Documentation ¶
Index ¶
- Constants
- func K8sNP2CP(np *v1beta1.NetworkPolicy) (string, *policy.Node, error)
- type Container
- type FEPort
- type FEPortName
- type IPv4
- type IPv6
- type IngressIsolationPolicy
- type K8sServiceEndpoint
- type K8sServiceInfo
- type K8sServiceNamespace
- type L3n4Addr
- type L3n4AddrID
- type L4Addr
- type L4Type
- type LBBackEnd
- type LBSVC
- type LoadBalancer
- type NamespaceIngressPolicy
- type NamespaceNetworkPolicy
- type NamespaceSpec
- type PingResponse
- type RevNATMap
- type SVCMap
- type SVCMapID
- type ServerError
- type ServiceID
Constants ¶
const ( NONE = L4Type("NONE") // TCP type. TCP = L4Type("TCP") // UDP type. UDP = L4Type("UDP") )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Container ¶
type Container struct { dTypes.ContainerJSON LabelsHash string OpLabels labels.OpLabels }
func (*Container) IsDockerOrInfracontainer ¶
type IngressIsolationPolicy ¶
type IngressIsolationPolicy string
const ( // DefaultDeny denies all ingress traffic to pods in this namespace. Ingress means // any incoming traffic to pods, whether that be from other pods within this namespace // or any source outside of this namespace. DefaultDeny IngressIsolationPolicy = "DefaultDeny" )
type K8sServiceEndpoint ¶
type K8sServiceEndpoint struct { // TODO: Replace bool for time.Time so we know last time the service endpoint was seen? BEIPs map[string]bool Ports map[FEPortName]*L4Addr }
K8sServiceEndpoint is an abstraction for the k8s endpoint object. Each service is composed by a map of backend IPs (BEIPs) and a map of Ports (Ports). Each k8s endpoint present in BEIPs share the same list of Ports open.
func NewK8sServiceEndpoint ¶
func NewK8sServiceEndpoint() *K8sServiceEndpoint
NewK8sServiceEndpoint creates a new K8sServiceEndpoint with the backend BEIPs map and Ports map initialized.
type K8sServiceInfo ¶
type K8sServiceInfo struct { FEIP net.IP Ports map[FEPortName]*FEPort }
K8sServiceInfo is an abstraction for a k8s service that is composed by the frontend IP address (FEIP) and the map of the frontend ports (Ports).
func NewK8sServiceInfo ¶
func NewK8sServiceInfo(ip net.IP) *K8sServiceInfo
NewK8sServiceInfo creates a new K8sServiceInfo with the Ports map initialized.
type K8sServiceNamespace ¶
K8sServiceNamespace is an abstraction for the k8s service + namespace types.
type L3n4Addr ¶
L3n4Addr is used to store, as an unique L3+L4 address in the KVStore.
func NewL3n4Addr ¶
NewL3n4Addr creates a new L3n4Addr.
func NewL3n4AddrFromBackendModel ¶
func NewL3n4AddrFromBackendModel(base *models.BackendAddress) (*L3n4Addr, error)
func NewL3n4AddrFromModel ¶
func NewL3n4AddrFromModel(base *models.FrontendAddress) (*L3n4Addr, error)
func (*L3n4Addr) GetModel ¶
func (a *L3n4Addr) GetModel() *models.FrontendAddress
func (*L3n4Addr) IsIPv6 ¶
IsIPv6 returns true if the IP address in the given L3n4Addr is IPv6 or not.
type L3n4AddrID ¶
L3n4AddrID is used to store, as an unique L3+L4 plus the assigned ID, in the KVStore.
func NewL3n4AddrID ¶
func NewL3n4AddrID(protocol L4Type, ip net.IP, portNumber uint16, id ServiceID) (*L3n4AddrID, error)
NewL3n4AddrID creates a new L3n4AddrID.
func (*L3n4AddrID) DeepCopy ¶
func (l *L3n4AddrID) DeepCopy() *L3n4AddrID
DeepCopy returns a DeepCopy of the given L3n4AddrID.
func (*L3n4AddrID) IsIPv6 ¶
func (l *L3n4AddrID) IsIPv6() bool
IsIPv6 returns true if the IP address in L3n4Addr's L3n4AddrID is IPv6 or not.
type L4Addr ¶
L4Addr is an abstraction for the backend port with a L4Type, usually tcp or udp, and the Port number.
type LBBackEnd ¶
LBBackEnd represents load balancer backend.
func NewLBBackEnd ¶
func NewLBBackEndFromBackendModel ¶
func NewLBBackEndFromBackendModel(base *models.BackendAddress) (*LBBackEnd, error)
func (*LBBackEnd) GetBackendModel ¶
func (b *LBBackEnd) GetBackendModel() *models.BackendAddress
type LBSVC ¶
type LBSVC struct { Sha256 string FE L3n4AddrID BES []LBBackEnd }
LBSVC is essentially used for the REST API.
type LoadBalancer ¶
type LoadBalancer struct { BPFMapMU sync.RWMutex SVCMap SVCMap SVCMapID SVCMapID RevNATMap RevNATMap K8sMU sync.Mutex K8sServices map[K8sServiceNamespace]*K8sServiceInfo K8sEndpoints map[K8sServiceNamespace]*K8sServiceEndpoint K8sIngress map[K8sServiceNamespace]*K8sServiceInfo }
LoadBalancer is the internal representation of the loadbalancer in the local cilium daemon.
func NewLoadBalancer ¶
func NewLoadBalancer() *LoadBalancer
NewLoadBalancer returns a LoadBalancer with all maps initialized.
func (*LoadBalancer) AddService ¶
func (lb *LoadBalancer) AddService(svc LBSVC) bool
AddService adds a service to list of loadbalancers and returns true if created.
func (*LoadBalancer) DeleteService ¶
func (lb *LoadBalancer) DeleteService(svc *LBSVC)
type NamespaceIngressPolicy ¶
type NamespaceIngressPolicy struct { // The isolation policy to apply to pods in this namespace. // Currently this field only supports "DefaultDeny", but could // be extended to support other policies in the future. When set to DefaultDeny, // pods in this namespace are denied ingress traffic by default. When not defined, // the cluster default ingress isolation policy is applied (currently allow all). Isolation *IngressIsolationPolicy `json:"isolation,omitempty"` }
NamespaceIngressPolicy is the configuration for ingress to pods within this namespace. For now, this only supports specifying an isolation policy.
type NamespaceNetworkPolicy ¶
type NamespaceNetworkPolicy struct { // Ingress configuration for this namespace. This config is // applied to all pods within this namespace. For now, only // ingress is supported. This field is optional - if not // defined, then the cluster default for ingress is applied. Ingress *NamespaceIngressPolicy `json:"ingress,omitempty"` }
type NamespaceSpec ¶
type NamespaceSpec struct { // This is a pointer so that it can be left undefined. NetworkPolicy *NamespaceNetworkPolicy `json:"networkPolicy,omitempty"` }
NamespaceSpec is the standard namespace object, modified to include a new NamespaceNetworkPolicy field.
type PingResponse ¶
type PingResponse struct { NodeAddress string `json:"node-address"` Opts *option.BoolOptions `json:"options"` }
type SVCMap ¶
SVCMap is a map of the daemon's services. The key is the sha256sum of the LBSVC's FE and the value the LBSVC.
func (SVCMap) AddFEnBE ¶
func (svcs SVCMap) AddFEnBE(fe *L3n4AddrID, be *LBBackEnd, beIndex int)
AddFEnBE adds the given 'fe' and 'be' to the SVCMap. If 'fe' exists and beIndex is 0, the new 'be' will be appended to the list of existing backends. If beIndex is bigger than the size of existing backends slice, it will be created a new array with size of beIndex and the new 'be' will be inserted on index beIndex-1 of that new array. All remaining be elements will be kept on the same index and, in case the new array is larger than the number of backends, some elements will be empty.
type ServerError ¶
ServerError is the type of message used when the daemon returns any error messages in case of failure.
func (ServerError) String ¶
func (se ServerError) String() string
String returns string format of the given ServerError.