Documentation ¶
Index ¶
Constants ¶
const EncryptKeyEmpty = EncryptKey(0)
Variables ¶
var ( ResourceKindCNP = ResourceKind("cnp") ResourceKindCCNP = ResourceKind("ccnp") ResourceKindDaemon = ResourceKind("daemon") ResourceKindEndpoint = ResourceKind("ep") ResourceKindNetpol = ResourceKind("netpol") ResourceKindNode = ResourceKind("node") )
Functions ¶
This section is empty.
Types ¶
type DatapathHandler ¶
type DatapathHandler interface {
UpdatePolicyMaps(context.Context, *sync.WaitGroup) *sync.WaitGroup
}
DatapathHandler is responsible for ensuring that policy updates in the core policy engine are pushed into the underlying BPF policy maps, to ensure that the policies are actively being enforced in the datapath for any new identities that have been updated using 'PolicyHandler'.
Wait on the returned sync.WaitGroup to ensure that the operation is complete before updating the datapath's IPCache maps.
type EncryptKey ¶
type EncryptKey uint8
EncryptKey is the identity of the encryption key. This type implements ipcache.IPMetadata
func (EncryptKey) IsValid ¶
func (e EncryptKey) IsValid() bool
func (EncryptKey) String ¶
func (e EncryptKey) String() string
func (EncryptKey) Uint8 ¶
func (e EncryptKey) Uint8() uint8
type IPListEntrySlice ¶
type IPListEntrySlice []*models.IPListEntry
func (IPListEntrySlice) Len ¶
func (s IPListEntrySlice) Len() int
func (IPListEntrySlice) Less ¶
func (s IPListEntrySlice) Less(i, j int) bool
Less sorts the IPListEntry objects by CIDR prefix then IP address. Given that the same IP cannot map to more than one identity, no further sorting is performed.
func (IPListEntrySlice) Swap ¶
func (s IPListEntrySlice) Swap(i, j int)
type PolicyHandler ¶
type PolicyHandler interface {
UpdateIdentities(added, deleted cache.IdentityCache, wg *sync.WaitGroup)
}
PolicyHandler is responsible for handling identity updates into the core policy engine. See SelectorCache.UpdateIdentities() for more details.
type ResourceID ¶
type ResourceID string
ResourceID identifies a unique copy of a resource that provides a source for information tied to an IP address in the IPCache.
func NewResourceID ¶
func NewResourceID(kind ResourceKind, namespace, name string) ResourceID
NewResourceID returns a ResourceID populated with the standard fields for uniquely identifying a source of IPCache information.
type ResourceKind ¶
type ResourceKind string
ResourceKind determines the source of the ResourceID. Typically this is the short name for the k8s resource.
type TunnelPeer ¶
TunnelPeer is the IP address of the host associated with this prefix. This is typically used to establish a tunnel, e.g. in tunnel mode or for encryption. This type implements ipcache.IPMetadata
func (TunnelPeer) IP ¶
func (t TunnelPeer) IP() net.IP