extractors

Documentation

Index

• Constants
• func DefaultHostMetadataExtractor(event *common.EventInfo) (*policy.PURuntime, error)
• func DefaultKubernetesMetadataExtractor(runtime policy.RuntimeReader, pod *api.Pod) (*policy.PURuntime, bool, error)
• func DefaultMetadataExtractor(info *types.ContainerJSON) (*policy.PURuntime, error)
• func GetPuType(runtime policy.RuntimeReader) string
• func IsHostPU(runtime policy.RuntimeReader, mode constants.ModeType) bool
• func IsHostmodePU(runtime policy.RuntimeReader, mode constants.ModeType) bool
• func ProcessInfo(pid int32) []string
• func SystemdEventMetadataExtractor(event *common.EventInfo) (*policy.PURuntime, error)
• func UIDMetadataExtractor(event *common.EventInfo) (*policy.PURuntime, error)
• type DockerMetadataExtractor
  • func NewExternalExtractor(filePath string) (DockerMetadataExtractor, error)
• type EventMetadataExtractor
• type KubernetesMetadataExtractorType
• type LinuxMetadataExtractorType

Constants

const (

	// PuType is the type of host svc (network only or otherwise)
	PuType = "$PuType"
	// LinuxPU represents the PU type
	LinuxPU = "LinuxPU"

	// HostModeNetworkPU represents host pu in network only mode.
	HostModeNetworkPU = "HostNetworkPU"

	// HostPU represent host pu in true sense (both incoming and outgoing)
	HostPU = "HostPU"
)

const KubernetesContainerNameIdentifier = "@usr:io.kubernetes.container.name"

KubernetesContainerNameIdentifier is the label used by Docker for the K8S container name.

const KubernetesInfraContainerName = "POD"

KubernetesInfraContainerName is the name of the infra POD.

const KubernetesPodNameIdentifier = "@usr:io.kubernetes.pod.name"

KubernetesPodNameIdentifier is the label used by Docker for the K8S pod name.

const KubernetesPodNamespaceIdentifier = "@usr:io.kubernetes.pod.namespace"

KubernetesPodNamespaceIdentifier is the label used by Docker for the K8S namespace.

const UpstreamNameIdentifier = "@k8s:name"

UpstreamNameIdentifier is the identifier used to identify the nane on the resulting PU

const UpstreamNamespaceIdentifier = "@k8s:namespace"

UpstreamNamespaceIdentifier is the identifier used to identify the nanespace on the resulting PU

const UserLabelPrefix = "@usr:"

UserLabelPrefix is the label prefix for all user defined labels

Functions

func DefaultHostMetadataExtractor

func DefaultHostMetadataExtractor(event *common.EventInfo) (*policy.PURuntime, error)

DefaultHostMetadataExtractor is a host specific metadata extractor

func DefaultKubernetesMetadataExtractor

func DefaultKubernetesMetadataExtractor(runtime policy.RuntimeReader, pod *api.Pod) (*policy.PURuntime, bool, error)

DefaultKubernetesMetadataExtractor is a default implementation for the medatadata extractor for Kubernetes It only activates the POD//INFRA containers and strips all the labels from docker to only keep the ones from Kubernetes

func DefaultMetadataExtractor

func DefaultMetadataExtractor(info *types.ContainerJSON) (*policy.PURuntime, error)

DefaultMetadataExtractor is the default metadata extractor for Docker

func GetPuType

func GetPuType(runtime policy.RuntimeReader) string

GetPuType returns puType stored by policy extensions.

func IsHostPU

func IsHostPU(runtime policy.RuntimeReader, mode constants.ModeType) bool

IsHostPU returns true if puType stored by policy extensions is host PU

func IsHostmodePU

func IsHostmodePU(runtime policy.RuntimeReader, mode constants.ModeType) bool

IsHostmodePU returns true if puType stored by policy extensions is hostmode PU

func ProcessInfo

func ProcessInfo(pid int32) []string

ProcessInfo returns all metadata captured by a process

func SystemdEventMetadataExtractor

func SystemdEventMetadataExtractor(event *common.EventInfo) (*policy.PURuntime, error)

SystemdEventMetadataExtractor is a systemd based metadata extractor

func UIDMetadataExtractor

func UIDMetadataExtractor(event *common.EventInfo) (*policy.PURuntime, error)

UIDMetadataExtractor is a metadata extractor for uid/gid.

Types

type DockerMetadataExtractor

type DockerMetadataExtractor func(*types.ContainerJSON) (*policy.PURuntime, error)

A DockerMetadataExtractor is a function used to extract a *policy.PURuntime from a given docker ContainerJSON.

func NewExternalExtractor

func NewExternalExtractor(filePath string) (DockerMetadataExtractor, error)

NewExternalExtractor returns a new bash metadata extractor for Docker that will call the executable given in parameter and will generate a Policy Runtime as standard output The format of Input/Output of the executable are in standard JSON.

type EventMetadataExtractor

type EventMetadataExtractor func(*common.EventInfo) (*policy.PURuntime, error)

EventMetadataExtractor is a function used to extract a *policy.PURuntime from a given EventInfo. The EventInfo is generic and is provided over the RPC interface

type KubernetesMetadataExtractorType

type KubernetesMetadataExtractorType func(runtime policy.RuntimeReader, pod *api.Pod) (*policy.PURuntime, bool, error)

KubernetesMetadataExtractorType is an extractor function for Kubernetes. It takes as parameter a standard Docker runtime and a Pod Kubernetes definition and return a PolicyRuntime This extractor also provides an extra boolean parameter that is used as a token to decide if activation is required.

type LinuxMetadataExtractorType

type LinuxMetadataExtractorType func(event *common.EventInfo) (*policy.PURuntime, error)

LinuxMetadataExtractorType is a type of Linux metadata extractors