policysync

package
v0.0.0-...-21cfbab Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 10, 2023 License: Apache-2.0, Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source
const (
	SockName       = "/policysync.sock"
	OrchestratorId = "k8s"
	EndpointId     = "eth0"
)
View Source
const MaxMembersPerMessage = 82200

MaxMembersPerMessage sets the limit on how many IP Set members to include in an outgoing gRPC message, which has a size limit of 4MB (4194304 bytes). Worst case, an IP Set member would be an IPv6 address including a port and protocol. 2001:0db8:0000:0000:0000:ff00:0042:8329,tcp:65535 = 49 characters Protobuf strings have 2 extra bytes of key/length (for lengths < 128), which gives 51 bytes per member, worst case. 4194304 / 51 = 82241, which we round down to 82200, giving about 2kB for the rest of the message.

View Source
const OutputQueueLen = 100

Variables

This section is empty.

Functions

func AddIPSetsRule

func AddIPSetsRule(r *proto.Rule, s map[string]bool)

Types

type EndpointInfo

type EndpointInfo struct {
	// contains filtered or unexported fields
}

type JoinMetadata

type JoinMetadata struct {
	EndpointID proto.WorkloadEndpointID
	// JoinUID is a correlator, used to match stop requests with join requests.
	JoinUID uint64
}

type JoinRequest

type JoinRequest struct {
	JoinMetadata
	// C is the channel to send updates to the policy sync client.  Processor closes the channel when the
	// workload endpoint is removed, or when a new JoinRequest is received for the same endpoint.  If nil, indicates
	// the client wants to stop receiving updates.
	C chan<- proto.ToDataplane
}

JoinRequest is sent to the Processor when a new socket connection is accepted by the GRPC server, it provides the channel used to send sync messages back to the server goroutine.

type LeaveRequest

type LeaveRequest struct {
	JoinMetadata
}

type Processor

type Processor struct {
	Updates     <-chan interface{}
	JoinUpdates chan interface{}
	// contains filtered or unexported fields
}

func NewProcessor

func NewProcessor(updates <-chan interface{}) *Processor

func (*Processor) Start

func (p *Processor) Start()

type Server

type Server struct {
	JoinUpdates chan<- interface{}
	// contains filtered or unexported fields
}

Server implements the API that each policy-sync agent connects to in order to get policy information. There is a single instance of the Server, it disambiguates connections from different clients by the credentials present in the gRPC request.

func NewServer

func NewServer(joins chan<- interface{}, allocUID func() uint64) *Server

func (*Server) RegisterGrpc

func (s *Server) RegisterGrpc(g *grpc.Server)

func (*Server) Sync

type UIDAllocator

type UIDAllocator struct {
	// contains filtered or unexported fields
}

func NewUIDAllocator

func NewUIDAllocator() *UIDAllocator

func (*UIDAllocator) NextUID

func (a *UIDAllocator) NextUID() uint64

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL