networkpolicy

package

v0.0.0-...-f843765 Latest Latest Go to latest Published: Jul 28, 2023 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/adykaaa/k8s-netpol-ctrl

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func ExtendPeers(ingressPol []networkingv1.NetworkPolicyPeer, ...) error
func RemoveOldLabels(oldLabels map[string][]string, ...)
type Handler

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrAlreadyExists = errors.New("a policy with this name already exists")
	ErrEmptyParam    = errors.New("a required parameter is empty")
	ErrNotFound      = errors.New("policy not found")
)

Functions ¶

func ExtendPeers ¶

func ExtendPeers(ingressPol []networkingv1.NetworkPolicyPeer, egressPol []networkingv1.NetworkPolicyPeer, p *networkingv1.NetworkPolicy) error

ExtendPeers loops through the ingress and egress peers of an existing policy, and appends all the elements from ingressPol and egressPol to the existing NetworkPolicyPeers.

func RemoveOldLabels ¶

func RemoveOldLabels(oldLabels map[string][]string, ingressRules []networkingv1.NetworkPolicyIngressRule, egressRules []networkingv1.NetworkPolicyEgressRule)

Types ¶

type Handler ¶

type Handler struct {
	Client kubernetes.Interface
}

func (*Handler) AppendLabelsToPeers ¶

func (h *Handler) AppendLabelsToPeers(targetPodLabels map[string][]string) (ingressPeers []networkingv1.NetworkPolicyPeer, egressPeers []networkingv1.NetworkPolicyPeer, err error)

appendLabelsToPeers appends the default supported labels (such as Ingress controller pod labels and DNS pod labels which come from DefaultLabels) and targetedPodLabels one by one to ingressPeers and egressPeers.

func (*Handler) GetPolicyByPodLabels ¶

func (h *Handler) GetPolicyByPodLabels(namespace string, podLabels map[string]string) (*networkingv1.NetworkPolicy, error)

GetPolicyByPodLabels returns the policy where podLabels match LabelSelectorRequirements with LabelSelectorOpIn

func (*Handler) NewPolicy ¶

func (h *Handler) NewPolicy(name string, namespace string, podSelectorLabels map[string]string, targetPodLabels map[string][]string) (*networkingv1.NetworkPolicy, error)

NewPolicy deploys a NetworkPolicy which only allows incoming/outgoing communication from pods with the same label, and to/from objects that have the labels located in the global variable DefaultLabels.

Source Files ¶

View all Source files

networkpolicy.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL