Documentation
¶
Index ¶
- Constants
- func EnsureNetworkPolicy(ctx context.Context, seedClient client.Client, namespace string, ...) error
- func GetEgressRules(subsets ...corev1.EndpointSubset) []networkingv1.NetworkPolicyEgressRule
- func MutatePolicy(policy *networkingv1.NetworkPolicy, ...)
- func PolicyChanged(existingSpec networkingv1.NetworkPolicySpec, ...) bool
Constants ¶
View Source
const AllowToSeedAPIServer = "allow-to-seed-apiserver"
AllowToSeedAPIServer is the name of the Network Policy that allows egress to the Seed's Kubernetes API Server endpoints in the default namespace.
Variables ¶
This section is empty.
Functions ¶
func EnsureNetworkPolicy ¶
func EnsureNetworkPolicy(ctx context.Context, seedClient client.Client, namespace string, egressRules []networkingv1.NetworkPolicyEgressRule) error
EnsureNetworkPolicy ensures the Network Policy 'allow-to-seed-apiserver' in the given namespace
func GetEgressRules ¶
func GetEgressRules(subsets ...corev1.EndpointSubset) []networkingv1.NetworkPolicyEgressRule
GetEgressRules creates Network Policy egress rules from endpoint subsets.
func MutatePolicy ¶
func MutatePolicy(policy *networkingv1.NetworkPolicy, egressRules []networkingv1.NetworkPolicyEgressRule)
MutatePolicy mutates a given network policy with given egress rules
func PolicyChanged ¶ added in v1.60.0
func PolicyChanged(existingSpec networkingv1.NetworkPolicySpec, egressRules []networkingv1.NetworkPolicyEgressRule) bool
PolicyChanged checks if egressRules will change the existing spec
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.