Documentation
¶
Index ¶
- Constants
- func GetPublicIP() (netip.Addr, error)
- func ListRoutableIPs() ([]netip.Addr, error)
- func MachineIP(subnet netip.Prefix) netip.Addr
- func ManagementIP(publicKey secret.Secret) netip.Addr
- func NewMachineKeys() (privKey, pubKey secret.Secret, err error)
- type Config
- type EndpointChangeEvent
- type PeerConfig
- type WireGuardNetwork
Constants ¶
const ( PeerStatusUnknown = "unknown" PeerStatusUp = "up" PeerStatusDown = "down" )
const ( WireGuardInterfaceName = "uncloud" WireGuardPort = 51820 // WireGuardKeepaliveInterval is sensible interval that works with a wide variety of firewalls. WireGuardKeepaliveInterval = 25 * time.Second )
Variables ¶
This section is empty.
Functions ¶
func GetPublicIP ¶
func ListRoutableIPs ¶
ListRoutableIPs returns a list of routable unicast IP addresses.
func MachineIP ¶
MachineIP returns the IP address of the machine which is the first address in the subnet.
func ManagementIP ¶
ManagementIP returns the IPv6 address of a peer derived from the first 14 bytes of its public key. This address always starts with fdcc: and is intended for cluster management traffic.
func NewMachineKeys ¶
NewMachineKeys generates a new WireGuard private and public key pair.
Types ¶
type Config ¶
type Config struct {
// Subnet is the IPv4 address range allocated to the machine. The machine's IP address is the first address
// in the subnet. Other IP addresses are allocated to containers running on the machine.
Subnet netip.Prefix
// ManagementIP is the IPv6 address assigned to the machine within the WireGuard network. This address is used
// for cluster management traffic, such as gRPC communication with the machine API server and Corrosion gossip.
ManagementIP netip.Addr
PrivateKey secret.Secret
PublicKey secret.Secret
Peers []PeerConfig `json:",omitempty"`
}
func (Config) IsConfigured ¶
IsConfigured returns true if the configuration is complete to establish a WireGuard network.
type EndpointChangeEvent ¶
type PeerConfig ¶
type PeerConfig struct {
Subnet *netip.Prefix `json:",omitempty"`
// ManagementIP is the IPv6 address assigned to the peer within the WireGuard network. This address is used
// for cluster management traffic, such as gRPC communication with the machine API server and Corrosion gossip.
ManagementIP netip.Addr
Endpoint *netip.AddrPort `json:",omitempty"`
AllEndpoints []netip.AddrPort `json:",omitempty"`
PublicKey secret.Secret
}
type WireGuardNetwork ¶
type WireGuardNetwork struct {
// contains filtered or unexported fields
}
func NewWireGuardNetwork ¶
func NewWireGuardNetwork() (*WireGuardNetwork, error)
func (*WireGuardNetwork) Cleanup ¶ added in v0.10.0
func (n *WireGuardNetwork) Cleanup() error
Cleanup deletes the WireGuard link. The network must not be running when this method is called.
func (*WireGuardNetwork) Configure ¶
func (n *WireGuardNetwork) Configure(config Config) error
Configure applies the given configuration to the WireGuard network interface. It updates device and peers settings, subnet, and peer routes.
func (*WireGuardNetwork) WatchEndpoints ¶
func (n *WireGuardNetwork) WatchEndpoints() <-chan EndpointChangeEvent
WatchEndpoints returns a channel that receives endpoint change events for the WireGuard peers.
Source Files
Directories