Documentation ¶
Overview ¶
Package netconf groups functionality to configure networking related resources.
Index ¶
- Constants
- func MustParseTpl(tplName string) *template.Template
- func New(log *slog.Logger, path string) (*config, error)
- func NewFrrConfigApplier(kind BareMetalType, c config, tmpFile string) net.Applier
- func NewNftablesExporterServiceApplier(kb config, v net.Validator) (net.Applier, error)
- type AccessPolicy
- type AddrSpec
- type AddressFamily
- type BareMetalType
- type Bridge
- type CommonFRRData
- type Configurator
- type DNAT
- type EVPNIface
- type FirewallFRRData
- type FirewallRules
- type ForwardPolicy
- type HostnameData
- type HostnameValidator
- type HostsData
- type HostsValidator
- type IPPrefixList
- type Identity
- type IfacesData
- type ImportSettings
- type Loopback
- type MachineFRRData
- type NftablesData
- type NftablesExporterData
- type NftablesReloader
- type NftablesValidator
- type NodeExporterData
- type RouteMap
- type SNAT
- type SVI
- type SuricataConfigData
- type SuricataDefaultsData
- type SuricataUpdateData
- type SystemdCommonData
- type SystemdLinkData
- type TailscaleData
- type TailscaledData
- type VRF
- type VXLAN
Constants ¶
const ( // ForwardPolicyDrop drops packets which try to go through the forwarding chain ForwardPolicyDrop = ForwardPolicy("drop") // ForwardPolicyAccept accepts packets which try to go through the forwarding chain ForwardPolicyAccept = ForwardPolicy("accept") )
const ( // FRRVersion holds a string that is used in the frr.conf to define the FRR version. FRRVersion = "8.3" // TplFirewallFRR defines the name of the template to render FRR configuration to a 'firewall'. TplFirewallFRR = "frr.firewall.tpl" // TplMachineFRR defines the name of the template to render FRR configuration to a 'machine'. TplMachineFRR = "frr.machine.tpl" // IPPrefixListSeqSeed specifies the initial value for prefix lists sequence number. IPPrefixListSeqSeed = 100 // IPPrefixListNoExportSuffix defines the suffix to use for private IP ranges that must not be exported. IPPrefixListNoExportSuffix = "-no-export" // RouteMapOrderSeed defines the initial value for route-map order. RouteMapOrderSeed = 10 // AddressFamilyIPv4 is the name for this address family for the routing daemon. AddressFamilyIPv4 = "ip" // AddressFamilyIPv6 is the name for this address family for the routing daemon. AddressFamilyIPv6 = "ipv6" )
const ( // IPv4ZeroCIDR is the CIDR block for the whole IPv4 address space IPv4ZeroCIDR = "0.0.0.0/0" // IPv6ZeroCIDR is the CIDR block for the whole IPv6 address space IPv6ZeroCIDR = "::/0" // Permit defines an access policy that allows access. Permit AccessPolicy = iota // Deny defines an access policy that forbids access. Deny )
const (
// TplNftables defines the name of the template to render nftables configuration.
TplNftables = "nftrules.tpl"
)
const (
// VLANOffset defines a number to start with when creating new VLAN IDs.
VLANOffset = 1000
)
Variables ¶
This section is empty.
Functions ¶
func MustParseTpl ¶ added in v0.31.1
func NewFrrConfigApplier ¶
func NewFrrConfigApplier(kind BareMetalType, c config, tmpFile string) net.Applier
NewFrrConfigApplier constructs a new Applier of the given type of Bare Metal.
Types ¶
type AccessPolicy ¶
type AccessPolicy int
AccessPolicy is a type that represents a policy to manage access roles.
func (AccessPolicy) String ¶
func (p AccessPolicy) String() string
type AddressFamily ¶
type AddressFamily string
AddressFamily is the address family for the routing daemon.
type BareMetalType ¶
type BareMetalType int
BareMetalType defines the type of configuration to apply.
const ( // Firewall defines the bare metal server to function as firewall. Firewall BareMetalType = iota // Machine defines the bare metal server to function as machine. Machine )
type CommonFRRData ¶
type CommonFRRData struct { ASN int64 Comment string FRRVersion string Hostname string RouterID string }
CommonFRRData contains attributes that are common to FRR configuration of all kind of bare metal servers.
type Configurator ¶
type Configurator interface { Configure(forwardPolicy ForwardPolicy) ConfigureNftables(forwardPolicy ForwardPolicy) }
Configurator is an interface to configure bare metal servers.
func NewConfigurator ¶
func NewConfigurator(kind BareMetalType, c config, enableDNS bool) (Configurator, error)
NewConfigurator creates a new configurator.
type DNAT ¶ added in v0.7.0
type DNAT struct { Comment string InInterfaces []string DAddr string Port string Zone string DestSpec AddrSpec }
DNAT holds the information required to configure DNAT.
type EVPNIface ¶
EVPNIface represents the information required to render EVPN interfaces configuration.
type FirewallFRRData ¶
type FirewallFRRData struct { CommonFRRData VRFs []VRF }
FirewallFRRData contains attributes required to render frr.conf of bare metal servers that function as 'firewall'.
type FirewallRules ¶ added in v0.42.0
type ForwardPolicy ¶ added in v0.40.0
type ForwardPolicy string
ForwardPolicy defines how packets in the forwarding chain are handled, can be either drop or accept. drop will be the standard for firewalls which are not managed by kubernetes resources (CWNPs)
type HostnameData ¶
type HostnameData struct {
Comment, Hostname string
}
HostnameData contains attributes to render hostname file.
type HostnameValidator ¶
type HostnameValidator struct {
// contains filtered or unexported fields
}
HostnameValidator validates hostname changes.
func (HostnameValidator) Validate ¶
func (v HostnameValidator) Validate() error
Validate validates hostname rendering.
type HostsValidator ¶
type HostsValidator struct {
// contains filtered or unexported fields
}
HostsValidator validates hosts file.
func (HostsValidator) Validate ¶
func (v HostsValidator) Validate() error
Validate validates hosts file.
type IPPrefixList ¶
type IPPrefixList struct { Name string Spec string AddressFamily AddressFamily // SourceVRF specifies from which VRF the given prefix list should be imported SourceVRF string }
IPPrefixList represents 'ip prefix-list' filtering mechanism to be used in combination with route-maps.
type IfacesData ¶
IfacesData contains attributes required to render network interfaces configuration of a bare metal server.
type ImportSettings ¶ added in v0.7.1
type ImportSettings struct { ImportPrefixes []importPrefix ImportPrefixesNoExport []importPrefix }
type MachineFRRData ¶
type MachineFRRData struct {
CommonFRRData
}
MachineFRRData contains attributes required to render frr.conf of bare metal servers that function as 'machine'.
type NftablesData ¶
type NftablesData struct { Comment string SNAT []SNAT DNSProxyDNAT DNAT VPN bool ForwardPolicy string FirewallRules FirewallRules }
NftablesData represents the information required to render nftables configuration.
type NftablesExporterData ¶
NftablesExporterData contains the data to render the nftables_exporter service template.
type NftablesReloader ¶ added in v0.8.0
type NftablesReloader struct{}
func (*NftablesReloader) Reload ¶ added in v0.8.0
func (*NftablesReloader) Reload() error
type NftablesValidator ¶
type NftablesValidator struct {
// contains filtered or unexported fields
}
NftablesValidator can validate configuration for nftables rules.
func (NftablesValidator) Validate ¶
func (v NftablesValidator) Validate() error
Validate validates network interfaces configuration.
type NodeExporterData ¶
NodeExporterData contains the data to render the node_exporter service template.
type SuricataConfigData ¶
SuricataConfigData represents the information required to render suricata configuration.
type SuricataDefaultsData ¶
SuricataDefaultsData represents the information required to render suricata defaults.
type SuricataUpdateData ¶
SuricataUpdateData contains the data to render the suricata-update service template.
type SystemdCommonData ¶
SystemdCommonData contains attributes common to systemd.network and systemd.link files.
type SystemdLinkData ¶
type SystemdLinkData struct { SystemdCommonData MAC string MTU int EVPNIfaces []EVPNIface }
SystemdLinkData contains attributes required to render systemd.link files.
type TailscaleData ¶ added in v0.20.0
TailscaleData contains the data to render the Tailscale service template.
type TailscaledData ¶ added in v0.20.0
TailscaledData contains the data to render the tailscaled service template.
Source Files ¶
- chrony.go
- configurator.go
- doc.go
- droptailer.go
- firewall_controller.go
- frr.go
- hostname.go
- hosts.go
- interfaces.go
- knowledgebase.go
- netobjects.go
- nftables.go
- nftables_exporter.go
- node_exporter.go
- routemap.go
- suricata_config.go
- suricata_defaults.go
- suricata_update.go
- systemd.go
- tailscale.go
- tailscaled.go
- template.go