consuldp

package
v1.9.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 22, 2025 License: MPL-2.0 Imports: 37 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewLifecycleConfig added in v1.0.4 

func NewLifecycleConfig(cfg *Config, proxy envoy.ProxyManager) *lifecycleConfig

func NewMetricsConfig 

func NewMetricsConfig(cfg *Config, cacheSink *metricscache.Sink) *metricsConfig

Types

type Config 

type Config struct {
	Mode      ModeType
	DNSServer *DNSServerConfig
	Consul    *ConsulConfig
	Proxy     *ProxyConfig
	Logging   *LoggingConfig
	Telemetry *TelemetryConfig
	Envoy     *EnvoyConfig
	XDSServer *XDSServer
}

Config is the configuration used by consul-dataplane, consolidated from various sources - CLI flags, env vars, config file settings.

type ConsulConfig 

type ConsulConfig struct {
	// Addresses are Consul server addresses. Value can be:
	// DNS name OR 'exec=<executable with optional args>'.
	// Executable will be parsed by https://github.com/hashicorp/go-netaddrs.
	Addresses string
	// GRPCPort is the gRPC port on the Consul server.
	GRPCPort int
	// Credentials are the credentials used to authenticate requests and streams
	// to the Consul servers (e.g. static ACL token or auth method credentials).
	Credentials *CredentialsConfig
	// ServerWatchDisabled opts-out of consuming the server update stream, for
	// cases where its addresses are incorrect (e.g. servers are behind a load
	// balancer).
	ServerWatchDisabled bool
	// TLS contains the TLS settings for communicating with Consul servers.
	TLS *TLSConfig
}

ConsulConfig are the settings required to connect with Consul servers

type ConsulDataplane 

type ConsulDataplane struct {
	// contains filtered or unexported fields
}

ConsulDataplane represents the consul-dataplane process

func NewConsulDP 

func NewConsulDP(cfg *Config) (*ConsulDataplane, error)

NewConsulDP creates a new instance of ConsulDataplane

func (*ConsulDataplane) GracefulShutdown added in v1.0.4 

func (cdp *ConsulDataplane) GracefulShutdown(cancel context.CancelFunc)

func (*ConsulDataplane) Run 

func (cdp *ConsulDataplane) Run(ctx context.Context) error

type CredentialsConfig 

type CredentialsConfig struct {
	// Type identifies the type of credentials provided.
	Type CredentialsType
	// Static contains the static ACL token.
	Static StaticCredentialsConfig
	// Login contains the credentials for logging in with an auth method.
	Login LoginCredentialsConfig
}

CredentialsConfig contains the credentials used to authenticate requests and streams to the Consul servers.

func (*CredentialsConfig) ToDiscoveryCredentials 

func (cc *CredentialsConfig) ToDiscoveryCredentials() (discovery.Credentials, error)

ToDiscoveryCredentials creates a discovery.Credentials, including loading a bearer token from a file if BearerPath is given.

type CredentialsType 

type CredentialsType string

CredentialsType identifies the type of credentials provided. 

const (
	// CredentialsTypeNone indicates that no credentials were given.
	CredentialsTypeNone CredentialsType = ""
	// CredentialsTypeStatic indicates that a static ACL token was provided.
	CredentialsTypeStatic CredentialsType = "static"
	// CredentialsTypeLogin indicates that credentials were provided to log in with
	// an auth method.
	CredentialsTypeLogin CredentialsType = "login"
)

type DNSServerConfig 

type DNSServerConfig struct {
	// BindAddr is the address the DNS server will bind to. Default will be 127.0.0.1
	BindAddr string
	// Port is the port which the DNS server will bind to.
	Port int
}

DNSServerConfig is the configuration for the transparent DNS proxy that will forward requests to consul

type EnvoyConfig 

type EnvoyConfig struct {
	ExecutablePath string
	// AdminBindAddress is the address on which the Envoy admin server will be available.
	AdminBindAddress string
	// AdminBindPort is the port on which the Envoy admin server will be available.
	AdminBindPort int
	// ReadyBindAddress is the address on which the Envoy readiness probe will be available.
	ReadyBindAddress string
	// ReadyBindPort is the port on which the Envoy readiness probe will be available.
	ReadyBindPort int
	// EnvoyConcurrency is the envoy concurrency https://www.envoyproxy.io/docs/envoy/latest/operations/cli#cmdoption-concurrency
	EnvoyConcurrency int
	// EnvoyDrainTime is the time in seconds for which Envoy will drain connections
	// during a hot restart, when listeners are modified or removed via LDS, or when
	// initiated manually via a request to the Envoy admin API.
	// The Envoy HTTP connection manager filter will add “Connection: close” to HTTP1
	// requests, send HTTP2 GOAWAY, and terminate connections on request completion
	// (after the delayed close period).
	// https://www.envoyproxy.io/docs/envoy/latest/operations/cli#cmdoption-drain-time-s
	EnvoyDrainTimeSeconds int
	// EnvoyDrainStrategy is the behaviour of Envoy during the drain sequence.
	// Determines whether all open connections should be encouraged to drain
	// immediately or to increase the percentage gradually as the drain time elapses.
	// https://www.envoyproxy.io/docs/envoy/latest/operations/cli#cmdoption-drain-strategy
	EnvoyDrainStrategy string
	// ShutdownDrainListenersEnabled configures whether to start draining proxy listeners before terminating the proxy container. Drain time defaults to the value of ShutdownGracePeriodSeconds, but may be set explicitly with EnvoyDrainTimeSeconds.
	ShutdownDrainListenersEnabled bool
	// ShutdownGracePeriodSeconds is the amount of time to wait after receiving a SIGTERM before terminating the proxy container.
	ShutdownGracePeriodSeconds int
	// GracefulShutdownPath is the path on which the HTTP endpoint to initiate a graceful shutdown of Envoy is served.
	GracefulShutdownPath string
	// StartupGracePeriodSeconds is the amount of time to block application after startup for Envoy proxy to be ready.
	StartupGracePeriodSeconds int
	// GracefulStartupPath is the path where the HTTP endpoint to initiate a graceful startup of Envoy is served.
	GracefulStartupPath string
	// GracefulAddr is the address on which the HTTP server for graceful shutdown endpoints will be available.
	GracefulAddr string
	// GracefulPort is the port on which the HTTP server for graceful shutdown endpoints will be available.
	GracefulPort int
	// DumpEnvoyConfigOnExitEnabled configures whether to call Envoy's /config_dump endpoint during consul-dataplane controlled shutdown.
	DumpEnvoyConfigOnExitEnabled bool
	// ExtraArgs are the extra arguments passed to envoy at startup of the proxy
	ExtraArgs []string
}

EnvoyConfig contains configuration for the Envoy process.

type LoggingConfig 

type LoggingConfig struct {
	// Name of the subsystem to prefix logs with
	Name string
	// LogLevel is the logging level. Valid values - TRACE, DEBUG, INFO, WARN, ERROR
	LogLevel string
	// LogJSON controls if the output should be in JSON.
	LogJSON bool
}

LoggingConfig can be used to specify logger configuration settings.

type LoginCredentialsConfig 

type LoginCredentialsConfig struct {
	// AuthMethod is the name of the Consul auth method.
	AuthMethod string
	// Namespace is the namespace containing the auth method.
	Namespace string
	// Partition is the partition containing the auth method.
	Partition string
	// Datacenter is the datacenter containing the auth method.
	Datacenter string
	// BearerToken is the bearer token presented to the auth method.
	BearerToken string
	// BearerTokenPath is the path to a file containing a bearer token.
	BearerTokenPath string
	// Meta is the arbitrary set of key-value pairs to attach to the
	// token. These are included in the Description field of the token.
	Meta map[string]string
}

LoginCredentialsConfig contains credentials for logging in with an auth method.

type MockDataplaneServiceClient 

type MockDataplaneServiceClient struct {
	mock.Mock
}

MockDataplaneServiceClient is an autogenerated mock type for the DataplaneServiceClient type

func NewMockDataplaneServiceClient 

func NewMockDataplaneServiceClient(t mockConstructorTestingTNewMockDataplaneServiceClient) *MockDataplaneServiceClient

NewMockDataplaneServiceClient creates a new instance of MockDataplaneServiceClient. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.

func (*MockDataplaneServiceClient) EXPECT 

func (_m *MockDataplaneServiceClient) EXPECT() *MockDataplaneServiceClient_Expecter

func (*MockDataplaneServiceClient) GetEnvoyBootstrapParams 

func (_m *MockDataplaneServiceClient) GetEnvoyBootstrapParams(ctx context.Context, in *pbdataplane.GetEnvoyBootstrapParamsRequest, opts ...grpc.CallOption) (*pbdataplane.GetEnvoyBootstrapParamsResponse, error)

GetEnvoyBootstrapParams provides a mock function with given fields: ctx, in, opts

func (*MockDataplaneServiceClient) GetSupportedDataplaneFeatures 

func (_m *MockDataplaneServiceClient) GetSupportedDataplaneFeatures(ctx context.Context, in *pbdataplane.GetSupportedDataplaneFeaturesRequest, opts ...grpc.CallOption) (*pbdataplane.GetSupportedDataplaneFeaturesResponse, error)

GetSupportedDataplaneFeatures provides a mock function with given fields: ctx, in, opts

type MockDataplaneServiceClient_Expecter 

type MockDataplaneServiceClient_Expecter struct {
	// contains filtered or unexported fields
}

func (*MockDataplaneServiceClient_Expecter) GetEnvoyBootstrapParams 

func (_e *MockDataplaneServiceClient_Expecter) GetEnvoyBootstrapParams(ctx interface{}, in interface{}, opts ...interface{}) *MockDataplaneServiceClient_GetEnvoyBootstrapParams_Call

GetEnvoyBootstrapParams is a helper method to define mock.On call

  • ctx context.Context
  • in *pbdataplane.GetEnvoyBootstrapParamsRequest
  • opts ...grpc.CallOption

func (*MockDataplaneServiceClient_Expecter) GetSupportedDataplaneFeatures 

func (_e *MockDataplaneServiceClient_Expecter) GetSupportedDataplaneFeatures(ctx interface{}, in interface{}, opts ...interface{}) *MockDataplaneServiceClient_GetSupportedDataplaneFeatures_Call

GetSupportedDataplaneFeatures is a helper method to define mock.On call

  • ctx context.Context
  • in *pbdataplane.GetSupportedDataplaneFeaturesRequest
  • opts ...grpc.CallOption

type MockDataplaneServiceClient_GetEnvoyBootstrapParams_Call 

type MockDataplaneServiceClient_GetEnvoyBootstrapParams_Call struct {
	*mock.Call
}

MockDataplaneServiceClient_GetEnvoyBootstrapParams_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetEnvoyBootstrapParams'

func (*MockDataplaneServiceClient_GetEnvoyBootstrapParams_Call) Return 

func (_c *MockDataplaneServiceClient_GetEnvoyBootstrapParams_Call) Return(_a0 *pbdataplane.GetEnvoyBootstrapParamsResponse, _a1 error) *MockDataplaneServiceClient_GetEnvoyBootstrapParams_Call

func (*MockDataplaneServiceClient_GetEnvoyBootstrapParams_Call) Run 

func (_c *MockDataplaneServiceClient_GetEnvoyBootstrapParams_Call) Run(run func(ctx context.Context, in *pbdataplane.GetEnvoyBootstrapParamsRequest, opts ...grpc.CallOption)) *MockDataplaneServiceClient_GetEnvoyBootstrapParams_Call

type MockDataplaneServiceClient_GetSupportedDataplaneFeatures_Call 

type MockDataplaneServiceClient_GetSupportedDataplaneFeatures_Call struct {
	*mock.Call
}

MockDataplaneServiceClient_GetSupportedDataplaneFeatures_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetSupportedDataplaneFeatures'

func (*MockDataplaneServiceClient_GetSupportedDataplaneFeatures_Call) Return 

func (_c *MockDataplaneServiceClient_GetSupportedDataplaneFeatures_Call) Return(_a0 *pbdataplane.GetSupportedDataplaneFeaturesResponse, _a1 error) *MockDataplaneServiceClient_GetSupportedDataplaneFeatures_Call

func (*MockDataplaneServiceClient_GetSupportedDataplaneFeatures_Call) Run 

func (_c *MockDataplaneServiceClient_GetSupportedDataplaneFeatures_Call) Run(run func(ctx context.Context, in *pbdataplane.GetSupportedDataplaneFeaturesRequest, opts ...grpc.CallOption)) *MockDataplaneServiceClient_GetSupportedDataplaneFeatures_Call

type ModeType added in v1.6.0 

type ModeType string

CredentialsType identifies the type of credentials provided. 

const (
	// ModeTypeSidecar indicates that consul-dataplane is running in sidecar
	// mode where DNS Server, xDS Server, and Envoy are all enabled.
	ModeTypeSidecar ModeType = "sidecar"
	// ModeTypeDNSProxy indicates that consul-dataplane is running in DNS Proxy
	// mode where DNS Server is running but xDSServer and Envoy are disabled.
	ModeTypeDNSProxy ModeType = "dns-proxy"
)

type PrometheusTelemetryConfig 

type PrometheusTelemetryConfig struct {
	// RetentionTime controls the duration that metrics are aggregated for.
	RetentionTime time.Duration
	// CACertsPath is a path to a file or directory containing CA certificates
	// to use to verify the Prometheus server's certificate. This is only
	// necessary if the server presents a certificate that isn't signed by a
	// trusted public CA.
	CACertsPath string
	// KeyFile is a path to the client private key used for serving Prometheus
	// metrics.
	KeyFile string
	// CertFile is a path to the client certificate used for serving Prometheus
	// metrics.
	CertFile string
	// ServiceMetricsURL is an optional URL that must serve Prometheus metrics.
	// The metrics at this URL are scraped and merged into Consul Dataplane's
	// main Prometheus metrics.
	ServiceMetricsURL string
	// ScrapePath is the URL path where Envoy serves Prometheus metrics.
	ScrapePath string
	// MergePort is the port to server merged metrics.
	MergePort int
}

PrometheusTelemetryConfig contains Prometheus-specific telemetry config.

type ProxyConfig added in v1.3.0 

type ProxyConfig struct {
	// NodeName is the name of the node to which the proxy service instance is
	// registered.
	NodeName string
	// NodeName is the ID of the node to which the proxy service instance is
	// registered.
	NodeID string
	// ProxyID is the ID of the proxy service instance or workload.
	ProxyID string
	// Namespace is the Consul Enterprise namespace in which the proxy service
	// instance or workload is registered.
	Namespace string
	// Partition is the Consul Enterprise partition in which the proxy service
	// instance or workload is registered.
	Partition string
}

ProxyConfig contains details of the proxy service instance.

type StaticCredentialsConfig 

type StaticCredentialsConfig struct {
	// Token is the static ACL token.
	Token string
}

StaticCredentialsConfig contains the static ACL token that will be used to authenticate requests and streams to the Consul servers.

type Stats 

type Stats int
const (

	// Distinguishing values for the type of sinks that are being used
	Prometheus Stats = iota
	Dogstatsd
	Statsd
)

func (Stats) String 

func (s Stats) String() string

type TLSConfig 

type TLSConfig struct {
	// Disabled causes consul-dataplane to communicate with Consul servers over
	// an insecure plaintext connection. This is useful for testing, but should
	// not be used in production.
	Disabled bool
	// CACertsPath is a path to a file or directory containing CA certificates to
	// use to verify the server's certificate. This is only necessary if the server
	// presents a certificate that isn't signed by a trusted public CA.
	CACertsPath string
	// ServerName is used to verify the server certificate's subject when it cannot
	// be inferred from Consul.Addresses (i.e. it is not a DNS name).
	ServerName string
	// CertFile is a path to the client certificate that will be presented to
	// Consul servers.
	//
	// Note: this is only required if servers have tls.grpc.verify_incoming enabled.
	// Generally, issuing consul-dataplane instances with client certificates isn't
	// necessary and creates significant operational burden.
	CertFile string
	// KeyFile is a path to the client private key that will be used to communicate
	// with Consul servers (when CertFile is provided).
	//
	// Note: this is only required if servers have tls.grpc.verify_incoming enabled.
	// Generally, issuing consul-dataplane instances with client certificates isn't
	// necessary and creates significant operational burden.
	KeyFile string
	// InsecureSkipVerify causes consul-dataplane not to verify the certificate
	// presented by the server. This is useful for testing, but should not be used
	// in production.
	InsecureSkipVerify bool
}

TLSConfig contains the TLS settings for communicating with Consul servers.

func (*TLSConfig) Load 

func (t *TLSConfig) Load() (*tls.Config, error)

Load creates a *tls.Config, including loading the CA and client certificates.

type TelemetryConfig 

type TelemetryConfig struct {
	// UseCentralConfig controls whether the proxy will apply the central telemetry
	// configuration.
	UseCentralConfig bool
	// Prometheus contains Prometheus-specific configuration that cannot be
	// determined from central telemetry configuration.
	Prometheus PrometheusTelemetryConfig
}

TelemetryConfig contains configuration for telemetry.

type XDSServer 

type XDSServer struct {
	// BindAddress is the address on which the Envoy xDS server will be available.
	BindAddress string
	// BindPort is the address on which the Envoy xDS port will be available.
	BindPort int
}

XDSServer contains the configuration of the xDS server.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.