utils

package
v1.15.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 25, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AntreaPolicyProtocolToK8sProtocol added in v1.7.0 

func AntreaPolicyProtocolToK8sProtocol(antreaProtocol AntreaPolicyProtocol) (v1.Protocol, error)

func GenPortsOrProtocols added in v1.7.0 

func GenPortsOrProtocols(protoc AntreaPolicyProtocol, port *int32, portName *string, endPort, srcPort, srcEndPort, icmpType, icmpCode, igmpType *int32, groupAddress *string) ([]crdv1beta1.NetworkPolicyPort, []crdv1beta1.NetworkPolicyProtocol)

Types

type ACNPAppliedToSpec 

type ACNPAppliedToSpec struct {
	PodSelector          map[string]string
	NodeSelector         map[string]string
	NSSelector           map[string]string
	PodSelectorMatchExp  []metav1.LabelSelectorRequirement
	NodeSelectorMatchExp []metav1.LabelSelectorRequirement
	NSSelectorMatchExp   []metav1.LabelSelectorRequirement
	Group                string
	Service              *crdv1beta1.NamespacedName
}

type ANNPAppliedToSpec added in v1.13.0 

type ANNPAppliedToSpec struct {
	ExternalEntitySelector         map[string]string
	ExternalEntitySelectorMatchExp []metav1.LabelSelectorRequirement
	PodSelector                    map[string]string
	PodSelectorMatchExp            []metav1.LabelSelectorRequirement
	Group                          string
}

type AntreaNetworkPolicySpecBuilder 

type AntreaNetworkPolicySpecBuilder struct {
	Spec      crdv1beta1.NetworkPolicySpec
	Name      string
	Namespace string
}

func (*AntreaNetworkPolicySpecBuilder) AddEgress 

func (b *AntreaNetworkPolicySpecBuilder) AddEgress(protoc AntreaPolicyProtocol,
	port *int32, portName *string, endPort, icmpType, icmpCode, igmpType *int32, l7Protocols []crdv1beta1.L7Protocol,
	groupAddress, cidr *string, podSelector map[string]string, nsSelector map[string]string, eeSelector map[string]string,
	podSelectorMatchExp []metav1.LabelSelectorRequirement, nsSelectorMatchExp []metav1.LabelSelectorRequirement, eeSelectorMatchExp []metav1.LabelSelectorRequirement,
	ruleAppliedToSpecs []ANNPAppliedToSpec, action crdv1beta1.RuleAction, ruleGroup, name string) *AntreaNetworkPolicySpecBuilder

func (*AntreaNetworkPolicySpecBuilder) AddEgressLogging 

func (b *AntreaNetworkPolicySpecBuilder) AddEgressLogging(logLabel string) *AntreaNetworkPolicySpecBuilder

func (*AntreaNetworkPolicySpecBuilder) AddIngress 

func (b *AntreaNetworkPolicySpecBuilder) AddIngress(protoc AntreaPolicyProtocol,
	port *int32, portName *string, endPort, icmpType, icmpCode, igmpType *int32, l7Protocols []crdv1beta1.L7Protocol,
	groupAddress, cidr *string, podSelector map[string]string, nsSelector map[string]string, eeSelector map[string]string,
	podSelectorMatchExp []metav1.LabelSelectorRequirement, nsSelectorMatchExp []metav1.LabelSelectorRequirement, eeSelectorMatchExp []metav1.LabelSelectorRequirement,
	ruleAppliedToSpecs []ANNPAppliedToSpec, action crdv1beta1.RuleAction, ruleGroup, name string) *AntreaNetworkPolicySpecBuilder

func (*AntreaNetworkPolicySpecBuilder) AddToServicesRule added in v1.5.0 

func (b *AntreaNetworkPolicySpecBuilder) AddToServicesRule(svcRefs []crdv1beta1.PeerService,
	name string, ruleAppliedToSpecs []ANNPAppliedToSpec, action crdv1beta1.RuleAction) *AntreaNetworkPolicySpecBuilder

func (*AntreaNetworkPolicySpecBuilder) Get 

func (b *AntreaNetworkPolicySpecBuilder) Get() *crdv1beta1.NetworkPolicy

func (*AntreaNetworkPolicySpecBuilder) GetAppliedToPeer 

func (b *AntreaNetworkPolicySpecBuilder) GetAppliedToPeer(podSelector map[string]string,
	podSelectorMatchExp []metav1.LabelSelectorRequirement,
	entitySelector map[string]string,
	entitySelectorMatchExp []metav1.LabelSelectorRequirement,
	appliedToGrp string) crdv1beta1.AppliedTo

func (*AntreaNetworkPolicySpecBuilder) SetAppliedToGroup 

func (b *AntreaNetworkPolicySpecBuilder) SetAppliedToGroup(specs []ANNPAppliedToSpec) *AntreaNetworkPolicySpecBuilder

func (*AntreaNetworkPolicySpecBuilder) SetName 

func (b *AntreaNetworkPolicySpecBuilder) SetName(namespace string, name string) *AntreaNetworkPolicySpecBuilder

func (*AntreaNetworkPolicySpecBuilder) SetPriority 

func (b *AntreaNetworkPolicySpecBuilder) SetPriority(p float64) *AntreaNetworkPolicySpecBuilder

func (*AntreaNetworkPolicySpecBuilder) SetTier 

func (b *AntreaNetworkPolicySpecBuilder) SetTier(tier string) *AntreaNetworkPolicySpecBuilder

type AntreaPolicyProtocol added in v1.7.0 

type AntreaPolicyProtocol string
const (
	ProtocolTCP  AntreaPolicyProtocol = "TCP"
	ProtocolUDP  AntreaPolicyProtocol = "UDP"
	ProtocolSCTP AntreaPolicyProtocol = "SCTP"
	ProtocolICMP AntreaPolicyProtocol = "ICMP"
	ProtocolIGMP AntreaPolicyProtocol = "IGMP"
)

type ClusterGroupSpecBuilder added in v1.13.0 

type ClusterGroupSpecBuilder struct {
	Spec crdv1beta1.GroupSpec
	Name string
}

ClusterGroupSpecBuilder builds a core/v1beta1 ClusterGroup object.

func (*ClusterGroupSpecBuilder) Get added in v1.13.0 

func (b *ClusterGroupSpecBuilder) Get() *crdv1beta1.ClusterGroup

func (*ClusterGroupSpecBuilder) SetChildGroups added in v1.13.0 

func (b *ClusterGroupSpecBuilder) SetChildGroups(cgs []string) *ClusterGroupSpecBuilder

func (*ClusterGroupSpecBuilder) SetIPBlocks added in v1.13.0 

func (b *ClusterGroupSpecBuilder) SetIPBlocks(ipBlocks []crdv1beta1.IPBlock) *ClusterGroupSpecBuilder

func (*ClusterGroupSpecBuilder) SetName added in v1.13.0 

func (b *ClusterGroupSpecBuilder) SetName(name string) *ClusterGroupSpecBuilder

func (*ClusterGroupSpecBuilder) SetNamespaceSelector added in v1.13.0 

func (b *ClusterGroupSpecBuilder) SetNamespaceSelector(nsSelector map[string]string, nsSelectorMatchExp []metav1.LabelSelectorRequirement) *ClusterGroupSpecBuilder

func (*ClusterGroupSpecBuilder) SetPodSelector added in v1.13.0 

func (b *ClusterGroupSpecBuilder) SetPodSelector(podSelector map[string]string, podSelectorMatchExp []metav1.LabelSelectorRequirement) *ClusterGroupSpecBuilder

func (*ClusterGroupSpecBuilder) SetServiceReference added in v1.13.0 

func (b *ClusterGroupSpecBuilder) SetServiceReference(svcNS, svcName string) *ClusterGroupSpecBuilder

type ClusterNetworkPolicySpecBuilder 

type ClusterNetworkPolicySpecBuilder struct {
	Spec crdv1beta1.ClusterNetworkPolicySpec
	Name string
}

func (*ClusterNetworkPolicySpecBuilder) AddEgress 

func (b *ClusterNetworkPolicySpecBuilder) AddEgress(protoc AntreaPolicyProtocol,
	port *int32, portName *string, endPort, icmpType, icmpCode, igmpType *int32,
	groupAddress, cidr *string, podSelector map[string]string, nodeSelector map[string]string, nsSelector map[string]string,
	podSelectorMatchExp []metav1.LabelSelectorRequirement, nodeSelectorMatchExp []metav1.LabelSelectorRequirement, nsSelectorMatchExp []metav1.LabelSelectorRequirement, selfNS bool,
	ruleAppliedToSpecs []ACNPAppliedToSpec, action crdv1beta1.RuleAction, ruleClusterGroup, name string, serviceAccount *crdv1beta1.NamespacedName) *ClusterNetworkPolicySpecBuilder

func (*ClusterNetworkPolicySpecBuilder) AddEgressLogging 

func (b *ClusterNetworkPolicySpecBuilder) AddEgressLogging(logLabel string) *ClusterNetworkPolicySpecBuilder

func (*ClusterNetworkPolicySpecBuilder) AddFQDNRule added in v1.3.0 

func (b *ClusterNetworkPolicySpecBuilder) AddFQDNRule(fqdn string,
	protoc AntreaPolicyProtocol, port *int32, portName *string, endPort *int32, name string,
	ruleAppliedToSpecs []ACNPAppliedToSpec, action crdv1beta1.RuleAction) *ClusterNetworkPolicySpecBuilder

func (*ClusterNetworkPolicySpecBuilder) AddIngress 

func (b *ClusterNetworkPolicySpecBuilder) AddIngress(protoc AntreaPolicyProtocol,
	port *int32, portName *string, endPort, icmpType, icmpCode, igmpType *int32,
	groupAddress, cidr *string, podSelector map[string]string, nodeSelector map[string]string, nsSelector map[string]string,
	podSelectorMatchExp []metav1.LabelSelectorRequirement, nodeSelectorMatchExp []metav1.LabelSelectorRequirement, nsSelectorMatchExp []metav1.LabelSelectorRequirement, selfNS bool,
	ruleAppliedToSpecs []ACNPAppliedToSpec, action crdv1beta1.RuleAction, ruleClusterGroup, name string, serviceAccount *crdv1beta1.NamespacedName) *ClusterNetworkPolicySpecBuilder

func (*ClusterNetworkPolicySpecBuilder) AddIngressForSrcPort added in v1.12.0 

func (b *ClusterNetworkPolicySpecBuilder) AddIngressForSrcPort(protoc AntreaPolicyProtocol,
	port, endPort, srcPort, endSrcPort, icmpType, icmpCode, igmpType *int32,
	groupAddress, cidr *string, podSelector map[string]string, nodeSelector map[string]string, nsSelector map[string]string,
	podSelectorMatchExp []metav1.LabelSelectorRequirement, nodeSelectorMatchExp []metav1.LabelSelectorRequirement, nsSelectorMatchExp []metav1.LabelSelectorRequirement, selfNS bool,
	ruleAppliedToSpecs []ACNPAppliedToSpec, action crdv1beta1.RuleAction, ruleClusterGroup, name string, serviceAccount *crdv1beta1.NamespacedName) *ClusterNetworkPolicySpecBuilder

TODO: added new function to avoid merge conflicts. Unify this function with 'addIngress' when 

all conflicting PRs are merged.

func (*ClusterNetworkPolicySpecBuilder) AddNodeSelectorRule added in v1.6.0 

func (b *ClusterNetworkPolicySpecBuilder) AddNodeSelectorRule(nodeSelector *metav1.LabelSelector, protoc AntreaPolicyProtocol, port *int32, name string,
	ruleAppliedToSpecs []ACNPAppliedToSpec, action crdv1beta1.RuleAction, isEgress bool) *ClusterNetworkPolicySpecBuilder

func (*ClusterNetworkPolicySpecBuilder) AddStretchedIngressRule added in v1.10.0 

func (b *ClusterNetworkPolicySpecBuilder) AddStretchedIngressRule(pSel, nsSel map[string]string,
	name string, ruleAppliedToSpecs []ACNPAppliedToSpec, action crdv1beta1.RuleAction) *ClusterNetworkPolicySpecBuilder

func (*ClusterNetworkPolicySpecBuilder) AddToServicesRule added in v1.4.0 

func (b *ClusterNetworkPolicySpecBuilder) AddToServicesRule(svcRefs []crdv1beta1.PeerService,
	name string, ruleAppliedToSpecs []ACNPAppliedToSpec, action crdv1beta1.RuleAction) *ClusterNetworkPolicySpecBuilder

func (*ClusterNetworkPolicySpecBuilder) Get 

func (b *ClusterNetworkPolicySpecBuilder) Get() *crdv1beta1.ClusterNetworkPolicy

func (*ClusterNetworkPolicySpecBuilder) GetAppliedToPeer 

func (b *ClusterNetworkPolicySpecBuilder) GetAppliedToPeer(podSelector map[string]string,
	nodeSelector map[string]string,
	nsSelector map[string]string,
	podSelectorMatchExp []metav1.LabelSelectorRequirement,
	nodeSelectorMatchExp []metav1.LabelSelectorRequirement,
	nsSelectorMatchExp []metav1.LabelSelectorRequirement,
	appliedToCG string,
	service *crdv1beta1.NamespacedName) crdv1beta1.AppliedTo

func (*ClusterNetworkPolicySpecBuilder) SetAppliedToGroup 

func (b *ClusterNetworkPolicySpecBuilder) SetAppliedToGroup(specs []ACNPAppliedToSpec) *ClusterNetworkPolicySpecBuilder

func (*ClusterNetworkPolicySpecBuilder) SetName 

func (b *ClusterNetworkPolicySpecBuilder) SetName(name string) *ClusterNetworkPolicySpecBuilder

func (*ClusterNetworkPolicySpecBuilder) SetPriority 

func (b *ClusterNetworkPolicySpecBuilder) SetPriority(p float64) *ClusterNetworkPolicySpecBuilder

func (*ClusterNetworkPolicySpecBuilder) SetTier 

func (b *ClusterNetworkPolicySpecBuilder) SetTier(tier string) *ClusterNetworkPolicySpecBuilder

func (*ClusterNetworkPolicySpecBuilder) WithEgressDNS 

func (b *ClusterNetworkPolicySpecBuilder) WithEgressDNS() *ClusterNetworkPolicySpecBuilder

AddEgressDNS mutates the nth policy rule to allow DNS, convenience method

type ExternalNodeSpecBuilder added in v1.8.0 

type ExternalNodeSpecBuilder struct {
	// contains filtered or unexported fields
}

func (*ExternalNodeSpecBuilder) AddInterface added in v1.8.0 

func (t *ExternalNodeSpecBuilder) AddInterface(name string, ips []string) *ExternalNodeSpecBuilder

func (*ExternalNodeSpecBuilder) AddLabels added in v1.8.0 

func (t *ExternalNodeSpecBuilder) AddLabels(labels map[string]string) *ExternalNodeSpecBuilder

func (*ExternalNodeSpecBuilder) Get added in v1.8.0 

func (t *ExternalNodeSpecBuilder) Get() *crdv1alpha1.ExternalNode

func (*ExternalNodeSpecBuilder) SetName added in v1.8.0 

func (t *ExternalNodeSpecBuilder) SetName(namespace string, name string) *ExternalNodeSpecBuilder

type GroupSpecBuilder added in v1.8.0 

type GroupSpecBuilder struct {
	Spec      crdv1beta1.GroupSpec
	Name      string
	Namespace string
}

GroupSpecBuilder builds a Group object.

func (*GroupSpecBuilder) Get added in v1.8.0 

func (b *GroupSpecBuilder) Get() *crdv1beta1.Group

func (*GroupSpecBuilder) SetChildGroups added in v1.8.0 

func (b *GroupSpecBuilder) SetChildGroups(cgs []string) *GroupSpecBuilder

func (*GroupSpecBuilder) SetIPBlocks added in v1.8.0 

func (b *GroupSpecBuilder) SetIPBlocks(ipBlocks []crdv1beta1.IPBlock) *GroupSpecBuilder

func (*GroupSpecBuilder) SetName added in v1.8.0 

func (b *GroupSpecBuilder) SetName(name string) *GroupSpecBuilder

func (*GroupSpecBuilder) SetNamespace added in v1.8.0 

func (b *GroupSpecBuilder) SetNamespace(namespace string) *GroupSpecBuilder

func (*GroupSpecBuilder) SetNamespaceSelector added in v1.8.0 

func (b *GroupSpecBuilder) SetNamespaceSelector(nsSelector map[string]string, nsSelectorMatchExp []metav1.LabelSelectorRequirement) *GroupSpecBuilder

func (*GroupSpecBuilder) SetPodSelector added in v1.8.0 

func (b *GroupSpecBuilder) SetPodSelector(podSelector map[string]string, podSelectorMatchExp []metav1.LabelSelectorRequirement) *GroupSpecBuilder

func (*GroupSpecBuilder) SetServiceReference added in v1.8.0 

func (b *GroupSpecBuilder) SetServiceReference(svcNS, svcName string) *GroupSpecBuilder

type NetworkPolicySpecBuilder 

type NetworkPolicySpecBuilder struct {
	Spec      networkingv1.NetworkPolicySpec
	Name      string
	Namespace string
}

func (*NetworkPolicySpecBuilder) AddEgress 

func (n *NetworkPolicySpecBuilder) AddEgress(protoc v1.Protocol, port *int32, portName *string, cidr *string, exceptCIDRs []string,
	podSelector map[string]string, nsSelector map[string]string,
	podSelectorMatchExp []metav1.LabelSelectorRequirement, nsSelectorMatchExp []metav1.LabelSelectorRequirement) *NetworkPolicySpecBuilder

func (*NetworkPolicySpecBuilder) AddIngress 

func (n *NetworkPolicySpecBuilder) AddIngress(protoc v1.Protocol, port *int32, portName *string, cidr *string, exceptCIDRs []string,
	podSelector map[string]string, nsSelector map[string]string,
	podSelectorMatchExp []metav1.LabelSelectorRequirement, nsSelectorMatchExp []metav1.LabelSelectorRequirement) *NetworkPolicySpecBuilder

TODO: Add tests to match expressions

func (*NetworkPolicySpecBuilder) Get 

func (n *NetworkPolicySpecBuilder) Get() *networkingv1.NetworkPolicy

func (*NetworkPolicySpecBuilder) SetName 

func (n *NetworkPolicySpecBuilder) SetName(namespace string, name string) *NetworkPolicySpecBuilder

func (*NetworkPolicySpecBuilder) SetPodSelector 

func (n *NetworkPolicySpecBuilder) SetPodSelector(labels map[string]string) *NetworkPolicySpecBuilder

func (*NetworkPolicySpecBuilder) SetTypeBoth 

func (n *NetworkPolicySpecBuilder) SetTypeBoth() *NetworkPolicySpecBuilder

func (*NetworkPolicySpecBuilder) SetTypeEgress 

func (n *NetworkPolicySpecBuilder) SetTypeEgress() *NetworkPolicySpecBuilder

func (*NetworkPolicySpecBuilder) SetTypeIngress 

func (n *NetworkPolicySpecBuilder) SetTypeIngress() *NetworkPolicySpecBuilder

func (*NetworkPolicySpecBuilder) WithEgressDNS 

func (n *NetworkPolicySpecBuilder) WithEgressDNS() *NetworkPolicySpecBuilder

AddEgressDNS mutates the nth policy rule to allow DNS, convenience method

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.