networkpolicies

package
v1.43.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 30, 2022 License: Apache-2.0, BSD-2-Clause, MIT, + 1 more Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var TimeoutWaitForManagedResource = 2 * time.Minute

TimeoutWaitForManagedResource is the timeout used while waiting for the ManagedResources to become healthy or deleted.

Functions

func AllPrivateNetworkBlocks

func AllPrivateNetworkBlocks() []net.IPNet

AllPrivateNetworkBlocks returns a list of all Private network (RFC1918) and Carrier-grade NAT (RFC6598) IPv4 blocks.

func CarrierGradeNATBlock

func CarrierGradeNATBlock() *net.IPNet

CarrierGradeNATBlock returns a Carrier-grade NAT (RFC6598) 100.64.0.0/10 IPv4 block

func NetworkPolicyPeersWithExceptions

func NetworkPolicyPeersWithExceptions(networks []string, except ...string) ([]networkingv1.NetworkPolicyPeer, error)

NetworkPolicyPeersWithExceptions returns a list of networkingv1.NetworkPolicyPeers whose ipBlock.cidr points to `networks` and whose ipBlock.except points to `except`.

func New

func New(client client.Client, namespace string, values Values) component.Deployer

New creates a new instance of DeployWaiter for the network policies.

func NewBootstrapper

func NewBootstrapper(client client.Client, namespace string, values GlobalValues) component.DeployWaiter

NewBootstrapper creates a new instance of DeployWaiter for the network policies.

func Private12BitBlock

func Private12BitBlock() *net.IPNet

Private12BitBlock returns a private network (RFC1918) 172.16.0.0/12 IPv4 block

func Private16BitBlock

func Private16BitBlock() *net.IPNet

Private16BitBlock returns a private network (RFC1918) 192.168.0.0/16 IPv4 block

func Private8BitBlock

func Private8BitBlock() *net.IPNet

Private8BitBlock returns a private network (RFC1918) 10.0.0.0/8 IPv4 block

func ToNetworkPolicyPeersWithExceptions

func ToNetworkPolicyPeersWithExceptions(networks []net.IPNet, except ...string) ([]networkingv1.NetworkPolicyPeer, error)

ToNetworkPolicyPeersWithExceptions returns a list of networkingv1.NetworkPolicyPeers whose ipBlock.cidr points to `networks` and whose ipBlock.except points to `except`.

Types

type GlobalValues

type GlobalValues struct {
	// SNIEnabled states whether the SNI for kube-apiservers of shoot clusters is enabled.
	SNIEnabled bool
	// BlockedAddresses is a list of CIDRs that should be blocked from being accessed.
	BlockedAddresses []string
	// PrivateNetworkPeers is the list of peers for the private networks.
	PrivateNetworkPeers []networkingv1.NetworkPolicyPeer
	// DenyAllTraffic states whether all traffic should be denied by default and must be explicitly allowed by dedicated
	// network policy rules.
	DenyAllTraffic bool
	// NodeLocalIPVSAddress is the CIDR of the node-local IPVS address.
	NodeLocalIPVSAddress *string
	// DNSServerAddress is the CIDR of the usual DNS server address.
	DNSServerAddress *string
}

GlobalValues contains deployment parameters for the global network policies.

type Values

type Values struct {
	// ShootNetworkPeers is the list of peers for the shoot networks.
	ShootNetworkPeers []networkingv1.NetworkPolicyPeer
	// GlobalValues are the values for the global network policies.
	GlobalValues
}

Values contains deployment parameters for the network policies.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL