egressgateway

package
v1.15.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 14, 2024 License: Apache-2.0 Imports: 42 Imported by: 2

Documentation

Overview

Package egressgateway defines an internal representation of the Cilium Egress Policy. The structures are managed by the Manager.

Index

Constants

This section is empty.

Variables

View Source
var (

	// GatewayNotFoundIPv4 is a special IP value used as gatewayIP in the BPF policy
	// map to indicate no gateway was found for the given policy
	GatewayNotFoundIPv4 = netip.IPv4Unspecified()
	// ExcludedCIDRIPv4 is a special IP value used as gatewayIP in the BPF policy map
	// to indicate the entry is for an excluded CIDR and should skip egress gateway
	ExcludedCIDRIPv4 = netip.MustParseAddr("0.0.0.1")
)
View Source
var Cell = cell.Module(
	"egressgateway",
	"Egress Gateway allows originating traffic from specific IPv4 addresses",
	cell.Config(defaultConfig),
	cell.Provide(NewEgressGatewayManager),
	cell.Provide(newPolicyResource),
)

Cell provides a Manager for consumption with hive.

Functions

func NewEgressGatewayManager

func NewEgressGatewayManager(p Params) (out struct {
	cell.Out

	*Manager
	defines.NodeOut
	tunnel.EnablerOut
}, err error)

func ParseCEGPConfigID

func ParseCEGPConfigID(cegp *v2.CiliumEgressGatewayPolicy) types.NamespacedName

ParseCEGPConfigID takes a CiliumEgressGatewayPolicy CR and returns only the config id

Types

type Config

type Config struct {
	// Install egress gateway IP rules and routes in order to properly steer
	// egress gateway traffic to the correct ENI interface
	InstallEgressGatewayRoutes bool

	// Default amount of time between triggers of egress gateway state
	// reconciliations are invoked
	EgressGatewayReconciliationTriggerInterval time.Duration
}

func (Config) Flags

func (def Config) Flags(flags *pflag.FlagSet)

type Manager

type Manager struct {
	lock.Mutex
	// contains filtered or unexported fields
}

The egressgateway manager stores the internal data tracking the node, policy, endpoint, and lease mappings. It also hooks up all the callbacks to update egress bpf policy map accordingly.

type Params

type Params struct {
	cell.In

	Config            Config
	DaemonConfig      *option.DaemonConfig
	IdentityAllocator identityCache.IdentityAllocator
	PolicyMap         egressmap.PolicyMap
	Policies          resource.Resource[*Policy]
	Nodes             resource.Resource[*cilium_api_v2.CiliumNode]
	Endpoints         resource.Resource[*k8sTypes.CiliumEndpoint]

	Lifecycle cell.Lifecycle
}

type Policy

type PolicyConfig

type PolicyConfig struct {
	// contains filtered or unexported fields
}

PolicyConfig is the internal representation of CiliumEgressGatewayPolicy.

func ParseCEGP

func ParseCEGP(cegp *v2.CiliumEgressGatewayPolicy) (*PolicyConfig, error)

ParseCEGP takes a CiliumEgressGatewayPolicy CR and converts to PolicyConfig, the internal representation of the egress gateway policy

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL