Documentation
¶
Index ¶
- Constants
- func AddChains(table string, expected map[string][][]string) error
- func CheckChainsExist(table string, expected map[string][][]string) bool
- func DNATRuleSpec(dstIP, srcIP, dPort, destinationIP, destinationPort string) []string
- func DirectTCPIPHandler(srv *glssh.Server, conn *ssh.ServerConn, newChan ssh.NewChannel, ...)
- func GetHexIP(ip string) (string, error)
- func GetRuleName(ip string) (string, error)
- func IsPortOpen(ip, port string) bool
- func NewSSHServer(addr string) glssh.Server
- func ReplaceChains(table string, expected map[string][][]string) error
- func RuleSyncingCondition(stat corev1.ConditionStatus) status.Condition
- func RuleUpdatingCondition(stat corev1.ConditionStatus) status.Condition
- func SNATRuleSpec(dstIP, srcIP, dPort string) []string
- type Controller
- type ReconcilerInterface
- type Tunnel
Constants ¶
const ( // TableNAT represents nat table in iptables TableNAT = "nat" // ChainPrerouting represents PREROUTING chain in iptables ChainPrerouting = "PREROUTING" // ChainPostrouting represents POSTROUTING chain in iptables ChainPostrouting = "POSTROUTING" )
const ( // MinPort is the smallest port number that can be used by forwarder pod MinPort = 2049 // MaxPort is the biggest port number that can be used by forwarder pod MaxPort = 65536 )
const ( // SSHPort is port number to used for ssh server // TODO: change this to variable SSHPort = "2022" )
Variables ¶
This section is empty.
Functions ¶
func AddChains ¶
AddChains adds {expected} rules in {table}. Existing ruleSpec in the chains won't be deleted. It returns error if there are any error on adding chains. {expected} is passed as a map of chain name to slice of ruleSpec. ex) to specify "-j pre1" and "-j pre2" in "PREROUTING" chain
map[string][][]string{"PREROUTING": [][]string{{"-j", "pre1"}, {"-j", "pre2"}}}
func CheckChainsExist ¶
CheckChainsExist checks if all {expected} rules exist in {table}. It returns error if it fails to find any expected rules or there's error in checking {expected} is passed as a map of chain name to slice of ruleSpec. ex) to specify "-j pre1" and "-j pre2" in "PREROUTING" chain
map[string][][]string{"PREROUTING": [][]string{{"-j", "pre1"}, {"-j", "pre2"}}}
func DNATRuleSpec ¶
DNATRuleSpec returns ruleSpec to DNAT for the given arguments
func DirectTCPIPHandler ¶
func DirectTCPIPHandler(srv *glssh.Server, conn *ssh.ServerConn, newChan ssh.NewChannel, ctx glssh.Context)
DirectTCPIPHandler is a handler for direct-tcpip. This is modified from gliderlabs original one so that it can reserve source ip.
func GetRuleName ¶
GetRuleName returns configmap name for gateway which has ip ex) 192.168.122.1 -> gwrulec0a87a01
func IsPortOpen ¶
IsPortOpen checks if ip:port is open by connecting to it It returns false if there is an error connecting to it or connection is nil, otherwise it returns true.
func NewSSHServer ¶
NewSSHServer returns ssh server instance that will listen on {addr}
func ReplaceChains ¶
ReplaceChains replaces rules in {table} to {expected}. Existing rules in the chains will be deleted. It returns error if there are any error on replacing chains. {expected} is passed as a map of chain name to slice of ruleSpec. ex) to specify "-j pre1" and "-j pre2" in "PREROUTING" chain
map[string][][]string{"PREROUTING": [][]string{{"-j", "pre1"}, {"-j", "pre2"}}}
func RuleSyncingCondition ¶
func RuleSyncingCondition(stat corev1.ConditionStatus) status.Condition
RuleSyncingCondition sets submarinerv1alpha1.ConditionRuleSyncing to stat
func RuleUpdatingCondition ¶
func RuleUpdatingCondition(stat corev1.ConditionStatus) status.Condition
RuleUpdatingCondition sets submarinerv1alpha1.ConditionRuleUpdating to stat
func SNATRuleSpec ¶
SNATRuleSpec returns ruleSpec to SNAT for the given arguments
Types ¶
type Controller ¶
type Controller struct {
// contains filtered or unexported fields
}
Controller represents a cotroller
func NewController ¶
func NewController(cl clv1alpha1.SubmarinerV1alpha1Interface, informerFactory sbinformers.SharedInformerFactory, informer cache.SharedIndexInformer, reconciler ReconcilerInterface) *Controller
NewController returns a controller instance
type ReconcilerInterface ¶
ReconcilerInterface is an interface for reconciler
type Tunnel ¶
type Tunnel struct {
Cancel context.CancelFunc
// contains filtered or unexported fields
}
Tunnel represents ssh tunnel
func NewTunnel ¶
func NewTunnel(local, server, remote string, config *ssh.ClientConfig) *Tunnel
NewTunnel returns a Tunnel instance
func (*Tunnel) Forward ¶
Forward implements ssh forward functionality. It forwards remote endpoint to local endpoint via server endpoint where ssh forward server running. Forward() can be canceled by calling Cancel().
func (*Tunnel) ForwardNB ¶
func (t *Tunnel) ForwardNB()
ForwardNB is non-blocking version of Forward It retries with exponential backoff on failure.
func (*Tunnel) RemoteForward ¶
RemoteForward implements ssh remote forward functionality. It forwards local endpoint to remote endpoint via server endpoint where ssh forward server running. RemoteForward() can be canceled by calling Cancel().
func (*Tunnel) RemoteForwardNB ¶
func (t *Tunnel) RemoteForwardNB()
RemoteForwardNB is non-blocking version of RemoteForward It retries with exponential backoff on failure.
Source Files
Directories