tables

package
v1.16.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 24, 2024 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source
const (
	RT_SCOPE_UNIVERSE = RouteScope(0x0)
	RT_SCOPE_SITE     = RouteScope(0xc8)
	RT_SCOPE_LINK     = RouteScope(0xfd)
	RT_SCOPE_HOST     = RouteScope(0xfe)
	RT_SCOPE_NOWHERE  = RouteScope(0xff)
	RT_TABLE_UNSPEC   = RouteTable(0x0)
	RT_TABLE_COMPAT   = RouteTable(0xfc)
	RT_TABLE_DEFAULT  = RouteTable(0xfd)
	RT_TABLE_MAIN     = RouteTable(0xfe)
	RT_TABLE_LOCAL    = RouteTable(0xff)
	RT_TABLE_MAX      = RouteTable(0xffffffff)
)

Definitions for route scopes and tables. These are repeated here from the unix package to keep the tables package buildable on non-Linux platforms.

View Source
const IPSetsTableName = "ipsets"
View Source
const WildcardDeviceName = "*"

WildcardDeviceName for looking up a fallback global address. This is used for picking a BPF masquerade or direct routing address in cases where the target device doesn't have an IP address (ECMP and similar setups).

Variables

View Source
var (
	BandwidthQDiscIndex = statedb.Index[*BandwidthQDisc, int]{
		Name: "id",
		FromObject: func(obj *BandwidthQDisc) index.KeySet {
			return index.NewKeySet(index.Int(obj.LinkIndex))
		},
		FromKey: index.Int,
		Unique:  true,
	}

	BandwidthQDiscTableName = "bandwidth-qdiscs"
)
View Source
var (
	DeviceIDIndex = statedb.Index[*Device, int]{
		Name: "id",
		FromObject: func(d *Device) index.KeySet {
			return index.NewKeySet(index.Int(d.Index))
		},
		FromKey: index.Int,
		Unique:  true,
	}

	DeviceNameIndex = statedb.Index[*Device, string]{
		Name: "name",
		FromObject: func(d *Device) index.KeySet {
			return index.NewKeySet(index.String(d.Name))
		},
		FromKey: index.String,
	}

	DeviceSelectedIndex = statedb.Index[*Device, bool]{
		Name: "selected",
		FromObject: func(d *Device) index.KeySet {
			return index.NewKeySet(index.Bool(d.Selected))
		},
		FromKey: index.Bool,
	}
)
View Source
var (
	L2AnnounceIDIndex = statedb.Index[*L2AnnounceEntry, L2AnnounceKey]{
		Name: "id",
		FromObject: func(b *L2AnnounceEntry) index.KeySet {
			return index.NewKeySet(b.Key())
		},
		FromKey: L2AnnounceKey.Key,
		Unique:  true,
	}

	L2AnnounceOriginIndex = statedb.Index[*L2AnnounceEntry, resource.Key]{
		Name: "origin",
		FromObject: func(b *L2AnnounceEntry) index.KeySet {
			return index.StringerSlice(b.Origins)
		},
		FromKey: index.Stringer[resource.Key],
	}
)
View Source
var (
	// NodeAddressIndex is the primary index for node addresses:
	//
	//   var nodeAddresses Table[NodeAddress]
	//   nodeAddresses.First(txn, NodeAddressIndex.Query(netip.MustParseAddr("1.2.3.4")))
	NodeAddressIndex = statedb.Index[NodeAddress, NodeAddressKey]{
		Name: "id",
		FromObject: func(a NodeAddress) index.KeySet {
			return index.NewKeySet(NodeAddressKey{a.Addr, a.DeviceName}.Key())
		},
		FromKey: NodeAddressKey.Key,
		Unique:  true,
	}

	NodeAddressDeviceNameIndex = statedb.Index[NodeAddress, string]{
		Name: "name",
		FromObject: func(a NodeAddress) index.KeySet {
			return index.NewKeySet(index.String(a.DeviceName))
		},
		FromKey: index.String,
		Unique:  false,
	}

	NodeAddressNodePortIndex = statedb.Index[NodeAddress, bool]{
		Name: "node-port",
		FromObject: func(a NodeAddress) index.KeySet {
			return index.NewKeySet(index.Bool(a.NodePort))
		},
		FromKey: index.Bool,
		Unique:  false,
	}

	NodeAddressTableName statedb.TableName = "node-addresses"

	// NodeAddressCell provides Table[NodeAddress] and a background controller
	// that derives the node addresses from the low-level Table[*Device].
	//
	// The Table[NodeAddress] contains the actual assigned addresses on the node,
	// but not for example external Kubernetes node addresses that may be merely
	// NATd to a private address. Those can be queried through [node.LocalNodeStore].
	NodeAddressCell = cell.Module(
		"node-address",
		"Table of node addresses derived from system network devices",

		cell.ProvidePrivate(NewNodeAddressTable),
		cell.Provide(
			newNodeAddressController,
			newAddressScopeMax,
		),
		cell.Config(NodeAddressConfig{}),
	)
)
View Source
var (
	TestIPv4InternalAddress = netip.MustParseAddr("10.0.0.2")
	TestIPv4NodePortAddress = netip.MustParseAddr("10.0.0.3")
	TestIPv6InternalAddress = netip.MustParseAddr("f00d::1")
	TestIPv6NodePortAddress = netip.MustParseAddr("f00d::2")

	TestAddresses = []NodeAddress{
		{
			Addr:       TestIPv4InternalAddress,
			NodePort:   true,
			Primary:    true,
			DeviceName: "test",
		},
		{
			Addr:       TestIPv4NodePortAddress,
			NodePort:   true,
			Primary:    false,
			DeviceName: "test",
		},
		{
			Addr:       TestIPv6InternalAddress,
			NodePort:   true,
			Primary:    true,
			DeviceName: "test",
		},
		{
			Addr:       TestIPv6NodePortAddress,
			NodePort:   true,
			Primary:    false,
			DeviceName: "test",
		},
	}
)

Shared test address definitions

View Source
var (
	RouteIDIndex = statedb.Index[*Route, RouteID]{
		Name: "id",
		FromObject: func(r *Route) index.KeySet {
			return index.NewKeySet(
				RouteID{
					Table:     r.Table,
					LinkIndex: r.LinkIndex,
					Dst:       r.Dst,
				}.Key(),
			)
		},
		FromKey: RouteID.Key,
		Unique:  true,
	}

	RouteLinkIndex = statedb.Index[*Route, int]{
		Name: "LinkIndex",
		FromObject: func(r *Route) index.KeySet {
			return index.NewKeySet(index.Int(r.LinkIndex))
		},
		FromKey: index.Int,
	}
)
View Source
var (
	SysctlNameIndex = statedb.Index[*Sysctl, string]{
		Name: "name",
		FromObject: func(s *Sysctl) index.KeySet {
			return index.NewKeySet(index.String(s.Name))
		},
		FromKey: index.String,
		Unique:  true,
	}

	SysctlStatusIndex = reconciler.NewStatusIndex((*Sysctl).GetStatus)

	SysctlTableName = "sysctl"
)
View Source
var IPSetEntryIndex = statedb.Index[*IPSetEntry, IPSetEntryKey]{
	Name: IPSetsTableName,
	FromObject: func(s *IPSetEntry) index.KeySet {
		return index.NewKeySet(IPSetEntryKey{s.Name, s.Addr}.Key())
	},
	FromKey: IPSetEntryKey.Key,
	Unique:  true,
}

Functions

func DeviceNames

func DeviceNames(devs []*Device) (names []string)

DeviceNames extracts the device names from a slice of devices.

func HasDefaultRoute

func HasDefaultRoute(tbl statedb.Table[*Route], rxn statedb.ReadTxn, linkIndex int) bool

func NewBandwidthQDiscTable added in v1.16.0

func NewBandwidthQDiscTable(db *statedb.DB) (statedb.RWTable[*BandwidthQDisc], error)

func NewDeviceTable added in v1.15.0

func NewDeviceTable() (statedb.RWTable[*Device], error)

func NewIPSetTable added in v1.16.0

func NewIPSetTable(db *statedb.DB) (statedb.RWTable[*IPSetEntry], error)

func NewL2AnnounceTable added in v1.15.0

func NewL2AnnounceTable() (statedb.RWTable[*L2AnnounceEntry], error)

func NewNodeAddressTable added in v1.15.0

func NewNodeAddressTable() (statedb.RWTable[NodeAddress], error)

func NewRouteTable added in v1.15.0

func NewRouteTable() (statedb.RWTable[*Route], error)

func NewSysctlTable added in v1.16.0

Types

type AddressScopeMax added in v1.15.0

type AddressScopeMax uint8

AddressScopeMax sets the maximum scope an IP address can have. A scope is defined in rtnetlink(7) as the distance to the destination where a lower number signifies a wider scope with RT_SCOPE_UNIVERSE (0) being the widest.

This defaults to RT_SCOPE_LINK-1 (defaults.AddressScopeMax) and can be set by the user with --local-max-addr-scope.

type BandwidthQDisc added in v1.16.0

type BandwidthQDisc struct {
	LinkIndex int               // Interface index
	LinkName  string            // Interface name (purely informative)
	FqHorizon time.Duration     // Maximum allowed departure time
	FqBuckets uint32            // Hash table size for flow lookup (2^FqBuckets)
	Status    reconciler.Status // Reconciliation status
}

BandwidthQDisc defines the desired state for a qdisc. Used by Bandwidth Manager to setup the correct queueing disciplines on the native devices to enforce bandwidth limits.

func (*BandwidthQDisc) Clone added in v1.16.0

func (dq *BandwidthQDisc) Clone() *BandwidthQDisc

func (*BandwidthQDisc) GetStatus added in v1.16.0

func (dq *BandwidthQDisc) GetStatus() reconciler.Status

func (*BandwidthQDisc) SetStatus added in v1.16.0

func (dq *BandwidthQDisc) SetStatus(s reconciler.Status) *BandwidthQDisc

func (*BandwidthQDisc) TableHeader added in v1.16.0

func (dq *BandwidthQDisc) TableHeader() []string

func (*BandwidthQDisc) TableRow added in v1.16.0

func (dq *BandwidthQDisc) TableRow() []string

type Device

type Device struct {
	Index        int             // positive integer that starts at one, zero is never used
	MTU          int             // maximum transmission unit
	Name         string          // e.g., "en0", "lo0", "eth0.100"
	HardwareAddr HardwareAddr    // IEEE MAC-48, EUI-48 and EUI-64 form
	Flags        net.Flags       // e.g. net.FlagUp, net.eFlagLoopback, net.FlagMulticast
	Addrs        []DeviceAddress // Addresses assigned to the device
	RawFlags     uint32          // Raw interface flags
	Type         string          // Device type, e.g. "veth" etc.
	MasterIndex  int             // Index of the master device (e.g. bridge or bonding device)

	Selected          bool   // True if this is an external facing device
	NotSelectedReason string // Reason why this device was not selected
}

Device is a local network device along with addresses associated with it.

The devices that are selected are the external facing native devices that Cilium will use with features such as load-balancing, host firewall and routing. For the selection logic applied see 'pkg/datapath/linux/devices_controller.go'.

func SelectedDevices

func SelectedDevices(tbl statedb.Table[*Device], txn statedb.ReadTxn) ([]*Device, <-chan struct{})

SelectedDevices returns the external facing network devices to use for load-balancing, host firewall and routing.

The invalidated channel is closed when devices have changed and should be requeried with a new transaction.

func (*Device) DeepCopy

func (d *Device) DeepCopy() *Device

func (*Device) HasIP

func (d *Device) HasIP(ip net.IP) bool

func (*Device) TableHeader added in v1.15.0

func (*Device) TableHeader() []string

func (*Device) TableRow added in v1.15.0

func (d *Device) TableRow() []string

type DeviceAddress

type DeviceAddress struct {
	Addr      netip.Addr
	Secondary bool
	Scope     RouteScope // Address scope, e.g. RT_SCOPE_LINK, RT_SCOPE_HOST etc.
}

func SortedAddresses added in v1.15.5

func SortedAddresses(addrs []DeviceAddress) []DeviceAddress

sortedAddresses returns a copy of the addresses sorted by following predicates (first predicate matching in this order wins): - Primary (e.g. !IFA_F_SECONDARY) - Scope, with lower scope going first (e.g. UNIVERSE before LINK) - Public addresses before private (e.g. 1.2.3.4 before 192.168.1.1) - By address itself (192.168.1.1 before 192.168.1.2)

The sorting order affects which address is marked 'Primary' and which is picked as the 'NodePort' address (when --nodeport-addresses is not specified).

func (*DeviceAddress) AsIP

func (d *DeviceAddress) AsIP() net.IP

func (*DeviceAddress) String added in v1.15.5

func (d *DeviceAddress) String() string

type HardwareAddr added in v1.15.0

type HardwareAddr []byte

HardwareAddr is the physical address for a network device. Defined here instead of using net.HardwareAddr for proper JSON marshalling.

func (HardwareAddr) MarshalJSON added in v1.15.0

func (a HardwareAddr) MarshalJSON() ([]byte, error)

func (HardwareAddr) String added in v1.15.0

func (a HardwareAddr) String() string

func (*HardwareAddr) UnmarshalJSON added in v1.16.0

func (a *HardwareAddr) UnmarshalJSON(bs []byte) error

type IPSetEntry added in v1.16.0

type IPSetEntry struct {
	Name   string
	Family string
	Addr   netip.Addr

	Status reconciler.Status
}

func (*IPSetEntry) Clone added in v1.16.0

func (s *IPSetEntry) Clone() *IPSetEntry

func (*IPSetEntry) GetStatus added in v1.16.0

func (s *IPSetEntry) GetStatus() reconciler.Status

func (*IPSetEntry) SetStatus added in v1.16.0

func (s *IPSetEntry) SetStatus(newStatus reconciler.Status) *IPSetEntry

func (*IPSetEntry) TableHeader added in v1.16.0

func (s *IPSetEntry) TableHeader() []string

func (*IPSetEntry) TableRow added in v1.16.0

func (s *IPSetEntry) TableRow() []string

type IPSetEntryKey added in v1.16.0

type IPSetEntryKey struct {
	Name string
	Addr netip.Addr
}

func (IPSetEntryKey) Key added in v1.16.0

func (k IPSetEntryKey) Key() index.Key

type L2AnnounceEntry

type L2AnnounceEntry struct {
	L2AnnounceKey

	// The key of the services for which this proxy entry was added
	Origins []resource.Key
}

func (*L2AnnounceEntry) DeepCopy

func (pne *L2AnnounceEntry) DeepCopy() *L2AnnounceEntry

func (*L2AnnounceEntry) TableHeader added in v1.15.0

func (*L2AnnounceEntry) TableHeader() []string

func (*L2AnnounceEntry) TableRow added in v1.15.0

func (e *L2AnnounceEntry) TableRow() []string

type L2AnnounceKey

type L2AnnounceKey struct {
	// IP and network interface are the primary key of this entry
	IP               netip.Addr
	NetworkInterface string
}

func (L2AnnounceKey) Key

func (k L2AnnounceKey) Key() index.Key

type NodeAddress added in v1.15.0

type NodeAddress struct {
	Addr netip.Addr

	// NodePort is true if this address is to be used for NodePort.
	// If --nodeport-addresses is set, then all addresses on native
	// devices that are contained within the specified CIDRs are chosen.
	// If it is not set, then only the primary IPv4 and/or IPv6 address
	// of each native device is used.
	NodePort bool

	// Primary is true if this is the primary IPv4 or IPv6 address of this device.
	// This is mainly used to pick the address for BPF masquerading.
	Primary bool

	// DeviceName is the name of the network device from which this address
	// is derived from.
	DeviceName string
}

NodeAddress is an IP address assigned to a network interface on a Cilium node that is considered a "host" IP address.

func (NodeAddress) GetAddr added in v1.16.0

func (n NodeAddress) GetAddr() netip.Addr

GetAddr returns the address. Useful when mapping over NodeAddress's with e.g. statedb.Map.

func (*NodeAddress) IP added in v1.15.0

func (n *NodeAddress) IP() net.IP

func (*NodeAddress) String added in v1.15.0

func (n *NodeAddress) String() string

func (NodeAddress) TableHeader added in v1.15.0

func (n NodeAddress) TableHeader() []string

func (NodeAddress) TableRow added in v1.15.0

func (n NodeAddress) TableRow() []string

type NodeAddressConfig added in v1.15.0

type NodeAddressConfig struct {
	NodePortAddresses []*cidr.CIDR `mapstructure:"nodeport-addresses"`
}

func (NodeAddressConfig) Flags added in v1.15.0

func (NodeAddressConfig) Flags(flags *pflag.FlagSet)

type NodeAddressKey added in v1.16.0

type NodeAddressKey struct {
	Addr       netip.Addr
	DeviceName string
}

func (NodeAddressKey) Key added in v1.16.0

func (k NodeAddressKey) Key() index.Key

type Route

type Route struct {
	Table     RouteTable
	LinkIndex int

	Scope uint8
	Dst   netip.Prefix
	Src   netip.Addr
	Gw    netip.Addr
}

func (*Route) DeepCopy

func (r *Route) DeepCopy() *Route

func (*Route) String

func (r *Route) String() string

func (*Route) TableHeader added in v1.15.0

func (*Route) TableHeader() []string

func (*Route) TableRow added in v1.15.0

func (r *Route) TableRow() []string

type RouteID

type RouteID struct {
	Table     RouteTable
	LinkIndex int
	Dst       netip.Prefix
}

func (RouteID) Key

func (id RouteID) Key() index.Key

type RouteScope added in v1.16.0

type RouteScope uint8

type RouteTable added in v1.16.0

type RouteTable uint32

type Sysctl added in v1.16.0

type Sysctl struct {
	Name      string
	Val       string
	IgnoreErr bool

	// Warn if non-empty is the alternative warning log message to use when IgnoreErr is false.
	Warn string

	Status reconciler.Status
}

Sysctl is the representation of a kernel sysctl parameter.

func (*Sysctl) Clone added in v1.16.0

func (s *Sysctl) Clone() *Sysctl

func (*Sysctl) GetStatus added in v1.16.0

func (s *Sysctl) GetStatus() reconciler.Status

func (*Sysctl) SetStatus added in v1.16.0

func (s *Sysctl) SetStatus(newStatus reconciler.Status) *Sysctl

func (*Sysctl) TableHeader added in v1.16.0

func (*Sysctl) TableHeader() []string

func (*Sysctl) TableRow added in v1.16.0

func (s *Sysctl) TableRow() []string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL