125510e009
This leverages recent additions to libkv enabling client authentication via TLS so the discovery back-end can be locked down with mutual TLS. Example usage: docker daemon [other args] \ --cluster-advertise 192.168.122.168:2376 \ --cluster-store etcd://192.168.122.168:2379 \ --cluster-store-opt kv.cacertfile=/path/to/ca.pem \ --cluster-store-opt kv.certfile=/path/to/cert.pem \ --cluster-store-opt kv.keyfile=/path/to/key.pem Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
35 lines
1.1 KiB
Go
35 lines
1.1 KiB
Go
package discovery
|
|
|
|
import (
|
|
"errors"
|
|
"time"
|
|
)
|
|
|
|
var (
|
|
// ErrNotSupported is returned when a discovery service is not supported.
|
|
ErrNotSupported = errors.New("discovery service not supported")
|
|
|
|
// ErrNotImplemented is returned when discovery feature is not implemented
|
|
// by discovery backend.
|
|
ErrNotImplemented = errors.New("not implemented in this discovery service")
|
|
)
|
|
|
|
// Watcher provides watching over a cluster for nodes joining and leaving.
|
|
type Watcher interface {
|
|
// Watch the discovery for entry changes.
|
|
// Returns a channel that will receive changes or an error.
|
|
// Providing a non-nil stopCh can be used to stop watching.
|
|
Watch(stopCh <-chan struct{}) (<-chan Entries, <-chan error)
|
|
}
|
|
|
|
// Backend is implemented by discovery backends which manage cluster entries.
|
|
type Backend interface {
|
|
// Watcher must be provided by every backend.
|
|
Watcher
|
|
|
|
// Initialize the discovery with URIs, a heartbeat, a ttl and optional settings.
|
|
Initialize(string, time.Duration, time.Duration, map[string]string) error
|
|
|
|
// Register to the discovery.
|
|
Register(string) error
|
|
}
|