Documentation
¶
Overview ¶
Package mesh manages the global infrastructure shared across all sind clusters.
Index ¶
- Constants
- type DNSRecord
- type Manager
- func (m *Manager) AddDNSRecord(ctx context.Context, hostname, ip string) error
- func (m *Manager) AddKnownHost(ctx context.Context, hostname, hostKey string) error
- func (m *Manager) CleanupMesh(ctx context.Context) error
- func (m *Manager) ComposeProject() string
- func (m *Manager) DNSContainerName() docker.ContainerName
- func (m *Manager) DNSPolkitAuthorized(ctx context.Context) bool
- func (m *Manager) EnsureDNS(ctx context.Context) error
- func (m *Manager) EnsureMesh(ctx context.Context) error
- func (m *Manager) EnsureMeshNetwork(ctx context.Context) error
- func (m *Manager) EnsureSSH(ctx context.Context) error
- func (m *Manager) EnsureSSHVolume(ctx context.Context) error
- func (m *Manager) GetDNSRecords(ctx context.Context) ([]DNSRecord, error)
- func (m *Manager) NetworkName() docker.NetworkName
- func (m *Manager) RemoveDNSRecord(ctx context.Context, hostname string) error
- func (m *Manager) RemoveKnownHost(ctx context.Context, hostname string) error
- func (m *Manager) ResolvedActive(ctx context.Context) bool
- func (m *Manager) SSHContainerName() docker.ContainerName
- func (m *Manager) SSHKeygenName() docker.ContainerName
- func (m *Manager) SSHVolumeName() docker.VolumeName
Constants ¶
const ( NetworkName docker.NetworkName = "sind-mesh" DNSContainerName docker.ContainerName = "sind-dns" SSHContainerName docker.ContainerName = "sind-ssh" SSHVolumeName docker.VolumeName = "sind-ssh-config" )
Default-realm resource names. Production code uses Manager methods; these constants are used in tests as expected values for DefaultRealm.
const DNSImage = "coredns/coredns:latest"
DNSImage is the container image used for the mesh DNS server.
const DefaultRealm = "sind"
DefaultRealm is the realm name that produces the standard resource names.
const SSHImage = "ghcr.io/gsi-hpc/sind-node:latest"
SSHImage is the container image used for the SSH relay container. Uses the sind-node image which includes an ssh client and bash.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Manager ¶
type Manager struct {
Docker *docker.Client
Exec cmdexec.Executor // executor for non-docker system commands (systemctl, resolvectl, etc.)
Realm string
Pull bool // force fresh image pull (--pull always)
HostDNS bool // configure host DNS resolution via systemd-resolved
}
Manager handles global infrastructure resources shared across all clusters.
func NewManager ¶
NewManager returns a Manager that operates on global resources through the given docker client. The realm determines resource naming: realm "sind" produces names like "sind-mesh", "sind-dns", etc.
func (*Manager) AddDNSRecord ¶
AddDNSRecord adds an A record to the mesh DNS Corefile and reloads CoreDNS. The hostname should be a fully qualified sind DNS name (e.g. "controller.dev.sind.sind").
func (*Manager) AddKnownHost ¶
AddKnownHost appends a host key entry to the known_hosts file in the SSH container. The hostKey should be the full key type and data (e.g. "ssh-ed25519 AAAA...").
func (*Manager) CleanupMesh ¶
CleanupMesh removes all global infrastructure resources. This should only be called when the last cluster is deleted.
func (*Manager) ComposeProject ¶
ComposeProject returns the Docker Compose project name for this realm's mesh.
func (*Manager) DNSContainerName ¶
func (m *Manager) DNSContainerName() docker.ContainerName
DNSContainerName returns the DNS container name for this realm.
func (*Manager) DNSPolkitAuthorized ¶ added in v0.5.0
DNSPolkitAuthorized checks if the current process can configure per-link DNS without interactive authentication.
func (*Manager) EnsureDNS ¶
EnsureDNS creates the mesh DNS container if it does not already exist. The container runs CoreDNS on the mesh network, serving <realm>.sind records from inline hosts entries in the Corefile.
func (*Manager) EnsureMesh ¶
EnsureMesh creates all global infrastructure resources (mesh network, DNS, SSH volume, SSH container) if they do not already exist.
func (*Manager) EnsureMeshNetwork ¶
EnsureMeshNetwork creates the shared mesh network if it does not already exist.
func (*Manager) EnsureSSH ¶
EnsureSSH creates the SSH relay container if it does not already exist. The container runs on the mesh network with the SSH volume mounted at /root/.ssh so that ssh automatically discovers the keypair and known_hosts.
func (*Manager) EnsureSSHVolume ¶
EnsureSSHVolume creates the SSH config volume and generates an ed25519 keypair if the volume does not already exist. The volume contains id_ed25519 (private key), id_ed25519.pub (public key), and an empty known_hosts file.
func (*Manager) GetDNSRecords ¶
GetDNSRecords returns all A records currently served by the mesh DNS.
func (*Manager) NetworkName ¶
func (m *Manager) NetworkName() docker.NetworkName
NetworkName returns the mesh network name for this realm.
func (*Manager) RemoveDNSRecord ¶
RemoveDNSRecord removes all A records for the given hostname from the mesh DNS Corefile and reloads CoreDNS.
func (*Manager) RemoveKnownHost ¶
RemoveKnownHost removes all entries for the given hostname from the known_hosts file in the SSH container.
func (*Manager) ResolvedActive ¶ added in v0.5.0
ResolvedActive checks if systemd-resolved is running.
func (*Manager) SSHContainerName ¶
func (m *Manager) SSHContainerName() docker.ContainerName
SSHContainerName returns the SSH container name for this realm.
func (*Manager) SSHKeygenName ¶
func (m *Manager) SSHKeygenName() docker.ContainerName
SSHKeygenName returns the temporary keygen container name for this realm.
func (*Manager) SSHVolumeName ¶
func (m *Manager) SSHVolumeName() docker.VolumeName
SSHVolumeName returns the SSH volume name for this realm.
Source Files