Documentation
¶
Overview ¶
Copyright 2018 Microsoft. All rights reserved. MIT License
Copyright 2018 Microsoft. All rights reserved. MIT License
Index ¶
- Constants
- Variables
- func AppendMap(base, new map[string]string) map[string]string
- func ClearAndAppendMap(base, new map[string]string) map[string]string
- func CompareK8sVer(firstVer *version.Info, secondVer *version.Info) int
- func CompareResourceVersions(rvOld string, rvNew string) bool
- func CompareUintResourceVersions(rvOld uint64, rvNew uint64) bool
- func DropEmptyFields(s []string) []string
- func Exists(filePath string) bool
- func GetClusterID(nodeName string) string
- func GetHashedName(name string) string
- func GetIPSetListCompareLabels(orig map[string]string, new map[string]string) ([]string, []string)
- func GetIPSetListFromLabels(labels map[string]string) []string
- func GetLabelsWithoutOperators(labels []string) []string
- func GetNSNameWithPrefix(nsName string) string
- func GetObjKeyFunc(obj interface{}) (string, error)
- func GetOperatorAndLabel(label string) (string, string)
- func GetSetsFromLabels(labels map[string]string) []string
- func Hash(s string) string
- func IsNewNwPolicyVer(ver *version.Info) (bool, error)
- func ParseResourceVersion(rv string) uint64
- func SetIsNewNwPolicyVerFlag(ver *version.Info) error
- func SortMap(m *map[string]string) ([]string, []string)
- func UniqueStrSlice(s []string) []string
Constants ¶
const ( KubeSystemFlag string = "kube-system" KubePodTemplateHashFlag string = "pod-template-hash" KubeAllPodsFlag string = "all-pod" KubeAllNamespacesFlag string = "all-namespaces" KubeAppFlag string = "k8s-app" KubeProxyFlag string = "kube-proxy" KubePodStatusFailedFlag string = "Failed" KubePodStatusSucceededFlag string = "Succeeded" KubePodStatusUnknownFlag string = "Unknown" )
kubernetes related constants.
const ( Iptables string = "iptables" Ip6tables string = "ip6tables" IptablesSave string = "iptables-save" IptablesRestore string = "iptables-restore" IptablesConfigFile string = "/var/log/iptables.conf" IptablesTestConfigFile string = "/var/log/iptables-test.conf" IptablesLockFile string = "/run/xtables.lock" IptablesChainCreationFlag string = "-N" IptablesInsertionFlag string = "-I" IptablesAppendFlag string = "-A" IptablesDeletionFlag string = "-D" IptablesFlushFlag string = "-F" IptablesCheckFlag string = "-C" IptablesDestroyFlag string = "-X" IptablesJumpFlag string = "-j" IptablesWaitFlag string = "-w" IptablesAccept string = "ACCEPT" IptablesReject string = "REJECT" IptablesDrop string = "DROP" IptablesReturn string = "RETURN" IptablesMark string = "MARK" IptablesSrcFlag string = "src" IptablesDstFlag string = "dst" IptablesNotFlag string = "!" IptablesProtFlag string = "-p" IptablesSFlag string = "-s" IptablesDFlag string = "-d" IptablesDstPortFlag string = "--dport" IptablesModuleFlag string = "-m" IptablesSetModuleFlag string = "set" IptablesMatchSetFlag string = "--match-set" IptablesSetMarkFlag string = "--set-mark" IptablesMarkFlag string = "--mark" IptablesMarkVerb string = "mark" IptablesStateModuleFlag string = "state" IptablesStateFlag string = "--state" IptablesMultiportFlag string = "multiport" IptablesMultiDestportFlag string = "--dports" IptablesRelatedState string = "RELATED" IptablesEstablishedState string = "ESTABLISHED" IptablesFilterTable string = "filter" IptablesCommentModuleFlag string = "comment" IptablesCommentFlag string = "--comment" IptablesAddCommentFlag IptablesAzureChain string = "AZURE-NPM" IptablesAzureAcceptChain string = "AZURE-NPM-ACCEPT" IptablesAzureKubeSystemChain string = "AZURE-NPM-KUBE-SYSTEM" IptablesAzureIngressChain string = "AZURE-NPM-INGRESS" IptablesAzureIngressPortChain string = "AZURE-NPM-INGRESS-PORT" IptablesAzureIngressFromChain string = "AZURE-NPM-INGRESS-FROM" IptablesAzureEgressChain string = "AZURE-NPM-EGRESS" IptablesAzureEgressPortChain string = "AZURE-NPM-EGRESS-PORT" IptablesAzureEgressToChain string = "AZURE-NPM-EGRESS-TO" IptablesKubeServicesChain string = "KUBE-SERVICES" IptablesForwardChain string = "FORWARD" IptablesInputChain string = "INPUT" IptablesAzureIngressDropsChain string = "AZURE-NPM-INGRESS-DROPS" IptablesAzureEgressDropsChain string = "AZURE-NPM-EGRESS-DROPS" // Below chain exists only in NPM before v1.2.6 // TODO delete this below set while cleaning up IptablesAzureTargetSetsChain string = "AZURE-NPM-TARGET-SETS" // Below chain existing only in NPM before v1.2.7 IptablesAzureIngressWrongDropsChain string = "AZURE-NPM-INRGESS-DROPS" // Below chains exists only for before Azure-NPM:v1.0.27 // and should be removed after a baking period. IptablesAzureIngressFromNsChain string = "AZURE-NPM-INGRESS-FROM-NS" IptablesAzureIngressFromPodChain string = "AZURE-NPM-INGRESS-FROM-POD" IptablesAzureEgressToNsChain string = "AZURE-NPM-EGRESS-TO-NS" IptablesAzureEgressToPodChain string = "AZURE-NPM-EGRESS-TO-POD" // Below are the skb->mark NPM will use for different criteria IptablesAzureIngressMarkHex string = "0x2000" // IptablesAzureEgressXMarkHex is used for us to not override but append to the existing MARK // https://unix.stackexchange.com/a/283455 comment contains the explanation on // MARK manipulations with offset. IptablesAzureEgressXMarkHex string = "0x1000/0x1000" // IptablesAzureEgressMarkHex is for checking the absolute value of the mark IptablesAzureEgressMarkHex string = "0x1000" IptablesAzureAcceptMarkHex string = "0x3000" IptablesAzureClearMarkHex string = "0x0" )
iptables related constants.
const ( Ipset string = "ipset" IpsetSaveFlag string = "save" IpsetRestoreFlag string = "restore" IpsetConfigFile string = "/var/log/ipset.conf" IpsetTestConfigFile string = "/var/log/ipset-test.conf" IpsetCreationFlag string = "-N" IpsetAppendFlag string = "-A" IpsetDeletionFlag string = "-D" IpsetFlushFlag string = "-F" IpsetDestroyFlag string = "-X" IpsetExistFlag string = "-exist" IpsetFileFlag string = "-file" IPsetCheckListFlag string = "list" IpsetTestFlag string = "test" IpsetSetGenericFlag string = "setgeneric" // not used in ipset commands, used as an internal identifier for nethash/hash:ip,port IpsetSetListFlag string = "setlist" IpsetNetHashFlag string = "nethash" IpsetIPPortHashFlag string = "hash:ip,port" IpsetUDPFlag string = "udp:" IpsetSCTPFlag string = "sctp:" IpsetTCPFlag string = "tcp:" AzureNpmFlag string = "azure-npm" AzureNpmPrefix string = "azure-npm-" IpsetMaxelemName string = "maxelem" IpsetMaxelemNum string = "4294967295" IpsetNomatch string = "nomatch" //Prefixes for ipsets NamedPortIPSetPrefix string = "namedport:" NamespacePrefix string = "ns-" )
ipset related constants.
const ( AddNamespaceEvent string = "Add Namespace" UpdateNamespaceEvent string = "Update Namespace" DeleteNamespaceEvent string = "Delete Namespace" AddPodEvent string = "Add Pod" UpdatePodEvent string = "Update Pod" DeletePodEvent string = "Delete Pod" AddNetworkPolicyEvent string = "Add network policy" UpdateNetworkPolicyEvent string = "Update network policy" DeleteNetworkPolicyEvent string = "Delete network policy" ErrorMetric string = "ErrorMetric" PackageName string = "PackageName" FunctionName string = "FunctionName" ErrorCode string = "ErrorCode" // Default batch size in AI telemetry // Defined here https://docs.microsoft.com/en-us/azure/azure-monitor/app/pricing BatchSizeInBytes int = 32768 BatchIntervalInSecs int = 30 RefreshTimeoutInSecs int = 15 GetEnvRetryCount int = 5 GetEnvRetryWaitTimeInSecs int = 3 AiInitializeRetryCount int = 3 AiInitializeRetryInMin int = 1 DebugMode bool = true ErrorValue float64 = 1 )
NPM telemetry constants.
const ( NpmID int = iota + 1 IpsmID IptmID NSID PodID NetpolID UtilID )
These ID represents where did the error log generate from. It's for better query purpose. In Kusto these value are used in OperationID column
Variables ¶
var IsNewNwPolicyVerFlag = false
IsNewNwPolicyVerFlag indicates if the current kubernetes version is newer than 1.11 or not
Functions ¶
func ClearAndAppendMap ¶
ClearAndAppendMap clears base and appends new to base.
func CompareK8sVer ¶
CompareK8sVer compares two k8s versions. returns -1, 0, 1 if firstVer smaller, equals, bigger than secondVer respectively. returns -2 for error.
func CompareResourceVersions ¶
CompareResourceVersions take in two resource versions and returns true if new is greater than old
func CompareUintResourceVersions ¶
CompareUintResourceVersions take in two resource versions as uint and returns true if new is greater than old
func DropEmptyFields ¶
DropEmptyFields deletes empty entries from a slice.
func GetClusterID ¶
GetClusterID retrieves cluster ID through node name. (Azure-specific)
func GetHashedName ¶
GetHashedName returns hashed ipset name.
func GetIPSetListCompareLabels ¶
GetIPSetListCompareLabels compares Labels and returns a delete ipset list and add ipset list
func GetIPSetListFromLabels ¶
GetIPSetListFromLabels combine Labels into a single slice
func GetLabelsWithoutOperators ¶
GetLabelsWithoutOperators returns labels without operators.
func GetNSNameWithPrefix ¶
GetNSNameWithPrefix returns Namespace name with ipset prefix
func GetObjKeyFunc ¶
GetObjKeyFunc will return obj's key
func GetOperatorAndLabel ¶
GetOperatorAndLabel returns the operator associated with the label and the label without operator.
func GetSetsFromLabels ¶
GetSetsFromLabels for a given map of labels will return ipset names
func IsNewNwPolicyVer ¶ added in v1.0.18
IsNewNwPolicyVer checks if the current k8s version >= 1.11, if so, then the networkPolicy should support 'AND' between namespaceSelector & podSelector.
func ParseResourceVersion ¶
ParseResourceVersion get uint64 version of ResourceVersion
func SetIsNewNwPolicyVerFlag ¶ added in v1.0.18
SetIsNewNwPolicyVerFlag sets IsNewNwPolicyVerFlag variable depending on version.
func SortMap ¶
SortMap sorts the map by key in alphabetical order. Note: even though the map is sorted, accessing it through range will still result in random order.
func UniqueStrSlice ¶
UniqueStrSlice removes duplicate elements from the input string.
Types ¶
This section is empty.
Source Files
Directories