-
Notifications
You must be signed in to change notification settings - Fork 53
/
agent_config.go
82 lines (71 loc) · 2.49 KB
/
agent_config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
package v1beta1
import (
"github.com/rancher/opni/pkg/config/meta"
)
type AgentConfig struct {
meta.TypeMeta `json:",inline"`
Spec AgentConfigSpec `json:"spec,omitempty"`
}
type TrustStrategyKind string
const (
TrustStrategyPKP TrustStrategyKind = "pkp"
TrustStrategyCACerts TrustStrategyKind = "cacerts"
TrustStrategyInsecure TrustStrategyKind = "insecure"
)
type AgentConfigSpec struct {
// The address which the agent will listen on for incoming connections.
// This should be in the format "host:port" or ":port", and must not
// include a scheme.
ListenAddress string `json:"listenAddress,omitempty"`
// The address of the gateway's public HTTP API. This should be of the format
// "https://host:port". The scheme must be "https".
GatewayAddress string `json:"gatewayAddress,omitempty"`
// The name of the identity provider to use. Defaults to "kubernetes".
IdentityProvider string `json:"identityProvider,omitempty"`
// The type of trust strategy to use for verifying the authenticity of the
// gateway server. Defaults to "pkp".
TrustStrategy TrustStrategyKind `json:"trustStrategy,omitempty"`
// Configuration for agent keyring storage.
Storage StorageSpec `json:"storage,omitempty"`
Rules *RulesSpec `json:"rules,omitempty"`
Bootstrap *BootstrapSpec `json:"bootstrap,omitempty"`
}
type BootstrapSpec struct {
// Bootstrap token
Token string `json:"token,omitempty"`
// List of public key pins. Used when the trust strategy is "pkp".
Pins []string `json:"pins,omitempty"`
// List of paths to CA Certs. Used when the trust strategy is "pkp".
// If empty, the system certs will be used.
CACerts []string `json:"caCerts,omitempty"`
}
func (s *AgentConfigSpec) SetDefaults() {
if s == nil {
return
}
if s.IdentityProvider == "" {
s.IdentityProvider = "kubernetes"
}
if s.ListenAddress == "" {
s.ListenAddress = ":8080"
}
if s.TrustStrategy == "" {
s.TrustStrategy = "pkp"
}
}
type RulesSpec struct {
Discovery DiscoverySpec `json:"discovery,omitempty"`
}
type DiscoverySpec struct {
PrometheusRules *PrometheusRulesSpec `json:"prometheusRules,omitempty"`
// Search interval. Defaults to "15m"
Interval string `json:"interval,omitempty"`
}
type PrometheusRulesSpec struct {
// Namespaces to search for rules in. If empty, will search all accessible
// namespaces.
SearchNamespaces []string `json:"searchNamespaces,omitempty"`
// Kubeconfig to use for rule discovery. If nil, will use the in-cluster
// kubeconfig.
Kubeconfig *string `json:"kubeconfig,omitempty"`
}