Documentation ¶
Index ¶
Constants ¶
View Source
const ( // DefaultDockerSocket is the default socket to use to communicate with docker DefaultDockerSocket = "/var/run/docker.sock" // DefaultDockerSocketType is unix DefaultDockerSocketType = "unix" )
View Source
const ( // DefaultRemoteArg is the default arguments for a remote enforcer DefaultRemoteArg = "enforce" // DefaultConnMark is the default conn mark for all data packets DefaultConnMark = uint32(0xEEEE) )
View Source
const ( //DefaultProxyPort the default port the l4 proxy listens on DefaultProxyPort = "5000" //DefaultProcMountPoint The default proc mountpoint DefaultProcMountPoint = "/proc" //DefaultAporetoProcMountPoint The aporeto proc mountpoint just in case we are launched with some specific docker config DefaultAporetoProcMountPoint = "/aporetoproc" // DockerHostMode is the string of the network mode that indicates a host namespace DockerHostMode = "host" // DockerLinkedMode is the string of the network mode that indicates shared network namespace DockerLinkedMode = "container:" )
View Source
const ( // AporetoEnvMountPoint is an environment variable which will contain the mount point AporetoEnvMountPoint = "APORETO_ENV_PROC_MOUNTPOINT" // AporetoEnvContextSocket stores the path to the context specific socket AporetoEnvContextSocket = "APORETO_ENV_SOCKET_PATH" // AporetoEnvStatsChannel stores the path to the stats channel AporetoEnvStatsChannel = "APORETO_ENV_STATS_CHANNEL_PATH" // AporetoEnvRPCClientSecret is the secret used between RPC client/server AporetoEnvRPCClientSecret = "APORETO_ENV_SECRET" // AporetoEnvStatsSecret is the secret to be used for the stats channel AporetoEnvStatsSecret = "APORETO_ENV_STATS_SECRET" // AporetoEnvContainerPID is the PID of the container AporetoEnvContainerPID = "APORETO_ENV_CONTAINER_PID" // AporetoEnvNSPath is the path of the network namespace AporetoEnvNSPath = "APORETO_ENV_NS_PATH" // AporetoEnvNsenterErrorState stores the error state as reported by remote enforcer AporetoEnvNsenterErrorState = "APORETO_ENV_NSENTER_ERROR_STATE" // AporetoEnvNsenterLogs stores the logs as reported by remote enforcer AporetoEnvNsenterLogs = "APORETO_ENV_NSENTER_LOGS" // AporetoEnvLogLevel store the log level to be used. AporetoEnvLogLevel = "APORETO_ENV_LOG_LEVEL" // AporetoEnvLogFormat store the log format to be used. AporetoEnvLogFormat = "APORETO_ENV_LOG_FORMAT" // AporetoEnvLogToConsole specifies if logs should be sent out to console. AporetoEnvLogToConsole = "APORETO_ENV_LOG_TO_CONSOLE" // AporetoEnvLogToConsoleEnable specifies value to enable logging to console. AporetoEnvLogToConsoleEnable = "1" // AporetoEnvLogID store the context Id for the log file to be used. AporetoEnvLogID = "APORETO_ENV_LOG_ID" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type DockerMonitorMode ¶
type DockerMonitorMode int
DockerMonitorMode defines the different modes the docker monitor can be in depending on the environment where trireme-lib is running
const ( // DockerMode is a mode for docker monitor when trireme is running on host with just a docker daemon DockerMode DockerMonitorMode = iota // KubernetesMode is a mode for docker monitor when trireme is running on host which is part of a kubernetes cluster KubernetesMode // NoProxyMode is a mode for docker monitor when trireme is running on host which is part of ECS/AWS cluster NoProxyMode )
type ImplementationType ¶
type ImplementationType int
ImplementationType defines the type of iptables or ipsets implementation
const ( // IPSets mandates an IPset supervisor implementation IPSets ImplementationType = iota // IPTables mandates an IPTable supervisor implementation IPTables )
type ModeType ¶
type ModeType int
ModeType defines the mode of the enforcement and supervisor.
const ( // RemoteContainer indicates that the Supervisor is implemented in the // container namespace RemoteContainer ModeType = iota // LocalContainer indicates that the Supervisor is implemented in the host // namespace LocalContainer // LocalServer indicates that the Supervisor applies to Linux processes LocalServer )
type PUType ¶
type PUType int
PUType defines the PU type
const ( // ContainerPU indicates that this PU is a container ContainerPU PUType = iota // LinuxProcessPU indicates that this is Linux process LinuxProcessPU // KubernetesPU indicates that this is KubernetesPod KubernetesPU // UIDLoginPU -- PU representing a user session UIDLoginPU // TransientPU PU -- placeholder to run processing. This should not // be inserted in any cache. This is valid only for processing a packet TransientPU )
Click to show internal directories.
Click to hide internal directories.