Documentation
¶
Index ¶
Constants ¶
const (
RuleIDLength = 16
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CompletedRule ¶
type CompletedRule struct {
FromAddresses sets.String
ToAddresses sets.String
Pods podSet
// contains filtered or unexported fields
}
CompletedRule contains IPAddresses and Pods flattened from AddressGroups and AppliedToGroups. It's the struct used by reconciler.
type Controller ¶
type Controller struct {
// contains filtered or unexported fields
}
Controller is responsible for watching Antrea AddressGroups, AppliedToGroups, and NetworkPolicies, feeding them to ruleCache, getting dirty rules from ruleCache, invoking reconciler to reconcile them.
a.Feed AddressGroups,AppliedToGroups
and NetworkPolicies
|-----------| <-------- |----------- | c. Reconcile dirty rules |----------- |
| ruleCache | | Controller | ------------> | reconciler |
| ----------| --------> |----------- | |----------- |
b. Notify dirty rules
func NewNetworkPolicyController ¶
func NewNetworkPolicyController(antreaClient versioned.Interface, ofClient openflow.Client, ifaceStore interfacestore.InterfaceStore, nodeName string, gatewayIP string) *Controller
NewNetworkPolicyController returns a new *Controller.
func (*Controller) Run ¶
func (c *Controller) Run(stopCh <-chan struct{}) error
Run begins watching and processing Antrea AddressGroups, AppliedToGroups and NetworkPolicies, and spawns workers that reconciles NetworkPolicy rules. Run will not return until stopCh is closed.
type Reconciler ¶
type Reconciler interface {
// Reconcile reconciles the desired state of the provided CompletedRule
// with the actual state of Openflow entries.
Reconcile(rule *CompletedRule) error
// Forget cleanups the actual state of Openflow entries of the specified ruleID.
Forget(ruleID string) error
}
Reconciler is an interface that knows how to reconcile the desired state of CompletedRule with the actual state of Openflow entries.
Source Files