Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertManager ¶
type CertManager struct {
// contains filtered or unexported fields
}
CertManager is responsible for requesting and renewing the leaf cert for server agents. The server certificate is managed internally and used for peering control-plane traffic to the TLS-enabled external gRPC port.
func NewCertManager ¶
func NewCertManager(deps Deps) *CertManager
type Deps ¶
type Deps struct {
Config Config
Logger hclog.Logger
LeafCertManager LeafCertManager
GetStore func() Store
TLSConfigurator TLSConfigurator
// contains filtered or unexported fields
}
type LeafCertManager ¶
type LeafCertManager interface {
Notify(ctx context.Context, req *leafcert.ConnectCALeafRequest, correlationID string, ch chan<- cache.UpdateEvent) error
}
LeafCertManager is an interface to represent the necessary methods of the agent/leafcert.Manager. It is used to request and renew the server leaf certificate.
type Store ¶
type Store interface {
CAConfig(ws memdb.WatchSet) (uint64, *structs.CAConfiguration, error)
SystemMetadataGet(ws memdb.WatchSet, key string) (uint64, *structs.SystemMetadataEntry, error)
AbandonCh() <-chan struct{}
}
Store is an interface to represent the necessary methods of the state.Store. It is used to fetch the CA Config to getStore the trust domain in the TLSConfigurator.
type TLSConfigurator ¶
type TLSConfigurator interface {
UpdateAutoTLSCert(pub, priv string) error
UpdateAutoTLSPeeringServerName(name string)
}
TLSConfigurator is an interface to represent the necessary methods of the tlsutil.Configurator. It is used to apply the server leaf certificate and server name.
Source Files