Documentation
¶
Overview ¶
Package nodeagent provides tarian node agent functionality
Index ¶
- Constants
- func SetLogger(l *zap.SugaredLogger)
- type CaptureExec
- type ExecEvent
- type K8sPodWatcher
- type NodeAgent
- func (n *NodeAgent) Dial()
- func (n *NodeAgent) EnableAddConstraint(enabled bool)
- func (n *NodeAgent) GetConstraints() []*tarianpb.Constraint
- func (n *NodeAgent) GracefulStop()
- func (n *NodeAgent) RegisterViolationsAsNewConstraint(violation *ProcessViolation)
- func (n *NodeAgent) ReportViolationsToClusterAgent(violation *ProcessViolation)
- func (n *NodeAgent) Run()
- func (n *NodeAgent) SetConstraints(constraints []*tarianpb.Constraint)
- func (n *NodeAgent) SetNodeName(name string)
- func (n *NodeAgent) SyncConstraints()
- func (n *NodeAgent) ValidateProcess(evt *ExecEvent) *ProcessViolation
- type PodWatcher
- type ProcessViolation
Constants ¶
View Source
const ( // ContainerIDLength is the standard length of the Container ID ContainerIDLength = 64 // BpfContainerIDLength Minimum 31 chars to assume it is a Container ID // in case it was truncated BpfContainerIDLength = 31 DockerIDLength = 128 HostProcDir = "/host/proc" )
View Source
const ( ThreatScanAnnotation = "pod-agent.k8s.tarian.dev/threat-scan" RegisterAnnotation = "pod-agent.k8s.tarian.dev/register" )
Variables ¶
This section is empty.
Functions ¶
func SetLogger ¶
func SetLogger(l *zap.SugaredLogger)
Types ¶
type CaptureExec ¶
type CaptureExec struct {
// contains filtered or unexported fields
}
func NewCaptureExec ¶
func NewCaptureExec() (*CaptureExec, error)
func (*CaptureExec) Close ¶
func (c *CaptureExec) Close()
func (*CaptureExec) GetEventsChannel ¶
func (c *CaptureExec) GetEventsChannel() chan ExecEvent
func (*CaptureExec) SetNodeName ¶
func (c *CaptureExec) SetNodeName(name string)
func (*CaptureExec) Start ¶
func (c *CaptureExec) Start()
type K8sPodWatcher ¶
type NodeAgent ¶
type NodeAgent struct {
// contains filtered or unexported fields
}
func NewNodeAgent ¶
func (*NodeAgent) EnableAddConstraint ¶
func (*NodeAgent) GetConstraints ¶
func (n *NodeAgent) GetConstraints() []*tarianpb.Constraint
func (*NodeAgent) GracefulStop ¶
func (n *NodeAgent) GracefulStop()
func (*NodeAgent) RegisterViolationsAsNewConstraint ¶
func (n *NodeAgent) RegisterViolationsAsNewConstraint(violation *ProcessViolation)
func (*NodeAgent) ReportViolationsToClusterAgent ¶
func (n *NodeAgent) ReportViolationsToClusterAgent(violation *ProcessViolation)
func (*NodeAgent) SetConstraints ¶
func (n *NodeAgent) SetConstraints(constraints []*tarianpb.Constraint)
func (*NodeAgent) SetNodeName ¶
func (*NodeAgent) SyncConstraints ¶
func (n *NodeAgent) SyncConstraints()
func (*NodeAgent) ValidateProcess ¶
func (n *NodeAgent) ValidateProcess(evt *ExecEvent) *ProcessViolation
type PodWatcher ¶
type PodWatcher struct {
// contains filtered or unexported fields
}
func NewPodWatcher ¶
func NewPodWatcher(k8sClient *kubernetes.Clientset, nodeName string) *PodWatcher
func (*PodWatcher) Start ¶
func (watcher *PodWatcher) Start()
type ProcessViolation ¶
type ProcessViolation struct {
ExecEvent
}
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.