Documentation ¶
Index ¶
- func Add(mgr manager.Manager, heartbeatChan chan<- string) error
- func GetHeartbeatString() string
- type DNATProvider
- type IPRouteSmartNatHelper
- type IPTablesHelp
- func (h *IPTablesHelp) DeleteDNAT(externalIP net.IP, mapping *v1alpha1.Mapping) error
- func (h *IPTablesHelp) DeleteMark(externalIP net.IP, mapping *v1alpha1.Mapping) error
- func (h *IPTablesHelp) DeleteSNAT(externalIP net.IP, mapping *v1alpha1.Mapping) error
- func (h *IPTablesHelp) SetupDNAT(externalIP net.IP, mapping *v1alpha1.Mapping, svc *v1.Service, ...) error
- func (h *IPTablesHelp) SetupMark(externalIP net.IP, mapping *v1alpha1.Mapping) error
- func (h *IPTablesHelp) SetupSNAT(externalIP net.IP, mapping *v1alpha1.Mapping, svc *v1.Service, ...) error
- type IPTablesHelper
- type LinuxSyncer
- type Namer
- type ReconcileMapping
- type Scrubber
- type ShortName
- type Syncer
- type ThroughServiceDNAT
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Add ¶
Add creates a new Mapping Controller and adds it to the Manager with default RBAC. The Manager will set fields on the Controller and Start it when the Manager is Started.
func GetHeartbeatString ¶
func GetHeartbeatString() string
GetHeartbeatString returns string printed by heartbeat http request
Types ¶
type DNATProvider ¶
type DNATProvider interface { SetupDNAT(externalIP net.IP, mapping *v1alpha1.Mapping, svc *v1.Service, eps *v1.Endpoints, setupMasquerade bool) error DeleteDNAT(externalIP net.IP, mapping *v1alpha1.Mapping) error }
DNATProvider provides and interface to configure necessary DNAT rules from an External IP. The target of the translation a exact meanings to perform it are implementation specific.
SetupDNAT configures and synchronizes DNAT rules for the specified externalIP and mapping, service, endpoints trio
DeleteDNAT deletes all the configuration introduced by SetupDNAT for the specified externalIP and mapping.
func NewThroughServiceDNATProvider ¶
func NewThroughServiceDNATProvider(iptables nettools.IPTablesHelper, ipset nettools.IPSetHelper, namer Namer) DNATProvider
NewThroughServiceDNATProvider returns new instance of the ThroughServiceDNAT
type IPRouteSmartNatHelper ¶
type IPRouteSmartNatHelper interface { EnsureOnlyOneIPRuleExistsForFwMark(rule nettools.IPRule) ([]nettools.IPRule, time.Duration, error) etime.Refresher }
IPRouteSmartNatHelper is a customized nettools.IPRouteProvider, which supports auto-refreshing of ip addresses and routes
func NewChanIPRouteSmartNatHelper ¶
func NewChanIPRouteSmartNatHelper(ipRouteHelper nettools.IPRouteHelper, ifaceProvider nettools.InterfaceProvider, updateChan chan time.Time, refreshOnCreate bool, gwAddressOffset int32) IPRouteSmartNatHelper
NewChanIPRouteSmartNatHelper creates IPRouteSmartNatHelper with routing rules refresh ran every time there's a new message on the update channel
func NewIPRouteSmartNatHelper ¶
func NewIPRouteSmartNatHelper(routeHelperExecutor command.Executor, routeHelperIoOp nettools.SimpleFileOperator, ifaceProvider nettools.InterfaceProvider, refreshPeriod time.Duration, gwAddressOffset int32) IPRouteSmartNatHelper
NewIPRouteSmartNatHelper creates IPRouteSmartNatHelper with periodic autorefreshing for them
type IPTablesHelp ¶
type IPTablesHelp struct {
// contains filtered or unexported fields
}
IPTablesHelp implements IPTablesHelper interface using Linux iptables
func (*IPTablesHelp) DeleteDNAT ¶
DeleteDNAT implements IPTablesHelper.DeleteDNAT using linux iptables.
func (*IPTablesHelp) DeleteMark ¶
DeleteMark implements IPTablesHelper.DeleteMark using linux iptables.
func (*IPTablesHelp) DeleteSNAT ¶
DeleteSNAT implements IPTablesHelper.DeleteSNAT using linux iptables.
func (*IPTablesHelp) SetupDNAT ¶
func (h *IPTablesHelp) SetupDNAT(externalIP net.IP, mapping *v1alpha1.Mapping, svc *v1.Service, eps *v1.Endpoints, setupMasquerade bool) error
SetupDNAT implements IPTablesHelper.SetupDNAT using linux iptables.
type IPTablesHelper ¶
type IPTablesHelper interface { SetupDNAT(externalIP net.IP, mapping *v1alpha1.Mapping, svc *v1.Service, eps *v1.Endpoints, setupMasquerade bool) error SetupSNAT(externalIP net.IP, mapping *v1alpha1.Mapping, svc *v1.Service, eps *v1.Endpoints) error SetupMark(externalIP net.IP, mapping *v1alpha1.Mapping) error DeleteDNAT(externalIP net.IP, mapping *v1alpha1.Mapping) error DeleteSNAT(externalIP net.IP, mapping *v1alpha1.Mapping) error DeleteMark(externalIP net.IP, mapping *v1alpha1.Mapping) error }
IPTablesHelper provides high level operations tuned for smart-nat-controller on system's -
SetupDNAT sets up a DNAT rule for a traffic coming to externalIP to Service/Endpoints passed as the arguments for ports and sources listed in Maping.Spec.
SetupSNAT sets up a SNAT rule for a traffic coming from any pod listed in Endpoints and going out through the interface with externalIP.
SetupMark sets up an iptables mark rule for the set associated with this mapping and external IP ¶
DeleteDNAT deletes all DNAT entries created by SetupDNAT for externalIP and mapping passed as arguments.
DeleteSNAT deletes all SNAT entries created by SetupSNAT for externalIP and mapping passed as arguments.
DeleteMark deletes Mark entry created by SetupMark for externalIP and mapping passed as arguments.
func NewIPTablesHelper ¶
func NewIPTablesHelper(dnatProvider DNATProvider, iptables nettools.IPTablesHelper, namer Namer, ifaceProvider nettools.InterfaceProvider, setupMasquerade, setupSNAT bool) ( IPTablesHelper, error)
NewIPTablesHelper returns new NewIPTablesHelper implemented by NewIPTablesHelp
type LinuxSyncer ¶
type LinuxSyncer struct {
// contains filtered or unexported fields
}
LinuxSyncer handles state synchronization between API objects and operating system configuration
func (*LinuxSyncer) DeleteMapping ¶
func (s *LinuxSyncer) DeleteMapping(mapping *v1alpha1.Mapping, externalIP net.IP) (dirty bool, err error)
DeleteMapping deletes all operating system configuration related to given mapping. When configuration is delted, it updates Status field of the mapping.
type Namer ¶
type Namer interface {
Name(objectMeta metav1.ObjectMeta) ShortName
}
Namer provides a consistent, unique and concise names for full namespace/name names
Name returns a concise name for a give namespaced name
type ReconcileMapping ¶
ReconcileMapping reconciles a Mapping object
func (*ReconcileMapping) Reconcile ¶
Reconcile reads that state of the cluster for a Mapping object and makes changes based on the state read and what is in the Mapping.Spec Automatically generate RBAC rules to allow the Controller to read and write Mappings, Services and Endpoints +kubebuilder:rbac:groups=apps,resources=services;endpoints,verbs=get;list;watch +kubebuilder:rbac:groups=smartnat.aureacentral.com,resources=mappings,verbs=get;list;watch;create;update;patch;delete
type Scrubber ¶
type Scrubber interface { // ScrubMapping does scrubbing on *v1alpha1.Mapping object, including validating ports // and setting their defaults if needed, validating CIDR expressions and checking if IP // address is local. It also checks for externalIP:port conflicts with mappings in // slice passed as the second argument. ScrubMapping(sn *v1alpha1.Mapping, others []v1alpha1.Mapping) (valid, dirty bool, validErrMessage string, localExternalIP *net.IP) // ValidateEndpoints checks if Endpoints have only 0 or 1 Subsets ValidateEndpoints(mapping *smartnatv1alpha1.Mapping, endpoints *v1.Endpoints) error }
Scrubber provides validation, scrubbing and safe defaults for objects passed to it.
func NewScrubber ¶
func NewScrubber(interfaceProvider nettools.InterfaceProvider, cfg *config.Config) Scrubber
NewScrubber returns a scrubber for SmartNat objects
type ShortName ¶
type ShortName = string
ShortName is a at most 24 characters long name based on original metav1.ObjectMeta namespace and name
type Syncer ¶
type Syncer interface { // DeleteMapping deletes all the configuration related to the // Mapping passed as an argument DeleteMapping(sn *v1alpha1.Mapping, externalIP net.IP) (dirty bool, err error) // SyncMapping reconciles data input and output paths, setting up everything // that is needed for the traffic arriving on External IP to reach // the given Service and then get back to a client SyncMapping(sn *v1alpha1.Mapping, svc *v1.Service, eps *v1.Endpoints) (dirty bool, err error) }
Syncer runs everything required to reconcile a single Mapping
func NewSyncer ¶
func NewSyncer(namer Namer, interfaceProvider nettools.InterfaceProvider, ipRouteHelper IPRouteSmartNatHelper, conntrackHelper nettools.ConntrackHelper, iptHelper IPTablesHelper, ipsetHelper nettools.IPSetHelper, setupSNAT, setupMasq bool) Syncer
NewSyncer creates a new Linux based Syncer
type ThroughServiceDNAT ¶
type ThroughServiceDNAT struct {
// contains filtered or unexported fields
}
ThroughServiceDNAT implements DNATProvider by doing translation from External IP to ClusterIP of the service. The translation is done using iptables and will only work if kube-proxy is not running in 'iptables' mode. 'IPVS' kube-proxy is highly recommended and the only supported configuration.
func (*ThroughServiceDNAT) DeleteDNAT ¶
DeleteDNAT implements DNATProvider.DeleteDNAT by removing translation in iptables from External IP to ClusterIP of the Service.
func (*ThroughServiceDNAT) SetupDNAT ¶
func (p *ThroughServiceDNAT) SetupDNAT(externalIP net.IP, mapping *v1alpha1.Mapping, svc *v1.Service, _ *v1.Endpoints, setupMasquerade bool) error
SetupDNAT implements DNATProvider.SetupDNAT by doing translation with iptables from External IP to ClusterIP of the Service.