rpcwrapper

package
v10.295.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 23, 2021 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source
const (
	SUCCESS = 0
)

exported consts from the package

Variables

This section is empty.

Functions

func RegisterTypes

func RegisterTypes()

RegisterTypes registers types that are exchanged between the controller and remoteenforcer

func TestNewRPCClient

func TestNewRPCClient(t *testing.T)

TestNewRPCClient mocks an RPC client test

Types

type CaptureType

type CaptureType int

CaptureType identifies the type of iptables implementation that should be used

const (
	// IPTables forces an IPTables implementation
	IPTables CaptureType = iota
	// IPSets forces an IPSet implementation
	IPSets
)

type DebugCollectPayload

type DebugCollectPayload struct {
	ContextID    string
	PcapFilePath string
	PcapFilter   string
	CommandExec  string
}

DebugCollectPayload is the payload for the DebugCollect request.

type DebugCollectResponsePayload

type DebugCollectResponsePayload struct {
	ContextID     string
	PID           int
	CommandOutput string
}

DebugCollectResponsePayload is the payload for the DebugCollect response.

type EnableDatapathPacketTracingPayLoad

type EnableDatapathPacketTracingPayLoad struct {
	Direction packettracing.TracingDirection `json:",omitempty"`
	Interval  time.Duration                  `json:",omitempty"`
	ContextID string                         `json:",omitempty"`
}

EnableDatapathPacketTracingPayLoad is the payload to enable nfq packet tracing in the remote container

type EnableIPTablesPacketTracingPayLoad

type EnableIPTablesPacketTracingPayLoad struct {
	IPTablesPacketTracing bool          `json:",omitempty"`
	Interval              time.Duration `json:",omitempty"`
	ContextID             string        `json:",omitempty"`
}

EnableIPTablesPacketTracingPayLoad is the payload message to enable iptable trace in remote containers

type EnforcePayload

type EnforcePayload struct {
	ContextID string                 `json:",omitempty"`
	Policy    *policy.PUPolicyPublic `json:",omitempty"`
	Secrets   secrets.RPCSecrets     `json:",omitempty"`
}

EnforcePayload Payload for enforce request

type InitRequestPayload

type InitRequestPayload struct {
	MutualAuth             bool                   `json:",omitempty"`
	PacketLogs             bool                   `json:",omitempty"`
	Validity               time.Duration          `json:",omitempty"`
	ServerID               string                 `json:",omitempty"`
	ExternalIPCacheTimeout time.Duration          `json:",omitempty"`
	Secrets                secrets.RPCSecrets     `json:",omitempty"`
	Configuration          *runtime.Configuration `json:",omitempty"`
	BinaryTokens           bool                   `json:",omitempty"`
	IsBPFEnabled           bool                   `json:",omitempty"`
	IPv6Enabled            bool                   `json:",omitempty"`
	IPTablesLockfile       string                 `json:",omitempty"`
	ServiceMeshType        policy.ServiceMesh     `json:",omitempty"`
}

InitRequestPayload Payload for enforcer init request

type MockRPCHdl

type MockRPCHdl struct {
	Client  *rpc.Client
	Channel string
}

MockRPCHdl is mock of rpchdl

type PayloadType

type PayloadType int

PayloadType is the type of payload in the request.

const (
	PacketReport PayloadType = iota
	DNSReport
	CounterReport
	PingReport
	ConnectionExceptionReport
)

Payload report types.

type PingPayload

type PingPayload struct {
	ContextID  string
	PingConfig *policy.PingConfig
}

PingPayload represents the payload for ping config.

type RPCClient

type RPCClient interface {
	NewRPCClient(contextID string, channel string, rpcSecret string) error
	GetRPCClient(contextID string) (*RPCHdl, error)
	RemoteCall(contextID string, methodName string, req *Request, resp *Response) error
	DestroyRPCClient(contextID string)
	ContextList() []string
	CheckValidity(req *Request, secret string) bool
}

RPCClient is the client interface

type RPCHdl

type RPCHdl struct {
	Client  *rpc.Client
	Channel string
	Secret  string
}

RPCHdl is a per client handle

type RPCServer

type RPCServer interface {
	StartServer(ctx context.Context, protocol string, path string, handler interface{}) error
	ProcessMessage(req *Request, secret string) bool
	CheckValidity(req *Request, secret string) bool
}

RPCServer is the server interface

func NewRPCServer

func NewRPCServer() RPCServer

NewRPCServer returns an interface RPCServer

type RPCWrapper

type RPCWrapper struct {
	sync.Mutex
	// contains filtered or unexported fields
}

RPCWrapper is a struct which holds stats for all rpc sesions

func NewRPCWrapper

func NewRPCWrapper() *RPCWrapper

NewRPCWrapper creates a new rpcwrapper

func (*RPCWrapper) CheckValidity

func (r *RPCWrapper) CheckValidity(req *Request, secret string) bool

CheckValidity checks if the received message is valid

func (*RPCWrapper) ContextList

func (r *RPCWrapper) ContextList() []string

ContextList returns the list of active context managed by the rpcwrapper

func (*RPCWrapper) DestroyRPCClient

func (r *RPCWrapper) DestroyRPCClient(contextID string)

DestroyRPCClient calls close on the rpc and cleans up the connection

func (*RPCWrapper) GetRPCClient

func (r *RPCWrapper) GetRPCClient(contextID string) (*RPCHdl, error)

GetRPCClient gets a handle to the rpc client for the contextID( enforcer in the container)

func (*RPCWrapper) NewRPCClient

func (r *RPCWrapper) NewRPCClient(contextID string, channel string, sharedsecret string) error

NewRPCClient exported

func (*RPCWrapper) ProcessMessage

func (r *RPCWrapper) ProcessMessage(req *Request, secret string) bool

ProcessMessage checks if the given request is valid

func (*RPCWrapper) RemoteCall

func (r *RPCWrapper) RemoteCall(contextID string, methodName string, req *Request, resp *Response) error

RemoteCall is a wrapper around rpc.Call and also ensure message integrity by adding a hmac

func (*RPCWrapper) StartServer

func (r *RPCWrapper) StartServer(ctx context.Context, protocol string, path string, handler interface{}) error

StartServer Starts a server and waits for new connections this function never returns

type ReportPayload

type ReportPayload struct {
	Type    PayloadType
	Payload interface{}
}

ReportPayload is the generic report from remote enforcer

type Request

type Request struct {
	HashAuth    []byte
	PayloadType PayloadType
	Payload     interface{}
}

Request exported

type Response

type Response struct {
	Status  string
	Payload interface{} `json:",omitempty"`
}

Response is the response for every RPC call. This is used to carry the status of the actual function call made on the remote end

type SetLogLevelPayload

type SetLogLevelPayload struct {
	Level constants.LogLevel `json:",omitempty"`
}

SetLogLevelPayload payload for set log level request

type SetTargetNetworksPayload

type SetTargetNetworksPayload struct {
	Configuration *runtime.Configuration `json:",omitempty"`
}

SetTargetNetworksPayload carries the payload for target networks

type StatsPayload

type StatsPayload struct {
	Flows map[uint64]*collector.FlowRecord `json:",omitempty"`
	Users map[string]*collector.UserRecord `json:",omitempty"`
}

StatsPayload is the payload carries by the stats reporting form the remote enforcer

type TestRPCClient

type TestRPCClient interface {
	RPCClient
	MockNewRPCClient(t *testing.T, impl func(contextID string, channel string, secret string) error)
	MockGetRPCClient(t *testing.T, impl func(contextID string) (*RPCHdl, error))
	MockRemoteCall(t *testing.T, impl func(contextID string, methodName string, req *Request, resp *Response) error)
	MockDestroyRPCClient(t *testing.T, impl func(contextID string))
	MockContextList(t *testing.T, impl func() []string)
	MockCheckValidity(t *testing.T, impl func(req *Request, secret string) bool)
}

TestRPCClient is a RPC Client used for test

func NewTestRPCClient

func NewTestRPCClient() TestRPCClient

NewTestRPCClient is a Test RPC Client

type TestRPCServer

type TestRPCServer interface {
	RPCServer
	MockStartServer(t *testing.T, impl func(ctx context.Context, protocol string, path string, handler interface{}) error)
	MockProcessMessage(t *testing.T, impl func(req *Request, secret string) bool)
	MockCheckValidity(t *testing.T, impl func(req *Request, secret string) bool)
}

TestRPCServer is a RPC Server used for test

func NewTestRPCServer

func NewTestRPCServer() TestRPCServer

NewTestRPCServer is a Test RPC Server

type TokenRequestPayload

type TokenRequestPayload struct {
	ContextID        string                  `json:",omitempty"`
	Audience         string                  `json:",omitempty"`
	Validity         time.Duration           `json:",omitempty"`
	ServiceTokenType common.ServiceTokenType `json:",omitempty"`
}

TokenRequestPayload carries the payload for issuing tokens.

type TokenResponsePayload

type TokenResponsePayload struct {
	Token string `json:",omitempty"`
}

TokenResponsePayload returns the issued token.

type UnEnforcePayload

type UnEnforcePayload struct {
	ContextID string `json:",omitempty"`
}

UnEnforcePayload payload for unenforce request

type UpdateSecretsPayload

type UpdateSecretsPayload struct {
	Secrets secrets.RPCSecrets `json:",omitempty"`
}

UpdateSecretsPayload payload for the update secrets to remote enforcers

Directories

Path Synopsis
Package mockrpcwrapper is a generated GoMock package.
Package mockrpcwrapper is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL