diff --git a/lib/service/discovery.go b/lib/service/discovery.go index b4cd99bdbf0dc..faf15a71ca27b 100644 --- a/lib/service/discovery.go +++ b/lib/service/discovery.go @@ -99,10 +99,10 @@ func (process *TeleportProcess) initDiscoveryService() error { ServerID: process.Config.HostUUID, Log: process.log, ClusterName: conn.ClientIdentity.ClusterName, + ClusterFeatures: process.GetClusterFeatures, PollInterval: process.Config.Discovery.PollInterval, ServerCredentials: tlsConfig, AccessGraphConfig: accessGraphCfg, - ClusterFeatures: process.getClusterFeatures, }) if err != nil { return trace.Wrap(err) diff --git a/lib/service/kubernetes.go b/lib/service/kubernetes.go index 401e86d42160d..b6eb85801fcbe 100644 --- a/lib/service/kubernetes.go +++ b/lib/service/kubernetes.go @@ -46,7 +46,7 @@ func (process *TeleportProcess) initKubernetes() { if conn == nil { return trace.Wrap(err) } - if !process.getClusterFeatures().Kubernetes { + if !process.GetClusterFeatures().Kubernetes { log.Warn("Warning: Kubernetes service not intialized because Teleport Auth Server is not licensed for Kubernetes Access. ", "Please contact the cluster administrator to enable it.") return nil @@ -224,7 +224,7 @@ func (process *TeleportProcess) initKubernetesService(log *logrus.Entry, conn *C LockWatcher: lockWatcher, CheckImpersonationPermissions: cfg.Kube.CheckImpersonationPermissions, PublicAddr: publicAddr, - ClusterFeatures: process.getClusterFeatures, + ClusterFeatures: process.GetClusterFeatures, }, TLS: tlsConfig, AccessPoint: accessPoint, diff --git a/lib/service/service.go b/lib/service/service.go index e5bb0b6ce64bb..dae61998a2ac6 100644 --- a/lib/service/service.go +++ b/lib/service/service.go @@ -578,7 +578,8 @@ func (process *TeleportProcess) setClusterFeatures(features *proto.Features) { } } -func (process *TeleportProcess) getClusterFeatures() proto.Features { +// GetClusterFeatures returns the cluster features. +func (process *TeleportProcess) GetClusterFeatures() proto.Features { process.Lock() defer process.Unlock() @@ -1771,7 +1772,7 @@ func (process *TeleportProcess) initAuthService() error { } checkingEmitter, err := events.NewCheckingEmitter(events.CheckingEmitterConfig{ - Inner: events.NewMultiEmitter(events.NewLoggingEmitter(process.getClusterFeatures().Cloud), emitter), + Inner: events.NewMultiEmitter(events.NewLoggingEmitter(process.GetClusterFeatures().Cloud), emitter), Clock: process.Clock, ClusterName: clusterName, }) @@ -2460,7 +2461,7 @@ func (process *TeleportProcess) proxyPublicAddr() utils.NetAddr { // It is caller's responsibility to call Close on the emitter once done. func (process *TeleportProcess) NewAsyncEmitter(clt apievents.Emitter) (*events.AsyncEmitter, error) { emitter, err := events.NewCheckingEmitter(events.CheckingEmitterConfig{ - Inner: events.NewMultiEmitter(events.NewLoggingEmitter(process.getClusterFeatures().Cloud), clt), + Inner: events.NewMultiEmitter(events.NewLoggingEmitter(process.GetClusterFeatures().Cloud), clt), Clock: process.Clock, }) if err != nil { @@ -4116,7 +4117,7 @@ func (process *TeleportProcess) initProxyEndpoint(conn *Connector) error { HostUUID: process.Config.HostUUID, Context: process.GracefulExitContext(), StaticFS: fs, - ClusterFeatures: process.getClusterFeatures(), + ClusterFeatures: process.GetClusterFeatures(), GetProxyIdentity: func() (*auth.Identity, error) { return process.GetIdentity(types.RoleProxy) }, @@ -4512,7 +4513,7 @@ func (process *TeleportProcess) initProxyEndpoint(conn *Connector) error { // the provided connection certificate is from a proxy server and // will impersonate the identity of the user that is making the request. ConnTLSConfig: tlsConfig.Clone(), - ClusterFeatures: process.getClusterFeatures, + ClusterFeatures: process.GetClusterFeatures, }, TLS: tlsConfig.Clone(), LimiterConfig: cfg.Proxy.Limiter,