Documentation ¶
Overview ¶
The labelindex package provides the InheritIndex type, which emits events as the set of items (currently WorkloadEndpoints/HostEndpoint) it has been told about start (or stop) matching the label selectors (which are extracted from the active policy rules) it has been told about.
Label inheritance ¶
As the name suggests, the InheritIndex supports the notion of label inheritance. In our data-model:
- endpoints have their own labels; these take priority over any inherited labels
- endpoints also inherit labels from any explicitly-named profiles in their data
- profiles have explicit labels
For example, suppose an endpoint had labels
{"a": "ep-a", "b": "ep-b"}
and it explicitly referenced profile "profile-A", which had these labels:
{"a": "prof-a", "c": "prof-c", "d": "prof-d"}
then the resulting labels for the endpoint after considering inheritance would be:
{ "a": "ep-a", // Explicit endpoint label "wins" over profile labels. "b": "ep-b", "c": "prof-c", // Profile label gets inherited. "d": "prof-d", }
Index ¶
- type IPSetMember
- type IPSetPortProtocol
- type InheritIndex
- func (idx *InheritIndex) DeleteLabels(id interface{})
- func (idx *InheritIndex) DeleteParentLabels(parentID string)
- func (idx *InheritIndex) DeleteSelector(id interface{})
- func (l *InheritIndex) OnUpdate(update api.Update) (_ bool)
- func (idx *InheritIndex) UpdateLabels(id interface{}, labels map[string]string, parentIDs []string)
- func (idx *InheritIndex) UpdateParentLabels(parentID string, labels map[string]string)
- func (idx *InheritIndex) UpdateSelector(id interface{}, sel selector.Selector)
- type MatchCallback
- type NamedPortMatchCallback
- type OverlapSuppressor
- type SelectorAndNamedPortIndex
- func (idx *SelectorAndNamedPortIndex) CalculateEndpointContribution(d *endpointData, ipSetData *ipSetData) (contrib []IPSetMember)
- func (idx *SelectorAndNamedPortIndex) DeleteEndpoint(id any)
- func (idx *SelectorAndNamedPortIndex) DeleteIPSet(setID string)
- func (idx *SelectorAndNamedPortIndex) DeleteParentLabels(parentID string)
- func (idx *SelectorAndNamedPortIndex) OnUpdate(update api.Update) (_ bool)
- func (idx *SelectorAndNamedPortIndex) RecalcCachedContributions(epData *endpointData) map[string][]IPSetMember
- func (idx *SelectorAndNamedPortIndex) RegisterWith(allUpdDispatcher *dispatcher.Dispatcher)
- func (idx *SelectorAndNamedPortIndex) UpdateEndpointOrSet(id any, labels map[string]string, nets []ip.CIDR, ports []model.EndpointPort, ...)
- func (idx *SelectorAndNamedPortIndex) UpdateIPSet(ipSetID string, sel selector.Selector, namedPortProtocol IPSetPortProtocol, ...)
- func (idx *SelectorAndNamedPortIndex) UpdateParentLabels(parentID string, labels map[string]string)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type IPSetMember ¶
type IPSetMember struct { CIDR ip.CIDR Protocol IPSetPortProtocol PortNumber uint16 }
type IPSetPortProtocol ¶
type IPSetPortProtocol uint8
const ( ProtocolNone IPSetPortProtocol = 0 ProtocolTCP IPSetPortProtocol = 6 ProtocolUDP IPSetPortProtocol = 17 ProtocolSCTP IPSetPortProtocol = 132 )
func (IPSetPortProtocol) MatchesModelProtocol ¶
func (p IPSetPortProtocol) MatchesModelProtocol(protocol numorstring.Protocol) bool
func (IPSetPortProtocol) String ¶
func (p IPSetPortProtocol) String() string
type InheritIndex ¶
type InheritIndex struct { // Callback functions OnMatchStarted MatchCallback OnMatchStopped MatchCallback // contains filtered or unexported fields }
func NewInheritIndex ¶
func NewInheritIndex(onMatchStarted, onMatchStopped MatchCallback) *InheritIndex
func (*InheritIndex) DeleteLabels ¶
func (idx *InheritIndex) DeleteLabels(id interface{})
func (*InheritIndex) DeleteParentLabels ¶
func (idx *InheritIndex) DeleteParentLabels(parentID string)
func (*InheritIndex) DeleteSelector ¶
func (idx *InheritIndex) DeleteSelector(id interface{})
func (*InheritIndex) OnUpdate ¶
func (l *InheritIndex) OnUpdate(update api.Update) (_ bool)
OnUpdate makes LabelInheritanceIndex compatible with the UpdateHandler interface allowing it to be used in a calculation graph more easily.
func (*InheritIndex) UpdateLabels ¶
func (idx *InheritIndex) UpdateLabels(id interface{}, labels map[string]string, parentIDs []string)
func (*InheritIndex) UpdateParentLabels ¶
func (idx *InheritIndex) UpdateParentLabels(parentID string, labels map[string]string)
func (*InheritIndex) UpdateSelector ¶
func (idx *InheritIndex) UpdateSelector(id interface{}, sel selector.Selector)
type MatchCallback ¶
type MatchCallback func(selId, labelId interface{})
type NamedPortMatchCallback ¶
type NamedPortMatchCallback func(ipSetID string, member IPSetMember)
type OverlapSuppressor ¶
type OverlapSuppressor interface { Add(set string, cidr ip.CIDR) (ip.CIDR, []ip.CIDR) Remove(set string, cidr ip.CIDR) (ip.CIDR, []ip.CIDR) DeleteIPSet(set string) }
func NewMemberOverlapSuppressor ¶
func NewMemberOverlapSuppressor() OverlapSuppressor
func NewNoopMemberOverlapSuppressor ¶
func NewNoopMemberOverlapSuppressor() OverlapSuppressor
type SelectorAndNamedPortIndex ¶
type SelectorAndNamedPortIndex struct { // Callback functions OnMemberAdded NamedPortMatchCallback OnMemberRemoved NamedPortMatchCallback OnAlive func() // contains filtered or unexported fields }
func NewSelectorAndNamedPortIndex ¶
func NewSelectorAndNamedPortIndex(supressOverlaps bool) *SelectorAndNamedPortIndex
func (*SelectorAndNamedPortIndex) CalculateEndpointContribution ¶
func (idx *SelectorAndNamedPortIndex) CalculateEndpointContribution(d *endpointData, ipSetData *ipSetData) (contrib []IPSetMember)
CalculateEndpointContribution calculates the given endpoint's contribution to the given IP set. If the IP set represents a named port then the returned members will have a named port component. Returns nil if the endpoint doesn't contribute to the IP set.
func (*SelectorAndNamedPortIndex) DeleteEndpoint ¶
func (idx *SelectorAndNamedPortIndex) DeleteEndpoint(id any)
func (*SelectorAndNamedPortIndex) DeleteIPSet ¶
func (idx *SelectorAndNamedPortIndex) DeleteIPSet(setID string)
func (*SelectorAndNamedPortIndex) DeleteParentLabels ¶
func (idx *SelectorAndNamedPortIndex) DeleteParentLabels(parentID string)
func (*SelectorAndNamedPortIndex) OnUpdate ¶
func (idx *SelectorAndNamedPortIndex) OnUpdate(update api.Update) (_ bool)
OnUpdate makes SelectorAndNamedPortIndex compatible with the Dispatcher. It accepts updates for endpoints and profiles and passes them through to the Update/DeleteXXX methods.
func (*SelectorAndNamedPortIndex) RecalcCachedContributions ¶
func (idx *SelectorAndNamedPortIndex) RecalcCachedContributions(epData *endpointData) map[string][]IPSetMember
RecalcCachedContributions uses the cached set of matching IP set IDs in the endpoint struct to quickly recalculate the endpoint's contribution to all IP sets.
func (*SelectorAndNamedPortIndex) RegisterWith ¶
func (idx *SelectorAndNamedPortIndex) RegisterWith(allUpdDispatcher *dispatcher.Dispatcher)
func (*SelectorAndNamedPortIndex) UpdateEndpointOrSet ¶
func (idx *SelectorAndNamedPortIndex) UpdateEndpointOrSet( id any, labels map[string]string, nets []ip.CIDR, ports []model.EndpointPort, parentIDs []string, )
func (*SelectorAndNamedPortIndex) UpdateIPSet ¶
func (idx *SelectorAndNamedPortIndex) UpdateIPSet(ipSetID string, sel selector.Selector, namedPortProtocol IPSetPortProtocol, namedPort string)
func (*SelectorAndNamedPortIndex) UpdateParentLabels ¶
func (idx *SelectorAndNamedPortIndex) UpdateParentLabels(parentID string, labels map[string]string)