Documentation
¶
Index ¶
- Constants
- Variables
- func EnsureClientProxyImage(ctx context.Context, opts BuildClientProxyImageOptions, ...) (string, error)
- type BuildClientProxyImageOptions
- type ClientProxy
- func (cp *ClientProxy) DeleteTunnel(ctx context.Context, tr *proto.TunnelRef) (*emptypb.Empty, error)
- func (cp *ClientProxy) Done() <-chan struct{}
- func (cp *ClientProxy) NewStreamsConnection(newStreamConn grpc.BidiStreamingServer[proto.NewStreamResult, proto.StreamRef]) error
- func (cp *ClientProxy) PrepareTunnel(ctx context.Context, tr *proto.TunnelReq) (*proto.TunnelSpec, error)
- func (cp *ClientProxy) Shutdown(ctx context.Context, _ *emptypb.Empty) (*emptypb.Empty, error)
- type ErrContainerRuntimeUnhealthy
- type ServerProxy
- func (sp *ServerProxy) DeleteTunnel(ctx context.Context, tr *proto.TunnelRef) (*emptypb.Empty, error)
- func (sp *ServerProxy) Done() <-chan struct{}
- func (sp *ServerProxy) NewStreamsConnection(_ grpc.BidiStreamingServer[proto.NewStreamResult, proto.StreamRef]) error
- func (sp *ServerProxy) PrepareTunnel(ctx context.Context, tr *proto.TunnelReq) (*proto.TunnelSpec, error)
- func (sp *ServerProxy) Shutdown(ctx context.Context, _ *emptypb.Empty) (*emptypb.Empty, error)
- type StreamID
- type TunnelID
- type TunnelProxyConfig
- type TunnelProxySecurityConfig
- type TunnelStream
Constants ¶
View Source
const ( // Default port for the control endpoint of the client-side tunnel proxy (container network side). DefaultContainerProxyControlPort = 15049 // Default port for the data endpoint of the client-side tunnel proxy (container network side). DefaultContainerProxyDataPort = 15050 // Full path to the client proxy binary inside the container image. ClientProxyBinaryPath = "/usr/local/bin/" + ClientBinaryName ClientProxyContainerImageNamePrefix = "dcptun_developer_ms" )
View Source
const (
// Binary name for the client proxy (Linux executable). Compare with DCPTUN_CLIENT_BINARY in Makefile.
ClientBinaryName = "dcptun_c"
)
View Source
const (
// Default base image for client proxy containers
DefaultBaseImage = "mcr.microsoft.com/azurelinux/base/core:3.0"
)
Variables ¶
View Source
var ( // Binary name for the server proxy ServerBinaryName string )
Functions ¶
func EnsureClientProxyImage ¶
func EnsureClientProxyImage( ctx context.Context, opts BuildClientProxyImageOptions, ior containers.ImageOrchestrator, log logr.Logger, ) (string, error)
EnsureClientProxyImage ensures that the client proxy image is built and available for use by the client proxy container. Returns full image name with tag, and error if any.
Types ¶
type BuildClientProxyImageOptions ¶
type BuildClientProxyImageOptions struct {
BaseImage string
containers.StreamCommandOptions
containers.TimeoutOption
// Overrides the most recent image builds file path.
// Used primarily for testing purposes.
MostRecentImageBuildsFilePath string
}
type ClientProxy ¶
type ClientProxy struct {
// Need to embed the following to ensure gRPC forward compatibility.
proto.UnimplementedTunnelControlServer
// contains filtered or unexported fields
}
The client-side proxy of the DCP reverse network tunnel.
func NewClientProxy ¶
func (*ClientProxy) DeleteTunnel ¶
func (cp *ClientProxy) DeleteTunnel(ctx context.Context, tr *proto.TunnelRef) (*emptypb.Empty, error)
Gracefully deletes the tunnel identified by tunnel ID. Existing streams will be preserved, but no new streams will be allowed.
func (*ClientProxy) Done ¶
func (cp *ClientProxy) Done() <-chan struct{}
func (*ClientProxy) NewStreamsConnection ¶
func (cp *ClientProxy) NewStreamsConnection(newStreamConn grpc.BidiStreamingServer[proto.NewStreamResult, proto.StreamRef]) error
Creates a long-running, bi-directional streaming connection to the server-side proxy to facilitate creation of new tunnel streams.
func (*ClientProxy) PrepareTunnel ¶
func (cp *ClientProxy) PrepareTunnel(ctx context.Context, tr *proto.TunnelReq) (*proto.TunnelSpec, error)
Prepares the proxy pair for tunneling the traffic. Upon success, the client-side proxy is listening to client connections and ready to tunnel traffic.
type ErrContainerRuntimeUnhealthy ¶
type ErrContainerRuntimeUnhealthy struct {
Reason string
}
func (*ErrContainerRuntimeUnhealthy) Error ¶
func (e *ErrContainerRuntimeUnhealthy) Error() string
type ServerProxy ¶
type ServerProxy struct {
// Need to embed the following to ensure gRPC forward compatibility.
proto.UnimplementedTunnelControlServer
// contains filtered or unexported fields
}
The server-side proxy of the DCP reverse network tunnel.
func NewServerProxy ¶
func NewServerProxy( ctx context.Context, clientProxy proto.TunnelControlClient, clientDataEndpointAddress string, clientDataEndpointPort int32, requestShutdown func(), log logr.Logger, ) *ServerProxy
func (*ServerProxy) DeleteTunnel ¶
func (sp *ServerProxy) DeleteTunnel(ctx context.Context, tr *proto.TunnelRef) (*emptypb.Empty, error)
Gracefully deletes the tunnel identified by tunnel ID. Existing streams will be preserved, but no new streams will be allowed.
func (*ServerProxy) Done ¶
func (sp *ServerProxy) Done() <-chan struct{}
func (*ServerProxy) NewStreamsConnection ¶
func (sp *ServerProxy) NewStreamsConnection(_ grpc.BidiStreamingServer[proto.NewStreamResult, proto.StreamRef]) error
func (*ServerProxy) PrepareTunnel ¶
func (sp *ServerProxy) PrepareTunnel(ctx context.Context, tr *proto.TunnelReq) (*proto.TunnelSpec, error)
Prepares the proxy pair for tunneling the traffic. Upon success, the client-side proxy is listening to client connections and ready to tunnel traffic.
type TunnelProxyConfig ¶
type TunnelProxyConfig struct {
TunnelProxySecurityConfig
// The address for the control endpoint of the server-side tunnel proxy.
ServerControlAddress string `json:"server_control_address"`
// The port for the control endpoint of the server-side tunnel proxy.
ServerControlPort int32 `json:"server_control_port"`
// The address for the control endpoint of the client-side tunnel proxy.
// In the context of the server-side proxy, this is the address that the server-side proxy will be using
// to connect to the control endpoint of the client-side proxy.
// In the context of the client-side proxy, this is the address that the client-side proxy will be listening on.
ClientControlAddress string `json:"client_control_address"`
// The port for the control endpoint of the client-side tunnel proxy.
// In the context of the server-side proxy, this is the port that the server-side proxy will be using
// to connect to the control endpoint of the client-side proxy.
// In the context of the client-side proxy, this is the port that the client-side proxy will be listening on.
ClientControlPort int32 `json:"client_control_port"`
// The address for the data endpoint of the client-side tunnel proxy.
// In the context of the server-side proxy, this is the address that the server-side proxy will be using
// to connect to the data endpoint of the client-side proxy.
// In the context of the client-side proxy, this is the address that the client-side proxy will be listening on.
ClientDataAddress string `json:"client_data_address"`
// The port for the data endpoint of the client-side tunnel proxy.
// In the context of the server-side proxy, this is the port that the server-side proxy will be using
// to connect to the data endpoint of the client-side proxy.
// In the context of the client-side proxy, this is the port that the client-side proxy will be listening on.
ClientDataPort int32 `json:"client_data_port"`
}
type TunnelProxySecurityConfig ¶
type TunnelProxySecurityConfig struct {
// Base64-encoded CA certificate for securing the control connection.
// If empty, an insecure connection will be used.
CACertBase64 string `json:"ca_cert_base64,omitempty"`
// Base64-encoded server certificate for securing the control connection.
// If empty, an insecure connection will be used.
ServerCertBase64 string `json:"server_cert_base64,omitempty"`
// Base64-encoded server private key for securing the control connection.
// If empty, an insecure connection will be used.
ServerKeyBase64 string `json:"server_key_base64,omitempty"`
}
func NewTunnelProxySecurityConfig ¶
func NewTunnelProxySecurityConfig() (TunnelProxySecurityConfig, error)
func (TunnelProxySecurityConfig) GetClientPool ¶
func (tc TunnelProxySecurityConfig) GetClientPool() (*x509.CertPool, error)
func (TunnelProxySecurityConfig) GetTlsConfig ¶
func (tc TunnelProxySecurityConfig) GetTlsConfig() (*tls.Config, error)
func (TunnelProxySecurityConfig) HasCompleteCertificateData ¶
func (tc TunnelProxySecurityConfig) HasCompleteCertificateData() bool
type TunnelStream ¶
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.