Documentation
¶
Index ¶
Constants ¶
View Source
const ResourceIDAnonymous = "policy/anonymous"
ResourceIDAnonymous is the anonymous ipcache resource used as a placeholder for policies that allocate CIDRs but do not have an owning resource. (This is only used for policies created by the local API).
Variables ¶
View Source
var Cell = cell.Module( "policy", "Contains policy rules", cell.Provide(newPolicyRepo), cell.Provide(newPolicyUpdater), cell.Provide(newPolicyImporter), cell.Provide(newIdentityUpdater), cell.Config(defaultConfig), metrics.Metric(newIdentityUpdaterMetrics), )
Cell provides the PolicyRepository and PolicyUpdater.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type IdentityUpdater ¶ added in v1.18.0
type IdentityUpdater interface {
// UpdateIdentities informs the SelectorCache of new identities, which then
// distributes incremental updates to all endpoints. It also triggers endpoints
// to consume the incremental updates and apply them to the BPF policy maps.
//
// The caller is responsible for making sure the same identity is not
// present in both 'added' and 'deleted'.
//
// Returns a channel that is closed when all identities have been completely
// programmed in the policy maps.
UpdateIdentities(added, deleted identity.IdentityMap) <-chan struct{}
}
type PolicyImporter ¶
type PolicyImporter interface {
UpdatePolicy(*policytypes.PolicyUpdate)
}
Source Files
Click to show internal directories.
Click to hide internal directories.