Documentation ¶
Index ¶
- Constants
- func AddMasqueradeRule(snatBridgeIPWithPrefix string) error
- func AddVlanDropRule() error
- func CreateSnatBridge(snatBridgeIP string, hostPrimaryMac string, mainInterface string) error
- func DeleteMasqueradeRule() error
- func DeleteSnatBridge(bridgeName string) error
- type OVSSnatClient
- func (client *OVSSnatClient) AllowIPAddressesOnSnatBrdige() error
- func (client *OVSSnatClient) AllowInboundFromHostToNC() error
- func (client *OVSSnatClient) AllowInboundFromNCToHost() error
- func (client *OVSSnatClient) BlockIPAddressesOnSnatBrdige() error
- func (client *OVSSnatClient) ConfigureSnatContainerInterface() error
- func (client *OVSSnatClient) CreateSnatEndpoint(bridgeName string) error
- func (client *OVSSnatClient) DeleteInboundFromHostToNC() error
- func (client *OVSSnatClient) DeleteInboundFromNCToHost() error
- func (client *OVSSnatClient) DeleteSnatEndpoint() error
- func (client *OVSSnatClient) MoveSnatEndpointToContainerNS(netnsPath string, nsID uintptr) error
- func (client *OVSSnatClient) SetupSnatContainerInterface() error
Constants ¶
View Source
const ( SnatBridgeName = "azSnatbr" ImdsIP = "169.254.169.254/32" )
Variables ¶
This section is empty.
Functions ¶
func AddMasqueradeRule ¶
*
This function adds iptable rules that will snat all traffic that has source ip in apipa range and coming via linux bridge
*
func CreateSnatBridge ¶
*
This function creates linux bridge which will be used for outbound connectivity by NCs
*
func DeleteMasqueradeRule ¶
func DeleteMasqueradeRule() error
func DeleteSnatBridge ¶
Types ¶
type OVSSnatClient ¶
type OVSSnatClient struct { SkipAddressesFromBlock []string // contains filtered or unexported fields }
func NewSnatClient ¶
func (*OVSSnatClient) AllowIPAddressesOnSnatBrdige ¶ added in v1.0.24
func (client *OVSSnatClient) AllowIPAddressesOnSnatBrdige() error
*
This fucntion adds iptables rules that allows only specific Private IPs via linux bridge
*
func (*OVSSnatClient) AllowInboundFromHostToNC ¶ added in v1.0.24
func (client *OVSSnatClient) AllowInboundFromHostToNC() error
*
This function adds iptables rules that allows only host to NC communication and not the other way
*
func (*OVSSnatClient) AllowInboundFromNCToHost ¶ added in v1.0.24
func (client *OVSSnatClient) AllowInboundFromNCToHost() error
*
This function adds iptables rules that allows only NC to Host communication and not the other way
*
func (*OVSSnatClient) BlockIPAddressesOnSnatBrdige ¶ added in v1.0.24
func (client *OVSSnatClient) BlockIPAddressesOnSnatBrdige() error
*
This fucntion adds iptables rules that blocks all private IPs flowing via linux bridge
*
func (*OVSSnatClient) ConfigureSnatContainerInterface ¶
func (client *OVSSnatClient) ConfigureSnatContainerInterface() error
func (*OVSSnatClient) CreateSnatEndpoint ¶
func (client *OVSSnatClient) CreateSnatEndpoint(bridgeName string) error
func (*OVSSnatClient) DeleteInboundFromHostToNC ¶ added in v1.0.24
func (client *OVSSnatClient) DeleteInboundFromHostToNC() error
func (*OVSSnatClient) DeleteInboundFromNCToHost ¶ added in v1.0.24
func (client *OVSSnatClient) DeleteInboundFromNCToHost() error
func (*OVSSnatClient) DeleteSnatEndpoint ¶
func (client *OVSSnatClient) DeleteSnatEndpoint() error
func (*OVSSnatClient) MoveSnatEndpointToContainerNS ¶
func (client *OVSSnatClient) MoveSnatEndpointToContainerNS(netnsPath string, nsID uintptr) error
*
Move container veth inside container network namespace
*
func (*OVSSnatClient) SetupSnatContainerInterface ¶
func (client *OVSSnatClient) SetupSnatContainerInterface() error
*
Configure Routes and setup name for container veth
*
Click to show internal directories.
Click to hide internal directories.