sysctl

package
v1.14.7-hotfix.20200326 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 3, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func SafeSysctlWhitelist added in v1.11.0

func SafeSysctlWhitelist() []string

SafeSysctlWhitelist returns the whitelist of safe sysctls and safe sysctl patterns (ending in *).

A sysctl is called safe iff - it is namespaced in the container or the pod - it is isolated, i.e. has no influence on any other pod on the same node.

Types

type SysctlsStrategy

type SysctlsStrategy interface {
	// Validate ensures that the specified values fall within the range of the strategy.
	Validate(pod *api.Pod) field.ErrorList
}

SysctlsStrategy defines the interface for all sysctl strategies.

func NewMustMatchPatterns

func NewMustMatchPatterns(safeWhitelist, allowedUnsafeSysctls, forbiddenSysctls []string) SysctlsStrategy

NewMustMatchPatterns creates a new mustMatchPatterns strategy that will provide validation. Passing nil means the default pattern, passing an empty list means to disallow all sysctls.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL