Documentation
¶
Index ¶
- Constants
- Variables
- func AllPrivateNetworkBlocks() []net.IPNet
- func CarrierGradeNATBlock() *net.IPNet
- func NetworkPolicyPeersWithExceptions(networks []string, except ...string) ([]networkingv1.NetworkPolicyPeer, error)
- func New(client client.Client, namespace string, values Values) component.Deployer
- func NewBootstrapper(client client.Client, namespace string, values GlobalValues) component.DeployWaiter
- func Private12BitBlock() *net.IPNet
- func Private16BitBlock() *net.IPNet
- func Private8BitBlock() *net.IPNet
- func ToNetworkPolicyPeersWithExceptions(networks []net.IPNet, except ...string) ([]networkingv1.NetworkPolicyPeer, error)
- type GlobalValues
- type Values
Constants ¶
const ManagedResourceControlName = "global-network-policies"
ManagedResourceControlName is the name of the of the global-network-policies managed resource.
Variables ¶
var TimeoutWaitForManagedResource = 2 * time.Minute
TimeoutWaitForManagedResource is the timeout used while waiting for the ManagedResources to become healthy or deleted.
Functions ¶
func AllPrivateNetworkBlocks ¶
AllPrivateNetworkBlocks returns a list of all Private network (RFC1918) and Carrier-grade NAT (RFC6598) IPv4 blocks.
func CarrierGradeNATBlock ¶
CarrierGradeNATBlock returns a Carrier-grade NAT (RFC6598) 100.64.0.0/10 IPv4 block
func NetworkPolicyPeersWithExceptions ¶
func NetworkPolicyPeersWithExceptions(networks []string, except ...string) ([]networkingv1.NetworkPolicyPeer, error)
NetworkPolicyPeersWithExceptions returns a list of networkingv1.NetworkPolicyPeers whose ipBlock.cidr points to `networks` and whose ipBlock.except points to `except`.
func NewBootstrapper ¶
func NewBootstrapper(client client.Client, namespace string, values GlobalValues) component.DeployWaiter
NewBootstrapper creates a new instance of DeployWaiter for the network policies.
func Private12BitBlock ¶
Private12BitBlock returns a private network (RFC1918) 172.16.0.0/12 IPv4 block
func Private16BitBlock ¶
Private16BitBlock returns a private network (RFC1918) 192.168.0.0/16 IPv4 block
func Private8BitBlock ¶
Private8BitBlock returns a private network (RFC1918) 10.0.0.0/8 IPv4 block
func ToNetworkPolicyPeersWithExceptions ¶
func ToNetworkPolicyPeersWithExceptions(networks []net.IPNet, except ...string) ([]networkingv1.NetworkPolicyPeer, error)
ToNetworkPolicyPeersWithExceptions returns a list of networkingv1.NetworkPolicyPeers whose ipBlock.cidr points to `networks` and whose ipBlock.except points to `except`.
Types ¶
type GlobalValues ¶
type GlobalValues struct {
// SNIEnabled states whether the SNI for kube-apiservers of shoot clusters is enabled.
SNIEnabled bool
// BlockedAddresses is a list of CIDRs that should be blocked from being accessed.
BlockedAddresses []string
// PrivateNetworkPeers is the list of peers for the private networks.
PrivateNetworkPeers []networkingv1.NetworkPolicyPeer
// DenyAllTraffic states whether all traffic should be denied by default and must be explicitly allowed by dedicated
// network policy rules.
DenyAllTraffic bool
// NodeLocalIPVSAddress is the CIDR of the node-local IPVS address.
NodeLocalIPVSAddress *string
// DNSServerAddress is the CIDR of the usual DNS server address.
DNSServerAddress *string
}
GlobalValues contains deployment parameters for the global network policies.
type Values ¶
type Values struct {
// ShootNetworkPeers is the list of peers for the shoot networks.
ShootNetworkPeers []networkingv1.NetworkPolicyPeer
// GlobalValues are the values for the global network policies.
GlobalValues
}
Values contains deployment parameters for the network policies.
Source Files