Documentation ¶
Index ¶
- Constants
- Variables
- func ChangeLogLevel(level logrus.Level)
- func GetProxyPort(l7Type policy.L7ParserType, ingress bool) (uint16, string, error)
- type DatapathUpdater
- type Proxy
- func (p *Proxy) CreateOrUpdateRedirect(l4 *policy.L4Filter, id string, localEndpoint logger.EndpointUpdater, ...) (proxyPort uint16, err error, finalizeFunc revert.FinalizeFunc, ...)
- func (p *Proxy) GetStatusModel() *models.ProxyStatus
- func (p *Proxy) ReinstallRules()
- func (p *Proxy) RemoveRedirect(id string, wg *completion.WaitGroup) (error, revert.FinalizeFunc, revert.RevertFunc)
- func (p *Proxy) SetProxyPort(name string, port uint16) error
- func (p *Proxy) UpdateNetworkPolicy(ep logger.EndpointUpdater, policy *policy.L4Policy, ...) (error, func() error)
- func (p *Proxy) UseCurrentNetworkPolicy(ep logger.EndpointUpdater, policy *policy.L4Policy, wg *completion.WaitGroup)
- type ProxyPort
- type Redirect
- type RedirectImplementation
Constants ¶
const ProxyKeepAlivePeriod = time.Duration(5) * time.Minute
ProxyKeepAlivePeriod is the time used for sending periodic keepalives on proxy connections. Cross-reference with datapath PROXY_DEFAULT_LIFETIME.
Variables ¶
var ( // DefaultDNSProxy is the global, shared, DNS Proxy singleton. DefaultDNSProxy *dnsproxy.DNSProxy )
var ( // DefaultEndpointInfoRegistry is the default instance implementing the // EndpointInfoRegistry interface. DefaultEndpointInfoRegistry logger.EndpointInfoRegistry = &defaultEndpointInfoRegistry{} )
Functions ¶
func ChangeLogLevel ¶
ChangeLogLevel changes proxy log level to correspond to the logrus log level 'level'.
func GetProxyPort ¶
GetProxyPort() returns the fixed listen port for a proxy, if any.
Types ¶
type DatapathUpdater ¶
type Proxy ¶
Proxy maintains state about redirects
func StartProxySupport ¶
func StartProxySupport(minPort uint16, maxPort uint16, stateDir string, accessLogFile string, accessLogNotifier logger.LogRecordNotifier, accessLogMetadata []string, datapathUpdater DatapathUpdater) *Proxy
StartProxySupport starts the servers to support L7 proxies: xDS GRPC server and access log server.
func (*Proxy) CreateOrUpdateRedirect ¶
func (p *Proxy) CreateOrUpdateRedirect(l4 *policy.L4Filter, id string, localEndpoint logger.EndpointUpdater, wg *completion.WaitGroup) (proxyPort uint16, err error, finalizeFunc revert.FinalizeFunc, revertFunc revert.RevertFunc)
CreateOrUpdateRedirect creates or updates a L4 redirect with corresponding proxy configuration. This will allocate a proxy port as required and launch a proxy instance. If the redirect is already in place, only the rules will be updated. The proxy listening port is returned, but proxy configuration on that port may still be ongoing asynchronously. Caller should wait for successful completion on 'wg' before assuming the returned proxy port is listening. Caller must call exactly one of the returned functions: - finalizeFunc to make the changes stick, or - revertFunc to cancel the changes.
func (*Proxy) GetStatusModel ¶
func (p *Proxy) GetStatusModel() *models.ProxyStatus
GetStatusModel returns the proxy status as API model
func (*Proxy) ReinstallRules ¶
func (p *Proxy) ReinstallRules()
ReinstallRules is called by daemon reconfiguration to re-install proxy ports rules that were removed during the removal of all Cilium rules.
func (*Proxy) RemoveRedirect ¶
func (p *Proxy) RemoveRedirect(id string, wg *completion.WaitGroup) (error, revert.FinalizeFunc, revert.RevertFunc)
RemoveRedirect removes an existing redirect that has been successfully created earlier.
func (*Proxy) SetProxyPort ¶
SetProxyPort() marks the proxy 'name' as successfully created with proxy port 'port' and creates or updates the datapath rules accordingly. This should only be called for proxies that have a static listener that is already listening on 'port'. May only be called once per proxy.
func (*Proxy) UpdateNetworkPolicy ¶
func (p *Proxy) UpdateNetworkPolicy(ep logger.EndpointUpdater, policy *policy.L4Policy, ingressPolicyEnforced, egressPolicyEnforced bool, wg *completion.WaitGroup) (error, func() error)
UpdateNetworkPolicy must update the redirect configuration of an endpoint in the proxy
func (*Proxy) UseCurrentNetworkPolicy ¶
func (p *Proxy) UseCurrentNetworkPolicy(ep logger.EndpointUpdater, policy *policy.L4Policy, wg *completion.WaitGroup)
UseCurrentNetworkPolicy inserts a Completion to the WaitGroup if the current network policy has not yet been acked
type RedirectImplementation ¶
type RedirectImplementation interface { // UpdateRules notifies the proxy implementation that the new rules in // parameter l4 are to be applied. The implementation should .Add to the // WaitGroup if the update is asynchronous and the update should not return // until it is complete. // The returned RevertFunc must be non-nil. // Note: UpdateRules is not called when a redirect is created. UpdateRules(wg *completion.WaitGroup, l4 *policy.L4Filter) (revert.RevertFunc, error) // Close closes and cleans up resources associated with the redirect // implementation. The implementation should .Add to the WaitGroup if the // update is asynchronous and the update should not return until it is // complete. Close(wg *completion.WaitGroup) (revert.FinalizeFunc, revert.RevertFunc) }
RedirectImplementation is the generic proxy redirect interface that each proxy redirect type must implement