translation

package
v1.6.16 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 15, 2024 License: MIT Imports: 9 Imported by: 0

Documentation

Overview

Package translation converts NetworkPolicy object to policies.NPMNetworkPolicy object which contains necessary information to program dataplanes. The basic rule of conversion is to start from simple single rule (e.g., allow all traffic, only port, only IPBlock, etc) to composite rules (e.g., port with IPBlock or port rule with peers rule (e.g., podSelector, namespaceSelector, or both podSelector and namespaceSelector)).

Index

Constants

This section is empty.

Variables

View Source
var (

	// ErrUnsupportedNamedPort is returned when named port translation feature is used in windows.
	ErrUnsupportedNamedPort = errors.New("unsupported namedport translation features used on windows")
	// ErrUnsupportedNegativeMatch is returned when negative match translation feature is used in windows.
	ErrUnsupportedNegativeMatch = errors.New("unsupported NotExist operator translation features used on windows")
	// ErrUnsupportedExceptCIDR is returned when Except CIDR block translation feature is used in windows.
	ErrUnsupportedExceptCIDR = errors.New("unsupported Except CIDR block translation features used on windows")
	// ErrUnsupportedSCTP is returned when SCTP protocol is used in windows.
	ErrUnsupportedSCTP = errors.New("unsupported SCTP protocol used on windows")
	// ErrInvalidMatchExpressionValues ensures proper matchExpression label values since k8s doesn't perform this check.
	ErrInvalidMatchExpressionValues = errors.New(
		"matchExpression label values must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character",
	)
	// ErrUnsupportedIPAddress is returned when an unsupported IP address, such as IPV6, is used
	ErrUnsupportedIPAddress = errors.New("unsupported IP address")
	// ErrUnsupportedNonCIDR is returned when non-CIDR blocks are passed in with NPM Lite enabled. NPM Lite allows deny-all and allow-all policies
	ErrUnsupportedNonCIDR = errors.New("Non-CIDR blocks, named ports, and ingress/egress namespace/pod selectors are not supported when NPM Lite is enabled, allowing only CIDR-based policies")
)

Functions

func TranslatePolicy

func TranslatePolicy(npObj *networkingv1.NetworkPolicy, npmLiteToggle bool) (*policies.NPMNetworkPolicy, error)

TranslatePolicy translates networkpolicy object to NPMNetworkPolicy object and returns the NPMNetworkPolicy object.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL