Documentation ¶
Index ¶
Constants ¶
View Source
const DestinationRulesCheckerType = "destinationrule"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type DisabledMeshWideMTLSChecker ¶ added in v1.19.0
type DisabledMeshWideMTLSChecker struct { DestinationRule kubernetes.IstioObject MeshPeerAuthns []kubernetes.IstioObject }
func (DisabledMeshWideMTLSChecker) Check ¶ added in v1.19.0
func (c DisabledMeshWideMTLSChecker) Check() ([]*models.IstioCheck, bool)
type DisabledNamespaceWideMTLSChecker ¶ added in v0.17.0
type DisabledNamespaceWideMTLSChecker struct { DestinationRule kubernetes.IstioObject MTLSDetails kubernetes.MTLSDetails }
func (DisabledNamespaceWideMTLSChecker) Check ¶ added in v0.17.0
func (m DisabledNamespaceWideMTLSChecker) Check() ([]*models.IstioCheck, bool)
Check if a the PeerAuthn is allows non-mtls traffic when DestinationRule explicitly disables mTLS ns-wide
type MeshWideMTLSChecker ¶ added in v0.16.0
type MeshWideMTLSChecker struct { DestinationRule kubernetes.IstioObject MTLSDetails kubernetes.MTLSDetails }
func (MeshWideMTLSChecker) Check ¶ added in v0.16.0
func (m MeshWideMTLSChecker) Check() ([]*models.IstioCheck, bool)
type MultiMatchChecker ¶
type MultiMatchChecker struct { DestinationRules []kubernetes.IstioObject ExportedDestinationRules []kubernetes.IstioObject ServiceEntries map[string][]string Namespaces models.Namespaces }
func (MultiMatchChecker) Check ¶
func (m MultiMatchChecker) Check() models.IstioValidations
Check validates that no two destinationRules target the same host+subset combination
type NamespaceWideMTLSChecker ¶ added in v0.17.0
type NamespaceWideMTLSChecker struct { DestinationRule kubernetes.IstioObject MTLSDetails kubernetes.MTLSDetails }
func (NamespaceWideMTLSChecker) Check ¶ added in v0.17.0
func (m NamespaceWideMTLSChecker) Check() ([]*models.IstioCheck, bool)
type NoDestinationChecker ¶
type NoDestinationChecker struct { Namespace string Namespaces models.Namespaces WorkloadList models.WorkloadList DestinationRule kubernetes.IstioObject VirtualServices []kubernetes.IstioObject ServiceEntries map[string][]string Services []core_v1.Service RegistryStatus []*kubernetes.RegistryStatus }
func (NoDestinationChecker) Check ¶
func (n NoDestinationChecker) Check() ([]*models.IstioCheck, bool)
Check parses the DestinationRule definitions and verifies that they point to an existing service, including any subset definitions
type TrafficPolicyChecker ¶ added in v0.15.0
type TrafficPolicyChecker struct { DestinationRules []kubernetes.IstioObject ExportedDestinationRules []kubernetes.IstioObject MTLSDetails kubernetes.MTLSDetails }
func (TrafficPolicyChecker) Check ¶ added in v0.15.0
func (t TrafficPolicyChecker) Check() models.IstioValidations
Click to show internal directories.
Click to hide internal directories.