netconf

package
v0.43.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 22, 2024 License: MIT Imports: 20 Imported by: 7

Documentation

Overview

Package netconf groups functionality to configure networking related resources.

Index

Constants

View Source 
const (
	// ForwardPolicyDrop drops packets which try to go through the forwarding chain
	ForwardPolicyDrop = ForwardPolicy("drop")
	// ForwardPolicyAccept accepts packets which try to go through the forwarding chain
	ForwardPolicyAccept = ForwardPolicy("accept")
)
View Source 
const (
	// FRRVersion holds a string that is used in the frr.conf to define the FRR version.
	FRRVersion = "8.3"
	// TplFirewallFRR defines the name of the template to render FRR configuration to a 'firewall'.
	TplFirewallFRR = "frr.firewall.tpl"
	// TplMachineFRR defines the name of the template to render FRR configuration to a 'machine'.
	TplMachineFRR = "frr.machine.tpl"
	// IPPrefixListSeqSeed specifies the initial value for prefix lists sequence number.
	IPPrefixListSeqSeed = 100
	// IPPrefixListNoExportSuffix defines the suffix to use for private IP ranges that must not be exported.
	IPPrefixListNoExportSuffix = "-no-export"
	// RouteMapOrderSeed defines the initial value for route-map order.
	RouteMapOrderSeed = 10
	// AddressFamilyIPv4 is the name for this address family for the routing daemon.
	AddressFamilyIPv4 = "ip"
	// AddressFamilyIPv6 is the name for this address family for the routing daemon.
	AddressFamilyIPv6 = "ipv6"
)
View Source 
const (
	// IPv4ZeroCIDR is the CIDR block for the whole IPv4 address space
	IPv4ZeroCIDR = "0.0.0.0/0"

	// IPv6ZeroCIDR is the CIDR block for the whole IPv6 address space
	IPv6ZeroCIDR = "::/0"
	// Permit defines an access policy that allows access.
	Permit AccessPolicy = iota
	// Deny defines an access policy that forbids access.
	Deny
)
View Source 
const (
	// TplNftables defines the name of the template to render nftables configuration.
	TplNftables = "nftrules.tpl"
)
View Source 
const (
	// VLANOffset defines a number to start with when creating new VLAN IDs.
	VLANOffset = 1000
)

Variables

This section is empty.

Functions

func MustParseTpl added in v0.31.1 

func MustParseTpl(tplName string) *template.Template

func New added in v0.30.0 

func New(log *slog.Logger, path string) (*config, error)

New creates a new instance of this type.

func NewFrrConfigApplier 

func NewFrrConfigApplier(kind BareMetalType, c config, tmpFile string) net.Applier

NewFrrConfigApplier constructs a new Applier of the given type of Bare Metal.

func NewNftablesExporterServiceApplier 

func NewNftablesExporterServiceApplier(kb config, v net.Validator) (net.Applier, error)

NewNftablesExporterServiceApplier constructs a new instance of this type.

Types

type AccessPolicy 

type AccessPolicy int

AccessPolicy is a type that represents a policy to manage access roles.

func (AccessPolicy) String 

func (p AccessPolicy) String() string

type AddrSpec added in v0.7.0 

type AddrSpec struct {
	AddressFamily string
	Address       string
}

type AddressFamily 

type AddressFamily string

AddressFamily is the address family for the routing daemon.

type BareMetalType 

type BareMetalType int

BareMetalType defines the type of configuration to apply. 

const (
	// Firewall defines the bare metal server to function as firewall.
	Firewall BareMetalType = iota
	// Machine defines the bare metal server to function as machine.
	Machine
)

type Bridge 

type Bridge struct {
	Ports string
	Vids  string
}

Bridge represents a network bridge.

type CommonFRRData 

type CommonFRRData struct {
	ASN        int64
	Comment    string
	FRRVersion string
	Hostname   string
	RouterID   string
}

CommonFRRData contains attributes that are common to FRR configuration of all kind of bare metal servers.

type Configurator 

type Configurator interface {
	Configure(forwardPolicy ForwardPolicy)
	ConfigureNftables(forwardPolicy ForwardPolicy)
}

Configurator is an interface to configure bare metal servers.

func NewConfigurator 

func NewConfigurator(kind BareMetalType, c config, enableDNS bool) (Configurator, error)

NewConfigurator creates a new configurator.

type DNAT added in v0.7.0 

type DNAT struct {
	Comment      string
	InInterfaces []string
	DAddr        string
	Port         string
	Zone         string
	DestSpec     AddrSpec
}

DNAT holds the information required to configure DNAT.

type EVPNIface 

type EVPNIface struct {
	Comment string
	VRF     VRF
	SVI     SVI
	VXLAN   VXLAN
}

EVPNIface represents the information required to render EVPN interfaces configuration.

type FirewallFRRData 

type FirewallFRRData struct {
	CommonFRRData
	VRFs []VRF
}

FirewallFRRData contains attributes required to render frr.conf of bare metal servers that function as 'firewall'.

type FirewallRules added in v0.42.0 

type FirewallRules struct {
	Egress  []string
	Ingress []string
}

type ForwardPolicy added in v0.40.0 

type ForwardPolicy string

ForwardPolicy defines how packets in the forwarding chain are handled, can be either drop or accept. drop will be the standard for firewalls which are not managed by kubernetes resources (CWNPs)

type HostnameData 

type HostnameData struct {
	Comment, Hostname string
}

HostnameData contains attributes to render hostname file.

type HostnameValidator 

type HostnameValidator struct {
	// contains filtered or unexported fields
}

HostnameValidator validates hostname changes.

func (HostnameValidator) Validate 

func (v HostnameValidator) Validate() error

Validate validates hostname rendering.

type HostsData 

type HostsData struct {
	Comment  string
	Hostname string
	IP       string
}

HostsData contains data to render hosts file.

type HostsValidator 

type HostsValidator struct {
	// contains filtered or unexported fields
}

HostsValidator validates hosts file.

func (HostsValidator) Validate 

func (v HostsValidator) Validate() error

Validate validates hosts file.

type IPPrefixList 

type IPPrefixList struct {
	Name          string
	Spec          string
	AddressFamily AddressFamily
	// SourceVRF specifies from which VRF the given prefix list should be imported
	SourceVRF string
}

IPPrefixList represents 'ip prefix-list' filtering mechanism to be used in combination with route-maps.

type Identity 

type Identity struct {
	Comment string
	ID      int
}

Identity represents an object's identity.

type IfacesData 

type IfacesData struct {
	Comment    string
	Loopback   Loopback
	EVPNIfaces []EVPNIface
}

IfacesData contains attributes required to render network interfaces configuration of a bare metal server.

type ImportSettings added in v0.7.1 

type ImportSettings struct {
	ImportPrefixes         []importPrefix
	ImportPrefixesNoExport []importPrefix
}

type Loopback 

type Loopback struct {
	Comment string
	IPs     []string
}

Loopback represents a loopback interface (lo).

type MachineFRRData 

type MachineFRRData struct {
	CommonFRRData
}

MachineFRRData contains attributes required to render frr.conf of bare metal servers that function as 'machine'.

type NftablesData 

type NftablesData struct {
	Comment       string
	SNAT          []SNAT
	DNSProxyDNAT  DNAT
	VPN           bool
	ForwardPolicy string
	FirewallRules FirewallRules
}

NftablesData represents the information required to render nftables configuration.

type NftablesExporterData 

type NftablesExporterData struct {
	Comment   string
	TenantVrf string
}

NftablesExporterData contains the data to render the nftables_exporter service template.

type NftablesReloader added in v0.8.0 

type NftablesReloader struct{}

func (*NftablesReloader) Reload added in v0.8.0 

func (*NftablesReloader) Reload() error

type NftablesValidator 

type NftablesValidator struct {
	// contains filtered or unexported fields
}

NftablesValidator can validate configuration for nftables rules.

func (NftablesValidator) Validate 

func (v NftablesValidator) Validate() error

Validate validates network interfaces configuration.

type NodeExporterData 

type NodeExporterData struct {
	Comment   string
	TenantVrf string
}

NodeExporterData contains the data to render the node_exporter service template.

type RouteMap 

type RouteMap struct {
	Name    string
	Entries []string
	Policy  string
	Order   int
}

RouteMap represents a route-map to permit or deny routes.

type SNAT 

type SNAT struct {
	Comment      string
	OutInterface string
	OutIntSpec   AddrSpec
	SourceSpecs  []AddrSpec
}

SNAT holds the information required to configure Source NAT.

type SVI 

type SVI struct {
	VLANID    int
	Comment   string
	Addresses []string
}

SVI represents a switched virtual interface.

type SuricataConfigData 

type SuricataConfigData struct {
	Comment         string
	DefaultRouteVrf string
	Interface       string
}

SuricataConfigData represents the information required to render suricata configuration.

type SuricataDefaultsData 

type SuricataDefaultsData struct {
	Comment   string
	Interface string
}

SuricataDefaultsData represents the information required to render suricata defaults.

type SuricataUpdateData 

type SuricataUpdateData struct {
	Comment         string
	DefaultRouteVrf string
}

SuricataUpdateData contains the data to render the suricata-update service template.

type SystemdCommonData 

type SystemdCommonData struct {
	Comment string
	Index   int
}

SystemdCommonData contains attributes common to systemd.network and systemd.link files.

type SystemdLinkData 

type SystemdLinkData struct {
	SystemdCommonData
	MAC        string
	MTU        int
	EVPNIfaces []EVPNIface
}

SystemdLinkData contains attributes required to render systemd.link files.

type TailscaleData added in v0.20.0 

type TailscaleData struct {
	MachineID       string
	AuthKey         string
	Address         string
	DefaultRouteVrf string
}

TailscaleData contains the data to render the Tailscale service template.

type TailscaledData added in v0.20.0 

type TailscaledData struct {
	TailscaledPort  string
	DefaultRouteVrf string
}

TailscaledData contains the data to render the tailscaled service template.

type VRF 

type VRF struct {
	Identity
	Table          int
	VNI            int
	ImportVRFNames []string
	IPPrefixLists  []IPPrefixList
	RouteMaps      []RouteMap
}

VRF represents data required to render VRF information into frr.conf.

type VXLAN 

type VXLAN struct {
	Identity
	TunnelIP string
}

VXLAN represents a VXLAN interface.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.