types

package
v1.15.0-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 16, 2024 License: Apache-2.0 Imports: 10 Imported by: 2

Documentation

Index

Constants

View Source
const EncryptKeyEmpty = EncryptKey(0)

Variables

View Source
var (
	ResourceKindCNP      = ResourceKind("cnp")
	ResourceKindCCNP     = ResourceKind("ccnp")
	ResourceKindDaemon   = ResourceKind("daemon")
	ResourceKindEndpoint = ResourceKind("ep")
	ResourceKindNetpol   = ResourceKind("netpol")
	ResourceKindNode     = ResourceKind("node")
)

Functions

This section is empty.

Types

type DatapathHandler

type DatapathHandler interface {
	UpdatePolicyMaps(context.Context, *sync.WaitGroup) *sync.WaitGroup
}

DatapathHandler is responsible for ensuring that policy updates in the core policy engine are pushed into the underlying BPF policy maps, to ensure that the policies are actively being enforced in the datapath for any new identities that have been updated using 'PolicyHandler'.

Wait on the returned sync.WaitGroup to ensure that the operation is complete before updating the datapath's IPCache maps.

type EncryptKey

type EncryptKey uint8

EncryptKey is the identity of the encryption key. This type implements ipcache.IPMetadata

func (EncryptKey) IsValid

func (e EncryptKey) IsValid() bool

func (EncryptKey) String

func (e EncryptKey) String() string

func (EncryptKey) Uint8

func (e EncryptKey) Uint8() uint8

type IPListEntrySlice

type IPListEntrySlice []*models.IPListEntry

func (IPListEntrySlice) Len

func (s IPListEntrySlice) Len() int

func (IPListEntrySlice) Less

func (s IPListEntrySlice) Less(i, j int) bool

Less sorts the IPListEntry objects by CIDR prefix then IP address. Given that the same IP cannot map to more than one identity, no further sorting is performed.

func (IPListEntrySlice) Swap

func (s IPListEntrySlice) Swap(i, j int)

type PolicyHandler

type PolicyHandler interface {
	UpdateIdentities(added, deleted cache.IdentityCache, wg *sync.WaitGroup)
}

PolicyHandler is responsible for handling identity updates into the core policy engine. See SelectorCache.UpdateIdentities() for more details.

type RequestedIdentity added in v1.15.0

type RequestedIdentity identity.NumericIdentity

RequestedIdentity is a desired numeric identity for the prefix. When the prefix is next injected, this numeric ID will be requested from the local allocator. If the allocator can accommodate that request, it will do so. In order for this to be useful, the prefix must not already have an identity (or its set of labels must have changed), and that numeric identity must be free. Thus, the numeric ID should have already been held-aside in the allocator using WithholdLocalIdentities(). That will ensure the numeric ID remains free for the prefix to request.

func (RequestedIdentity) ID added in v1.15.0

func (RequestedIdentity) IsValid added in v1.15.0

func (id RequestedIdentity) IsValid() bool

type ResourceID

type ResourceID string

ResourceID identifies a unique copy of a resource that provides a source for information tied to an IP address in the IPCache.

func NewResourceID

func NewResourceID(kind ResourceKind, namespace, name string) ResourceID

NewResourceID returns a ResourceID populated with the standard fields for uniquely identifying a source of IPCache information.

type ResourceKind

type ResourceKind string

ResourceKind determines the source of the ResourceID. Typically this is the short name for the k8s resource.

type TunnelPeer

type TunnelPeer struct{ netip.Addr }

TunnelPeer is the IP address of the host associated with this prefix. This is typically used to establish a tunnel, e.g. in tunnel mode or for encryption. This type implements ipcache.IPMetadata

func (TunnelPeer) IP

func (t TunnelPeer) IP() net.IP

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL