Documentation
¶
Overview ¶
Package lxcmap represents the endpoints BPF map in the BPF programs. It is implemented as a hash table containing an entry for all local endpoints. The hashtable can be accessed through the key EndpointKey and points which points to the value EndpointInfo. +groupName=maps
Index ¶
Constants ¶
View Source
const ( // EndpointFlagHost indicates that this endpoint represents the host EndpointFlagHost = 1 // EndpointFlagAtHostNS indicates that this endpoint is located at the host networking // namespace EndpointFlagAtHostNS = 2 // EndpointFlagSkipMasqueradeV4 indicates that this endpoint should skip IPv4 masquerade for remote traffic EndpointFlagSkipMasqueradeV4 = 4 // EndpointFlagSkipMasqueradeV6 indicates that this endpoint should skip IPv6 masquerade for remote traffic EndpointFlagSkipMasqueradeV6 = 8 )
View Source
const (
// MaxEntries represents the maximum number of endpoints in the map
MaxEntries = 65535
)
Variables ¶
View Source
var Cell = cell.Module( "lxc-map", "eBPF map which manages all local endpoints", cell.Provide(newLXCMap), )
Cell provides the lxc.Map which contains the local endpoints.
Functions ¶
This section is empty.
Types ¶
type EndpointFrontend ¶ added in v0.10.0
type EndpointFrontend interface {
LXCMac() mac.MAC
GetNodeMAC() mac.MAC
GetIfIndex() int
GetParentIfIndex() int
GetID() uint64
IPv4Address() netip.Addr
IPv6Address() netip.Addr
GetIdentity() identity.NumericIdentity
IsAtHostNS() bool
// SkipMasqueradeV4 indicates whether this endpoint should skip IPv4 masquerade for remote traffic
SkipMasqueradeV4() bool
// SkipMasqueradeV6 indicates whether this endpoint should skip IPv6 masquerade for remote traffic
SkipMasqueradeV6() bool
}
EndpointFrontend is the interface to implement for an object to synchronize with the endpoint BPF map.
type EndpointInfo ¶ added in v0.10.0
type EndpointInfo struct {
IfIndex uint32 `align:"ifindex"`
Unused uint16 `align:"unused"`
LxcID uint16 `align:"lxc_id"`
Flags uint32 `align:"flags"`
MAC mac.Uint64MAC `align:"mac"`
NodeMAC mac.Uint64MAC `align:"node_mac"`
SecID uint32 `align:"sec_id"`
ParentIfIndex uint32 `align:"parent_ifindex"`
Pad pad2uint32 `align:"pad"`
// contains filtered or unexported fields
}
EndpointInfo represents the value of the endpoints BPF map.
Must be in sync with struct endpoint_info in <bpf/lib/eps.h>
func (*EndpointInfo) IsHost ¶ added in v0.15.7
func (v *EndpointInfo) IsHost() bool
IsHost returns true if the EndpointInfo represents a host IP
func (*EndpointInfo) New ¶ added in v0.15.7
func (v *EndpointInfo) New() bpf.MapValue
func (*EndpointInfo) String ¶ added in v0.10.0
func (v *EndpointInfo) String() string
String returns the human readable representation of an EndpointInfo
type EndpointKey ¶ added in v0.10.0
type EndpointKey struct {
bpf.EndpointKey
}
func (*EndpointKey) New ¶ added in v0.15.7
func (k *EndpointKey) New() bpf.MapKey
type Map ¶ added in v1.19.0
type Map interface {
// WriteEndpoint updates the BPF map with the endpoint information and links
// the endpoint information to all keys provided.
WriteEndpoint(f EndpointFrontend) error
// SyncHostEntry checks if a host entry exists in the lxcmap and adds one if needed.
// Returns boolean indicating if a new entry was added and an error.
SyncHostEntry(addr netip.Addr) (bool, error)
// DeleteEntry deletes a single map entry
DeleteEntry(addr netip.Addr) error
// DeleteElement deletes the endpoint using all keys which represent the
// endpoint. It returns the number of errors encountered during deletion.
DeleteElement(logger *slog.Logger, f EndpointFrontend) []error
// Dump returns the map (type map[string][]string) which contains all
// data stored in BPF map.
Dump(hash map[string][]string) error
// DumpToMap dumps the contents of the lxcmap into a map and returns it
DumpToMap() (map[netip.Addr]EndpointInfo, error)
}
Map provides access to the endpoints (lxc) eBPF map.
Source Files
Click to show internal directories.
Click to hide internal directories.