Documentation
¶
Index ¶
- Constants
- func AddRouter(rf ApiRouter)
- func GetRequestContextFromHttpContext(r *http.Request) (*response.RequestContext, error)
- func NewAuthQueryExtJwt(url string) *rest_model.AuthQueryDetail
- func NewAuthQueryZitiMfa() *rest_model.AuthQueryDetail
- func NewRequestContext(rw http.ResponseWriter, r *http.Request) *response.RequestContext
- func ProcessAuthQueries(ae *AppEnv, rc *response.RequestContext)
- func ServeError(rw http.ResponseWriter, r *http.Request, inErr error)
- type AddRouterFunc
- type ApiRouter
- type AppEnv
- func (ae *AppEnv) ControllersKeyFunc(token *jwt.Token) (interface{}, error)
- func (ae *AppEnv) CreateRequestContext(rw http.ResponseWriter, r *http.Request) *response.RequestContext
- func (ae *AppEnv) FillRequestContext(rc *response.RequestContext) error
- func (ae *AppEnv) GetApiClientCsrSigner() cert.Signer
- func (ae *AppEnv) GetApiServerCsrSigner() cert.Signer
- func (ae *AppEnv) GetAuthRegistry() model.AuthRegistry
- func (ae *AppEnv) GetConfig() *edgeConfig.Config
- func (ae *AppEnv) GetControlClientCsrSigner() cert.Signer
- func (ae *AppEnv) GetControllerPublicKey(kid string) crypto.PublicKey
- func (ae *AppEnv) GetDbProvider() persistence.DbProvider
- func (ae *AppEnv) GetEnrollRegistry() model.EnrollmentRegistry
- func (ae *AppEnv) GetFingerprintGenerator() cert.FingerprintGenerator
- func (ae *AppEnv) GetHostController() model.HostController
- func (ae *AppEnv) GetJwtSigner() jwtsigner.Signer
- func (ae *AppEnv) GetManagers() *model.Managers
- func (ae *AppEnv) GetMetricsRegistry() metrics.Registry
- func (ae *AppEnv) GetServerCert() (serverCert *tls.Certificate, kid string, signingMethod jwt.SigningMethod)
- func (ae *AppEnv) GetStores() *persistence.Stores
- func (ae *AppEnv) HandleServiceEvent(event *persistence.ServiceEvent)
- func (ae *AppEnv) HandleServiceUpdatedEventForIdentityId(identityId string)
- func (ae *AppEnv) InitPersistence() error
- func (ae *AppEnv) IsAllowed(responderFunc func(ae *AppEnv, rc *response.RequestContext), ...) openApiMiddleware.Responder
- func (ae *AppEnv) IsEdgeRouterOnline(id string) bool
- func (ae *AppEnv) JwtSignerKeyFunc(token *jwt.Token) (interface{}, error)
- func (ae *AppEnv) ProcessJwt(rc *response.RequestContext, token *jwt.Token) error
- func (ae *AppEnv) ProcessZtSession(rc *response.RequestContext, ztSession string) error
- func (ae *AppEnv) SetEnrollmentSigningCert(serverCert *tls.Certificate)
- func (ae *AppEnv) SetServerIdentity(certificate *tls.Certificate)
- type AppHandler
- type AppMiddleware
- type BasicEntitySchema
- type Broker
- func (broker *Broker) AcceptClusterEvent(clusterEvent *event.ClusterEvent)
- func (broker *Broker) GetEdgeRouterState(id string) RouterStateValues
- func (broker *Broker) GetReceiveHandlers() []channel.TypedReceiveHandler
- func (broker *Broker) IsEdgeRouterOnline(id string) bool
- func (broker *Broker) RouterConnected(router *network.Router)
- func (broker *Broker) RouterDisconnected(r *network.Router)
- func (broker *Broker) Stop()
- type HostController
- type IdentityEntitySchema
- type LockingRouterState
- func (r *LockingRouterState) GetVersionInfo() versions.VersionInfo
- func (r *LockingRouterState) Hostname() string
- func (r *LockingRouterState) IsOnline() bool
- func (r *LockingRouterState) Protocols() map[string]string
- func (r *LockingRouterState) SetHostname(hostname string)
- func (r *LockingRouterState) SetIsOnline(isOnline bool)
- func (r *LockingRouterState) SetProtocols(protocols map[string]string)
- func (r *LockingRouterState) SetSyncStatus(syncStatus RouterSyncStatus)
- func (r *LockingRouterState) SetVersionInfo(versionInfo versions.VersionInfo)
- func (r *LockingRouterState) SyncStatus() RouterSyncStatus
- func (r *LockingRouterState) Values() RouterStateValues
- type PemProducer
- type RouterConnectionHandler
- type RouterState
- type RouterStateValues
- type RouterSyncStatus
- type RouterSyncStrategy
- type RouterSyncStrategyType
- type RouterSynchronizerEventHandler
- type Schemes
- type TraceManager
- type TraceSpec
- type YamlProducer
Constants ¶
View Source
const ( SessionRemovedType = int32(edge_ctrl_pb.ContentType_SessionRemovedType) ApiSessionHeartbeatType = int32(edge_ctrl_pb.ContentType_ApiSessionHeartbeatType) ApiSessionRemovedType = int32(edge_ctrl_pb.ContentType_ApiSessionRemovedType) ApiSessionAddedType = int32(edge_ctrl_pb.ContentType_ApiSessionAddedType) ApiSessionUpdatedType = int32(edge_ctrl_pb.ContentType_ApiSessionUpdatedType) RequestClientReSyncType = int32(edge_ctrl_pb.ContentType_RequestClientReSyncType) SigningCertAdded = int32(edge_ctrl_pb.ContentType_SigningCertAddedType) ServerHelloType = int32(edge_ctrl_pb.ContentType_ServerHelloType) ClientHelloType = int32(edge_ctrl_pb.ContentType_ClientHelloType) EnrollmentCertsResponseType = int32(edge_ctrl_pb.ContentType_EnrollmentCertsResponseType) EnrollmentExtendRouterRequestType = int32(edge_ctrl_pb.ContentType_EnrollmentExtendRouterRequestType) EnrollmentExtendRouterVerifyRequestType = int32(edge_ctrl_pb.ContentType_EnrollmentExtendRouterVerifyRequestType) )
View Source
const (
EventualEventsGauge = "eventual.events"
)
View Source
const ZitiSession = "zt-session"
Variables ¶
This section is empty.
Functions ¶
func GetRequestContextFromHttpContext ¶ added in v0.14.35
func GetRequestContextFromHttpContext(r *http.Request) (*response.RequestContext, error)
func NewAuthQueryExtJwt ¶ added in v0.24.251
func NewAuthQueryExtJwt(url string) *rest_model.AuthQueryDetail
func NewAuthQueryZitiMfa ¶ added in v0.24.251
func NewAuthQueryZitiMfa() *rest_model.AuthQueryDetail
func NewRequestContext ¶ added in v0.21.0
func NewRequestContext(rw http.ResponseWriter, r *http.Request) *response.RequestContext
func ProcessAuthQueries ¶ added in v0.24.251
func ProcessAuthQueries(ae *AppEnv, rc *response.RequestContext)
ProcessAuthQueries will inspect a response.RequestContext and set the AuthQueries with the current outstanding authentication queries.
func ServeError ¶ added in v0.14.35
func ServeError(rw http.ResponseWriter, r *http.Request, inErr error)
ServeError is a wrapper for the OpenAPI REST server to allow the Edge API Error message responses to be used when errors are raised from the OpenAPI internal runtimes. This includes input validation methods, unsupported media types, etc.
Types ¶
type AddRouterFunc ¶
type AddRouterFunc func(ae *AppEnv)
func GetRouters ¶
func GetRouters() []AddRouterFunc
type AppEnv ¶
type AppEnv struct {
BoltStores *persistence.Stores
Managers *model.Managers
Config *edgeConfig.Config
Versions *ziti.Versions
ApiServerCsrSigner cert.Signer
ApiClientCsrSigner cert.Signer
ControlClientCsrSigner cert.Signer
FingerprintGenerator cert.FingerprintGenerator
AuthRegistry model.AuthRegistry
EnrollRegistry model.EnrollmentRegistry
Broker *Broker
HostController HostController
ManagementApi *managementOperations.ZitiEdgeManagementAPI
ClientApi *clientOperations.ZitiEdgeClientAPI
IdentityRefreshMap cmap.ConcurrentMap[string, time.Time]
StartupTime time.Time
InstanceId string
TraceManager *TraceManager
EventDispatcher *events.EdgeEventDispatcher
ServerCert *tls.Certificate
ServerCertSigningMethod jwt.SigningMethod
// contains filtered or unexported fields
}
func NewAppEnv ¶
func NewAppEnv(c *edgeConfig.Config, host HostController) *AppEnv
func (*AppEnv) ControllersKeyFunc ¶ added in v0.24.373
func (*AppEnv) CreateRequestContext ¶ added in v0.14.35
func (ae *AppEnv) CreateRequestContext(rw http.ResponseWriter, r *http.Request) *response.RequestContext
func (*AppEnv) FillRequestContext ¶ added in v0.14.35
func (ae *AppEnv) FillRequestContext(rc *response.RequestContext) error
func (*AppEnv) GetApiClientCsrSigner ¶
func (*AppEnv) GetApiServerCsrSigner ¶
func (*AppEnv) GetAuthRegistry ¶
func (ae *AppEnv) GetAuthRegistry() model.AuthRegistry
func (*AppEnv) GetConfig ¶
func (ae *AppEnv) GetConfig() *edgeConfig.Config
func (*AppEnv) GetControlClientCsrSigner ¶
func (*AppEnv) GetControllerPublicKey ¶ added in v0.24.373
func (*AppEnv) GetDbProvider ¶
func (ae *AppEnv) GetDbProvider() persistence.DbProvider
func (*AppEnv) GetEnrollRegistry ¶
func (ae *AppEnv) GetEnrollRegistry() model.EnrollmentRegistry
func (*AppEnv) GetFingerprintGenerator ¶ added in v0.17.30
func (ae *AppEnv) GetFingerprintGenerator() cert.FingerprintGenerator
func (*AppEnv) GetHostController ¶
func (ae *AppEnv) GetHostController() model.HostController
func (*AppEnv) GetJwtSigner ¶ added in v0.19.109
func (*AppEnv) GetManagers ¶ added in v0.21.235
func (*AppEnv) GetMetricsRegistry ¶ added in v0.16.0
func (*AppEnv) GetServerCert ¶ added in v0.24.373
func (ae *AppEnv) GetServerCert() (serverCert *tls.Certificate, kid string, signingMethod jwt.SigningMethod)
func (*AppEnv) GetStores ¶
func (ae *AppEnv) GetStores() *persistence.Stores
func (*AppEnv) HandleServiceEvent ¶ added in v0.17.36
func (ae *AppEnv) HandleServiceEvent(event *persistence.ServiceEvent)
func (*AppEnv) HandleServiceUpdatedEventForIdentityId ¶ added in v0.19.46
func (*AppEnv) InitPersistence ¶
func (*AppEnv) IsAllowed ¶ added in v0.14.35
func (ae *AppEnv) IsAllowed(responderFunc func(ae *AppEnv, rc *response.RequestContext), request *http.Request, entityId string, entitySubId string, permissions ...permissions.Resolver) openApiMiddleware.Responder
func (*AppEnv) IsEdgeRouterOnline ¶
func (*AppEnv) JwtSignerKeyFunc ¶ added in v0.24.373
JwtSignerKeyFunc is used in combination with jwt.Parse or jwt.ParseWithClaims to facilitate verifying JWTs from the current controller or any peer controllers.
func (*AppEnv) ProcessJwt ¶ added in v0.24.373
func (*AppEnv) ProcessZtSession ¶ added in v0.24.373
func (ae *AppEnv) ProcessZtSession(rc *response.RequestContext, ztSession string) error
func (*AppEnv) SetEnrollmentSigningCert ¶ added in v0.19.109
func (ae *AppEnv) SetEnrollmentSigningCert(serverCert *tls.Certificate)
func (*AppEnv) SetServerIdentity ¶ added in v0.24.373
func (ae *AppEnv) SetServerIdentity(certificate *tls.Certificate)
type AppHandler ¶
type AppHandler func(ae *AppEnv, rc *response.RequestContext)
type BasicEntitySchema ¶
type BasicEntitySchema struct {
Post *gojsonschema.Schema
Patch *gojsonschema.Schema
Put *gojsonschema.Schema
}
type Broker ¶
type Broker struct {
// contains filtered or unexported fields
}
The Broker delegates Ziti Edge events to a RouterSyncStrategy. Handling the details of which events to watch and dealing with casting arguments to their proper concrete types.
func NewBroker ¶
func NewBroker(ae *AppEnv, synchronizer RouterSyncStrategy) *Broker
func (*Broker) AcceptClusterEvent ¶ added in v0.24.373
func (broker *Broker) AcceptClusterEvent(clusterEvent *event.ClusterEvent)
func (*Broker) GetEdgeRouterState ¶ added in v0.19.20
func (broker *Broker) GetEdgeRouterState(id string) RouterStateValues
func (*Broker) GetReceiveHandlers ¶ added in v0.21.62
func (broker *Broker) GetReceiveHandlers() []channel.TypedReceiveHandler
func (*Broker) IsEdgeRouterOnline ¶ added in v0.17.72
func (*Broker) RouterConnected ¶
func (*Broker) RouterDisconnected ¶
type HostController ¶
type HostController interface {
RegisterAgentBindHandler(bindHandler channel.BindHandler)
RegisterXctrl(x xctrl.Xctrl) error
RegisterXmgmt(x xmgmt.Xmgmt) error
GetXWebInstance() xweb.Instance
GetNetwork() *network.Network
GetCloseNotifyChannel() <-chan struct{}
Shutdown()
Identity() identity.Identity
IsRaftEnabled() bool
GetPeerSigners() []*x509.Certificate
GetEventDispatcher() event.Dispatcher
}
type IdentityEntitySchema ¶
type IdentityEntitySchema struct {
Post *gojsonschema.Schema
Patch *gojsonschema.Schema
Put *gojsonschema.Schema
ServiceConfigs *gojsonschema.Schema
}
type LockingRouterState ¶ added in v0.19.20
type LockingRouterState struct {
// contains filtered or unexported fields
}
func NewLockingRouterStatus ¶ added in v0.19.20
func NewLockingRouterStatus() *LockingRouterState
func (*LockingRouterState) GetVersionInfo ¶ added in v0.19.20
func (r *LockingRouterState) GetVersionInfo() versions.VersionInfo
func (*LockingRouterState) Hostname ¶ added in v0.19.20
func (r *LockingRouterState) Hostname() string
func (*LockingRouterState) IsOnline ¶ added in v0.19.20
func (r *LockingRouterState) IsOnline() bool
func (*LockingRouterState) Protocols ¶ added in v0.19.20
func (r *LockingRouterState) Protocols() map[string]string
func (*LockingRouterState) SetHostname ¶ added in v0.19.20
func (r *LockingRouterState) SetHostname(hostname string)
func (*LockingRouterState) SetIsOnline ¶ added in v0.19.20
func (r *LockingRouterState) SetIsOnline(isOnline bool)
func (*LockingRouterState) SetProtocols ¶ added in v0.19.20
func (r *LockingRouterState) SetProtocols(protocols map[string]string)
func (*LockingRouterState) SetSyncStatus ¶ added in v0.19.20
func (r *LockingRouterState) SetSyncStatus(syncStatus RouterSyncStatus)
func (*LockingRouterState) SetVersionInfo ¶ added in v0.19.20
func (r *LockingRouterState) SetVersionInfo(versionInfo versions.VersionInfo)
func (*LockingRouterState) SyncStatus ¶ added in v0.19.20
func (r *LockingRouterState) SyncStatus() RouterSyncStatus
func (*LockingRouterState) Values ¶ added in v0.19.20
func (r *LockingRouterState) Values() RouterStateValues
type PemProducer ¶ added in v0.15.13
type PemProducer struct{}
type RouterConnectionHandler ¶ added in v0.17.72
type RouterConnectionHandler interface {
RouterConnected(edgeRouter *model.EdgeRouter, router *network.Router)
RouterDisconnected(router *network.Router)
GetReceiveHandlers() []channel.TypedReceiveHandler
}
RouterConnectionHandler is responsible for handling router connect/disconnect for synchronizing state. This is intended for API Session but additional state is possible. Implementations may bind additional handlers to the channel.
type RouterState ¶ added in v0.19.20
type RouterState interface {
SetIsOnline(isOnline bool)
IsOnline() bool
SetHostname(hostname string)
Hostname() string
SetProtocols(protocols map[string]string)
Protocols() map[string]string
SetSyncStatus(status RouterSyncStatus)
SyncStatus() RouterSyncStatus
SetVersionInfo(versionInfo versions.VersionInfo)
GetVersionInfo() versions.VersionInfo
Values() RouterStateValues
}
RouterState provides a thread save mechanism to access and set router status information that may be influx due to reouter connection/disconnection.
type RouterStateValues ¶ added in v0.19.20
type RouterStateValues struct {
IsOnline bool
Hostname string
Protocols map[string]string
SyncStatus RouterSyncStatus
VersionInfo versions.VersionInfo
}
func NewRouterStatusValues ¶ added in v0.19.20
func NewRouterStatusValues() RouterStateValues
type RouterSyncStatus ¶ added in v0.17.72
type RouterSyncStatus string
Aliased type for router sync status
const ( RouterSyncNew RouterSyncStatus = "SYNC_NEW" //connection accepted but no strategy actions have been taken RouterSyncQueued RouterSyncStatus = "SYNC_QUEUED" //connection handed to strategy, but not processed RouterSyncHello RouterSyncStatus = "SYNC_HELLO" //connection is beginning hello cycle RouterSyncHelloWait RouterSyncStatus = "SYNC_HELLO_WAIT" //hello received from router, but there are too many synchronizing routers RouterSyncResyncWait RouterSyncStatus = "SYNC_RESYNC_WAIT" //router requested a resync, in queue RouterSynInProgress RouterSyncStatus = "SYNC_IN_PROGRESS" //hello finished, starting to send state RouterSyncDone RouterSyncStatus = "SYNC_DONE" //initial state sent //Error states RouterSyncUnknown RouterSyncStatus = "SYNC_UNKNOWN" //the router is currently unknown RouterSyncDisconnected RouterSyncStatus = "SYNC_DISCONNECTED" //strategy was disconnected before finishing RouterSyncHelloTimeout RouterSyncStatus = "SYNC_HELLO_TIMEOUT" //sync failed due to a hello timeout. RouterSyncError RouterSyncStatus = "SYNC_ERROR" //sync failed due to an unexpected error //msg headers SyncStrategyTypeHeader = 1013 SyncStrategyStateHeader = 1014 )
type RouterSyncStrategy ¶ added in v0.17.72
type RouterSyncStrategy interface {
Type() RouterSyncStrategyType
GetEdgeRouterState(id string) RouterStateValues
Stop()
RouterConnectionHandler
RouterSynchronizerEventHandler
PeerAdded(peers []*event.ClusterPeer)
}
RouterSyncStrategy handles the life cycle of an Edge Router connecting to the controller, synchronizing any upfront state and then maintaining state after that.
type RouterSyncStrategyType ¶ added in v0.17.72
type RouterSyncStrategyType string
Aliased type for router strategies
type RouterSynchronizerEventHandler ¶ added in v0.17.72
type RouterSynchronizerEventHandler interface {
ApiSessionAdded(apiSession *persistence.ApiSession)
ApiSessionUpdated(apiSession *persistence.ApiSession, apiSessionCert *persistence.ApiSessionCertificate)
ApiSessionDeleted(apiSession *persistence.ApiSession)
SessionDeleted(session *persistence.Session)
}
RouterSynchronizerEventHandler is responsible for keeping Edge Routers up to date on API Sessions
type Schemes ¶
type Schemes struct {
Association *BasicEntitySchema
Authenticator *BasicEntitySchema
AuthenticatorSelf *BasicEntitySchema
Ca *BasicEntitySchema
Config *BasicEntitySchema
ConfigType *BasicEntitySchema
Enroller *BasicEntitySchema
EnrollEr *BasicEntitySchema
EnrollUpdb *BasicEntitySchema
EdgeRouter *BasicEntitySchema
EdgeRouterPolicy *BasicEntitySchema
TransitRouter *BasicEntitySchema
Identity *IdentityEntitySchema
Service *BasicEntitySchema
ServiceEdgeRouterPolicy *BasicEntitySchema
ServicePolicy *BasicEntitySchema
Session *BasicEntitySchema
Terminator *BasicEntitySchema
}
func (Schemes) GetEnrollErPost ¶
func (s Schemes) GetEnrollErPost() *gojsonschema.Schema
func (Schemes) GetEnrollUpdbPost ¶
func (s Schemes) GetEnrollUpdbPost() *gojsonschema.Schema
type TraceManager ¶ added in v0.20.24
type TraceManager struct {
// contains filtered or unexported fields
}
func NewTraceManager ¶ added in v0.20.24
func NewTraceManager(shutdownNotify <-chan struct{}) *TraceManager
func (*TraceManager) GetIdentityTrace ¶ added in v0.20.24
func (self *TraceManager) GetIdentityTrace(identityId string) *TraceSpec
func (*TraceManager) RemoveIdentityTrace ¶ added in v0.20.24
func (self *TraceManager) RemoveIdentityTrace(identity string)
func (*TraceManager) TraceIdentity ¶ added in v0.20.24
type YamlProducer ¶ added in v0.15.16
type YamlProducer struct{}
Source Files
Click to show internal directories.
Click to hide internal directories.