Documentation ¶
Index ¶
- Constants
- Variables
- func CustomCommandHelpFormat(appCmd *cobra.Command, customtemplate []option.FlagsSection)
- func CustomCommandHelpTemplate(orig string, cmd *cobra.Command, sections []option.FlagsSection) string
- func Execute()
- func NewDeleteEndpointIDHandler(d *Daemon) DeleteEndpointIDHandler
- func NewDeleteFqdnCacheHandler(d *Daemon) DeleteFqdnCacheHandler
- func NewDeleteIPAMIPHandler(d *Daemon) ipamapi.DeleteIpamIPHandler
- func NewDeletePrefilterHandler(d *Daemon) DeletePrefilterHandler
- func NewDeleteServiceIDHandler(svc *service.Service) DeleteServiceIDHandler
- func NewGetClusterNodesHandler(d *Daemon) GetClusterNodesHandler
- func NewGetConfigHandler(d *Daemon) GetConfigHandler
- func NewGetDebugInfoHandler(d *Daemon) restapi.GetDebuginfoHandler
- func NewGetEndpointHandler(d *Daemon) GetEndpointHandler
- func NewGetEndpointIDConfigHandler(d *Daemon) GetEndpointIDConfigHandler
- func NewGetEndpointIDHandler(d *Daemon) GetEndpointIDHandler
- func NewGetEndpointIDHealthzHandler(d *Daemon) GetEndpointIDHealthzHandler
- func NewGetEndpointIDLabelsHandler(d *Daemon) GetEndpointIDLabelsHandler
- func NewGetEndpointIDLogHandler(d *Daemon) GetEndpointIDLogHandler
- func NewGetFqdnCacheHandler(d *Daemon) GetFqdnCacheHandler
- func NewGetFqdnCacheIDHandler(d *Daemon) GetFqdnCacheIDHandler
- func NewGetFqdnNamesHandler(d *Daemon) GetFqdnNamesHandler
- func NewGetHealthzHandler(d *Daemon) GetHealthzHandler
- func NewGetIPHandler() GetIPHandler
- func NewGetMapHandler(d *Daemon) restapi.GetMapHandler
- func NewGetMapNameHandler(d *Daemon) restapi.GetMapNameHandler
- func NewGetMetricsHandler(d *Daemon) restapi.GetMetricsHandler
- func NewGetPolicyResolveHandler(d *Daemon) GetPolicyResolveHandler
- func NewGetPrefilterHandler(d *Daemon) GetPrefilterHandler
- func NewGetServiceHandler(svc *service.Service) GetServiceHandler
- func NewGetServiceIDHandler(svc *service.Service) GetServiceIDHandler
- func NewPatchConfigHandler(d *Daemon) PatchConfigHandler
- func NewPatchEndpointIDConfigHandler(d *Daemon) PatchEndpointIDConfigHandler
- func NewPatchEndpointIDHandler(d *Daemon) PatchEndpointIDHandler
- func NewPatchEndpointIDLabelsHandler(d *Daemon) PatchEndpointIDLabelsHandler
- func NewPatchPrefilterHandler(d *Daemon) PatchPrefilterHandler
- func NewPostIPAMHandler(d *Daemon) ipamapi.PostIpamHandler
- func NewPostIPAMIPHandler(d *Daemon) ipamapi.PostIpamIPHandler
- func NewPutEndpointIDHandler(d *Daemon) PutEndpointIDHandler
- func NewPutServiceIDHandler(svc *service.Service) PutServiceIDHandler
- func ResetHelpandExit(appCmd *cobra.Command)
- func WithCustomEndpointManager(s endpointmanager.EndpointResourceSynchronizer) *endpointmanager.EndpointManager
- func WithDefaultEndpointManager() *endpointmanager.EndpointManager
- type Daemon
- func (d *Daemon) Close()
- func (d *Daemon) Datapath() datapath.Datapath
- func (d *Daemon) DebugEnabled() bool
- func (d *Daemon) DeleteEndpoint(id string) (int, error)
- func (d *Daemon) DumpIPAM() *models.IPAMStatus
- func (d *Daemon) EndpointUpdate(id string, cfg *models.EndpointConfigurationSpec) error
- func (d *Daemon) GetCIDRPrefixLengths() (s6, s4 []int)
- func (d *Daemon) GetCompilationLock() *lock.RWMutex
- func (d *Daemon) GetEndpointInfo(ip net.IP) (endpoint v1.EndpointInfo, ok bool)
- func (d *Daemon) GetIdentity(securityIdentity uint32) (*models.Identity, error)
- func (d *Daemon) GetK8sMetadata(ip net.IP) *ipcache.K8sMetadata
- func (d *Daemon) GetK8sStore(name string) k8scache.Store
- func (d *Daemon) GetNamesOf(sourceEpID uint32, ip net.IP) []string
- func (d *Daemon) GetNodeSuffix() string
- func (d *Daemon) GetOptions() *option.IntOptions
- func (d *Daemon) GetPolicyRepository() *policy.Repository
- func (d *Daemon) GetServiceByAddr(ip net.IP, port uint16) (flowpb.Service, bool)
- func (d *Daemon) LocalConfig() *datapath.LocalNodeConfiguration
- func (d *Daemon) LookupSecIDByIP(ip net.IP) (id ipcache.Identity, ok bool)
- func (d *Daemon) NewProxyLogRecord(l *logger.LogRecord) error
- func (d *Daemon) NotifyMonitorDeleted(ep *endpoint.Endpoint)
- func (d *Daemon) PolicyAdd(rules policyAPI.Rules, opts *policy.AddOptions) (newRev uint64, err error)
- func (d *Daemon) PolicyDelete(labels labels.LabelArray) (newRev uint64, err error)
- func (d *Daemon) QueueEndpointBuild(ctx context.Context, epID uint64) (func(), error)
- func (d *Daemon) SendNotification(typ monitorAPI.AgentNotification, text string) error
- func (d *Daemon) SetPrefilter(preFilter datapath.PreFilter)
- func (d *Daemon) TriggerPolicyUpdates(force bool, reason string)
- func (d *Daemon) TriggerReloadWithoutCompile(reason string) (*sync.WaitGroup, error)
- func (d *Daemon) UpdateIdentities(added, deleted cache.IdentityCache)
- type EndpointMapManager
- type PolicyAddEvent
- type PolicyAddResult
- type PolicyDeleteEvent
- type PolicyDeleteResult
- type PolicyReactionEvent
Constants ¶
const (
// AutoCIDR indicates that a CIDR should be allocated
AutoCIDR = "auto"
)
Variables ¶
var ( // RootCmd represents the base command when called without any subcommands RootCmd = &cobra.Command{ Use: "cilium-agent", Short: "Run the cilium agent", Run: func(cmd *cobra.Command, args []string) { cmdRefDir := viper.GetString(option.CMDRef) if cmdRefDir != "" { genMarkdown(cmd, cmdRefDir) os.Exit(0) } if err := gops.Listen(gops.Options{}); err != nil { errorString := fmt.Sprintf("unable to start gops: %s", err) fmt.Println(errorString) os.Exit(-1) } bootstrapStats.earlyInit.Start() initEnv(cmd) bootstrapStats.earlyInit.End(true) runDaemon() }, } )
Functions ¶
func CustomCommandHelpFormat ¶ added in v1.8.0
func CustomCommandHelpFormat(appCmd *cobra.Command, customtemplate []option.FlagsSection)
CustomCommandHelp is a function which sets the Usage Template for any command by providing separation of sections for the 'Flags:'.
func CustomCommandHelpTemplate ¶ added in v1.8.0
func CustomCommandHelpTemplate(orig string, cmd *cobra.Command, sections []option.FlagsSection) string
CommandCustomHelpTemplate provides a custom Help template for any command
func Execute ¶
func Execute()
Execute sets up gops, installs the cleanup signal handler and invokes the root command. This function only returns when an interrupt signal has been received. This is intended to be called by main.main().
func NewDeleteEndpointIDHandler ¶ added in v1.8.0
func NewDeleteEndpointIDHandler(d *Daemon) DeleteEndpointIDHandler
func NewDeleteFqdnCacheHandler ¶ added in v1.8.0
func NewDeleteFqdnCacheHandler(d *Daemon) DeleteFqdnCacheHandler
func NewDeleteIPAMIPHandler ¶ added in v1.8.0
func NewDeleteIPAMIPHandler(d *Daemon) ipamapi.DeleteIpamIPHandler
NewDeleteIPAMIPHandler handle incoming requests to delete addresses.
func NewDeletePrefilterHandler ¶ added in v1.8.0
func NewDeletePrefilterHandler(d *Daemon) DeletePrefilterHandler
NewDeletePrefilterHandler returns new patch handler for api
func NewDeleteServiceIDHandler ¶ added in v1.8.0
func NewGetClusterNodesHandler ¶
func NewGetClusterNodesHandler(d *Daemon) GetClusterNodesHandler
func NewGetConfigHandler ¶ added in v1.8.0
func NewGetConfigHandler(d *Daemon) GetConfigHandler
func NewGetDebugInfoHandler ¶ added in v1.8.0
func NewGetDebugInfoHandler(d *Daemon) restapi.GetDebuginfoHandler
NewGetDebugInfoHandler returns the debug info endpoint handler for the agent
func NewGetEndpointHandler ¶ added in v1.8.0
func NewGetEndpointHandler(d *Daemon) GetEndpointHandler
func NewGetEndpointIDConfigHandler ¶ added in v1.8.0
func NewGetEndpointIDConfigHandler(d *Daemon) GetEndpointIDConfigHandler
func NewGetEndpointIDHandler ¶ added in v1.8.0
func NewGetEndpointIDHandler(d *Daemon) GetEndpointIDHandler
func NewGetEndpointIDHealthzHandler ¶ added in v1.8.0
func NewGetEndpointIDHealthzHandler(d *Daemon) GetEndpointIDHealthzHandler
func NewGetEndpointIDLabelsHandler ¶ added in v1.8.0
func NewGetEndpointIDLabelsHandler(d *Daemon) GetEndpointIDLabelsHandler
func NewGetEndpointIDLogHandler ¶ added in v1.8.0
func NewGetEndpointIDLogHandler(d *Daemon) GetEndpointIDLogHandler
func NewGetFqdnCacheHandler ¶ added in v1.8.0
func NewGetFqdnCacheHandler(d *Daemon) GetFqdnCacheHandler
func NewGetFqdnCacheIDHandler ¶ added in v1.8.0
func NewGetFqdnCacheIDHandler(d *Daemon) GetFqdnCacheIDHandler
func NewGetFqdnNamesHandler ¶ added in v1.8.0
func NewGetFqdnNamesHandler(d *Daemon) GetFqdnNamesHandler
func NewGetHealthzHandler ¶ added in v1.8.0
func NewGetHealthzHandler(d *Daemon) GetHealthzHandler
func NewGetIPHandler ¶ added in v1.8.0
func NewGetIPHandler() GetIPHandler
NewGetIPHandler for the global IP cache
func NewGetMapHandler ¶ added in v1.8.0
func NewGetMapHandler(d *Daemon) restapi.GetMapHandler
func NewGetMapNameHandler ¶ added in v1.8.0
func NewGetMapNameHandler(d *Daemon) restapi.GetMapNameHandler
func NewGetMetricsHandler ¶ added in v1.8.0
func NewGetMetricsHandler(d *Daemon) restapi.GetMetricsHandler
NewGetMetricsHandler returns the metrics handler
func NewGetPolicyResolveHandler ¶ added in v1.8.0
func NewGetPolicyResolveHandler(d *Daemon) GetPolicyResolveHandler
func NewGetPrefilterHandler ¶ added in v1.8.0
func NewGetPrefilterHandler(d *Daemon) GetPrefilterHandler
NewGetPrefilterHandler returns new get handler for api
func NewGetServiceHandler ¶ added in v1.8.0
func NewGetServiceIDHandler ¶ added in v1.8.0
func NewPatchConfigHandler ¶ added in v1.8.0
func NewPatchConfigHandler(d *Daemon) PatchConfigHandler
func NewPatchEndpointIDConfigHandler ¶ added in v1.8.0
func NewPatchEndpointIDConfigHandler(d *Daemon) PatchEndpointIDConfigHandler
func NewPatchEndpointIDHandler ¶ added in v1.8.0
func NewPatchEndpointIDHandler(d *Daemon) PatchEndpointIDHandler
func NewPatchEndpointIDLabelsHandler ¶ added in v1.8.0
func NewPatchEndpointIDLabelsHandler(d *Daemon) PatchEndpointIDLabelsHandler
func NewPatchPrefilterHandler ¶ added in v1.8.0
func NewPatchPrefilterHandler(d *Daemon) PatchPrefilterHandler
NewPatchPrefilterHandler returns new patch handler for api
func NewPostIPAMHandler ¶ added in v1.8.0
func NewPostIPAMHandler(d *Daemon) ipamapi.PostIpamHandler
NewPostIPAMHandler creates a new postIPAM from the daemon.
func NewPostIPAMIPHandler ¶ added in v1.8.0
func NewPostIPAMIPHandler(d *Daemon) ipamapi.PostIpamIPHandler
NewPostIPAMIPHandler creates a new postIPAM from the daemon.
func NewPutEndpointIDHandler ¶ added in v1.8.0
func NewPutEndpointIDHandler(d *Daemon) PutEndpointIDHandler
func NewPutServiceIDHandler ¶ added in v1.8.0
func ResetHelpandExit ¶ added in v1.8.0
Reset the help function to also exit, as we block elsewhere in interrupts and would not exit when called with -h.
func WithCustomEndpointManager ¶ added in v1.8.1
func WithCustomEndpointManager(s endpointmanager.EndpointResourceSynchronizer) *endpointmanager.EndpointManager
WithCustomEndpointManager creates the custom endpoint manager with the provided endpoint synchronizer. This is useful for tests which want to mock out the real endpoint synchronizer.
func WithDefaultEndpointManager ¶ added in v1.8.1
func WithDefaultEndpointManager() *endpointmanager.EndpointManager
WithDefaultEndpointManager creates the default endpoint manager with a functional endpoint synchronizer.
Types ¶
type Daemon ¶
type Daemon struct {
// contains filtered or unexported fields
}
Daemon is the cilium daemon that is in charge of perform all necessary plumbing, monitoring when a LXC starts.
func NewDaemon ¶ added in v1.8.0
func NewDaemon(ctx context.Context, epMgr *endpointmanager.EndpointManager, dp datapath.Datapath) (*Daemon, *endpointRestoreState, error)
NewDaemon creates and returns a new Daemon with the parameters set in c.
func (*Daemon) DebugEnabled ¶
DebugEnabled returns if debug mode is enabled.
func (*Daemon) DumpIPAM ¶
func (d *Daemon) DumpIPAM() *models.IPAMStatus
DumpIPAM dumps in the form of a map, the list of reserved IPv4 and IPv6 addresses.
func (*Daemon) EndpointUpdate ¶
func (d *Daemon) EndpointUpdate(id string, cfg *models.EndpointConfigurationSpec) error
EndpointUpdate updates the options of the given endpoint and regenerates the endpoint
func (*Daemon) GetCIDRPrefixLengths ¶
GetCIDRPrefixLengths returns the sorted list of unique prefix lengths used by CIDR policies.
func (*Daemon) GetCompilationLock ¶
GetCompilationLock returns the mutex responsible for synchronizing compilation of BPF programs.
func (*Daemon) GetEndpointInfo ¶
GetEndpointInfo returns endpoint info for a given IP address. Hubble uses this function to populate fields like namespace and pod name for local endpoints.
func (*Daemon) GetIdentity ¶
GetIdentity looks up identity by ID from Cilium's identity cache. Hubble uses the identity info to populate source and destination labels of flows.
func (*Daemon) GetK8sMetadata ¶
func (d *Daemon) GetK8sMetadata(ip net.IP) *ipcache.K8sMetadata
GetK8sMetadata returns the Kubernetes metadata for the given IP address. It implements hubble parser's IPGetter.GetK8sMetadata.
func (*Daemon) GetK8sStore ¶
GetK8sStore returns the k8s watcher cache store for the given resource name. It implements hubble parser's StoreGetter.GetK8sStore WARNING: the objects returned by these stores can't be used to create update objects into k8s as well as the objects returned by these stores should only be used for reading.
func (*Daemon) GetNamesOf ¶
GetNamesOf implements DNSGetter.GetNamesOf. It looks up DNS names of a given IP from the FQDN cache of an endpoint specified by sourceEpID.
func (*Daemon) GetNodeSuffix ¶ added in v1.8.0
GetNodeSuffix returns the suffix to be appended to kvstore keys of this agent
func (*Daemon) GetOptions ¶
func (d *Daemon) GetOptions() *option.IntOptions
GetOptions returns the datapath configuration options of the daemon.
func (*Daemon) GetPolicyRepository ¶
func (d *Daemon) GetPolicyRepository() *policy.Repository
GetPolicyRepository returns the policy repository of the daemon
func (*Daemon) GetServiceByAddr ¶
GetServiceByAddr looks up service by IP/port. Hubble uses this function to annotate flows with service information.
func (*Daemon) LocalConfig ¶
func (d *Daemon) LocalConfig() *datapath.LocalNodeConfiguration
LocalConfig returns the local configuration of the daemon's nodediscovery.
func (*Daemon) LookupSecIDByIP ¶
LookupSecIDByIP returns the security ID for the given IP. If the security ID cannot be found, ok is false. It implements hubble parser's IPGetter.LookupSecIDByIP.
func (*Daemon) NewProxyLogRecord ¶ added in v1.8.0
NewProxyLogRecord is invoked by the proxy accesslog on each new access log entry
func (*Daemon) NotifyMonitorDeleted ¶ added in v1.8.0
NotifyMonitorDeleted notifies the monitor that an endpoint has been deleted.
func (*Daemon) PolicyAdd ¶
func (d *Daemon) PolicyAdd(rules policyAPI.Rules, opts *policy.AddOptions) (newRev uint64, err error)
PolicyAdd adds a slice of rules to the policy repository owned by the daemon. Eventual changes in policy rules are propagated to all locally managed endpoints. Returns the policy revision number of the repository after adding the rules into the repository, or an error if the updated policy was not able to be imported.
func (*Daemon) PolicyDelete ¶
func (d *Daemon) PolicyDelete(labels labels.LabelArray) (newRev uint64, err error)
PolicyDelete deletes the policy rules with the provided set of labels from the policy repository of the daemon. Returns the revision number and an error in case it was not possible to delete the policy.
func (*Daemon) QueueEndpointBuild ¶
QueueEndpointBuild waits for a "build permit" for the endpoint identified by 'epID'. This function blocks until the endpoint can start building. The returned function must then be called to release the "build permit" when the most resource intensive parts of the build are done. The returned function is idempotent, so it may be called more than once. Returns a nil function if the caller should NOT start building the endpoint. This may happen due to a build being queued for the endpoint already, or due to the wait for the build permit being canceled. The latter case happens when the endpoint is being deleted. Returns an error if the build permit could not be acquired.
func (*Daemon) SendNotification ¶
func (d *Daemon) SendNotification(typ monitorAPI.AgentNotification, text string) error
SendNotification sends an agent notification to the monitor
func (*Daemon) SetPrefilter ¶
SetPrefilter sets the preftiler for the given daemon.
func (*Daemon) TriggerPolicyUpdates ¶
TriggerPolicyUpdates triggers policy updates for every daemon's endpoint. This may be called in a variety of situations: after policy changes, changes in agent configuration, changes in endpoint labels, and change of security identities.
func (*Daemon) TriggerReloadWithoutCompile ¶
TriggerReloadWithoutCompile causes all BPF programs and maps to be reloaded, without recompiling the datapath logic for each endpoint. It first attempts to recompile the base programs, and if this fails returns an error. If base program load is successful, it subsequently triggers regeneration of all endpoints and returns a waitgroup that may be used by the caller to wait for all endpoint regeneration to complete.
If an error is returned, then no regeneration was successful. If no error is returned, then the base programs were successfully regenerated, but endpoints may or may not have successfully regenerated.
func (*Daemon) UpdateIdentities ¶ added in v1.8.0
func (d *Daemon) UpdateIdentities(added, deleted cache.IdentityCache)
UpdateIdentities informs the policy package of all identity changes and also triggers policy updates.
The caller is responsible for making sure the same identity is not present in both 'added' and 'deleted'.
type EndpointMapManager ¶
type EndpointMapManager struct {
*endpointmanager.EndpointManager
}
EndpointMapManager is a wrapper around an endpointmanager as well as the filesystem for removing maps related to endpoints from the filesystem.
func (*EndpointMapManager) RemoveDatapathMapping ¶
func (e *EndpointMapManager) RemoveDatapathMapping(endpointID uint16) error
RemoveDatapathMapping unlinks the endpointID from the global policy map, preventing packets that arrive on this node from being forwarded to the endpoint that used to exist with the specified ID.
func (*EndpointMapManager) RemoveMapPath ¶
func (e *EndpointMapManager) RemoveMapPath(path string)
RemoveMapPath removes the specified path from the filesystem.
type PolicyAddEvent ¶
type PolicyAddEvent struct {
// contains filtered or unexported fields
}
PolicyAddEvent is a wrapper around the parameters for policyAdd.
func (*PolicyAddEvent) Handle ¶
func (p *PolicyAddEvent) Handle(res chan interface{})
Handle implements pkg/eventqueue/EventHandler interface.
type PolicyAddResult ¶
type PolicyAddResult struct {
// contains filtered or unexported fields
}
PolicyAddResult is a wrapper around the values returned by policyAdd. It contains the new revision of a policy repository after adding a list of rules to it, and any error associated with adding rules to said repository.
type PolicyDeleteEvent ¶
type PolicyDeleteEvent struct {
// contains filtered or unexported fields
}
PolicyDeleteEvent is a wrapper around deletion of policy rules with a given set of labels from the policy repository in the daemon.
func (*PolicyDeleteEvent) Handle ¶
func (p *PolicyDeleteEvent) Handle(res chan interface{})
Handle implements pkg/eventqueue/EventHandler interface.
type PolicyDeleteResult ¶
type PolicyDeleteResult struct {
// contains filtered or unexported fields
}
PolicyDeleteResult is a wrapper around the values returned by policyDelete. It contains the new revision of a policy repository after deleting a list of rules to it, and any error associated with adding rules to said repository.
type PolicyReactionEvent ¶
type PolicyReactionEvent struct {
// contains filtered or unexported fields
}
PolicyReactionEvent is an event which needs to be serialized after changes to a policy repository for a daemon. This currently consists of endpoint regenerations / policy revision incrementing for a given endpoint.
func (*PolicyReactionEvent) Handle ¶
func (r *PolicyReactionEvent) Handle(res chan interface{})
Handle implements pkg/eventqueue/EventHandler interface.
Source Files ¶
- agenthealth.go
- cleanup.go
- cmdhelp_template.go
- cmdref.go
- config.go
- daemon.go
- daemon_main.go
- datapath.go
- debuginfo.go
- endpoint.go
- fqdn.go
- health.go
- hubble.go
- identity.go
- ipam.go
- ipcache.go
- kube_proxy_replacement.go
- loadbalancer.go
- map.go
- metrics.go
- policy.go
- prefilter.go
- proxy.go
- state.go
- status.go
- sysctl_linux.go