Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ClusterwideNetworkPolicyReconciler ¶
type ClusterwideNetworkPolicyReconciler struct { SeedClient client.Client ShootClient client.Client FirewallName string SeedNamespace string Log logr.Logger Recorder record.EventRecorder Interval time.Duration DnsProxy *dns.DNSProxy SkipDNS bool }
ClusterwideNetworkPolicyReconciler reconciles a ClusterwideNetworkPolicy object +kubebuilder:rbac:groups=metal-stack.io,resources=events,verbs=create;patch
func (*ClusterwideNetworkPolicyReconciler) SetupWithManager ¶
func (r *ClusterwideNetworkPolicyReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager configures this controller to run in schedule
type ClusterwideNetworkPolicyValidationReconciler ¶
type ClusterwideNetworkPolicyValidationReconciler struct { ShootClient client.Client Log logr.Logger Recorder record.EventRecorder }
ClusterwideNetworkPolicyValidationReconciler validates a ClusterwideNetworkPolicy object +kubebuilder:rbac:groups=metal-stack.io,resources=events,verbs=create;patch
func (*ClusterwideNetworkPolicyValidationReconciler) Reconcile ¶
func (r *ClusterwideNetworkPolicyValidationReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Validates ClusterwideNetworkPolicy object +kubebuilder:rbac:groups=metal-stack.io,resources=clusterwidenetworkpolicies,verbs=get;list;watch;create;update;patch;delete +kubebuilder:rbac:groups=metal-stack.io,resources=clusterwidenetworkpolicies/status,verbs=get;update;patch
func (*ClusterwideNetworkPolicyValidationReconciler) SetupWithManager ¶
func (r *ClusterwideNetworkPolicyValidationReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager configures this controller to watch for ClusterwideNetworkPolicy CRD
type DroptailerReconciler ¶
type DroptailerReconciler struct { ShootClient client.Client Log logr.Logger HostsFile string // contains filtered or unexported fields }
DroptailerReconciler reconciles a Droptailer object
func (*DroptailerReconciler) Reconcile ¶
func (r *DroptailerReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile droptailer with certificate and droptailer-server ip from pod inspection +kubebuilder:rbac:groups=metal-stack.io,resources=Droptailers,verbs=get;list;watch;create;update;patch;delete +kubebuilder:rbac:groups=metal-stack.io,resources=Droptailers/status,verbs=get;update;patch
func (*DroptailerReconciler) SetupWithManager ¶
func (r *DroptailerReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager configure this controller with required defaults
type FirewallMonitorReconciler ¶
type FirewallMonitorReconciler struct { ShootClient client.Client Recorder record.EventRecorder Log logr.Logger FirewallName string Namespace string IDSEnabled bool Interval time.Duration // contains filtered or unexported fields }
FirewallMonitorReconciler reconciles a firewall monitor object
func (*FirewallMonitorReconciler) Reconcile ¶
func (r *FirewallMonitorReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile updates the firewall monitor.
func (*FirewallMonitorReconciler) SeedUpdated ¶ added in v2.2.0
func (r *FirewallMonitorReconciler) SeedUpdated()
func (*FirewallMonitorReconciler) SetupWithManager ¶
func (r *FirewallMonitorReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager configures this controller to watch for the CRDs in a specific namespace
type FirewallReconciler ¶
type FirewallReconciler struct { SeedClient client.Client ShootClient client.Client Recorder record.EventRecorder Log logr.Logger Scheme *runtime.Scheme Updater *updater.Updater TokenUpdater *helper.ShootAccessTokenUpdater FirewallName string Namespace string SeedUpdatedFunc func() // contains filtered or unexported fields }
FirewallReconciler reconciles a Firewall object
func (*FirewallReconciler) Reconcile ¶
Reconcile reconciles a firewall by: - rendering nftables rules (changes in firewall networks) - exposing local services (nftables exporter and node exporter) in the shoot cluster as services
func (*FirewallReconciler) SetupWithManager ¶
func (r *FirewallReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager configures this controller to watch for the CRDs in a specific namespace