cache

package
v1.5.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 16, 2019 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// IdentityAllocator is an allocator for security identities from the
	// kvstore.
	IdentityAllocator *allocator.Allocator

	// IdentitiesPath is the path to where identities are stored in the key-value
	// store.
	IdentitiesPath = path.Join(kvstore.BaseKeyPrefix, "state", "identities", "v1")
)

Functions

func AddUserDefinedNumericIdentitySet

func AddUserDefinedNumericIdentitySet(m map[string]string) error

AddUserDefinedNumericIdentitySet adds all key-value pairs from the given map to the map of user defined numeric identities and reserved identities. The key-value pairs should map a numeric identity to a valid label. Is not safe for concurrent use.

func AllocateIdentity

func AllocateIdentity(ctx context.Context, lbls labels.Labels) (*identity.Identity, bool, error)

AllocateIdentity allocates an identity described by the specified labels. If an identity for the specified set of labels already exist, the identity is re-used and reference counting is performed, otherwise a new identity is allocated via the kvstore.

func Close

func Close()

Close closes the identity allocator and allows to call InitIdentityAllocator() again

func IdentityAllocationIsLocal

func IdentityAllocationIsLocal(lbls labels.Labels) bool

IdentityAllocationIsLocal returns true if a call to AllocateIdentity with the given labels would not require accessing the KV store to allocate the identity. Currently, this function returns true only if the labels are those of a reserved identity, i.e. if the slice contains a single reserved "reserved:*" label.

func InitIdentityAllocator

func InitIdentityAllocator(owner IdentityAllocatorOwner) <-chan struct{}

InitIdentityAllocator creates the the identity allocator. Only the first invocation of this function will have an effect. Caller must have initialized well known identities before calling this (by calling identity.InitWellKnownIdentities()). Returns a channel which is closed when initialization of the allocator is completed.

func LookupIdentity

func LookupIdentity(lbls labels.Labels) *identity.Identity

LookupIdentity looks up the identity by its labels but does not create it. This function will first search through the local cache and fall back to querying the kvstore.

func LookupIdentityByID

func LookupIdentityByID(id identity.NumericIdentity) *identity.Identity

LookupIdentityByID returns the identity by ID. This function will first search through the local cache and fall back to querying the kvstore.

func LookupReservedIdentityByLabels

func LookupReservedIdentityByLabels(lbls labels.Labels) *identity.Identity

LookupReservedIdentityByLabels looks up a reserved identity by its labels and returns it if found. Returns nil if not found.

func Release

func Release(ctx context.Context, id *identity.Identity) (bool, error)

Release is the reverse operation of AllocateIdentity() and releases the identity again. This function may result in kvstore operations. After the last user has released the ID, the returned lastUse value is true.

func ReleaseSlice

func ReleaseSlice(ctx context.Context, identities []*identity.Identity) error

ReleaseSlice attempts to release a set of identities. It is a helper function that may be useful for cleaning up multiple identities in paths where several identities may be allocated and another error means that they should all be released.

func WaitForInitialGlobalIdentities added in v1.5.5

func WaitForInitialGlobalIdentities(ctx context.Context) error

WaitForInitialGlobalIdentities waits for the initial set of global security identities to have been received and populated into the allocator cache.

func WatchRemoteIdentities

func WatchRemoteIdentities(backend kvstore.BackendOperations) *allocator.RemoteCache

WatchRemoteIdentities starts watching for identities in another kvstore and syncs all identities to the local identity cache.

Types

type IdentitiesModel

type IdentitiesModel []*models.Identity

IdentitiesModel is a wrapper so that we can implement the sort.Interface to sort the slice by ID

func GetIdentities

func GetIdentities() IdentitiesModel

GetIdentities returns all known identities

func (IdentitiesModel) Less

func (s IdentitiesModel) Less(i, j int) bool

Less returns true if the element in index `i` is lower than the element in index `j`

type IdentityAllocatorOwner

type IdentityAllocatorOwner interface {
	// TriggerPolicyUpdates will be called whenever a policy recalculation
	// must be triggered
	TriggerPolicyUpdates(force bool, reason string)

	// GetSuffix must return the node specific suffix to use
	GetNodeSuffix() string
}

IdentityAllocatorOwner is the interface the owner of an identity allocator must implement

type IdentityCache

type IdentityCache map[identity.NumericIdentity]labels.LabelArray

IdentityCache is a cache of identity to labels mapping

func GetIdentityCache

func GetIdentityCache() IdentityCache

GetIdentityCache returns a cache of all known identities

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL