resolver

package

v0.0.0-...-e204674 Latest Latest Go to latest Published: Oct 3, 2018 License: Apache-2.0 Imports: 16 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aporeto-inc/trireme-kubernetes

Documentation ¶

Overview ¶

Package resolver resolves each Container to a specific Trireme policy based on Kubernetes Policy definitions.

Index ¶

Constants
type KubernetesPolicy
- func NewKubernetesPolicy(ctx context.Context, controller controller.TriremeController, ...) (*KubernetesPolicy, error)
type NamespaceWatcher
- func NewNamespaceWatcher(namespace string, policyStore kubecache.Store, ...) *NamespaceWatcher

Constants ¶

View Source

const UpstreamNameIdentifier = "k8s:name"

UpstreamNameIdentifier is the identifier used to identify the nane on the resulting PU

View Source

const UpstreamNamespaceIdentifier = "k8s:namespace"

UpstreamNamespaceIdentifier is the identifier used to identify the nanespace on the resulting PU

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type KubernetesPolicy ¶

type KubernetesPolicy struct {
	KubernetesClient *kubernetes.Client
	// contains filtered or unexported fields
}

KubernetesPolicy represents a Trireme Policer for Kubernetes. It implements the Trireme Resolver interface and implements the policies defined by Kubernetes NetworkPolicy API.

func NewKubernetesPolicy ¶

func NewKubernetesPolicy(ctx context.Context, controller controller.TriremeController, kubeconfig string, nodename string, triremeNetworks []string) (*KubernetesPolicy, error)

NewKubernetesPolicy creates a new policy engine for the Trireme package

func (*KubernetesPolicy) HandlePUEvent ¶

func (k *KubernetesPolicy) HandlePUEvent(ctx context.Context, puID string, event common.Event, runtime policy.RuntimeReader) error

HandlePUEvent is called by Trireme for notification that a specific PU got an event.

func (*KubernetesPolicy) ResolvePolicy ¶

func (k *KubernetesPolicy) ResolvePolicy(contextID string, runtime policy.RuntimeReader) (*policy.PUPolicy, error)

ResolvePolicy generates the Policy for the target PU. The policy for the PU will be based on the defined Kubernetes NetworkPolicies on the Pod to which the PU belongs.

func (*KubernetesPolicy) Run ¶

func (k *KubernetesPolicy) Run(sync chan struct{})

Run starts the KubernetesPolicer by watching for Namespace Changes. Run is blocking. Use go

func (*KubernetesPolicy) Stop ¶

func (k *KubernetesPolicy) Stop()

Stop Stops all the channels

type NamespaceWatcher ¶

type NamespaceWatcher struct {
	// contains filtered or unexported fields
}

NamespaceWatcher implements the policy for a specific Namespace

func NewNamespaceWatcher ¶

func NewNamespaceWatcher(namespace string,
	policyStore kubecache.Store, policyController kubecache.Controller, policyControllerStop chan struct{}) *NamespaceWatcher

NewNamespaceWatcher initialize a new NamespaceWatcher that watches the Pod and Networkpolicy events on the specific namespace passed in parameter.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL