Documentation
¶
Index ¶
- Constants
- type CloudAuthConfig
- type Coordinator
- func (c *Coordinator) Activator() activator.AppActivator
- func (c *Coordinator) CertificateProvider() autotls.CertificateProvider
- func (c *Coordinator) HttpIngress() *httpingress.Server
- func (c *Coordinator) IssueCertificate(name string) (*caauth.ClientCertificate, error)
- func (c *Coordinator) ListenAddress() string
- func (c *Coordinator) LoadAPICert(ctx context.Context) error
- func (c *Coordinator) LoadCA(ctx context.Context) error
- func (c *Coordinator) LocalConfig() (*clientconfig.Config, error)
- func (c *Coordinator) NamedConfig(name string) (*clientconfig.Config, error)
- func (c *Coordinator) ReportStartupStatus(ctx context.Context) error
- func (c *Coordinator) ReportStatus(ctx context.Context) error
- func (c *Coordinator) RunnerConfig(listenAddress string) (*clientconfig.Config, error)
- func (c *Coordinator) SandboxPoolManager() *sandboxpool.Manager
- func (c *Coordinator) Server() *rpc.Server
- func (c *Coordinator) ServiceConfig() (*clientconfig.Config, error)
- func (c *Coordinator) Start(ctx context.Context) error
- func (c *Coordinator) Stop()
- type CoordinatorConfig
- type EtcdTLSConfig
- type EtcdTLSSetupResult
Constants ¶
View Source
const ( DefaultProjectOwner = "miren.system@miren.dev" DefaultCloudURL = "https://api.miren.cloud" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CloudAuthConfig ¶
type CloudAuthConfig struct {
Enabled bool `json:"enabled" yaml:"enabled"`
CloudURL string `json:"cloud_url" yaml:"cloud_url"` // URL of miren.cloud (default: https://api.miren.cloud)
PrivateKey string `json:"private_key" yaml:"private_key"` // Required: Path to service account private key when enabled
Tags map[string]string `json:"tags" yaml:"tags"` // Tags from registration for RBAC evaluation
ClusterID string `json:"cluster_id" yaml:"cluster_id"` // Cluster ID for status reporting
DNSHostname string `json:"dns_hostname" yaml:"dns_hostname"` // Cloud-provisioned DNS hostname for the cluster
}
CloudAuthConfig contains cloud authentication settings
type Coordinator ¶
type Coordinator struct {
CoordinatorConfig
Log *slog.Logger
// contains filtered or unexported fields
}
func NewCoordinator ¶
func NewCoordinator(log *slog.Logger, cfg CoordinatorConfig) *Coordinator
func (*Coordinator) Activator ¶
func (c *Coordinator) Activator() activator.AppActivator
func (*Coordinator) CertificateProvider ¶
func (c *Coordinator) CertificateProvider() autotls.CertificateProvider
CertificateProvider returns the certificate controller for use by autotls. Returns nil if DNS provider is not configured.
func (*Coordinator) HttpIngress ¶ added in v0.3.1
func (c *Coordinator) HttpIngress() *httpingress.Server
func (*Coordinator) IssueCertificate ¶
func (c *Coordinator) IssueCertificate(name string) (*caauth.ClientCertificate, error)
func (*Coordinator) ListenAddress ¶
func (c *Coordinator) ListenAddress() string
func (*Coordinator) LoadAPICert ¶
func (c *Coordinator) LoadAPICert(ctx context.Context) error
func (*Coordinator) LocalConfig ¶
func (c *Coordinator) LocalConfig() (*clientconfig.Config, error)
func (*Coordinator) NamedConfig ¶
func (c *Coordinator) NamedConfig(name string) (*clientconfig.Config, error)
func (*Coordinator) ReportStartupStatus ¶
func (c *Coordinator) ReportStartupStatus(ctx context.Context) error
ReportStatus reports the current cluster status to miren.cloud
func (*Coordinator) ReportStatus ¶
func (c *Coordinator) ReportStatus(ctx context.Context) error
ReportStatus reports the current cluster status to miren.cloud
func (*Coordinator) RunnerConfig ¶ added in v0.2.0
func (c *Coordinator) RunnerConfig(listenAddress string) (*clientconfig.Config, error)
RunnerConfig returns a client config for a runner service with proper TLS certificate SANs. The certificate will be valid for localhost and the runner's listen address.
func (*Coordinator) SandboxPoolManager ¶
func (c *Coordinator) SandboxPoolManager() *sandboxpool.Manager
func (*Coordinator) Server ¶
func (c *Coordinator) Server() *rpc.Server
func (*Coordinator) ServiceConfig ¶
func (c *Coordinator) ServiceConfig() (*clientconfig.Config, error)
func (*Coordinator) Stop ¶
func (c *Coordinator) Stop()
Stop stops the coordinator and all managed controllers
type CoordinatorConfig ¶
type CoordinatorConfig struct {
Address string `json:"address" yaml:"address"`
EtcdEndpoints []string `json:"etcd_endpoints" yaml:"etcd_endpoints"`
Prefix string `json:"prefix" yaml:"prefix"`
NetworkBackend string `json:"network_backend" yaml:"network_backend"`
Resolver netresolve.Resolver `json:"resolver" yaml:"resolver"`
TempDir string `json:"temp_dir" yaml:"temp_dir"`
DataPath string `json:"data_path" yaml:"data_path"`
AdditionalNames []string `json:"additional_names" yaml:"additional_names"`
AdditionalIPs []net.IP `json:"additional_ips" yaml:"additional_ips"`
// ACME certificate configuration
AcmeEmail string `json:"acme_email" yaml:"acme_email"`
AcmeDNSProvider string `json:"acme_dns_provider" yaml:"acme_dns_provider"`
// Cloud authentication configuration
CloudAuth CloudAuthConfig `json:"cloud_auth" yaml:"cloud_auth"`
// NoAuth disables authentication entirely (for testing only)
NoAuth bool `json:"no_auth" yaml:"no_auth"`
// EtcdTLS holds mTLS configuration for etcd connections (optional).
// When set, the coordinator will use mTLS to connect to etcd.
EtcdTLS *EtcdTLSConfig `json:"etcd_tls" yaml:"etcd_tls"`
Mem *metrics.MemoryUsage
Cpu *metrics.CPUUsage
HTTP *metrics.HTTPMetrics
Logs *observability.LogReader
LogWriter observability.LogWriter
// BuildKit is the persistent BuildKit component for container image builds
BuildKit *buildkit.Component
// HTTPRequestTimeout is the timeout for HTTP requests to app sandboxes
HTTPRequestTimeout time.Duration
}
type EtcdTLSConfig ¶ added in v0.4.0
type EtcdTLSConfig struct {
CertPEM []byte // Client certificate PEM
KeyPEM []byte // Client private key PEM
CACert []byte // CA certificate PEM for verifying server
}
EtcdTLSConfig holds TLS configuration for connecting to etcd with mTLS.
type EtcdTLSSetupResult ¶ added in v0.4.0
type EtcdTLSSetupResult struct {
// CertsDir is the directory containing etcd server certs (ca.crt, server.crt, server.key)
CertsDir string
// ClientTLS is the TLS config for clients connecting to etcd
ClientTLS *EtcdTLSConfig
}
EtcdTLSSetupResult contains the results of setting up etcd TLS.
func SetupEtcdTLS ¶ added in v0.4.0
func SetupEtcdTLS(log *slog.Logger, dataPath string, extraDNSNames []string, extraIPs []net.IP) (*EtcdTLSSetupResult, error)
SetupEtcdTLS loads the existing CA and issues certificates for etcd mTLS. This must be called before starting the etcd component when TLS is desired. The dataPath should be the same path used for CoordinatorConfig.DataPath. The CA must already exist (created by the coordinator's LoadCA). Additional DNS names and IPs are included in the server certificate SANs so that distributed runners can connect to etcd over the network.
Source Files
Click to show internal directories.
Click to hide internal directories.