egressmap

package
v1.16.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 10, 2024 License: Apache-2.0 Imports: 11 Imported by: 5

Documentation

Overview

+groupName=maps

Index

Constants

View Source
const (
	PolicyMapName = "cilium_egress_gw_policy_v4"
	// PolicyStaticPrefixBits represents the size in bits of the static
	// prefix part of an egress policy key (i.e. the source IP).
	PolicyStaticPrefixBits = uint32(unsafe.Sizeof(types.IPv4{}) * 8)
)

Variables

View Source
var Cell = cell.Module(
	"egressmaps",
	"Egressmaps provide access to the egress gateway datapath maps",
	cell.Config(DefaultPolicyConfig),
	cell.Provide(createPolicyMapFromDaemonConfig),
)
View Source
var DefaultPolicyConfig = PolicyConfig{
	EgressGatewayPolicyMapMax: 1 << 14,
}

Functions

This section is empty.

Types

type EgressPolicyIterateCallback

type EgressPolicyIterateCallback func(*EgressPolicyKey4, *EgressPolicyVal4)

EgressPolicyIterateCallback represents the signature of the callback function expected by the IterateWithCallback method, which in turn is used to iterate all the keys/values of an egress policy map.

type EgressPolicyKey4

type EgressPolicyKey4 struct {
	// PrefixLen is full 32 bits of SourceIP + DestCIDR's mask bits
	PrefixLen uint32 `align:"lpm_key"`

	SourceIP types.IPv4 `align:"saddr"`
	DestCIDR types.IPv4 `align:"daddr"`
}

EgressPolicyKey4 is the key of an egress policy map.

func NewEgressPolicyKey4

func NewEgressPolicyKey4(sourceIP netip.Addr, destPrefix netip.Prefix) EgressPolicyKey4

NewEgressPolicyKey4 returns a new EgressPolicyKey4 object representing the (source IP, destination CIDR) tuple.

func (*EgressPolicyKey4) GetDestCIDR

func (k *EgressPolicyKey4) GetDestCIDR() netip.Prefix

GetDestCIDR returns the egress policy key's destination CIDR.

func (*EgressPolicyKey4) GetSourceIP

func (k *EgressPolicyKey4) GetSourceIP() netip.Addr

GetSourceIP returns the egress policy key's source IP.

func (*EgressPolicyKey4) Match

func (k *EgressPolicyKey4) Match(sourceIP netip.Addr, destCIDR netip.Prefix) bool

Match returns true if the sourceIP and destCIDR parameters match the egress policy key.

func (*EgressPolicyKey4) New added in v1.16.0

func (k *EgressPolicyKey4) New() bpf.MapKey

New returns an egress policy key

func (*EgressPolicyKey4) String added in v1.16.0

func (k *EgressPolicyKey4) String() string

String returns the string representation of an egress policy key.

type EgressPolicyVal4

type EgressPolicyVal4 struct {
	EgressIP  types.IPv4 `align:"egress_ip"`
	GatewayIP types.IPv4 `align:"gateway_ip"`
}

EgressPolicyVal4 is the value of an egress policy map.

func NewEgressPolicyVal4

func NewEgressPolicyVal4(egressIP, gatewayIP netip.Addr) EgressPolicyVal4

NewEgressPolicyVal4 returns a new EgressPolicyVal4 object representing for the given egress IP and gateway IPs

func (*EgressPolicyVal4) GetEgressAddr added in v1.15.0

func (v *EgressPolicyVal4) GetEgressAddr() netip.Addr

GetEgressIP returns the egress policy value's egress IP.

func (*EgressPolicyVal4) GetGatewayAddr added in v1.15.0

func (v *EgressPolicyVal4) GetGatewayAddr() netip.Addr

GetGatewayIP returns the egress policy value's gateway IP.

func (*EgressPolicyVal4) Match

func (v *EgressPolicyVal4) Match(egressIP, gatewayIP netip.Addr) bool

Match returns true if the egressIP and gatewayIP parameters match the egress policy value.

func (*EgressPolicyVal4) New added in v1.16.0

func (v *EgressPolicyVal4) New() bpf.MapValue

New returns an egress policy value

func (*EgressPolicyVal4) String

func (v *EgressPolicyVal4) String() string

String returns the string representation of an egress policy value.

type PolicyConfig

type PolicyConfig struct {
	// EgressGatewayPolicyMapMax is the maximum number of entries
	// allowed in the BPF egress gateway policy map.
	EgressGatewayPolicyMapMax int
}

func (PolicyConfig) Flags

func (def PolicyConfig) Flags(flags *pflag.FlagSet)

type PolicyMap

type PolicyMap interface {
	Lookup(sourceIP netip.Addr, destCIDR netip.Prefix) (*EgressPolicyVal4, error)
	Update(sourceIP netip.Addr, destCIDR netip.Prefix, egressIP, gatewayIP netip.Addr) error
	Delete(sourceIP netip.Addr, destCIDR netip.Prefix) error
	IterateWithCallback(EgressPolicyIterateCallback) error
}

PolicyMap is used to communicate EGW policies to the datapath.

func CreatePrivatePolicyMap

func CreatePrivatePolicyMap(lc cell.Lifecycle, cfg PolicyConfig) PolicyMap

CreatePrivatePolicyMap creates an unpinned policy map.

Useful for testing.

func OpenPinnedPolicyMap

func OpenPinnedPolicyMap() (PolicyMap, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL