forked from openshift/origin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
types.go
100 lines (88 loc) · 4.32 KB
/
types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
package templaterouter
import (
routeapi "github.com/openshift/origin/pkg/route/api"
"strings"
)
// ServiceUnit is an encapsulation of a service, the endpoints that back that service, and the routes
// that point to the service. This is the data that drives the creation of the router configuration files
type ServiceUnit struct {
// Name corresponds to a service name & namespace. Uniquely identifies the ServiceUnit
Name string
// EndpointTable are endpoints that back the service, this translates into a final backend implementation for routers
// keyed by IP:port for easy access
EndpointTable map[string]Endpoint
// ServiceAliasConfigs is a collection of unique routes that support this service, keyed by host + path
ServiceAliasConfigs map[string]ServiceAliasConfig
}
// ServiceAliasConfig is a route for a service. Uniquely identified by host + path.
type ServiceAliasConfig struct {
// Host is a required host name ie. www.example.com
Host string
// Path is an optional path ie. www.example.com/myservice where "myservice" is the path
Path string
// TLSTermination is the termination policy for this backend and drives the mapping files and router configuration
TLSTermination routeapi.TLSTerminationType
// Certificates used for securing this backend. Keyed by the cert id
Certificates map[string]Certificate
// Indicates the status of configuration that needs to be persisted. Right now this only
// includes the certificates and is not an indicator of being written to the underlying
// router implementation
Status ServiceAliasConfigStatus
}
type ServiceAliasConfigStatus string
const (
// ServiceAliasConfigStatusSaved indicates that the necessary files for this config have
// been persisted to disk.
ServiceAliasConfigStatusSaved ServiceAliasConfigStatus = "saved"
)
// Certificate represents a pub/private key pair. It is identified by ID which will become the file name.
// A CA certificate will not have a PrivateKey set.
type Certificate struct {
ID string
Contents string
PrivateKey string
}
// Endpoint is an internal representation of a k8s endpoint.
type Endpoint struct {
ID string
IP string
Port string
}
// certificateManager provides the ability to write certificates for a ServiceAliasConfig
type certificateManager interface {
// WriteCertificatesForConfig writes all certificates for all ServiceAliasConfigs in config
WriteCertificatesForConfig(config *ServiceAliasConfig) error
// DeleteCertificatesForConfig deletes all certificates for all ServiceAliasConfigs in config
DeleteCertificatesForConfig(config *ServiceAliasConfig) error
// CertificateWriter provides direct access to the underlying writer if required
CertificateWriter() certificateWriter
}
// certManagerConfig provides the configuration necessary for certmanager to manipulate certificates.
type certificateManagerConfig struct {
// certKeyFunc is used to find the edge certificate (which also has the key) from the cert map
// of the ServiceAliasConfig
certKeyFunc certificateKeyFunc
// caCertKeyFunc is used to find the edge ca certificate from the cert map of the ServiceAliasConfig
caCertKeyFunc certificateKeyFunc
// destCertKeyFunc is used to find the ca certificate of a destination (pod) from the cert map
// of the ServiceAliasConfig
destCertKeyFunc certificateKeyFunc
// certDir is where the edge certificates will be written.
certDir string
// caCertDir is where the edge certificates will be written. It must be different than certDir
caCertDir string
}
// certificateKeyFunc provides the certificateManager a way to create keys the same way the template
// router creates them so it can retrieve the certificates from a ServiceAliasConfig correctly
type certificateKeyFunc func(config *ServiceAliasConfig) string
// certificateWriter is used by a certificateManager to perform the actual writing. It is abstracteed
// out in order to provide the ability to inject a test writer for unit testing
type certificateWriter interface {
WriteCertificate(directory string, id string, cert []byte) error
DeleteCertificate(directory, id string) error
}
//TemplateSafeName provides a name that can be used in the template that does not contain restricted
//characters like / which is used to concat namespace and name in the service unit key
func (s ServiceUnit) TemplateSafeName() string {
return strings.Replace(s.Name, "/", "-", -1)
}