client

package
v1.19.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 3, 2026 License: Apache-2.0 Imports: 32 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DNSRulesTableName         = "sdp-dns-rules"
	IPtoEndpointTableName     = "sdp-ip-to-endpoint"
	PrefixToIdentityTableName = "sdp-prefix-to-identity"
)

Variables

View Source 
var (
	DNSRulesIndex = statedb.Index[DNSRules, uint64]{
		Name: "id",
		FromObject: func(e DNSRules) index.KeySet {
			return index.NewKeySet(index.Uint64(DNSRulesCompositeKey(e.EndpointID, e.PortProto)))
		},
		FromKey: func(key uint64) index.Key {
			return index.Uint64(key)
		},
		FromString: index.Uint64String,
		Unique:     true,
	}
	IdIPToEndpointIndex = statedb.Index[IPtoEndpointInfo, netip.Addr]{
		Name: "ip",
		FromObject: func(e IPtoEndpointInfo) index.KeySet {
			keys := make([]index.Key, 0, len(e.IP))
			for _, ip := range e.IP {
				keys = append(keys, index.NetIPAddr(ip))
			}
			return index.NewKeySet(keys...)
		},
		FromKey: func(key netip.Addr) index.Key {
			return index.NetIPAddr(key)
		},
		FromString: index.NetIPAddrString,
		Unique:     true,
	}
	PrefixToIdentityIndex = statedb.Index[PrefixToIdentity, netip.Prefix]{
		Name: "prefix",
		FromObject: func(p PrefixToIdentity) index.KeySet {
			keys := make([]index.Key, 0, len(p.Prefix))
			for _, prefix := range p.Prefix {
				keys = append(keys, index.NetIPPrefix(prefix))
			}
			return index.NewKeySet(keys...)
		},
		FromKey: func(key netip.Prefix) index.Key {
			return index.NetIPPrefix(key)
		},
		FromString: index.NetIPPrefixString,
		Unique:     false,
	}
	IdentityToPrefixIndex = statedb.Index[PrefixToIdentity, identity.NumericIdentity]{
		Name: "id",
		FromObject: func(p PrefixToIdentity) index.KeySet {
			return index.NewKeySet(index.Uint32(p.Identity.Uint32()))
		},
		FromKey: func(key identity.NumericIdentity) index.Key {
			return index.Uint32(key.Uint32())
		},
		FromString: index.Uint32String,
		Unique:     true,
	}
)
View Source 
var Cell = cell.Module(
	"sdp-grpc-client",
	"gRPC connection handler client for standalone DNS proxy",

	cell.Provide(newGRPCClient),
	cell.Provide(newDefaultDialClient),
	cell.Provide(newDNSRulesTable),
	cell.Provide(NewIPtoEndpointTable),
	cell.Provide(NewPrefixToIdentityTable),
)

Cell provides the gRPC connection handler client for standalone DNS proxy. It is responsible for creating a client that can communicate with the Cilium agent to send and receive DNS rules and responses. The client is used by the standalone DNS proxy to communicate with the Cilium agent to enforce DNS policies.

Functions

func DNSRulesCompositeKey 

func DNSRulesCompositeKey(epID uint32, pp restore.PortProto) uint64

func NewIPtoEndpointTable 

func NewIPtoEndpointTable(db *statedb.DB) (statedb.RWTable[IPtoEndpointInfo], error)

NewIPtoEndpointTable creates a new table for storing the IP to endpoint mappings.

func NewPrefixToIdentityTable 

func NewPrefixToIdentityTable(db *statedb.DB) (statedb.RWTable[PrefixToIdentity], error)

Types

type ConnectionHandler 

type ConnectionHandler interface {
	// StopConnection stops the gRPC connection
	// It is responsible for closing the connection with the Cilium agent.
	StopConnection()

	// NotifyOnMsg notifies the gRPC client about DNS messages received by the standalone DNS proxy
	// This method is called by the DNS proxy when it receives a DNS message.
	// It is responsible for sending the DNS message to the Cilium agent for further processing.
	// Note: This method is intentionally left empty for now. And will be implemented in future PRs.
	NotifyOnMsg(msg *pb.FQDNMapping) error

	// IsConnected returns the current connection status
	// connected is a cheap, in-memory flag that indicates whether the client has installed a gRPC connection.
	// DNS proxy can read this deterministically without causing network probes or races with gRPC internals.
	IsConnected() bool
}

ConnectionHandler defines the interface for standalone DNS proxy connection handler

type DNSRules 

type DNSRules struct {
	EndpointID uint32
	PortProto  restore.PortProto
	DNSRule    policy.L7DataMap
}

func (DNSRules) TableHeader 

func (p DNSRules) TableHeader() []string

TableHeader implements statedb.TableWritable.

func (DNSRules) TableRow 

func (p DNSRules) TableRow() []string

TableRow implements statedb.TableWritable.

type DNSServerIdentity 

type DNSServerIdentity struct {
	Identities identity.NumericIdentitySlice
}

DNSServerIdentity contains the identities of the DNS servers and used to determine if a DNS request is allowed or not from standalone DNS proxy. It adheres the interface policy.CachedSelector and reuses the in agent dns proxy filtering path.

func (*DNSServerIdentity) GetMetadataLabels 

func (d *DNSServerIdentity) GetMetadataLabels() labels.LabelArray

Not being used in the standalone dns proxy path

func (*DNSServerIdentity) GetSelections 

func (d *DNSServerIdentity) GetSelections() identity.NumericIdentitySlice

Not being used in the standalone dns proxy path

func (*DNSServerIdentity) GetSelectionsAt 

func (d *DNSServerIdentity) GetSelectionsAt(types.SelectorSnapshot) identity.NumericIdentitySlice

Not being used in the standalone dns proxy path

func (*DNSServerIdentity) IsNone 

func (d *DNSServerIdentity) IsNone() bool

Not being used in the standalone dns proxy path

func (*DNSServerIdentity) IsWildcard 

func (d *DNSServerIdentity) IsWildcard() bool

Not being used in the standalone dns proxy path

func (*DNSServerIdentity) Selects 

func (d *DNSServerIdentity) Selects(identity identity.NumericIdentity) bool

func (*DNSServerIdentity) String 

func (d *DNSServerIdentity) String() string

type GRPCClient 

type GRPCClient struct {
	// contains filtered or unexported fields
}

GRPCClient is a gRPC connection handler for standalone DNS proxy communication with Cilium agent

func (*GRPCClient) InitClient 

func (c *GRPCClient) InitClient() error

InitClient creates a new gRPC client

func (*GRPCClient) IsConnected 

func (c *GRPCClient) IsConnected() bool

IsConnected returns the current connection status

func (*GRPCClient) NotifyOnMsg 

func (c *GRPCClient) NotifyOnMsg(msg *pb.FQDNMapping) error

NotifyOnMsg is called by the DNS proxy when it receives a DNS message.

func (*GRPCClient) StopConnection 

func (c *GRPCClient) StopConnection()

type IPtoEndpointInfo 

type IPtoEndpointInfo struct {
	IP       []netip.Addr
	ID       uint64
	Identity identity.NumericIdentity
}

func (IPtoEndpointInfo) TableHeader 

func (i IPtoEndpointInfo) TableHeader() []string

func (IPtoEndpointInfo) TableRow 

func (i IPtoEndpointInfo) TableRow() []string

type PrefixToIdentity 

type PrefixToIdentity struct {
	Prefix   []netip.Prefix
	Identity identity.NumericIdentity
}

func (PrefixToIdentity) TableHeader 

func (i PrefixToIdentity) TableHeader() []string

func (PrefixToIdentity) TableRow 

func (p PrefixToIdentity) TableRow() []string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.