Documentation
¶
Overview ¶
Package activator contains a userspace TCP proxy that listens on a random port and loads an eBPF program to intercept and redirect packets destined to the configured ports. The activator accepts the connection, calls onAccept, signals to disable the eBPF redirect and then proxies the initial data to the defined ports as soon as something is listening.
Index ¶
- Constants
- Variables
- func ManagedByShim(pid int) bool
- func MapsPath() string
- func MountBPFFS(path string) error
- func PinPath(pid int) string
- func TCXPinned(pid int, ifaces ...string) bool
- type BPF
- type BPFConfig
- type BPFOpts
- type ConnHook
- type NoActivityRecordedErr
- type RestoreHook
- type Server
- func (s *Server) AttachExec() error
- func (s *Server) DisableRedirects() error
- func (s *Server) LastActivity(port uint16) (time.Time, error)
- func (s *Server) RedirectPort(from, to uint16) error
- func (s *Server) Reset() error
- func (s *Server) SetConnectTimeout(d time.Duration)
- func (s *Server) SetPeekBufferSize(size int)
- func (s *Server) SetProxyTimeout(d time.Duration)
- func (s *Server) Start(ctx context.Context, connHook ConnHook, restoreHook RestoreHook, ...) error
- func (s *Server) Started() bool
- func (s *Server) Stop(ctx context.Context)
Constants ¶
View Source
const ( IfaceETH0 = "eth0" IfaceLoopback = "lo" )
View Source
const ( BPFFSPath = "/sys/fs/bpf" SocketTrackerMap = "socket_tracker" PodKubeletAddrsMapv4 = "kubelet_addrs_v4" PodKubeletAddrsMapv6 = "kubelet_addrs_v6" ManagedByShimSuffix = "_managed_by_shim" )
View Source
const AttachActivatorFlag = "-zeropod-attach-activator"
Variables ¶
View Source
var ( ErrMapNotFound = errors.New("bpf map could not be found") DefaultIfaces = []string{IfaceLoopback, IfaceETH0} )
Functions ¶
func ManagedByShim ¶ added in v0.12.0
ManagedByShim returns true if loading/pinning is managed by the shim itself.
func MountBPFFS ¶ added in v0.2.0
MountBPFFS executes a bpf mount on the supplied path. It has been adapted by: https://github.com/cilium/cilium/blob/cf3889af46a4058d5e89495d502fc19c10713110/pkg/bpf/bpffs_linux.go#L124
Types ¶
type BPF ¶ added in v0.2.0
type BPF struct {
// contains filtered or unexported fields
}
func (*BPF) AttachInNetNS ¶ added in v0.12.0
func (*BPF) AttachRedirector ¶ added in v0.2.0
type BPFConfig ¶ added in v0.9.0
type BPFConfig struct {
// contains filtered or unexported fields
}
type BPFOpts ¶ added in v0.9.0
type BPFOpts func(cfg *BPFConfig)
func DisablePinning ¶ added in v0.10.0
func DisablePinning() BPFOpts
func OverrideMapSize ¶ added in v0.9.0
func ProbeBinaryName ¶ added in v0.9.2
func ShimManaged ¶ added in v0.12.0
func ShimManaged() BPFOpts
func TrackerIgnoreLocalhost ¶ added in v0.9.2
type NoActivityRecordedErr ¶ added in v0.9.0
type NoActivityRecordedErr struct{}
func (NoActivityRecordedErr) Error ¶ added in v0.9.0
func (err NoActivityRecordedErr) Error() string
type RestoreHook ¶ added in v0.7.0
type RestoreHook func() error
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
func (*Server) AttachExec ¶ added in v0.12.0
AttachExec attaches the activator using exec on itself.
func (*Server) DisableRedirects ¶ added in v0.1.0
func (*Server) LastActivity ¶ added in v0.9.0
func (*Server) RedirectPort ¶ added in v0.1.0
RedirectPort redirects the port from to on ingress and to from on egress.
func (*Server) SetConnectTimeout ¶ added in v0.11.0
func (*Server) SetPeekBufferSize ¶ added in v0.7.0
func (*Server) SetProxyTimeout ¶ added in v0.11.0
Source Files
Click to show internal directories.
Click to hide internal directories.