Documentation ¶
Index ¶
- Constants
- func LaunchRemoteEnforcer(service packetprocessor.PacketProcessor, zapConfig zap.Config, ...) error
- type RemoteEnforcer
- func (s *RemoteEnforcer) EnableDatapathPacketTracing(req rpcwrapper.Request, resp *rpcwrapper.Response) error
- func (s *RemoteEnforcer) EnableIPTablesPacketTracing(req rpcwrapper.Request, resp *rpcwrapper.Response) error
- func (s *RemoteEnforcer) Enforce(req rpcwrapper.Request, resp *rpcwrapper.Response) error
- func (s *RemoteEnforcer) EnforcerExit(req rpcwrapper.Request, resp *rpcwrapper.Response) error
- func (s *RemoteEnforcer) InitEnforcer(req rpcwrapper.Request, resp *rpcwrapper.Response) error
- func (s *RemoteEnforcer) Ping(req rpcwrapper.Request, resp *rpcwrapper.Response) error
- func (s *RemoteEnforcer) SetLogLevel(req rpcwrapper.Request, resp *rpcwrapper.Response) error
- func (s *RemoteEnforcer) SetTargetNetworks(req rpcwrapper.Request, resp *rpcwrapper.Response) error
- func (s *RemoteEnforcer) Unenforce(req rpcwrapper.Request, resp *rpcwrapper.Response) error
- func (s *RemoteEnforcer) UpdateSecrets(req rpcwrapper.Request, resp *rpcwrapper.Response) error
- type RemoteIntf
Constants ¶
const ( // InitEnforcer is string for invoking RPC InitEnforcer = "RemoteEnforcer.InitEnforcer" //Unenforce is string for invoking RPC Unenforce = "RemoteEnforcer.Unenforce" //Enforce is string for invoking RPC Enforce = "RemoteEnforcer.Enforce" // EnforcerExit is string for invoking RPC EnforcerExit = "RemoteEnforcer.EnforcerExit" // UpdateSecrets is string for invoking updatesecrets RPC UpdateSecrets = "RemoteEnforcer.UpdateSecrets" // SetTargetNetworks is string for invoking SetTargetNetworks RPC SetTargetNetworks = "RemoteEnforcer.SetTargetNetworks" // EnableIPTablesPacketTracing enable iptables trace mode EnableIPTablesPacketTracing = "RemoteEnforcer.EnableIPTablesPacketTracing" // EnableDatapathPacketTracing enable datapath packet tracing EnableDatapathPacketTracing = "RemoteEnforcer.EnableDatapathPacketTracing" // SetLogLevel is string for invoking set log level RPC SetLogLevel = "RemoteEnforcer.SetLogLevel" // Ping is the string for invoking ping RPC Ping = "RemoteEnforcer.Ping" )
Variables ¶
This section is empty.
Functions ¶
func LaunchRemoteEnforcer ¶
func LaunchRemoteEnforcer(service packetprocessor.PacketProcessor, zapConfig zap.Config, agentVersion semver.Version) error
LaunchRemoteEnforcer launches a remote enforcer
Types ¶
type RemoteEnforcer ¶
type RemoteEnforcer struct {
// contains filtered or unexported fields
}
RemoteEnforcer : This is the structure for maintaining state required by the remote enforcer. It is a cache of variables passed by the controller to the remote enforcer and other handles required by the remote enforcer to talk to the external processes
Why is this public when all members are private ? For golang RPC server requirements
func (*RemoteEnforcer) EnableDatapathPacketTracing ¶
func (s *RemoteEnforcer) EnableDatapathPacketTracing(req rpcwrapper.Request, resp *rpcwrapper.Response) error
EnableDatapathPacketTracing enable nfq datapath packet tracing
func (*RemoteEnforcer) EnableIPTablesPacketTracing ¶
func (s *RemoteEnforcer) EnableIPTablesPacketTracing(req rpcwrapper.Request, resp *rpcwrapper.Response) error
EnableIPTablesPacketTracing enables iptables trace packet tracing
func (*RemoteEnforcer) Enforce ¶
func (s *RemoteEnforcer) Enforce(req rpcwrapper.Request, resp *rpcwrapper.Response) error
Enforce this method calls the enforce method on the enforcer created during initenforcer
func (*RemoteEnforcer) EnforcerExit ¶
func (s *RemoteEnforcer) EnforcerExit(req rpcwrapper.Request, resp *rpcwrapper.Response) error
EnforcerExit is processing messages from the remote that are requesting an exit. In this case we simply cancel the context.
func (*RemoteEnforcer) InitEnforcer ¶
func (s *RemoteEnforcer) InitEnforcer(req rpcwrapper.Request, resp *rpcwrapper.Response) error
InitEnforcer is a function called from the controller using RPC. It intializes data structure required by the remote enforcer
func (*RemoteEnforcer) Ping ¶
func (s *RemoteEnforcer) Ping(req rpcwrapper.Request, resp *rpcwrapper.Response) error
Ping runs ping to the given config
func (*RemoteEnforcer) SetLogLevel ¶
func (s *RemoteEnforcer) SetLogLevel(req rpcwrapper.Request, resp *rpcwrapper.Response) error
SetLogLevel sets log level.
func (*RemoteEnforcer) SetTargetNetworks ¶
func (s *RemoteEnforcer) SetTargetNetworks(req rpcwrapper.Request, resp *rpcwrapper.Response) error
SetTargetNetworks calls the same method on the actual enforcer
func (*RemoteEnforcer) Unenforce ¶
func (s *RemoteEnforcer) Unenforce(req rpcwrapper.Request, resp *rpcwrapper.Response) error
Unenforce this method calls the unenforce method on the enforcer created from initenforcer
func (*RemoteEnforcer) UpdateSecrets ¶
func (s *RemoteEnforcer) UpdateSecrets(req rpcwrapper.Request, resp *rpcwrapper.Response) error
UpdateSecrets updates the secrets used by the remote enforcer
type RemoteIntf ¶
type RemoteIntf interface { // InitEnforcer is a function called from the controller using RPC. // It intializes data structure required by the remote enforcer InitEnforcer(req rpcwrapper.Request, resp *rpcwrapper.Response) error //Unenforce this method calls the unenforce method on the enforcer created from initenforcer Unenforce(req rpcwrapper.Request, resp *rpcwrapper.Response) error //Enforce this method calls the enforce method on the enforcer created during initenforcer Enforce(req rpcwrapper.Request, resp *rpcwrapper.Response) error // EnforcerExit this method is called when we received a killrpocess message from the controller // This allows a graceful exit of the enforcer EnforcerExit(req rpcwrapper.Request, resp *rpcwrapper.Response) error }
RemoteIntf is the interface implemented by the remote enforcer
Directories ¶
Path | Synopsis |
---|---|
internal
|
|
client/mockclient
Package mockclient is a generated GoMock package.
|
Package mockclient is a generated GoMock package. |
statscollector/mockstatscollector
Package mockstatscollector is a generated GoMock package.
|
Package mockstatscollector is a generated GoMock package. |
tokenissuer/mocktokenclient
Package mocktokenclient is a generated GoMock package.
|
Package mocktokenclient is a generated GoMock package. |
Package mockremoteenforcer is a generated GoMock package.
|
Package mockremoteenforcer is a generated GoMock package. |