egressmap

package
v1.14.0-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 17, 2023 License: Apache-2.0 Imports: 10 Imported by: 5

Documentation

Overview

+groupName=maps

Index

Constants

View Source
const (
	PolicyMapName = "cilium_egress_gw_policy_v4"
	// PolicyStaticPrefixBits represents the size in bits of the static
	// prefix part of an egress policy key (i.e. the source IP).
	PolicyStaticPrefixBits = uint32(unsafe.Sizeof(types.IPv4{}) * 8)
)

Variables

View Source
var Cell = cell.Module(
	"egressmaps",
	"Egressmaps provide access to the egress gateway datapath maps",
	cell.Config(DefaultPolicyConfig),
	cell.Provide(createPolicyMapFromDaemonConfig),
)
View Source
var DefaultPolicyConfig = PolicyConfig{
	EgressGatewayPolicyMapMax: 1 << 14,
}

Functions

This section is empty.

Types

type EgressPolicyIterateCallback

type EgressPolicyIterateCallback func(*EgressPolicyKey4, *EgressPolicyVal4)

EgressPolicyIterateCallback represents the signature of the callback function expected by the IterateWithCallback method, which in turn is used to iterate all the keys/values of an egress policy map.

type EgressPolicyKey4

type EgressPolicyKey4 struct {
	// PrefixLen is full 32 bits of SourceIP + DestCIDR's mask bits
	PrefixLen uint32 `align:"lpm_key"`

	SourceIP types.IPv4 `align:"saddr"`
	DestCIDR types.IPv4 `align:"daddr"`
}

EgressPolicyKey4 is the key of an egress policy map.

func NewEgressPolicyKey4

func NewEgressPolicyKey4(sourceIP, destIP net.IP, destinationMask net.IPMask) EgressPolicyKey4

NewEgressPolicyKey4 returns a new EgressPolicyKey4 object representing the (source IP, destination CIDR) tuple.

func (*EgressPolicyKey4) GetDestCIDR

func (k *EgressPolicyKey4) GetDestCIDR() *net.IPNet

GetDestCIDR returns the egress policy key's destination CIDR.

func (*EgressPolicyKey4) GetSourceIP

func (k *EgressPolicyKey4) GetSourceIP() net.IP

GetSourceIP returns the egress policy key's source IP.

func (*EgressPolicyKey4) Match

func (k *EgressPolicyKey4) Match(sourceIP net.IP, destCIDR *net.IPNet) bool

Match returns true if the sourceIP and destCIDR parameters match the egress policy key.

type EgressPolicyVal4

type EgressPolicyVal4 struct {
	EgressIP  types.IPv4 `align:"egress_ip"`
	GatewayIP types.IPv4 `align:"gateway_ip"`
}

EgressPolicyVal4 is the value of an egress policy map.

func NewEgressPolicyVal4

func NewEgressPolicyVal4(egressIP, gatewayIP net.IP) EgressPolicyVal4

NewEgressPolicyVal4 returns a new EgressPolicyVal4 object representing for the given egress IP and gateway IPs

func (*EgressPolicyVal4) GetEgressIP

func (v *EgressPolicyVal4) GetEgressIP() net.IP

GetEgressIP returns the egress policy value's egress IP.

func (*EgressPolicyVal4) GetGatewayIP

func (v *EgressPolicyVal4) GetGatewayIP() net.IP

GetGatewayIP returns the egress policy value's gateway IP.

func (*EgressPolicyVal4) Match

func (v *EgressPolicyVal4) Match(egressIP, gatewayIP net.IP) bool

Match returns true if the egressIP and gatewayIP parameters match the egress policy value.

func (*EgressPolicyVal4) String

func (v *EgressPolicyVal4) String() string

String returns the string representation of an egress policy value.

type PolicyConfig

type PolicyConfig struct {
	// EgressGatewayPolicyMapMax is the maximum number of entries
	// allowed in the BPF egress gateway policy map.
	EgressGatewayPolicyMapMax int
}

func (PolicyConfig) Flags

func (def PolicyConfig) Flags(flags *pflag.FlagSet)

type PolicyMap

type PolicyMap interface {
	Lookup(sourceIP net.IP, destCIDR net.IPNet) (*EgressPolicyVal4, error)
	Update(sourceIP net.IP, destCIDR net.IPNet, egressIP, gatewayIP net.IP) error
	Delete(sourceIP net.IP, destCIDR net.IPNet) error
	IterateWithCallback(EgressPolicyIterateCallback) error
}

PolicyMap is used to communicate EGW policies to the datapath.

func CreatePolicyMap added in v1.14.0

func CreatePolicyMap(lc hive.Lifecycle, cfg PolicyConfig) PolicyMap

func OpenPinnedPolicyMap

func OpenPinnedPolicyMap() (PolicyMap, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL