Documentation
¶
Index ¶
Constants ¶
View Source
const ( // ServiceTokenFilename is the file in the BootstrapDir where the service token is written by `consul login`. ServiceTokenFilename = "service-token" // ClientTokenFilename is the file in the BootstrapDir where the Consul client token is expected. // The consul-ecs binary does not write this file, but health-sync will attempt to do a `consul logout` for this token. ClientTokenFilename = "client-token" // DefaultAuthMethodName is the default name of the Consul IAM auth method used for `consul login`. DefaultAuthMethodName = "iam-ecs-service-token" // DefaultGatewayPort (8443) is the default gateway registration port used by 'consul connect envoy -register'. DefaultGatewayPort = 8443 // TaggedAddressLAN is the map key for LAN tagged addresses. TaggedAddressLAN = "lan" // TaggedAddressWAN is the map key for WAN tagged addresses. TaggedAddressWAN = "wan" )
View Source
const (
ConfigEnvironmentVariable = "CONSUL_ECS_CONFIG_JSON"
)
Variables ¶
View Source
var Schema string
Functions ¶
This section is empty.
Types ¶
type AgentServiceCheck ¶
type AgentServiceCheck struct {
CheckID string `json:"checkId,omitempty"`
Name string `json:"name,omitempty"`
Args []string `json:"args,omitempty"`
Interval string `json:"interval,omitempty"`
Timeout string `json:"timeout,omitempty"`
TTL string `json:"ttl,omitempty"`
HTTP string `json:"http,omitempty"`
Header map[string][]string `json:"header,omitempty"`
Method string `json:"method,omitempty"`
Body string `json:"body,omitempty"`
TCP string `json:"tcp,omitempty"`
Status string `json:"status,omitempty"`
Notes string `json:"notes,omitempty"`
TLSServerName string `json:"tlsServerName,omitempty"`
TLSSkipVerify bool `json:"tlsSkipVerify,omitempty"`
GRPC string `json:"grpc,omitempty"`
GRPCUseTLS bool `json:"grpcUseTls,omitempty"`
H2PPING string `json:"h2ping,omitempty"`
H2PingUseTLS bool `json:"h2pingUseTLS,omitempty"`
AliasNode string `json:"aliasNode,omitempty"`
AliasService string `json:"aliasService,omitempty"`
SuccessBeforePassing int `json:"successBeforePassing,omitempty"`
FailuresBeforeCritical int `json:"failuresBeforeCritical,omitempty"`
}
AgentServiceCheck configures a Consul Check.
NOTE:
- The DockerContainerID and Shell fields are excluded. Shell is only used for Docker checks, and Docker checks won't work on ECS. They cannot work on Fargate, and require specific config to access the host's Docker daemon on the EC2 launch type.
- DeregisterCriticalServiceAfter is also excluded. We have health check support to handle service deregistration.
func (*AgentServiceCheck) ToConsulType ¶
func (c *AgentServiceCheck) ToConsulType() *api.AgentServiceCheck
type AgentServiceConnectProxyConfig ¶
type AgentServiceConnectProxyConfig struct {
Config map[string]interface{} `json:"config,omitempty"`
Upstreams []Upstream `json:"upstreams,omitempty"`
MeshGateway *MeshGatewayConfig `json:"meshGateway,omitempty"`
Expose *ExposeConfig `json:"expose,omitempty"`
}
AgentServiceConnectProxyConfig defines the sidecar proxy configuration.
NOTE: For the proxy registration request (api.AgentServiceRegistration in Consul),
- The Kind and Port are set by mesh-init, so these fields are not configurable.
- The ID, Name, Tags, Meta, EnableTagOverride, and Weights fields are inferred or copied from the service registration by mesh-init.
- The bind address is always localhost in ECS, so the Address and SocketPath are excluded.
- The Connect field is excluded. Since the sidecar proxy is being used, it's not a Connect-native service, and we don't need the nested proxy config included in the Connect field.
- The Partition field is excluded. mesh-init will use the partition from the service registration.
- The Namespace field is excluded. mesh-init will use the namespace from the service registration.
- There's not a use-case for specifying TaggedAddresses with Consul ECS, and Enable
For the proxy configuration (api.AgentServiceConnectProxyConfig in Consul),
- The DestinationServiceName, DestinationServiceId, LocalServiceAddress, and LocalServicePort are all set by mesh-init, based on the service configuration.
- The LocalServiceSocketPath is excluded, since it would conflict with the address/port set by mesh-init.
- Checks are excluded. mesh-init automatically configures useful checks for the proxy.
- TProxy is not supported on ECS, so the Mode and TransparentProxy fields are excluded.
func (*AgentServiceConnectProxyConfig) ToConsulType ¶
func (a *AgentServiceConnectProxyConfig) ToConsulType() *api.AgentServiceConnectProxyConfig
type AgentWeights ¶
func (*AgentWeights) ToConsulType ¶
func (w *AgentWeights) ToConsulType() *api.AgentWeights
type Config ¶
type Config struct {
BootstrapDir string `json:"bootstrapDir"`
ConsulHTTPAddr string `json:"consulHTTPAddr"`
ConsulCACertFile string `json:"consulCACertFile"`
ConsulLogin ConsulLogin `json:"consulLogin"`
HealthSyncContainers []string `json:"healthSyncContainers,omitempty"`
LogLevel string `json:"logLevel,omitempty"`
Proxy *AgentServiceConnectProxyConfig `json:"proxy"`
Gateway *GatewayRegistration `json:"gateway,omitempty"`
Service ServiceRegistration `json:"service"`
}
Config is the top-level config object.
type ConsulLogin ¶ added in v0.5.0
type ConsulLogin struct {
Enabled bool `json:"enabled"`
Method string `json:"method"`
IncludeEntity bool `json:"includeEntity"`
ExtraLoginFlags []string `json:"extraLoginFlags"`
}
ConsulLogin configures login options for the Consul IAM auth method.
func (*ConsulLogin) UnmarshalJSON ¶ added in v0.5.0
func (c *ConsulLogin) UnmarshalJSON(data []byte) error
UnmarshalJSON is a custom unmarshaller that defaults `includeEntity` to true
type ExposeConfig ¶
type ExposeConfig struct {
Checks bool `json:"checks,omitempty"`
Paths []ExposePath `json:"paths,omitempty"`
}
ExposeConfig describes HTTP paths to expose through Envoy outside of Connect.
func (*ExposeConfig) ToConsulType ¶
func (e *ExposeConfig) ToConsulType() api.ExposeConfig
type ExposePath ¶
type ExposePath struct {
ListenerPort int `json:"listenerPort,omitempty"`
Path string `json:"path,omitempty"`
LocalPathPort int `json:"localPathPort,omitempty"`
Protocol string `json:"protocol,omitempty"`
}
ExposePath are the paths to expose outside of connect. See ExposeConfig.
func (*ExposePath) ToConsulType ¶
func (e *ExposePath) ToConsulType() api.ExposePath
type GatewayAddress ¶ added in v0.5.0
type GatewayAddress struct {
Address string `json:"address,omitempty"`
Port int `json:"port,omitempty"`
}
func (*GatewayAddress) ToConsulType ¶ added in v0.5.0
func (a *GatewayAddress) ToConsulType() api.ServiceAddress
type GatewayProxyConfig ¶ added in v0.5.0
type GatewayProxyConfig struct {
Config map[string]interface{} `json:"config,omitempty"`
}
func (*GatewayProxyConfig) ToConsulType ¶ added in v0.5.0
func (p *GatewayProxyConfig) ToConsulType() *api.AgentServiceConnectProxyConfig
type GatewayRegistration ¶ added in v0.5.0
type GatewayRegistration struct {
Kind api.ServiceKind `json:"kind"`
LanAddress *GatewayAddress `json:"lanAddress,omitempty"`
WanAddress *GatewayAddress `json:"wanAddress,omitempty"`
Name string `json:"name,omitempty"`
Tags []string `json:"tags,omitempty"`
Meta map[string]string `json:"meta,omitempty"`
Namespace string `json:"namespace,omitempty"`
Partition string `json:"partition,omitempty"`
Proxy *GatewayProxyConfig `json:"proxy,omitempty"`
}
func (*GatewayRegistration) ToConsulType ¶ added in v0.5.0
func (g *GatewayRegistration) ToConsulType() *api.AgentServiceRegistration
type MeshGatewayConfig ¶
type MeshGatewayConfig struct {
Mode api.MeshGatewayMode `json:"mode,omitempty"`
}
MeshGatewayConfig describes how to use mesh gateways to reach other services.
func (*MeshGatewayConfig) ToConsulType ¶
func (m *MeshGatewayConfig) ToConsulType() api.MeshGatewayConfig
type ServiceRegistration ¶
type ServiceRegistration struct {
Name string `json:"name"`
Tags []string `json:"tags,omitempty"`
Port int `json:"port"`
EnableTagOverride bool `json:"enableTagOverride,omitempty"`
Meta map[string]string `json:"meta,omitempty"`
Weights *AgentWeights `json:"weights,omitempty"`
Checks []AgentServiceCheck `json:"checks,omitempty"`
Namespace string `json:"namespace,omitempty"`
Partition string `json:"partition,omitempty"`
}
ServiceRegistration configures the Consul service registration.
NOTE: - The Kind and Id fields are set by mesh-init during service/proxy registration. - The Address field excluded. The agent's address (task ip) should always be used in ECS. - The Connect field is not supported:
- No Connect-native support for now. We assume Envoy is used.
- Proxy registration occurs in a separate request, so no need to inline the proxy config. See the SidecarProxyRegistration type.
func (*ServiceRegistration) ToConsulType ¶
func (r *ServiceRegistration) ToConsulType() *api.AgentServiceRegistration
type Upstream ¶
type Upstream struct {
DestinationType api.UpstreamDestType `json:"destinationType,omitempty"`
DestinationNamespace string `json:"destinationNamespace,omitempty"`
DestinationPartition string `json:"destinationPartition,omitempty"`
DestinationName string `json:"destinationName,omitempty"`
Datacenter string `json:"datacenter,omitempty"`
LocalBindAddress string `json:"localBindAddress,omitempty"`
LocalBindPort int `json:"localBindPort,omitempty"`
Config map[string]interface{} `json:"config,omitempty"`
MeshGateway *MeshGatewayConfig `json:"meshGateway,omitempty"`
}
Upstream describes an upstream Consul Service.
NOTE:
- The LocalBindSocketPath and LocalBindSocketMode are excluded. This level of control/restriction is not as relevant in ECS since each proxy runs in an isolated Docker container.
func (*Upstream) ToConsulType ¶
Source Files
Click to show internal directories.
Click to hide internal directories.