Documentation ¶
Index ¶
- Constants
- func DetectBackend(lookPath func(file string) (string, error), newCmd cmdshim.CmdFactory, ...) string
- func FindBestBinary(lookPath func(file string) (string, error), ipVersion uint8, ...) string
- func GetDistFromString(s string) string
- func GetDistributionName() string
- func GetKernelVersionReader() (io.Reader, error)
- type FakeFeatureDetector
- type FeatureDetector
- type FeatureDetectorIface
- type Features
- type Option
- type Version
Constants ¶
const ( Ubuntu string = "ubuntu" RedHat string = "rhel" DefaultDistro string = "default" )
Variables ¶
This section is empty.
Functions ¶
func DetectBackend ¶
func DetectBackend(lookPath func(file string) (string, error), newCmd cmdshim.CmdFactory, specifiedBackend string) string
GetIptablesBackend attempts to detect the iptables backend being used where Felix is running. This code is duplicating the detection method found at https://github.com/kubernetes-sigs/iptables-wrappers/blob/master/iptables-wrapper-installer.sh#L107 If there is a specifiedBackend then it is used but if it does not match the detected backend then a warning is logged.
func FindBestBinary ¶
func FindBestBinary(lookPath func(file string) (string, error), ipVersion uint8, backendMode, saveOrRestore string) string
FindBestBinary tries to find an iptables binary for the specific variant (legacy/nftables mode) and returns the name of the binary. Falls back on iptables-restore/iptables-save if the specific variant isn't available. Panics if no binary can be found.
func GetDistFromString ¶
func GetDistributionName ¶
func GetDistributionName() string
func GetKernelVersionReader ¶
Types ¶
type FakeFeatureDetector ¶
type FakeFeatureDetector struct {
Features
}
func (*FakeFeatureDetector) FeatureGate ¶
func (f *FakeFeatureDetector) FeatureGate(name string) string
func (*FakeFeatureDetector) GetFeatures ¶
func (f *FakeFeatureDetector) GetFeatures() *Features
func (*FakeFeatureDetector) RefreshFeatures ¶
func (f *FakeFeatureDetector) RefreshFeatures()
type FeatureDetector ¶
type FeatureDetector struct { // Path to file with kernel version GetKernelVersionReader func() (io.Reader, error) // Factory for making commands, used by iptables UTs to shim exec.Command(). NewCmd cmdshim.CmdFactory // contains filtered or unexported fields }
func NewFeatureDetector ¶
func NewFeatureDetector(overrides map[string]string, opts ...Option) *FeatureDetector
func (*FeatureDetector) FeatureGate ¶
func (*FeatureDetector) GetFeatures ¶
func (d *FeatureDetector) GetFeatures() *Features
func (*FeatureDetector) KernelIsAtLeast ¶
func (d *FeatureDetector) KernelIsAtLeast(v string) (bool, error)
KernelIsAtLeast returns whether the predicate is true or not and an error in case it was not able to determine it.
func (*FeatureDetector) RefreshFeatures ¶
func (d *FeatureDetector) RefreshFeatures()
type FeatureDetectorIface ¶
type Features ¶
type Features struct { // SNATFullyRandom is true if --random-fully is supported by the SNAT action. SNATFullyRandom bool // MASQFullyRandom is true if --random-fully is supported by the MASQUERADE action. MASQFullyRandom bool // RestoreSupportsLock is true if the iptables-restore command supports taking the xtables lock and the // associated -w and -W arguments. RestoreSupportsLock bool // ChecksumOffloadBroken is true for kernels that have broken checksum offload for packets with SNATted source // ports. See https://github.com/projectcalico/calico/issues/3145. On such kernels we disable checksum offload // on our VXLAN and IPIP device. ChecksumOffloadBroken bool // IPIPDeviceIsL3 represent if ipip tunnels acts like other l3 devices IPIPDeviceIsL3 bool // KernelSideRouteFiltering is true if the kernel supports filtering netlink route dumps kernel-side. // This is much more efficient. KernelSideRouteFiltering bool }
type Option ¶
type Option func(detector *FeatureDetector)
func WithFeatureGates ¶
func WithNetlinkOverride ¶
func WithNetlinkOverride(f func() (netlinkshim.Interface, error)) Option
type Version ¶
type Version struct {
// contains filtered or unexported fields
}