Directories ¶
Path | Synopsis |
---|---|
alibabacloud
|
|
eni/types
Package types provides Alibaba Cloud specific types
|
Package types provides Alibaba Cloud specific types |
Package alignchecker provides routines to check Go and C struct alignments
|
Package alignchecker provides routines to check Go and C struct alignments |
Package allocator provides a kvstore based ID allocator
|
Package allocator provides a kvstore based ID allocator |
Package api provides the Cilium useful helpers for the external API
|
Package api provides the Cilium useful helpers for the external API |
aws
|
|
eni
Package eni implements AWS ENI allocation logic
|
Package eni implements AWS ENI allocation logic |
azure
|
|
ipam
Package ipam implements Azure IPAM logic
|
Package ipam implements Azure IPAM logic |
types
+groupName=azure
|
+groupName=azure |
Package bandwidth provides efficient EDT-based rate-limiting.
|
Package bandwidth provides efficient EDT-based rate-limiting. |
bgp
|
|
config
Package config provides BGP configuration logic.
|
Package config provides BGP configuration logic. |
k8s
Package k8s provides a Kubernetes client to be used with MetalLB integration.
|
Package k8s provides a Kubernetes client to be used with MetalLB integration. |
log
Package log provides a central logging package that wraps MetalLB's logging.
|
Package log provides a central logging package that wraps MetalLB's logging. |
manager
Package manager provides functionality relating to the integration between Cilium and MetalLB, namely providing abstractions that help manage MetalLB from Cilium.
|
Package manager provides functionality relating to the integration between Cilium and MetalLB, namely providing abstractions that help manage MetalLB from Cilium. |
speaker
Package speaker abstracts the BGP speaker controller from MetalLB.
|
Package speaker abstracts the BGP speaker controller from MetalLB. |
Package bpf provides functions that allow golang programs to interact with bpf maps.
|
Package bpf provides functions that allow golang programs to interact with bpf maps. |
binary
Package binary is a fork of the upstream golang library.
|
Package binary is a fork of the upstream golang library. |
Package byteorder provides functions to convert from and to network byte order.
|
Package byteorder provides functions to convert from and to network byte order. |
exec
Package exec provides useful wrappers around the standard "exec" library.
|
Package exec provides useful wrappers around the standard "exec" library. |
Package completion implements a variant of sync.WaitGroup that is associated with a context.Context.
|
Package completion implements a variant of sync.WaitGroup that is associated with a context.Context. |
Package controller provide a simple pattern for async operations that require retries and/or regular intervals.
|
Package controller provide a simple pattern for async operations that require retries and/or regular intervals. |
Package counter provides generic reference counter objects
|
Package counter provides generic reference counter objects |
crypto
|
|
certloader
package certloader aim to provide a facility to ease dynamic tls.Config handling.
|
package certloader aim to provide a facility to ease dynamic tls.Config handling. |
Package datapath defines the interfaces to abstract all platform specific datapath components.
|
Package datapath defines the interfaces to abstract all platform specific datapath components. |
alignchecker
Package alignchecker is a thin wrapper around pkg/alignchecker to validate datapath object alignment.
|
Package alignchecker is a thin wrapper around pkg/alignchecker to validate datapath object alignment. |
connector
Package connector is responsible for the datapath specific plumbing to connect an endpoint to the network
|
Package connector is responsible for the datapath specific plumbing to connect an endpoint to the network |
fake
Package fake is a fake datapath implementation.
|
Package fake is a fake datapath implementation. |
ipcache
Package ipcache provides a BPF datapath implementation of the IPCache store.
|
Package ipcache provides a BPF datapath implementation of the IPCache store. |
iptables
Package iptables manages iptables-related configuration for Cilium.
|
Package iptables manages iptables-related configuration for Cilium. |
link
Package link provides the Cilium specific abstraction and useful helpers to manage network interfaces
|
Package link provides the Cilium specific abstraction and useful helpers to manage network interfaces |
linux
Package linux implements the Linux specific datapath implementation
|
Package linux implements the Linux specific datapath implementation |
linux/bigtcp
Package bigtcp provides helpers to probe and enable BIG TCP for the Linux datapath
|
Package bigtcp provides helpers to probe and enable BIG TCP for the Linux datapath |
linux/ipsec
Package ipsec provides the Linux datpaath specific abstraction and useful helpers to manage IPSec via Linux xfrm.
|
Package ipsec provides the Linux datpaath specific abstraction and useful helpers to manage IPSec via Linux xfrm. |
linux/linux_defaults
Package linux_defaults provides the Linux datapath defaults
|
Package linux_defaults provides the Linux datapath defaults |
linux/probes
Package probes provides BPF features checks based on bpftool.
|
Package probes provides BPF features checks based on bpftool. |
linux/route
Package route provides the Cilium specific abstraction and useful helpers to manage network routes
|
Package route provides the Cilium specific abstraction and useful helpers to manage network routes |
loader
Package loader provides accessors to compilation and BPF load routines necessary for creating datapath objects and attaching them to links.
|
Package loader provides accessors to compilation and BPF load routines necessary for creating datapath objects and attaching them to links. |
maps
Package maps performs various lifecycle operations related to maps in the datapath.
|
Package maps performs various lifecycle operations related to maps in the datapath. |
prefilter
Package prefilter provides a means of configuring XDP pre-filters for DDoS-mitigation.
|
Package prefilter provides a means of configuring XDP pre-filters for DDoS-mitigation. |
Package ebpf provides functions that allow golang programs to interact with ebpf maps by wrapping the cilium/ebpf library.
|
Package ebpf provides functions that allow golang programs to interact with ebpf maps by wrapping the cilium/ebpf library. |
Package egressgateway defines an internal representation of the Cilium Egress Policy.
|
Package egressgateway defines an internal representation of the Cilium Egress Policy. |
Package elf provides utility functions for manipulating ELF files on the filesystem.
|
Package elf provides utility functions for manipulating ELF files on the filesystem. |
Package endpointmanager manages the list of all local endpoints
|
Package endpointmanager manages the list of all local endpoints |
xds
Package xds is an implementation of Envoy's xDS (Discovery Service) protocol.
|
Package xds is an implementation of Envoy's xDS (Discovery Service) protocol. |
Package eventqueue implements a queue-based system for event processing in a generic fashion in a first-in, first-out manner.
|
Package eventqueue implements a queue-based system for event processing in a generic fashion in a first-in, first-out manner. |
Package fqdn handles some of the DNS-based policy functions:
|
Package fqdn handles some of the DNS-based policy functions: |
re
Package re provides a simple function to access compile regex objects for the FQDN subsystem.
|
Package re provides a simple function to access compile regex objects for the FQDN subsystem. |
restore
The restore package provides data structures important to restoring DNS proxy rules.
|
The restore package provides data structures important to restoring DNS proxy rules. |
health
|
|
Package hive provides the infrastructure for building Cilium applications from modular components (cells).
|
Package hive provides the infrastructure for building Cilium applications from modular components (cells). |
hubble
|
|
Package identity contains code for managing security identities in Cilium.
|
Package identity contains code for managing security identities in Cilium. |
identitymanager
Package identitymanager tracks which global identities are being used by the currently running cilium-agent
|
Package identitymanager tracks which global identities are being used by the currently running cilium-agent |
Package ip is a library for performing manipulations on IPv4 and IPv6 addresses and CIDR prefixes.
|
Package ip is a library for performing manipulations on IPv4 and IPv6 addresses and CIDR prefixes. |
Package ipam handles address allocation management
|
Package ipam handles address allocation management |
types
+groupName=ipam
|
+groupName=ipam |
Package ipcache provides a local cache of the mapping of IPs of endpoints managed by Cilium to their corresponding security identities.
|
Package ipcache provides a local cache of the mapping of IPs of endpoints managed by Cilium to their corresponding security identities. |
Package k8s contains all k8s related logic.
|
Package k8s contains all k8s related logic. |
apis/cilium.io/v2
Package v2 is the v2 version of the API.
|
Package v2 is the v2 version of the API. |
apis/cilium.io/v2alpha1
Package v2alpha1 is the v2alpha1 version of the API.
|
Package v2alpha1 is the v2alpha1 version of the API. |
client/clientset/versioned
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
client/clientset/versioned/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
client/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
client/clientset/versioned/typed/cilium.io/v2
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
client/clientset/versioned/typed/cilium.io/v2/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
client/clientset/versioned/typed/cilium.io/v2alpha1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
client/clientset/versioned/typed/cilium.io/v2alpha1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
slim/k8s/api/core/v1
Package v1 contains slimmer versions of k8s core types.
|
Package v1 contains slimmer versions of k8s core types. |
slim/k8s/api/discovery/v1
Package v1 contains slimmer versions of k8s discovery types.
|
Package v1 contains slimmer versions of k8s discovery types. |
slim/k8s/api/discovery/v1beta1
Package v1beta1 contains slimmer versions of k8s discovery types.
|
Package v1beta1 contains slimmer versions of k8s discovery types. |
slim/k8s/api/networking/v1
Package v1 contains slimmer versions of k8s networking types.
|
Package v1 contains slimmer versions of k8s networking types. |
slim/k8s/apiextensions-client/clientset/versioned
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
slim/k8s/apiextensions-client/clientset/versioned/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
slim/k8s/apiextensions-client/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
slim/k8s/apiextensions-client/clientset/versioned/typed/apiextensions/v1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
slim/k8s/apiextensions-client/clientset/versioned/typed/apiextensions/v1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
slim/k8s/apis/apiextensions/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
slim/k8s/apis/labels
Package labels implements a simple label system, parsing and matching selectors with sets of labels.
|
Package labels implements a simple label system, parsing and matching selectors with sets of labels. |
slim/k8s/apis/meta/v1
Package types contains slimmer versions of k8s types.
|
Package types contains slimmer versions of k8s types. |
slim/k8s/apis/meta/v1beta1
package v1beta1 is alpha objects from meta that will be introduced.
|
package v1beta1 is alpha objects from meta that will be introduced. |
slim/k8s/apis/util/intstr
Package types contains slimmer versions of k8s types.
|
Package types contains slimmer versions of k8s types. |
slim/k8s/client/clientset/versioned
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
slim/k8s/client/clientset/versioned/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
slim/k8s/client/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
slim/k8s/client/clientset/versioned/typed/core/v1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
slim/k8s/client/clientset/versioned/typed/core/v1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
slim/k8s/client/clientset/versioned/typed/discovery/v1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
slim/k8s/client/clientset/versioned/typed/discovery/v1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
slim/k8s/client/clientset/versioned/typed/discovery/v1beta1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
slim/k8s/client/clientset/versioned/typed/discovery/v1beta1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
slim/k8s/client/clientset/versioned/typed/networking/v1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
slim/k8s/client/clientset/versioned/typed/networking/v1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
synced
Package synced provides tools for tracking if k8s resources have been initially sychronized with the k8s apiserver.
|
Package synced provides tools for tracking if k8s resources have been initially sychronized with the k8s apiserver. |
types
Package types contains slimmer versions of k8s types.
|
Package types contains slimmer versions of k8s types. |
version
Package version keeps track of the Kubernetes version the client is connected to
|
Package version keeps track of the Kubernetes version the client is connected to |
watchers/resources
This package contains exported resource identifiers and metric resource labels related to K8s watchers.
|
This package contains exported resource identifiers and metric resource labels related to K8s watchers. |
watchers/subscriber
Package subscriber implements a mechanism to represent K8s watcher subscribers and allows K8s events to objects / resources to notify their respective subscribers.
|
Package subscriber implements a mechanism to represent K8s watcher subscribers and allows K8s events to objects / resources to notify their respective subscribers. |
Package kafka provides a library to parse Kafka requests and responses and apply policy rules
|
Package kafka provides a library to parse Kafka requests and responses and apply policy rules |
Package kvstore abstracts KVstore access and provides a high level API to atomically manage cluster wide resources
|
Package kvstore abstracts KVstore access and provides a high level API to atomically manage cluster wide resources |
allocator
Package allocator provides a kvstore based ID allocator
|
Package allocator provides a kvstore based ID allocator |
store
Package store implements a shared store backed by a kvstore or similar with the following properties:
|
Package store implements a shared store backed by a kvstore or similar with the following properties: |
Package api defines the API of the Cilium network policy interface
|
Package api defines the API of the Cilium network policy interface |
cidr
Package cidr provides helper methods for generating labels for CIDRs which are partially derived from node state.
|
Package cidr provides helper methods for generating labels for CIDRs which are partially derived from node state. |
Package loadbalancer contains all logic related with the loadbalancer +groupName=pkg
|
Package loadbalancer contains all logic related with the loadbalancer +groupName=pkg |
Package loadinfo provides the ability to log system load information either at a particular time or periodically in the background
|
Package loadinfo provides the ability to log system load information either at a particular time or periodically in the background |
logfields
Package logfields defines common logging fields which are used across packages
|
Package logfields defines common logging fields which are used across packages |
maps
|
|
auth
Package auth represents the BPF map used to keep track of authentication state between security identities.
|
Package auth represents the BPF map used to keep track of authentication state between security identities. |
bwmap
Package bwmap represents the BPF map used to enforce Pod bandwidth limitations via EDT (Earliest Departure Time) + BPF.
|
Package bwmap represents the BPF map used to enforce Pod bandwidth limitations via EDT (Earliest Departure Time) + BPF. |
callsmap
Package callsmap represents the internal calls map for endpoint and host datapaths.
|
Package callsmap represents the internal calls map for endpoint and host datapaths. |
ctmap
+groupName=maps
|
+groupName=maps |
egressmap
+groupName=maps
|
+groupName=maps |
encrypt
Package encrypt represents the nodes current encryption state.
|
Package encrypt represents the nodes current encryption state. |
eppolicymap
Package eppolicymap represents the map from an endpoint ID to its policy map.
|
Package eppolicymap represents the map from an endpoint ID to its policy map. |
eventsmap
Package eventsmap represents the perf event map used by the datapath to send events to the Cilium agent.
|
Package eventsmap represents the perf event map used by the datapath to send events to the Cilium agent. |
fragmap
Package fragmap represents the BPF map used to associate IPv4 datagram fragments to the L4 ports of the datagram they belong to, in order to retrieve the full 5-tuple necessary to do L4-based lookups.
|
Package fragmap represents the BPF map used to associate IPv4 datagram fragments to the L4 ports of the datagram they belong to, in order to retrieve the full 5-tuple necessary to do L4-based lookups. |
ipcache
+groupName=maps
|
+groupName=maps |
lbmap
+groupName=maps
|
+groupName=maps |
lxcmap
Package lxcmap represents the endpoints BPF map in the BPF programs.
|
Package lxcmap represents the endpoints BPF map in the BPF programs. |
metricsmap
Package metricsmap represents the BPF metrics map in the BPF programs.
|
Package metricsmap represents the BPF metrics map in the BPF programs. |
nat
Package nat implements the BPF NAT map interaction code.
|
Package nat implements the BPF NAT map interaction code. |
neighborsmap
Package neighborsmap represents the map that stores IP to mac address mappings for NodePort clients.
|
Package neighborsmap represents the map that stores IP to mac address mappings for NodePort clients. |
nodemap
+groupName=maps
|
+groupName=maps |
policymap
+groupName=maps
|
+groupName=maps |
recorder
Package recorder represents the BPF map used to (wildcard-)filter traffic that is subject to the pcap recorder.
|
Package recorder represents the BPF map used to (wildcard-)filter traffic that is subject to the pcap recorder. |
signalmap
Package signalmap represents the perf event map used to signal potential congestion to Cilium agent.
|
Package signalmap represents the perf event map used to signal potential congestion to Cilium agent. |
sockmap
Package Sockmap represents the map from 5-tuple to the socket.
|
Package Sockmap represents the map from 5-tuple to the socket. |
srv6map
+groupName=maps
|
+groupName=maps |
tunnel
+groupName=maps
|
+groupName=maps |
vtep
+groupName=maps
|
+groupName=maps |
Package mcastmanager manages endpoint's IPv6 addresses and join the node solicitation multicast addresses
|
Package mcastmanager manages endpoint's IPv6 addresses and join the node solicitation multicast addresses |
Package metrics holds prometheus metrics objects and related utility functions.
|
Package metrics holds prometheus metrics objects and related utility functions. |
Package modules contains a manager of loaded modules which supports search operation.
|
Package modules contains a manager of loaded modules which supports search operation. |
alignchecker
Package alignchecker is a thin wrapper around pkg/alignchecker to validate monitor object alignment.
|
Package alignchecker is a thin wrapper around pkg/alignchecker to validate monitor object alignment. |
format
Package format provides stdout formatting of monitor messages for reuse by command-line clients of the monitor event channel.
|
Package format provides stdout formatting of monitor messages for reuse by command-line clients of the monitor event channel. |
Package mtu is a library for tracking and configuring MTU for devices and routes.
|
Package mtu is a library for tracking and configuring MTU for devices and routes. |
Package multicast contains various utility functions to work with IPv6 multicast
|
Package multicast contains various utility functions to work with IPv6 multicast |
Package netns contains various utility functions to work with network namespaces
|
Package netns contains various utility functions to work with network namespaces |
Package node provides functionality related to the local and remote node addresses
|
Package node provides functionality related to the local and remote node addresses |
resolver
Package resolver provides the logic for merging in the various sources of configuration, overrides, and drop-ins.
|
Package resolver provides the logic for merging in the various sources of configuration, overrides, and drop-ins. |
api
Package api defines the API of the Cilium network policy interface +groupName=policy
|
Package api defines the API of the Cilium network policy interface +groupName=policy |
api/kafka
Package kafka defines the Kafka API of the Cilium network policy interface +groupName=policy
|
Package kafka defines the Kafka API of the Cilium network policy interface +groupName=policy |
trafficdirection
package trafficdirection specifies the directionality of policy in a numeric representation.
|
package trafficdirection specifies the directionality of policy in a numeric representation. |
Package pprof enables use of pprof in Cilium
|
Package pprof enables use of pprof in Cilium |
Package probe provides a collection of kernel-side BPF feature probes.
|
Package probe provides a collection of kernel-side BPF feature probes. |
logger
Package logger provides the accesslog logging logic for all proxies
|
Package logger provides the accesslog logging logic for all proxies |
Package rate provides a rate limiter to rate limit requests that can be burstable but they should only allowed N per a period defined.
|
Package rate provides a rate limiter to rate limit requests that can be burstable but they should only allowed N per a period defined. |
Package recorder provides an agent API for managing datapath pcap recorders.
|
Package recorder provides an agent API for managing datapath pcap recorders. |
Package redirectpolicy defines an internal representation of the Cilium Local Redirect Policy.
|
Package redirectpolicy defines an internal representation of the Cilium Local Redirect Policy. |
Package safetime contains a wrapper function for time.Since to deal with negative durations.
|
Package safetime contains a wrapper function for time.Since to deal with negative durations. |
Package set contains a function for performing a subset check for slices.
|
Package set contains a function for performing a subset check for slices. |
Package signal provides handling notifications from perf RB signal map.
|
Package signal provides handling notifications from perf RB signal map. |
Package spanstat provides a mechanism to measure duration of multiple spans and add them up to a total duration
|
Package spanstat provides a mechanism to measure duration of multiple spans and add them up to a total duration |
The stream package provides utilities for working with observable streams.
|
The stream package provides utilities for working with observable streams. |
Package sysctl allows to change kernel parameters at runtime.
|
Package sysctl allows to change kernel parameters at runtime. |
Package trigger provides a mechanism to trigger actions that require to be serialized while providing a non-blocking notification mechanism
|
Package trigger provides a mechanism to trigger actions that require to be serialized while providing a non-blocking notification mechanism |
Package tuple defines keys used for connection tuples in multiple BPF maps.
|
Package tuple defines keys used for connection tuples in multiple BPF maps. |
Package versioncheck provides utility wrappers for go-version, allowing the constraints to be used as global variables.
|
Package versioncheck provides utility wrappers for go-version, allowing the constraints to be used as global variables. |
wireguard
|
|
agent
This package contains the agent code used to configure the Wireguard tunnel between nodes.
|
This package contains the agent code used to configure the Wireguard tunnel between nodes. |
types
Common Wireguard types and constants
|
Common Wireguard types and constants |
Click to show internal directories.
Click to hide internal directories.