Documentation ¶
Index ¶
Constants ¶
View Source
const ( // TriremeCgroupPath is the standard Trireme cgroup path TriremeCgroupPath = "/trireme/" // TriremeUIDCgroupPath is the standard path for UID based activations TriremeUIDCgroupPath = "/trireme_uid/" // TriremeDockerHostNetwork is the path for Docker HostNetwork container based activations TriremeDockerHostNetwork = "/trireme_docker_hostnet/" // TriremeSocket is the standard API server Trireme socket path TriremeSocket = "/var/run/trireme.sock" )
Variables ¶
Functions ¶
func ConvertServicesToPortList ¶
ConvertServicesToPortList converts an array of services to a port list
func ConvertServicesToProtocolPortList ¶
ConvertServicesToProtocolPortList converts an array of services to tcp/udp port list
Types ¶
type EventHandler ¶
A EventHandler is type of event handler functions.
type EventInfo ¶
type EventInfo struct { // EventType refers to one of the standard events that Trireme handles. EventType Event `json:"eventtype,omitempty"` // PUType is the the type of the PU PUType PUType `json:"putype,omitempty"` // The PUID is a unique value for the Processing Unit. Ideally this should be the UUID. PUID string `json:"puid,omitempty"` // The Name is a user-friendly name for the Processing Unit. Name string `json:"name,omitempty"` // The Executable is the executable name for the Processing Unit. Executable string `json:"executable,omitempty"` // Tags represents the set of MetadataTags associated with this PUID. Tags []string `json:"tags,omitempty"` // The path for the Network Namespace. NS string `json:"namespace,omitempty"` // Cgroup is the path to the cgroup - used for deletes Cgroup string `json:"cgroup,omitempty"` // IPs is a map of all the IPs that fully belong to this processing Unit. IPs map[string]string `json:"ipaddressesutype,omitempty"` // Services is a list of services of interest - for host control Services []Service `json:"services,omitempty"` // The PID is the PID on the system where this Processing Unit is running. PID int32 `json:"pid,omitempty"` // HostService indicates that the request is for the root namespace HostService bool `json:"hostservice,omitempty"` // AutoPort indicates that the PU will have auto port feature enabled AutoPort bool `json:"autoport,omitempty"` // NetworkOnlyTraffic indicates that traffic towards the applications must be controlled. NetworkOnlyTraffic bool `json:"networktrafficonly,omitempty"` // Root indicates that this request is coming from a roor user. Its overwritten by the enforcer Root bool `json:"root,omitempty"` }
EventInfo is a generic structure that defines all the information related to a PU event. EventInfo should be used as a normalized struct container that
type EventResponse ¶
type EventResponse struct {
Error string
}
EventResponse encapsulate the error response if any.
type PUType ¶
type PUType int
PUType defines the PU type
const ( // ContainerPU indicates that this PU is a container ContainerPU PUType = iota // LinuxProcessPU indicates that this is Linux process LinuxProcessPU // HostPU is a host wrapping PU HostPU // HostNetworkPU is a PU for a network service in a host HostNetworkPU // KubernetesPU indicates that this is KubernetesPod KubernetesPU // UIDLoginPU -- PU representing a user session UIDLoginPU // SSHSessionPU -- PU representing a ssh session SSHSessionPU // TransientPU PU -- placeholder to run processing. This should not // be inserted in any cache. This is valid only for processing a packet TransientPU )
type Service ¶
type Service struct { // Ports are the corresponding ports Ports *portspec.PortSpec `json:"ports,omitempty"` // Port is the service port. This has been deprecated and will be removed in later releases 01/13/2018 Port uint16 // Protocol is the protocol number Protocol uint8 `json:"protocol,omitempty"` // Addresses are the IP addresses. An empty list means 0.0.0.0/0 Addresses []*net.IPNet `json:"addresses,omitempty"` // FQDNs is the list of FQDNs for the service. FQDNs []string `json:"fqdns,omitempty"` }
Service is a protocol/port service of interest - used to pass user requests
type State ¶
type State int
A State describes the state of the PU.
const ( // StateStarted is the state of a started PU. StateStarted State = iota + 1 // StateStopped is the state of stopped PU. StateStopped // StatePaused is the state of a paused PU. StatePaused // StateDestroyed is the state of destroyed PU. StateDestroyed // StateUnknwown is the state of PU in an unknown state. StateUnknwown )
Click to show internal directories.
Click to hide internal directories.