mirror of https://github.com/status-im/consul.git
1a8834e1c8
The importing peer will need to know what SNI and SPIFFE name
corresponds to each exported service. Additionally it will need to know
at a high level the protocol in use (L4/L7) to generate the appropriate
connection pool and local metrics.
For replicated connect synthetic entities we edit the `Connect{}` part
of a `NodeService` to have a new section:
{
"PeerMeta": {
"SNI": [
"web.default.default.owt.external.183150d5-1033-3672-c426-c29205a576b8.consul"
],
"SpiffeID": [
"spiffe://183150d5-1033-3672-c426-c29205a576b8.consul/ns/default/dc/dc1/svc/web"
],
"Protocol": "tcp"
}
}
This data is then replicated and saved as-is at the importing side. Both
SNI and SpiffeID are slices for now until I can be sure we don't need
them for how mesh gateways will ultimately work.
|
||
|---|---|---|
| .. | ||
| ca | ||
| authz.go | ||
| authz_test.go | ||
| common_names.go | ||
| csr.go | ||
| generate.go | ||
| generate_test.go | ||
| parsing.go | ||
| sni.go | ||
| sni_test.go | ||
| testing_ca.go | ||
| testing_ca_test.go | ||
| testing_spiffe.go | ||
| uri.go | ||
| uri_agent.go | ||
| uri_agent_oss.go | ||
| uri_agent_oss_test.go | ||
| uri_service.go | ||
| uri_service_oss.go | ||
| uri_service_oss_test.go | ||
| uri_signing.go | ||
| uri_signing_test.go | ||
| uri_test.go | ||
| x509_patch.go | ||
| x509_patch_test.go | ||