Documentation ¶
Overview ¶
Package egressgateway defines an internal representation of the Cilium Egress Policy. The structures are managed by the Manager.
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // GatewayNotFoundIPv4 is a special IP value used as gatewayIP in the BPF policy // map to indicate no gateway was found for the given policy GatewayNotFoundIPv4 = netip.IPv4Unspecified() // ExcludedCIDRIPv4 is a special IP value used as gatewayIP in the BPF policy map // to indicate the entry is for an excluded CIDR and should skip egress gateway ExcludedCIDRIPv4 = netip.MustParseAddr("0.0.0.1") )
View Source
var Cell = cell.Module( "egressgateway", "Egress Gateway allows originating traffic from specific IPv4 addresses", cell.Config(defaultConfig), cell.Provide(NewEgressGatewayManager), cell.Provide(newPolicyResource), )
Cell provides a Manager for consumption with hive.
Functions ¶
func NewEgressGatewayManager ¶
func ParseCEGPConfigID ¶
func ParseCEGPConfigID(cegp *v2.CiliumEgressGatewayPolicy) types.NamespacedName
ParseCEGPConfigID takes a CiliumEgressGatewayPolicy CR and returns only the config id
Types ¶
type Config ¶
type Config struct { // Install egress gateway IP rules and routes in order to properly steer // egress gateway traffic to the correct ENI interface InstallEgressGatewayRoutes bool // Default amount of time between triggers of egress gateway state // reconciliations are invoked EgressGatewayReconciliationTriggerInterval time.Duration }
type Manager ¶
The egressgateway manager stores the internal data tracking the node, policy, endpoint, and lease mappings. It also hooks up all the callbacks to update egress bpf policy map accordingly.
type Params ¶
type Params struct { cell.In Config Config DaemonConfig *option.DaemonConfig IdentityAllocator identityCache.IdentityAllocator PolicyMap egressmap.PolicyMap Policies resource.Resource[*Policy] Nodes resource.Resource[*cilium_api_v2.CiliumNode] Endpoints resource.Resource[*k8sTypes.CiliumEndpoint] Lifecycle hive.Lifecycle }
type Policy ¶
type Policy = v2.CiliumEgressGatewayPolicy
type PolicyConfig ¶
type PolicyConfig struct {
// contains filtered or unexported fields
}
PolicyConfig is the internal representation of CiliumEgressGatewayPolicy.
func ParseCEGP ¶
func ParseCEGP(cegp *v2.CiliumEgressGatewayPolicy) (*PolicyConfig, error)
ParseCEGP takes a CiliumEgressGatewayPolicy CR and converts to PolicyConfig, the internal representation of the egress gateway policy
Source Files ¶
Click to show internal directories.
Click to hide internal directories.