classifier

Documentation

Index

• func Module() fx.Option
• type ActiveRuleset
  • func (rs ActiveRuleset) Drop()
• type ClassificationEngine
  • func NewClassificationEngine(agentInfo *agentinfo.AgentInfo, registry status.Registry) *ClassificationEngine
  • func ProvideClassificationEngine(in ClassificationEngineIn) (iface.ClassificationEngine, *ClassificationEngine)
  • func (c *ClassificationEngine) ActiveRules() []compiler.ReportedRule
  • func (c *ClassificationEngine) AddPreview(preview iface.HTTPRequestPreview)
  • func (c *ClassificationEngine) AddRules(ctx context.Context, name string, ...) (ActiveRuleset, error)
  • func (c *ClassificationEngine) Classify(ctx context.Context, svcs []string, ctrlPt string, ...) ([]*flowcontrolv1.ClassifierInfo, flowlabel.FlowLabels)
  • func (c *ClassificationEngine) DropPreview(preview iface.HTTPRequestPreview)
  • func (c *ClassificationEngine) GetClassifier(classifierID iface.ClassifierID) iface.Classifier
  • func (c *ClassificationEngine) RegisterClassifier(classifier iface.Classifier) error
  • func (c *ClassificationEngine) UnregisterClassifier(classifier iface.Classifier) error
• type ClassificationEngineIn
• type Classifier
  • func (c *Classifier) GetClassifierID() iface.ClassifierID
  • func (c *Classifier) GetRequestCounter() prometheus.Counter
  • func (c *Classifier) GetSelectors() []*policylangv1.Selector

Functions

func Module

func Module() fx.Option

Module is a default set of components to enable flow classification

Note: this module provides just a Classifier datastructure, with no API endpoint. Example API endpoint to the classifier is pkg/envoy.

Types

type ActiveRuleset

type ActiveRuleset struct {
	// contains filtered or unexported fields
}

ActiveRuleset represents one of currently active set of rules.

func (ActiveRuleset) Drop

func (rs ActiveRuleset) Drop()

Drop retracts all the rules belonging to a ruleset.

type ClassificationEngine

type ClassificationEngine struct {
	// contains filtered or unexported fields
}

ClassificationEngine receives classification policies and provides Classify method.

func NewClassificationEngine

func NewClassificationEngine(agentInfo *agentinfo.AgentInfo, registry status.Registry) *ClassificationEngine

NewClassificationEngine creates a new Classifier.

func ProvideClassificationEngine

func ProvideClassificationEngine(in ClassificationEngineIn) (iface.ClassificationEngine, *ClassificationEngine)

ProvideClassificationEngine provides a classifier that loads the rules from config file.

func (*ClassificationEngine) ActiveRules

func (c *ClassificationEngine) ActiveRules() []compiler.ReportedRule

ActiveRules returns a slice of uncompiled Rules which are currently active.

func (*ClassificationEngine) AddPreview

func (c *ClassificationEngine) AddPreview(preview iface.HTTPRequestPreview)

AddPreview adds a preview to the active previews.

func (*ClassificationEngine) AddRules

func (c *ClassificationEngine) AddRules(
	ctx context.Context,
	name string,
	classifierWrapper *policysyncv1.ClassifierWrapper,
) (ActiveRuleset, error)

AddRules compiles a ruleset and adds it to the active rules

The name will be used for reporting

To retract the rules, call Classifier.Drop.

func (*ClassificationEngine) Classify

func (c *ClassificationEngine) Classify(
	ctx context.Context,
	svcs []string,
	ctrlPt string,
	labelsForMatching map[string]string,
	input ast.Value,
) ([]*flowcontrolv1.ClassifierInfo, flowlabel.FlowLabels)

Classify takes rego input, performs classification, and returns a map of flow labels. LabelsForMatching are additional labels to use for selector matching. Request is passed as ast.Value directly instead of map[string]interface{} to avoid unnecessary json conversion.

func (*ClassificationEngine) DropPreview

func (c *ClassificationEngine) DropPreview(preview iface.HTTPRequestPreview)

DropPreview removes a preview from the active previews.

func (*ClassificationEngine) GetClassifier

func (c *ClassificationEngine) GetClassifier(classifierID iface.ClassifierID) iface.Classifier

GetClassifier Lookup function for getting classifier.

func (*ClassificationEngine) RegisterClassifier

func (c *ClassificationEngine) RegisterClassifier(classifier iface.Classifier) error

RegisterClassifier adds classifier to map.

func (*ClassificationEngine) UnregisterClassifier

func (c *ClassificationEngine) UnregisterClassifier(classifier iface.Classifier) error

UnregisterClassifier removes classifier from map.

type ClassificationEngineIn

type ClassificationEngineIn struct {
	fx.In
	Watcher      notifiers.Watcher `name:"classifier"`
	Lifecycle    fx.Lifecycle
	Registry     status.Registry
	PromRegistry *prometheus.Registry
	AgentInfo    *agentinfo.AgentInfo
}

ClassificationEngineIn holds parameters for ProvideClassificationEngine.

type Classifier

type Classifier struct {
	iface.Classifier
	// contains filtered or unexported fields
}

Classifier implements iface.Classifier interface.

func (*Classifier) GetClassifierID

func (c *Classifier) GetClassifierID() iface.ClassifierID

GetClassifierID returns ClassifierID object that should uniquely identify classifier.

func (*Classifier) GetRequestCounter

func (c *Classifier) GetRequestCounter() prometheus.Counter

GetRequestCounter returns the counter for the classifier.

func (*Classifier) GetSelectors

func (c *Classifier) GetSelectors() []*policylangv1.Selector

GetSelectors returns the selectors.