Blame - metropolis/node/ports.go - monogon

blob: ded18154ad9a6c4860950e9a2e6a040247c6fa61 [file] [log] [blame]

Lorenz Brun	dd8c80e	2019-10-07 16:19:49 +0200	[diff] [blame]	1	// Copyright 2020 The Monogon Project Authors.
				2	//
				3	// SPDX-License-Identifier: Apache-2.0
				4	//
				5	// Licensed under the Apache License, Version 2.0 (the "License");
				6	// you may not use this file except in compliance with the License.
				7	// You may obtain a copy of the License at
				8	//
				9	// http://www.apache.org/licenses/LICENSE-2.0
				10	//
				11	// Unless required by applicable law or agreed to in writing, software
				12	// distributed under the License is distributed on an "AS IS" BASIS,
				13	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				14	// See the License for the specific language governing permissions and
				15	// limitations under the License.
				16
Serge Bazanski	77cb6c5	2020-12-19 00:09:22 +0100	[diff] [blame]	17	package node
Hendrik Hofstadt	0d7c91e	2019-10-23 21:44:47 +0200	[diff] [blame]	18
Tim Windelschmidt	0300077	2023-07-03 02:19:28 +0200	[diff] [blame]	19	import (
				20	"strconv"
				21	)
Lorenz Brun	9e7961b	2021-12-15 18:47:31 +0100	[diff] [blame]	22
Serge Bazanski	52304a8	2021-10-29 16:56:18 +0200	[diff] [blame]	23	// Port is a TCP and/or UDP port number reserved for and used by Metropolis
				24	// node code.
				25	type Port uint16
				26
Serge Bazanski	77cb6c5	2020-12-19 00:09:22 +0100	[diff] [blame]	27	const (
Serge Bazanski	52304a8	2021-10-29 16:56:18 +0200	[diff] [blame]	28	// CuratorServicePort is the TCP port on which the Curator listens for gRPC
				29	// calls and services Management/AAA/Curator RPCs.
				30	CuratorServicePort Port = 7835
				31	// ConsensusPort is the TCP port on which etcd listens for peer traffic.
				32	ConsensusPort Port = 7834
				33	// DebugServicePort is the TCP port on which the debug service serves gRPC
				34	// traffic. This is only available in debug builds.
				35	DebugServicePort Port = 7837
				36	// WireGuardPort is the UDP port on which the Wireguard Kubernetes network
				37	// overlay listens for incoming peer traffic.
				38	WireGuardPort Port = 7838
Tim Windelschmidt	ec2906a	2024-03-27 01:36:43 +0100	[diff] [blame]	39	// NodeManagementPort is the TCP port on which the node-local management service
Serge Bazanski	b40c008	2023-03-29 14:28:04 +0200	[diff] [blame]	40	// serves gRPC traffic for NodeManagement.
Tim Windelschmidt	ec2906a	2024-03-27 01:36:43 +0100	[diff] [blame]	41	NodeManagementPort Port = 7839
Serge Bazanski	54e212a	2023-06-14 13:45:11 +0200	[diff] [blame]	42	// MetricsPort is the TCP port on which the Metrics Service exports
				43	// Prometheus-compatible metrics for this node, secured using TLS and the
				44	// Cluster/Node certificates.
				45	MetricsPort Port = 7840
				46	// MetricsNodeListenerPort is the TCP port on which the Prometheus node_exporter
				47	// runs, bound to 127.0.0.1. The Metrics Service proxies traffic to it from the
				48	// public MetricsPort.
				49	MetricsNodeListenerPort Port = 7841
Tim Windelschmidt	c37a886	2023-07-19 16:33:21 +0200	[diff] [blame]	50	// MetricsEtcdListenerPort is the TCP port on which the etcd exporter
Tim Windelschmidt	f64f197	2023-07-28 00:00:50 +0000	[diff] [blame]	51	// runs, bound to 127.0.0.1. The metrics service proxies traffic to it from the
Tim Windelschmidt	c37a886	2023-07-19 16:33:21 +0200	[diff] [blame]	52	// public MetricsPort.
				53	MetricsEtcdListenerPort Port = 7842
Tim Windelschmidt	f64f197	2023-07-28 00:00:50 +0000	[diff] [blame]	54	// MetricsKubeSchedulerListenerPort is the TCP port on which the proxy for
				55	// the kube-scheduler runs, bound to 127.0.0.1. The metrics service proxies
				56	// traffic to it from the public MetricsPort.
				57	MetricsKubeSchedulerListenerPort Port = 7843
				58	// MetricsKubeControllerManagerListenerPort is the TCP port on which the
				59	// proxy for the controller-manager runs, bound to 127.0.0.1. The metrics
				60	// service proxies traffic to it from the public MetricsPort.
				61	MetricsKubeControllerManagerListenerPort Port = 7844
Tim Windelschmidt	600e2eb	2023-11-21 05:29:14 +0100	[diff] [blame]	62	// MetricsKubeAPIServerListenerPort is the TCP port on which the
				63	// proxy for the api-server runs, bound to 127.0.0.1. The metrics
Lorenz Brun	4b42c8a	2023-11-19 07:02:51 +0100	[diff] [blame]	64	// service proxies traffic to it from the public MetricsPort.
				65	MetricsKubeAPIServerListenerPort Port = 7845
Tim Windelschmidt	3bdb5fc	2024-03-14 18:47:35 +0100	[diff] [blame]	66	// MetricsContainerdListenerPort is the TCP port on which the
				67	// containerd metrics endpoint, bound to 127.0.0.1, is exposed.
				68	MetricsContainerdListenerPort Port = 7846
Serge Bazanski	52304a8	2021-10-29 16:56:18 +0200	[diff] [blame]	69	// KubernetesAPIPort is the TCP port on which the Kubernetes API is
				70	// exposed.
				71	KubernetesAPIPort Port = 6443
Lorenz Brun	cc078df	2021-12-23 11:51:55 +0100	[diff] [blame]	72	// KubernetesAPIWrappedPort is the TCP port on which the Metropolis
				73	// authenticating proxy for the Kubernetes API is exposed.
				74	KubernetesAPIWrappedPort Port = 6444
Serge Bazanski	6fdca3f	2023-03-20 17:47:07 +0100	[diff] [blame]	75	// KubernetesWorkerLocalAPIPort is the TCP port on which Kubernetes worker nodes
				76	// run a loadbalancer to access the cluster's API servers before cluster
				77	// networking is available. This port is only bound to 127.0.0.1.
				78	KubernetesWorkerLocalAPIPort Port = 6445
Serge Bazanski	52304a8	2021-10-29 16:56:18 +0200	[diff] [blame]	79	// DebuggerPort is the port on which the delve debugger runs (on debug
				80	// builds only). Not to be confused with DebugServicePort.
				81	DebuggerPort Port = 2345
Serge Bazanski	77cb6c5	2020-12-19 00:09:22 +0100	[diff] [blame]	82	)
Serge Bazanski	52304a8	2021-10-29 16:56:18 +0200	[diff] [blame]	83
Tim Windelschmidt	0300077	2023-07-03 02:19:28 +0200	[diff] [blame]	84	var SystemPorts = []Port{
				85	CuratorServicePort,
				86	ConsensusPort,
				87	DebugServicePort,
				88	WireGuardPort,
Tim Windelschmidt	ec2906a	2024-03-27 01:36:43 +0100	[diff] [blame]	89	NodeManagementPort,
Tim Windelschmidt	0300077	2023-07-03 02:19:28 +0200	[diff] [blame]	90	MetricsPort,
				91	MetricsNodeListenerPort,
Tim Windelschmidt	c37a886	2023-07-19 16:33:21 +0200	[diff] [blame]	92	MetricsEtcdListenerPort,
Tim Windelschmidt	0300077	2023-07-03 02:19:28 +0200	[diff] [blame]	93	KubernetesAPIPort,
				94	KubernetesAPIWrappedPort,
				95	KubernetesWorkerLocalAPIPort,
				96	DebuggerPort,
				97	}
				98
Serge Bazanski	52304a8	2021-10-29 16:56:18 +0200	[diff] [blame]	99	func (p Port) String() string {
				100	switch p {
				101	case CuratorServicePort:
				102	return "curator"
				103	case ConsensusPort:
				104	return "consensus"
				105	case DebugServicePort:
				106	return "debug"
				107	case WireGuardPort:
				108	return "wireguard"
Tim Windelschmidt	ec2906a	2024-03-27 01:36:43 +0100	[diff] [blame]	109	case NodeManagementPort:
Serge Bazanski	b40c008	2023-03-29 14:28:04 +0200	[diff] [blame]	110	return "node-mgmt"
Serge Bazanski	52304a8	2021-10-29 16:56:18 +0200	[diff] [blame]	111	case KubernetesAPIPort:
				112	return "kubernetes-api"
Serge Bazanski	6fdca3f	2023-03-20 17:47:07 +0100	[diff] [blame]	113	case KubernetesWorkerLocalAPIPort:
				114	return "kubernetes-worker-local-api"
Lorenz Brun	cc078df	2021-12-23 11:51:55 +0100	[diff] [blame]	115	case KubernetesAPIWrappedPort:
				116	return "kubernetes-api-wrapped"
Serge Bazanski	52304a8	2021-10-29 16:56:18 +0200	[diff] [blame]	117	case DebuggerPort:
				118	return "delve"
				119	}
				120	return "unknown"
				121	}
Lorenz Brun	9e7961b	2021-12-15 18:47:31 +0100	[diff] [blame]	122
				123	func (p Port) PortString() string {
				124	return strconv.Itoa(int(p))
				125	}