Documentation ¶
Index ¶
- Constants
- func AddrOfInt32(i int32) *int32
- func ClientFromHAPIConfig(config DataplaneConfig) (*hapi.APIClient, error)
- func ClientFromHAPIConfigData(data []byte) (*hapi.APIClient, error)
- func CreateBootstrapSecret(ctx context.Context, client ctrlclient.Client, cluster *clusterv1.Cluster, ...) error
- func CreateCASecret(ctx context.Context, client ctrlclient.Client, cluster *clusterv1.Cluster, ...) error
- func CreateConfigSecret(ctx context.Context, client ctrlclient.Client, cluster *clusterv1.Cluster, ...) error
- func DeleteBootstrapSecret(ctx context.Context, client ctrlclient.Client, ...) error
- func DeleteCASecret(ctx context.Context, client ctrlclient.Client, ...) error
- func DeleteConfigSecret(ctx context.Context, client ctrlclient.Client, ...) error
- func GetBootstrapSecret(ctx context.Context, client ctrlclient.Client, ...) (*corev1.Secret, error)
- func GetCASecret(ctx context.Context, client ctrlclient.Client, ...) (*corev1.Secret, error)
- func GetConfigSecret(ctx context.Context, client ctrlclient.Client, ...) (*corev1.Secret, error)
- func IsConflict(err error) bool
- func IsNotFound(err error) bool
- func NameForBootstrapSecret(loadBalancerName string) string
- func NameForCASecret(loadBalancerName string) string
- func NameForConfigSecret(loadBalancerName string) string
- type DataplaneConfig
- type RenderConfiguration
- func (c *RenderConfiguration) BootstrapDataForLoadBalancer() ([]byte, error)
- func (c *RenderConfiguration) RenderHAProxyConfiguration() (string, error)
- func (c RenderConfiguration) WithAddresses(addr []corev1.EndpointAddress) RenderConfiguration
- func (c RenderConfiguration) WithBootstrapInfo(haProxyLoadBalancer infrav1.HAProxyLoadBalancer, username, password string, ...) RenderConfiguration
- func (c RenderConfiguration) WithDataPlaneConfig(dpConfig DataplaneConfig) RenderConfiguration
Constants ¶
const ( // SecretSuffixCA is the suffix appended to the name of the // HAProxyLoadBalancer resource to generate the name of the Secret // resource for the signing certificate and key data. // nolint:gosec SecretSuffixCA = "-haproxy-ca" // SecretSuffixConfig is the suffix appended to the name of the // HAProxyLoadBalancer resource to generate the name of the Secret // resource for the HAProxy API server configuration. // nolint:gosec SecretSuffixConfig = "-haproxy-config" // SecretSuffixBootstrap is the suffix appended to the name of the // HAProxyLoadBalancer resource to generate the name of the Secret // resource for bootstrap data required to create a new VM. // nolint:gosec SecretSuffixBootstrap = "-haproxy-bootstrap" // SecretDataKey is the key used by the Secret resources for the HAProxy // API config and bootstrap data to store their respective information. SecretDataKey = "value" // SecretDataKeyCAKey is the key used by the Secret resource for the // signing certificate/key pair that references the PEM-encoded, private // key data. SecretDataKeyCAKey = "ca.key" // SecretDataKeyCACert is the key used by the Secret resource for the // signing certificate/key pair that references the PEM-encoded, public // key data. SecretDataKeyCACert = "ca.cert" // SecretDataKeyUsername is the key used by the Secret resource for the // signing certificate/key pair that references the username. SecretDataKeyUsername = "username" // SecretDataKeyPassword is the key used by the Secret resource for the // signing certificate/key pair that references the password. SecretDataKeyPassword = "password" // DefaultNegativeTimeSkew is the time by which a certificate's validity should be set in the past to // account for clock skew DefaultNegativeTimeSkew = -10 * time.Minute )
Variables ¶
This section is empty.
Functions ¶
func AddrOfInt32 ¶
AddrOfInt32 returns the address of the provided int32 value.
func ClientFromHAPIConfig ¶
func ClientFromHAPIConfig(config DataplaneConfig) (*hapi.APIClient, error)
ClientFromHAPIConfig returns the API client from a HAPI config object.
func ClientFromHAPIConfigData ¶
ClientFromHAPIConfigData returns the API client config from some HAPI config data.
func CreateBootstrapSecret ¶
func CreateBootstrapSecret( ctx context.Context, client ctrlclient.Client, cluster *clusterv1.Cluster, loadBalancer *infrav1.HAProxyLoadBalancer) error
CreateBootstrapSecret creates the Secret resource that contains the bootstrap data required to create the load balancer VM.
func CreateCASecret ¶
func CreateCASecret( ctx context.Context, client ctrlclient.Client, cluster *clusterv1.Cluster, loadBalancer *infrav1.HAProxyLoadBalancer) error
CreateCASecret creates the Secret resource that contains the signing certificate and key used to generate bootstrap data and sign client certificates.
func CreateConfigSecret ¶
func CreateConfigSecret( ctx context.Context, client ctrlclient.Client, cluster *clusterv1.Cluster, loadBalancer *infrav1.HAProxyLoadBalancer) error
CreateConfigSecret creates the Secret resource that contains the config data required to access the HAProxy API server.
func DeleteBootstrapSecret ¶
func DeleteBootstrapSecret( ctx context.Context, client ctrlclient.Client, secretNamespace, loadBalancerName string) error
DeleteBootstrapSecret deletes the Secret for the bootstrap data used to create a new load balancer VM.
func DeleteCASecret ¶
func DeleteCASecret( ctx context.Context, client ctrlclient.Client, secretNamespace, loadBalancerName string) error
DeleteCASecret deletes the Secret for the signing certificate/key pair used to create bootstrap data and sign new client certificates.
func DeleteConfigSecret ¶
func DeleteConfigSecret( ctx context.Context, client ctrlclient.Client, secretNamespace, loadBalancerName string) error
DeleteConfigSecret deletes the Secret for the HAProxy API config used to access the HAProxy API server.
func GetBootstrapSecret ¶
func GetBootstrapSecret( ctx context.Context, client ctrlclient.Client, secretNamespace, loadBalancerName string) (*corev1.Secret, error)
GetBootstrapSecret returns the Secret for the bootstrap data used to create a new load balancer VM.
func GetCASecret ¶
func GetCASecret( ctx context.Context, client ctrlclient.Client, secretNamespace, loadBalancerName string) (*corev1.Secret, error)
GetCASecret returns the Secret for the signing certificate/key pair used to create bootstrap data and sign new client certificates.
func GetConfigSecret ¶
func GetConfigSecret( ctx context.Context, client ctrlclient.Client, secretNamespace, loadBalancerName string) (*corev1.Secret, error)
GetConfigSecret returns the Secret for the HAProxy API config used to access the HAProxy API server.
func IsConflict ¶
IsConflict returns true if the provided error indicates a resource is in conflict with an existing resource.
func IsNotFound ¶
IsNotFound returns true if the provided error indicates a resource is not found.
func NameForBootstrapSecret ¶
NameForBootstrapSecret returns the name of the Secret for the bootstrap data used to create a new load balancer VM.
func NameForCASecret ¶
NameForCASecret returns the name of the Secret for the signing certificate/key pair used to create bootstrap data and sign new client certificates.
func NameForConfigSecret ¶
NameForConfigSecret returns the name of the Secret for the HAProxy API config used to access the HAProxy API server.
Types ¶
type DataplaneConfig ¶
type DataplaneConfig struct { // Debug raises the logging emitted from the generated OpenAPI client // bindings. // +optional Debug bool `json:"debug,omitempty"` // InsecureSkipTLSVerify skips the validity check for the server's // certificate. This will make your HTTPS connections insecure. // +optional InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty"` // Server is the address of the HAProxy dataplane API server. This value // should include the scheme, host, port, and API version, ex.: // https://hostname:port/v1. Server string `json:"server"` // ServerName is used to verify the hostname on the returned // certificates unless InsecureSkipTLSVerify is given. It is also included // in the client's handshake to support virtual hosting unless it is // an IP address. // Defaults to the host part parsed from Server. // +optional ServerName string `json:"serverName,omitempty"` // Username is the username for basic authentication. // Defaults to "client" // +optional Username string `json:"username,omitempty"` // Password is the password for basic authentication. // Defaults to "cert" // +optional Password string `json:"password,omitempty"` // Timeout is the amount of time before a client request times out. // Values should be parseable by time.ParseDuration. // Defaults to 10s. // +optional Timeout string `json:"timeout,omitempty"` // CertificateAuthorityData contains PEM-encoded certificate authority // certificates. CertificateAuthorityData []byte `json:"certificateAuthorityData,omitempty"` // ClientCertificateData contains PEM-encoded data from a client cert file // for TLS. ClientCertificateData []byte `json:"clientCertificateData,omitempty"` // ClientKeyData contains PEM-encoded data from a client key file for TLS. ClientKeyData []byte `json:"clientKeyData,omitempty"` }
DataplaneConfig contains the information required to communicate with an HAProxy dataplane API server.
func LoadDataplaneConfig ¶
func LoadDataplaneConfig(data []byte) (DataplaneConfig, error)
LoadConfig returns the configuration for an HAProxy dataplane API client from the provided, raw configuration YAML.
type RenderConfiguration ¶
type RenderConfiguration struct { DPConfig *DataplaneConfig // CertificateAuthorityKey contains PEM-encoded certificate authority // certificates. CertificateAuthorityKey []byte // SSHUser is for breakglass access SSHUser *infrav1.SSHUser // Hostname is the hostname of the load balancer Hostname string // IPv4Address is the hostname of the load balancer IPv4Address string // HAProxyConfiguration is the string for haproxy.cfg for use only in CloudInit HAProxyConfiguration string // Addresses of the machines backing the control plane Addresses []corev1.EndpointAddress // The load balancer port. Is not currently configurable. Port uint32 }
RenderConfiguration represents data required to render HAProxyTemplates and CloudInit data
func NewRenderConfiguration ¶
func NewRenderConfiguration() RenderConfiguration
NewRenderConfiguration returns a new RenderConfiguration
func (*RenderConfiguration) BootstrapDataForLoadBalancer ¶
func (c *RenderConfiguration) BootstrapDataForLoadBalancer() ([]byte, error)
BootstrapDataForLoadBalancer generates the bootstrap data required to bootstrap a new HAProxy VM.
func (*RenderConfiguration) RenderHAProxyConfiguration ¶
func (c *RenderConfiguration) RenderHAProxyConfiguration() (string, error)
RenderHAProxyConfiguration generates a haproxy.cfg file
func (RenderConfiguration) WithAddresses ¶
func (c RenderConfiguration) WithAddresses(addr []corev1.EndpointAddress) RenderConfiguration
WithAddresses adds API server endpoints to the RenderConfiguration
func (RenderConfiguration) WithBootstrapInfo ¶
func (c RenderConfiguration) WithBootstrapInfo(haProxyLoadBalancer infrav1.HAProxyLoadBalancer, username, password string, signingCertificatePEM, signingCertificateKey []byte) RenderConfiguration
WithBootstrapInfo adds information required to generate cloud-init
func (RenderConfiguration) WithDataPlaneConfig ¶
func (c RenderConfiguration) WithDataPlaneConfig(dpConfig DataplaneConfig) RenderConfiguration