Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Conflict ¶
type Conflict struct {
// Human-readable name of the conflicting property + value of "property" label of selinux_volume_conflict metric.
PropertyName string
// Reason for the event, to be set as the Event.Reason field.
EventReason string
// Pod to generate the event on
Pod cache.ObjectName
PropertyValue string
// only for logging / messaging
OtherPod cache.ObjectName
OtherPropertyValue string
}
A single conflict between two Pods using the same volume with different SELinux labels or policies. Event should be sent to both of them.
func (*Conflict) EventMessage ¶
Generate a message about this conflict.
type VolumeCache ¶
type VolumeCache interface {
// Add a single volume to the cache. Returns list of conflicts it caused.
AddVolume(logger klog.Logger, volumeName v1.UniqueVolumeName, podKey cache.ObjectName, seLinuxLabel string, changePolicy v1.PodSELinuxChangePolicy, csiDriver string) []Conflict
// Remove a pod from the cache. Prunes all empty structures.
DeletePod(logger klog.Logger, podKey cache.ObjectName)
// GetPodsForCSIDriver returns all pods that use volumes with the given CSI driver.
// This is useful when a CSIDrive changes its spec.seLinuxMount and the controller
// needs to reevaluate all pods that use volumes with this driver.
// The controller doesn't need to track in-tree volume plugins, because they don't
// change their SELinux support dynamically.
GetPodsForCSIDriver(driverName string) []cache.ObjectName
// SendConflicts sends all current conflicts to the given channel.
SendConflicts(logger klog.Logger, ch chan<- Conflict)
}
func NewVolumeLabelCache ¶
func NewVolumeLabelCache() VolumeCache
NewVolumeLabelCache creates a new VolumeCache.
Source Files
Click to show internal directories.
Click to hide internal directories.