Motofans
/
Charmed-Kubernetes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 3 Wiki Activity
Charmed-Kubernetes/kubeapi-load-balancer/hooks/relations/tls-certificates/docs/requires.md

6.1 KiB
Raw Blame History

requires

TlsRequires

TlsRequires(self, endpoint_name, relation_ids=None)

The client's side of the interface protocol.

The following flags may be set:

  • {endpoint_name}.available Whenever the relation is joined.

  • {endpoint_name}.ca.available When the root CA information is available via the root_ca_cert and root_ca_chain properties.

  • {endpoint_name}.ca.changed When the root CA information has changed, whether because they have just become available or if they were regenerated by the CA. Once processed this flag should be removed by the charm.

  • {endpoint_name}.certs.available When the requested server or client certs are available.

  • {endpoint_name}.certs.changed When the requested server or client certs have changed, whether because they have just become available or if they were regenerated by the CA. Once processed this flag should be removed by the charm.

  • {endpoint_name}.server.certs.available When the server certificates requested by request_server_cert are available via the server_certs collection.

  • {endpoint_name}.server.certs.changed When the requested server certificates have changed, whether because they have just become available or if they were regenerated by the CA. Once processed this flag should be removed by the charm.

  • {endpoint_name}.client.certs.available When the client certificates requested by request_client_cert are available via the client_certs collection.

  • {endpoint_name}.client.certs.changed When the requested client certificates have changed, whether because they have just become available or if they were regenerated by the CA. Once processed this flag should be removed by the charm.

The following flags have been deprecated:

  • {endpoint_name}.server.cert.available
  • {endpoint_name}.client.cert.available
  • {endpoint_name}.batch.cert.available

application_certs

List of Certificate instances for all available application certs.

client_certs

List of Certificate instances for all available client certs.

client_certs_map

Mapping of client Certificate instances by their common_name.

root_ca_cert

Root CA certificate.

root_ca_chain

The chain of trust for the root CA.

server_certs

List of Certificate instances for all available server certs.

server_certs_map

Mapping of server Certificate instances by their common_name.

get_ca

TlsRequires.get_ca()

Return the root CA certificate.

Same as root_ca_cert.

get_chain

TlsRequires.get_chain()

Return the chain of trust for the root CA.

Same as root_ca_chain.

get_client_cert

TlsRequires.get_client_cert()

Deprecated. Use request_client_cert and the client_certs collection instead.

Return a globally shared client certificate and key.

get_server_cert

TlsRequires.get_server_cert()

Deprecated. Use the server_certs collection instead.

Return the cert and key of the first server certificate requested.

get_batch_requests

TlsRequires.get_batch_requests()

Deprecated. Use server_certs_map instead.

Mapping of server Certificate instances by their common_name.

request_server_cert

TlsRequires.request_server_cert(cn, sans=None, cert_name=None)

Request a server certificate and key be generated for the given common name (cn) and optional list of alternative names (sans).

The cert_name is deprecated and not needed.

This can be called multiple times to request more than one server certificate, although the common names must be unique. If called again with the same common name, it will be ignored.

add_request_server_cert

TlsRequires.add_request_server_cert(cn, sans)

Deprecated. Use request_server_cert instead.

request_server_certs

TlsRequires.request_server_certs()

Deprecated. Just use request_server_cert; this does nothing.

request_client_cert

TlsRequires.request_client_cert(cn, sans)

Request a client certificate and key be generated for the given common name (cn) and list of alternative names (sans).

This can be called multiple times to request more than one client certificate, although the common names must be unique. If called again with the same common name, it will be ignored.

request_application_cert

TlsRequires.request_application_cert(cn, sans)

Request an application certificate and key be generated for the given common name (cn) and list of alternative names (sans ) of this unit and all peer units. All units will share a single certificates.