Movatterモバイル変換

[0]ホーム
URL:

tailnet

package
v2.23.0Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest Published: Jun 3, 2025 License:AGPL-3.0Imports:81Imported by:0

Details

Repository

github.com/coder/coder

Links

Documentation

Index

Constants

View Source
const (CoderDNSSuffix     = "coder"CoderDNSSuffixFQDN =dnsname.FQDN(CoderDNSSuffix + "."))

CoderDNSSuffix is the default DNS suffix that we append to Coder DNSrecords.

View Source
const (WorkspaceAgentSSHPort             = 1WorkspaceAgentReconnectingPTYPort = 2WorkspaceAgentSpeedtestPort       = 3WorkspaceAgentStandardSSHPort     = 22)
View Source
const (// ResponseBufferSize is the max number of responses to buffer per connection before we start// dropping updatesResponseBufferSize = 512// RequestBufferSize is the max number of requests to buffer per connectionRequestBufferSize        = 32CloseErrOverwritten      = "peer ID overwritten by new connection"CloseErrCoordinatorClose = "coordinator closed"ReadyForHandshakeError   = "ready for handshake error")
View Source
const (TelemetryApplicationSSHstring = "ssh"TelemetryApplicationSpeedteststring = "speedtest"TelemetryApplicationVSCodestring = "vscode")
View Source
const (DefaultResumeTokenExpiry = 24 *time.Hour)
View Source
const DisableSTUN = "disable"
View Source
const EnvMagicsockDebugLogging = "CODER_MAGICSOCK_DEBUG_LOGGING"

EnvMagicsockDebugLogging enables super-verbose logging for the magicsockinternals. A logger must be supplied to the connection with the debug levelenabled.

With this disabled, you still get a lot of output if you have a valid loggerwith the debug level enabled.

View Source
const IsCoderConnectEnabledFmtString = "is.coder--connect--enabled--right--now.%s."

A FQDN to be mapped to `tsaddr.CoderServiceIPv6`. This address can be usedwhen you want to know if Coder Connect is running, but are not trying toconnect to a specific known workspace.

View Source
const LoggerName = "coord"

Variables

View Source
var (ErrClosed         =xerrors.New("coordinator is closed")ErrWouldBlock     =xerrors.New("would block")ErrAlreadyRemoved =xerrors.New("already removed"))
View Source
var ErrConnClosed =xerrors.New("connection closed")
View Source
var ErrUnsupportedVersion =xerrors.New("unsupported version")

Functions

funcCompareDERPMaps

func CompareDERPMaps(a *tailcfg.DERPMap, b *tailcfg.DERPMap)bool

CompareDERPMaps returns true if the given DERPMaps are equivalent. Orderingof slices is ignored.

If the first map is nil, the second map must also be nil for them to beconsidered equivalent. If the second map is nil, the first map can be anyvalue and the function will return true.

funcDERPMapFromProtoadded inv2.6.0

func DERPMapFromProto(derpMap *proto.DERPMap) *tailcfg.DERPMap

funcDERPMapToProtoadded inv2.6.0

func DERPMapToProto(derpMap *tailcfg.DERPMap) *proto.DERPMap

funcDERPNodeFromProtoadded inv2.6.0

func DERPNodeFromProto(node *proto.DERPMap_Region_Node) *tailcfg.DERPNode

funcDERPNodeToProtoadded inv2.6.0

func DERPNodeToProto(node *tailcfg.DERPNode) *proto.DERPMap_Region_Node

funcDERPRegionFromProtoadded inv2.6.0

func DERPRegionFromProto(region *proto.DERPMap_Region) *tailcfg.DERPRegion

funcDERPRegionToProtoadded inv2.6.0

func DERPRegionToProto(region *tailcfg.DERPRegion) *proto.DERPMap_Region

funcIsDRPCUnimplementedErroradded inv2.18.0

func IsDRPCUnimplementedError(errerror)bool

IsDRPCUnimplementedError returns true if the error indicates the RPC called is not implementedby the server.

funcLogger

func Logger(logger interface {Debug(ctxcontext.Context, strstring, args ...any)},)tslogger.Logf

Logger converts the Tailscale logging function to use a slog-compatiblelogger.

funcNewDERPMap

func NewDERPMap(ctxcontext.Context, region *tailcfg.DERPRegion, stunAddrs []string, remoteURL, localPathstring, disableSTUNbool) (*tailcfg.DERPMap,error)

NewDERPMap constructs a DERPMap from a set of STUN addresses and optionally a remoteURL to fetch a mapping from e.g.https://controlplane.tailscale.com/derpmap/default.

funcNewDRPCClientadded inv2.6.0

func NewDRPCClient(connnet.Conn, loggerslog.Logger) (proto.DRPCTailnetClient,error)

funcNodeID

func NodeID(uiduuid.UUID)tailcfg.NodeID

NodeID creates a Tailscale NodeID from the last 8 bytes of a UUID. It ensuresthe returned NodeID is always positive.

funcNodeToProtoadded inv2.4.0

func NodeToProto(n *Node) (*proto.Node,error)

funcRecvCtxadded inv2.5.0

func RecvCtx[Aany](ctxcontext.Context, c <-chan A) (a A, errerror)

funcSTUNRegions

func STUNRegions(baseRegionIDint, stunAddrs []string) ([]*tailcfg.DERPRegion,error)

funcSendCtxadded inv2.5.0

func SendCtx[Aany](ctxcontext.Context, c chan<- A, a A) (errerror)

funcSingleNodeUpdateadded inv2.4.0

func SingleNodeUpdate(iduuid.UUID, node *Node, reasonstring) (*proto.CoordinateResponse,error)

funcUUIDToByteSliceadded inv2.4.0

func UUIDToByteSlice(uuuid.UUID) []byte

funcWithStreamIDadded inv2.6.0

func WithStreamID(ctxcontext.Context, streamIDStreamID)context.Context

funcWithWebsocketSupport

func WithWebsocketSupport(s *derp.Server, basehttp.Handler) (http.Handler, func())

WithWebsocketSupport returns an http.Handler that upgradesconnections to the "derp" subprotocol to WebSockets andpasses them to the DERP server.Taken from:https://github.com/tailscale/tailscale/blob/e3211ff88ba85435f70984cf67d9b353f3d650d8/cmd/derper/websocket.go#L21

funcWorkspaceStatusToProtoadded inv2.18.0

func WorkspaceStatusToProto(statuscodersdk.WorkspaceStatus)proto.Workspace_Status

Types

typeAgentadded inv2.19.0

type Agent struct {IDuuid.UUIDNamestringWorkspaceIDuuid.UUIDHosts       map[dnsname.FQDN][]netip.Addr}

func (*Agent)Cloneadded inv2.19.0

func (a *Agent) Clone()Agent

typeAgentCoordinateeAuthadded inv2.9.0

type AgentCoordinateeAuth struct {IDuuid.UUID}

AgentCoordinateeAuth disallows all tunnels, since agents are not allowed to initiate their own tunnels

func (AgentCoordinateeAuth)Authorizeadded inv2.9.0

typeAuthorizationErroradded inv2.22.0

type AuthorizationError struct {Wrappederror}

func (AuthorizationError)Erroradded inv2.22.0

func (eAuthorizationError) Error()string

func (AuthorizationError)Unwrapadded inv2.22.0

func (eAuthorizationError) Unwrap()error

typeBasicCoordinationadded inv2.18.0

type BasicCoordination struct {sync.MutexClientCoordinatorClient// contains filtered or unexported fields}

BasicCoordination handles:

1. Sending local node updates to the control plane2. Reading remote updates from the control plane and programming them into the Coordinatee.

It does *not* handle adding any Tunnels, but these can be handled by composingBasicCoordinationController with a more advanced controller.

func (*BasicCoordination)Closeadded inv2.18.0

func (c *BasicCoordination) Close(ctxcontext.Context) (retErrerror)

Close the coordination gracefully. If the context expires before the remote API server has hungup on us, we forcibly close the Client connection.

func (*BasicCoordination)SendErradded inv2.18.0

func (c *BasicCoordination) SendErr(errerror)

SendErr is not part of the CloserWaiter interface, and is intended to be called internally, orby Controllers that use BasicCoordinationController in composition. It triggers Wait() toreport the error if an error has not already been reported.

func (*BasicCoordination)Waitadded inv2.18.0

func (c *BasicCoordination) Wait() <-chanerror

Wait for the Coordination to complete

typeBasicCoordinationControlleradded inv2.18.0

type BasicCoordinationController struct {Loggerslog.LoggerCoordinateeCoordinateeSendAcksbool}

BasicCoordinationController handles the basic coordination operations common to all types oftailnet consumers:

  1. sending local node updates to the Coordinator
  2. receiving peer node updates and programming them into the Coordinatee (e.g. tailnet.Conn)
  3. (optionally) sending ReadyToHandshake acknowledgements for peer updates.

It is designed to be used on its own, or composed into more advanced CoordinationControllers.

func (*BasicCoordinationController)Newadded inv2.18.0

New satisfies the method on the CoordinationController interface

func (*BasicCoordinationController)NewCoordinationadded inv2.18.0

NewCoordination creates a BasicCoordination

typeBasicTelemetryControlleradded inv2.18.0

type BasicTelemetryController struct {sync.Mutex// contains filtered or unexported fields}

funcNewBasicTelemetryControlleradded inv2.18.0

func NewBasicTelemetryController(loggerslog.Logger) *BasicTelemetryController

func (*BasicTelemetryController)Newadded inv2.18.0

func (*BasicTelemetryController)SendTelemetryEventadded inv2.18.0

func (b *BasicTelemetryController) SendTelemetryEvent(event *proto.TelemetryEvent)

typeClientCoordinateeAuthadded inv2.9.0

type ClientCoordinateeAuth struct {AgentIDuuid.UUID}

ClientCoordinateeAuth allows connecting to a single, given agent

func (ClientCoordinateeAuth)Authorizeadded inv2.9.0

typeClientServiceadded inv2.6.0

type ClientService struct {Loggerslog.LoggerCoordPtr *atomic.Pointer[Coordinator]// contains filtered or unexported fields}

ClientService is a tailnet coordination service that accepts a connection and version from atailnet client, and support versions 2.x of the Tailnet API protocol.

funcNewClientServiceadded inv2.6.0

func NewClientService(optionsClientServiceOptions) (*ClientService,error,)

NewClientService returns a ClientService based on the given Coordinator pointer. The pointer isloaded on each processed connection.

func (*ClientService)ServeClientadded inv2.6.0

func (s *ClientService) ServeClient(ctxcontext.Context, versionstring, connnet.Conn, streamIDStreamID)error

func (ClientService)ServeConnV2added inv2.7.0

func (sClientService) ServeConnV2(ctxcontext.Context, connnet.Conn, streamIDStreamID)error

typeClientServiceOptionsadded inv2.14.0

type ClientServiceOptions struct {Loggerslog.LoggerCoordPtr                 *atomic.Pointer[Coordinator]DERPMapUpdateFrequencytime.DurationDERPMapFn                func() *tailcfg.DERPMapNetworkTelemetryHandler  func(batch []*proto.TelemetryEvent)ResumeTokenProviderResumeTokenProviderWorkspaceUpdatesProviderWorkspaceUpdatesProvider}

typeClientUserCoordinateeAuthadded inv2.18.0

type ClientUserCoordinateeAuth struct {AuthTunnelAuthorizer}

func (ClientUserCoordinateeAuth)Authorizeadded inv2.18.0

typeCloserWaiteradded inv2.18.0

type CloserWaiter interface {Close(context.Context)errorWait() <-chanerror}

typeConn

type Conn struct {// contains filtered or unexported fields}

Conn is an actively listening Wireguard connection.

funcNewConn

func NewConn(options *Options) (conn *Conn, errerror)

NewConn constructs a new Wireguard server that will accept connections from the addresses provided.

func (*Conn)AwaitReachable

func (c *Conn) AwaitReachable(ctxcontext.Context, ipnetip.Addr)bool

AwaitReachable pings the provided IP continually until theaddress is reachable. It's the callers responsibility to providea timeout, otherwise this function will block forever.

func (*Conn)Close

func (c *Conn) Close()error

Close shuts down the Wireguard connection.

func (*Conn)Closed

func (c *Conn) Closed() <-chan struct{}

Closed is a channel that ends when the connection hasbeen closed.

func (*Conn)DERPMap

func (c *Conn) DERPMap() *tailcfg.DERPMap

DERPMap returns the currently set DERP mapping.

func (*Conn)DialContextTCP

func (c *Conn) DialContextTCP(ctxcontext.Context, ippnetip.AddrPort) (*gonet.TCPConn,error)

func (*Conn)DialContextUDP

func (c *Conn) DialContextUDP(ctxcontext.Context, ippnetip.AddrPort) (*gonet.UDPConn,error)

func (*Conn)GetBlockEndpointsadded inv2.9.0

func (c *Conn) GetBlockEndpoints()bool

func (*Conn)GetKnownPeerIDsadded inv2.15.0

func (c *Conn) GetKnownPeerIDs() []uuid.UUID

func (*Conn)GetNetInfoadded inv2.15.0

func (c *Conn) GetNetInfo() *tailcfg.NetInfo

func (*Conn)GetPeerDiagnosticsadded inv2.9.0

func (c *Conn) GetPeerDiagnostics(peerIDuuid.UUID)PeerDiagnostics

func (*Conn)InstallCaptureHookadded inv2.8.0

func (c *Conn) InstallCaptureHook(fcapture.Callback)

func (*Conn)Listen

func (c *Conn) Listen(network, addrstring) (net.Listener,error)

Listen listens for connections only on the Tailscale network.

func (*Conn)MagicsockServeHTTPDebug

func (c *Conn) MagicsockServeHTTPDebug(whttp.ResponseWriter, r *http.Request)

func (*Conn)MagicsockSetDebugLoggingEnabled

func (c *Conn) MagicsockSetDebugLoggingEnabled(enabledbool)

func (*Conn)Node

func (c *Conn) Node() *Node

Node returns the last node that was sent to the node callback.

func (*Conn)NodeAddresses

func (c *Conn) NodeAddresses(publicKeykey.NodePublic) ([]netip.Prefix,bool)

NodeAddresses returns the addresses of a node from the NetworkMap.

func (*Conn)Ping

Ping sends a ping to the Wireguard engine.The bool returned is true if the ping was performed P2P.

func (*Conn)SendConnectedTelemetryadded inv2.14.0

func (c *Conn) SendConnectedTelemetry(ipnetip.Addr, applicationstring)

SendConnectedTelemetry should be called when connection to a peer with the given IP is established.

func (*Conn)SendDisconnectedTelemetryadded inv2.14.0

func (c *Conn) SendDisconnectedTelemetry()

func (*Conn)SendSpeedtestTelemetryadded inv2.14.0

func (c *Conn) SendSpeedtestTelemetry(throughputMbitsfloat64)

func (*Conn)SetAddresses

func (c *Conn) SetAddresses(ips []netip.Prefix)error

func (*Conn)SetAllPeersLostadded inv2.7.1

func (c *Conn) SetAllPeersLost()

SetAllPeersLost marks all peers lost; typically used when we disconnect from a coordinator.

func (*Conn)SetBlockEndpoints

func (c *Conn) SetBlockEndpoints(blockEndpointsbool)

SetBlockEndpoints sets whether to block P2P endpoints. This settingwill only apply to new peers.

func (*Conn)SetConnStatsCallback

func (c *Conn) SetConnStatsCallback(maxPeriodtime.Duration, maxConnsint, dump func(start, endtime.Time, virtual, physical map[netlogtype.Connection]netlogtype.Counts))

SetConnStatsCallback sets a callback to be called after maxPeriod ormaxConns, whichever comes first. Multiple calls overwrites the callback.

func (*Conn)SetDERPForceWebSocketsadded inv2.1.3

func (c *Conn) SetDERPForceWebSockets(vbool)

func (*Conn)SetDERPMap

func (c *Conn) SetDERPMap(derpMap *tailcfg.DERPMap)

SetDERPMap updates the DERPMap of a connection.

func (*Conn)SetDERPRegionDialer

func (c *Conn) SetDERPRegionDialer(dialer func(ctxcontext.Context, region *tailcfg.DERPRegion)net.Conn)

SetDERPRegionDialer updates the dialer to use for connecting to DERP regions.

func (*Conn)SetDNSHostsadded inv2.18.0

func (c *Conn) SetDNSHosts(hosts map[dnsname.FQDN][]netip.Addr)error

SetDNSHosts replaces the map of DNS hosts for the connection.

func (*Conn)SetNodeCallback

func (c *Conn) SetNodeCallback(callback func(node *Node))

func (*Conn)SetTunnelDestinationadded inv2.11.0

func (c *Conn) SetTunnelDestination(iduuid.UUID)

func (*Conn)Status

func (c *Conn) Status() *ipnstate.Status

Status returns the current ipnstate of a connection.

func (*Conn)UpdatePeersadded inv2.7.1

func (c *Conn) UpdatePeers(updates []*proto.CoordinateResponse_PeerUpdate)error

UpdatePeers connects with a set of peers. This can be constantly updated,and peers will continually be reconnected as necessary.

typeControlProtocolClientsadded inv2.18.0

type ControlProtocolClients struct {Closerio.CloserCoordinatorCoordinatorClientDERPDERPClientResumeTokenResumeTokenClientTelemetryTelemetryClientWorkspaceUpdatesWorkspaceUpdatesClient}

ControlProtocolClients represents an abstract interface to the tailnet control plane via a setof protocol clients. The Closer should close all the clients (e.g. by closing the underlyingconnection).

typeControlProtocolDialeradded inv2.18.0

type ControlProtocolDialer interface {// Dial connects to the tailnet control plane and returns clients for the different control// sub-protocols (coordination, DERP maps, resume tokens, and telemetry).  If the// ResumeTokenController is not nil, the dialer should query for a resume token and use it to// dial, if available.Dial(ctxcontext.Context, rResumeTokenController) (ControlProtocolClients,error)}

typeControlleradded inv2.18.0

type Controller struct {DialerControlProtocolDialerCoordCtrlCoordinationControllerDERPCtrlDERPControllerResumeTokenCtrlResumeTokenControllerTelemetryCtrlTelemetryControllerWorkspaceUpdatesCtrlWorkspaceUpdatesController// contains filtered or unexported fields}

A Controller connects to the tailnet control plane, and then uses the control protocols toprogram a tailnet.Conn in production (in test it could be an interface simulating the Conn). Itdelegates this task to sub-controllers responsible for the main areas of the tailnet controlprotocol: coordination, DERP map updates, resume tokens, telemetry, and workspace updates.

funcNewControlleradded inv2.18.0

func NewController(loggerslog.Logger, dialerControlProtocolDialer, opts ...ControllerOpt) *Controller

NewController creates a new Controller without running it

func (*Controller)Closedadded inv2.18.0

func (c *Controller) Closed() <-chan struct{}

func (*Controller)Runadded inv2.18.0

func (c *Controller) Run(ctxcontext.Context)

Run dials the API and uses it with the provided controllers.

typeControllerOptadded inv2.18.0

type ControllerOpt func(*Controller)

funcWithGracefulTimeoutadded inv2.18.0

func WithGracefulTimeout(timeouttime.Duration)ControllerOpt

funcWithTestClockadded inv2.18.0

func WithTestClock(clockquartz.Clock)ControllerOpt

typeCoordinateeadded inv2.7.1

type Coordinatee interface {UpdatePeers([]*proto.CoordinateResponse_PeerUpdate)errorSetAllPeersLost()SetNodeCallback(func(*Node))// SetTunnelDestination indicates to tailnet that the peer id is a// destination.SetTunnelDestination(iduuid.UUID)}

Coordinatee is something that can be coordinated over the Coordinate protocol. Usually this is aConn.

typeCoordinateeAuthadded inv2.9.0

type CoordinateeAuth interface {Authorize(ctxcontext.Context, req *proto.CoordinateRequest)error}

typeCoordinationControlleradded inv2.18.0

type CoordinationController interface {New(CoordinatorClient)CloserWaiter}

A CoordinationController accepts connections to the control plane, and handles the Coordinationprotocol on behalf of some Coordinatee (tailnet.Conn in production). This is the "glue" codebetween them.

funcNewAgentCoordinationControlleradded inv2.18.0

func NewAgentCoordinationController(loggerslog.Logger, coordinateeCoordinatee,)CoordinationController

NewAgentCoordinationController creates a CoordinationController for Coder Agents, which nevercreate tunnels and always send ReadyToHandshake acknowledgements.

typeCoordinator

type Coordinator interface {CoordinatorV2}

Coordinator exchanges nodes with agents to establish connections.┌──────────────────┐ ┌────────────────────┐ ┌───────────────────┐ ┌──────────────────┐│tailnet.Coordinate├──►│tailnet.AcceptClient│◄─►│tailnet.AcceptAgent│◄──┤tailnet.Coordinate│└──────────────────┘ └────────────────────┘ └───────────────────┘ └──────────────────┘Coordinators have different guarantees for HA support.

funcNewCoordinator

func NewCoordinator(loggerslog.Logger)Coordinator

NewCoordinator constructs a new in-memory connection coordinator. Thiscoordinator is incompatible with multiple Coder replicas as all node data isin-memory.

typeCoordinatorClientadded inv2.18.0

type CoordinatorClient interface {Close()errorSend(*proto.CoordinateRequest)errorRecv() (*proto.CoordinateResponse,error)}

CoordinatorClient is an abstraction of the Coordinator's control protocol interface from theperspective of a protocol client (i.e. the Coder Agent is also a client of this interface).

funcNewInMemoryCoordinatorClientadded inv2.18.0

func NewInMemoryCoordinatorClient(loggerslog.Logger,clientIDuuid.UUID,authCoordinateeAuth,coordinatorCoordinator,)CoordinatorClient

NewInMemoryCoordinatorClient creates a coordination client that uses channels to connect to alocal Coordinator. (The typical alternative is a DRPC-based client.)

typeCoordinatorV2added inv2.5.0

type CoordinatorV2 interface {// ServeHTTPDebug serves a debug webpage that shows the internal state of// the coordinator.ServeHTTPDebug(whttp.ResponseWriter, r *http.Request)// Node returns a node by peer ID, if known to the coordinator.  Returns nil if unknown.Node(iduuid.UUID) *NodeClose()errorCoordinate(ctxcontext.Context, iduuid.UUID, namestring, aCoordinateeAuth) (chan<- *proto.CoordinateRequest, <-chan *proto.CoordinateResponse)}

CoordinatorV2 is the interface for interacting with the coordinator via the 2.0 tailnet API.

typeDERPClientadded inv2.18.0

type DERPClient interface {Close()errorRecv() (*tailcfg.DERPMap,error)}

DERPClient is an abstraction of the stream of DERPMap updates from the control plane.

typeDERPControlleradded inv2.18.0

type DERPController interface {New(DERPClient)CloserWaiter}

A DERPController accepts connections to the control plane, and handles the DERPMap updatesdelivered over them by programming the data plane (tailnet.Conn or some test interface).

funcNewBasicDERPControlleradded inv2.18.0

func NewBasicDERPController(loggerslog.Logger, setterDERPMapSetter)DERPController

typeDERPFromDRPCWrapperadded inv2.18.0

type DERPFromDRPCWrapper struct {Clientproto.DRPCTailnet_StreamDERPMapsClient}

func (*DERPFromDRPCWrapper)Closeadded inv2.18.0

func (w *DERPFromDRPCWrapper) Close()error

func (*DERPFromDRPCWrapper)Recvadded inv2.18.0

typeDERPMapSetteradded inv2.18.0

type DERPMapSetter interface {SetDERPMap(derpMap *tailcfg.DERPMap)}

typeDNSHostsSetteradded inv2.18.0

type DNSHostsSetter interface {SetDNSHosts(hosts map[dnsname.FQDN][]netip.Addr)error}

DNSHostsSetter is something that you can set a mapping of DNS names to IPs on. It's the subsetof the tailnet.Conn that we use to configure DNS records.

typeDNSNameOptionsadded inv2.22.0

type DNSNameOptions struct {Suffixstring}

typeDRPCServiceadded inv2.6.0

type DRPCService struct {CoordPtr                 *atomic.Pointer[Coordinator]Loggerslog.LoggerDerpMapUpdateFrequencytime.DurationDerpMapFn                func() *tailcfg.DERPMapNetworkTelemetryHandler  func(batch []*proto.TelemetryEvent)ResumeTokenProviderResumeTokenProviderWorkspaceUpdatesProviderWorkspaceUpdatesProvider}

DRPCService is the dRPC-based, version 2.x of the tailnet API and implements proto.DRPCClientServer

func (*DRPCService)Coordinateadded inv2.7.0

func (*DRPCService)PostTelemetryadded inv2.13.0

func (*DRPCService)RefreshResumeTokenadded inv2.15.0

func (*DRPCService)StreamDERPMapsadded inv2.6.0

func (*DRPCService)WorkspaceUpdatesadded inv2.18.0

typeHTMLDebug

type HTMLDebug struct {Peers   []HTMLPeerTunnels []HTMLTunnel}

typeHTMLPeeradded inv2.5.0

type HTMLPeer struct {IDuuid.UUIDNamestringCreatedAgetime.DurationLastWriteAgetime.DurationOverwritesintNodestring}

typeHTMLTunneladded inv2.5.0

type HTMLTunnel struct {Src, Dstuuid.UUID}

typeInvalidAddressBitsErroradded inv2.22.0

type InvalidAddressBitsError struct {Bitsint}

func (InvalidAddressBitsError)Erroradded inv2.22.0

typeInvalidNodeAddressErroradded inv2.22.0

type InvalidNodeAddressError struct {Addrstring}

func (InvalidNodeAddressError)Erroradded inv2.22.0

typeNetworkTelemetryBatcheradded inv2.14.0

type NetworkTelemetryBatcher struct {// contains filtered or unexported fields}

funcNewNetworkTelemetryBatcheradded inv2.14.0

func NewNetworkTelemetryBatcher(clkquartz.Clock, frequencytime.Duration, maxSizeint, batchFn func(batch []*proto.TelemetryEvent)) *NetworkTelemetryBatcher

func (*NetworkTelemetryBatcher)Closeadded inv2.14.0

func (*NetworkTelemetryBatcher)Handleradded inv2.14.0

func (b *NetworkTelemetryBatcher) Handler(events []*proto.TelemetryEvent)

typeNode

type Node struct {// ID is used to identify the connection.IDtailcfg.NodeID `json:"id"`// AsOf is the time the node was created.AsOftime.Time `json:"as_of"`// Key is the Wireguard public key of the node.Keykey.NodePublic `json:"key"`// DiscoKey is used for discovery messages over DERP to establish// peer-to-peer connections.DiscoKeykey.DiscoPublic `json:"disco"`// PreferredDERP is the DERP server that peered connections should meet at// to establish.PreferredDERPint `json:"preferred_derp"`// DERPLatency is the latency in seconds to each DERP server.DERPLatency map[string]float64 `json:"derp_latency"`// DERPForcedWebsocket contains a mapping of DERP regions to// error messages that caused the connection to be forced to// use WebSockets. We don't use WebSockets by default because// they are less performant.DERPForcedWebsocket map[int]string `json:"derp_forced_websockets"`// Addresses are the IP address ranges this connection exposes.Addresses []netip.Prefix `json:"addresses"`// AllowedIPs specify what addresses can dial the connection. We allow all// by default.AllowedIPs []netip.Prefix `json:"allowed_ips"`// Endpoints are ip:port combinations that can be used to establish// peer-to-peer connections.Endpoints []string `json:"endpoints"`}

Node represents a node in the network.

funcOnlyNodeUpdatesadded inv2.4.0

func OnlyNodeUpdates(resp *proto.CoordinateResponse) ([]*Node,error)

funcProtoToNodeadded inv2.4.0

func ProtoToNode(p *proto.Node) (*Node,error)

typeOptions

type Options struct {IDuuid.UUIDAddresses  []netip.PrefixDERPMap    *tailcfg.DERPMapDERPHeader *http.Header// DERPForceWebSockets determines whether websockets is always used for DERP// connections, rather than trying `Upgrade: derp` first and potentially// falling back. This is useful for misbehaving proxies that prevent// fallback due to odd behavior, like Azure App Proxy.DERPForceWebSocketsbool// BlockEndpoints specifies whether P2P endpoints are blocked.// If so, only DERPs can establish connections.BlockEndpointsboolLoggerslog.LoggerListenPortuint16// CaptureHook is a callback that captures Disco packets and packets sent// into the tailnet tunnel.CaptureHookcapture.Callback// ForceNetworkUp forces the network to be considered up. magicsock will not// do anything if it thinks it can't reach the internet.ForceNetworkUpbool// Network Telemetry Client Type: CLI | Agent | coderdClientTypeproto.TelemetryEvent_ClientType// TelemetrySink is optional.TelemetrySinkTelemetrySink// DNSConfigurator is optional, and is passed to the underlying wireguard// engine.DNSConfiguratordns.OSConfigurator// Router is optional, and is passed to the underlying wireguard engine.Routerrouter.Router// TUNDev is optional, and is passed to the underlying wireguard engine.TUNDevtun.Device// WireguardMonitor is optional, and is passed to the underlying wireguard// engine.WireguardMonitor *netmon.Monitor// DNSMatchDomain is the DNS suffix to use as a match domain. Only relevant for TUN connections that configure the// OS DNS resolver.DNSMatchDomainstring}

typePeerDiagnosticsadded inv2.9.0

type PeerDiagnostics struct {// PreferredDERP is 0 if we are not connected to a DERP region. If non-zero, we are connected to// the given region as our home or "preferred" DERP.PreferredDERPintDERPRegionNames map[int]string// SentNode is true if we have successfully transmitted our local Node via the most recently set// NodeCallback.SentNodebool// ReceivedNode is the last Node we received for the peer, or nil if we haven't received the node.ReceivedNode *tailcfg.Node// LastWireguardHandshake is the last time we completed a wireguard handshakeLastWireguardHandshaketime.Time}

PeerDiagnostics is a checklist of human-readable conditions necessary to establish an encryptedtunnel to a peer via a Conn

typeResumeTokenClientadded inv2.18.0

type ResumeTokenClient interface {RefreshResumeToken(ctxcontext.Context, in *proto.RefreshResumeTokenRequest) (*proto.RefreshResumeTokenResponse,error)}

typeResumeTokenControlleradded inv2.18.0

type ResumeTokenController interface {New(ResumeTokenClient)CloserWaiterToken() (string,bool)}

funcNewBasicResumeTokenControlleradded inv2.18.0

func NewBasicResumeTokenController(loggerslog.Logger, clockquartz.Clock)ResumeTokenController

typeResumeTokenKeyProvideradded inv2.15.0

type ResumeTokenKeyProvider struct {// contains filtered or unexported fields}

func (ResumeTokenKeyProvider)GenerateResumeTokenadded inv2.15.0

func (ResumeTokenKeyProvider)VerifyResumeTokenadded inv2.15.0

func (pResumeTokenKeyProvider) VerifyResumeToken(ctxcontext.Context, strstring) (uuid.UUID,error)

VerifyResumeToken parses a signed tailnet resume token with the given key andreturns the payload. If the token is invalid or expired, an error isreturned.

typeResumeTokenProvideradded inv2.15.0

type ResumeTokenProvider interface {GenerateResumeToken(ctxcontext.Context, peerIDuuid.UUID) (*proto.RefreshResumeTokenResponse,error)VerifyResumeToken(ctxcontext.Context, tokenstring) (uuid.UUID,error)}

funcNewInsecureTestResumeTokenProvideradded inv2.15.0

func NewInsecureTestResumeTokenProvider()ResumeTokenProvider

NewInsecureTestResumeTokenProvider returns a ResumeTokenProvider that uses arandom key with short expiry for testing purposes. If any errors occur whilegenerating the key, the function panics.

funcNewResumeTokenKeyProvideradded inv2.15.0

func NewResumeTokenKeyProvider(keyjwtutils.SigningKeyManager, clockquartz.Clock, expirytime.Duration)ResumeTokenProvider

typeResumeTokenSigningKeyadded inv2.15.0

type ResumeTokenSigningKey [64]byte

funcGenerateResumeTokenSigningKeyadded inv2.15.0

func GenerateResumeTokenSigningKey() (ResumeTokenSigningKey,error)

typeServicePrefixadded inv2.17.0

type ServicePrefix [6]byte
var (// TailscaleServicePrefix is the IPv6 prefix for all tailnet nodes since it was first added to// Coder.  It is identical to the service prefix Tailscale.com uses. With the introduction of// CoderVPN, we would like to stop using the Tailscale prefix so that we don't conflict with// Tailscale if both are installed at the same time. However, there are a large number of agents// and clients using this prefix, so we need to carefully manage deprecation and eventual// removal.// fd7a:115c:a1e0:://48TailscaleServicePrefixServicePrefix = [6]byte{0xfd, 0x7a, 0x11, 0x5c, 0xa1, 0xe0}// CoderServicePrefix is the Coder-specific IPv6 prefix for tailnet nodes, which we are in the// process of migrating to. It allows Coder to run alongside Tailscale without conflicts even// if both are set up as TUN interfaces into the OS (e.g. CoderVPN).// fd60:627a:a42b::/48CoderServicePrefixServicePrefix = [6]byte{0xfd, 0x60, 0x62, 0x7a, 0xa4, 0x2b})

func (ServicePrefix)AddrFromUUIDadded inv2.17.0

func (pServicePrefix) AddrFromUUID(uiduuid.UUID)netip.Addr

AddrFromUUID returns an IPv6 address corresponding to the given UUID in the service prefix.

func (ServicePrefix)AsNetipadded inv2.18.0

func (pServicePrefix) AsNetip()netip.Prefix

func (ServicePrefix)PrefixFromUUIDadded inv2.17.0

func (pServicePrefix) PrefixFromUUID(uiduuid.UUID)netip.Prefix

PrefixFromUUID returns a single IPv6 /128 prefix corresponding to the given UUID.

func (ServicePrefix)RandomAddradded inv2.17.0

func (pServicePrefix) RandomAddr()netip.Addr

RandomAddr returns a random IP address in the service prefix.

func (ServicePrefix)RandomPrefixadded inv2.17.0

func (pServicePrefix) RandomPrefix()netip.Prefix

RandomPrefix returns a single IPv6 /128 prefix within the service prefix.

typeSingleTailnetCoordinateeAuthadded inv2.9.0

type SingleTailnetCoordinateeAuth struct{}

SingleTailnetCoordinateeAuth allows all tunnels, since Coderd and wsproxy are allowed to initiate a tunnel to any agent

func (SingleTailnetCoordinateeAuth)Authorizeadded inv2.9.0

typeStreamIDadded inv2.6.0

type StreamID struct {NamestringIDuuid.UUIDAuthCoordinateeAuth}

StreamID identifies the caller of the CoordinateTailnet RPC. We store thison the context, since the information is extracted at the HTTP layer forremote clients of the API, or set outside tailnet for local clients (e.g.Coderd's single_tailnet)

typeSubscriptionadded inv2.18.0

type Subscription interface {io.CloserUpdates() <-chan *proto.WorkspaceUpdate}

typeTelemetryClientadded inv2.18.0

type TelemetryClient interface {PostTelemetry(ctxcontext.Context, in *proto.TelemetryRequest) (*proto.TelemetryResponse,error)}

typeTelemetryControlleradded inv2.18.0

type TelemetryController interface {New(TelemetryClient)}

typeTelemetrySinkadded inv2.14.0

type TelemetrySink interface {// SendTelemetryEvent sends a telemetry event to some external sink.SendTelemetryEvent(event *proto.TelemetryEvent)}

TelemetrySink allows tailnet.Conn to send network telemetry to the Coderserver.

typeTelemetryStoreadded inv2.14.0

type TelemetryStore struct {// contains filtered or unexported fields}

Responsible for storing and anonymizing networking telemetry state.

typeTunnelAllOptionadded inv2.18.0

type TunnelAllOption func(t *TunnelAllWorkspaceUpdatesController)

funcWithDNSadded inv2.18.0

func WithDNS(dDNSHostsSetter, ownerUsernamestring, optionsDNSNameOptions)TunnelAllOption

WithDNS configures the tunnelAllWorkspaceUpdatesController to set DNS names for all workspacesand agents it learns about.

funcWithHandleradded inv2.19.0

typeTunnelAllWorkspaceUpdatesControlleradded inv2.19.0

type TunnelAllWorkspaceUpdatesController struct {// contains filtered or unexported fields}

funcNewTunnelAllWorkspaceUpdatesControlleradded inv2.18.0

func NewTunnelAllWorkspaceUpdatesController(loggerslog.Logger, c *TunnelSrcCoordController, opts ...TunnelAllOption,) *TunnelAllWorkspaceUpdatesController

NewTunnelAllWorkspaceUpdatesController creates a WorkspaceUpdatesController that creates tunnels(via the TunnelSrcCoordController) to all agents received over the WorkspaceUpdates RPC. If aDNSHostSetter is provided, it also programs DNS hosts based on the agent and workspace names.

func (*TunnelAllWorkspaceUpdatesController)CurrentStateadded inv2.19.0

func (*TunnelAllWorkspaceUpdatesController)Newadded inv2.19.0

typeTunnelAuthorizeradded inv2.18.0

type TunnelAuthorizer interface {AuthorizeTunnel(ctxcontext.Context, agentIDuuid.UUID)error}

typeTunnelSrcCoordControlleradded inv2.18.0

type TunnelSrcCoordController struct {*BasicCoordinationController// contains filtered or unexported fields}

funcNewTunnelSrcCoordControlleradded inv2.18.0

func NewTunnelSrcCoordController(loggerslog.Logger, coordinateeCoordinatee,) *TunnelSrcCoordController

NewTunnelSrcCoordController creates a CoordinationController for peers that are exclusivelytunnel sources (that is, they create tunnel --- Coder clients not workspaces).

func (*TunnelSrcCoordController)AddDestinationadded inv2.18.0

func (c *TunnelSrcCoordController) AddDestination(destuuid.UUID)

func (*TunnelSrcCoordController)Newadded inv2.18.0

func (*TunnelSrcCoordController)RemoveDestinationadded inv2.18.0

func (c *TunnelSrcCoordController) RemoveDestination(destuuid.UUID)

func (*TunnelSrcCoordController)SyncDestinationsadded inv2.18.0

func (c *TunnelSrcCoordController) SyncDestinations(destinations []uuid.UUID)

typeUpdateKindadded inv2.22.0

type UpdateKindint
const (DiffUpdateKind =iotaSnapshot)

typeUpdatesHandleradded inv2.19.0

type UpdatesHandler interface {Update(WorkspaceUpdate)error}

UpdatesHandler is anything that expects a stream of workspace update diffs.

typeWorkspaceadded inv2.19.0

type Workspace struct {IDuuid.UUIDNamestringStatusproto.Workspace_Status// contains filtered or unexported fields}

func (*Workspace)Cloneadded inv2.22.0

func (w *Workspace) Clone()Workspace

typeWorkspaceUpdateadded inv2.19.0

type WorkspaceUpdate struct {UpsertedWorkspaces []*WorkspaceUpsertedAgents     []*AgentDeletedWorkspaces  []*WorkspaceDeletedAgents      []*AgentKindUpdateKind}

func (*WorkspaceUpdate)Cloneadded inv2.19.0

typeWorkspaceUpdatesClientadded inv2.18.0

type WorkspaceUpdatesClient interface {Close()errorRecv() (*proto.WorkspaceUpdate,error)}

typeWorkspaceUpdatesControlleradded inv2.18.0

type WorkspaceUpdatesController interface {New(WorkspaceUpdatesClient)CloserWaiter}

typeWorkspaceUpdatesProvideradded inv2.18.0

type WorkspaceUpdatesProvider interface {io.CloserSubscribe(ctxcontext.Context, userIDuuid.UUID) (Subscription,error)}

Source Files

View all Source files

Directories

PathSynopsis
Package tailnettest is a generated GoMock package.
Package tailnettest is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f orF : Jump to
y orY : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic.Learn more.
[8]ページ先頭
©2009-2025 Movatter.jp