archive
/
tailscale
mirror of https://github.com/tailscale/tailscale/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

tailcfg: rename and retype ServiceHost capability (#14380)

Browse Source 
* tailcfg: rename and retype ServiceHost capability, add value type

Updates tailscale/corp#22743.

In #14046, this was accidentally made a PeerCapability when it
should have been NodeCapability. Also, renaming it to use the
nomenclature that we decided on after #14046 went up, and adding
the type of the value that will be passed down in the RawMessage
for this capability.

This shouldn't break anything, since no one was using this string or
variable yet.

Signed-off-by: Naman Sood <mail@nsood.in>
pull/14446/head
Naman Sood 1 year ago committed by GitHub
parent 256da8dfb5
commit 887472312d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 27 additions and 5 deletions
Show Stats Download Patch File Download Diff File

32
tailcfg/tailcfg.go
Unescape Escape View File

@ -1453,11 +1453,6 @@ const (
// user groups as Kubernetes user groups. This capability is read by
// peers that are Tailscale Kubernetes operator instances.
PeerCapabilityKubernetes PeerCapability = "tailscale.com/cap/kubernetes"
// PeerCapabilityServicesDestination grants a peer the ability to serve as
// a destination for a set of given VIP services, which is provided as the
// value of this key in NodeCapMap.
PeerCapabilityServicesDestination PeerCapability = "tailscale.com/cap/services-destination"
)
// NodeCapMap is a map of capabilities to their optional values. It is valid for
@ -2401,6 +2396,15 @@ const (
// NodeAttrSSHEnvironmentVariables enables logic for handling environment variables sent
// via SendEnv in the SSH server and applying them to the SSH session.
NodeAttrSSHEnvironmentVariables NodeCapability = "ssh-env-vars"
// NodeAttrServiceHost indicates the VIP Services for which the client is
// approved to act as a service host, and which IP addresses are assigned
// to those VIP Services. Any VIP Services that the client is not
// advertising can be ignored.
// Each value of this key in [NodeCapMap] is of type [ServiceIPMappings].
// If multiple values of this key exist, they should be merged in sequence
// (replace conflicting keys).
NodeAttrServiceHost NodeCapability = "service-host"
)
// SetDNSRequest is a request to add a DNS record.
@ -2883,3 +2887,21 @@ type EarlyNoise struct {
// For some request types, the header may have multiple values. (e.g. OldNodeKey
// vs NodeKey)
const LBHeader = "Ts-Lb"
// ServiceIPMappings maps service names (strings that conform to
// [CheckServiceName]) to lists of IP addresses. This is used as the value of
// the [NodeAttrServiceHost] capability, to inform service hosts what IP
// addresses they need to listen on for each service that they are advertising.
//
// This is of the form:
//
// {
// "svc:samba": ["100.65.32.1", "fd7a:115c:a1e0::1234"],
// "svc:web": ["100.102.42.3", "fd7a:115c:a1e0::abcd"],
// }
//
// where the IP addresses are the IPs of the VIP services. These IPs are also
// provided in AllowedIPs, but this lets the client know which services
// correspond to those IPs. Any services that don't correspond to a service
// this client is hosting can be ignored.
type ServiceIPMappings map[string][]netip.Addr

Write Preview
Loading…
Cancel
Save