Documentation
¶
Index ¶
Constants ¶
View Source
const ( PolicyTypeIngress PolicyType = "Ingress" PolicyTypeEgress PolicyType = "Egress" PolicyActionPass PolicyAction = "Pass" PolicyActionDrop PolicyAction = "Drop" ProtocolTCP PolicyPortProtocol = "TCP" ProtocolUDP PolicyPortProtocol = "UDP" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type InterfaceInfo ¶
type InterfaceInfo struct {
// Network is the network interfaceInfo is associated with
Network string
// Pod Interface same
InterfaceName string
// IPs are the IPs assigned to the interface
IPs []net.IP
// DeviceID is the Device ID associated with the interface
DeviceID string
}
InterfaceInfo holds information about the interface
func (*InterfaceInfo) GetUID ¶
func (i *InterfaceInfo) GetUID() string
GetUID returns a unique ID for InterfaceInfo in the following format:
<network-namespace>/<network-name>/<interface-name>
type PolicyAction ¶
type PolicyAction string
PolicyAction is Action needed to be performed for the given Rule
type PolicyRuleSet ¶
type PolicyRuleSet struct {
IfcInfo InterfaceInfo
Type PolicyType
Rules []Rule
}
PolicyRuleSet holds the set of Rules of the given Type that should apply to the interface identified by IfcInfo
type PolicyType ¶
type PolicyType string
PolicyType is the type of policy either PolicyTypeIngress or PolicyTypeEgress
type Port ¶
type Port struct {
Protocol PolicyPortProtocol
Number uint16
}
Port holds port information
type Renderer ¶
type Renderer interface {
// RenderEgress renders PolicyRuleSet for Egress Kubernetes multinetwork policy.
// target - is the target pod for which PolicyRuleSets are generated
// currentPolicies - is the current state of MultiNetworkPolicies in the cluster
// currentPods - is the current state of Pods in the cluster
// currentNamespaces - is the current state of Namespaces in the cluster
RenderEgress(target *controllers.PodInfo,
currentPolicies controllers.PolicyMap,
currentPods controllers.PodMap,
currentNamespaces controllers.NamespaceMap) ([]PolicyRuleSet, error)
// RenderIngress renders PolicyRuleSet for Ingress Kubernetes multinetwork policy
// target - is the target pod for which PolicyRuleSets are generated
// currentPolicies - is the current state of MultiNetworkPolicies in the cluster
// currentPods - is the current state of Pods in the cluster
// currentNamespaces - is the current state of Namespaces in the cluster
RenderIngress(target *controllers.PodInfo,
currentPolicies controllers.PolicyMap,
currentPods controllers.PodMap,
currentNamespaces controllers.NamespaceMap) ([]PolicyRuleSet, error)
}
Renderer is an interface used to render PolicyRuleSet for a Pod Network
type RendererImpl ¶
type RendererImpl struct {
// contains filtered or unexported fields
}
RendererImpl implements Renderer Interface
func NewRendererImpl ¶
func NewRendererImpl(log klog.Logger) *RendererImpl
NewRendererImpl creates a new instance of Renderer implementation
func (*RendererImpl) RenderEgress ¶
func (r *RendererImpl) RenderEgress(target *controllers.PodInfo, currentPolicies controllers.PolicyMap, currentPods controllers.PodMap, currentNamespaces controllers.NamespaceMap) ([]PolicyRuleSet, error)
RenderEgress implements Renderer Interface
func (*RendererImpl) RenderIngress ¶
func (r *RendererImpl) RenderIngress(target *controllers.PodInfo, currentPolicies controllers.PolicyMap, currentPods controllers.PodMap, currentNamespaces controllers.NamespaceMap) ([]PolicyRuleSet, error)
RenderIngress implements Renderer Interface
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.