Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config

type Config struct {
	sync.Mutex
	// contains filtered or unexported fields
}

    Config is the structure holding all information about the supervisor

    func NewSupervisor

    func NewSupervisor(collector collector.EventCollector, enforcerInstance enforcer.PolicyEnforcer, mode constants.ModeType, implementation constants.ImplementationType, networks []string) (*Config, error)

      NewSupervisor will create a new connection supervisor that uses IPTables to redirect specific packets to userspace. It instantiates multiple data stores to maintain efficient mappings between contextID, policy and IP addresses. This simplifies the lookup operations at the expense of memory.

      func (*Config) SetTargetNetworks

      func (s *Config) SetTargetNetworks(networks []string) error

        SetTargetNetworks sets the target networks of the supervisor

        func (*Config) Start

        func (s *Config) Start() error

          Start starts the supervisor

          func (*Config) Stop

          func (s *Config) Stop() error

            Stop stops the supervisor

            func (*Config) Supervise

            func (s *Config) Supervise(contextID string, containerInfo *policy.PUInfo) error

              Supervise creates a mapping between an IP address and the corresponding labels. it invokes the various handlers that process the parameter policy.

              func (*Config) Unsupervise

              func (s *Config) Unsupervise(contextID string) error

                Unsupervise removes the mapping from cache and cleans up the iptable rules. ALL remove operations will print errors by they don't return error. We want to force as much cleanup as possible to avoid stale state

                type Implementor

                type Implementor interface {
                
                	// ConfigureRules
                	ConfigureRules(version int, contextID string, containerInfo *policy.PUInfo) error
                
                	// UpdateRules
                	UpdateRules(version int, contextID string, containerInfo *policy.PUInfo) error
                
                	// DeleteRules
                	DeleteRules(version int, context string, ipAddresses policy.ExtendedMap, port string, mark string, uid string) error
                
                	// SetTargetNetworks sets the target networks of the supervisor
                	SetTargetNetworks([]string, []string) error
                
                	// Start initializes any defaults
                	Start() error
                
                	// Stop cleans up state
                	Stop() error
                }

                  Implementor is the interface of the implementation based on iptables, ipsets, remote etc

                  type Supervisor

                  type Supervisor interface {
                  
                  	// Supervise adds a new supervised processing unit.
                  	Supervise(contextID string, puInfo *policy.PUInfo) error
                  
                  	// Unsupervise unsupervises the given PU
                  	Unsupervise(contextID string) error
                  
                  	// Start starts the Supervisor.
                  	Start() error
                  
                  	// Stop stops the Supervisor.
                  	Stop() error
                  
                  	// SetTargetNetworks sets the target networks of the supervisor
                  	SetTargetNetworks([]string) error
                  }

                    A Supervisor is implementing the node control plane that captures the packets.

                    type TestSupervisor

                    type TestSupervisor interface {
                    	Supervisor
                    	MockSupervise(t *testing.T, impl func(contextID string, puInfo *policy.PUInfo) error)
                    	MockUnsupervise(t *testing.T, impl func(contextID string) error)
                    	MockStart(t *testing.T, impl func() error)
                    	MockStop(t *testing.T, impl func() error)
                    	MockAddExcludedIPs(t *testing.T, impl func(ips []string) error)
                    	MockSetTargetNetworks(t *testing.T, impl func(networks []string) error)
                    }

                      TestSupervisor is a test implementation for IptablesProvider

                      type TestSupervisorInst

                      type TestSupervisorInst struct {
                      	// contains filtered or unexported fields
                      }

                        A TestSupervisorInst is an empty TransactionalManipulator that can be easily mocked.

                        func NewTestSupervisor

                        func NewTestSupervisor() *TestSupervisorInst

                          NewTestSupervisor returns a new TestManipulator.

                          func (*TestSupervisorInst) AddExcludedIPs

                          func (m *TestSupervisorInst) AddExcludedIPs(ips []string) error

                            AddExcludedIPs is a test implementation of the AddExcludedIPs interface

                            func (*TestSupervisorInst) MockAddExcludedIPs

                            func (m *TestSupervisorInst) MockAddExcludedIPs(t *testing.T, impl func(ip []string) error)

                              MockAddExcludedIPs mocks AddExcludedIPs

                              func (*TestSupervisorInst) MockSetTargetNetworks

                              func (m *TestSupervisorInst) MockSetTargetNetworks(t *testing.T, impl func(networks []string) error)

                                MockSetTargetNetworks mocks the SetTargetNetworks method

                                func (*TestSupervisorInst) MockStart

                                func (m *TestSupervisorInst) MockStart(t *testing.T, impl func() error)

                                  MockStart mocks the Start method

                                  func (*TestSupervisorInst) MockStop

                                  func (m *TestSupervisorInst) MockStop(t *testing.T, impl func() error)

                                    MockStop mocks the Stop method

                                    func (*TestSupervisorInst) MockSupervise

                                    func (m *TestSupervisorInst) MockSupervise(t *testing.T, impl func(contextID string, puInfo *policy.PUInfo) error)

                                      MockSupervise mocks the Supervise method

                                      func (*TestSupervisorInst) MockUnsupervise

                                      func (m *TestSupervisorInst) MockUnsupervise(t *testing.T, impl func(contextID string) error)

                                        MockUnsupervise mocks the unsupervise method

                                        func (*TestSupervisorInst) SetTargetNetworks

                                        func (m *TestSupervisorInst) SetTargetNetworks(networks []string) error

                                          SetTargetNetworks is a test implementation of the SetTargetNetworks interface method

                                          func (*TestSupervisorInst) Start

                                          func (m *TestSupervisorInst) Start() error

                                            Start is a test implementation of the Start interface method

                                            func (*TestSupervisorInst) Stop

                                            func (m *TestSupervisorInst) Stop() error

                                              Stop is a test implementation of the Stop interface method

                                              func (*TestSupervisorInst) Supervise

                                              func (m *TestSupervisorInst) Supervise(contextID string, puInfo *policy.PUInfo) error

                                                Supervise is a test implementation of the Supervise interface

                                                func (*TestSupervisorInst) Unsupervise

                                                func (m *TestSupervisorInst) Unsupervise(contextID string) error

                                                  Unsupervise is a test implementation of the Unsupervise interface

                                                  Directories

                                                  Path Synopsis
                                                  nolint
                                                  nolint
                                                  mock
                                                  nolint nolint
                                                  nolint nolint
                                                  Package supervisorproxy package implements the supervisor interface and forwards the requests on this interface to a remote supervisor over an rpc call.
                                                  Package supervisorproxy package implements the supervisor interface and forwards the requests on this interface to a remote supervisor over an rpc call.