haproxy

package
v0.0.1-beta.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 13, 2021 License: GPL-3.0 Imports: 29 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// SecretSuffixCA is the suffix appended to the name of the
	// HAProxyLoadBalancer resource to generate the name of the Secret
	// resource for the signing certificate and key data.
	// nolint:gosec
	SecretSuffixCA = "-haproxy-ca"

	// SecretSuffixConfig is the suffix appended to the name of the
	// HAProxyLoadBalancer resource to generate the name of the Secret
	// resource for the HAProxy API server configuration.
	// nolint:gosec
	SecretSuffixConfig = "-haproxy-config"

	// SecretSuffixBootstrap is the suffix appended to the name of the
	// HAProxyLoadBalancer resource to generate the name of the Secret
	// resource for bootstrap data required to create a new VM.
	// nolint:gosec
	SecretSuffixBootstrap = "-haproxy-bootstrap"

	// SecretDataKey is the key used by the Secret resources for the HAProxy
	// API config and bootstrap data to store their respective information.
	SecretDataKey = "value"

	// SecretDataKeyCAKey is the key used by the Secret resource for the
	// signing certificate/key pair that references the PEM-encoded, private
	// key data.
	SecretDataKeyCAKey = "ca.key"

	// SecretDataKeyCACert is the key used by the Secret resource for the
	// signing certificate/key pair that references the PEM-encoded, public
	// key data.
	SecretDataKeyCACert = "ca.cert"

	// SecretDataKeyUsername is the key used by the Secret resource for the
	// signing certificate/key pair that references the username.
	SecretDataKeyUsername = "username"

	// SecretDataKeyPassword is the key used by the Secret resource for the
	// signing certificate/key pair that references the password.
	SecretDataKeyPassword = "password"

	// DefaultNegativeTimeSkew is the time by which a certificate's validity should be set in the past to
	// account for clock skew
	DefaultNegativeTimeSkew = -10 * time.Minute
)

Variables

This section is empty.

Functions

func AddrOfInt32 

func AddrOfInt32(i int32) *int32

AddrOfInt32 returns the address of the provided int32 value.

func ClientFromHAPIConfig 

func ClientFromHAPIConfig(config DataplaneConfig) (*hapi.APIClient, error)

ClientFromHAPIConfig returns the API client from a HAPI config object.

func ClientFromHAPIConfigData 

func ClientFromHAPIConfigData(data []byte) (*hapi.APIClient, error)

ClientFromHAPIConfigData returns the API client config from some HAPI config data.

func CreateBootstrapSecret 

func CreateBootstrapSecret(
	ctx context.Context,
	client ctrlclient.Client,
	cluster *clusterv1.Cluster,
	loadBalancer *infrav1.HAProxyLoadBalancer) error

CreateBootstrapSecret creates the Secret resource that contains the bootstrap data required to create the load balancer VM.

func CreateCASecret 

func CreateCASecret(
	ctx context.Context,
	client ctrlclient.Client,
	cluster *clusterv1.Cluster,
	loadBalancer *infrav1.HAProxyLoadBalancer) error

CreateCASecret creates the Secret resource that contains the signing certificate and key used to generate bootstrap data and sign client certificates.

func CreateConfigSecret 

func CreateConfigSecret(
	ctx context.Context,
	client ctrlclient.Client,
	cluster *clusterv1.Cluster,
	loadBalancer *infrav1.HAProxyLoadBalancer) error

CreateConfigSecret creates the Secret resource that contains the config data required to access the HAProxy API server.

func DeleteBootstrapSecret 

func DeleteBootstrapSecret(
	ctx context.Context,
	client ctrlclient.Client,
	secretNamespace, loadBalancerName string) error

DeleteBootstrapSecret deletes the Secret for the bootstrap data used to create a new load balancer VM.

func DeleteCASecret 

func DeleteCASecret(
	ctx context.Context,
	client ctrlclient.Client,
	secretNamespace, loadBalancerName string) error

DeleteCASecret deletes the Secret for the signing certificate/key pair used to create bootstrap data and sign new client certificates.

func DeleteConfigSecret 

func DeleteConfigSecret(
	ctx context.Context,
	client ctrlclient.Client,
	secretNamespace, loadBalancerName string) error

DeleteConfigSecret deletes the Secret for the HAProxy API config used to access the HAProxy API server.

func GetBootstrapSecret 

func GetBootstrapSecret(
	ctx context.Context,
	client ctrlclient.Client,
	secretNamespace, loadBalancerName string) (*corev1.Secret, error)

GetBootstrapSecret returns the Secret for the bootstrap data used to create a new load balancer VM.

func GetCASecret 

func GetCASecret(
	ctx context.Context,
	client ctrlclient.Client,
	secretNamespace, loadBalancerName string) (*corev1.Secret, error)

GetCASecret returns the Secret for the signing certificate/key pair used to create bootstrap data and sign new client certificates.

func GetConfigSecret 

func GetConfigSecret(
	ctx context.Context,
	client ctrlclient.Client,
	secretNamespace, loadBalancerName string) (*corev1.Secret, error)

GetConfigSecret returns the Secret for the HAProxy API config used to access the HAProxy API server.

func IsConflict 

func IsConflict(err error) bool

IsConflict returns true if the provided error indicates a resource is in conflict with an existing resource.

func IsNotFound 

func IsNotFound(err error) bool

IsNotFound returns true if the provided error indicates a resource is not found.

func NameForBootstrapSecret 

func NameForBootstrapSecret(loadBalancerName string) string

NameForBootstrapSecret returns the name of the Secret for the bootstrap data used to create a new load balancer VM.

func NameForCASecret 

func NameForCASecret(loadBalancerName string) string

NameForCASecret returns the name of the Secret for the signing certificate/key pair used to create bootstrap data and sign new client certificates.

func NameForConfigSecret 

func NameForConfigSecret(loadBalancerName string) string

NameForConfigSecret returns the name of the Secret for the HAProxy API config used to access the HAProxy API server.

Types

type DataplaneConfig 

type DataplaneConfig struct {
	// Debug raises the logging emitted from the generated OpenAPI client
	// bindings.
	// +optional
	Debug bool `json:"debug,omitempty"`

	// InsecureSkipTLSVerify skips the validity check for the server's
	// certificate. This will make your HTTPS connections insecure.
	// +optional
	InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty"`

	// Server is the address of the HAProxy dataplane API server. This value
	// should include the scheme, host, port, and API version, ex.:
	// https://hostname:port/v1.
	Server string `json:"server"`

	// ServerName is used to verify the hostname on the returned
	// certificates unless InsecureSkipTLSVerify is given. It is also included
	// in the client's handshake to support virtual hosting unless it is
	// an IP address.
	// Defaults to the host part parsed from Server.
	// +optional
	ServerName string `json:"serverName,omitempty"`

	// Username is the username for basic authentication.
	// Defaults to "client"
	// +optional
	Username string `json:"username,omitempty"`

	// Password is the password for basic authentication.
	// Defaults to "cert"
	// +optional
	Password string `json:"password,omitempty"`

	// Timeout is the amount of time before a client request times out.
	// Values should be parseable by time.ParseDuration.
	// Defaults to 10s.
	// +optional
	Timeout string `json:"timeout,omitempty"`

	// CertificateAuthorityData contains PEM-encoded certificate authority
	// certificates.
	CertificateAuthorityData []byte `json:"certificateAuthorityData,omitempty"`

	// ClientCertificateData contains PEM-encoded data from a client cert file
	// for TLS.
	ClientCertificateData []byte `json:"clientCertificateData,omitempty"`

	// ClientKeyData contains PEM-encoded data from a client key file for TLS.
	ClientKeyData []byte `json:"clientKeyData,omitempty"`
}

DataplaneConfig contains the information required to communicate with an HAProxy dataplane API server.

func LoadDataplaneConfig 

func LoadDataplaneConfig(data []byte) (DataplaneConfig, error)

LoadConfig returns the configuration for an HAProxy dataplane API client from the provided, raw configuration YAML.

type RenderConfiguration 

type RenderConfiguration struct {
	DPConfig *DataplaneConfig

	// CertificateAuthorityKey contains PEM-encoded certificate authority
	// certificates.
	CertificateAuthorityKey []byte

	// SSHUser is for breakglass access
	SSHUser *infrav1.SSHUser

	// Hostname is the hostname of the load balancer
	Hostname string

	// IPv4Address is the hostname of the load balancer
	IPv4Address string

	// HAProxyConfiguration is the string for haproxy.cfg for use only in CloudInit
	HAProxyConfiguration string

	// Addresses of the machines backing the control plane
	Addresses []corev1.EndpointAddress

	// The load balancer port. Is not currently configurable.
	Port uint32
}

RenderConfiguration represents data required to render HAProxyTemplates and CloudInit data

func NewRenderConfiguration 

func NewRenderConfiguration() RenderConfiguration

NewRenderConfiguration returns a new RenderConfiguration

func (*RenderConfiguration) BootstrapDataForLoadBalancer 

func (c *RenderConfiguration) BootstrapDataForLoadBalancer() ([]byte, error)

BootstrapDataForLoadBalancer generates the bootstrap data required to bootstrap a new HAProxy VM.

func (*RenderConfiguration) RenderHAProxyConfiguration 

func (c *RenderConfiguration) RenderHAProxyConfiguration() (string, error)

RenderHAProxyConfiguration generates a haproxy.cfg file

func (RenderConfiguration) WithAddresses 

func (c RenderConfiguration) WithAddresses(addr []corev1.EndpointAddress) RenderConfiguration

WithAddresses adds API server endpoints to the RenderConfiguration

func (RenderConfiguration) WithBootstrapInfo 

func (c RenderConfiguration) WithBootstrapInfo(haProxyLoadBalancer infrav1.HAProxyLoadBalancer, username, password string, signingCertificatePEM, signingCertificateKey []byte) RenderConfiguration

WithBootstrapInfo adds information required to generate cloud-init

func (RenderConfiguration) WithDataPlaneConfig 

func (c RenderConfiguration) WithDataPlaneConfig(dpConfig DataplaneConfig) RenderConfiguration

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.