Directories ¶
Path | Synopsis |
---|---|
api
|
|
v1/health/server
Package server Cilium-Health API
|
Package server Cilium-Health API |
v1/models
Package models defines all models to be used in the Cilium API.
|
Package models defines all models to be used in the Cilium API. |
v1/operator/server
Package server Cilium Operator
|
Package server Cilium Operator |
v1/server
Package server Cilium API
|
Package server Cilium API |
pkg
|
|
alibabacloud/eni/types
Package types provides Alibaba Cloud specific types
|
Package types provides Alibaba Cloud specific types |
alignchecker
Package alignchecker provides routines to check Go and C struct alignments
|
Package alignchecker provides routines to check Go and C struct alignments |
allocator
Package allocator provides a kvstore based ID allocator
|
Package allocator provides a kvstore based ID allocator |
api
Package api provides the Cilium useful helpers for the external API
|
Package api provides the Cilium useful helpers for the external API |
aws/eni
Package eni implements AWS ENI allocation logic
|
Package eni implements AWS ENI allocation logic |
azure/ipam
Package ipam implements Azure IPAM logic
|
Package ipam implements Azure IPAM logic |
azure/types
+groupName=azure
|
+groupName=azure |
bandwidth
Package bandwidth provides efficient EDT-based rate-limiting.
|
Package bandwidth provides efficient EDT-based rate-limiting. |
bgp/config
Package config provides BGP configuration logic.
|
Package config provides BGP configuration logic. |
bgp/k8s
Package k8s provides a Kubernetes client to be used with MetalLB integration.
|
Package k8s provides a Kubernetes client to be used with MetalLB integration. |
bgp/log
Package log provides a central logging package that wraps MetalLB's logging.
|
Package log provides a central logging package that wraps MetalLB's logging. |
bgp/manager
Package manager provides functionality relating to the integration between Cilium and MetalLB, namely providing abstractions that help manage MetalLB from Cilium.
|
Package manager provides functionality relating to the integration between Cilium and MetalLB, namely providing abstractions that help manage MetalLB from Cilium. |
bgp/speaker
Package speaker abstracts the BGP speaker controller from MetalLB.
|
Package speaker abstracts the BGP speaker controller from MetalLB. |
bpf
Package bpf provides functions that allow golang programs to interact with bpf maps.
|
Package bpf provides functions that allow golang programs to interact with bpf maps. |
bpf/binary
Package binary is a fork of the upstream golang library.
|
Package binary is a fork of the upstream golang library. |
byteorder
Package byteorder provides functions to convert from and to network byte order.
|
Package byteorder provides functions to convert from and to network byte order. |
command/exec
Package exec provides useful wrappers around the standard "exec" library.
|
Package exec provides useful wrappers around the standard "exec" library. |
completion
Package completion implements a variant of sync.WaitGroup that is associated with a context.Context.
|
Package completion implements a variant of sync.WaitGroup that is associated with a context.Context. |
controller
Package controller provide a simple pattern for async operations that require retries and/or regular intervals.
|
Package controller provide a simple pattern for async operations that require retries and/or regular intervals. |
counter
Package counter provides generic reference counter objects
|
Package counter provides generic reference counter objects |
crypto/certloader
package certloader aim to provide a facility to ease dynamic tls.Config handling.
|
package certloader aim to provide a facility to ease dynamic tls.Config handling. |
datapath
Package datapath defines the interfaces to abstract all platform specific datapath components.
|
Package datapath defines the interfaces to abstract all platform specific datapath components. |
datapath/alignchecker
Package alignchecker is a thin wrapper around pkg/alignchecker to validate datapath object alignment.
|
Package alignchecker is a thin wrapper around pkg/alignchecker to validate datapath object alignment. |
datapath/connector
Package connector is responsible for the datapath specific plumbing to connect an endpoint to the network
|
Package connector is responsible for the datapath specific plumbing to connect an endpoint to the network |
datapath/fake
Package fake is a fake datapath implementation.
|
Package fake is a fake datapath implementation. |
datapath/ipcache
Package ipcache provides a BPF datapath implementation of the IPCache store.
|
Package ipcache provides a BPF datapath implementation of the IPCache store. |
datapath/iptables
Package iptables manages iptables-related configuration for Cilium.
|
Package iptables manages iptables-related configuration for Cilium. |
datapath/link
Package link provides the Cilium specific abstraction and useful helpers to manage network interfaces
|
Package link provides the Cilium specific abstraction and useful helpers to manage network interfaces |
datapath/linux
Package linux implements the Linux specific datapath implementation
|
Package linux implements the Linux specific datapath implementation |
datapath/linux/ipsec
Package ipsec provides the Linux datpaath specific abstraction and useful helpers to manage IPSec via Linux xfrm.
|
Package ipsec provides the Linux datpaath specific abstraction and useful helpers to manage IPSec via Linux xfrm. |
datapath/linux/linux_defaults
Package linux_defaults provides the Linux datapath defaults
|
Package linux_defaults provides the Linux datapath defaults |
datapath/linux/probes
Package probes provides BPF features checks based on bpftool.
|
Package probes provides BPF features checks based on bpftool. |
datapath/linux/route
Package route provides the Cilium specific abstraction and useful helpers to manage network routes
|
Package route provides the Cilium specific abstraction and useful helpers to manage network routes |
datapath/loader
Package loader provides accessors to compilation and BPF load routines necessary for creating datapath objects and attaching them to links.
|
Package loader provides accessors to compilation and BPF load routines necessary for creating datapath objects and attaching them to links. |
datapath/maps
Package maps performs various lifecycle operations related to maps in the datapath.
|
Package maps performs various lifecycle operations related to maps in the datapath. |
datapath/prefilter
Package prefilter provides a means of configuring XDP pre-filters for DDoS-mitigation.
|
Package prefilter provides a means of configuring XDP pre-filters for DDoS-mitigation. |
ebpf
Package ebpf provides functions that allow golang programs to interact with ebpf maps by wrapping the cilium/ebpf library.
|
Package ebpf provides functions that allow golang programs to interact with ebpf maps by wrapping the cilium/ebpf library. |
egressgateway
Package egressgateway defines an internal representation of the Cilium Egress Policy.
|
Package egressgateway defines an internal representation of the Cilium Egress Policy. |
elf
Package elf provides utility functions for manipulating ELF files on the filesystem.
|
Package elf provides utility functions for manipulating ELF files on the filesystem. |
endpointmanager
Package endpointmanager manages the list of all local endpoints
|
Package endpointmanager manages the list of all local endpoints |
envoy/xds
Package xds is an implementation of Envoy's xDS (Discovery Service) protocol.
|
Package xds is an implementation of Envoy's xDS (Discovery Service) protocol. |
eventqueue
Package eventqueue implements a queue-based system for event processing in a generic fashion in a first-in, first-out manner.
|
Package eventqueue implements a queue-based system for event processing in a generic fashion in a first-in, first-out manner. |
fqdn
Package fqdn handles some of the DNS-based policy functions: - A DNS lookup cache used to populate toFQDNs rules in the policy layer.
|
Package fqdn handles some of the DNS-based policy functions: - A DNS lookup cache used to populate toFQDNs rules in the policy layer. |
fqdn/re
Package re provides a simple function to access compile regex objects for the FQDN subsystem.
|
Package re provides a simple function to access compile regex objects for the FQDN subsystem. |
fqdn/restore
The restore package provides data structures important to restoring DNS proxy rules.
|
The restore package provides data structures important to restoring DNS proxy rules. |
identity
Package identity contains code for managing security identities in Cilium.
|
Package identity contains code for managing security identities in Cilium. |
identity/identitymanager
Package identitymanager tracks which global identities are being used by the currently running cilium-agent
|
Package identitymanager tracks which global identities are being used by the currently running cilium-agent |
ip
Package ip is a library for performing manipulations on IPv4 and IPv6 addresses and CIDR prefixes.
|
Package ip is a library for performing manipulations on IPv4 and IPv6 addresses and CIDR prefixes. |
ipam
Package ipam handles address allocation management
|
Package ipam handles address allocation management |
ipam/types
+groupName=ipam
|
+groupName=ipam |
ipcache
Package ipcache provides a local cache of the mapping of IPs of endpoints managed by Cilium to their corresponding security identities.
|
Package ipcache provides a local cache of the mapping of IPs of endpoints managed by Cilium to their corresponding security identities. |
k8s
Package k8s abstracts all Kubernetes specific behaviour
|
Package k8s abstracts all Kubernetes specific behaviour |
k8s/apis/cilium.io/v2
Package v2 is the v2 version of the API.
|
Package v2 is the v2 version of the API. |
k8s/apis/cilium.io/v2alpha1
Package v2alpha1 is the v2alpha1 version of the API.
|
Package v2alpha1 is the v2alpha1 version of the API. |
k8s/client/clientset/versioned
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
k8s/client/clientset/versioned/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
k8s/client/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
k8s/client/clientset/versioned/typed/cilium.io/v2
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
k8s/client/clientset/versioned/typed/cilium.io/v2/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
k8s/client/clientset/versioned/typed/cilium.io/v2alpha1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
k8s/client/clientset/versioned/typed/cilium.io/v2alpha1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
k8s/slim/k8s/api/core/v1
Package v1 contains slimmer versions of k8s core types.
|
Package v1 contains slimmer versions of k8s core types. |
k8s/slim/k8s/api/discovery/v1
Package v1 contains slimmer versions of k8s discovery types.
|
Package v1 contains slimmer versions of k8s discovery types. |
k8s/slim/k8s/api/discovery/v1beta1
Package v1beta1 contains slimmer versions of k8s discovery types.
|
Package v1beta1 contains slimmer versions of k8s discovery types. |
k8s/slim/k8s/api/networking/v1
Package v1 contains slimmer versions of k8s networking types.
|
Package v1 contains slimmer versions of k8s networking types. |
k8s/slim/k8s/apiextensions-client/clientset/versioned
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
k8s/slim/k8s/apiextensions-client/clientset/versioned/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
k8s/slim/k8s/apiextensions-client/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
k8s/slim/k8s/apiextensions-client/clientset/versioned/typed/apiextensions/v1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
k8s/slim/k8s/apiextensions-client/clientset/versioned/typed/apiextensions/v1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
k8s/slim/k8s/apis/apiextensions/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
k8s/slim/k8s/apis/labels
Package labels implements a simple label system, parsing and matching selectors with sets of labels.
|
Package labels implements a simple label system, parsing and matching selectors with sets of labels. |
k8s/slim/k8s/apis/meta/v1
Package types contains slimmer versions of k8s types.
|
Package types contains slimmer versions of k8s types. |
k8s/slim/k8s/apis/meta/v1beta1
package v1beta1 is alpha objects from meta that will be introduced.
|
package v1beta1 is alpha objects from meta that will be introduced. |
k8s/slim/k8s/apis/util/intstr
Package types contains slimmer versions of k8s types.
|
Package types contains slimmer versions of k8s types. |
k8s/slim/k8s/client/clientset/versioned
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
k8s/slim/k8s/client/clientset/versioned/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
k8s/slim/k8s/client/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
k8s/slim/k8s/client/clientset/versioned/typed/core/v1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
k8s/slim/k8s/client/clientset/versioned/typed/core/v1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
k8s/slim/k8s/client/clientset/versioned/typed/discovery/v1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
k8s/slim/k8s/client/clientset/versioned/typed/discovery/v1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
k8s/slim/k8s/client/clientset/versioned/typed/discovery/v1beta1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
k8s/slim/k8s/client/clientset/versioned/typed/discovery/v1beta1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
k8s/slim/k8s/client/clientset/versioned/typed/networking/v1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
k8s/slim/k8s/client/clientset/versioned/typed/networking/v1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
k8s/synced
Package synced provides tools for tracking if k8s resources have been initially sychronized with the k8s apiserver.
|
Package synced provides tools for tracking if k8s resources have been initially sychronized with the k8s apiserver. |
k8s/types
Package types contains slimmer versions of k8s types.
|
Package types contains slimmer versions of k8s types. |
k8s/version
Package version keeps track of the Kubernetes version the client is connected to
|
Package version keeps track of the Kubernetes version the client is connected to |
k8s/watchers/subscriber
Package subscriber implements a mechanism to represent K8s watcher subscribers and allows K8s events to objects / resources to notify their respective subscribers.
|
Package subscriber implements a mechanism to represent K8s watcher subscribers and allows K8s events to objects / resources to notify their respective subscribers. |
kafka
Package kafka provides a library to parse Kafka requests and responses and apply policy rules
|
Package kafka provides a library to parse Kafka requests and responses and apply policy rules |
kvstore
Package kvstore abstracts KVstore access and provides a high level API to atomically manage cluster wide resources
|
Package kvstore abstracts KVstore access and provides a high level API to atomically manage cluster wide resources |
kvstore/allocator
Package allocator provides a kvstore based ID allocator
|
Package allocator provides a kvstore based ID allocator |
kvstore/store
Package store implements a shared store backed by a kvstore or similar with the following properties:
|
Package store implements a shared store backed by a kvstore or similar with the following properties: |
labels
Package api defines the API of the Cilium network policy interface
|
Package api defines the API of the Cilium network policy interface |
labels/cidr
Package cidr provides helper methods for generating labels for CIDRs which are partially derived from node state.
|
Package cidr provides helper methods for generating labels for CIDRs which are partially derived from node state. |
loadbalancer
Package loadbalancer contains all logic related with the loadbalancer +groupName=pkg
|
Package loadbalancer contains all logic related with the loadbalancer +groupName=pkg |
loadinfo
Package loadinfo provides the ability to log system load information either at a particular time or periodically in the background
|
Package loadinfo provides the ability to log system load information either at a particular time or periodically in the background |
logging/logfields
Package logfields defines common logging fields which are used across packages
|
Package logfields defines common logging fields which are used across packages |
maps/bwmap
Package bwmap represents the BPF map used to enforce Pod bandwidth limitations via EDT (Earliest Departure Time) + BPF.
|
Package bwmap represents the BPF map used to enforce Pod bandwidth limitations via EDT (Earliest Departure Time) + BPF. |
maps/callsmap
Package callsmap represents the internal calls map for endpoint and host datapaths.
|
Package callsmap represents the internal calls map for endpoint and host datapaths. |
maps/ctmap
+groupName=maps
|
+groupName=maps |
maps/egressmap
+groupName=maps
|
+groupName=maps |
maps/encrypt
Package encrypt represents the nodes current encryption state.
|
Package encrypt represents the nodes current encryption state. |
maps/eppolicymap
Package eppolicymap represents the map from an endpoint ID to its policy map.
|
Package eppolicymap represents the map from an endpoint ID to its policy map. |
maps/eventsmap
Package eventsmap represents the perf event map used by the datapath to send events to the Cilium agent.
|
Package eventsmap represents the perf event map used by the datapath to send events to the Cilium agent. |
maps/fragmap
Package fragmap represents the BPF map used to associate IPv4 datagram fragments to the L4 ports of the datagram they belong to, in order to retrieve the full 5-tuple necessary to do L4-based lookups.
|
Package fragmap represents the BPF map used to associate IPv4 datagram fragments to the L4 ports of the datagram they belong to, in order to retrieve the full 5-tuple necessary to do L4-based lookups. |
maps/ipcache
+groupName=maps
|
+groupName=maps |
maps/lbmap
+groupName=maps
|
+groupName=maps |
maps/lxcmap
Package lxcmap represents the endpoints BPF map in the BPF programs.
|
Package lxcmap represents the endpoints BPF map in the BPF programs. |
maps/metricsmap
Package metricsmap represents the BPF metrics map in the BPF programs.
|
Package metricsmap represents the BPF metrics map in the BPF programs. |
maps/nat
Package nat implements the BPF NAT map interaction code.
|
Package nat implements the BPF NAT map interaction code. |
maps/neighborsmap
Package neighborsmap represents the map that stores IP to mac address mappings for NodePort clients.
|
Package neighborsmap represents the map that stores IP to mac address mappings for NodePort clients. |
maps/policymap
+groupName=maps
|
+groupName=maps |
maps/recorder
Package recorder represents the BPF map used to (wildcard-)filter traffic that is subject to the pcap recorder.
|
Package recorder represents the BPF map used to (wildcard-)filter traffic that is subject to the pcap recorder. |
maps/signalmap
Package signalmap represents the perf event map used to signal potential congestion to Cilium agent.
|
Package signalmap represents the perf event map used to signal potential congestion to Cilium agent. |
maps/sockmap
Package Sockmap represents the map from 5-tuple to the socket.
|
Package Sockmap represents the map from 5-tuple to the socket. |
maps/tunnel
+groupName=maps
|
+groupName=maps |
maps/vtep
+groupName=maps
|
+groupName=maps |
mcastmanager
Package mcastmanager manages endpoint's IPv6 addresses and join the node solicitation multicast addresses
|
Package mcastmanager manages endpoint's IPv6 addresses and join the node solicitation multicast addresses |
metrics
Package metrics holds prometheus metrics objects and related utility functions.
|
Package metrics holds prometheus metrics objects and related utility functions. |
modules
Package modules contains a manager of loaded modules which supports search operation.
|
Package modules contains a manager of loaded modules which supports search operation. |
monitor/alignchecker
Package alignchecker is a thin wrapper around pkg/alignchecker to validate monitor object alignment.
|
Package alignchecker is a thin wrapper around pkg/alignchecker to validate monitor object alignment. |
monitor/format
Package format provides stdout formatting of monitor messages for reuse by command-line clients of the monitor event channel.
|
Package format provides stdout formatting of monitor messages for reuse by command-line clients of the monitor event channel. |
mtu
Package mtu is a library for tracking and configuring MTU for devices and routes.
|
Package mtu is a library for tracking and configuring MTU for devices and routes. |
multicast
Package multicast contains various utility functions to work with IPv6 multicast
|
Package multicast contains various utility functions to work with IPv6 multicast |
netns
Package netns contains various utility functions to work with network namespaces
|
Package netns contains various utility functions to work with network namespaces |
node
Package node provides functionality related to the local and remote node addresses
|
Package node provides functionality related to the local and remote node addresses |
policy/api
Package api defines the API of the Cilium network policy interface +groupName=policy
|
Package api defines the API of the Cilium network policy interface +groupName=policy |
policy/api/kafka
Package kafka defines the Kafka API of the Cilium network policy interface +groupName=policy
|
Package kafka defines the Kafka API of the Cilium network policy interface +groupName=policy |
policy/trafficdirection
package trafficdirection specifies the directionality of policy in a numeric representation.
|
package trafficdirection specifies the directionality of policy in a numeric representation. |
pprof
Package pprof enables use of pprof in Cilium
|
Package pprof enables use of pprof in Cilium |
probe
Package probe provides a collection of kernel-side BPF feature probes.
|
Package probe provides a collection of kernel-side BPF feature probes. |
proxy/logger
Package logger provides the accesslog logging logic for all proxies
|
Package logger provides the accesslog logging logic for all proxies |
rate
Package rate provides a rate limiter to rate limit requests that can be burstable but they should only allowed N per a period defined.
|
Package rate provides a rate limiter to rate limit requests that can be burstable but they should only allowed N per a period defined. |
recorder
Package recorder provides an agent API for managing datapath pcap recorders.
|
Package recorder provides an agent API for managing datapath pcap recorders. |
redirectpolicy
Package redirectpolicy defines an internal representation of the Cilium Local Redirect Policy.
|
Package redirectpolicy defines an internal representation of the Cilium Local Redirect Policy. |
safetime
Package safetime contains a wrapper function for time.Since to deal with negative durations.
|
Package safetime contains a wrapper function for time.Since to deal with negative durations. |
set
Package set contains a function for performing a subset check for slices.
|
Package set contains a function for performing a subset check for slices. |
signal
Package signal provides handling notifications from perf RB signal map.
|
Package signal provides handling notifications from perf RB signal map. |
spanstat
Package spanstat provides a mechanism to measure duration of multiple spans and add them up to a total duration
|
Package spanstat provides a mechanism to measure duration of multiple spans and add them up to a total duration |
sysctl
Package sysctl allows to change kernel parameters at runtime.
|
Package sysctl allows to change kernel parameters at runtime. |
trigger
Package trigger provides a mechanism to trigger actions that require to be serialized while providing a non-blocking notification mechanism
|
Package trigger provides a mechanism to trigger actions that require to be serialized while providing a non-blocking notification mechanism |
tuple
Package tuple defines keys used for connection tuples in multiple BPF maps.
|
Package tuple defines keys used for connection tuples in multiple BPF maps. |
versioncheck
Package versioncheck provides utility wrappers for go-version, allowing the constraints to be used as global variables.
|
Package versioncheck provides utility wrappers for go-version, allowing the constraints to be used as global variables. |
wireguard/agent
This package contains the agent code used to configure the Wireguard tunnel between nodes.
|
This package contains the agent code used to configure the Wireguard tunnel between nodes. |
wireguard/types
Common Wireguard types and constants
|
Common Wireguard types and constants |
plugins
|
|
test
|
|
tools
|
|
dev-doctor
Command doctor checks the development setup for common problems.
|
Command doctor checks the development setup for common problems. |
Click to show internal directories.
Click to hide internal directories.