Documentation
¶
Index ¶
- func ComputeFailureExceptions(defaultExceptions, inputExceptions []string) []string
- type Feature
- type IPFamily
- type Requirement
- type Set
- func (fs Set) DeriveFeatures() error
- func (fs Set) ExtractFromConfigMap(cm *v1.ConfigMap)
- func (fs Set) ExtractFromNodes(perf bool, nodesWithoutCilium map[string]struct{})
- func (fs Set) ExtractFromVersionedConfigMap(ciliumVersion semver.Version, cm *v1.ConfigMap)
- func (fs Set) IPFamilies() []IPFamily
- func (fs Set) MatchRequirements(reqs ...Requirement) (bool, string)
- type Status
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ComputeFailureExceptions ¶
ComputeFailureExceptions computes a list of failure exceptions for various tests, from a default list of exceptions and a diff given via a CLI flag. The diff is given as a list of exceptions, with optional leading +/- signs. A minus sign means the exception should be removed from the defaults; a plus sign means the exception should be added to the defaults. If there are neither minus nor plus signs, then the given exceptions are used directly without considering the defaults. See the unit tests for examples.
Types ¶
type Feature ¶
type Feature string
Feature is the name of a Cilium Feature (e.g. l7-proxy, cni chaining mode etc)
const ( CNIChaining Feature = "cni-chaining" MonitorAggregation Feature = "monitor-aggregation" L7Proxy Feature = "l7-proxy" HostFirewall Feature = "host-firewall" ICMPPolicy Feature = "icmp-policy" PortRanges Feature = "port-ranges" L7PortRanges Feature = "l7-port-ranges" Tunnel Feature = "tunnel" EndpointRoutes Feature = "endpoint-routes" KPRMode Feature = "kpr-mode" KPRExternalIPs Feature = "kpr-external-ips" KPRGracefulTermination Feature = "kpr-graceful-termination" KPRHostPort Feature = "kpr-hostport" KPRSocketLB Feature = "kpr-socket-lb" KPRSocketLBHostnsOnly Feature = "kpr-socket-lb-hostns-only" KPRNodePort Feature = "kpr-nodeport" KPRNodePortAcceleration Feature = "kpr-nodeport-acceleration" KPRSessionAffinity Feature = "kpr-session-affinity" BPFLBExternalClusterIP Feature = "bpf-lb-external-clusterip" HostPort Feature = "host-port" NodeWithoutCilium Feature = "node-without-cilium" HealthChecking Feature = "health-checking" EncryptionPod Feature = "encryption-pod" EncryptionNode Feature = "encryption-node" EncryptionStrictMode Feature = "enable-encryption-strict-mode" IPv4 Feature = "ipv4" IPv6 Feature = "ipv6" Flavor Feature = "flavor" // PolicySecretsOnlyFromSecretsNamespace sets if Cilium will look only // in the configured secrets namespace for Policy Secrets, or if it will look // in the entire cluster. // // If it's `true`, then Cilium will only read Secrets from the configured namespace. // // If it's `false`, then the Cilium agent will be granted Read access to _all_ Secrets // in the cluster. // // This feature replaces the existing `tls.secretsBackend: k8s` one. SecretsBackend // will be removed in a future release. // // This feature has Helm automation to mirror the setting of secretsBackend in the meantime. PolicySecretsOnlyFromSecretsNamespace Feature = "policy-secrets-only-from-secrets-namespace" // PolicySecretSync controls whether the Cilium Operator will synchronize Secrets referenced // in Network Policy into the configured Secrets namespace. // // This has important interactions with PolicySecretSync Feature = "enable-policy-secrets-sync" // For connectivity tests, we only care if Secrets can be read from the cluster // _somehow_, whether that is via direct read or secret sync is not important. // So, this feature tracks if we can read Policy secrets _somehow_. PolicySecretsReadable Feature = "policy-secrets-readable" CNP Feature = "cilium-network-policy" CCNP Feature = "cilium-clusterwide-network-policy" KNP Feature = "k8s-network-policy" // Whether or not CIDR selectors can match node IPs CIDRMatchNodes Feature = "cidr-match-nodes" AuthSpiffe Feature = "mutual-auth-spiffe" IngressController Feature = "ingress-controller" EgressGateway Feature = "enable-ipv4-egress-gateway" GatewayAPI Feature = "enable-gateway-api" EnableEnvoyConfig Feature = "enable-envoy-config" WireguardEncapsulate Feature = "wireguard-encapsulate" CiliumIPAMMode Feature = "ipam" IPsecEnabled Feature = "enable-ipsec" ClusterMeshEnableEndpointSync Feature = "clustermesh-enable-endpoint-sync" LocalRedirectPolicy Feature = "enable-local-redirect-policy" BGPControlPlane Feature = "enable-bgp-control-plane" NodeLocalDNS Feature = "node-local-dns" Multicast Feature = "multicast-enabled" )
type IPFamily ¶
type IPFamily int
func GetIPFamilies ¶
GetIPFamilies function converts string slice to IPFamily slice.
func GetIPFamily ¶
func NewIPFamily ¶
NewIPFamily is a factory function that consumes string and returns IPFamily.
type Requirement ¶
type Requirement struct {
Feature Feature
// contains filtered or unexported fields
}
Requirement defines a test requirement. A given Set may or may not satisfy this requirement
func RequireDisabled ¶
func RequireDisabled(feature Feature) Requirement
RequireDisabled constructs a Requirement which expects the Feature to be disabled
func RequireEnabled ¶
func RequireEnabled(feature Feature) Requirement
RequireEnabled constructs a Requirement which expects the Feature to be enabled
func RequireMode ¶
func RequireMode(feature Feature, mode string) Requirement
RequireMode constructs a Requirement which expects the Feature to be in the given mode
func RequireModeIsNot ¶
func RequireModeIsNot(feature Feature, mode string) Requirement
RequiredModeIsNot constructs a Requirement which expects the Feature to not be in the given mode
When evaluating a set of requirements with MatchRequirements, having a RequireMode requirement of the same feature and mode will cause conflicting results.
type Set ¶
Set contains the Status of a collection of Features.
func (Set) DeriveFeatures ¶
deriveFeatures derives additional features based on the status of other features
func (Set) ExtractFromConfigMap ¶
ExtractFromConfigMap extracts features from the Cilium ConfigMap. Note that there is no rule regarding if the default value is reflected in the ConfigMap or not.
func (Set) ExtractFromNodes ¶
func (Set) ExtractFromVersionedConfigMap ¶
ExtractFromVersionedConfigMap extracts features based on Cilium version and cilium-config ConfigMap.
func (Set) IPFamilies ¶
IPFamilies returns the list of enabled IP families.
func (Set) MatchRequirements ¶
func (fs Set) MatchRequirements(reqs ...Requirement) (bool, string)
MatchRequirements returns true if the Set fs satisfies all the requirements in reqs. Returns true for empty requirements list.
type Status ¶
Status describes the status of a Feature. Some features are either turned on or off (c.f. Enabled), while others additionally might include a Mode string which provides more information about in what mode a particular Feature is running ((e.g. when running with CNI chaining, Enabled will be true, and the Mode string will additionally contain the name of the chained CNI).
func ExtractL7PortRanges ¶
func ExtractL7PortRanges(ciliumVersion semver.Version) Status
func ExtractPortRanges ¶
func ExtractPortRanges(ciliumVersion semver.Version) Status
Source Files