sysctl

package
v1.10.2-beta.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 12, 2018 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// the Linux IPC namespace
	IpcNamespace = Namespace("ipc")

	// the network namespace
	NetNamespace = Namespace("net")

	// the zero value if no namespace is known
	UnknownNamespace = Namespace("")
)
View Source 
const (
	AnnotationInvalidReason = "InvalidSysctlAnnotation"
	ForbiddenReason         = "SysctlForbidden"
)
View Source 
const (
	UnsupportedReason = "SysctlUnsupported"
)

Variables

This section is empty.

Functions

func NewRuntimeAdmitHandler 

func NewRuntimeAdmitHandler(runtime container.Runtime) (*runtimeAdmitHandler, error)

NewRuntimeAdmitHandler returns a sysctlRuntimeAdmitHandler which checks whether the given runtime support sysctls.

func NewWhitelist 

func NewWhitelist(patterns []string, annotationKey string) (*patternWhitelist, error)

NewWhitelist creates a new Whitelist from a list of sysctls and sysctl pattern (ending in *).

func SafeSysctlWhitelist 

func SafeSysctlWhitelist() []string

SafeSysctlWhitelist returns the whitelist of safe sysctls and safe sysctl patterns (ending in *).

A sysctl is called safe iff - it is namespaced in the container or the pod - it is isolated, i.e. has no influence on any other pod on the same node.

Types

type Namespace 

type Namespace string

Namespace represents a kernel namespace name.

func NamespacedBy 

func NamespacedBy(val string) Namespace

NamespacedBy returns the namespace of the Linux kernel for a sysctl, or UnknownNamespace if the sysctl is not known to be namespaced.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.