Documentation ¶
Index ¶
Constants ¶
View Source
const ( // ECSIPAMPluginName is the binary of the ipam plugin ECSIPAMPluginName = "ecs-ipam" // ECSBridgePluginName is the binary of the bridge plugin ECSBridgePluginName = "ecs-bridge" // ECSENIPluginName is the binary of the eni plugin ECSENIPluginName = "ecs-eni" // ECSAppMeshPluginName is the binary of aws-appmesh plugin ECSAppMeshPluginName = "aws-appmesh" // ECSBranchENIPluginName is the binary of the branch-eni plugin ECSBranchENIPluginName = "vpc-branch-eni" // TaskIAMRoleEndpoint is the endpoint of ecs-agent exposes credentials for // task IAM role TaskIAMRoleEndpoint = "169.254.170.2/32" // CapabilityAWSVPCNetworkingMode is the capability string, which when // present in the output of the '--capabilities' command of a CNI plugin // indicates that the plugin can support the ECS "awsvpc" network mode CapabilityAWSVPCNetworkingMode = "awsvpc-network-mode" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AppMeshConfig ¶ added in v1.26.0
type AppMeshConfig struct { // Type is the cni plugin name Type string `json:"type,omitempty"` // CNIVersion is the cni spec version to use CNIVersion string `json:"cniVersion,omitempty"` // IgnoredUID specifies egress traffic from the processes owned by the UID will be ignored IgnoredUID string `json:"ignoredUID,omitempty"` // IgnoredGID specifies egress traffic from the processes owned by the GID will be ignored IgnoredGID string `json:"ignoredGID,omitempty"` // ProxyIngressPort is the ingress port number that proxy is listening on ProxyIngressPort string `json:"proxyIngressPort"` // ProxyEgressPort is the egress port number that proxy is listening on ProxyEgressPort string `json:"proxyEgressPort"` // AppPorts specifies port numbers that application is listening on AppPorts []string `json:"appPorts"` // EgressIgnoredPorts is the list of ports for which egress traffic will be ignored EgressIgnoredPorts []string `json:"egressIgnoredPorts,omitempty"` // EgressIgnoredIPs is the list of IPs for which egress traffic will be ignored EgressIgnoredIPs []string `json:"egressIgnoredIPs,omitempty"` }
AppMeshConfig contains all the information needed to invoke the app mesh plugin
type BranchENIConfig ¶ added in v1.28.0
type BranchENIConfig struct { // CNIVersion is the CNI spec version to use CNIVersion string `json:"cniVersion,omitempty"` // Name is the CNI network name Name string `json:"name,omitempty"` // Type is the CNI plugin name Type string `json:"type,omitempty"` // TrunkMACAddress is the MAC address of the trunk ENI TrunkMACAddress string `json:"trunkMACAddress,omitempty"` // BranchVlanID is the VLAN ID of the branch ENI BranchVlanID string `json:"branchVlanID,omitempty"` // BranchMacAddress is the MAC address of the branch ENI BranchMACAddress string `json:"branchMACAddress"` // BranchIPAddress is the IP address of the branch ENI BranchIPAddress string `json:"branchIPAddress"` // BranchGatewayIPAddress is the IP address of the branch ENI's default gateway. BranchGatewayIPAddress string `json:"branchGatewayIPAddress"` // InterfaceType is the type of the interface to connect the branch ENI to InterfaceType string `json:"interfaceType,omitempty"` // BlockInstanceMetdata specifies if InstanceMetadata endpoint should be // blocked BlockInstanceMetdata bool `json:"blockInstanceMetadata"` }
BranchENIConfig contains all the information needed to invoke the vpc-branch-eni plugin
type BridgeConfig ¶
type BridgeConfig struct { // Type is the cni plugin name Type string `json:"type,omitempty"` // CNIVersion is the cni spec version to use CNIVersion string `json:"cniVersion,omitempty"` // BridgeName is the name of bridge BridgeName string `json:"bridge"` // IsGw indicates whether the bridge act as a gateway, it determines whether // an ip address needs to assign to the bridge IsGW bool `json:"isGateway"` // IsDefaultGW indicates whether the bridge is the gateway of the container IsDefaultGW bool `json:"isDefaultGateway"` // ForceAddress indicates whether a new ip should be assigned if the bridge // has already a different ip ForceAddress bool `json:"forceAddress"` // IPMasq indicates whether to setup the IP Masquerade for traffic originating // from this network IPMasq bool `json:"ipMasq"` // MTU sets MTU of the bridge interface MTU int `json:"mtu"` // HairpinMode sets the hairpin mode of interface on the bridge HairpinMode bool `json:"hairpinMode"` // IPAM is the configuration to acquire ip/route from ipam plugin IPAM IPAMConfig `json:"ipam,omitempty"` }
BridgeConfig contains all the information needed to invoke the bridge plugin
type CNIClient ¶
type CNIClient interface { // Version returns the version of the plugin Version(string) (string, error) // Capabilities returns the capabilities supported by a plugin Capabilities(string) ([]string, error) // SetupNS sets up the namespace of container SetupNS(context.Context, *Config, time.Duration) (*current.Result, error) // CleanupNS cleans up the container namespace CleanupNS(context.Context, *Config, time.Duration) error // ReleaseIPResource marks the ip available in the ipam db ReleaseIPResource(context.Context, *Config, time.Duration) error }
CNIClient defines the method of setting/cleaning up container namespace
type Config ¶
type Config struct { // PluginsPath indicates the path where cni plugins are located PluginsPath string // MinSupportedCNIVersion is the minimum cni spec version supported MinSupportedCNIVersion string // ENIID is the id of ec2 eni ENIID string // InterfaceAssociationProtocol is the type of eni, can be "default" or "vlan" InterfaceAssociationProtocol string // BranchVlanID is the VLAN ID to be used by a "vlan" ENI BranchVlanID string `json:"branchVlandID,omitempty"` // TrunkMACAddress is the MAC address of the associated Trunk ENI // for an ENI of type "vlan" TrunkMACAddress string `json:"trunkMACAddress,omitempty"` // ContainerID is the id of container of which to set up the network namespace ContainerID string // ContainerPID is the pid of the container ContainerPID string // ENIIPV4Address is the ipv4 assigned to the eni ENIIPV4Address string //ENIIPV6Address is the ipv6 assigned to the eni ENIIPV6Address string // ENIMACAddress is the mac address of the eni ENIMACAddress string // BridgeName is the name used to create the bridge BridgeName string // IPAMV4Address is the ipv4 used to assign from ipam IPAMV4Address *cnitypes.IPNet // ID is the information associate with ip in ipam ID string // BlockInstanceMetdata specifies if InstanceMetadata endpoint should be // blocked BlockInstanceMetdata bool // AdditionalLocalRoutes specifies additional routes to be added to the task namespace AdditionalLocalRoutes []cnitypes.IPNet // SubnetGatewayIPV4Address is the address to the subnet gate for the eni SubnetGatewayIPV4Address string // AppMeshCNIEnabled specifies if app mesh cni plugin is enabled AppMeshCNIEnabled bool // IgnoredUID specifies egress traffic from the processes owned // by the UID will be ignored IgnoredUID string // IgnoredGID specifies egress traffic from the processes owned // by the GID will be ignored IgnoredGID string // ProxyIngressPort is the ingress port number that proxy is listening on ProxyIngressPort string // ProxyEgressPort is the egress port number that proxy is listening on ProxyEgressPort string // AppPorts specifies port numbers that application is listening on AppPorts []string // EgressIgnoredPorts is the list of ports for which egress traffic // will be ignored EgressIgnoredPorts []string // EgressIgnoredIPs is the list of IPs for which egress traffic will be ignored EgressIgnoredIPs []string }
Config contains all the information to set up the container namespace using the plugins
type ENIConfig ¶
type ENIConfig struct { // Type is the cni plugin name Type string `json:"type,omitempty"` // CNIVersion is the cni spec version to use CNIVersion string `json:"cniVersion,omitempty"` // ENIID is the id of ec2 eni ENIID string `json:"eni"` // IPV4Address is the ipv4 of eni IPV4Address string `json:"ipv4-address"` // IPV6Address is the ipv6 of eni IPV6Address string `json:"ipv6-address,omitempty"` // MacAddress is the mac address of eni MACAddress string `json:"mac"` // BlockInstanceMetdata specifies if InstanceMetadata endpoint should be // blocked BlockInstanceMetdata bool `json:"block-instance-metadata"` // SubnetGatewayIPV4Address specifies the ipv4 address of the subnet gateway // for the ENI SubnetGatewayIPV4Address string `json:"subnetgateway-ipv4-address"` }
ENIConfig contains all the information needed to invoke the eni plugin
type IPAMConfig ¶
type IPAMConfig struct { // Type is the cni plugin name Type string `json:"type,omitempty"` // ID is the information stored in the ipam along with ip as key-value pair ID string `json:"id,omitempty"` // CNIVersion is the cni spec version to use CNIVersion string `json:"cniVersion,omitempty"` // IPV4Subnet is the ip address range managed by ipam IPV4Subnet string `json:"ipv4-subnet,omitempty"` // IPV4Address is the ip address to deal with(assign or release) in ipam IPV4Address *cnitypes.IPNet `json:"ipv4-address,omitempty"` // IPV4Gateway is the gateway returned by ipam, defalut the '.1' in the subnet IPV4Gateway string `json:"ipv4-gateway,omitempty"` // IPV4Routes is the route to added in the containerr namespace IPV4Routes []*cnitypes.Route `json:"ipv4-routes,omitempty"` }
IPAMConfig contains all the information needed to invoke the ipam plugin
type IPAMNetworkConfig ¶
type IPAMNetworkConfig struct { Name string `json:"name,omitempty"` CNIVersion string `json:"cniVersion,omitempty"` IPAM IPAMConfig `json:"ipam"` }
IPAMNetworkConfig is the config format accepted by the plugin
Click to show internal directories.
Click to hide internal directories.