moby/pkg/discovery/discovery.go
Daniel Hiltgen 124792a871 Add TLS support for discovery backend
This leverages recent additions to libkv enabling client
authentication via TLS so the discovery back-end can be locked
down with mutual TLS.  Example usage:

    docker daemon [other args] \
        --cluster-advertise 192.168.122.168:2376 \
        --cluster-store etcd://192.168.122.168:2379 \
        --cluster-store-opt kv.cacertfile=/path/to/ca.pem \
        --cluster-store-opt kv.certfile=/path/to/cert.pem \
        --cluster-store-opt kv.keyfile=/path/to/key.pem

Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2015-10-07 16:01:00 -07:00

35 lines
1.1 KiB
Go

package discovery
import (
"errors"
"time"
)
var (
// ErrNotSupported is returned when a discovery service is not supported.
ErrNotSupported = errors.New("discovery service not supported")
// ErrNotImplemented is returned when discovery feature is not implemented
// by discovery backend.
ErrNotImplemented = errors.New("not implemented in this discovery service")
)
// Watcher provides watching over a cluster for nodes joining and leaving.
type Watcher interface {
// Watch the discovery for entry changes.
// Returns a channel that will receive changes or an error.
// Providing a non-nil stopCh can be used to stop watching.
Watch(stopCh <-chan struct{}) (<-chan Entries, <-chan error)
}
// Backend is implemented by discovery backends which manage cluster entries.
type Backend interface {
// Watcher must be provided by every backend.
Watcher
// Initialize the discovery with URIs, a heartbeat, a ttl and optional settings.
Initialize(string, time.Duration, time.Duration, map[string]string) error
// Register to the discovery.
Register(string) error
}