isolation

package
v2.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 16, 2020 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

Package isolation provides primitives for isolating overlay from underlay

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func LinkIn added in v2.4.0 

func LinkIn(list []*LinkAttrs, item *LinkAttrs) bool

func LinkString added in v2.4.0 

func LinkString(links []*LinkAttrs) (stringed []string)

func NetNSFromName added in v2.4.0 

func NetNSFromName(name string) (netns.NsHandle, error)

NetNSFromName creates and returns named network namespace, or the current namespace if no name is specified

func NetlinkFromName 

func NetlinkFromName(name string) (*netlink.Handle, error)

NetlinkFromName returns netlink handle created in the specified netns

func Register added in v2.4.0 

func Register(name string, fn func(string, string) (Isolation, error))

Register registers a isolation type into a internal registry to be used by NewIsolation

Types

type Isolation 

type Isolation interface {
	// LinkEnsure ensures the existence and state of the given link is as expected
	// this method should be idempotent as it's also used to sync the state of links
	LinkEnsure(attrs *LinkAttrs, config wgtypes.Config) error
	// LinkAbsent ensures the absence of the given link
	LinkAbsent(attrs *LinkAttrs) error
	// LinkList returns the wireguard links as seen by the isolation
	LinkList() ([]*LinkAttrs, error)
}

Isolation represents a management interface for wireguard links together with the isolation technique employed to isolate overlay from underlay

func NewIsolation added in v2.4.0 

func NewIsolation(kind, transitScope, interfaceScope string) (Isolation, error)

NewIsolation provides a unified constructor for concrete implementations current supported isolation types are netns and vrf

func NewNetnsIsolation 

func NewNetnsIsolation(transitNamespace, interfaceNamespace string) (Isolation, error)

NewNetnsIsolation takes two arguments: transit and interface namespace the creation of netns is handled internally the links and sockets will be created in the transit namespace and the links will be moved into the interface namespace

type LinkAttrs added in v2.4.0 

type LinkAttrs struct {
	MTU   int
	Name  string
	Group int
}

LinkAttrs represents a single link managed by isolation

func LinkFilter added in v2.4.0 

func LinkFilter(links []*LinkAttrs, filterFunc func(*LinkAttrs) bool) (filtered []*LinkAttrs)

type NetnsIsolation 

type NetnsIsolation struct {
	// contains filtered or unexported fields
}

NetnsIsolation is the recommended implementation as by the wireguard developers It keeps the wireguard sockets and interfaces in different netns to facilitate isolation

func (*NetnsIsolation) LinkAbsent 

func (i *NetnsIsolation) LinkAbsent(attrs *LinkAttrs) error

func (*NetnsIsolation) LinkEnsure 

func (i *NetnsIsolation) LinkEnsure(attrs *LinkAttrs, config wgtypes.Config) (err error)
func (i *NetnsIsolation) LinkList() ([]*LinkAttrs, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.