Documentation ¶
Overview ¶
Package networking contains interfaces to the database models for Network ACLs and Routes.
Index ¶
- Variables
- func ValidateACL(acl *v1.NetworkACL) error
- func ValidateRoute(route *v1.Route) error
- type ACL
- func (a *ACL) DestinationPrefixes() []netip.Prefix
- func (a *ACL) Equals(other *ACL) bool
- func (a *ACL) Expand(ctx context.Context) error
- func (a ACL) MarshalJSON() ([]byte, error)
- func (acl *ACL) Matches(ctx context.Context, action Action) bool
- func (a *ACL) Proto() *v1.NetworkACL
- func (a *ACL) SourcePrefixes() []netip.Prefix
- func (a *ACL) UnmarshalJSON(data []byte) error
- type ACLs
- func (a ACLs) Accept(ctx context.Context, action Action) bool
- func (a ACLs) AllowNodesToCommunicate(ctx context.Context, nodeA, nodeB peergraph.MeshNode) bool
- func (a ACLs) Expand(ctx context.Context) error
- func (a ACLs) Len() int
- func (a ACLs) Less(i, j int) bool
- func (a ACLs) Proto() []*v1.NetworkACL
- func (a ACLs) Sort(direction SortDirection)
- func (a ACLs) Swap(i, j int)
- type Action
- type Networking
- type Route
- type Routes
- type SortDirection
Constants ¶
This section is empty.
Variables ¶
var ( // BootstrapNodesNetworkACLName is the name of the bootstrap nodes NetworkACL. BootstrapNodesNetworkACLName = []byte("bootstrap-nodes") // NetworkACLsPrefix is where NetworkACLs are stored in the database. NetworkACLsPrefix = storage.RegistryPrefix.For([]byte("network-acls")) // RoutesPrefix is where Routes are stored in the database. RoutesPrefix = storage.RegistryPrefix.For([]byte("routes")) // GroupReference is the prefix of a node name that indicates it is a group reference. GroupReference = "group:" )
var ErrACLNotFound = errors.New("network acl not found")
ErrACLNotFound is returned when a NetworkACL is not found.
var ErrInvalidACL = errors.New("invalid network acl")
ErrInvalidACL is returned when a NetworkACL is invalid.
var ErrInvalidRoute = errors.New("invalid route")
ErrInvalidRoute is returned when a Route is invalid.
var ErrRouteNotFound = errors.New("route not found")
ErrRouteNotFound is returned when a Route is not found.
Functions ¶
func ValidateACL ¶ added in v0.6.6
func ValidateACL(acl *v1.NetworkACL) error
ValidateACL validates a NetworkACL.
func ValidateRoute ¶ added in v0.6.6
ValidateRoute validates a Route.
Types ¶
type ACL ¶
type ACL struct { *v1.NetworkACL // contains filtered or unexported fields }
ACL is a Network ACL.
func (*ACL) DestinationPrefixes ¶ added in v0.6.5
DestinationPrefixes returns the destination prefixes for the ACL. Invalid prefixes will be ignored.
func (ACL) MarshalJSON ¶ added in v0.6.6
Marshal marshals the ACL to protobuf json.
func (*ACL) Proto ¶
func (a *ACL) Proto() *v1.NetworkACL
Proto returns the protobuf representation of the ACL.
func (*ACL) SourcePrefixes ¶ added in v0.6.5
SourcePrefixes returns the source prefixes for the ACL. Invalid prefixes will be ignored.
func (*ACL) UnmarshalJSON ¶ added in v0.6.6
Unmarshal unmarshals the ACL from a protobuf.
type ACLs ¶
type ACLs []*ACL
ACLs is a list of Network ACLs. It contains methods for evaluating actions against contained permissions. It also allows for sorting by priority.
func (ACLs) Accept ¶
Accept evaluates an action against the ACLs in the list. It assumes the ACLs are sorted by priority. The first ACL that matches the action will be used. If no ACL matches, the action is denied.
func (ACLs) AllowNodesToCommunicate ¶ added in v0.6.5
AllowNodesToCommunicate checks if the given nodes are allowed to communicate.
func (ACLs) Less ¶
Less returns whether the ACL at index i should be sorted before the ACL at index j.
func (ACLs) Proto ¶
func (a ACLs) Proto() []*v1.NetworkACL
Proto returns the protobuf representation of the ACLs.
type Action ¶ added in v0.6.5
type Action struct {
*v1.NetworkAction
}
Action wraps a NetworkAction.
func (*Action) DestinationPrefix ¶ added in v0.6.5
DestinationPrefix returns the destination prefix for the action if it is valid.
func (*Action) Proto ¶ added in v0.6.5
func (a *Action) Proto() *v1.NetworkAction
Proto returns the protobuf representation of the action.
func (*Action) SourcePrefix ¶ added in v0.6.5
SourcePrefix returns the source prefix for the action if it is valid.
type Networking ¶
type Networking interface { // PutNetworkACL creates or updates a NetworkACL. PutNetworkACL(ctx context.Context, acl *v1.NetworkACL) error // GetNetworkACL returns a NetworkACL by name. GetNetworkACL(ctx context.Context, name string) (ACL, error) // DeleteNetworkACL deletes a NetworkACL by name. DeleteNetworkACL(ctx context.Context, name string) error // ListNetworkACLs returns a list of NetworkACLs. ListNetworkACLs(ctx context.Context) (ACLs, error) // PutRoute creates or updates a Route. PutRoute(ctx context.Context, route *v1.Route) error // GetRoute returns a Route by name. GetRoute(ctx context.Context, name string) (Route, error) // GetRoutesByNode returns a list of Routes for a given Node. GetRoutesByNode(ctx context.Context, nodeName string) (Routes, error) // GetRoutesByCIDR returns a list of Routes for a given CIDR. GetRoutesByCIDR(ctx context.Context, cidr netip.Prefix) (Routes, error) // DeleteRoute deletes a Route by name. DeleteRoute(ctx context.Context, name string) error // ListRoutes returns a list of Routes. ListRoutes(ctx context.Context) (Routes, error) // FilterGraph filters the adjacency map in the given graph for the given node ID according // to the current network ACLs. If the ACL list is nil, an empty adjacency map is returned. An // error is returned on faiure building the initial map or any database error. FilterGraph(ctx context.Context, graph peergraph.Graph, nodeID string) (peergraph.AdjacencyMap, error) }
Networking is the interface to the database models for network resources.
type Route ¶ added in v0.6.6
Route wraps a Route.
func (*Route) DestinationPrefixes ¶ added in v0.6.6
DestinationPrefixes returns the destination prefixes for the route.
func (Route) MarshalJSON ¶ added in v0.6.6
Marshal marshals the route to protobuf json.
func (*Route) UnmarshalJSON ¶ added in v0.6.6
Unmarshal unmarshals the route from a protobuf.
type Routes ¶ added in v0.6.6
type Routes []Route
Routes is a list of routes.
func (Routes) Less ¶ added in v0.6.6
Less returns whether the name of the route at index i is less than the name of the route at index j.
type SortDirection ¶
type SortDirection int
SortDirection is the direction to sort ACLs.
const ( // SortDescending sorts ACLs in descending order. SortDescending SortDirection = iota // SortAscending sorts ACLs in ascending order. SortAscending )