Documentation
¶
Index ¶
- Constants
- Variables
- func GetApplyIPSetsTestCalls(toAddOrUpdateIPSets, toDeleteIPSets []*IPSetMetadata) []testutils.TestCmd
- func GetResetTestCalls() []testutils.TestCmd
- type IPSet
- type IPSetManager
- func (iMgr *IPSetManager) AddReference(setName, referenceName string, referenceType ReferenceType) error
- func (iMgr *IPSetManager) AddToLists(listMetadatas, setMetadatas []*IPSetMetadata) error
- func (iMgr *IPSetManager) AddToSets(addToSets []*IPSetMetadata, ip, podKey string) error
- func (iMgr *IPSetManager) ApplyIPSets() error
- func (iMgr *IPSetManager) CreateIPSets(setMetadatas []*IPSetMetadata)
- func (iMgr *IPSetManager) DeleteIPSet(name string)
- func (iMgr *IPSetManager) DeleteReference(setName, referenceName string, referenceType ReferenceType) error
- func (iMgr *IPSetManager) GetIPSet(name string) *IPSet
- func (iMgr *IPSetManager) GetIPsFromSelectorIPSets(setList map[string]struct{}) (map[string]struct{}, error)
- func (iMgr *IPSetManager) GetSelectorReferencesBySet(setName string) (map[string]struct{}, error)
- func (iMgr *IPSetManager) RemoveFromList(listMetadata *IPSetMetadata, setMetadatas []*IPSetMetadata) error
- func (iMgr *IPSetManager) RemoveFromSets(removeFromSets []*IPSetMetadata, ip, podKey string) error
- func (iMgr *IPSetManager) ResetIPSets() error
- type IPSetManagerCfg
- type IPSetMetadata
- type IPSetMode
- type ReferenceType
- type SetKind
- type SetProperties
- type SetType
- type TestSet
- type TranslatedIPSet
Constants ¶
View Source
const ( // Unknown SetType UnknownType SetType = 0 // NameSpace IPSet is created to hold // ips of pods in a given NameSapce Namespace SetType = 1 // KeyLabelOfNamespace IPSet is a list kind ipset // with members as ipsets of namespace with this Label Key KeyLabelOfNamespace SetType = 2 // KeyValueLabelOfNamespace IPSet is a list kind ipset // with members as ipsets of namespace with this Label KeyValueLabelOfNamespace SetType = 3 // KeyLabelOfPod IPSet contains IPs of Pods with this Label Key KeyLabelOfPod SetType = 4 // KeyValueLabelOfPod IPSet contains IPs of Pods with this Label KeyValueLabelOfPod SetType = 5 // NamedPorts IPSets contains a given namedport NamedPorts SetType = 6 // NestedLabelOfPod is derived for multivalue matchexpressions NestedLabelOfPod SetType = 7 // CIDRBlocks holds CIDR blocks CIDRBlocks SetType = 8 // Unknown const for unknown string Unknown string = "unknown" )
Variables ¶
View Source
var ( TestNSSet = CreateTestSet("test-ns-set", Namespace) TestKeyPodSet = CreateTestSet("test-keyPod-set", KeyLabelOfPod) TestKVPodSet = CreateTestSet("test-kvPod-set", KeyValueLabelOfPod) TestNamedportSet = CreateTestSet("test-namedport-set", NamedPorts) TestCIDRSet = CreateTestSet("test-cidr-set", CIDRBlocks) TestKeyNSList = CreateTestSet("test-keyNS-list", KeyLabelOfNamespace) TestKVNSList = CreateTestSet("test-kvNS-list", KeyValueLabelOfNamespace) TestNestedLabelList = CreateTestSet("test-nestedlabel-list", NestedLabelOfPod) )
View Source
var ( // ErrIPSetInvalidKind is returned when IPSet kind is invalid ErrIPSetInvalidKind = errors.New("invalid IPSet Kind") )
Functions ¶
func GetApplyIPSetsTestCalls ¶
func GetApplyIPSetsTestCalls(toAddOrUpdateIPSets, toDeleteIPSets []*IPSetMetadata) []testutils.TestCmd
func GetResetTestCalls ¶
Types ¶
type IPSet ¶
type IPSet struct {
// Name is prefixed name of original set
Name string
// HashedName is AzureNpmPrefix (azure-npm-) + hash of prefixed name
HashedName string
// SetProperties embedding set properties
SetProperties
// IpPodKey is used for setMaps to store Ips and ports as keys
// and podKey as value
IPPodKey map[string]string
// This is used for listMaps to store child IP Sets
MemberIPSets map[string]*IPSet
// Using a map to emulate set and value as struct{} for
// minimal memory consumption
// SelectorReference holds networkpolicy names where this IPSet
// is being used in PodSelector and NameSpace
SelectorReference map[string]struct{}
// NetPolReference holds networkpolicy names where this IPSet
// is being referred as part of rules
NetPolReference map[string]struct{}
// contains filtered or unexported fields
}
func NewIPSet ¶
func NewIPSet(setMetadata *IPSetMetadata) *IPSet
func (*IPSet) GetSetContents ¶
GetSetContents returns members of set as string slice
func (*IPSet) GetSetMetadata ¶
func (set *IPSet) GetSetMetadata() *IPSetMetadata
GetSetMetadata returns set metadata with unprefixed original name and SetType
func (*IPSet) ShallowCompare ¶
ShallowCompare check if the properties of IPSets are same
type IPSetManager ¶
func NewIPSetManager ¶
func NewIPSetManager(iMgrCfg *IPSetManagerCfg, ioShim *common.IOShim) *IPSetManager
func (*IPSetManager) AddReference ¶
func (iMgr *IPSetManager) AddReference(setName, referenceName string, referenceType ReferenceType) error
AddReference takes in the prefixed setname and adds relevant reference
func (*IPSetManager) AddToLists ¶
func (iMgr *IPSetManager) AddToLists(listMetadatas, setMetadatas []*IPSetMetadata) error
func (*IPSetManager) AddToSets ¶
func (iMgr *IPSetManager) AddToSets(addToSets []*IPSetMetadata, ip, podKey string) error
func (*IPSetManager) ApplyIPSets ¶
func (iMgr *IPSetManager) ApplyIPSets() error
func (*IPSetManager) CreateIPSets ¶
func (iMgr *IPSetManager) CreateIPSets(setMetadatas []*IPSetMetadata)
func (*IPSetManager) DeleteIPSet ¶
func (iMgr *IPSetManager) DeleteIPSet(name string)
DeleteIPSet expects the prefixed ipset name
func (*IPSetManager) DeleteReference ¶
func (iMgr *IPSetManager) DeleteReference(setName, referenceName string, referenceType ReferenceType) error
DeleteReference takes in the prefixed setname and removes relevant reference
func (*IPSetManager) GetIPSet ¶
func (iMgr *IPSetManager) GetIPSet(name string) *IPSet
GetIPSet needs the prefixed ipset name
func (*IPSetManager) GetIPsFromSelectorIPSets ¶ added in v1.4.13
func (iMgr *IPSetManager) GetIPsFromSelectorIPSets(setList map[string]struct{}) (map[string]struct{}, error)
GetIPsFromSelectorIPSets will take in a map of prefixedSetNames and return an intersection of IPs
func (*IPSetManager) GetSelectorReferencesBySet ¶ added in v1.4.13
func (iMgr *IPSetManager) GetSelectorReferencesBySet(setName string) (map[string]struct{}, error)
func (*IPSetManager) RemoveFromList ¶
func (iMgr *IPSetManager) RemoveFromList(listMetadata *IPSetMetadata, setMetadatas []*IPSetMetadata) error
func (*IPSetManager) RemoveFromSets ¶
func (iMgr *IPSetManager) RemoveFromSets(removeFromSets []*IPSetMetadata, ip, podKey string) error
func (*IPSetManager) ResetIPSets ¶
func (iMgr *IPSetManager) ResetIPSets() error
type IPSetManagerCfg ¶
type IPSetMetadata ¶
func NewIPSetMetadata ¶
func NewIPSetMetadata(name string, setType SetType) *IPSetMetadata
NewIPSetMetadata is used for controllers to send in skeleton ipsets to DP
func (*IPSetMetadata) GetHashedName ¶
func (setMetadata *IPSetMetadata) GetHashedName() string
func (*IPSetMetadata) GetPrefixName ¶
func (setMetadata *IPSetMetadata) GetPrefixName() string
TODO join with colon instead of dash for easier readability?
func (*IPSetMetadata) GetSetKind ¶
func (setMetadata *IPSetMetadata) GetSetKind() SetKind
type ReferenceType ¶
type ReferenceType string
ReferenceType specifies the kind of reference for an IPSet
const ( SelectorType ReferenceType = "Selector" NetPolType ReferenceType = "NetPol" )
Possible ReferenceTypes
type SetProperties ¶
type TestSet ¶
type TestSet struct {
Metadata *IPSetMetadata
PrefixName string
HashedName string
}
TODO deprecate the TestSet type and replace TestNSSet etc. with just their metadata since you can get prefix name and hashed name with metadata methods
func CreateTestSet ¶
type TranslatedIPSet ¶
type TranslatedIPSet struct {
Metadata *IPSetMetadata
// Members holds member ipset names for NestedLabelOfPod and ip address ranges
// for CIDRBlocks IPSet
Members []string
}
TranslatedIPSet is created by translation engine and provides IPSets used in network policy. Only 2 types of IPSets are generated with members: 1. CIDRBlocks IPSet 2. NestedLabelOfPod IPSet from multi value labels Members field holds member ipset names for NestedLabelOfPod and ip address ranges for CIDRBlocks IPSet
func NewTranslatedIPSet ¶
func NewTranslatedIPSet(name string, setType SetType, members ...string) *TranslatedIPSet
NewTranslatedIPSet creates TranslatedIPSet. Only nested labels from podSelector and IPBlock has members and others has nil slice.
Source Files
Click to show internal directories.
Click to hide internal directories.