ipcache

Documentation

Index

• Constants
• Variables
• func BackedByLPM() bool
• func Reopen() error
• func SupportsDelete() bool
• type Key
  • func NewKey(ip net.IP, mask net.IPMask) Key
  • func (k *Key) GetKeyPtr() unsafe.Pointer
  • func (k Key) NewValue() bpf.MapValue
  • func (k Key) String() string
• type Map
  • func NewMap(name string) *Map
  • func (m *Map) Delete(k bpf.MapKey) error
  • func (m *Map) GetMaxPrefixLengths(ipv6 bool) (count int)
• type RemoteEndpointInfo
  • func (v *RemoteEndpointInfo) GetValuePtr() unsafe.Pointer
  • func (v *RemoteEndpointInfo) String() string

Constants

const (
	// MaxEntries is the maximum number of keys that can be present in the
	// RemoteEndpointMap.
	MaxEntries = 512000

	// Name is the canonical name for the IPCache map on the filesystem.
	Name = "cilium_ipcache"
)

Variables

var (
	// IPCache is a mapping of all endpoint IPs in the cluster which this
	// Cilium agent is a part of to their corresponding security identities.
	// It is a singleton; there is only one such map per agent.
	IPCache = NewMap(Name)
)

Functions

func BackedByLPM

func BackedByLPM() bool

BackedByLPM returns true if the IPCache is backed by a proper LPM implementation (provided by Linux kernels 4.11 or later), false otherwise.

func Reopen

func Reopen() error

Reopen attempts to close and re-open the IPCache map at the standard path on the filesystem.

func SupportsDelete

func SupportsDelete() bool

SupportsDelete determines whether the underlying kernel map type supports the delete operation.

Types

type Key

type Key struct {
	Prefixlen uint32 `align:"lpm_key"`
	Pad1      uint16 `align:"pad1"`
	Pad2      uint8  `align:"pad2"`
	Family    uint8  `align:"family"`
	// represents both IPv6 and IPv4 (in the lowest four bytes)
	IP types.IPv6 `align:"$union0"`
}

Key implements the bpf.MapKey interface.

Must be in sync with struct ipcache_key in <bpf/lib/maps.h>

func NewKey

func NewKey(ip net.IP, mask net.IPMask) Key

NewKey returns an Key based on the provided IP address and mask. The address family is automatically detected

func (*Key) GetKeyPtr

func (k *Key) GetKeyPtr() unsafe.Pointer

GetKeyPtr returns the unsafe pointer to the BPF key

func (Key) NewValue

func (k Key) NewValue() bpf.MapValue

NewValue returns a new empty instance of the structure representing the BPF map value

func (Key) String

func (k Key) String() string

type Map

type Map struct {
	bpf.Map
	// contains filtered or unexported fields
}

Map represents an IPCache BPF map.

func NewMap

func NewMap(name string) *Map

NewMap instantiates a Map.

func (*Map) Delete

func (m *Map) Delete(k bpf.MapKey) error

Delete removes a key from the ipcache BPF map

func (*Map) GetMaxPrefixLengths

func (m *Map) GetMaxPrefixLengths(ipv6 bool) (count int)

GetMaxPrefixLengths determines how many unique prefix lengths are supported simultaneously based on the underlying BPF map type in use.

type RemoteEndpointInfo

type RemoteEndpointInfo struct {
	SecurityIdentity uint32  `align:"sec_label"`
	TunnelEndpoint   [4]byte `align:"tunnel_endpoint"`
	Key              uint8   `align:"key"`
}

RemoteEndpointInfo implements the bpf.MapValue interface. It contains the security identity of a remote endpoint.

func (*RemoteEndpointInfo) GetValuePtr

func (v *RemoteEndpointInfo) GetValuePtr() unsafe.Pointer

GetValuePtr returns the unsafe pointer to the BPF value.

func (*RemoteEndpointInfo) String

func (v *RemoteEndpointInfo) String() string