cmd

Documentation

Index

• Constants
• Variables
• func Execute(cmd *cobra.Command)
• func InitGlobalFlags(cmd *cobra.Command, vp *viper.Viper)
• func NewAgentCmd(hfn func() *hive.Hive) *cobra.Command
• func NewDaemonCleanup() *daemonCleanup
• type Daemon
  • func (d *Daemon) AddIdentity(id *identity.Identity)
  • func (d *Daemon) BandwidthManager() datapath.BandwidthManager
  • func (d *Daemon) Close()
  • func (d *Daemon) DeleteEndpoint(id string) (int, error)
  • func (d *Daemon) DumpIPAM() *models.IPAMStatus
  • func (d *Daemon) EndpointCreated(ep *endpoint.Endpoint)
  • func (d *Daemon) EndpointDeleted(ep *endpoint.Endpoint, conf endpoint.DeleteConfig)
  • func (d *Daemon) EndpointRestored(ep *endpoint.Endpoint)
  • func (d *Daemon) EndpointUpdate(id string, cfg *models.EndpointConfigurationSpec) error
  • func (d *Daemon) GetCompilationLock() datapath.CompilationLock
  • func (d *Daemon) GetDNSRules(epID uint16) restore.DNSRules
  • func (d *Daemon) GetPolicyRepository() policy.PolicyRepository
  • func (d *Daemon) IPTablesManager() datapath.IptablesManager
  • func (d *Daemon) Loader() datapath.Loader
  • func (d *Daemon) Orchestrator() datapath.Orchestrator
  • func (d *Daemon) QueueEndpointBuild(ctx context.Context, epID uint64) (func(), error)
  • func (d *Daemon) RemoveIdentity(id *identity.Identity)
  • func (d *Daemon) RemoveOldAddNewIdentity(old, new *identity.Identity)
  • func (d *Daemon) RemoveRestoredDNSRules(epID uint16)
  • func (d *Daemon) SendNotification(notification monitorAPI.AgentNotifyMessage) error
  • func (d *Daemon) WaitForEndpointRestore(ctx context.Context) error
  • func (d *Daemon) WaitForInitialPolicy(ctx context.Context) error
• type DaemonInterface
• type EndpointMapManager
  • func (e *EndpointMapManager) RemoveDatapathMapping(endpointID uint16) error
  • func (e *EndpointMapManager) RemoveMapPath(path string)
• type ServiceInterface

Constants

const (
	// AutoCIDR indicates that a CIDR should be allocated
	AutoCIDR = "auto"
)

Variables

var (
	Agent = cell.Module(
		"agent",
		"Cilium Agent",

		Infrastructure,
		ControlPlane,
		datapath.Cell,
	)

	// Infrastructure provides access and services to the outside.
	// A cell should live here instead of ControlPlane if it is not needed by
	// integrations tests, or needs to be mocked.
	Infrastructure = cell.Module(
		"infra",
		"Infrastructure",

		pprof.Cell(pprofConfig),

		gops.Cell(defaults.EnableGops, defaults.GopsPortAgent),

		k8sClient.Cell,

		cni.Cell,

		metrics.Cell,

		metricsmap.Cell,

		ratelimitmap.Cell,

		cell.Provide(func() *option.DaemonConfig { return option.Config }),

		server.Cell,
		cell.Invoke(configureAPIServer),

		cell.Provide(ciliumAPIHandlers),

		deletionQueueCell,

		store.Cell,

		cell.Provide(func() k8sSynced.CRDSyncResourceNames { return k8sSynced.AgentCRDResourceNames() }),

		k8sSynced.CRDSyncCell,

		shellCell,
	)

	// ControlPlane implement the per-node control functions. These are pure
	// business logic and depend on datapath or infrastructure to perform
	// actions. This separation enables non-privileged integration testing of
	// the control-plane.
	ControlPlane = cell.Module(
		"controlplane",
		"Control Plane",

		node.LocalNodeStoreCell,

		cell.Provide(newLocalNodeSynchronizer),

		controller.Cell,

		agentK8s.ResourcesCell,

		agentK8s.TablesCell,

		k8sSynced.Cell,

		identitymanager.Cell,

		endpointmanager.Cell,

		endpointcleanup.Cell,

		nodeManager.Cell,

		certificatemanager.Cell,

		server.SpecCell,

		healthApi.SpecCell,

		daemonCell,

		maglev.Cell,

		loadbalancer_experimental.Cell,

		redirectpolicy_experimental.Cell,

		service.Cell,

		proxy.Cell,

		envoy.Cell,

		ciliumenvoyconfig.Cell,

		restapi.Cell,

		bgpv1.Cell,

		signal.Cell,

		auth.Cell,

		identity.Cell,

		ipcache.Cell,

		ipamcell.Cell,

		egressgateway.Cell,

		k8s.ServiceCacheCell,

		policy.Cell,

		policyK8s.Cell,

		policyDirectory.Cell,

		cell.Config(cmtypes.DefaultClusterInfo),
		clustermesh.Cell,

		l2announcer.Cell,

		endpoint.RegeneratorCell,

		redirectpolicy.Cell,

		nodediscovery.Cell,

		cgroup.Cell,

		natStats.Cell,

		dial.ServiceResolverCell,

		watchers.Cell,

		recorder.Cell,

		dynamicconfig.Cell,

		dynamiclifecycle.Cell,

		driftchecker.Cell,

		hubble.Cell,

		features.Cell,

		source.Cell,

		namemanager.Cell,
	)
)

Functions

func Execute

func Execute(cmd *cobra.Command)

func InitGlobalFlags

func InitGlobalFlags(cmd *cobra.Command, vp *viper.Viper)

func NewAgentCmd

func NewAgentCmd(hfn func() *hive.Hive) *cobra.Command

func NewDaemonCleanup

func NewDaemonCleanup() *daemonCleanup

Types

type Daemon

type Daemon struct {
	// contains filtered or unexported fields
}

Daemon is the cilium daemon that is in charge of perform all necessary plumbing, monitoring when a LXC starts.

func (*Daemon) AddIdentity

func (d *Daemon) AddIdentity(id *identity.Identity)

func (*Daemon) BandwidthManager

func (d *Daemon) BandwidthManager() datapath.BandwidthManager

BandwidthManager returns a reference to the bandwidth manager implementation.

func (*Daemon) Close

func (d *Daemon) Close()

Close shuts down a daemon

func (*Daemon) DeleteEndpoint

func (d *Daemon) DeleteEndpoint(id string) (int, error)

func (*Daemon) DumpIPAM

func (d *Daemon) DumpIPAM() *models.IPAMStatus

DumpIPAM dumps in the form of a map, the list of reserved IPv4 and IPv6 addresses.

func (*Daemon) EndpointCreated

func (d *Daemon) EndpointCreated(ep *endpoint.Endpoint)

EndpointCreated is a callback to satisfy EndpointManager.Subscriber, allowing the EndpointManager to be the primary implementer of the core endpoint management functionality while deferring other responsibilities to the daemon.

It is called after Daemon calls into d.endpointManager.AddEndpoint().

func (*Daemon) EndpointDeleted

func (d *Daemon) EndpointDeleted(ep *endpoint.Endpoint, conf endpoint.DeleteConfig)

EndpointDeleted is a callback to satisfy EndpointManager.Subscriber, which works around the difficulties in initializing various subsystems involved in managing endpoints, such as the EndpointManager, IPAM and the Monitor.

It is called after Daemon calls into d.endpointManager.RemoveEndpoint().

func (*Daemon) EndpointRestored

func (d *Daemon) EndpointRestored(ep *endpoint.Endpoint)

EndpointRestored implements endpointmanager.Subscriber.

func (*Daemon) EndpointUpdate

func (d *Daemon) EndpointUpdate(id string, cfg *models.EndpointConfigurationSpec) error

EndpointUpdate updates the options of the given endpoint and regenerates the endpoint

func (*Daemon) GetCompilationLock

func (d *Daemon) GetCompilationLock() datapath.CompilationLock

GetCompilationLock returns the mutex responsible for synchronizing compilation of BPF programs.

func (*Daemon) GetDNSRules

func (d *Daemon) GetDNSRules(epID uint16) restore.DNSRules

func (*Daemon) GetPolicyRepository

func (d *Daemon) GetPolicyRepository() policy.PolicyRepository

GetPolicyRepository returns the policy repository of the daemon

func (*Daemon) IPTablesManager

func (d *Daemon) IPTablesManager() datapath.IptablesManager

func (*Daemon) Loader

func (d *Daemon) Loader() datapath.Loader

Loader returns a reference to the loader implementation.

func (*Daemon) Orchestrator

func (d *Daemon) Orchestrator() datapath.Orchestrator

Orchestrator returns a reference to the orchestrator implementation.

func (*Daemon) QueueEndpointBuild

func (d *Daemon) QueueEndpointBuild(ctx context.Context, epID uint64) (func(), error)

QueueEndpointBuild waits for a "build permit" for the endpoint identified by 'epID'. This function blocks until the endpoint can start building. The returned function must then be called to release the "build permit" when the most resource intensive parts of the build are done. The returned function is idempotent, so it may be called more than once. Returns a nil function if the caller should NOT start building the endpoint. This may happen due to a build being queued for the endpoint already, or due to the wait for the build permit being canceled. The latter case happens when the endpoint is being deleted. Returns an error if the build permit could not be acquired.

func (*Daemon) RemoveIdentity

func (d *Daemon) RemoveIdentity(id *identity.Identity)

func (*Daemon) RemoveOldAddNewIdentity

func (d *Daemon) RemoveOldAddNewIdentity(old, new *identity.Identity)

func (*Daemon) RemoveRestoredDNSRules

func (d *Daemon) RemoveRestoredDNSRules(epID uint16)

func (*Daemon) SendNotification

func (d *Daemon) SendNotification(notification monitorAPI.AgentNotifyMessage) error

SendNotification sends an agent notification to the monitor

func (*Daemon) WaitForEndpointRestore

func (d *Daemon) WaitForEndpointRestore(ctx context.Context) error

func (*Daemon) WaitForInitialPolicy

func (d *Daemon) WaitForInitialPolicy(ctx context.Context) error

type DaemonInterface

type DaemonInterface interface {
	// contains filtered or unexported methods
}

DaemonInterface to help with testing.

type EndpointMapManager

type EndpointMapManager struct {
	endpointmanager.EndpointManager
}

EndpointMapManager is a wrapper around an endpointmanager as well as the filesystem for removing maps related to endpoints from the filesystem.

func (*EndpointMapManager) RemoveDatapathMapping

func (e *EndpointMapManager) RemoveDatapathMapping(endpointID uint16) error

RemoveDatapathMapping unlinks the endpointID from the global policy map, preventing packets that arrive on this node from being forwarded to the endpoint that used to exist with the specified ID.

func (*EndpointMapManager) RemoveMapPath

func (e *EndpointMapManager) RemoveMapPath(path string)

RemoveMapPath removes the specified path from the filesystem.

type ServiceInterface

type ServiceInterface interface {
	GetLastUpdatedTs() time.Time
	GetCurrentTs() time.Time
}

ServiceInterface to help with testing.