1package autoconf 2 3import ( 4 "context" 5 "net" 6 "time" 7 8 "github.com/hashicorp/go-hclog" 9 10 "github.com/hashicorp/consul/agent/cache" 11 "github.com/hashicorp/consul/agent/config" 12 "github.com/hashicorp/consul/agent/metadata" 13 "github.com/hashicorp/consul/agent/token" 14 "github.com/hashicorp/consul/lib/retry" 15) 16 17// DirectRPC is the interface that needs to be satisifed for AutoConfig to be able to perform 18// direct RPCs against individual servers. This will not be used for any ongoing RPCs as once 19// the agent gets configured, it can go through the normal RPC means of selecting a available 20// server automatically. 21type DirectRPC interface { 22 RPC(dc string, node string, addr net.Addr, method string, args interface{}, reply interface{}) error 23} 24 25// Cache is an interface to represent the methods of the 26// agent/cache.Cache struct that we care about 27type Cache interface { 28 Notify(ctx context.Context, t string, r cache.Request, correlationID string, ch chan<- cache.UpdateEvent) error 29 Prepopulate(t string, result cache.FetchResult, dc string, token string, key string) error 30} 31 32// ServerProvider is an interface that can be used to find one server in the local DC known to 33// the agent via Gossip 34type ServerProvider interface { 35 FindLANServer() *metadata.Server 36} 37 38// TLSConfigurator is an interface of the methods on the tlsutil.Configurator that we will require at 39// runtime. 40type TLSConfigurator interface { 41 UpdateAutoTLS(manualCAPEMs, connectCAPEMs []string, pub, priv string, verifyServerHostname bool) error 42 UpdateAutoTLSCA([]string) error 43 UpdateAutoTLSCert(pub, priv string) error 44 AutoEncryptCertNotAfter() time.Time 45 AutoEncryptCertExpired() bool 46} 47 48// TokenStore is an interface of the methods we will need to use from the token.Store. 49type TokenStore interface { 50 AgentToken() string 51 UpdateAgentToken(secret string, source token.TokenSource) bool 52 Notify(kind token.TokenKind) token.Notifier 53 StopNotify(notifier token.Notifier) 54} 55 56// Config contains all the tunables for AutoConfig 57type Config struct { 58 // Logger is any logger that should be utilized. If not provided, 59 // then no logs will be emitted. 60 Logger hclog.Logger 61 62 // DirectRPC is the interface to be used by AutoConfig to make the 63 // AutoConfig.InitialConfiguration RPCs for generating the bootstrap 64 // configuration. Setting this field is required. 65 DirectRPC DirectRPC 66 67 // ServerProvider is the interfaced to be used by AutoConfig to find any 68 // known servers during fallback operations. 69 ServerProvider ServerProvider 70 71 // Waiter is used during retrieval of the initial configuration. 72 // When around of requests fails we will 73 // wait and eventually make another round of requests (1 round 74 // is trying the RPC once against each configured server addr). The 75 // waiting implements some backoff to prevent from retrying these RPCs 76 // too often. This field is not required and if left unset a waiter will 77 // be used that has a max wait duration of 10 minutes and a randomized 78 // jitter of 25% of the wait time. Setting this is mainly useful for 79 // testing purposes to allow testing out the retrying functionality without 80 // having the test take minutes/hours to complete. 81 Waiter *retry.Waiter 82 83 // Loader merges source with the existing FileSources and returns the complete 84 // RuntimeConfig. 85 Loader func(source config.Source) (config.LoadResult, error) 86 87 // TLSConfigurator is the shared TLS Configurator. AutoConfig will update the 88 // auto encrypt/auto config certs as they are renewed. 89 TLSConfigurator TLSConfigurator 90 91 // Cache is an object implementing our Cache interface. The Cache 92 // used at runtime must be able to handle Roots and Leaf Cert watches 93 Cache Cache 94 95 // FallbackLeeway is the amount of time after certificate expiration before 96 // invoking the fallback routine. If not set this will default to 10s. 97 FallbackLeeway time.Duration 98 99 // FallbackRetry is the duration between Fallback invocations when the configured 100 // fallback routine returns an error. If not set this will default to 1m. 101 FallbackRetry time.Duration 102 103 // Tokens is the shared token store. It is used to retrieve the current 104 // agent token as well as getting notifications when that token is updated. 105 // This field is required. 106 Tokens TokenStore 107 108 // EnterpriseConfig is the embedded specific enterprise configurations 109 EnterpriseConfig 110} 111