cache

package
v1.6.12 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 30, 2020 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// IdentityAllocator is an allocator for security identities from the
	// kvstore.
	IdentityAllocator *allocator.Allocator

	// GlobalIdentityAllocatorInitialized is closed whenever the global identity
	// allocator is initialized.
	GlobalIdentityAllocatorInitialized = make(chan struct{})

	// IdentitiesPath is the path to where identities are stored in the key-value
	// store.
	IdentitiesPath = path.Join(kvstore.BaseKeyPrefix, "state", "identities", "v1")
)

Functions

func AddUserDefinedNumericIdentitySet 

func AddUserDefinedNumericIdentitySet(m map[string]string) error

AddUserDefinedNumericIdentitySet adds all key-value pairs from the given map to the map of user defined numeric identities and reserved identities. The key-value pairs should map a numeric identity to a valid label. Is not safe for concurrent use.

func AllocateIdentity 

func AllocateIdentity(ctx context.Context, owner IdentityAllocatorOwner, lbls labels.Labels) (id *identity.Identity, allocated bool, err error)

AllocateIdentity allocates an identity described by the specified labels. If an identity for the specified set of labels already exist, the identity is re-used and reference counting is performed, otherwise a new identity is allocated via the kvstore.

func Close 

func Close()

Close closes the identity allocator and allows to call InitIdentityAllocator() again

func IdentityAllocationIsLocal 

func IdentityAllocationIsLocal(lbls labels.Labels) bool

IdentityAllocationIsLocal returns true if a call to AllocateIdentity with the given labels would not require accessing the KV store to allocate the identity. Currently, this function returns true only if the labels are those of a reserved identity, i.e. if the slice contains a single reserved "reserved:*" label.

func InitIdentityAllocator 

func InitIdentityAllocator(owner IdentityAllocatorOwner, client clientset.Interface, identityStore cache.Store) <-chan struct{}

InitIdentityAllocator creates the the identity allocator. Only the first invocation of this function will have an effect. The Caller must have initialized well known identities before calling this (by calling identity.InitWellKnownIdentities()). client and identityStore are only used by the CRD identity allocator, currently, and identityStore may be nil. Returns a channel which is closed when initialization of the allocator is completed. TODO: identity backends are initialized directly in this function, pulling in dependencies on kvstore and k8s. It would be better to decouple this, since the backends are an interface.

func LookupIdentity 

func LookupIdentity(lbls labels.Labels) *identity.Identity

LookupIdentity looks up the identity by its labels but does not create it. This function will first search through the local cache and fall back to querying the kvstore.

func LookupIdentityByID 

func LookupIdentityByID(id identity.NumericIdentity) *identity.Identity

LookupIdentityByID returns the identity by ID. This function will first search through the local cache and fall back to querying the kvstore.

func LookupReservedIdentityByLabels 

func LookupReservedIdentityByLabels(lbls labels.Labels) *identity.Identity

LookupReservedIdentityByLabels looks up a reserved identity by its labels and returns it if found. Returns nil if not found.

func Release 

func Release(ctx context.Context, owner IdentityAllocatorOwner, id *identity.Identity) (released bool, err error)

Release is the reverse operation of AllocateIdentity() and releases the identity again. This function may result in kvstore operations. After the last user has released the ID, the returned lastUse value is true.

func ReleaseSlice 

func ReleaseSlice(ctx context.Context, owner IdentityAllocatorOwner, identities []*identity.Identity) error

ReleaseSlice attempts to release a set of identities. It is a helper function that may be useful for cleaning up multiple identities in paths where several identities may be allocated and another error means that they should all be released.

func WaitForInitialGlobalIdentities added in v1.5.5 

func WaitForInitialGlobalIdentities(ctx context.Context) error

WaitForInitialGlobalIdentities waits for the initial set of global security identities to have been received and populated into the allocator cache.

func WatchRemoteIdentities 

func WatchRemoteIdentities(backend kvstore.BackendOperations) (*allocator.RemoteCache, error)

WatchRemoteIdentities starts watching for identities in another kvstore and syncs all identities to the local identity cache.

Types

type GlobalIdentity added in v1.6.0 

type GlobalIdentity struct {
	labels.LabelArray
}

GlobalIdentity is the structure used to store an identity

func (GlobalIdentity) GetAsMap added in v1.6.0 

func (gi GlobalIdentity) GetAsMap() map[string]string

GetAsMap encodes a GlobalIdentity a map of keys to values. The keys will include a source delimted by a ':'. This output is pareable by PutKeyFromMap.

func (GlobalIdentity) GetKey added in v1.6.0 

func (gi GlobalIdentity) GetKey() (str string)

GetKey encodes an Identity as string

func (GlobalIdentity) PutKey added in v1.6.0 

func (gi GlobalIdentity) PutKey(v string) allocator.AllocatorKey

PutKey decodes an Identity from its string representation

func (GlobalIdentity) PutKeyFromMap added in v1.6.0 

func (gi GlobalIdentity) PutKeyFromMap(v map[string]string) allocator.AllocatorKey

PutKeyFromMap decodes an Identity from a map of key to value. Output from GetAsMap can be parsed. Note: NewLabelArrayFromMap will parse the ':' separated label source from the keys because the source parameter is ""

type IdentitiesModel 

type IdentitiesModel []*models.Identity

IdentitiesModel is a wrapper so that we can implement the sort.Interface to sort the slice by ID

func GetIdentities 

func GetIdentities() IdentitiesModel

GetIdentities returns all known identities

func (IdentitiesModel) Less 

func (s IdentitiesModel) Less(i, j int) bool

Less returns true if the element in index `i` is lower than the element in index `j`

type IdentityAllocatorOwner 

type IdentityAllocatorOwner interface {
	// UpdateIdentities will be called when identities have changed
	//
	// The caller is responsible for making sure the same identity
	// is not present in both 'added' and 'deleted', so that they
	// can be processed in either order.
	UpdateIdentities(added, deleted IdentityCache)

	// GetSuffix must return the node specific suffix to use
	GetNodeSuffix() string
}

IdentityAllocatorOwner is the interface the owner of an identity allocator must implement

type IdentityCache 

type IdentityCache map[identity.NumericIdentity]labels.LabelArray

IdentityCache is a cache of identity to labels mapping

func GetIdentityCache 

func GetIdentityCache() IdentityCache

GetIdentityCache returns a cache of all known identities

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.