName 

func (r *AlertV2) GetAlertName() string

GetAlertName returns the alerting rule name

func (*AlertV2) GetAnnotations 

func (r *AlertV2) GetAnnotations() map[string]string

GetAnnotations returns the alerting rule annotations

func (*AlertV2) GetDelay 

func (r *AlertV2) GetDelay() time.Duration

GetDelay returns the delay before alert fires

func (*AlertV2) GetFormula 

func (r *AlertV2) GetFormula() string

GetFormula returns alert's kapacitor formula

func (*AlertV2) GetGroupName 

func (r *AlertV2) GetGroupName() string

GetGroupName returns the alerting rule group name

func (*AlertV2) GetLabels 

func (r *AlertV2) GetLabels() map[string]string

GetLabels returns the alerting rule labels

type App 

type App interface {
	teleservices.Resource
	// GetRepository returns app repository
	GetRepository() string
}

App defines an app resource

type AppOperation 

type AppOperation struct {
	// Repository defines the repository of the application package
	Repository string `json:"repository"`
	// PackageName defines the name of the application package
	PackageName string `json:"package_name"`
	// PackageVersion defines the version of the application package
	PackageVersion string `json:"package_version"`
	// ID identifies the operation
	ID string `json:"operation_id"`
	// Type defines application operation type
	Type string `json:"type"`
	// Created specifies the time when the operation was created
	Created time.Time `json:"created"`
	// Updated specifies the time when the operation was last updated
	Updated time.Time `json:"updated"`
	// State represents current operation state
	State string `json:"state"`
}

AppOperation represents operations on applications e.g. updating or removing

func (*AppOperation) Check 

func (a *AppOperation) Check() error

type AppOperations 

type AppOperations interface {
	// CreateAppOperation creates a new application operation
	CreateAppOperation(op AppOperation) (*AppOperation, error)
	// GetAppOperation queries an operation in progress
	GetAppOperation(id string) (*AppOperation, error)
	// UpdateAppImportOperation updates an operation in progress
	UpdateAppOperation(op AppOperation) (*AppOperation, error)
}

AppOperations defines the interface to handle operations on applications

type AppProgressEntries 

type AppProgressEntries interface {
	// CreateAppProgressEntry adds a progress entry for the specified application
	CreateAppProgressEntry(p AppProgressEntry) (*AppProgressEntry, error)
	// GetLastAppProgressEntry queries the last progress entry for the specified application
	GetLastAppProgressEntry(operationID string) (*AppProgressEntry, error)
}

AppProgressEntries collection stores progress entries for the application operations

type AppProgressEntry 

type AppProgressEntry struct {
	// ID is auto generated ID
	ID string `json:"id"`
	// Repository defines the repository of the application package
	Repository string `json:"repository"`
	// PackageName defines the name of the application package
	PackageName string `json:"package_name"`
	// PackageVersion defines the version of the application package
	PackageVersion string `json:"package_version"`
	// OperationID identifies the application operation
	OperationID string `json:"operation_id"`
	// Created is a time when this entry was created
	Created time.Time `json:"created"`
	// Completion is a number from 0 (just started) to 100 (completed)
	Completion int `json:"completion"`
	// State is a string that indicates current operation state
	State string `json:"state"`
	// Message defines a text message describing the operation
	Message string `json:"message"`
}

AppProgressEntry is a structured entry indicating operation progress

func (*AppProgressEntry) Check 

func (a *AppProgressEntry) Check() error

type AppSpecV2 

type AppSpecV2 struct {
	// Repository is repository app belongs to
	Repository string `json:"repository"`
}

AppSpecV2 represents an app resource spec

type AppType 

type AppType string

AppType defines an application type 

const (
	// AppUser defines a type for user apps
	//
	// User apps are the ones that a user builds, publishes into
	// OpsCenters and installs (e.g. mattermost). These are the
	// only apps that are visible in OpsCenter by default.
	AppUser AppType = "user"

	// AppService defines a type for service apps
	//
	// Service apps are "building blocks" that cannot be installed
	// separately from a user app but provide essential services to
	// user apps that take dependency on them (e.g. dns, logging).
	AppService AppType = "service"

	// AppRuntime defines a type for runtime apps
	//
	// Runtime apps serve as a backbone for user apps, they are the
	// lowest-level base for any application (e.g. kubernetes of a
	// certain version).
	AppRuntime AppType = "runtime"
)

func (AppType) Check 

func (t AppType) Check() error

Check makes sure app type is valid

type AppV2 

type AppV2 struct {
	// Kind is resource kind, should be "app"
	Kind string `json:"kind"`
	// Version is the app version
	Version string `json:"version"`
	// Metadata is resource metadata
	Metadata teleservices.Metadata `json:"metadata"`
	// Spec is the app spec
	Spec AppSpecV2 `json:"spec"`
}

AppV2 represents an app resource format

func NewApp 

func NewApp(locator loc.Locator) *AppV2

NewApp creates a new app from the provided locator

func (*AppV2) Expiry 

func (a *AppV2) Expiry() time.Time

Expiry returns the resource expiration time

func (*AppV2) GetMetadata 

func (a *AppV2) GetMetadata() teleservices.Metadata

GetMetadata returns the app metadata

func (*AppV2) GetName 

func (a *AppV2) GetName() string

GetName returns the app name

func (*AppV2) GetRepository 

func (a *AppV2) GetRepository() string

GetRepository returns repository the app belongs to

func (*AppV2) SetExpiry 

func (a *AppV2) SetExpiry(expires time.Time)

SetExpiry sets the resource expiration time

func (*AppV2) SetName 

func (a *AppV2) SetName(name string)

SetName sets the app name

func (*AppV2) SetTTL 

func (a *AppV2) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets the resource TTL

type Application 

type Application struct {
	// Locator references the application package
	loc.Locator
	// Manifest is the application's manifest
	schema.Manifest
}

Application describes an application for the package cleaner

type Applications 

type Applications interface {
	// GetApplication queries an existing application
	GetApplication(repository, packageName, packageVersion string) (*Package, error)
	// GetApplications lists all applications for the specified repository
	GetApplications(repository string, appType AppType) ([]Package, error)
}

Applications defines operations on the site applications

type AssignKubernetesGroupsExpr 

type AssignKubernetesGroupsExpr struct {
	// Groups is a list of groups to assign
	Groups StringsExpr
}

AssignKubernetesGroupsExpr constructs function expression used in rules specifications that assigns kubernetes groups to the current user

func (AssignKubernetesGroupsExpr) String 

func (a AssignKubernetesGroupsExpr) String() string

String returns function call expression used in rules

type AuthGateway 

type AuthGateway interface {
	// Resource provides common resource methods.
	teleservices.Resource
	// CheckAndSetDefaults validates the resource and fills in some defaults.
	CheckAndSetDefaults() error
	// GetMaxConnections returns maximum allowed connections number.
	GetMaxConnections() int64
	// GetMaxUsers returns maximum allowed users number.
	GetMaxUsers() int
	// GetConnectionLimits returns all configured connection limits.
	GetConnectionLimits() *ConnectionLimits
	// SetConnectionLimits sets connection limits on the resource.
	SetConnectionLimits(ConnectionLimits)
	// GetClientIdleTimeout returns idle timeout for SSH sessions.
	GetClientIdleTimeout() *teleservices.Duration
	// SetClientIdleTimeout sets idle timeout setting on the resource.
	SetClientIdleTimeout(teleservices.Duration)
	// GetDisconnectExpiredCert returns whether ongoing SSH session will be
	// disconnected immediately upon certificate expiration.
	GetDisconnectExpiredCert() *teleservices.Bool
	// SetDisconnectExpiredCert sets expired cert policy setting on the resource.
	SetDisconnectExpiredCert(teleservices.Bool)
	// GetAuthentication returns authentication preference setting.
	GetAuthentication() *teleservices.AuthPreferenceSpecV2
	// SetAuthentication sets authentication preference setting on the resource.
	SetAuthentication(teleservices.AuthPreferenceSpecV2)
	// GetAuthPreference returns authentication preference resource.
	GetAuthPreference() (teleservices.AuthPreference, error)
	// SetAuthPreference sets authentication settings from the provided auth preference resource.
	SetAuthPreference(teleservices.AuthPreference) error
	// GetSSHPublicAddrs returns SSH public addresses.
	GetSSHPublicAddrs() []string
	// SetSSHPublicAddrs sets SSH public addresses on the resource.
	SetSSHPublicAddrs([]string)
	// GetKubernetesPublicAddrs returns Kubernetes public addresses.
	GetKubernetesPublicAddrs() []string
	// SetKubernetesPublicAddrs sets Kubernetes public addresses on the resource.
	SetKubernetesPublicAddrs([]string)
	// GetWebPublicAddrs returns web service public addresses.
	GetWebPublicAddrs() []string
	// SetWebPublicAddrs sets web service public addresses on the resource.
	SetWebPublicAddrs([]string)
	// GetPublicAddrs returns public addresses set for all services.
	GetPublicAddrs() []string
	// SetPublicAddrs sets public addresses that apply to all services.
	SetPublicAddrs([]string)
	// ApplyTo applies auth gateway settings to the provided auth gateway resource.
	ApplyTo(AuthGateway)
	// ApplyToTeleportConfig applies auth gateway settings to the provided Teleport config.
	ApplyToTeleportConfig(*teleconfig.FileConfig)
	// PrincipalsChanged returns true if list of principals is different b/w two auth gateway configs.
	PrincipalsChanged(AuthGateway) bool
	// SettingsChanged returns true is connection settings changed b/w two auth gateway configs.
	SettingsChanged(AuthGateway) bool
}

AuthGateway defines a resource that controls embedded Teleport configuration.

func DefaultAuthGateway 

func DefaultAuthGateway() AuthGateway

DefaultAuthGateway returns auth gateway resource with default parameters.

func NewAuthGateway 

func NewAuthGateway(spec AuthGatewaySpecV1) AuthGateway

NewAuthGateway creates a new auth gateway resource for the provided spec.

func UnmarshalAuthGateway 

func UnmarshalAuthGateway(data []byte) (AuthGateway, error)

UnmarshalAuthGateway unmarshals auth gateway resource from the provided JSON data.

type AuthGatewaySpecV1 

type AuthGatewaySpecV1 struct {
	// ConnectionLimits describes configured connection limits.
	ConnectionLimits *ConnectionLimits `json:"connection_limits,omitempty"`
	// ClientIdleTimeout is the idle session timeout.
	ClientIdleTimeout *teleservices.Duration `json:"client_idle_timeout,omitempty"`
	// DisconnectExpiredCert is whether expired certificate interrupts session.
	DisconnectExpiredCert *teleservices.Bool `json:"disconnect_expired_cert,omitempty"`
	// Authentication is authentication preferences.
	Authentication *teleservices.AuthPreferenceSpecV2 `json:"authentication,omitempty"`
	// PublicAddr sets public addresses for all Teleport services.
	PublicAddr *[]string `json:"public_addr,omitempty"`
	// SSHPublicAddr sets public addresses for proxy SSH service.
	SSHPublicAddr *[]string `json:"ssh_public_addr,omitempty"`
	// KubernetesPublicAddr sets public addresses for Kubernetes proxy service.
	KubernetesPublicAddr *[]string `json:"kubernetes_public_addr,omitempty"`
	// WebPublicAddr sets public addresses for web service.
	WebPublicAddr *[]string `json:"web_public_addr,omitempty"`
}

AuthGatewaySpecV1 defines the auth gateway resource specification.

type AuthGatewayV1 

type AuthGatewayV1 struct {
	// Kind is the resource kind.
	Kind string `json:"kind"`
	// Version is the resource version.
	Version string `json:"version"`
	// Metadata is the resource metadata.
	Metadata teleservices.Metadata `json:"metadata"`
	// Spec is the resource specification.
	Spec AuthGatewaySpecV1 `json:"spec"`
}

AuthGatewayV1 defines the auth gateway resource.

func (*AuthGatewayV1) ApplyTo 

func (gw *AuthGatewayV1) ApplyTo(other AuthGateway)

ApplyTo applies auth gateway settings to the provided other auth gateway.

Only non-nil settings are applied.

func (*AuthGatewayV1) ApplyToTeleportConfig 

func (gw *AuthGatewayV1) ApplyToTeleportConfig(config *teleconfig.FileConfig)

ApplyToTeleportConfig applies auth gateway settings to the provided config.

func (*AuthGatewayV1) CheckAndSetDefaults 

func (gw *AuthGatewayV1) CheckAndSetDefaults() error

CheckAndSetDefaults validates the resource and fills in some defaults.

func (*AuthGatewayV1) Expiry 

func (gw *AuthGatewayV1) Expiry() time.Time

Expiry returns the resource expiration time.

func (*AuthGatewayV1) GetAuthPreference 

func (gw *AuthGatewayV1) GetAuthPreference() (teleservices.AuthPreference, error)

GetAuthPreference returns authentication preference resource.

func (*AuthGatewayV1) GetAuthentication 

func (gw *AuthGatewayV1) GetAuthentication() *teleservices.AuthPreferenceSpecV2

GetAuthentication returns authentication preference setting.

func (*AuthGatewayV1) GetClientIdleTimeout 

func (gw *AuthGatewayV1) GetClientIdleTimeout() *teleservices.Duration

GetClientIdleTimeout returns the client idle timeout setting.

func (*AuthGatewayV1) GetConnectionLimits 

func (gw *AuthGatewayV1) GetConnectionLimits() *ConnectionLimits

GetConnectionLimits returns connection limit settings.

func (*AuthGatewayV1) GetDisconnectExpiredCert 

func (gw *AuthGatewayV1) GetDisconnectExpiredCert() *teleservices.Bool

GetDisconnectExpiredCert returns the expired certificate policy setting.

func (*AuthGatewayV1) GetKubernetesPublicAddrs 

func (gw *AuthGatewayV1) GetKubernetesPublicAddrs() []string

GetKubernetesPublicAddrs returns public addresses for Kubernetes proxy service.

func (*AuthGatewayV1) GetMaxConnections 

func (gw *AuthGatewayV1) GetMaxConnections() int64

GetMaxConnections returns max connections setting.

func (*AuthGatewayV1) GetMaxUsers 

func (gw *AuthGatewayV1) GetMaxUsers() int

GetMaxUsers returns max users setting.

func (*AuthGatewayV1) GetMetadata 

func (gw *AuthGatewayV1) GetMetadata() teleservices.Metadata

GetMetadata returns the resource metadata.

func (*AuthGatewayV1) GetName 

func (gw *AuthGatewayV1) GetName() string

GetName returns the resource name.

func (*AuthGatewayV1) GetPublicAddrs 

func (gw *AuthGatewayV1) GetPublicAddrs() []string

GetPublicAddrs returns public addresses for all services.

func (*AuthGatewayV1) GetSSHPublicAddrs 

func (gw *AuthGatewayV1) GetSSHPublicAddrs() []string

GetSSHPublicAddrs returns public addresses for proxy SSH service.

func (*AuthGatewayV1) GetWebPublicAddrs 

func (gw *AuthGatewayV1) GetWebPublicAddrs() (addrs []string)

GetWebPublicAddrs returns proxy web service public addresses.

func (*AuthGatewayV1) PrincipalsChanged 

func (gw *AuthGatewayV1) PrincipalsChanged(other AuthGateway) bool

PrincipalsChanged returns true if a list of principals is different between this and provided auth gateway configurations.

"Principals" are hostname parts of public addresses of different services that get encoded as SAN extensions (Subject Alternative Names) into their respective certificates.

func (*AuthGatewayV1) SetAuthPreference 

func (gw *AuthGatewayV1) SetAuthPreference(authPreference teleservices.AuthPreference) error

SetAuthPreference sets the authentication settings from the provided auth preference resource.

func (*AuthGatewayV1) SetAuthentication 

func (gw *AuthGatewayV1) SetAuthentication(value teleservices.AuthPreferenceSpecV2)

SetAuthentication sets authentication preference setting on the resource.

func (*AuthGatewayV1) SetClientIdleTimeout 

func (gw *AuthGatewayV1) SetClientIdleTimeout(value teleservices.Duration)

SetClientIdleTimeout sets the client idle timeout setting on the resource.

func (*AuthGatewayV1) SetConnectionLimits 

func (gw *AuthGatewayV1) SetConnectionLimits(value ConnectionLimits)

SetConnectionLimits sets connection limits settings on the resource.

func (*AuthGatewayV1) SetDisconnectExpiredCert 

func (gw *AuthGatewayV1) SetDisconnectExpiredCert(value teleservices.Bool)

SetDisconnectExpiredCert sets the expired certificate policy setting on the resource.

func (*AuthGatewayV1) SetExpiry 

func (gw *AuthGatewayV1) SetExpiry(expires time.Time)

SetExpiry sets the resource expiration time.

func (*AuthGatewayV1) SetKubernetesPublicAddrs 

func (gw *AuthGatewayV1) SetKubernetesPublicAddrs(value []string)

SetKubernetesPublicAddrs sets Kubernetes proxy service public addresses.

func (*AuthGatewayV1) SetName 

func (gw *AuthGatewayV1) SetName(name string)

SetName sets the resource name.

func (*AuthGatewayV1) SetPublicAddrs 

func (gw *AuthGatewayV1) SetPublicAddrs(value []string)

SetPublicAddrs sets public addresses for all services.

func (*AuthGatewayV1) SetSSHPublicAddrs 

func (gw *AuthGatewayV1) SetSSHPublicAddrs(value []string)

SetSSHPublicAddrs sets proxy SSH service public addresses.

func (*AuthGatewayV1) SetTTL 

func (gw *AuthGatewayV1) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets the resource TTL.

func (*AuthGatewayV1) SetWebPublicAddrs 

func (gw *AuthGatewayV1) SetWebPublicAddrs(value []string)

SetWebPublicAddrs sets proxy web service public addresses.

func (*AuthGatewayV1) SettingsChanged 

func (gw *AuthGatewayV1) SettingsChanged(other AuthGateway) bool

SettingsChanged returns true if connection settings are different between this and provided auth gateway configuration.

func (AuthGatewayV1) String 

func (gw AuthGatewayV1) String() string

String returns the object's string representation.

type Backend 

type Backend interface {
	io.Closer
	clockwork.Clock
	teleservices.Trust
	teleservices.Presence
	teleservices.Access
	ClusterConfiguration
	U2F
	Locks
	WebSessions
	UserTokens
	Tokens
	UserInvites
	Applications
	AppOperations
	AppProgressEntries
	Users
	APIKeys
	Connectors
	Accounts
	Sites
	SiteOperations
	ProgressEntries
	Repositories
	Permissions
	LoginEntries
	Migrations
	Peers
	Objects
	PackageChangesets
	Links
	ClusterImport
	LegacyRoles
	Charts
}

Backend is a combination of all collections and a couple of common methods like Closer

type Charts 

type Charts interface {
	// GetIndexFile returns the chart repository index file.
	GetIndexFile() (*repo.IndexFile, error)
	// CompareAndSwapIndexFile updates the chart repository index file.
	CompareAndSwapIndexFile(new, existing *repo.IndexFile) error
	// UpsertIndexFile creates or replaces chart repository index file.
	UpsertIndexFile(repo.IndexFile) error
}

Charts defines methods related to Helm chart repository functionality.

type CloudConfig 

type CloudConfig struct {
	// GCENodeTags lists additional node tags on GCE
	GCENodeTags []string `json:"gce_node_tags,omitempty"`
}

CloudConfig represents additional cloud provider-specific configuration

type Cluster 

type Cluster interface {
	// Resource provides common resource methods
	teleservices.Resource
	// CheckAndSetDefaults makes sure the cluster is valid
	CheckAndSetDefaults() error
	// SetApp sets the cluster app
	SetApp(string)
	// GetApp returns the cluster app
	GetApp() string
	// SetResources sets additional Kubernetes resources
	SetResources(string)
	// GetResources returns additional Kubernetes resources
	GetResources() string
	// SetLicense sets the cluster license
	SetLicense(string)
	// GetLicense returns the cluster license
	GetLicense() string
	// GetStatus returns cluster status
	GetStatus() string
	// GetProvider returns cluster provider
	GetProvider() string
	// GetAWSRegion returns region
	GetRegion() string
	// GetNodes returns cluster nodes
	GetNodes() []ClusterNodeSpecV2
}

Cluster contains a set of permissions or settings

func NewCluster 

func NewCluster(name string) Cluster

NewCluster returns instance of the new cluster

func NewClusterFromSite 

func NewClusterFromSite(site *Site) Cluster

NewClusterFromSite returns new cluster from stored site

func UnmarshalCluster 

func UnmarshalCluster(data []byte) (Cluster, error)

UnmarshalCluster unmarshals cluster from JSON

type ClusterAWSProviderSpecV2 

type ClusterAWSProviderSpecV2 struct {
	// Region is AWS region
	Region string `json:"region"`
	// VPC is VPC ID
	VPC string `json:"vpc,omitempty"`
	// KeyName is SSH key name
	KeyName string `json:"keyName"`
}

ClusterAWSProviderSpecV2 is AWS provider specification

type ClusterConfigData 

type ClusterConfigData struct {
	// ServiceSuffix specifies the suffix of the temporary DNS services with a ClusterIP
	// from a new service subnet when updating cluster service CIDR
	ServiceSuffix string `json:"service_suffix,omitempty"`
	// ServiceCIDR specifies the service IP range
	ServiceCIDR string `json:"service_cidr,omitempty"`
	// Services lists original service definitions as captured
	// prior to update
	Services []v1.Service `json:"services,omitempty"`
}

ClusterConfigData describes the configuration specific to cluster configuration update operation

type ClusterConfiguration 

type ClusterConfiguration interface {
	// SetClusterName gets services.ClusterName
	GetClusterName() (teleservices.ClusterName, error)
	// CreateClusterName creates teleservices.ClusterName
	CreateClusterName(teleservices.ClusterName) error
	// GetStaticTokens gets teleservices.StaticTokens
	GetStaticTokens() (teleservices.StaticTokens, error)
	// UpsertStaticTokens upserts teleservices.StaticToken
	UpsertStaticTokens(teleservices.StaticTokens) error
	// GetAuthPreference gets services.AuthPreference
	GetAuthPreference() (teleservices.AuthPreference, error)
	// UpsertAuthPreference upserts teleservices.AuthPreference
	UpsertAuthPreference(teleservices.AuthPreference) error
	// GetClusterConfig gets services.ClusterConfig
	GetClusterConfig() (teleservices.ClusterConfig, error)
	// UpsertClusterConfig upserts teeleservices.ClusterConfig
	UpsertClusterConfig(teleservices.ClusterConfig) error
}

ClusterConfiguration stores the cluster configuration in the DB.

type ClusterImport 

type ClusterImport interface {
	// GetClusterImportStatus returns the state of cluster state import - e.g. whether it has
	// already been done
	GetClusterImportStatus() (bool, error)
	// SetClusterImported marks cluster import as complete.
	// After cluster import has completed, no other site instance will attempt
	// to import the state
	SetClusterImported() error
}

ClusterImport defines the interface to manage status of cluster state import

type ClusterNodeSpecV2 

type ClusterNodeSpecV2 struct {
	// Profile is server profile
	Profile string `json:"profile"`
	// InstanceType is instance type to use
	InstanceType string `json:"instanceType"`
	// Count is count of instances
	Count int `json:"count"`
}

ClusterNodeSpecV2 is a spec of cluster node provisioned via AWS

type ClusterSpecV2 

type ClusterSpecV2 struct {
	// App is an application name
	App string `json:"app"`
	// Provider is a cloud provider name
	Provider string `json:"provider"`
	// AWS is AWS provider specification, used when provider is set to aws
	AWS *ClusterAWSProviderSpecV2 `json:"aws"`
	// Nodes is a list of node profiles with amount to create/update and instance types
	Nodes []ClusterNodeSpecV2 `json:"nodes"`
	// Resources is additional Kubernetes resources
	Resources string `json:"resources"`
	// License is the cluster license
	License string `json:"license"`
	// Status is a cluster status, initialized for existing clusters only
	Status string `json:"status,omitempty"`
}

ClusterSpecV2 is cluster V2 specification

type ClusterState 

type ClusterState struct {
	// Servers is a list of servers in the cluster
	Servers Servers `json:"servers"`
	// Docker specifies current cluster Docker configuration
	Docker DockerConfig `json:"docker"`
}

ClusterState defines the state of the cluster

func (*ClusterState) ClusterNodeSpec 

func (s *ClusterState) ClusterNodeSpec() []ClusterNodeSpecV2

ClusterNodeSpec converts Servers list to node spec

func (*ClusterState) FindServer 

func (s *ClusterState) FindServer(hostname string) (*Server, error)

FindServer returns a server by hostname

func (*ClusterState) FindServerByIP 

func (s *ClusterState) FindServerByIP(ip string) (*Server, error)

FindServerByIP returns a server by advertise IP

func (ClusterState) HasServer 

func (s ClusterState) HasServer(hostname string) bool

HasServer returns true if cluster state contains server with specified hostname

func (*ClusterState) ProfileMap 

func (s *ClusterState) ProfileMap() map[string][]Server

ProfileMap returns servers mapped by server profile

type ClusterV2 

type ClusterV2 struct {
	// Kind is a resource kind - always resource
	Kind string `json:"kind"`
	// Version is a resource version
	Version string `json:"version"`
	// Metadata is cluster metadata
	Metadata teleservices.Metadata `json:"metadata"`
	// Spec contains cluster specification
	Spec ClusterSpecV2 `json:"spec"`
}

ClusterV2 represents cluster resource specification

func (*ClusterV2) CheckAndSetDefaults 

func (c *ClusterV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults

func (*ClusterV2) Expiry 

func (c *ClusterV2) Expiry() time.Time

Expiry returns cluster expiration time

func (*ClusterV2) GetApp 

func (c *ClusterV2) GetApp() string

GetApp returns the cluster app

func (*ClusterV2) GetLicense 

func (c *ClusterV2) GetLicense() string

GetLicense returns the cluster license

func (*ClusterV2) GetMetadata 

func (c *ClusterV2) GetMetadata() teleservices.Metadata

GetMetadata returns cluster metadata

func (*ClusterV2) GetName 

func (c *ClusterV2) GetName() string

GetName returns cluster name and is a shortcut for GetMetadata().Name

func (*ClusterV2) GetNodes 

func (c *ClusterV2) GetNodes() []ClusterNodeSpecV2

GetNodes returns cluster nodes

func (*ClusterV2) GetProvider 

func (c *ClusterV2) GetProvider() string

GetProvider returns cluster provider

func (*ClusterV2) GetRegion 

func (c *ClusterV2) GetRegion() string

GetRegion returns the AWS region if specified

func (*ClusterV2) GetResources 

func (c *ClusterV2) GetResources() string

GetResources returns additional Kubernetes resources

func (*ClusterV2) GetStatus 

func (c *ClusterV2) GetStatus() string

GetStatus returns cluster status

func (*ClusterV2) SetApp 

func (c *ClusterV2) SetApp(app string)

SetApp sets the cluster application

func (*ClusterV2) SetExpiry 

func (c *ClusterV2) SetExpiry(expires time.Time)

SetExpiry sets cluster expiration time

func (*ClusterV2) SetLicense 

func (c *ClusterV2) SetLicense(license string)

SetLicense sets the cluster license

func (*ClusterV2) SetName 

func (c *ClusterV2) SetName(name string)

SetName sets cluster name

func (*ClusterV2) SetResources 

func (c *ClusterV2) SetResources(resources string)

SetResources sets additional Kubernetes resources

func (*ClusterV2) SetTTL 

func (c *ClusterV2) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets Expires header using realtime clock

type ConnectionLimits 

type ConnectionLimits struct {
	// MaxConnections is the maximum number of connections to auth/proxy services.
	MaxConnections *int64 `json:"max_connections,omitempty"`
	// MaxUsers is the maximum number of simultaneously connected users.
	MaxUsers *int `json:"max_users,omitempty"`
}

ConnectionLimits defines connection limits setting on auth gateway resource.

func (*ConnectionLimits) Check 

func (l *ConnectionLimits) Check() error

Check validates the limits settings.

func (ConnectionLimits) String 

func (l ConnectionLimits) String() string

String returns the object's string representation.

type Connectors 

type Connectors interface {
	// UpsertOIDCConnector upserts OIDC Connector
	UpsertOIDCConnector(teleservices.OIDCConnector) error
	// DeleteOIDCConnector deletes OIDC Connector
	DeleteOIDCConnector(connectorID string) error
	// GetOIDCConnector returns OIDC connector data, withSecrets adds or removes client secret from return results
	GetOIDCConnector(id string, withSecrets bool) (teleservices.OIDCConnector, error)
	// GetOIDCConnectors returns registered connectors, withSecrets adds or removes client secret from return results
	GetOIDCConnectors(withSecrets bool) ([]teleservices.OIDCConnector, error)
	// CreateOIDCAuthRequest creates new auth request
	CreateOIDCAuthRequest(req teleservices.OIDCAuthRequest) error
	// GetOIDCAuthRequest returns OIDC auth request if found
	GetOIDCAuthRequest(stateToken string) (*teleservices.OIDCAuthRequest, error)
	// GetUserByOIDCIdentity returns a user by its specified OIDC Identity, returns first
	// user specified with this identity
	GetUserByOIDCIdentity(id teleservices.ExternalIdentity) (teleservices.User, error)
	// GetUserBySAMLIdentity returns a user by its specified SAML Identity, returns first
	// user specified with this identity
	GetUserBySAMLIdentity(id teleservices.ExternalIdentity) (teleservices.User, error)
	// GetUserByGithubIdentity returns a user by its specified Github Identity, returns first
	// user specified with this identity
	GetUserByGithubIdentity(id teleservices.ExternalIdentity) (teleservices.User, error)
	// CreateSAMLConnector creates SAML Connector
	CreateSAMLConnector(connector teleservices.SAMLConnector) error
	// UpsertSAMLConnector upserts SAML Connector
	UpsertSAMLConnector(connector teleservices.SAMLConnector) error
	// DeleteSAMLConnector deletes SAML Connector
	DeleteSAMLConnector(connectorID string) error
	// GetSAMLConnector returns SAML connector data, withSecrets adds or removes secrets from return results
	GetSAMLConnector(id string, withSecrets bool) (teleservices.SAMLConnector, error)
	// GetSAMLConnectors returns registered connectors, withSecrets adds or removes secret from return results
	GetSAMLConnectors(withSecrets bool) ([]teleservices.SAMLConnector, error)
	// CreateSAMLAuthRequest creates new auth request
	CreateSAMLAuthRequest(req teleservices.SAMLAuthRequest, ttl time.Duration) error
	// GetSAMLAuthRequest returns SAML auth request if found
	GetSAMLAuthRequest(id string) (*teleservices.SAMLAuthRequest, error)
	// CreateGithubConnector creates a new Github connector
	CreateGithubConnector(connector teleservices.GithubConnector) error
	// UpsertGithubConnector creates or updates a new Github connector
	UpsertGithubConnector(connector teleservices.GithubConnector) error
	// GetGithubConnectors returns all configured Github connectors
	GetGithubConnectors(withSecrets bool) ([]teleservices.GithubConnector, error)
	// GetGithubConnector returns a Github connector by its name
	GetGithubConnector(name string, withSecrets bool) (teleservices.GithubConnector, error)
	// DeleteGithubConnector deletes a Github connector by its name
	DeleteGithubConnector(name string) error
	// CreateGithubAuthRequest creates a new auth request for Github OAuth2 flow
	CreateGithubAuthRequest(req teleservices.GithubAuthRequest) error
	// GetGithubAuthRequest retrieves Github auth request by the token
	GetGithubAuthRequest(stateToken string) (*teleservices.GithubAuthRequest, error)
}

Connectors manages OIDC connectors (OpenID connect configurations)

type ContainsExpr 

type ContainsExpr struct {
	// Left is a left argument of Contains expression
	Left Expr
	// Right is a right argument of Contains expression
	Right Expr
}

ContainsExpr constructs function expression used in rules specifications that checks if one value contains the other, e.g. contains([]string{"a"}, "b") where left is []string{"a"} and right is "b"

func (ContainsExpr) String 

func (i ContainsExpr) String() string

String returns function call expression used in rules

type DNSConfig 

type DNSConfig struct {
	// Addrs lists local cluster DNS server IP addresses
	Addrs []string `json:"addrs"`
	// Port specifies the DNS port to use for dns
	Port int `json:"port"`
}

DNSConfig describes a DNS server

func GetDNSConfig 

func GetDNSConfig(backend LocalBackend, fallback DNSConfig) (config *DNSConfig, err error)

GetDNSConfig returns the DNS configuration from the backend using fallback if no configuration is available

func (DNSConfig) Addr 

func (r DNSConfig) Addr() string

Addr returns the DNS server address as ip:port. Requires that !r.IsEmpty.

func (DNSConfig) IsEmpty 

func (r DNSConfig) IsEmpty() bool

IsEmpty returns whether this configuration is empty

func (DNSConfig) String 

func (r DNSConfig) String() string

String returns textual representation of this DNS configuration

type DNSOverrides 

type DNSOverrides struct {
	// Hosts maps a hostname to an IP address it will resolve to
	Hosts map[string]string `json:"hosts"`
	// Zones maps a DNS zone to nameservers it will be served by
	Zones map[string][]string `json:"zones"`
}

DNSOverrides defines a cluster's DNS host/zone overrides

func (DNSOverrides) FormatHosts 

func (d DNSOverrides) FormatHosts() string

FormatHosts formats host overrides to a string

func (DNSOverrides) FormatZones 

func (d DNSOverrides) FormatZones() string

FormatZones formats zone overrides to a string

type Device 

type Device struct {
	// Name identifies the device
	Name DeviceName `json:"name"`
	// Type defines the type of device: disk or partition
	Type DeviceType `json:"type"`
	// SizeMB of the device in MB
	SizeMB uint64 `json:"size_mb"`
}

Device defines a device on a host: block device or a partition

func (Device) MarshalJSON 

func (r Device) MarshalJSON() ([]byte, error)

MarshalJSON serializes this device as text

func (Device) Path 

func (r Device) Path() string

Path returns the absolute path to the device node in /dev

func (*Device) UnmarshalJSON 

func (r *Device) UnmarshalJSON(p []byte) error

UnmarshalJSON interpets input as either a Device or a device name (backwards-compatibility)

type DeviceName 

type DeviceName string

DeviceName identifies a device by name

func (DeviceName) MarshalText 

func (r DeviceName) MarshalText() ([]byte, error)

MarshalText formats device as text with full path

func (DeviceName) Path 

func (r DeviceName) Path() string

Path builds the device node path (in /dev)

func (*DeviceName) UnmarshalText 

func (r *DeviceName) UnmarshalText(p []byte) error

UnmarshalText reads device name from text

type DeviceType 

type DeviceType string

DeviceType defines a device type 

const (
	// DeviceDisk defines a block device
	DeviceDisk DeviceType = "disk"
	// DevicePartition defines a partition on a device
	DevicePartition DeviceType = "part"
)

type Devices 

type Devices []Device

Devices defines a list of devices

func (Devices) GetByName 

func (r Devices) GetByName(name DeviceName) Device

GetByName looks up a device by name

type Docker 

type Docker struct {
	// Device defines the block device (disk or partition) to use
	// for a devicemapper configuration
	Device Device `json:"device"`
	// LVMSystemDirectory specifies the location of lvm system directory
	// if the storage driver is `devicemapper`
	LVMSystemDirectory string `json:"system_directory"`
}

Docker defines the configuration specific to docker

type DockerConfig 

type DockerConfig struct {
	// StorageDriver specifies a storage driver to use
	StorageDriver string `json:"storage_driver,omitempty"`
	// Args specifies additional options to the docker daemon
	Args []string `json:"args,omitempty"`
}

DockerConfig overrides Docker configuration for the cluster

func (DockerConfig) Check 

func (r DockerConfig) Check() error

Check makes sure the docker config is correct

func (DockerConfig) IsEmpty 

func (r DockerConfig) IsEmpty() bool

IsEmpty returns whether this configuration is empty

type ElectionChange 

type ElectionChange struct {
	// EnableServers is a list of servers that we should enable elections on
	EnableServers []Server `json:"enable_server,omitempty" yaml:"enable_server,omitempty"`
	// DisableServers is a list of servers that we should disable elections on
	DisableServers []Server `json:"disable_servers,omitempty" yaml:"disable_servers,omitempty"`
}

ElectionChange describes changes to make to cluster elections

type Endpoints 

type Endpoints interface {
	// Resource provides common resource methods
	teleservices.Resource
	// CheckAndSetDefaults makes sure the resource is valid
	CheckAndSetDefaults() error
	// GetPublicAddr returns the public advertise addr
	GetPublicAddr() string
	// GetAgentsAddr returns the agents advertise addr
	GetAgentsAddr() string
}

Endpoints represents a resource that allows to customize advertise addresses used for user and cluster communication

func NewEndpoints 

func NewEndpoints(spec EndpointsSpecV2) Endpoints

NewEndpoints creates a new endpoints resource from the provided spec

func UnmarshalEndpoints 

func UnmarshalEndpoints(data []byte) (Endpoints, error)

UnmarshalEndpoints unmarshals the endpoints resource from JSON

type EndpointsSpecV2 

type EndpointsSpecV2 struct {
	// PublicAddr is the Ops Center endpoint for user traffic
	PublicAddr string `json:"public_advertise_addr"`
	// AgentsAddr is the Ops Center endpoint for cluster traffic
	AgentsAddr string `json:"agents_advertise_addr"`
}

EndpointsSpecV2 is the endpoints resource spec

type EndpointsV2 

type EndpointsV2 struct {
	// Kind is the resource kind
	Kind string `json:"kind"`
	// Version is the resource version
	Version string `json:"version"`
	// Metadata is the resource metadata
	Metadata teleservices.Metadata `json:"metadata"`
	// Spec is the resource spec
	Spec EndpointsSpecV2 `json:"spec"`
}

EndpointsV2 represents the endpoints resource

func (*EndpointsV2) CheckAndSetDefaults 

func (e *EndpointsV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults

func (*EndpointsV2) Expiry 

func (e *EndpointsV2) Expiry() time.Time

Expiry returns the resource expiration time

func (*EndpointsV2) GetAgentsAddr 

func (e *EndpointsV2) GetAgentsAddr() string

GetAgentsAddr returns the agents advertise address

func (*EndpointsV2) GetMetadata 

func (e *EndpointsV2) GetMetadata() teleservices.Metadata

GetMetadata returns the resource metadata

func (*EndpointsV2) GetName 

func (e *EndpointsV2) GetName() string

GetName returns the resource name

func (*EndpointsV2) GetPublicAddr 

func (e *EndpointsV2) GetPublicAddr() string

GetPublicAddr returns the public advertise address

func (*EndpointsV2) SetExpiry 

func (e *EndpointsV2) SetExpiry(expires time.Time)

SetExpiry sets the resource expiration time

func (*EndpointsV2) SetName 

func (e *EndpointsV2) SetName(name string)

SetName sets the resource name

func (*EndpointsV2) SetTTL 

func (e *EndpointsV2) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets the resource TTL

type EnvironmentSpec 

type EnvironmentSpec struct {
	// KeyValues specifies the environment
	KeyValues map[string]string `json:"data"`
}

EnvironmentSpec defines the environment variable resource

type EnvironmentV1 

type EnvironmentV1 struct {
	// Kind is a resource kind
	Kind string `json:"kind"`
	// Version is a resource version
	Version string `json:"version"`
	// Metadata specifies resource metadata
	Metadata teleservices.Metadata `json:"metadata"`
	// Spec defines the resource
	Spec EnvironmentSpec `json:"spec"`
}

EnvironmentV1 describes the cluster runtime environment variables resource

func NewEnvironment 

func NewEnvironment(kvs map[string]string) *EnvironmentV1

NewEnvironment creates a new instance of the resource

func (*EnvironmentV1) CheckAndSetDefaults 

func (r *EnvironmentV1) CheckAndSetDefaults() error

CheckAndSetDefaults validates this resource and sets defaults

func (*EnvironmentV1) Expiry 

func (r *EnvironmentV1) Expiry() time.Time

Expiry returns expiration time

func (*EnvironmentV1) GetKeyValues 

func (r *EnvironmentV1) GetKeyValues() map[string]string

GetKeyValues returns the values of environment variables from this resource

func (*EnvironmentV1) GetMetadata 

func (r *EnvironmentV1) GetMetadata() teleservices.Metadata

GetMetadata returns resource metadata

func (*EnvironmentV1) GetName 

func (r *EnvironmentV1) GetName() string

GetName returns the name of the resource name

func (*EnvironmentV1) SetExpiry 

func (r *EnvironmentV1) SetExpiry(expires time.Time)

SetExpiry resets expiration time to the specified value

func (*EnvironmentV1) SetName 

func (r *EnvironmentV1) SetName(name string)

SetName resets the resource name to the specified value

func (*EnvironmentV1) SetTTL 

func (r *EnvironmentV1) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL resets the resources's time to live to the specified value using given clock implementation

type EnvironmentVariables 

type EnvironmentVariables interface {
	// Resource provides common resource methods
	teleservices.Resource
	// CheckAndSetDefaults validates this resource and sets defaults
	CheckAndSetDefaults() error
	// GetKeyValues returns the values of environment variables from this resource
	GetKeyValues() map[string]string
}

EnvironmentVariables defines the cluster runtime environment variables resource. It allows to override runtime environment variables on each node in the cluster. There is only a single instance of the resource in a cluster

func UnmarshalEnvironmentVariables 

func UnmarshalEnvironmentVariables(data []byte) (EnvironmentVariables, error)

UnmarshalEnvironmentVariables unmarshals the resource from YAML/JSON given with data

type EqualsExpr 

type EqualsExpr struct {
	// Left is a left argument of Equals expression
	Left Expr
	// Value to check
	Right Expr
}

EqualsExpr constructs function expression used in rules specifications that checks if one value is equal to another e.g. equals("a", "b") where Left is "a" and right is "b"

func (EqualsExpr) String 

func (i EqualsExpr) String() string

String returns function call expression used in rules

type Expr 

type Expr interface {
	// String serializes expression into format parsed by rules engine
	// (golang based syntax)
	String() string
}

Expr is an expression

type Filesystem 

type Filesystem struct {
	// DirName specifies the name of the directory where the file system is mounted
	DirName string `json:"dir_name"`
	// Type is the file system type
	Type string `json:"type"`
}

Filesystem describes a mounted file system

type FilesystemStats 

type FilesystemStats map[string]FilesystemUsage

FilesystemStats maps a directory name to usage information

type FilesystemUsage 

type FilesystemUsage struct {
	// TotalKB is the amount of space on a file system, in kilobytes (KB)
	TotalKB uint64 `json:"total"`
	// FreeKB is the amount of free space on a file system, in kilobytes (KB)
	FreeKB uint64 `json:"free"`
}

FilesystemUsage describes usage for a mounted file system

type GarbageCollectOperationData 

type GarbageCollectOperationData struct {
	// RemoteApps lists remote applications known to cluster
	RemoteApps []Application `json:"remote_apps,omitempty" yaml:"remote_apps,omitempty"`
}

GarbageCollectOperationData describes configuration for the garbage collect operation

type IdentifierExpr 

type IdentifierExpr string

IdentifierExpr is identifier expression

func (IdentifierExpr) String 

func (i IdentifierExpr) String() string

String serializes identifier expression into format parsed by rules engine

type InstallExpandOperationState 

type InstallExpandOperationState struct {
	// Profiles contains certain details about servers provisioned during
	// the operation, e.g. roles, counts, instance types
	Profiles map[string]ServerProfile `json:"profiles"`
	// Servers defines (user-affected) configuration of each active server
	// instance
	Servers Servers `json:"servers"`
	// Agents defines the list of agent attributes (like download instructions,
	// etc.) to use on the client
	Agents map[string]AgentProfile `json:"agents"`
	// Subnets describes selected overlay/service network subnets for this
	// operation
	Subnets Subnets `json:"subnets"`
	// Vars is a set of variables specific to this operation, e.g. AWS
	// credentials or region
	Vars OperationVariables `json:"vars"`
	// Package is the application being installed
	Package loc.Locator `json:"package"`
}

InstallExpandOperationState defines the state of an install or expand operation

type InstallOperationData 

type InstallOperationData struct {
	// Env specifies optional cluster environment variables to add
	Env map[string]string `json:"env,omitempty"`
	// Config specifies optional cluster configuration resource
	Config []byte `json:"config,omitempty"`
	// Resources specifies optional Kubernetes resources to create
	Resources []byte `json:"resources,omitempty"`
	// GravityResources specifies optional Gravity resources to create upon successful installation
	GravityResources []UnknownResource `json:"gravity_resources,omitempty"`
}

InstallOperationData describes configuration for the install operation

type InstallToken 

type InstallToken struct {
	// Token is a unique randomly generated character sequence
	Token string `json:"token"`
	// Expires sets the token expiry time, zero time if never expires
	Expires time.Time `json:"expires"`
	// AccountID is the account this signup token
	// is associated with in case if that's user signup token
	AccountID string `json:"account_id"`
	// SiteDomain defines a site this token will be associated with
	// once the installation has started
	SiteDomain string `json:"site_domain"`
	// Application defines the application package this token is bound to.
	// Only set for one-time installations
	Application *loc.Locator `json:"application,omitempty"`
	// UserEmail links this token to a user with permissions to execute a one-time
	// installation of a specific site
	UserEmail string `json:"user_email"`
	// UserType defines the type of user to create and associate with this token
	UserType string `json:"type"`
}

InstallToken defines a one-time installation token

func (*InstallToken) Check 

func (p *InstallToken) Check() error

type Leader 

type Leader interface {
	// AddWatch starts watching the key for changes and sending them
	// to the valuesC channel.
	AddWatch(key string, retry time.Duration, valuesC chan string)

	// AddVoter adds a new voter.
	// The voter will participate in the election until paused with StepDown
	// The voter can be cancelled via the specified context.
	AddVoter(ctx context.Context, key, value string, term time.Duration) error

	// StepDown instructs the voter to pause election and give up its leadership
	StepDown()
}

Leader describes a leader election campaign

type LegacyRoles 

type LegacyRoles interface {
	// UpsertV1Role creates or updates V2 role
	// used for migration purposes
	UpsertV2Role(role RoleV2) error
}

LegacyRoles is used in testing 

type Links interface {
	// UpsertOpsCenterLink updates or creates new OpsCenter link
	UpsertOpsCenterLink(l OpsCenterLink, ttl time.Duration) (*OpsCenterLink, error)
	// GetOpsCenterLinks returns a list of OpsCenter links
	GetOpsCenterLinks(siteDomain string) ([]OpsCenterLink, error)
}

Links is a legacy an interface for remote Ops Center links which have been superseded by trusted clusters, kept only for migration purposes

type LocalBackend 

type LocalBackend interface {
	Backend
	// SystemMetadata manages node-local system metadata
	SystemMetadata
}

LocalBackend represents the node-local backend

type Locks 

type Locks interface {
	// AcquireLock grabs a lock that will be released automatically in ttl time
	// blocks until lock is available
	AcquireLock(token string, ttl time.Duration) error

	// TryAcquireLock grabs a lock that will be released automatically in ttl time
	// tries once and either succeeds right away or fails
	TryAcquireLock(token string, ttl time.Duration) error

	// ReleaseLock releases lock by token name
	ReleaseLock(token string) error
}

Locks is the locking service

type LogForwarder 

type LogForwarder interface {
	teleservices.Resource
	// GetAddress returns log forwarder address
	GetAddress() string
	// GetProtocol returns log forwarder protocol
	GetProtocol() string
	// CheckAndSetDefaults validates log forwarder configuration
	CheckAndSetDefaults() error
}

LogForwarder describes a log forwarder resource

func NewLogForwarder 

func NewLogForwarder(name, address, protocol string) LogForwarder

NewLogForwarder creates a new log forwarder

func NewLogForwarderFromV1 

func NewLogForwarderFromV1(l LogForwarderV1) LogForwarder

NewLogForwarderFromV1 creates a new log forwarder from legacy format

type LogForwarderMarshaler 

type LogForwarderMarshaler interface {
	// Unmarshal unmarshals log forwarder
	Unmarshal([]byte) (LogForwarder, error)
	// Marshal marshals log forwarder
	Marshal(LogForwarder, ...teleservices.MarshalOption) ([]byte, error)
}

LogForwarderMarshaler defines methods to marshal/unmarshal log forwarders

func GetLogForwarderMarshaler 

func GetLogForwarderMarshaler() LogForwarderMarshaler

GetLogForwarderMarshaler returns log forwarder marshaler

type LogForwarderSpecV2 

type LogForwarderSpecV2 struct {
	// Address is log forwarder address
	Address string `json:"address"`
	// Protocol is log forwarder protocol
	Protocol string `json:"protocol,omitempty"`
}

LogForwarderSpecV2 is the log forwarder spec

type LogForwarderV1 

type LogForwarderV1 struct {
	// Address is log forwarder address
	Address string `json:"address"`
	// Protocol is log forwarder protocol
	Protocol string `json:"protocol"`
}

LogForwarderV1 is the legacy log forwarder spec

type LogForwarderV2 

type LogForwarderV2 struct {
	// Kind is the resource kind, "logforwarder"
	Kind string `json:"kind"`
	// Version is the resource version, "v2"
	Version string `json:"version"`
	// Metadata contains log forwarder metadata
	Metadata teleservices.Metadata `json:"metadata"`
	// Spec is log forwarder spec
	Spec LogForwarderSpecV2 `json:"spec"`
}

LogForwarderV2 represents log forwarder resource

func (*LogForwarderV2) CheckAndSetDefaults 

func (l *LogForwarderV2) CheckAndSetDefaults() error

CheckAndSetDefaults validates log forwarder configuration

func (*LogForwarderV2) Expiry 

func (l *LogForwarderV2) Expiry() time.Time

Expiry returns log forwarder expiration time

func (*LogForwarderV2) GetAddress 

func (l *LogForwarderV2) GetAddress() string

GetAddress returns log forwarder address

func (*LogForwarderV2) GetMetadata 

func (l *LogForwarderV2) GetMetadata() teleservices.Metadata

GetMetadata returns log forwarder metadata

func (*LogForwarderV2) GetName 

func (l *LogForwarderV2) GetName() string

GetName returns log forwarder name

func (*LogForwarderV2) GetProtocol 

func (l *LogForwarderV2) GetProtocol() string

GetProtocol returns log forwarder protocol

func (*LogForwarderV2) SetExpiry 

func (l *LogForwarderV2) SetExpiry(expires time.Time)

SetExpiry sets log forwarder expiration time

func (*LogForwarderV2) SetName 

func (l *LogForwarderV2) SetName(name string)

SetName sets log forwarder name

func (*LogForwarderV2) SetTTL 

func (l *LogForwarderV2) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets log forwarder TTL

type LoginEntries 

type LoginEntries interface {
	UpsertLoginEntry(l LoginEntry) (*LoginEntry, error)
	GetLoginEntries() ([]LoginEntry, error)
	GetLoginEntry(opsCenterURL string) (*LoginEntry, error)
	DeleteLoginEntry(opsCenterURL string) error
	GetCurrentOpsCenter() string
	SetCurrentOpsCenter(string) error
}

LoginEntries store local agent logins with remote portals

type LoginEntry 

type LoginEntry struct {
	// Email is user email
	Email string `yaml:"email"`
	// Password is a password or token
	Password string `yaml:"token"`
	// OpsCenterURL is URL of the OpsCenter
	OpsCenterURL string `yaml:"opscenter"`
	// Expires is optional setting when this token/password expires
	Expires time.Time `yaml:"expires"`
	// AccountID is account id this user belongs to
	AccountID string `yaml:"account_id"`
	// Created is when the entry was created
	Created time.Time `yaml:"created"`
}

LoginEntry represents local agent login with remote portal, used to pull and push packages

func GetClusterAgentCreds 

func GetClusterAgentCreds(backend Backend, clusterName string, needAdmin bool) (*LoginEntry, error)

GetClusterAgentCreds returns credentials for cluster agent

  • for regular nodes, this is unprivileged cluster agent that can pull updates
  • for master nodes, this is privileged agent, that can also do some cluster administration

func GetClusterLoginEntry 

func GetClusterLoginEntry(backend Backend) (*LoginEntry, error)

GetClusterLoginEntry returns login entry for the local cluster

func (*LoginEntry) Check 

func (l *LoginEntry) Check() error

func (LoginEntry) String 

func (l LoginEntry) String() string

String returns the login entry string representation

type Memory 

type Memory struct {
	// Total is the amount of physical RAM, in kilobytes (kB)
	Total uint64 `json:"total"`
	// Free is the amount of physical RAM left unused, in kilobytes (kB)
	Free uint64 `json:"free"`
	// ActualFree is the amount of free RAM
	// (accounting for kernel-allocated memory), in kilobytes
	ActualFree uint64 `json:"actual_free"`
}

Memory describes RAM parameters on a system

type Migrations 

type Migrations interface {
	// SchemaVersion returns the version of the schema
	SchemaVersion() (int, error)
}

Migrations defines an interface to schema migration management

type Mount 

type Mount struct {
	// Name identifies the mount
	Name string `json:"name"`
	// Source is the directory to mount
	Source string `json:"source"`
	// Destination is the mount destination directory
	Destination string `json:"destination"`
	// CreateIfMissing is whether to create the source directory if it doesn't exist
	CreateIfMissing bool `json:"create_if_missing"`
	// SkipIfMissing is whether to avoid mounting a directory if the source does not exist
	// on host
	SkipIfMissing bool `json:"skip_if_missing"`
	// UID sets UID for a volume path on the host
	UID *int `json:"uid,omitempty"`
	// GID sets GID for a volume path on the host
	GID *int `json:"gid,omitempty"`
	// Mode sets file mode for a volume path on the host
	// accepts octal format
	Mode string `json:"mode,omitempty"`
	// Recursive means that all mount points inside this mount should also be mounted
	Recursive bool `json:"recursive,omitempty"`
}

Mount describes a mount on a server

type NDMConfig 

type NDMConfig struct {
	// ProbeConfigs contains probes NDM performs when discovering devices.
	ProbeConfigs []*NDMProbe `yaml:"probeconfigs"`
	// FilterConfigs contains filters NDM considers when discovering devices.
	FilterConfigs []*NDMFilter `yaml:"filterconfigs"`
}

NDMConfig represents the OpenEBS Node Device Manager configuration.

func DefaultNDMConfig 

func DefaultNDMConfig() *NDMConfig

DefaultNDMConfig returns a default NDM config.

func NDMConfigFromConfigMap 

func NDMConfigFromConfigMap(cm *v1.ConfigMap) (*NDMConfig, error)

NDMConfigFromConfigMap creates NDM config from the provided config map.

func (*NDMConfig) Apply 

func (c *NDMConfig) Apply(ps PersistentStorage)

Apply applies parameters from the provided resource to this configuration.

func (*NDMConfig) DeviceExcludes 

func (c *NDMConfig) DeviceExcludes() []string

DeviceExcludes returns device exclude filter.

func (*NDMConfig) DeviceIncludes 

func (c *NDMConfig) DeviceIncludes() []string

DeviceIncludes returns device include filter.

func (*NDMConfig) MountExcludes 

func (c *NDMConfig) MountExcludes() []string

MountExcludes returns mount exclude filter.

func (*NDMConfig) SetDeviceExcludes 

func (c *NDMConfig) SetDeviceExcludes(excludes []string)

SetDeviceExcludes sets device exclude filter.

func (*NDMConfig) SetDeviceIncludes 

func (c *NDMConfig) SetDeviceIncludes(includes []string)

SetDeviceIncludes sets device include filter.

func (*NDMConfig) SetMountExcludes 

func (c *NDMConfig) SetMountExcludes(excludes []string)

SetMountExcludes sets mount exclude filter.

func (*NDMConfig) SetVendorExcludes 

func (c *NDMConfig) SetVendorExcludes(excludes []string)

SetVendorExcludes sets vendor exclude filter.

func (*NDMConfig) SetVendorIncludes 

func (c *NDMConfig) SetVendorIncludes(includes []string)

SetVendorIncludes sets vendor include filter.

func (*NDMConfig) ToConfigMap 

func (c *NDMConfig) ToConfigMap() (*v1.ConfigMap, error)

ToConfigMap creates a config map from this NDM config.

func (*NDMConfig) VendorExcludes 

func (c *NDMConfig) VendorExcludes() []string

VendorExcludes returns vendor exclude filter.

func (*NDMConfig) VendorIncludes 

func (c *NDMConfig) VendorIncludes() []string

VendorIncludes returns vendor include filter.

type NDMFilter 

type NDMFilter struct {
	// Name is the filter name.
	Name string `yaml:"name"`
	// Key is the filter id.
	Key string `yaml:"key"`
	// State is the filter state (enabled/disabled).
	State bool `yaml:"state"`
	// Include is a list of includes for this filter.
	Include string `yaml:"include,omitempty"`
	// Exclude is a list of excludes for this filter.
	Exclude string `yaml:"exclude,omitempty"`
}

NDMFilter represents a single NDM filter.

type NDMProbe 

type NDMProbe struct {
	// Name is the probe name.
	Name string `yaml:"name"`
	// Key is the probe id.
	Key string `yaml:"key"`
	// State is the probe state (enabled/disabled).
	State bool `yaml:"state"`
}

NDMProbe represents a single NDM probe configuration.

type NetworkInterface 

type NetworkInterface struct {
	// IPv4 address assigned to the interface
	IPv4 string `json:"ipv4_addr"`
	// Name is the interface name
	Name string `json:"name"`
}

NetworkInterface represents a network interface

type OSInfo 

type OSInfo struct {
	// ID defines the system with a single word ID: `ubuntu` or `rhel`
	ID string `json:"name"`
	// Like defines the system as being similar to given ones: `debian` or `rhel fedora`
	Like []string `json:"like,omitempty"`
	// Version defines the numeric version of the system: `7.2`
	Version string `json:"version"`
}

OSInfo describes an operating system using several attributes like operating system ID and a version number

type OSUser 

type OSUser struct {
	// Name of the user. Not empty if this describes an existing user
	Name string `json:"name"`
	// UID specifies the user ID
	UID string `json:"uid"`
	// GID specifies the group ID
	GID string `json:"gid"`
}

OSUser describes a user on host.

func DefaultOSUser 

func DefaultOSUser() OSUser

func (OSUser) IsEmpty 

func (r OSUser) IsEmpty() bool

IsEmpty determines if this user is empty. User is not empty if it has a name.

type Objects 

type Objects interface {
	GetObjects() ([]string, error)
	UpsertObjectPeers(hash string, peers []string, expires time.Duration) error
	GetObjectPeers(hash string) ([]string, error)
	DeleteObjectPeers(hash string, peers []string) error
	DeleteObject(hash string) error
}

Objects stores binary objects metadata

type OnPremVariables 

type OnPremVariables struct {
	// PodCIDR specifies the network range for pods
	PodCIDR string `json:"pod_cidr"`
	// ServiceCIDR specifies the network range for services
	ServiceCIDR string `json:"service_cidr"`
	// VxlanPort is the overlay network port
	VxlanPort int `json:"vxlan_port"`
}

OnPremVariables is a set of operation variables specific to onprem provider

type OpenEBS 

type OpenEBS struct {
	// Filters is a list of filters OpenEBS will use when discovering devices.
	Filters OpenEBSFilters `json:"filters"`
}

OpenEBS represents OpenEBS configuration.

type OpenEBSFilter 

type OpenEBSFilter struct {
	// Include defines filters to include when discovering devices.
	Include []string `json:"include,omitempty"`
	// Exclude defines filters to exclude when discovering devices.
	Exclude []string `json:"exclude,omitempty"`
}

OpenEBSFilter represents a single filter type.

type OpenEBSFilters 

type OpenEBSFilters struct {
	// MountPoints filters devices based on directory mount points.
	MountPoints OpenEBSFilter `json:"mountPoints"`
	// Vendors filters devices based on their vendor names.
	Vendors OpenEBSFilter `json:"vendors"`
	// Devices filters devices based on their names.
	Devices OpenEBSFilter `json:"devices"`
}

OpenEBSFilters is a list of filters OpenEBS will use when discovering devices.

type Operation 

type Operation interface {
	// Resource provides common resource methods.
	services.Resource
	// CheckAndSetDefaults validates the object and sets defaults.
	CheckAndSetDefaults() error
	// GetType returns the operation type.
	GetType() string
	// GetCreates returns the operation created timestamp.
	GetCreated() time.Time
	// GetState returns the operation state.
	GetState() string
	// GetInstall returns install operation data.
	GetInstall() OperationInstall
	// GetExpand returns expand operation data.
	GetExpand() OperationExpand
	// GetShrink returns shrink operation data.
	GetShrink() OperationShrink
	// GetUpgrade returns upgrade operation data.
	GetUpgrade() OperationUpgrade
	// GetUpdateEnviron returns environment update operation data.
	GetUpdateEnviron() OperationUpdateEnviron
	// GetUpdateConfig returns runtime configuration update operation data.
	GetUpdateConfig() OperationUpdateConfig
	// GetReconfigure returns reconfigure operation data.
	GetReconfigure() OperationReconfigure
}

Operation represents a single cluster operation.

func UnmarshalOperation 

func UnmarshalOperation(data []byte) (Operation, error)

UnmarshalOperation unmarshals operation resource from json.

type OperationExpand 

type OperationExpand struct {
	// Node is the joining node.
	Node OperationNode `json:"node"`
}

OperationExpand contains expand specific parameters.

type OperationInstall 

type OperationInstall struct {
	// Nodes is a list of nodes participating in installation.
	Nodes []OperationNode `json:"nodes"`
}

OperationInstall contains install specific parameters.

type OperationNode 

type OperationNode struct {
	// IP is the node advertise IP address.
	IP string `json:"ip"`
	// Hostname is the node hostname.
	Hostname string `json:"hostname"`
	// Role is the node role.
	Role string `json:"role"`
}

OperationNode describes an operation node.

func (OperationNode) String 

func (n OperationNode) String() string

String returns the node human friendly description.

type OperationPhase 

type OperationPhase struct {
	// ID is the ID of the phase within operation
	ID string `json:"id"`
	// Executor is function which should execute this phase
	Executor string `json:"executor"`
	// Description is verbose description of the phase
	Description string `json:"description,omitempty" yaml:"description,omitempty"`
	// State is the current phase state
	State string `json:"state,omitempty" yaml:"state,omitempty"`
	// Step maps the phase to its corresponding step on the UI progress screen
	Step int `json:"step"`
	// Phases is the list of sub-phases the phase consists of
	Phases []OperationPhase `json:"phases,omitempty" yaml:"phases,omitempty"`
	// Requires is a list of phase names that need to be
	// completed before this phase can be executed
	Requires []string `json:"requires,omitempty" yaml:"requires,omitempty"`
	// LimitParallel enables x parallel executions of sub phases.
	LimitParallel int `json:"num_parallel"`
	// Updated is the last phase update time
	Updated time.Time `json:"updated,omitempty" yaml:"updated,omitempty"`
	// Data is optional phase-specific data attached to the phase
	Data *OperationPhaseData `json:"data,omitempty" yaml:"data,omitempty"`
	// Error is the error that happened during phase execution
	Error *trace.RawTrace `json:"error,omitempty"`
}

OperationPhase represents a single operation plan phase

func (OperationPhase) GetLastUpdateTime 

func (p OperationPhase) GetLastUpdateTime() time.Time

GetLastUpdateTime returns the phase last updated time

func (OperationPhase) GetState 

func (p OperationPhase) GetState() string

GetState returns the phase state based on the states of all its subphases

func (OperationPhase) HasSubphases 

func (p OperationPhase) HasSubphases() bool

HasSubphases returns true if the phase has 1 or more subphases

func (OperationPhase) IsCompleted 

func (p OperationPhase) IsCompleted() bool

IsCompleted returns true if the phase is in "completed" state

func (OperationPhase) IsFailed 

func (p OperationPhase) IsFailed() bool

IsFailed returns true if the phase is in "failed" state

func (OperationPhase) IsInProgress 

func (p OperationPhase) IsInProgress() bool

IsInProgress returns true if the phase is in "in progress" state

func (OperationPhase) IsRolledBack 

func (p OperationPhase) IsRolledBack() bool

IsRolledBack returns true if the phase is in "rolled back" state

func (OperationPhase) IsUnstarted 

func (p OperationPhase) IsUnstarted() bool

IsUnstarted returns true if the phase is in "unstarted" state

type OperationPhaseData 

type OperationPhaseData struct {
	// Server is the server the phase operates on
	Server *Server `json:"server,omitempty" yaml:"server,omitempty"`
	// ExecServer is an optional server the phase is supposed to be executed on.
	// If unspecified, the Server is used
	ExecServer *Server `json:"exec_server,omitempty" yaml:"exec_server,omitempty"`
	// Master is the selected master node the phase needs access to
	Master *Server `json:"master,omitempty" yaml:"master,omitempty"`
	// Package is the package locator for the phase, e.g. update package
	Package *loc.Locator `json:"package,omitempty" yaml:"package,omitempty"`
	// Labels can optionally identify the package
	Labels map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"`
	// InstalledPackage references the installed application package
	InstalledPackage *loc.Locator `json:"installed_package,omitempty" yaml:"installed_package,omitempty"`
	// RuntimePackage references the update runtime package
	RuntimePackage *loc.Locator `json:"runtime_package,omitempty" yaml:"runtime_package,omitempty"`
	// ElectionChange describes changes to make to cluster elections
	ElectionChange *ElectionChange `json:"election_status,omitempty" yaml:"election_status,omitempty"`
	// Agent is the credentials of the agent that should be logged in
	Agent *LoginEntry `json:"agent,omitempty" yaml:"agent,omitempty"`
	// License is the cluster license
	License []byte `json:"license,omitempty" yaml:"license,omitempty"`
	// TrustedCluster is the resource data for a trusted cluster representing an Ops Center
	TrustedCluster []byte `json:"trusted_cluster_resource,omitempty" yaml:"trusted_cluster_resource,omitempty"`
	// Storage is the persistent storage resource configuration.
	Storage []byte `json:"storage_resource,omitempty" yaml:"storage_resource,omitempty"`
	// Values are helm values in a marshaled yaml format
	Values []byte `json:"values,omitempty" yaml:"values,omitempty"`
	// ServiceUser specifies the optional service user to use as a context
	// for file operations
	ServiceUser *OSUser `json:"service_user,omitempty" yaml:"service_user,omitempty"`
	// Data is arbitrary text data to provide to a phase executor
	Data string `json:"data,omitempty" yaml:"data,omitempty"`
	// Pull contains applications and packages that should be pulled
	Pull *PullData `json:"pull,omitempty" yaml:"pull,omitempty"`
	// GarbageCollect specifies configuration specific to garbage collect operation
	GarbageCollect *GarbageCollectOperationData `json:"garbage_collect,omitempty" yaml:"garbage_collect,omitempty"`
	// Update specifies configuration specific to update operations
	Update *UpdateOperationData `json:"update,omitempty" yaml:"update,omitempty"`
	// Install specifies configuration specific to install operation
	Install *InstallOperationData `json:"install,omitempty" yaml:"install,omitempty"`
}

OperationPhaseData represents data attached to an operation phase

type OperationPlan 

type OperationPlan struct {
	// OperationID is the ID of the operation the plan belongs to
	OperationID string `json:"operation_id"`
	// OperationType is the type of the operation the plan belongs to
	OperationType string `json:"operation_type"`
	// AccountID is the ID of the account initiated the operation
	AccountID string `json:"account_id"`
	// ClusterName is the name of the cluster for the operation
	ClusterName string `json:"cluster_name"`
	// Phases is the list of phases the plan consists of
	Phases []OperationPhase `json:"phases"`
	// Servers is the list of all cluster servers
	Servers []Server `json:"servers"`
	// OfflineCoordinator is the server leading/coordinating the upgrade across the cluster, and will have a local copy
	// of completed plan phases if the underlying state sync (etcd) is offline
	OfflineCoordinator *Server `json:"lead_master"`
	// GravityPackage is the gravity package locator to update to
	GravityPackage loc.Locator `json:"gravity_package"`
	// CreatedAt is the plan creation timestamp
	CreatedAt time.Time `json:"created_at"`
	// DNSConfig specifies cluster DNS configuration
	DNSConfig DNSConfig `json:"dns_config"`
}

OperationPlan represents a plan of an operation as a collection of phases

func (OperationPlan) Check 

func (p OperationPlan) Check() error

Check makes sure operation plan is valid

func (*OperationPlan) GetLeafPhases 

func (p *OperationPlan) GetLeafPhases() (result []OperationPhase)

GetLeafPhases flattens the plan and returns all phases that do not have any subphases in the order they appear in the plan.

For instance, for the following plan

  • /init
  • /node-1
  • /node-2
  • /checks

it will return ["/init/node-1", "/init/node-2", "/checks"].

func (*OperationPlan) IsStarted 

func (p *OperationPlan) IsStarted() bool

IsStarted returns true if the operation plan has already started.

func (*OperationPlan) Len 

func (p *OperationPlan) Len() int

Len returns the number of leaf phases the plan consists of.

type OperationReconfigure 

type OperationReconfigure struct {
	// IP is the new advertise IP address.
	IP string `json:"ip"`
}

OperationReconfigure contains reconfiguration specific parameters.

type OperationShrink 

type OperationShrink struct {
	// Node is the node that's leaving.
	Node OperationNode `json:"node"`
}

OperationShrink contains shrink specific parameters.

type OperationSpecV2 

type OperationSpecV2 struct {
	// Type is the operation type.
	Type string `json:"type"`
	// Created is when the operation was created.
	Created time.Time `json:"created"`
	// State is the operation state.
	State string `json:"state"`
	// Install is install operation data.
	Install *OperationInstall `json:"install,omitempty"`
	// Expand is expand operation data.
	Expand *OperationExpand `json:"expand,omitempty"`
	// Shrink is shrink operation data.
	Shrink *OperationShrink `json:"shrink,omitempty"`
	// Upgrade is upgrade operation data.
	Upgrade *OperationUpgrade `json:"upgrade,omitempty"`
	// UpdateEnviron is environment update operation data.
	UpdateEnviron *OperationUpdateEnviron `json:"updateEnviron,omitempty"`
	// UpdateConfig is runtime configuration update operation data.
	UpdateConfig *OperationUpdateConfig `json:"updateConfig,omitempty"`
	// Reconfigure is advertise IP reconfiguration operation data.
	Reconfigure *OperationReconfigure `json:"reconfigure,omitempty"`
}

OperationSpecV2 is the operation resource spec.

type OperationUpdateConfig 

type OperationUpdateConfig struct {
	// Config is the new runtime config.
	Config []byte `json:"config"`
}

OperationUpdateConfig contains configuration update specific parameters.

type OperationUpdateEnviron 

type OperationUpdateEnviron struct {
	// Env is the new environment.
	Env map[string]string `json:"env"`
}

OperationUpdateEnviron contains environment update specific parameters.

type OperationUpgrade 

type OperationUpgrade struct {
	// Package is the upgrade package.
	Package loc.Locator `json:"package"`
}

OperationUpgrade contains upgrade specific parameters.

type OperationV2 

type OperationV2 struct {
	// Kind is the operation resource kind.
	Kind string `json:"kind"`
	// Version is the operation resource version.
	Version string `json:"version"`
	// Metadata is the operation metadata.
	Metadata services.Metadata `json:"metadata"`
	// Spec is the operation spec.
	Spec OperationSpecV2 `json:"spec"`
}

OperationV2 is the operation resource definition.

func (*OperationV2) CheckAndSetDefaults 

func (o *OperationV2) CheckAndSetDefaults() error

CheckAndSetDefaults validates operation resource and sets defaults.

func (*OperationV2) Expiry 

func (o *OperationV2) Expiry() time.Time

Expiry returns the resource expiration time.

func (*OperationV2) GetCreated 

func (o *OperationV2) GetCreated() time.Time

GetCreated returns the operation created timestamp.

func (*OperationV2) GetExpand 

func (o *OperationV2) GetExpand() OperationExpand

GetExpand returns expand operation data.

func (*OperationV2) GetInstall 

func (o *OperationV2) GetInstall() OperationInstall

GetInstall returns install operation data.

func (*OperationV2) GetMetadata 

func (o *OperationV2) GetMetadata() services.Metadata

GetMetadata returns operation metadata.

func (*OperationV2) GetName 

func (o *OperationV2) GetName() string

GetName returns operation id.

func (*OperationV2) GetReconfigure 

func (o *OperationV2) GetReconfigure() OperationReconfigure

GetReconfigure returns reconfigure operation data.

func (*OperationV2) GetShrink 

func (o *OperationV2) GetShrink() OperationShrink

GetShrink returns shrink operation data.

func (*OperationV2) GetState 

func (o *OperationV2) GetState() string

GetState returns the operation state.

func (*OperationV2) GetType 

func (o *OperationV2) GetType() string

GetType returns the operation type.

func (*OperationV2) GetUpdateConfig 

func (o *OperationV2) GetUpdateConfig() OperationUpdateConfig

GetUpdateConfig returns runtime configuration update operation data.

func (*OperationV2) GetUpdateEnviron 

func (o *OperationV2) GetUpdateEnviron() OperationUpdateEnviron

GetUpdateEnviron returns environment update operation data.

func (*OperationV2) GetUpgrade 

func (o *OperationV2) GetUpgrade() OperationUpgrade

GetUpgrade returns upgrade operation data.

func (*OperationV2) SetExpiry 

func (o *OperationV2) SetExpiry(expires time.Time)

SetExpiry sets the resource expiration time.

func (*OperationV2) SetName 

func (o *OperationV2) SetName(id string)

SetName sets operation id.

func (*OperationV2) SetTTL 

func (o *OperationV2) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets the resource ttl.

type OperationVariables 

type OperationVariables struct {
	// System is a set of variables common for each provider
	System SystemVariables `json:"system"`
	// OnPrem is a set of onprem-specific variables
	OnPrem OnPremVariables `json:"onprem"`
	// AWS is a set of AWS-specific variables
	AWS AWSVariables `json:"aws"`
	// Values are helm values in a marshaled yaml format
	Values []byte `json:"values,omitempty"`
}

OperationVariables is operation-specific set of variables

func (OperationVariables) ToMap 

func (v OperationVariables) ToMap() (map[string]interface{}, error)

ToMap converts operation variables into a JSON object for easier use in templates 

type OpsCenterLink struct {
	// SiteDomain is the domain name of the site
	SiteDomain string `json:"site_domain"`
	// Hostname is OpsCenter hostname we are connected to
	Hostname string `json:"hostname"`
	// Type is a link type (e.g. updates, remote_access)
	Type string `json:"type"`
	// RemoteAddr is a remote address used for updates or remote access
	RemoteAddr string `json:"remote_address"`
	// APIURL is a URL of remote ops center
	APIURL string `json:"api_url"`
	// Enabled is whether this link is enabled
	Enabled bool `json:"enabled"`
	// User defines an optional user context to use for remote access
	User *RemoteAccessUser `json:"user"`
	// Wizard indicates whether this is a link to a wizard
	Wizard bool `json:"wizard"`
}

OpsCenterLink is a link between remote OpsCenter and a local site

func (*OpsCenterLink) Check 

func (l *OpsCenterLink) Check() error

Check checks if OpsCenter link parameters are correct

type Package 

type Package struct {
	// Repository is a package repository
	Repository string `json:"repository"`
	// Name is a full package name
	Name string `json:"name"`
	// Version is a package version in SemVer format
	Version string `json:"version"`
	// SHA512 is a sha512 hash of the data in storage
	SHA512 string `json:"checksum"`
	// SizePytes is a package size in bytes
	SizeBytes int `json:"size_bytes"`
	// Created is the time the package was created at
	Created time.Time `json:"created"`
	// CreatedBy is the email of a user who created the package
	CreatedBy string `json:"created_by"`
	// RuntimeLabels are optional key=value pairs metadata that
	// can be assigned to a package, they are not a part of
	// the package, and assigned at a run time,
	// they are useful for denoting packages currently installed
	// in the system
	RuntimeLabels map[string]string `json:"runtime_labels"`
	// Type defines the type of the package
	Type string `json:"type"`
	// Hidden defines the package visibility
	Hidden bool `json:"hidden"`
	// Encrypted indicates whether the package data is encrypted
	Encrypted bool `json:"encrypted"`
	// Manifest defines the application manifest for an application package
	Manifest []byte `json:"manifest"`
	// Base refers to the package this application is based on
	Base *Package `json:"base,omitempty"`
}

Package is any named and versioned blob with an optional manifest

func (*Package) Check 

func (p *Package) Check() error

func (*Package) Locator 

func (p *Package) Locator() loc.Locator

Locator returns new locator from the package repository, name and version

func (*Package) SetRuntimeLabel 

func (p *Package) SetRuntimeLabel(name, val string)

SetRuntimeLabel sets runtime label name and value for the package

func (Package) String 

func (p Package) String() string

type PackageChangeset 

type PackageChangeset struct {
	ID string `json:"id"`
	// Changes is a list of package updates
	Changes []PackageUpdate `json:"changes"`
	// Created is the time when this update was created
	Created time.Time `json:"created"`
}

PackageChangeset is a set of package updates from one version to another

func (*PackageChangeset) Check 

func (u *PackageChangeset) Check() error

Check checks the validity of this object

func (*PackageChangeset) ReversedChanges 

func (u *PackageChangeset) ReversedChanges() []PackageUpdate

ReversedChanges returns changeset with all changes inversed

func (PackageChangeset) String 

func (u PackageChangeset) String() string

String returns user-friendly representation of this update

type PackageChangesets 

type PackageChangesets interface {
	// CreatePackageChangeset creates new changeset
	CreatePackageChangeset(u PackageChangeset) (*PackageChangeset, error)
	// GetPackageChangesets lists package changesets
	GetPackageChangesets() ([]PackageChangeset, error)
	// GetPackageChangeset returns update by id
	GetPackageChangeset(id string) (*PackageChangeset, error)
}

PackageChangesets tracks server local package changes - updates and downgrades

type PackageUpdate 

type PackageUpdate struct {
	// From is currently installed version
	From loc.Locator `json:"from"`
	// To is the target version
	To loc.Locator `json:"to"`
	// Labels defines optional identifying set of labels
	Labels map[string]string `json:"labels,omitempty"`
	// ConfigPackage specifies optional configuration package dependency
	ConfigPackage *PackageUpdate `json:"config_package,omitempty"`
}

PackageUpdate represents package change from one version to another

func (*PackageUpdate) String 

func (u *PackageUpdate) String() string

String formats this update as human-readable text

type Peer 

type Peer struct {
	ID            string    `json:"id"`
	AdvertiseAddr string    `json:"advertise_addr"`
	LastHeartbeat time.Time `json:"last_heartbeat"`
}

Peer is a peer node of the package management service

func (*Peer) Check 

func (p *Peer) Check() error

func (Peer) String 

func (p Peer) String() string

type Peers 

type Peers interface {
	GetPeers() ([]Peer, error)
	UpsertPeer(p Peer) error
	DeletePeer(id string) error
}

type Permission 

type Permission struct {
	// UserEmail this the user this rule refers to
	UserEmail string `json:"user_email"`

	// Action on object, one of create, read, delete
	Action string `json:"action"`

	// Collection is a collection this rule refers to e.g. "repository"
	Collection string `json:"collection"`

	// Collection ID, e.g. repository name, can be empty in case
	// if there is only one object
	CollectionID string `json:"collection_id"`
}

Permission represent action that user can perform on objects in certain collections e.g. user can read packages from gravitational repository:

<UserID: install-agent> has permission to <Action: read> packages to <Collection: repository> <CollectionID: gravitational>

e.g. user can add new repositories

<UserID: admin> has permission to <Action: create> repositories in <Collection: portal_repositories>

func (*Permission) Check 

func (p *Permission) Check() error

func (Permission) String 

func (p Permission) String() string

type Permissions 

type Permissions interface {
	CreatePermission(p Permission) (*Permission, error)
	GetPermission(p Permission) (*Permission, error)
	GetUserPermissions(email string) ([]Permission, error)
	DeletePermissionsForUser(email string) error
}

Permissions collection manages repository access rules - read, create, delete

type PersistentStorage 

type PersistentStorage interface {
	// Resource provides common resource methods.
	services.Resource
	// CheckAndSetDefaults validates the object and sets defaults.
	CheckAndSetDefaults() error
	// GetMountExcludes returns mount points to exclude when discovering devices.
	GetMountExcludes() []string
	// GetVendorIncludes returns vendor names to include when discovering devices.
	GetVendorIncludes() []string
	// GetVendorExcludes returns vendor names to exclude when discovering devices.
	GetVendorExcludes() []string
	// GetDeviceIncludes returns device names to include when discovering devices.
	GetDeviceIncludes() []string
	// GetDeviceExcludes returns device names to exclude when discovering devices.
	GetDeviceExcludes() []string
}

PersistentStorage represents persistent storage configuration resource.

func DefaultPersistentStorage 

func DefaultPersistentStorage() PersistentStorage

DefaultPersistentStorage returns a new default persistent storage resource.

func NewPersistentStorage 

func NewPersistentStorage(spec PersistentStorageSpecV1) PersistentStorage

NewPersistentStorage creates a new persistent storage resource from the provided spec.

func PersistentStorageFromNDMConfig 

func PersistentStorageFromNDMConfig(c *NDMConfig) PersistentStorage

PersistentStorageFromNDMConfig creates a new persistent storage resource from the provided Node Device Manager configuration.

func UnmarshalPersistentStorage 

func UnmarshalPersistentStorage(data []byte) (PersistentStorage, error)

UnmarshalPersistentStorage unmarshals provided data into persistent storage resource.

type PersistentStorageSpecV1 

type PersistentStorageSpecV1 struct {
	// OpenEBS contains OpenEBS configuration.
	OpenEBS OpenEBS `json:"openebs"`
}

PersistentStorageSpecV1 is persistent storage resource spec.

type PersistentStorageV1 

type PersistentStorageV1 struct {
	// Kind is the resource kind, always PersistentStorage.
	Kind string `json:"kind"`
	// Version is the resource version.
	Version string `json:"version"`
	// Metadata is the resource metadata.
	Metadata services.Metadata `json:"metadata"`
	// Spec is the resource spec.
	Spec PersistentStorageSpecV1 `json:"spec"`
}

PersistentStorageV1 represents a persistent storage resource.

func (*PersistentStorageV1) CheckAndSetDefaults 

func (ps *PersistentStorageV1) CheckAndSetDefaults() error

CheckAndSetDefaults validates the resources and sets defaults.

func (*PersistentStorageV1) Expiry 

func (ps *PersistentStorageV1) Expiry() time.Time

Expiry returns the resource expiration time.

func (*PersistentStorageV1) GetDeviceExcludes 

func (ps *PersistentStorageV1) GetDeviceExcludes() []string

GetDeviceExcludes returns device names to exclude when discovering devices.

func (*PersistentStorageV1) GetDeviceIncludes 

func (ps *PersistentStorageV1) GetDeviceIncludes() []string

GetDeviceIncludes returns device names to include when discovering devices.

func (*PersistentStorageV1) GetMetadata 

func (ps *PersistentStorageV1) GetMetadata() services.Metadata

GetMetadata returns the resource metadata.

func (*PersistentStorageV1) GetMountExcludes 

func (ps *PersistentStorageV1) GetMountExcludes() []string

GetMountExcludes returns mount points to exclude when discovering devices.

func (*PersistentStorageV1) GetName 

func (ps *PersistentStorageV1) GetName() string

GetName returns the resource name.

func (*PersistentStorageV1) GetVendorExcludes 

func (ps *PersistentStorageV1) GetVendorExcludes() []string

GetVendorExcludes returns vendor names to exclude when discovering devices.

func (*PersistentStorageV1) GetVendorIncludes 

func (ps *PersistentStorageV1) GetVendorIncludes() []string

GetVendorIncludes returns vendor names to include when discovering devices.

func (*PersistentStorageV1) SetExpiry 

func (ps *PersistentStorageV1) SetExpiry(expires time.Time)

SetExpiry sets the resource expiration time.

func (*PersistentStorageV1) SetName 

func (ps *PersistentStorageV1) SetName(name string)

SetName sets the resource name.

func (*PersistentStorageV1) SetTTL 

func (ps *PersistentStorageV1) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets the resource TTL.

type PlanChange 

type PlanChange struct {
	// ID is the change ID
	ID string `json:"id"`
	// ClusterName is the name of the cluster for the operation
	ClusterName string `json:"cluster_name"`
	// OperationID is the ID of the operation this change is for
	OperationID string `json:"operation_id"`
	// PhaseID is the ID of the phase the change refers to
	PhaseID string `json:"phase_id"`
	// PhaseIndex is an optional index number of the phase in the plan
	PhaseIndex int `json:"phase_index,omitempty"`
	// NewState is the state the phase moved into
	NewState string `json:"new_state"`
	// Created is the change timestamp
	Created time.Time `json:"created"`
	// Error is the error that happened during phase execution
	Error *trace.RawTrace `json:"error"`
}

PlanChange represents a single operation plan state change

type PlanChangelog 

type PlanChangelog []PlanChange

PlanChangelog is a list of plan state changes

func (PlanChangelog) Latest 

func (c PlanChangelog) Latest(phaseID string) *PlanChange

Latest returns the most recent plan change entry for the specified phase

type Process 

type Process struct {
	// Name is the process executable name
	Name string `json:"name"`
	// PID is the process ID
	PID int `json:"pid"`
}

Process represents a running process

type ProgressEntries 

type ProgressEntries interface {
	// CreateProgressEntry adds a progress entry for this site
	CreateProgressEntry(p ProgressEntry) (*ProgressEntry, error)
	// GetLastProgressEntry gets a progress entry for this site
	GetLastProgressEntry(siteDomain, operationID string) (*ProgressEntry, error)
}

ProgressEntries collection stores progress entries for the operations

type ProgressEntry 

type ProgressEntry struct {
	// ID is auto generated ID
	ID string `json:"id"`
	// SiteDomain is a reference to existing site domain
	SiteDomain string `json:"site_domain"`
	// OperationID is id of the operation this progress entry refers to
	OperationID string `json:"operation_id"`
	// Created is a time when this entry was created
	Created time.Time `json:"created"`
	// Completion is a number from 0 (just started) to 100 (completed)
	Completion int `json:"completion"`
	// Step defines the current operation step as a value from a step matrix
	// Step matrix is a finite set of steps that comprise an operation
	Step int `json:"step"`
	// State is a string that indicates current operation state
	State string `json:"state"`
	// Message is a text message describing the operation
	Message string `json:"message"`
}

ProgressEntry is a structured entry indicating operation progress

func (*ProgressEntry) Check 

func (p *ProgressEntry) Check() error

func (ProgressEntry) IsCompleted 

func (p ProgressEntry) IsCompleted() bool

IsCompleted returns true if the progress entry is completed

func (ProgressEntry) IsEqual 

func (p ProgressEntry) IsEqual(other ProgressEntry) bool

IsEqual returns true if the progress entry is equal to the other entry

type ProvisioningToken 

type ProvisioningToken struct {
	// Token is a unique randomly generated token
	Token string `json:"token"`
	// Expires sets the token expiry time, zero time if never expires
	Expires time.Time `json:"expires"`
	// Type is token type - 'install' or 'expand'
	Type ProvisioningTokenType `json:"type"`
	// AccountID is the account this signup token
	// is associated with in case if that's user signup token
	AccountID string `json:"account_id"`
	// SiteDomain is the site this token is associated with
	SiteDomain string `json:"site_domain"`
	// OperationID is the id of the operation (install or expand)
	OperationID string `json:"operation_id"`
	// UserEmail links this token to the user with permissions,
	// usually it's a site agent user
	UserEmail string `json:"user_email"`
}

ProvisioningToken is used to add new servers to the cluster

func (*ProvisioningToken) Check 

func (p *ProvisioningToken) Check() error

func (*ProvisioningToken) IsExpand 

func (p *ProvisioningToken) IsExpand() bool

IsExpand returns true if this is an expand token.

func (*ProvisioningToken) IsPersistent 

func (p *ProvisioningToken) IsPersistent() bool

IsPersistent returns true if this token does not expire.

func (*ProvisioningToken) IsTeleport 

func (p *ProvisioningToken) IsTeleport() bool

IsTeleport returns true if this is a teleport token.

type ProvisioningTokenType 

type ProvisioningTokenType string

ProvisioningTokenType specifies token type

func (*ProvisioningTokenType) Check 

func (s *ProvisioningTokenType) Check() error

Check returns nil if the value is correct, error otherwise

type PullData 

type PullData struct {
	// Packages is a list of packages to pull
	Packages []loc.Locator `json:"packages,omitempty" yaml:"packages,omitempty"`
	// Apps is a list of applications to pull
	Apps []loc.Locator `json:"apps,omitempty" yaml:"apps,omitempty"`
}

PullData contains applications and packages to pull

type Reason 

type Reason string

Reason details the reason a site is in a particular state 

const (
	// ReasonLicenseInvalid means that the license installed on the site is not valid
	ReasonLicenseInvalid Reason = "license_invalid"
	// ReasonStatusCheckFailed means that the site's status check failed
	ReasonStatusCheckFailed Reason = "status_check_failed"
	// ReasonClusterDegraded means one or more of cluster nodes are degraded
	ReasonClusterDegraded Reason = "cluster_degraded"
)

func (*Reason) Check 

func (r *Reason) Check() error

func (*Reason) Description 

func (r *Reason) Description() string

Description returns human-readable description of the reason

type ReconfigureOperationState 

type ReconfigureOperationState struct {
	// AdvertiseAddr is the advertise address the node's being changed to.
	AdvertiseAddr string `json:"advertise_addr"`
}

ReconfigureOperationState defines the reconfiguration operation state.

type Release 

type Release interface {
	// Resource provides base resource methods.
	services.Resource
	// GetChartName returns the name of the deployed chart.
	GetChartName() string
	// GetChartVersion returns the deployed chart version.
	GetChartVersion() string
	// GetChartIcon returns the chart application icon.
	GetChartIcon() string
	// SetChartIcon sets the chart application icon.
	SetChartIcon(string)
	// GetChart returns the full chart name that includes version.
	GetChart() string
	// GetAppVersion returns the application version (may be empty).
	GetAppVersion() string
	// GetNamespace returns namespace where chart is deployed.
	GetNamespace() string
	// GetStatus returns the release deployment status.
	GetStatus() string
	// GetRevision returns the release revision number.
	GetRevision() int
	// GetUpdated returns the release last updated timestamp.
	GetUpdated() time.Time
	// GetLocator returns locator of the corresponding application package.
	GetLocator() loc.Locator
}

Release represents a single instance of a running application.

func NewRelease 

func NewRelease(release *release.Release) (Release, error)

NewRelease creates a new release resource from the provided Helm release.

func UnmarshalRelease 

func UnmarshalRelease(data []byte) (Release, error)

UnmarshalRelease unmarshals release resource from the provided data.

type ReleaseSpecV1 

type ReleaseSpecV1 struct {
	// ChartName is the name of the deployed chart.
	ChartName string `json:"chart_name"`
	// ChartVersion is the deployed chart version.
	ChartVersion string `json:"chart_version"`
	// ChartIcon is the chart application icon.
	ChartIcon string `json:"chart_icon,omitempty"`
	// AppVersion is the application version (may be empty).
	AppVersion string `json:"app_version"`
	// Namespace is the namespace where release is deployed.
	//
	// TODO: This field is a part of spec rather than metadata because
	// Teleport resources are single-namespace at the moment and namespace
	// field from metadata is never exposed.
	Namespace string `json:"namespace"`
}

ReleaseSpecV1 defines release resource spec.

type ReleaseStatusV1 

type ReleaseStatusV1 struct {
	// Status is the release deployment status.
	Status string `json:"status"`
	// Revision is the release revision number.
	Revision int `json:"revision"`
	// Updated is the release last updated timestamp.
	Updated time.Time `json:"updated"`
}

ReleaseStatusV1 provides runtime information about release.

type ReleaseV1 

type ReleaseV1 struct {
	// Kind is the resource kind, always "release" for this resource.
	Kind string `json:"kind"`
	// Version is the resource version, always "v1" for this resource.
	Version string `json:"version"`
	// Metadata is the resource metadata.
	Metadata services.Metadata `json:"metadata"`
	// Spec is the release spec.
	Spec ReleaseSpecV1 `json:"spec"`
	// Status provides runtime information about release.
	Status ReleaseStatusV1 `json:"status"`
}

ReleaseV1 defines the release resource.

func (*ReleaseV1) Expiry 

func (r *ReleaseV1) Expiry() time.Time

Expiry returns the resource expiration time.

func (*ReleaseV1) GetAppVersion 

func (r *ReleaseV1) GetAppVersion() string

GetAppVersion returns chart application name.

func (*ReleaseV1) GetChart 

func (r *ReleaseV1) GetChart() string

GetChart returns the full chart name that includes version.

func (*ReleaseV1) GetChartIcon 

func (r *ReleaseV1) GetChartIcon() string

GetChartIcon returns the chart application icon.

func (*ReleaseV1) GetChartName 

func (r *ReleaseV1) GetChartName() string

GetChartName returns the deployed chart name.

func (*ReleaseV1) GetChartVersion 

func (r *ReleaseV1) GetChartVersion() string

GetChartVersion returns the deployed chart version.

func (*ReleaseV1) GetLocator 

func (r *ReleaseV1) GetLocator() loc.Locator

GetLocator returns locator of the corresponding application package.

func (*ReleaseV1) GetMetadata 

func (r *ReleaseV1) GetMetadata() services.Metadata

GetMetadata returns the resource metadata.

func (*ReleaseV1) GetName 

func (r *ReleaseV1) GetName() string

GetName returns the resource name.

func (*ReleaseV1) GetNamespace 

func (r *ReleaseV1) GetNamespace() string

GetNamespace returns namespace where chart is deployed.

func (*ReleaseV1) GetRevision 

func (r *ReleaseV1) GetRevision() int

GetRevision returns the release revision number.

func (*ReleaseV1) GetStatus 

func (r *ReleaseV1) GetStatus() string

GetStatus returns the release status.

func (*ReleaseV1) GetUpdated 

func (r *ReleaseV1) GetUpdated() time.Time

GetUpdated returns the release last update timestamp.

func (*ReleaseV1) SetChartIcon 

func (r *ReleaseV1) SetChartIcon(val string)

SetChartIcon sets the chart application icon.

func (*ReleaseV1) SetExpiry 

func (r *ReleaseV1) SetExpiry(expires time.Time)

SetExpiry sets the resource expiration time.

func (*ReleaseV1) SetName 

func (r *ReleaseV1) SetName(name string)

SetName sets the resource name.

func (*ReleaseV1) SetTTL 

func (r *ReleaseV1) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets the resource TTL.

type RemoteAccessUser 

type RemoteAccessUser struct {
	// Email identifies the user
	Email string `json:"email"`
	// Token identifies the API key for this user
	Token string `json:"token"`
	// SiteDomain identifies the cluster this user represents
	SiteDomain string `json:"site_domain"`
	// OpsCenter defines the OpsCenter on the other side
	OpsCenter string `json:"ops_center"`
}

RemoteAccessUser groups the attributes to identify or create a user to use to connect a cluster to a remote OpsCenter

func (*RemoteAccessUser) Check 

func (r *RemoteAccessUser) Check() error

Check validates this object

type Repositories 

type Repositories interface {
	// Creates a repository - a collection of packages
	CreateRepository(r Repository) (Repository, error)

	// GetRepository returns a repository by a given name,
	// or NotFoundError if repository is not found
	GetRepository(name string) (Repository, error)

	// DeleteRepository deletes a repository and associated packages
	DeleteRepository(name string) error

	// GetRepositories returns list of repositories
	GetRepositories() ([]Repository, error)

	// CreatePackage creates a package in a repository, will return
	// error if a given package already exists
	CreatePackage(p Package) (*Package, error)

	// UpsertPackage creates or updates a package in a repository
	UpsertPackage(p Package) (*Package, error)

	// DeletePackage deletes a package from repository
	DeletePackage(repository string, packageName, packageVersion string) error

	// GetPackage returns a package by it's name and version a repository
	GetPackage(repository string, packageName, packageVersion string) (*Package, error)

	// GetPackages returns s list of packages in a repository, in case if
	// if prevName and prevVersion are not empty, returns packages greater
	// than given names and version in lexicographical order
	GetPackages(repository string) ([]Package, error)

	// UpdatePackageRuntimeLabels is an atomic operation that sets runtime labels
	// for a set of package, adding and removing labels in one atomic operation
	UpdatePackageRuntimeLabels(repository, packageName, packageVersion string, addLabels map[string]string, removeLabels []string) error
}

Repositories interface provides operations on repositories and packages. Repository is a collection of packages - arbitrary blobs with metadata, name and version.

type Repository 

type Repository interface {
	// Resource provides common resource methods
	teleservices.Resource
}

Repository is a repository resource

func UnmarshalRepository 

func UnmarshalRepository(data []byte) (Repository, error)

UnmarshalRepository unmarshals repository from JSON

type RepositoryV1 

type RepositoryV1 struct {
	// Name is a unique repository name, usually domain name, e.g. example.com
	Name string

	// Expires sets expiry for this repository and all packages
	// inside this repository
	Expires time.Time
}

RepositoryV1 is a collection of packages

func (RepositoryV1) String 

func (r RepositoryV1) String() string

String returns human readable representation of the repository

func (*RepositoryV1) V2 

func (r *RepositoryV1) V2() *RepositoryV2

V2 returns V2 version of Repository resource

type RepositoryV2 

type RepositoryV2 struct {
	// Kind is a resource kind - always resource
	Kind string `json:"kind"`
	// Version is a resource version
	Version string `json:"version"`
	// Metadata is cluster metadata
	Metadata teleservices.Metadata `json:"metadata"`
	// Spec is repository specification
	Spec struct{} `json:"spec"`
}

RepositoryV2 represents repository resource specification

func NewRepository 

func NewRepository(name string) *RepositoryV2

NewRepository returns new repository object from repo name

func (*RepositoryV2) Expiry 

func (c *RepositoryV2) Expiry() time.Time

Expiry returns cluster expiration time

func (*RepositoryV2) GetMetadata 

func (c *RepositoryV2) GetMetadata() teleservices.Metadata

GetMetadata returns cluster metadata

func (*RepositoryV2) GetName 

func (c *RepositoryV2) GetName() string

GetName returns cluster name and is a shortcut for GetMetadata().Name

func (*RepositoryV2) SetExpiry 

func (c *RepositoryV2) SetExpiry(expires time.Time)

SetExpiry sets cluster expiration time

func (*RepositoryV2) SetName 

func (c *RepositoryV2) SetName(name string)

SetName sets cluster name

func (*RepositoryV2) SetTTL 

func (c *RepositoryV2) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets Expires header using realtime clock

type ResolvConf 

type ResolvConf struct {
	// Servers - Name server IP addresses
	Servers []string
	// Domain - Local domain name
	Domain string
	// Search list for host-name lookup
	Search []string
	// Ndots is the number of dots in name to trigger absolute lookup
	Ndots int
	// Timeout is the number of seconds the resolver will wait for a response from the remote server
	Timeout int
	// Attempts is the number of times the resolver will send queries before giving up
	Attempts int
	// Rotate sets round robin selection of nameservers
	Rotate bool
	// UnknownOpt indicates whether we received any unknown options
	UnknownOpt bool
	// Lookup is OpenBSD top-level database "lookup" order
	Lookup []string
}

ResolvConf describes the system resolv.conf configuration

type RoleSpecV2 

type RoleSpecV2 struct {
	// MaxSessionTTL is a maximum SSH or Web session TTL
	MaxSessionTTL teleservices.Duration `json:"max_session_ttl"`
	// Logins is a list of linux logins allowed for this role
	Logins []string `json:"logins,omitempty"`
	// NodeLabels is a set of matching labels that users of this role
	// will be allowed to access
	NodeLabels map[string]string `json:"node_labels,omitempty"`
	// Namespaces is a list of namespaces, guarding access to resources
	Namespaces []string `json:"namespaces,omitempty"`
	// Resources limits access to resources
	Resources map[string][]string `json:"resources,omitempty"`
	// KubernetesGroups is a list of groups this role maps to
	KubernetesGroups []string `json:"kubernetes_groups,omitempty"`
	// GenerateLicenses specifies whether this role can generate licenses
	GenerateLicenses bool `json:"generate_licenses,omitempty"`
	// RegisterClusters returns whether this role can register new clusters
	// usually created remotely via offline install
	RegisterClusters bool `json:"register_clusters,omitempty"`
	// System indicates that this role is a system defined role
	System bool `json:"system"`
	// Clusters specifies what clusters this role has access to,
	// it could be wildcard or have access to all clusters
	// e.g. ["*"] for all clusters or ["a"] to cluster "a" only
	Clusters []string `json:"clusters,omitempty"`
	// Repositories specifies which repositories this role has access to
	// it could be wildcard or have access to all repositories
	Repositories []string `json:"repositories,omitempty"`
	// ForwardAgent permits SSH agent forwarding if requested by the client
	ForwardAgent bool `json:"forward_agent"`
}

RoleSpecV2 is role specification for RoleV2

type RoleV2 

type RoleV2 struct {
	// Kind is a resource kind - always resource
	Kind string `json:"kind"`
	// Version is a resource version
	Version string `json:"version"`
	// Metadata is Role metadata
	Metadata teleservices.Metadata `json:"metadata"`
	// Spec contains role specification
	Spec RoleSpecV2 `json:"spec"`
}

RoleV2 represents role resource specification

func (*RoleV2) CheckAndSetDefaults 

func (r *RoleV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults

func (*RoleV2) Equals 

func (r *RoleV2) Equals(other teleservices.Role) bool

Equals test roles for equality. Roles are considered equal if all resources, logins, namespaces, labels, and options match.

func (*RoleV2) V3 

func (r *RoleV2) V3() *teleservices.RoleV3

type RuntimePackage 

type RuntimePackage struct {
	// Installed identifies the installed version of the runtime package
	Installed loc.Locator `json:"installed"`
	// SecretsPackage specifies the new secrets package
	SecretsPackage *loc.Locator `json:"secrets_package,omitempty"`
	// Update describes an update to the runtime package
	Update *RuntimeUpdate `json:"update,omitempty"`
}

RuntimePackage describes the state of the runtime package during update

type RuntimeUpdate 

type RuntimeUpdate struct {
	// Package identifies the package to update to.
	// This can be the same as Installed in which case no update is performed
	Package loc.Locator `json:"package"`
	// ConfigPackage identifies the new configuration package
	ConfigPackage loc.Locator `json:"config_package"`
}

RuntimeUpdate describes an update to the runtime package

type SMTPConfig 

type SMTPConfig interface {
	// Resource provides common resource methods
	teleservices.Resource
	// CheckAndSetDefaults verifies that the object is valid
	CheckAndSetDefaults() error
	// GetHost returns the SMTP host
	GetHost() string
	// GetPort returns the SMTP port
	GetPort() int
	// GetUsername returns SMTP username
	GetUsername() string
	// GetPassword returns SMTP password
	GetPassword() string
}

SMTPConfig describes cluster SMTP configuration

func UnmarshalSMTPConfig 

func UnmarshalSMTPConfig(data []byte) (SMTPConfig, error)

UnmarshalSMTPConfig unmarshals SMTP configuration from JSON

type SMTPConfigSpecV2 

type SMTPConfigSpecV2 struct {
	// Host specifies the SMTP host
	Host string `json:"host"`
	// Port specifies the SMTP port
	Port int `json:"port"`
	// Username specifies the username
	Username string `json:"username"`
	// Password specifies the password
	Password string `json:"password"`
}

SMTPConfigSpecV2 defines SMTP configuration for the cluster

type SMTPConfigV2 

type SMTPConfigV2 struct {
	// Metadata is resource metadata
	teleservices.Metadata `json:"metadata"`
	// Kind is a resource kind
	Kind string `json:"kind"`
	// Version is a resource version
	Version string `json:"version"`
	// Spec defines the SMTP configuration
	Spec SMTPConfigSpecV2 `json:"spec"`
}

SMTPConfigV2 defines SMTP configuration

func (*SMTPConfigV2) CheckAndSetDefaults 

func (r *SMTPConfigV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults

func (*SMTPConfigV2) GetHost 

func (r *SMTPConfigV2) GetHost() string

GetHost returns SMTP host

func (*SMTPConfigV2) GetPassword 

func (r *SMTPConfigV2) GetPassword() string

GetPassword returns SMTP password

func (*SMTPConfigV2) GetPort 

func (r *SMTPConfigV2) GetPort() int

GetPort returns SMTP port

func (*SMTPConfigV2) GetUsername 

func (r *SMTPConfigV2) GetUsername() string

GetUsername returns SMTP username

type Server 

type Server struct {
	// AdvertiseIP is the IP that will be used for inter host communication
	AdvertiseIP string `json:"advertise_ip"`
	// Hostname is the server hostname
	Hostname string `json:"hostname"`
	// Nodename as assigned by the cloud provider (if any).
	// In case of Amazon private DNS zone, this will be the `PrivateDnsName`
	Nodename string `json:"nodename"`
	// Role is application specific role, e.g. "database"
	Role string `json:"role"`
	// InstanceType is provisioned instance type
	InstanceType string `json:"instance_type"`
	// InstanceID is cloud specific instance ID
	InstanceID string `json:"instance_id"`
	// ClusterRole is the node's system role, "master" or "node"
	ClusterRole string `json:"cluster_role"`
	// Provisioner is the provisioner the server was provisioned with
	Provisioner string `json:"provisioner"`
	// OSInfo identifies the host operating system
	OSInfo OSInfo `json:"os"`
	// Mounts lists mount configurations for a server profile instance
	Mounts []Mount `json:"mounts"`
	// SystemState defines the system configuration for gravity - location
	// of state directory, etc.
	SystemState SystemState `json:"system_state"`
	// Docker defines docker-specific configuration parameters
	// For example, it specifies which disk/partition to use for devicemapper
	// direct-lvm configuration
	Docker Docker `json:"docker"`
	// User is current OS user information
	User OSUser `json:"user"`
	// Created is the timestamp when the server was created
	Created time.Time `json:"created"`
	// SELinux specifies whether the node has SELinux support on
	SELinux bool `json:"selinux,omitempty"`
}

Server is used during site install process and is configured by users during manual install or by automatic provisioner when creating environment from scratch

func GetLocalServers 

func GetLocalServers(backend Backend) ([]Server, error)

GetLocalServers returns local cluster state servers

func (*Server) EtcdPeerURL 

func (s *Server) EtcdPeerURL() string

EtcdPeerURL returns etcd peer advertise URL with the server's IP.

func (*Server) Fields 

func (s *Server) Fields() logrus.Fields

Fields returns log fields describing the server.

func (*Server) GetKubeletLabels 

func (s *Server) GetKubeletLabels(profileLabels map[string]string) map[string]string

GetKubeletLabels returns the node's labels that can be set by kubelet.

func (*Server) GetNodeLabels 

func (s *Server) GetNodeLabels(profileLabels map[string]string) map[string]string

GetNodeLabels returns a consistent set of labels that should be applied to the node

func (*Server) IsEqualTo 

func (s *Server) IsEqualTo(other Server) bool

IsEqualTo returns true if this and the provided server are the same server.

func (*Server) IsMaster 

func (s *Server) IsMaster() bool

IsMaster returns true if the server has a master role

func (*Server) KubeNodeID 

func (s *Server) KubeNodeID() string

KubeNodeID returns the identity of the node within the kubernetes cluster (kubectl get node) when running on a cloud environment such as AWS, kubelet tends to pick up it's hostname from the cloud provider API. So when running on these environments, we should ensure our hostnames match what kubernetes will be doing. When not running on a cloud environment with this behaviour, we will identify nodes by their Advertise IP address More Information: https://github.com/kubernetes/kubernetes/pull/58114#pullrequestreview-88022039 https://github.com/kubernetes/kubernetes/issues/54482 https://github.com/kubernetes/kubernetes/issues/58084

func (*Server) ObjectPeerID 

func (s *Server) ObjectPeerID() string

ObjectPeerID returns the peer ID of this server

func (*Server) StateDir 

func (s *Server) StateDir() string

StateDir returns directory where all gravity data is stored on this server

func (Server) String 

func (s Server) String() string

Strings formats this server as readable text

type ServerProfile 

type ServerProfile struct {
	// Description is the server description
	Description string `json:"description"`
	// Labels is the server labels
	Labels map[string]string `json:"labels"`
	// ServiceRole is the server role (e.g. "master" or "node")
	ServiceRole string `json:"service_role"`
	// Request contains instance type and count that were provisioned
	Request ServerProfileRequest `json:"request"`
}

ServerProfile describes server that was provisioned during install/expand

type ServerProfileRequest 

type ServerProfileRequest struct {
	// InstanceType is the instance type to provision
	InstanceType string `json:"instance_type"`
	// Count is the number of servers to provision
	Count int `json:"count"`
}

ServerProfileRequest contains information about how many nodes of a certain type were requested for install/expand

type ServerUpdate 

type ServerUpdate struct {
	// Server is a server being updated
	Server teleservices.ServerV1 `json:"server"`
	// State defines the state of server update operation
	// (e.g. started, in-progress or completed/failed)
	State string `json:"state"`
}

ServerUpdate represents server that is being updated

func (*ServerUpdate) String 

func (s *ServerUpdate) String() string

String returns debug-friendly representation of the server udpate

type Servers 

type Servers []Server

Servers is a list of servers

func (Servers) FindByIP 

func (r Servers) FindByIP(ip string) *Server

FindByIP returns a server with the specified IP

func (Servers) IsEqualTo 

func (r Servers) IsEqualTo(other Servers) bool

IsEqualTo returns true if the provided list contains all the same servers as this list.

func (Servers) MasterIPs 

func (r Servers) MasterIPs() (ips []string)

MasterIPs returns a list of advertise IPs of master nodes.

func (Servers) Masters 

func (r Servers) Masters() (masters []Server)

Masters returns a list of master nodes

func (Servers) Profiles 

func (r Servers) Profiles() map[string]string

Profiles returns a map of node profiles for these servers.

func (Servers) String 

func (r Servers) String() string

String formats this list of servers as text

type ShrinkOperationState 

type ShrinkOperationState struct {
	// Vars is a set of variables for this operation
	Vars OperationVariables `json:"vars"`
	// LegacyHostnames is used during migrations,
	// find a way to get rid of it
	LegacyHostnames []string `json:"servers"`
	// Servers is a list of servers to remove
	Servers []Server `json:"server_specs"`
	// Force controls whether the operation ignores intermediate errors
	Force bool `json:"force"`
	// NodeRemoved indicates whether the node has already been removed from the cluster
	// Used in cases where we receive an event where the node is being terminated, but may
	// not have disconnected from the cluster yet.
	NodeRemoved bool `json:"node_removed"`
}

ShrinkOperationState contains information about shrink operation

type Site 

type Site struct {
	// Domain is a site specific unique domain name (e.g. site.example.com)
	Domain string `json:"domain"`
	// Created records the time when site was created
	Created time.Time `json:"created"`
	// CreatedBy is the email of a user who created the site
	CreatedBy string `json:"created_by"`
	// AccountID is the id of the account this site belongs to
	AccountID string `json:"account_id"`
	// State represents the state of this site, e.g. 'created', 'configured'
	State string `json:"state"`
	// Reason is the code describing the state the site is currently in
	Reason Reason `json:"reason"`
	// Provider is a provider selected for this site
	Provider string `json:"provider"`
	// License is the license currently installed on this site
	License string `json:"license"`
	// TODO: this should probably move to SiteOperation as well
	// ProvisionerState is a provisioner-specific state
	// that used to track some resources allocated for the cloud
	// e.g. disks, VMs
	ProvisionerState []byte `json:"provisioner_state"`
	// App is application installed on this site, e.g.
	// "gravitational.io/mattermost:1.2.1"
	App Package `json:"app"`
	// Local specifies whether this site is local to the running
	// process (opscenter or site)
	Local bool `json:"local"`
	// Labels is a custom key/value metadata attached to the site (think AWS tags)
	Labels map[string]string `json:"labels"`
	// FinalInstallStepComplete indicates whether the site has completed the final installation step
	FinalInstallStepComplete bool `json:"final_install_step_complete"`
	// Resources is optional byte-string with K8s resources injected at site creation
	Resources []byte `json:"resources"`
	// Location is a location where the site is deployed, for example AWS region name
	Location string `json:"location"`
	// Flavor is the initial cluster flavor.
	Flavor string `json:"flavor"`
	// DisabledWebUI specifies whether OpsCenter and WebInstallWizard are disabled
	DisabledWebUI bool `json:"disabled_web_ui"`
	// UpdateInterval is how often the site checks for and downloads newer versions of the
	// installed application
	UpdateInterval time.Duration `json:"update_interval"`
	// NextUpdateCheck is the timestamp of the upcoming updates check for the site
	NextUpdateCheck time.Time `json:"next_update_check"`
	// ClusterState holds the current cluster state, e.g. nodes in the cluster and information
	// about them
	ClusterState ClusterState `json:"cluster_state"`
	// ServiceUser specifies the service user for planet
	ServiceUser OSUser `json:"service_user"`
	// CloudConfig provides additional cloud configuration
	CloudConfig CloudConfig `json:"cloud_config"`
	// DNSOverrides contains DNS overrides for this cluster
	// TODO(dmitri): move to DNSConfig
	DNSOverrides DNSOverrides `json:"dns_overrides"`
	// DNSConfig defines cluster local DNS configuration
	DNSConfig DNSConfig `json:"dns_config"`
	// InstallToken specifies the original token the cluster was installed with
	InstallToken string `json:"install_token"`
}

Site is a group of servers that belongs to some account and having some application installed

func (*Site) Check 

func (s *Site) Check() error

Check validates the cluster object's fields.

func (*Site) Servers 

func (s *Site) Servers() Servers

Servers returns the cluster's servers.

type SiteOperation 

type SiteOperation struct {
	// ID is a unique operation ID
	ID string `json:"id"`
	// AccountID - id of the account this site belongs to
	AccountID string `json:"account_id"`
	// SiteDomain - ID of the site this operation refers to
	SiteDomain string `json:"site_domain"`
	// Type is operation type - e.g. add or delete servers
	Type string `json:"type"`
	// Created is a time when this operation was created
	Created time.Time `json:"created"`
	// CreatedBy specifies the user who created the operation
	CreatedBy string `json:"created_by,omitempty"`
	// Updated is a time when this operation was last updated
	Updated time.Time `json:"updated"`
	// State represents current operation state
	State string `json:"state"`
	// Provisioner defines the provisioner used for this operation
	Provisioner string `json:"provisioner"`
	// Servers stores servers affected by the operation, e.g.
	// in case of 'install' or 'provision_servers' it will store the
	// servers that will be added and configured, for 'deprovision_servers'
	// it will store the servers that will be deleted
	Servers Servers `json:"servers"`
	// Shrink is set when the operation type is shrink (removing nodes from the cluster)
	Shrink *ShrinkOperationState `json:"shrink,omitempty"`
	// InstallExpand is set when the operation is install or expand
	InstallExpand *InstallExpandOperationState `json:"install_expand,omitempty"`
	// Uninstall is for uninstalling gravity and it's data
	Uninstall *UninstallOperationState `json:"uninstall,omitempty"`
	// Update is for updating application on the gravity site
	Update *UpdateOperationState `json:"update,omitempty"`
	// UpdateEnviron defines the runtime environment update state
	UpdateEnviron *UpdateEnvarsOperationState `json:"update_environ,omitempty"`
	// UpdateConfig defines the state of the cluster configuration update operation
	UpdateConfig *UpdateConfigOperationState `json:"update_config,omitempty"`
	// Reconfigure contains reconfiguration operation state
	Reconfigure *ReconfigureOperationState `json:"reconfigure,omitempty"`
}

SiteOperation represents any modification of the site, e.g. adding or deleting a server or a group of servers

func GetLastOperation 

func GetLastOperation(backend Backend) (*SiteOperation, error)

GetLastOperation returns the last operation for the local cluster

func GetLastOperationForCluster 

func GetLastOperationForCluster(backend Backend, clusterName string) (*SiteOperation, error)

GetLastOperationForCluster returns the last operation for the specified cluster

func GetOperationByID 

func GetOperationByID(backend Backend, operationID string) (*SiteOperation, error)

GetOperationByID returns the operation with the given ID for the local cluster

func GetOperations 

func GetOperations(backend Backend) ([]SiteOperation, error)

GetOperations returns all operations for the local cluster sorted by time in descending order (with most recent operation first)

func GetOperationsForCluster 

func GetOperationsForCluster(backend Backend, clusterName string) ([]SiteOperation, error)

GetOperationsForCluster returns all operations for the specified cluster sorted by time in descending order (with most recent operation first)

func (*SiteOperation) Check 

func (s *SiteOperation) Check() error

func (*SiteOperation) IsEqualTo 

func (s *SiteOperation) IsEqualTo(other SiteOperation) bool

IsEqualTo returns true if the operation is equal to the provided operation.

func (*SiteOperation) Vars 

func (s *SiteOperation) Vars() OperationVariables

Vars returns operation specific variables

type SiteOperations 

type SiteOperations interface {
	// CreateSiteOperation creates a new site operation
	CreateSiteOperation(SiteOperation) (*SiteOperation, error)
	// GetSiteOperation returns the operation identified by the operation id
	// and site id
	GetSiteOperation(siteDomain, operationID string) (*SiteOperation, error)
	// GetSiteOperations returns a list of operations performed on this
	// site sorted by time (latest operations come first)
	GetSiteOperations(siteDomain string) ([]SiteOperation, error)
	// UpdateSiteOperation updates site operation state
	UpdateSiteOperation(SiteOperation) (*SiteOperation, error)
	// DeleteSiteOperation removes an unstarted site operation
	DeleteSiteOperation(siteDomain, operationID string) error
	// CreateOperationPlan saves a new operation plan
	CreateOperationPlan(OperationPlan) (*OperationPlan, error)
	// GetOperationPlan returns plan for the specified operation
	GetOperationPlan(clusterName, operationID string) (*OperationPlan, error)
	// CreateOperationPlanChange creates a new state transition entry for a plan
	CreateOperationPlanChange(PlanChange) (*PlanChange, error)
	// GetOperationPlanChangelog returns all state transition entries for a plan
	GetOperationPlanChangelog(clusterName, operationID string) (PlanChangelog, error)
}

SiteOperations colection represents a list of operations performed on the site, e.g. provisioning servers, or upgrading applications

type Sites 

type Sites interface {
	// CompareAndSwapSiteState swaps site state to new version only if
	// it's set to the required state
	CompareAndSwapSiteState(domain string, old, new string) error
	// CreateSite creates site entry
	CreateSite(s Site) (*Site, error)
	// UpdateSite updates site properties
	UpdateSite(s Site) (*Site, error)
	// DeleteSite deletes site entry
	DeleteSite(domain string) error
	// GetSites returns a list of sites for account id
	GetSites(accountID string) ([]Site, error)
	// GetAllSites returns a list of all sites for all accounts
	GetAllSites() ([]Site, error)
	// GetSite returns site by account id and site domain
	GetSite(domain string) (*Site, error)
	// GetLocalSite returns local site for a given account ID
	GetLocalSite(accountID string) (*Site, error)
}

Sites collection works with sites - a group of servers

type StringExpr 

type StringExpr string

StringExpr is a string expression

func (StringExpr) String 

func (s StringExpr) String() string

type StringsExpr 

type StringsExpr []string

StringsExpr is a slice of strings

func (StringsExpr) String 

func (s StringsExpr) String() string

type Subnets 

type Subnets struct {
	// Overlay is the Kubernetes overlay network (flannel) subnet
	Overlay string `json:"overlay"`
	// Service is the subnet for Kubernetes services
	Service string `json:"service"`
}

Subnets describes selected overlay/service network subnets for an operation

func (Subnets) IsEmpty 

func (r Subnets) IsEmpty() bool

IsEmpty determines if this subnet descriptor is empty

type Swap 

type Swap struct {
	// Total is total amount of swap, in kilobytes
	Total uint64 `json:"total"`
	// Free is total amount of swap free, in kilobytes
	Free uint64 `json:"free"`
}

Swap describes swapping configuration

type System 

type System interface {
	teleservices.Resource

	// GetHostname returns the system hostname
	GetHostname() string
	// GetNetworkInterfaces returns the list of network interfaces
	GetNetworkInterfaces() map[string]NetworkInterface
	// GetFilesystems returns the mounted files systems
	GetFilesystems() []Filesystem
	// GetFilesystemStats returns the mounted files systems
	GetFilesystemStats() FilesystemStats
	// GetMemory returns the RAM configuration
	GetMemory() Memory
	// GetSwap returns the swap configuration
	GetSwap() Swap
	// GetNumCPU returns the number of CPUs
	GetNumCPU() uint
	// GetProcesses returns the list of running processes
	GetProcesses() []Process
	// GetDevices returns the list of unallocated devices
	GetDevices() Devices
	// GetSystemPackages returns the list of installed system packages
	GetSystemPackages() []SystemPackage
	// GetOS identifies the host operating system or distribution
	GetOS() OSInfo
	// GetUser returns the information about the user the agent is running under
	GetUser() OSUser
}

System describes a system

type SystemMetadata 

type SystemMetadata interface {
	// GetDNSConfig returns current DNS configuration
	GetDNSConfig() (*DNSConfig, error)
	// SetDNSConfig sets current DNS configuration
	SetDNSConfig(DNSConfig) error
	// GetSELinux returns whether SELinux support is on
	GetSELinux() (enabled bool, err error)
	// SetSELinux sets SELinux support
	SetSELinux(enabled bool) error
	// GetNodeAddr returns the current node advertise IP
	GetNodeAddr() (addr string, err error)
	// SetNodeAddr sets current node advertise IP
	SetNodeAddr(addr string) error
	// GetServiceUser returns the current service user
	GetServiceUser() (*OSUser, error)
	// SetServiceUser sets current service user
	SetServiceUser(OSUser) error
}

SystemMetadata stores system-relevant data on the host

type SystemPackage 

type SystemPackage struct {
	// Name identifies the package by name
	Name string `json:"name"`
	// Version describes the version of the installed package.
	// It will be empty if no such package is installed
	Version string `json:"version"`
	// Error describes an error querying for the package
	Error string `json:"error"`
}

SystemPackage describes a package on a Linux system

type SystemSpecV2 

type SystemSpecV2 struct {
	// Hostname specifies the hostname
	Hostname string `json:"hostname"`
	// NetworkInterfaces lists all network interfaces
	NetworkInterfaces map[string]NetworkInterface `json:"interfaces"`
	// Filesystem returns information about filesystem usage
	Filesystems []Filesystem `json:"filesystem"`
	// FilesystemStats returns information about filesystem usage per directory
	FilesystemStats FilesystemStats `json:"filesystem_stats"`
	// Memory contains information about system memory
	Memory Memory `json:"memory"`
	// Swap contains info about system's swap capacity
	Swap Swap `json:"swap"`
	// NumCPU specifies the CPU count
	NumCPU uint `json:"cpus"`
	// Processes lists running processes
	Processes []Process `json:"processes"`
	// Devices lists the disks/partitions
	Devices Devices `json:"devices"`
	// SystemPackages lists installed system packages.
	// Packages are queried per distribution.
	// Only packages required for operation are listed
	SystemPackages []SystemPackage `json:"system_packages"`
	// OS identifies the host operating system
	OS OSInfo `json:"os"`
	// LVMSystemDirectory specifies the location of the LVM system directory if the
	// docker storage driver is devicemapper, empty otherwise
	// DEPRECATED
	LVMSystemDirectory string `json:"lvm_system_dir"`
	// User specifies the agent's user identity
	User OSUser `json:"user"`
}

SystemSpecV2 represents a set of facts about a system

type SystemState 

type SystemState struct {
	// Disk defines the block device (disk or partition) to use
	// for gravity system state directory
	Device Device `json:"device"`
	// StateDir is where all gravity data is stored on the server
	StateDir string `json:"state_dir"`
}

SystemState defines the system configuration for gravity - location of state directory, etc.

type SystemV2 

type SystemV2 struct {
	// Kind is resource kind, "systeminfo"
	Kind string `json:"kind"`
	// Version is the resource version
	Version string `json:"version"`
	// Metadata is resource metadata
	teleservices.Metadata `json:"metadata"`
	// Spec is the system information spec
	Spec SystemSpecV2 `json:"spec"`
}

SystemV2 describes a system

func NewSystemInfo 

func NewSystemInfo(spec SystemSpecV2) *SystemV2

NewSystemInfo creates a new instance of system information from the provided spec

func UnmarshalSystemInfo 

func UnmarshalSystemInfo(data []byte) (*SystemV2, error)

UnmarshalSystemInfo unmarshals system info from JSON specified with data

func (*SystemV2) GetDevices 

func (r *SystemV2) GetDevices() Devices

GetDevices returns the list of unallocated devices

func (*SystemV2) GetFilesystemStats 

func (r *SystemV2) GetFilesystemStats() FilesystemStats

GetFilesystemStats returns the mounted files systems

func (*SystemV2) GetFilesystems 

func (r *SystemV2) GetFilesystems() []Filesystem

GetFilesystems returns the mounted files systems

func (*SystemV2) GetHostname 

func (r *SystemV2) GetHostname() string

GetHostname returns the system hostname

func (*SystemV2) GetMemory 

func (r *SystemV2) GetMemory() Memory

GetMemory returns the RAM configuration

func (*SystemV2) GetNetworkInterfaces 

func (r *SystemV2) GetNetworkInterfaces() map[string]NetworkInterface

GetNetworkInterfaces returns the list of network interfaces

func (*SystemV2) GetNumCPU 

func (r *SystemV2) GetNumCPU() uint

GetNumCPU returns the number of CPUs

func (*SystemV2) GetOS 

func (r *SystemV2) GetOS() OSInfo

GetOS identifies the host operating system or distribution

func (*SystemV2) GetProcesses 

func (r *SystemV2) GetProcesses() []Process

GetProcesses returns the list of running processes

func (*SystemV2) GetSwap 

func (r *SystemV2) GetSwap() Swap

GetSwap returns the swap configuration

func (*SystemV2) GetSystemPackages 

func (r *SystemV2) GetSystemPackages() []SystemPackage

GetSystemPackages returns the list of installed system packages

func (*SystemV2) GetUser 

func (r *SystemV2) GetUser() OSUser

GetUser returns the information about the user the agent is running under

func (SystemV2) String 

func (r SystemV2) String() string

String returns a textual representation of this system info

type SystemVariables 

type SystemVariables struct {
	// ClusterName is the name of the cluster the operation is for
	ClusterName string `json:"cluster_name"`
	// OpsURL is remote Ops Center URL
	OpsURL string `json:"ops_url"`
	// Devmode is whether the operation is running in dev mode
	Devmode bool `json:"devmode"`
	// Token is the agent token
	Token string `json:"token"`
	// TeleportProxyAddress is the address of teleport proxy
	TeleportProxyAddress string `json:"teleport_proxy_address"`
	// Docker overrides configuration from the manifest
	Docker DockerConfig `json:"docker"`
}

SystemVariables represents a set of operation variables common for each provider

type TLSKeyPair 

type TLSKeyPair interface {
	// Resource provides common resource methods
	teleservices.Resource
	// CheckAndSetDefaults makes sure the TLS keypair is valid
	CheckAndSetDefaults() error
	// GetCert returns certificate and optional certificate chain
	GetCert() string
	// GetPrivateKey returns private key
	GetPrivateKey() string
}

TLSKeyPair describes a TLS key pair resource that can be checked for validity and queried.

func NewTLSKeyPair 

func NewTLSKeyPair(cert, privateKey []byte) TLSKeyPair

NewTLSKeyPair creates new TLS key pair from cert and private key

func UnmarshalTLSKeyPair 

func UnmarshalTLSKeyPair(data []byte) (TLSKeyPair, error)

UnmarshalTLSKeyPair unmarshals TLS keypair from JSON

type TLSKeyPairSpecV2 

type TLSKeyPairSpecV2 struct {
	// Cert is a PEM encoded certificate chain
	// including intermediaries
	Cert string `json:"cert"`
	// PrivateKey is PEM encoded private key
	PrivateKey string `json:"private_key"`
}

TLSKeyPairSpecV2 is TLS keypair V2 specification

type TLSKeyPairV2 

type TLSKeyPairV2 struct {
	// Kind is a resource kind - always tlskeypair
	Kind string `json:"kind"`
	// Version is a resource version
	Version string `json:"version"`
	// Metadata is TLS keypair metadata
	Metadata teleservices.Metadata `json:"metadata"`
	// Spec contains TLS keypair specification
	Spec TLSKeyPairSpecV2 `json:"spec"`
}

TLSKeyPairV2 represents TLS key pair specification

func (*TLSKeyPairV2) CheckAndSetDefaults 

func (t *TLSKeyPairV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults

func (*TLSKeyPairV2) Expiry 

func (t *TLSKeyPairV2) Expiry() time.Time

Expiry returns TLS keypair expiration time

func (*TLSKeyPairV2) GetCert 

func (t *TLSKeyPairV2) GetCert() string

GetCert returns certificate

func (*TLSKeyPairV2) GetMetadata 

func (t *TLSKeyPairV2) GetMetadata() teleservices.Metadata

GetMetadata returns TLS keypair metadata

func (*TLSKeyPairV2) GetName 

func (t *TLSKeyPairV2) GetName() string

GetName returns TLS keypair name and is a shortcut for GetMetadata().Name

func (*TLSKeyPairV2) GetPrivateKey 

func (t *TLSKeyPairV2) GetPrivateKey() string

GetPrivateKey returns private key

func (*TLSKeyPairV2) SetExpiry 

func (t *TLSKeyPairV2) SetExpiry(expires time.Time)

SetExpiry sets TLS keypair expiration time

func (*TLSKeyPairV2) SetName 

func (t *TLSKeyPairV2) SetName(name string)

SetName sets TLS keypair name

func (*TLSKeyPairV2) SetTTL 

func (t *TLSKeyPairV2) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets Expires header using realtime clock

type TeleportPackage 

type TeleportPackage struct {
	// Installed identifies the installed version of the teleport package
	Installed loc.Locator `json:"installed"`
	// Update describes an update to the runtime package
	Update *TeleportUpdate `json:"update,omitempty"`
}

TeleportPackage describes the state of the teleport package during update

func (TeleportPackage) Package 

func (p TeleportPackage) Package() loc.Locator

Package returns either the updated teleport package locator if it's not empty, or the installed one.

type TeleportUpdate 

type TeleportUpdate struct {
	// Package identifies the package to update to.
	// This can be the same as Installed in which case no update is performed
	Package loc.Locator `json:"package"`
	// NodeConfigPackage identifies the new host teleport configuration package.
	// If nil, no changes to configuration package required
	NodeConfigPackage *loc.Locator `json:"node_config_package,omitempty"`
}

TeleportUpdate describes an update to the teleport package

type Token 

type Token interface {
	// Resource provides common resource methods
	teleservices.Resource
	// GetUser returns username the token belongs to
	GetUser() string
	// SetUser sets the token owner
	SetUser(name string)
	// CheckAndSetDefaults makes sure the token is valid
	CheckAndSetDefaults() error
}

Token contains a set of permissions or settings

func NewToken 

func NewToken(name string, user string) Token

NewToken returns instance of the new token

func NewTokenFromV1 

func NewTokenFromV1(key APIKey) Token

NewTokenFromV1 creates token from API key

type TokenMarshaler 

type TokenMarshaler interface {
	// UnmarshalToken unmarshals token from JSON
	UnmarshalToken([]byte) (Token, error)
	// MarshalToken marshals token to JSON
	MarshalToken(Token, ...teleservices.MarshalOption) ([]byte, error)
}

TokenMarshaler is interface for marshaling token

func GetTokenMarshaler 

func GetTokenMarshaler() TokenMarshaler

GetTokenMarshaler returns token marshaler

type TokenSpecV2 

type TokenSpecV2 struct {
	// User is username associated with this token
	User string `json:"user"`
}

TokenSpecV2 is token V2 specification

type TokenV2 

type TokenV2 struct {
	// Kind is a resource kind - always resource
	Kind string `json:"kind"`
	// Version is a resource version
	Version string `json:"version"`
	// Metadata is token metadata
	Metadata teleservices.Metadata `json:"metadata"`
	// Spec contains token specification
	Spec TokenSpecV2 `json:"spec"`
}

TokenV2 represents token resource specification

func (*TokenV2) CheckAndSetDefaults 

func (t *TokenV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults

func (*TokenV2) Expiry 

func (t *TokenV2) Expiry() time.Time

Expiry returns token expiration time

func (*TokenV2) GetMetadata 

func (t *TokenV2) GetMetadata() teleservices.Metadata

GetMetadata returns token metadata

func (*TokenV2) GetName 

func (t *TokenV2) GetName() string

GetName returns token name and is a shortcut for GetMetadata().Name

func (*TokenV2) GetUser 

func (t *TokenV2) GetUser() string

GetUser returns token user

func (*TokenV2) SetExpiry 

func (t *TokenV2) SetExpiry(expires time.Time)

SetExpiry sets token expiration time

func (*TokenV2) SetName 

func (t *TokenV2) SetName(name string)

SetName sets token name

func (*TokenV2) SetTTL 

func (t *TokenV2) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets Expires header using realtime clock

func (*TokenV2) SetUser 

func (t *TokenV2) SetUser(username string)

SetUser sets token user

func (*TokenV2) ToV1 

func (t *TokenV2) ToV1() *APIKey

type Tokens 

type Tokens interface {
	// CreateProvisioningToken creates a temporary authentication token
	CreateProvisioningToken(t ProvisioningToken) (*ProvisioningToken, error)
	// DeleteProvisioningToken deletes a token specified by token
	DeleteProvisioningToken(token string) error
	// GetProvisioningToken returns a token if it has not expired yet
	GetProvisioningToken(token string) (*ProvisioningToken, error)
	// GetOperationProvisioningToken returns an existing token for the particular operation if
	// it has not expired yet
	GetOperationProvisioningToken(clusterName, operationID string) (*ProvisioningToken, error)
	// GetSiteProvisioningTokens returns a list of tokens for the site specified with siteDomain
	// that have not expired yet
	GetSiteProvisioningTokens(siteDomain string) ([]ProvisioningToken, error)
	// CreateInstallToken creates a token for a one-time install operation
	CreateInstallToken(InstallToken) (*InstallToken, error)
	// GetInstallToken returns an active install token with the specified ID
	GetInstallToken(token string) (*InstallToken, error)
	// GetInstallTokenByUser returns an active install token with the specified user ID
	GetInstallTokenByUser(email string) (*InstallToken, error)
	// GetInstallTokenForCluster returns an active install token for the specified cluster
	GetInstallTokenForCluster(name string) (*InstallToken, error)
	// UpdateInstallToken updates the specified install token
	UpdateInstallToken(InstallToken) (*InstallToken, error)
}

Tokens interface defines a token management layer. Token types include those for adding new servers to the cluster during install or expand operations or running one-time installations.

type TrustedCluster 

type TrustedCluster interface {
	// TrustedCluster is the base trusted cluster interface from Teleport
	teleservices.TrustedCluster
	// GetSNIHost returns the Ops Center SNI host
	GetSNIHost() string
	// SetSNIHost sets the Ops Center SNI host
	SetSNIHost(string)
	// GetPullUpdates returns true if the cluster pulls updates from Ops Center
	GetPullUpdates() bool
	// SetPullUpdates enables or disables pulling updates from Ops Center
	SetPullUpdates(bool)
	// GetWizard returns true for trusted cluster representing wizard Ops Center
	GetWizard() bool
	// SetWizard marks the trusted cluster as wizard mode or not
	SetWizard(bool)
	// GetSystem returns true if this is a system trusted cluster
	GetSystem() bool
	// SetSystem marks the trusted cluster as a system
	SetSystem(bool)
	// GetRegular returns true if this is a regular Ops Center.
	GetRegular() bool
}

TrustedCluster extends Teleport's trusted cluster interface with Gravity specific methods

func GetTrustedCluster 

func GetTrustedCluster(backend Backend) (TrustedCluster, error)

GetTrustedCluster returns a trusted cluster representing the Ops Center the cluster is connected to, currently only 1 is supported

func GetWizardTrustedCluster 

func GetWizardTrustedCluster(backend Backend) (TrustedCluster, error)

GetWizardTrustedCluster returns a trusted cluster representing the wizard Ops Center the specified site is connected to

func NewTrustedCluster 

func NewTrustedCluster(name string, spec TrustedClusterSpecV2) TrustedCluster

NewTrustedCluster returns a new trusted cluster from the provided name and spec 

func NewTrustedClusterFromLinks(remoteLink OpsCenterLink, updateLink *OpsCenterLink) (TrustedCluster, error)

NewTrustedClusterFromLinks creates a trusted cluster from the legacy remote support and update links

func UnmarshalTrustedCluster 

func UnmarshalTrustedCluster(bytes []byte) (TrustedCluster, error)

UnmarshalTrustedCluster unmarshals the trusted cluster resource from bytes

type TrustedClusterSpecV2 

type TrustedClusterSpecV2 struct {
	// Enabled indicates whether the trusted cluster is enabled
	Enabled bool `json:"enabled"`
	// Token is a shared authorization token used to connect a remote cluster
	Token string `json:"token"`
	// ProxyAddress is the address of the web proxy server of the cluster to join.
	// If not set, defaults to <metadata.name>:<default web proxy server port>
	ProxyAddress string `json:"web_proxy_addr"`
	// ReverseTunnelAddress is the address of the SSH proxy server of the cluster
	// to join. If not set, defaults to <metadata.name>:<default reverse tunnel port>
	ReverseTunnelAddress string `json:"tunnel_addr"`
	// SNIHost is the Ops Center's public endpoint hostname
	SNIHost string `json:"sni_host"`
	// Roles is a list of roles that users will be assuming when connecting to
	// this cluster
	Roles []string `json:"roles,omitempty"`
	// RoleMap specifies role mappings to remote roles
	RoleMap teleservices.RoleMap `json:"role_map,omitempty"`
	// PullUpdates indicates whether the trusted cluster should pull updates
	PullUpdates bool `json:"pull_updates"`
	// Wizard is true for trusted cluster representing a standalone installer
	// Ops Center
	Wizard bool `json:"wizard,omitempty"`
}

TrustedClusterSpecV2 represents the trusted cluster spec

type TrustedClusterV2 

type TrustedClusterV2 struct {
	// Kind is the resource kind, trusted_cluster
	Kind string `json:"kind"`
	// Version is the resource version
	Version string `json:"version"`
	// Metadata is the resource metadata
	Metadata teleservices.Metadata `json:"metadata"`
	// Spec is the trusted cluster spec
	Spec TrustedClusterSpecV2 `json:"spec"`
}

TrustedClusterV2 represents a trusted cluster resource

func (*TrustedClusterV2) CanChangeStateTo 

func (c *TrustedClusterV2) CanChangeStateTo(t teleservices.TrustedCluster) error

CanChangeStateTo checks if the state change is allowed or not. If not, returns an error explaining the reason

func (*TrustedClusterV2) CheckAndSetDefaults 

func (c *TrustedClusterV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks the cluster resource and sets some defaults

func (*TrustedClusterV2) CombinedMapping 

func (c *TrustedClusterV2) CombinedMapping() teleservices.RoleMap

CombinedMapping returns role map combined with roles

func (*TrustedClusterV2) Expiry 

func (c *TrustedClusterV2) Expiry() time.Time

Expiry returns the trusted cluster expiration time

func (*TrustedClusterV2) GetEnabled 

func (c *TrustedClusterV2) GetEnabled() bool

GetEnabled returns true if the cluster is connected to Ops Center

func (*TrustedClusterV2) GetMetadata 

func (c *TrustedClusterV2) GetMetadata() teleservices.Metadata

GetMetadata returns the trusted cluster metadata

func (*TrustedClusterV2) GetName 

func (c *TrustedClusterV2) GetName() string

GetName returns the trusted cluster name

func (*TrustedClusterV2) GetProxyAddress 

func (c *TrustedClusterV2) GetProxyAddress() string

GetProxyAddress returns the address of the proxy server

func (*TrustedClusterV2) GetPullUpdates 

func (c *TrustedClusterV2) GetPullUpdates() bool

GetPullUpdates returns true if the cluster pulls updates from Ops Center

func (*TrustedClusterV2) GetRegular 

func (c *TrustedClusterV2) GetRegular() bool

GetRegular returns true if this is a regular Ops Center.

func (*TrustedClusterV2) GetReverseTunnelAddress 

func (c *TrustedClusterV2) GetReverseTunnelAddress() string

GetReverseTunnelAddress returns the address of the reverse tunnel

func (*TrustedClusterV2) GetRoleMap 

func (c *TrustedClusterV2) GetRoleMap() teleservices.RoleMap

GetRoleMap returns the cluster role map

func (*TrustedClusterV2) GetRoles 

func (c *TrustedClusterV2) GetRoles() []string

GetRoles returns the cluster roles

func (*TrustedClusterV2) GetSNIHost 

func (c *TrustedClusterV2) GetSNIHost() string

GetSNIHost returns the Ops Center SNI host

func (*TrustedClusterV2) GetSystem 

func (c *TrustedClusterV2) GetSystem() bool

GetSystem returns true if this is a system trusted cluster

func (*TrustedClusterV2) GetToken 

func (c *TrustedClusterV2) GetToken() string

GetToken returns the authorization and authentication token

func (*TrustedClusterV2) GetWizard 

func (c *TrustedClusterV2) GetWizard() bool

GetWizard returns true for trusted cluster representing wizard Ops Center

func (*TrustedClusterV2) SetEnabled 

func (c *TrustedClusterV2) SetEnabled(enabled bool)

SetEnabled enables or disables Ops Center connection

func (*TrustedClusterV2) SetExpiry 

func (c *TrustedClusterV2) SetExpiry(expires time.Time)

SetExpiry sets the trusted cluster expiration time

func (*TrustedClusterV2) SetName 

func (c *TrustedClusterV2) SetName(name string)

SetName sets the trusted cluster name

func (*TrustedClusterV2) SetProxyAddress 

func (c *TrustedClusterV2) SetProxyAddress(addr string)

SetProxyAddress sets the address of the proxy server

func (*TrustedClusterV2) SetPullUpdates 

func (c *TrustedClusterV2) SetPullUpdates(enabled bool)

SetPullUpdates enables or disables pulling updates from Ops Center

func (*TrustedClusterV2) SetReverseTunnelAddress 

func (c *TrustedClusterV2) SetReverseTunnelAddress(addr string)

SetReverseTunnelAddress sets the address of the reverse tunnel

func (*TrustedClusterV2) SetRoleMap 

func (c *TrustedClusterV2) SetRoleMap(m teleservices.RoleMap)

SetRoleMap sets the cluster role map

func (*TrustedClusterV2) SetRoles 

func (c *TrustedClusterV2) SetRoles(roles []string)

SetRoles sets the cluster roles

func (*TrustedClusterV2) SetSNIHost 

func (c *TrustedClusterV2) SetSNIHost(host string)

SetSNIHost sets the Ops Center SNI host

func (*TrustedClusterV2) SetSystem 

func (c *TrustedClusterV2) SetSystem(system bool)

SetSystem marks the trusted clusters as a system

func (*TrustedClusterV2) SetTTL 

func (c *TrustedClusterV2) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets the trusted cluster TTL

func (*TrustedClusterV2) SetToken 

func (c *TrustedClusterV2) SetToken(token string)

SetToken sets the authorization and authentication token

func (*TrustedClusterV2) SetWizard 

func (c *TrustedClusterV2) SetWizard(wizard bool)

SetWizard marks the trusted cluster as wizard mode or not

func (TrustedClusterV2) String 

func (c TrustedClusterV2) String() string

String returns a string representation of a trusted cluster

type U2F 

type U2F interface {
	// UpsertU2FRegisterChallenge upserts a U2F challenge for a new user corresponding to the token
	UpsertU2FRegisterChallenge(token string, u2fChallenge *u2f.Challenge) error
	// GetU2FRegisterChallenge returns a U2F challenge for a new user corresponding to the token
	GetU2FRegisterChallenge(token string) (*u2f.Challenge, error)
	// UpsertU2FRegistration upserts a U2F registration from a valid register response
	UpsertU2FRegistration(user string, u2fReg *u2f.Registration) error
	// GetU2FRegistration returns a U2F registration from a valid register response
	GetU2FRegistration(user string) (*u2f.Registration, error)
	// UpsertU2FRegistrationCounter upserts a counter associated with a U2F registration
	UpsertU2FRegistrationCounter(user string, counter uint32) error
	// UpsertU2FRegistrationCounter upserts a counter associated with a U2F registration
	GetU2FRegistrationCounter(user string) (counter uint32, e error)
	// GetU2FSignChallenge returns a U2F sign (auth) challenge
	UpsertU2FSignChallenge(user string, u2fChallenge *u2f.Challenge) error
	// GetU2FSignChallenge returns a U2F sign (auth) challenge
	GetU2FSignChallenge(user string) (*u2f.Challenge, error)
}

U2F collection operates on U2F signups, logins, and password resets

type UninstallOperationState 

type UninstallOperationState struct {
	// Force enforces uninstall even if application uninstall failed
	Force bool `json:"force"`
	// Vars is standard operation variables set
	Vars OperationVariables `json:"vars"`
}

UninstallOperationState defines the state of the uninstall operation

type UnknownResource 

type UnknownResource struct {
	// ResourceHeader describes the resource by providing the metadata common to all resources
	teleservices.ResourceHeader
	// Raw is the unparsed resource data.
	Raw json.RawMessage `json:",inline"`
}

UnknownResource represents an unparsed resource with an interpreted ResourceHeader. The embedded resource can either be a Kubernetes or a Gravity resource. The struct implements both json.Marshaler/json.Unmarshaler

func (UnknownResource) MarshalJSON 

func (r UnknownResource) MarshalJSON() ([]byte, error)

MarshalJSON returns the raw message

func (*UnknownResource) UnmarshalJSON 

func (r *UnknownResource) UnmarshalJSON(data []byte) (err error)

UnmarshalJSON consumes the specified data as a binary blob w/o interpreting it

type UpdateConfigOperationState 

type UpdateConfigOperationState struct {
	// PrevConfig specifies the previous configuration state
	PrevConfig []byte `json:"prev_config,omitempty"`
	// Config specifies the raw configuration resource
	Config []byte `json:"config,omitempty"`
}

UpdateConfigOperationState describes the state of the operation to update cluster configuration

type UpdateEnvarsOperationState 

type UpdateEnvarsOperationState struct {
	// PrevEnv specifies the previous environment state
	PrevEnv map[string]string `json:"prev_env,omitempty"`
	// Env defines new cluster environment variables
	Env map[string]string `json:"env,omitempty"`
}

UpdateEnvarsOperationState describes the state of the operation to update cluster environment variables.

type UpdateOperationData 

type UpdateOperationData struct {
	// Servers lists the cluster servers to use for the configuration update step.
	// The list might be a subset of all cluster servers in case
	// the operation only operates on a specific part
	Servers []UpdateServer `json:"updates,omitempty"`
	// ClusterConfig optionally specifies data specific to cluster configuration operation
	ClusterConfig *ClusterConfigData `json:"cluster_config,omitempty"`
}

UpdateOperationData describes configuration for update operations

type UpdateOperationState 

type UpdateOperationState struct {
	// UpdatePackage references the application package to update to
	UpdatePackage string `json:"update_package"`
	// ChangesetID is id of the package changeset used by this operation
	ChangesetID string `json:"changeset_id,omitempty"`
	// UpdateServiceName is a name of systemd service performing update
	UpdateServiceName string `json:"update_service_name,omitempty"`
	// RollbackServiceName is a name of systemd service performing rollback
	RollbackServiceName string `json:"rollback_service_name,omitempty"`
	// ServerUpdates contains servers and their update state
	ServerUpdates []ServerUpdate `json:"server_updates,omitempty"`
	// Manual specifies whether this update operation was created in manual mode
	Manual bool `json:"manual"`
	// Vars are variables specific to this operation
	Vars OperationVariables `json:"vars"`
}

UpdateOperationState describes the state of the update operation.

func (UpdateOperationState) Package 

func (s UpdateOperationState) Package() (*loc.Locator, error)

Package returns the update package locator

type UpdateServer 

type UpdateServer struct {
	// Server identifies the server for the configuration package update
	Server `json:"server"`
	// Runtime defines the runtime update
	Runtime RuntimePackage `json:"runtime"`
	// Teleport defines the optional teleport update
	Teleport TeleportPackage `json:"teleport"`
}

UpdateServer describes an intent to update runtime/teleport configuration packages on a specific cluster node

type UpdateUserReq 

type UpdateUserReq struct {
	// HOTP is a request to update user HOTP token
	HOTP *[]byte
	// Password is a request to update user password
	Password *string
	// Roles sets user roles
	Roles *[]string
	// User full name
	FullName *string
}

UpdateUserReq instructs update method to update certain fields of the user struct, if they are set as not nil

func (*UpdateUserReq) Check 

func (u *UpdateUserReq) Check() error

Check will check if all parameters are correct and will return error

type User 

type User interface {
	// Resource provides common resource methods
	teleservices.Resource
	// GetFullName returns user full name
	GetFullName() string
	// SetFullName sets user full name
	SetFullName(fullname string)
	// GetOIDCIdentities returns a list of connected OIDCIdentities
	GetOIDCIdentities() []teleservices.ExternalIdentity
	// GetSAMLIdentities returns a list of connected SAMLIdentities
	GetSAMLIdentities() []teleservices.ExternalIdentity
	// GetGithubIdentities returns a list of connected Github identities
	GetGithubIdentities() []teleservices.ExternalIdentity
	// GetRoles returns a list of roles assigned to user
	GetRoles() []string
	// String returns string representation of user
	String() string
	// Equals checks if user equals to another
	Equals(other teleservices.User) bool
	// GetStatus return user login status
	GetStatus() teleservices.LoginStatus
	// SetLocked sets login status to locked
	SetLocked(until time.Time, reason string)
	// SetRoles sets user roles
	SetRoles(roles []string)
	// AddRole adds role to the users' role list
	AddRole(name string)
	// GetExpiry returns ttl of the user
	GetExpiry() time.Time
	// GetCreatedBy returns information about user
	GetCreatedBy() teleservices.CreatedBy
	// SetCreatedBy sets created by information
	SetCreatedBy(teleservices.CreatedBy)
	// Check checks basic user parameters for errors
	Check() error
	// CheckAndSetDefaults checks basic user parameters for errors
	// and sets default values
	CheckAndSetDefaults() error
	// GetRawObject returns raw object data, used for migrations
	GetRawObject() interface{}
	// SetRawObject sets raw object
	SetRawObject(a interface{})
	// WebSessionInfo returns web session information about user
	WebSessionInfo(allowedLogins []string) interface{}
	// GetType returns user type
	GetType() string
	// SetType sets user type
	SetType(string)
	// GetOpsCenter returns a hostname of the Ops Center this usre is authenticated with
	GetOpsCenter() string
	// IsAccountOwner returns account ownership flag
	IsAccountOwner() bool
	// SetHOTP sets HOTP token value
	SetHOTP(h []byte)
	// SetPassword sets password hash
	SetPassword(pass string)
	// GetPassword returns password hash
	GetPassword() string
	// GetHOTP sets HOTP token value
	GetHOTP() []byte
	// GetAccountID returns user account ID
	GetAccountID() string
	// GetClusterName returns cluster name of this user
	GetClusterName() string
	// SetClusterName sets cluster name of this user
	SetClusterName(name string)
	// WithoutSecrets returns user copy but with secrets
	// data removed
	WithoutSecrets() User
	// GetTraits gets the trait map for this user used to populate role variables.
	GetTraits() map[string][]string
	// GetTraits sets the trait map for this user used to populate role variables.
	SetTraits(map[string][]string)
}

User a human or bot user in the system

func NewUser 

func NewUser(name string, spec UserSpecV2) User

NewUser returns new user object based on the spec data, this is a helpful shortcut

func UnmarshalUser 

func UnmarshalUser(bytes []byte) (User, error)

UnmarshalUser unmarshals user from default representation

type UserInvite 

type UserInvite struct {
	// Name is the user of this user
	Name string `json:"name"`
	// CreatedBy is a user who sends the invite
	CreatedBy string `json:"created_by"`
	// Created is a time this user invite has been created
	Created time.Time `json:"created"`
	// Roles are the roles that will be assigned to invited user
	Roles []string `json:"roles"`
	// ExpiresIn sets the token expiry time
	ExpiresIn time.Duration `json:"expires_in"`
}

UserInvite represents a promise to add user to account

func (*UserInvite) CheckAndSetDefaults 

func (u *UserInvite) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets defaults for user invite

type UserInvites 

type UserInvites interface {
	// UpsertUserInvite upserts a new user invite
	UpsertUserInvite(u UserInvite) (*UserInvite, error)
	// GetUserInvites returns a list of user invites
	GetUserInvites() ([]UserInvite, error)
	// DeleteUserInvite deletes user invite
	DeleteUserInvite(token string) error
	// GetUserInvite returns user invite by user name
	GetUserInvite(username string) (*UserInvite, error)
}

UserInvites manages user invites

type UserSpecV2 

type UserSpecV2 struct {
	// OIDCIdentities lists associated OpenID Connect identities
	// that let user log in using externally verified identity
	OIDCIdentities []teleservices.ExternalIdentity `json:"oidc_identities,omitempty"`

	// SAMLIdentities lists associated SAML identities
	// that let user log in using externally verified identity
	SAMLIdentities []teleservices.ExternalIdentity `json:"saml_identities,omitempty"`

	// GithubIdentities lists associated Github identities
	// that let user log in using externally verified identity
	GithubIdentities []teleservices.ExternalIdentity `json:"github_identities,omitempty"`

	// Roles is a list of roles assigned to user
	Roles []string `json:"roles,omitempty"`

	// Status is a login status of the user
	Status teleservices.LoginStatus `json:"status"`

	// Expires if set sets TTL on the user
	Expires time.Time `json:"expires"`

	// CreatedBy holds information about agent or person created this user
	CreatedBy teleservices.CreatedBy `json:"created_by"`

	// Type is a user type - e.g. human or install agent
	Type string `json:"type"`

	// AccountOwner indicates that this user is owner of the account and
	// can not be deleted without deleting the whole account
	AccountOwner bool `json:"account_owner"`

	// AccountID is an optional account id this user belongs to
	AccountID string `json:"account_id"`

	// ClusterName is the name of the cluster this user belongs to
	ClusterName string `json:"cluster_name"`

	// Password contains bcrypted password for human users
	Password string `json:"password"`

	// HOTP is HOTP secret used to generate 2nd factor auth challenges
	HOTP []byte `json:"hotp,omitempty"`

	// OpsCenter is a hostname of the ops center this user is authenticated with
	// is initialized by OpsCenter when it creates new sites
	OpsCenter string `json:"ops_center"`

	// FullName is full user name
	FullName string `json:"full_name"`

	// Traits are key/value pairs received from an identity provider (through
	// OIDC claims or SAML assertions) or from a system administrator for local
	// accounts. Traits are used to populate role variables.
	Traits map[string][]string `json:"traits,omitempty"`
}

UserSpecV2 is a specification for V2 user

type UserToken 

type UserToken struct {
	// Token is a unique randomly generated token
	Token string `json:"token"`
	// User is user name associated with this token
	User string `json:"user"`
	// Expires sets the token expiry time
	Expires time.Time `json:"expires"`
	// Type is token type
	Type string `json:"type"`
	// HOTP is a secret value of one time password secret generator
	HOTP []byte `json:"hotp"`
	// QRCode is a QR code value
	QRCode []byte `json:"qr_code"`
	// Created holds information about when the token was created
	Created time.Time `json:"created"`
	// URL is this token URL
	URL string `json:"url"`
}

UserToken is a temporary token used to create and reset a user

type UserTokens 

type UserTokens interface {
	// CreateUserToken creates a temporary authentication token
	CreateUserToken(t UserToken) (*UserToken, error)
	// DeleteUserToken deletes token by its id
	DeleteUserToken(token string) error
	// GetUserToken returns a token if it has not expired yet
	GetUserToken(token string) (*UserToken, error)
	// DeleteUserTokens deletes user tokens
	DeleteUserTokens(tokenType string, user string) error
}

UserTokens collection operates on one-time tokens used for creating new accounts and adding users to existing accounts, as well as recovering passwords

type UserV1 

type UserV1 struct {
	// Email is email address used for login, it is globally unique
	Email string `json:"email"`
	// Name aliases the email and is provided for backwards-compatibility
	Name string `json:"name"`
	// Type is a user type - e.g. human or install agent
	Type string `json:"type"`
	// AccountOwner indicates that this user is owner of the account and
	// can not be deleted without deleting the whole account
	AccountOwner bool `json:"account_owner"`
	// AccountID is an optional account id this user belongs to
	AccountID string `json:"account_id"`
	// SiteDomain is an optional site id this user belongs to
	SiteDomain string `json:"site_domain"`
	// Password contains bcrypted password for human users
	Password string `json:"password"`
	// HOTP is HOTP secret used to generate 2nd factor auth challenges
	HOTP []byte `json:"hotp"`
	// AllowedLogins is a list of allowed logins
	AllowedLogins []string `json:"allowed_logins"`
	// Identities is a list of connected OIDCIdentities
	Identities []teleservices.ExternalIdentity `json:"identities"`
}

UserV1 is a struct representing a user in the system, user or bot performing operations,

func (*UserV1) Check 

func (u *UserV1) Check() error

func (*UserV1) String 

func (u *UserV1) String() string

func (*UserV1) V1 

func (u *UserV1) V1() *UserV1

V1 returns itself

func (*UserV1) V2 

func (u *UserV1) V2() *UserV2

V2 converts UserV1 to UserV2 format

type UserV2 

type UserV2 struct {
	// Kind is a resource kind
	Kind string `json:"kind"`
	// Version is version
	Version string `json:"version"`
	// Metadata is User metadata
	Metadata teleservices.Metadata `json:"metadata"`
	// Spec contains user specification
	Spec UserSpecV2 `json:"spec"`
	// contains filtered or unexported fields
}

UserV2 is version 2 resource spec of the user

func (*UserV2) AddRole 

func (u *UserV2) AddRole(name string)

AddRole adds a role to user's role list

func (*UserV2) Check 

func (u *UserV2) Check() error

Check checks validity of all parameters

func (*UserV2) CheckAndSetDefaults 

func (u *UserV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks that the user is valid and sets some defaults

func (*UserV2) Equals 

func (u *UserV2) Equals(other teleservices.User) bool

Equals checks if user equals to another

func (*UserV2) Expiry 

func (u *UserV2) Expiry() time.Time

Expiry returns object expiry setting

func (*UserV2) GetAccountID 

func (u *UserV2) GetAccountID() string

GetAccountID returns user account ID

func (*UserV2) GetClusterName 

func (u *UserV2) GetClusterName() string

GetClusterName returns cluster name of this user

func (*UserV2) GetCreatedBy 

func (u *UserV2) GetCreatedBy() teleservices.CreatedBy

GetCreatedBy returns information about who created user

func (*UserV2) GetExpiry 

func (u *UserV2) GetExpiry() time.Time

GetExpiry returns expiry time for temporary users

func (*UserV2) GetFullName 

func (u *UserV2) GetFullName() string

GetFullName returns user email

func (*UserV2) GetGithubIdentities 

func (u *UserV2) GetGithubIdentities() []teleservices.ExternalIdentity

GetGithubIdentities returns a list of connected Github identities

func (*UserV2) GetHOTP 

func (u *UserV2) GetHOTP() []byte

GetHOTP sets HOTP token value

func (*UserV2) GetMetadata 

func (u *UserV2) GetMetadata() teleservices.Metadata

GetMetadata returns role metadata

func (*UserV2) GetName 

func (u *UserV2) GetName() string

GetName returns user name

func (*UserV2) GetOIDCIdentities 

func (u *UserV2) GetOIDCIdentities() []teleservices.ExternalIdentity

GetOIDCIdentities returns a list of connected OIDCIdentities

func (*UserV2) GetOpsCenter 

func (u *UserV2) GetOpsCenter() string

GetOpsCenter returns a hostname of the Ops Center this usre is authenticated with

func (*UserV2) GetPassword 

func (u *UserV2) GetPassword() string

GetPassword returns password hash

func (*UserV2) GetRawObject 

func (u *UserV2) GetRawObject() interface{}

GetRawObject returns raw object data, used for migrations

func (*UserV2) GetRoles 

func (u *UserV2) GetRoles() []string

GetRoles returns a list of roles assigned to user

func (*UserV2) GetSAMLIdentities 

func (u *UserV2) GetSAMLIdentities() []teleservices.ExternalIdentity

GetSAMLIdentities returns a list of connected SAML identities

func (*UserV2) GetStatus 

func (u *UserV2) GetStatus() teleservices.LoginStatus

GetStatus returns login status of the user

func (*UserV2) GetTraits 

func (u *UserV2) GetTraits() map[string][]string

GetTraits gets the trait map for this user used to populate role variables.

func (*UserV2) GetType 

func (u *UserV2) GetType() string

GetType returns user type

func (*UserV2) IsAccountOwner 

func (u *UserV2) IsAccountOwner() bool

IsAccountOwner returns account ownership flag

func (*UserV2) SetClusterName 

func (u *UserV2) SetClusterName(name string)

SetClusterName sets cluster name of this user

func (*UserV2) SetCreatedBy 

func (u *UserV2) SetCreatedBy(b teleservices.CreatedBy)

SetCreatedBy sets created by information

func (*UserV2) SetExpiry 

func (u *UserV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*UserV2) SetFullName 

func (u *UserV2) SetFullName(fullName string)

SetFullName sets user full name

func (*UserV2) SetHOTP 

func (u *UserV2) SetHOTP(h []byte)

SetHOTP sets HOTP token value

func (*UserV2) SetLocked 

func (u *UserV2) SetLocked(until time.Time, reason string)

func (*UserV2) SetMetadata 

func (u *UserV2) SetMetadata() teleservices.Metadata

SetMetadata returns role metadata

func (*UserV2) SetName 

func (u *UserV2) SetName(name string)

SetName sets user name

func (*UserV2) SetPassword 

func (u *UserV2) SetPassword(pass string)

SetPassword sets password hash

func (*UserV2) SetRawObject 

func (u *UserV2) SetRawObject(o interface{})

SetRawObject sets raw object

func (*UserV2) SetRoles 

func (u *UserV2) SetRoles(roles []string)

SetRoles sets a list of roles for user

func (*UserV2) SetTTL 

func (u *UserV2) SetTTL(clock clockwork.Clock, ttl time.Duration)

SetTTL sets Expires header using realtime clock

func (*UserV2) SetTraits 

func (u *UserV2) SetTraits(traits map[string][]string)

SetTraits sets the trait map for this user used to populate role variables.

func (*UserV2) SetType 

func (u *UserV2) SetType(v string)

SetType sets user type

func (*UserV2) String 

func (u *UserV2) String() string

func (*UserV2) V1 

func (u *UserV2) V1() *UserV1

V1 returns V1 version of user resource

func (*UserV2) V2 

func (u *UserV2) V2() *UserV2

func (*UserV2) WebSessionInfo 

func (u *UserV2) WebSessionInfo(allowedLogins []string) interface{}

WebSessionInfo returns web session information about user

func (*UserV2) WithoutSecrets 

func (u *UserV2) WithoutSecrets() User

WithoutSecrets returns user copy but with secrets data removed

type Users 

type Users interface {
	// CreateUser creates a user entry
	CreateUser(u User) (User, error)
	// UpsertUser creates or updates a user
	UpsertUser(u User) (User, error)
	// UpdateUser udpates existing users parameters
	UpdateUser(email string, req UpdateUserReq) error
	// DeleteUser deletes a user entry
	DeleteUser(email string) error
	// GetUser returns user by name
	GetUser(email string) (User, error)
	// GetUserRoles returns user roles
	GetUserRoles(email string) ([]teleservices.Role, error)
	// GetUsers returns users registered for account
	GetUsers(accountID string) ([]User, error)
	// DeleteAllUsers deletes all users
	DeleteAllUsers() error
	// GetAllUsers returns all users
	GetAllUsers() ([]User, error)
	// GetSiteUsers returns site users
	GetSiteUsers(siteDomain string) ([]User, error)
	// AddUserLoginAttempt logs user login attempt
	AddUserLoginAttempt(user string, attempt teleservices.LoginAttempt, ttl time.Duration) error
	// GetUserLoginAttempts returns user login attempts
	GetUserLoginAttempts(user string) ([]teleservices.LoginAttempt, error)
	// DeleteUserLoginAttempts removes all login attempts of a user. Should be called after successful login.
	DeleteUserLoginAttempts(user string) error
	// UpsertTOTP upserts TOTP secret key for a user that can be used to generate and validate tokens.
	UpsertTOTP(user string, secretKey string) error
	// GetTOTP returns the secret key used by the TOTP algorithm to validate tokens
	GetTOTP(user string) (string, error)
	// UpsertUsedTOTPToken upserts a TOTP token to the backend so it can't be used again
	// during the 30 second window it's valid.
	UpsertUsedTOTPToken(user string, otpToken string) error
	// GetUsedTOTPToken returns the last successfully used TOTP token. If no token is found zero is returned.
	GetUsedTOTPToken(user string) (string, error)
	// DeleteUsedTOTPToken removes the used token from the backend. This should only
	// be used during tests.
	DeleteUsedTOTPToken(user string) error
}

Users collection provides operations on users - both humans and bots

type WebSessions 

type WebSessions interface {
	UpsertWebSession(username, sid string, session teleservices.WebSession) error
	// GetWebSession returns a web session state for a given user and session id
	GetWebSession(username, sid string) (teleservices.WebSession, error)
	// DeleteWebSession deletes web ession for user and session ide
	DeleteWebSession(username, sid string) error
}

WebSessions take care of the user web sessions and help implement teleport's Identity backend

Source Files

View all Source files

Directories

Path Synopsis
package allocator manages allocation of resources.
 package allocator manages allocation of resources.
Package keyval implements Etcd and BoltDB powered storage
 Package keyval implements Etcd and BoltDB powered storage
package suite contains a storage acceptance test suite that is backend implementation independent each storage will use the suite to test itself
 package suite contains a storage acceptance test suite that is backend implementation independent each storage will use the suite to test itself

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.