proxy

package
v1.18.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 17, 2025 License: Apache-2.0 Imports: 36 Imported by: 31

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Cell = cell.Module(
	"l7-proxy",
	"L7 Proxy provides support for L7 network policies",

	cell.Provide(newProxy),
	cell.Provide(newEnvoyProxyIntegration),
	cell.Provide(newDNSProxyIntegration),
	cell.ProvidePrivate(endpoint.NewEndpointInfoRegistry),
	cell.Provide(proxyports.NewProxyPorts),
	cell.Config(proxyports.ProxyPortsConfig{}),
	accesslog.Cell,
)

Cell provides the L7 Proxy which provides support for L7 network policies. It is manages the different L7 proxies (Envoy, CoreDNS, ...) and the traffic redirection to them.

Functions

func ReinstallRoutingRules added in v1.16.5 

func ReinstallRoutingRules(logger *slog.Logger, localNode node.LocalNode, mtu int) error

ReinstallRoutingRules ensures the presence of routing rules and tables needed to route packets to and from the L7 proxy.

Types

type CRDRedirect added in v0.15.7 

type CRDRedirect struct {
	Redirect
}

Redirect type for custom Listeners, which are managed externally.

func (*CRDRedirect) Close added in v0.15.7 

func (r *CRDRedirect) Close()

func (*CRDRedirect) GetRedirect added in v1.18.0 

func (dr *CRDRedirect) GetRedirect() *Redirect

func (*CRDRedirect) UpdateRules added in v0.15.7 

func (r *CRDRedirect) UpdateRules(rules policy.L7DataMap) (revert.RevertFunc, error)

type Proxy 

type Proxy struct {
	// contains filtered or unexported fields
}

Proxy maintains state about redirects

func (*Proxy) ChangeLogLevel added in v0.15.7 

func (p *Proxy) ChangeLogLevel(level slog.Level)

ChangeLogLevel changes proxy log level to correspond to the logrus log level 'level'.

func (*Proxy) CreateOrUpdateRedirect 

func (p *Proxy) CreateOrUpdateRedirect(
	ctx context.Context, l4 policy.ProxyPolicy, id string, epID uint16, wg *completion.WaitGroup,
) (
	uint16, error, revert.RevertFunc,
)

CreateOrUpdateRedirect creates or updates a L4 redirect with corresponding proxy configuration. This will allocate a proxy port as required and launch a proxy instance. If the redirect is already in place, only the rules will be updated. The proxy listening port is returned, but proxy configuration on that port may still be ongoing asynchronously. Caller should wait for successful completion on 'wg' before assuming the returned proxy port is listening. Caller must call exactly one of the returned functions: - finalizeFunc to make the changes stick, or - revertFunc to cancel the changes. Called with 'localEndpoint' locked for reading!

func (*Proxy) GetListenerProxyPort added in v1.18.0 

func (p *Proxy) GetListenerProxyPort(listener string) uint16

func (*Proxy) GetStatusModel added in v0.15.7 

func (p *Proxy) GetStatusModel() *models.ProxyStatus

GetStatusModel returns the proxy status as API model

func (*Proxy) IsSDPEnabled added in v1.18.1 

func (p *Proxy) IsSDPEnabled() bool

func (*Proxy) ReinstallRoutingRules added in v0.15.7 

func (p *Proxy) ReinstallRoutingRules(ctx context.Context, mtu int) error

func (*Proxy) RemoveNetworkPolicy added in v1.16.0 

func (p *Proxy) RemoveNetworkPolicy(ep endpoint.EndpointInfoSource)

func (*Proxy) RemoveRedirect 

func (p *Proxy) RemoveRedirect(id string)

RemoveRedirect removes an existing redirect that has been successfully created earlier. Called with 'localEndpoint' passed to 'CreateOrUpdateRedirect' locked for writing!

func (*Proxy) UpdateNetworkPolicy added in v1.6.4 

func (p *Proxy) UpdateNetworkPolicy(ep endpoint.EndpointUpdater, policy *policy.L4Policy, ingressPolicyEnforced, egressPolicyEnforced bool, wg *completion.WaitGroup) (error, func() error)

func (*Proxy) UpdateSDP added in v1.18.0 

func (p *Proxy) UpdateSDP(rules map[identity.NumericIdentity]policy.SelectorPolicy)

func (*Proxy) UseCurrentNetworkPolicy added in v1.6.4 

func (p *Proxy) UseCurrentNetworkPolicy(ep endpoint.EndpointUpdater, policy *policy.L4Policy, wg *completion.WaitGroup)

type Redirect 

type Redirect struct {
	// contains filtered or unexported fields
}

Redirect is the common static config for each RedirectImplementation

type RedirectImplementation added in v0.15.7 

type RedirectImplementation interface {
	// GetRedirect returns the static config of the redirect
	GetRedirect() *Redirect

	// UpdateRules synchronously updates the rules for the given proxy redirect.
	// Note: UpdateRules is not called when a redirect is created.
	UpdateRules(rules policy.L7DataMap) (revert.RevertFunc, error)

	// Close closes and cleans up resources associated with the redirect
	// implementation. The implementation should .Add to the WaitGroup if the
	// update is asynchronous and the update should not return until it is
	// complete.
	Close()
}

RedirectImplementation is the generic proxy redirect interface that each proxy redirect type must implement

Source Files

View all Source files

Directories

Path Synopsis
Package logger provides the accesslog logging logic for all proxies
 Package logger provides the accesslog logging logic for all proxies
endpoint
test

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.