Back to

Package rpcwrapper

Latest Go to latest

The latest major version is .

Published: Jul 8, 2020 | License: Apache-2.0 | Module:



const (

exported consts from the package

func RegisterTypes

func RegisterTypes()

RegisterTypes registers types that are exchanged between the controller and remoteenforcer

func TestNewRPCClient

func TestNewRPCClient(t *testing.T)

TestNewRPCClient mocks an RPC client test

type CaptureType

type CaptureType int

CaptureType identifies the type of iptables implementation that should be used

const (
	// IPTables forces an IPTables implementation
	IPTables CaptureType = iota
	// IPSets forces an IPSet implementation

type EnableDatapathPacketTracingPayLoad

type EnableDatapathPacketTracingPayLoad struct {
	Direction packettracing.TracingDirection `json:",omitempty"`
	Interval  time.Duration                  `json:",omitempty"`
	ContextID string                         `json:",omitempty"`

EnableDatapathPacketTracingPayLoad is the payload to enable nfq packet tracing in the remote container

type EnableIPTablesPacketTracingPayLoad

type EnableIPTablesPacketTracingPayLoad struct {
	IPTablesPacketTracing bool          `json:",omitempty"`
	Interval              time.Duration `json:",omitempty"`
	ContextID             string        `json:",omitempty"`

EnableIPTablesPacketTracingPayLoad is the payload message to enable iptable trace in remote containers

type EnforcePayload

type EnforcePayload struct {
	ContextID string                 `json:",omitempty"`
	Policy    *policy.PUPolicyPublic `json:",omitempty"`
	Secrets   secrets.PublicSecrets  `json:",omitempty"`

EnforcePayload Payload for enforce request

type InitRequestPayload

type InitRequestPayload struct {
	FqConfig               *fqconfig.FilterQueue  `json:",omitempty"`
	MutualAuth             bool                   `json:",omitempty"`
	PacketLogs             bool                   `json:",omitempty"`
	Validity               time.Duration          `json:",omitempty"`
	ServerID               string                 `json:",omitempty"`
	ExternalIPCacheTimeout time.Duration          `json:",omitempty"`
	Secrets                secrets.PublicSecrets  `json:",omitempty"`
	Configuration          *runtime.Configuration `json:",omitempty"`
	BinaryTokens           bool                   `json:",omitempty"`
	IsBPFEnabled           bool                   `json:",omitempty"`
	IPv6Enabled            bool                   `json:",omitempty"`

InitRequestPayload Payload for enforcer init request

type MockRPCHdl

type MockRPCHdl struct {
	Client  *rpc.Client
	Channel string

MockRPCHdl is mock of rpchdl

type PayloadType

type PayloadType int

PayloadType is the type of payload in the request.

const (
	PacketReport PayloadType = iota

Payload report types.

type PingPayload

type PingPayload struct {
	ContextID  string
	PingConfig *policy.PingConfig

PingPayload represents the payload for ping config.

type RPCClient

type RPCClient interface {
	NewRPCClient(contextID string, channel string, rpcSecret string) error
	GetRPCClient(contextID string) (*RPCHdl, error)
	RemoteCall(contextID string, methodName string, req *Request, resp *Response) error
	DestroyRPCClient(contextID string)
	ContextList() []string
	CheckValidity(req *Request, secret string) bool

RPCClient is the client interface

type RPCHdl

type RPCHdl struct {
	Client  *rpc.Client
	Channel string
	Secret  string

RPCHdl is a per client handle

type RPCServer

type RPCServer interface {
	StartServer(ctx context.Context, protocol string, path string, handler interface{}) error
	ProcessMessage(req *Request, secret string) bool
	CheckValidity(req *Request, secret string) bool

RPCServer is the server interface

func NewRPCServer

func NewRPCServer() RPCServer

NewRPCServer returns an interface RPCServer

type RPCWrapper

type RPCWrapper struct {
	// contains filtered or unexported fields

RPCWrapper is a struct which holds stats for all rpc sesions

func NewRPCWrapper

func NewRPCWrapper() *RPCWrapper

NewRPCWrapper creates a new rpcwrapper

func (*RPCWrapper) CheckValidity

func (r *RPCWrapper) CheckValidity(req *Request, secret string) bool

CheckValidity checks if the received message is valid

func (*RPCWrapper) ContextList

func (r *RPCWrapper) ContextList() []string

ContextList returns the list of active context managed by the rpcwrapper

func (*RPCWrapper) DestroyRPCClient

func (r *RPCWrapper) DestroyRPCClient(contextID string)

DestroyRPCClient calls close on the rpc and cleans up the connection

func (*RPCWrapper) GetRPCClient

func (r *RPCWrapper) GetRPCClient(contextID string) (*RPCHdl, error)

GetRPCClient gets a handle to the rpc client for the contextID( enforcer in the container)

func (*RPCWrapper) NewRPCClient

func (r *RPCWrapper) NewRPCClient(contextID string, channel string, sharedsecret string) error

NewRPCClient exported

func (*RPCWrapper) ProcessMessage

func (r *RPCWrapper) ProcessMessage(req *Request, secret string) bool

ProcessMessage checks if the given request is valid

func (*RPCWrapper) RemoteCall

func (r *RPCWrapper) RemoteCall(contextID string, methodName string, req *Request, resp *Response) error

RemoteCall is a wrapper around rpc.Call and also ensure message integrity by adding a hmac

func (*RPCWrapper) StartServer

func (r *RPCWrapper) StartServer(ctx context.Context, protocol string, path string, handler interface{}) error

StartServer Starts a server and waits for new connections this function never returns

type ReportPayload

type ReportPayload struct {
	Type    PayloadType
	Payload interface{}

ReportPayload is the generic report from remote enforcer

type Request

type Request struct {
	HashAuth    []byte
	PayloadType PayloadType
	Payload     interface{}

Request exported

type Response

type Response struct {
	Status  string
	Payload interface{} `json:",omitempty"`

Response is the response for every RPC call. This is used to carry the status of the actual function call made on the remote end

type SetLogLevelPayload

type SetLogLevelPayload struct {
	Level constants.LogLevel `json:",omitempty"`

SetLogLevelPayload payload for set log level request

type SetTargetNetworksPayload

type SetTargetNetworksPayload struct {
	Configuration *runtime.Configuration `json:",omitempty"`

SetTargetNetworksPayload carries the payload for target networks

type StatsPayload

type StatsPayload struct {
	Flows map[string]*collector.FlowRecord `json:",omitempty"`
	Users map[string]*collector.UserRecord `json:",omitempty"`

StatsPayload is the payload carries by the stats reporting form the remote enforcer

type TestRPCClient

type TestRPCClient interface {
	MockNewRPCClient(t *testing.T, impl func(contextID string, channel string, secret string) error)
	MockGetRPCClient(t *testing.T, impl func(contextID string) (*RPCHdl, error))
	MockRemoteCall(t *testing.T, impl func(contextID string, methodName string, req *Request, resp *Response) error)
	MockDestroyRPCClient(t *testing.T, impl func(contextID string))
	MockContextList(t *testing.T, impl func() []string)
	MockCheckValidity(t *testing.T, impl func(req *Request, secret string) bool)

TestRPCClient is a RPC Client used for test

func NewTestRPCClient

func NewTestRPCClient() TestRPCClient

NewTestRPCClient is a Test RPC Client

type TestRPCServer

type TestRPCServer interface {
	MockStartServer(t *testing.T, impl func(ctx context.Context, protocol string, path string, handler interface{}) error)
	MockProcessMessage(t *testing.T, impl func(req *Request, secret string) bool)
	MockCheckValidity(t *testing.T, impl func(req *Request, secret string) bool)

TestRPCServer is a RPC Server used for test

func NewTestRPCServer

func NewTestRPCServer() TestRPCServer

NewTestRPCServer is a Test RPC Server

type TokenRequestPayload

type TokenRequestPayload struct {
	ContextID        string                  `json:",omitempty"`
	Audience         string                  `json:",omitempty"`
	Validity         time.Duration           `json:",omitempty"`
	ServiceTokenType common.ServiceTokenType `json:",omitempty"`

TokenRequestPayload carries the payload for issuing tokens.

type TokenResponsePayload

type TokenResponsePayload struct {
	Token string `json:",omitempty"`

TokenResponsePayload returns the issued token.

type UnEnforcePayload

type UnEnforcePayload struct {
	ContextID string `json:",omitempty"`

UnEnforcePayload payload for unenforce request

type UpdateSecretsPayload

type UpdateSecretsPayload struct {
	Secrets secrets.PublicSecrets `json:",omitempty"`

UpdateSecretsPayload payload for the update secrets to remote enforcers

Package Files

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier