threefold.grid.models #
Constants #
const device_types = DeviceTypes{}
const zdb_modes = ZdbModes{}
const result_states = ResultStates{}
const workload_types = WorkloadTypes{}
fn challenge #
fn challenge(data string, type_ string) !string
fn new_deployment #
fn new_deployment(args DeploymentArgs) Deployment
fn rand_port #
fn rand_port(takenPorts []u16) !u16
enum Right #
enum Right {
restart
delete
stats
logs
}
struct ACE #
struct ACE {
// the administrator twin id
twin_ids []int
rights []Right
}
Access Control Entry
struct ComputeCapacity #
struct ComputeCapacity {
pub mut:
// cpu cores
cpu u8
// memory in bytes, minimal 100 MB
memory i64
}
fn (ComputeCapacity) challenge #
fn (mut c ComputeCapacity) challenge() string
struct Deployment #
struct Deployment {
pub mut:
// increments for each new interation of this model
// signature needs to be achieved when version goes up
version u32 = 1
// the twin who is responsible for this deployment
twin_id u32
// each deployment has unique id (in relation to originator)
contract_id u64
// when the full workload will stop working
// default, 0 means no expiration
expiration i64
metadata string
description string
// list of all worklaods
workloads []Workload
signature_requirement SignatureRequirement
}
deployment is given to each Zero-OS who needs to deploy something the zero-os'es will only take out what is relevant for them if signature not done on the main Deployment one, nothing will happen
fn (Deployment) challenge #
fn (deployment Deployment) challenge() string
fn (Deployment) challenge_hash #
fn (deployment Deployment) challenge_hash() []u8
ChallengeHash computes the hash of the challenge signed by the user. used for validation
fn (Deployment) add_signature #
fn (mut d Deployment) add_signature(twin u32, signature string)
fn (Deployment) json_encode #
fn (mut d Deployment) json_encode() string
fn (Deployment) count_public_ips #
fn (dl Deployment) count_public_ips() u8
fn (Deployment) add_metadata #
fn (mut dl Deployment) add_metadata(type_ string, project_name string)
fn (Deployment) parse_metadata #
fn (mut d Deployment) parse_metadata() !DeploymentData
struct DeploymentArgs #
@[params]
struct DeploymentArgs {
pub:
version ?u32
twin_id u32
contract_id u64
expiration ?i64
metadata DeploymentData
description ?string
workloads []Workload
signature_requirement SignatureRequirement
}
struct DeploymentData #
struct DeploymentData {
pub:
type_ string @[json: 'type']
name string
project_name string @[json: 'projectName']
}
fn (DeploymentData) json_encode #
fn (data DeploymentData) json_encode() string
struct DeviceTypes #
struct DeviceTypes {
pub:
hdd string = 'hdd'
ssd string = 'ssd'
}
struct Encryption #
struct Encryption {
algorithm string = 'AES' // configuration to use for the encryption stage. Currently only AES is supported.
key []u8 // 64 long hex encoded encryption key (e.g. 0000000000000000000000000000000000000000000000000000000000000000).
}
struct GatewayFQDNProxy #
struct GatewayFQDNProxy {
pub:
tls_passthrough bool
backends []string // The backends of the gateway proxy. must be in the format ip:port if tls_passthrough is set, otherwise the format should be http://ip[:port]
network ?string // Network name to join, if backend IP is private.
fqdn string // The fully qualified domain name of the deployed workload.
}
fn (GatewayFQDNProxy) challenge #
fn (g GatewayFQDNProxy) challenge() string
fn (GatewayFQDNProxy) to_workload #
fn (g GatewayFQDNProxy) to_workload(args WorkloadArgs) Workload
struct GatewayNameProxy #
struct GatewayNameProxy {
pub:
tls_passthrough bool
backends []string // The backends of the gateway proxy. must be in the format ip:port if tls_passthrough is set, otherwise the format should be http://ip[:port]
network ?string // Network name to join, if backend IP is private.
name string // Domain prefix. The fqdn will be .. This has to be unique within the deployment. Must contain only alphanumeric and underscore characters.
}
fn (GatewayNameProxy) challenge #
fn (g GatewayNameProxy) challenge() string
fn (GatewayNameProxy) to_workload #
fn (g GatewayNameProxy) to_workload(args WorkloadArgs) Workload
struct GatewayProxyResult #
struct GatewayProxyResult {
pub mut:
fqdn string
}
GatewayProxyResult results
struct Mount #
struct Mount {
pub mut:
name string
mountpoint string // the path to mount the disk into e.g. '/disk1'
}
fn (Mount) challenge #
fn (mut m Mount) challenge() string
struct Mycelium #
struct Mycelium {
pub mut:
hex_key string
peers []string
}
fn (Mycelium) challenge #
fn (m Mycelium) challenge() string
struct MyceliumIP #
struct MyceliumIP {
pub mut:
network string
hex_seed string
}
fn (MyceliumIP) challenge #
fn (m MyceliumIP) challenge() string
struct Peer #
struct Peer {
pub mut:
subnet string // IPV4 subnet of the network resource of the peer
// WGPublicKey of the peer (driven from its private key)
wireguard_public_key string // can be generated by `echo | wg pubkey` command
// is ipv4 or ipv6 address from a wireguard client who connects
// this should be the node's subnet and the wireguard routing ip that should start with `100.64`
// then the 2nd and 3rd part of the node's subnet
// e.g. ["10.20.2.0/24", "100.64.20.2/32"]
allowed_ips []string
// Entrypoint of the peer; ipv4 or ipv6,
// can be empty, one of the 2 need to be filled in though
// e.g. [2a10:b600:0:9:225:90ff:fe82:7130]:7777
endpoint string
}
is a remote wireguard client which can connect to this node
fn (Peer) challenge #
fn (mut p Peer) challenge() string
struct PublicConfig #
struct PublicConfig {
pub:
type_ string // Type define if we need to use the Vlan field or the MacVlan
ipv4 string
ipv6 string
gw4 string
gw6 string
domain string // Domain is the node domain name e.g. gent01.devnet.grid.tf
}
struct PublicIP #
struct PublicIP {
pub:
v4 bool
v6 bool
}
fn (PublicIP) challenge #
fn (p PublicIP) challenge() string
fn (PublicIP) to_workload #
fn (p PublicIP) to_workload(args WorkloadArgs) Workload
struct QuantumCompression #
struct QuantumCompression {
algorithm string = 'snappy' // configuration to use for the compression stage. Currently only snappy is supported.
}
struct QuantumSafeConfig #
struct QuantumSafeConfig {
prefix string // Data stored on the remote metadata is prefixed with.
encryption Encryption
backends []ZDBBackend
}
struct QuantumSafeFS #
struct QuantumSafeFS {
cache u64
config QuantumSafeFSConfig
}
fn (QuantumSafeFS) challenge #
fn (qsfs QuantumSafeFS) challenge() string
struct QuantumSafeFSConfig #
struct QuantumSafeFSConfig {
minimal_shards u32
expected_shards u32
redundant_groups u32
redundant_nodes u32
max_zdb_data_dir_size u32
encryption Encryption
meta QuantumSafeMeta
goups []ZDBGroup
compression QuantumCompression
}
struct QuantumSafeMeta #
struct QuantumSafeMeta {
type_ string = 'ZDB' @[json: 'type'] // configuration for the metadata store to use, currently only ZDB is supported.
config QuantumSafeConfig
}
struct ResultStates #
struct ResultStates {
pub:
error ResultState = 'error'
ok ResultState = 'ok'
deleted ResultState = 'deleted'
}
struct Signature #
struct Signature {
pub mut:
// unique id as used in TFGrid DB
twin_id u32
// signature (done with private key of the twin_id)
signature string
signature_type string
}
struct SignatureRequest #
struct SignatureRequest {
pub mut:
// unique id as used in TFGrid DB
twin_id u32
// if put on required then this twin_id needs to sign
required bool
// signing weight
weight int
}
fn (SignatureRequest) challenge #
fn (request SignatureRequest) challenge() string
Challenge computes challenge for SignatureRequest
struct SignatureRequirement #
struct SignatureRequirement {
pub mut:
// the requests which can allow to get to required quorum
requests []SignatureRequest
// minimal weight which needs to be achieved to let this workload become valid
weight_required int
signatures []Signature
signature_style string
}
fn (SignatureRequirement) challenge #
fn (requirement SignatureRequirement) challenge() string
Challenge computes challenge for SignatureRequest
struct VM #
struct VM {
pub:
name string = 'myvm'
flist string = 'https://hub.grid.tf/tf-official-apps/base:latest.flist'
entrypoint string = '/sbin/zinit init'
env_vars map[string]string
cpu int = 1
memory int = 1024
rootfs_size int
}
VM struct used to deploy machine in a high level manner
fn (VM) json_encode #
fn (vm VM) json_encode() string
struct Workload #
struct Workload {
pub mut:
version u32
// unique name per Deployment
name string
type_ WorkloadType @[json: 'type']
// this should be something like json.RawMessage in golang
data string @[raw] // serialize({size: 10}) ---> "data": {size:10},
metadata string
description string
// list of Access Control Entries
// what can an administrator do
// not implemented in zos
// acl []ACE
result WorkloadResult
}
fn (Workload) challenge #
fn (workload Workload) challenge() string
fn (Workload) challenge_hash #
fn (workload Workload) challenge_hash() []u8
fn (Workload) json_encode #
fn (mut w Workload) json_encode() string
struct WorkloadArgs #
@[params]
struct WorkloadArgs {
pub:
version ?u32
name string
description ?string
metadata ?string
result ?WorkloadResult
}
pub fn(mut w WorkloadData) challenge() string { return w.challenge() }
struct WorkloadResult #
struct WorkloadResult {
pub mut:
created i64
state ResultState
error string
data string @[raw] // also json.RawMessage
message string
}
struct WorkloadTypes #
struct WorkloadTypes {
pub:
zmachine string = 'zmachine'
zmount string = 'zmount'
network string = 'network'
zdb string = 'zdb'
public_ip string = 'ip'
qsfs string = 'qsfs'
gateway_name string = 'gateway-name-proxy'
gateway_fqdn string = 'gateway-fqdn-proxy'
zlogs string = 'zlogs'
}
struct ZDBBackend #
struct ZDBBackend {
address string // Address of backend ZDB (e.g. [300:a582:c60c:df75:f6da:8a92:d5ed:71ad]:9900 or 60.60.60.60:9900).
namespace string // ZDB namespace.
password string // Namespace password.
}
struct ZDBGroup #
struct ZDBGroup {
backends []ZDBBackend
}
struct ZLogs #
struct ZLogs {
pub:
zmachine string // zmachine name to stream logs of
output string // the `target` location to stream the logs to, it must be a redis or web-socket url
}
fn (ZLogs) challenge #
fn (z ZLogs) challenge() string
fn (ZLogs) to_workload #
fn (z ZLogs) to_workload(args WorkloadArgs) Workload
struct ZNetworkInterface #
struct ZNetworkInterface {
pub mut:
network string // Network name (znet name) to join
ip string // IP of the zmachine on this network must be a valid Ip in the selected network
}
struct Zdb #
struct Zdb {
pub mut:
// size in bytes
size u64
mode ZdbMode
password string
public bool
}
fn (Zdb) challenge #
fn (mut z Zdb) challenge() string
fn (Zdb) to_workload #
fn (z Zdb) to_workload(args WorkloadArgs) Workload
struct ZdbModes #
struct ZdbModes {
pub:
seq string = 'seq'
user string = 'user'
}
struct ZdbResult #
struct ZdbResult {
pub mut:
namespace string
ips []string
port u32
}
struct Zmachine #
struct Zmachine {
pub mut:
flist string // if full url means custom flist meant for containers, if just name should be an official vm
network ZmachineNetwork
size u64 // size of the rootfs disk in bytes
compute_capacity ComputeCapacity
mounts []Mount
entrypoint string // how to invoke that in a vm?
env map[string]string // environment for the zmachine
corex bool
gpu []string
}
fn (Zmachine) challenge #
fn (mut m Zmachine) challenge() string
fn (Zmachine) to_workload #
fn (z Zmachine) to_workload(args WorkloadArgs) Workload
struct ZmachineNetwork #
struct ZmachineNetwork {
pub mut:
public_ip string // PublicIP optional public IP attached to this machine. If set it must be a valid name of a PublicIP workload in the same deployment
interfaces []ZNetworkInterface // Interfaces list of user znets to join
planetary bool // Planetary support planetary network
mycelium ?MyceliumIP
}
fn (ZmachineNetwork) challenge #
fn (mut n ZmachineNetwork) challenge() string
struct ZmachineResult #
struct ZmachineResult {
pub mut:
// name unique per deployment, re-used in request & response
id string
ip string
planetary_ip string
mycelium_ip string
console_url string
}
response of the deployment
struct Zmount #
struct Zmount {
pub mut:
size i64 // bytes
}
ONLY possible on SSD
fn (Zmount) challenge #
fn (mut mount Zmount) challenge() string
fn (Zmount) to_workload #
fn (z Zmount) to_workload(args WorkloadArgs) Workload
struct ZmountResult #
struct ZmountResult {
pub mut:
volume_id string
}
struct Znet #
struct Znet {
pub mut:
// unique nr for each network chosen, this identified private networks as connected to a container or vm or ...
// corresponds to the 2nd number of a class B ipv4 address
// is a class C of a chosen class B
// IPV4 subnet for this network resource
// this must be a valid subnet of the entire network ip range.
// for example 10.1.1.0/24
subnet string
// IP range of the network, must be an IPv4 /16
// for example a 10.1.0.0/16
ip_range string
// wireguard private key, curve25519
wireguard_private_key string // can be generated using `wg genkey` command
wireguard_listen_port u16
peers []Peer
mycelium ?Mycelium
}
fn (Znet) challenge #
fn (mut n Znet) challenge() string
fn (Znet) to_workload #
fn (z Znet) to_workload(args WorkloadArgs) Workload
- Constants
- fn challenge
- fn new_deployment
- fn rand_port
- enum Right
- struct ACE
- struct ComputeCapacity
- struct Deployment
- struct DeploymentArgs
- struct DeploymentData
- struct DeviceTypes
- struct Encryption
- struct GatewayFQDNProxy
- struct GatewayNameProxy
- struct GatewayProxyResult
- struct Mount
- struct Mycelium
- struct MyceliumIP
- struct Peer
- struct PublicConfig
- struct PublicIP
- struct QuantumCompression
- struct QuantumSafeConfig
- struct QuantumSafeFS
- struct QuantumSafeFSConfig
- struct QuantumSafeMeta
- struct ResultStates
- struct Signature
- struct SignatureRequest
- struct SignatureRequirement
- struct VM
- struct Workload
- struct WorkloadArgs
- struct WorkloadResult
- struct WorkloadTypes
- struct ZDBBackend
- struct ZDBGroup
- struct ZLogs
- struct ZNetworkInterface
- struct Zdb
- struct ZdbModes
- struct ZdbResult
- struct Zmachine
- struct ZmachineNetwork
- struct ZmachineResult
- struct Zmount
- struct ZmountResult
- struct Znet