Documentation
¶
Overview ¶
Package certs implements logic to help multiple Kubernetes replicas share TLS certs for a common Tailscale Service.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertManager ¶
type CertManager struct {
// contains filtered or unexported fields
}
CertManager is responsible for issuing certificates for known domains and for maintaining a loop that re-attempts issuance daily. Currently cert manager logic is only run on ingress ProxyGroup replicas that are responsible for managing certs for HA Ingress HTTPS endpoints ('write' replicas).
func NewCertManager ¶
func NewCertManager(lc localclient.LocalClient, logf logger.Logf) *CertManager
func (*CertManager) EnsureCertLoops ¶
func (cm *CertManager) EnsureCertLoops(ctx context.Context, sc *ipn.ServeConfig) error
EnsureCertLoops ensures that, for all currently managed Service HTTPS endpoints, there is a cert loop responsible for issuing and ensuring the renewal of the TLS certs. ServeConfig must not be nil.
Source Files
Click to show internal directories.
Click to hide internal directories.