Documentation
¶
Index ¶
- Constants
- Variables
- func ApplyCustomNodeGroupOverrides(nodeToGroup map[string]string, customNodeGroups map[string]labels.Selector, ...) error
- func BuildNodeToGroupMap(nodes []corev1.Node) (map[string]string, error)
- func GetComMatrixHeadersByFormat(format string) (string, error)
- func GetNodeRole(node *corev1.Node) (string, error)
- func IsSupportedTopology(topology configv1.TopologyMode) bool
- func ParsePortRangeHyphen(s string) (int, int, error)
- func ParsePortRangeSpace(s string) (int, int, error)
- func SupportedTopologiesList() []configv1.TopologyMode
- type ComDetails
- type ComMatrix
- func (m *ComMatrix) Contains(cd ComDetails) bool
- func (m *ComMatrix) Merge(other *ComMatrix) *ComMatrix
- func (m *ComMatrix) SeparateMatrixByGroup() map[string]ComMatrix
- func (m *ComMatrix) SortAndRemoveDuplicates()
- func (m *ComMatrix) String() string
- func (m *ComMatrix) ToButane(nodePool string, utilsHelpers utils.UtilsInterface) ([]byte, error)
- func (m *ComMatrix) ToCSV() ([]byte, error)
- func (m *ComMatrix) ToJSON() ([]byte, error)
- func (m *ComMatrix) ToMachineConfig(nodePool string, utilsHelpers utils.UtilsInterface) ([]byte, error)
- func (m *ComMatrix) ToNFTables() ([]byte, error)
- func (m *ComMatrix) ToYAML() ([]byte, error)
- func (m *ComMatrix) WriteMatrixToFileByType(utilsHelpers utils.UtilsInterface, fileNamePrefix, format string, ...) error
- type ContainerInfo
- type DynamicRange
- type DynamicRangeList
Constants ¶
View Source
const ( FormatJSON = "json" FormatYAML = "yaml" FormatCSV = "csv" FormatNFT = "nft" FormatButane = "butane" // Butane config with embedded nftables firewall rules FormatMC = "mc" // MachineConfig with embedded nftables firewall rules (transpiled from Butane) )
Variables ¶
View Source
var BaremetalStaticEntriesMaster = []ComDetails{ { Direction: "Ingress", Protocol: "TCP", Port: 53, NodeGroup: "master", Service: "dns-default", Namespace: "openshift-dns", Pod: "dns-default", Container: "dns", Optional: false, }, { Direction: "Ingress", Protocol: "UDP", Port: 53, NodeGroup: "master", Service: "dns-default", Namespace: "openshift-dns", Pod: "dns-default", Container: "dns", Optional: false, }, { Direction: "Ingress", Protocol: "TCP", Port: 9444, NodeGroup: "master", Service: "", Namespace: "openshift-kni-infra", Pod: "haproxy", Container: "haproxy", Optional: false, }, { Direction: "Ingress", Protocol: "TCP", Port: 9445, NodeGroup: "master", Service: "", Namespace: "openshift-kni-infra", Pod: "haproxy", Container: "haproxy", Optional: false, }, { Direction: "Ingress", Protocol: "TCP", Port: 9454, NodeGroup: "master", Service: "", Namespace: "openshift-kni-infra", Pod: "haproxy", Container: "haproxy", Optional: false, }, { Direction: "Ingress", Protocol: "TCP", Port: 18080, NodeGroup: "master", Service: "", Namespace: "openshift-kni-infra", Pod: "coredns", Container: "coredns", Optional: false, }, }
View Source
var BaremetalStaticEntriesWorker = []ComDetails{ { Direction: "Ingress", Protocol: "TCP", Port: 53, NodeGroup: "worker", Service: "dns-default", Namespace: "openshift-dns", Pod: "dns-default", Container: "dns", Optional: false, }, { Direction: "Ingress", Protocol: "UDP", Port: 53, NodeGroup: "worker", Service: "dns-default", Namespace: "openshift-dns", Pod: "dns-default", Container: "dns", Optional: false, }, { Direction: "Ingress", Protocol: "TCP", Port: 18080, NodeGroup: "worker", Service: "", Namespace: "openshift-kni-infra", Pod: "coredns", Container: "coredns", Optional: false, }, }
View Source
var GeneralDHCPStaticEntriesMaster = []ComDetails{ { Direction: "Ingress", Protocol: "UDP", Port: 68, NodeGroup: "master", Service: "NetworkManager", Namespace: "", Pod: "", Container: "", Optional: false, }, }
View Source
var GeneralDHCPStaticEntriesWorker = []ComDetails{ { Direction: "Ingress", Protocol: "UDP", Port: 68, NodeGroup: "worker", Service: "NetworkManager", Namespace: "", Pod: "", Container: "", Optional: false, }, }
DHCP static entries that should be applied when the host uses DHCP for network configuration.
View Source
var GeneralIPv6StaticEntriesMaster = []ComDetails{ { Direction: "Ingress", Protocol: "UDP", Port: 546, NodeGroup: "master", Service: "NetworkManager", Namespace: "", Pod: "", Container: "", Optional: false, }, }
View Source
var GeneralIPv6StaticEntriesWorker = []ComDetails{ { Direction: "Ingress", Protocol: "UDP", Port: 546, NodeGroup: "worker", Service: "NetworkManager", Namespace: "", Pod: "", Container: "", Optional: false, }, }
General IPv6-only static entries that should be applied when the cluster supports IPv6.
View Source
var GeneralStaticEntriesMaster = []ComDetails{ { Direction: "Ingress", Protocol: "TCP", Port: 10256, NodeGroup: "master", Service: "ovnkube", Namespace: "openshift-ovn-kubernetes", Pod: "ovnkube", Container: "ovnkube-controller", Optional: false, }, { Direction: "Ingress", Protocol: "TCP", Port: 10250, NodeGroup: "master", Service: "kubelet", Namespace: "Host system service", Pod: "", Container: "", Optional: false, }, { Direction: "Ingress", Protocol: "TCP", Port: 9107, NodeGroup: "master", Service: "egressip-node-healthcheck", Namespace: "openshift-ovn-kubernetes", Pod: "ovnkube-node", Container: "ovnkube-controller", Optional: false, }, { Direction: "Ingress", Protocol: "TCP", Port: 111, NodeGroup: "master", Service: "rpcbind", Namespace: "Host system service", Pod: "", Container: "", Optional: true, }, { Direction: "Ingress", Protocol: "UDP", Port: 111, NodeGroup: "master", Service: "rpcbind", Namespace: "Host system service", Pod: "", Container: "", Optional: true, }, { Direction: "Ingress", Protocol: "TCP", Port: 22, NodeGroup: "master", Service: "sshd", Namespace: "Host system service", Pod: "", Container: "", Optional: true, }, }
View Source
var GeneralStaticEntriesWorker = []ComDetails{ { Direction: "Ingress", Protocol: "TCP", Port: 22, NodeGroup: "worker", Service: "sshd", Namespace: "Host system service", Pod: "", Container: "", Optional: true, }, { Direction: "Ingress", Protocol: "TCP", Port: 10250, NodeGroup: "worker", Service: "kubelet", Namespace: "Host system service", Pod: "", Container: "", Optional: false, }, { Direction: "Ingress", Protocol: "TCP", Port: 9107, NodeGroup: "worker", Service: "egressip-node-healthcheck", Namespace: "openshift-ovn-kubernetes", Pod: "ovnkube-node", Container: "ovnkube-controller", Optional: false, }, { Direction: "Ingress", Protocol: "TCP", Port: 111, NodeGroup: "worker", Service: "rpcbind", Namespace: "Host system service", Pod: "", Container: "", Optional: true, }, { Direction: "Ingress", Protocol: "UDP", Port: 111, NodeGroup: "worker", Service: "rpcbind", Namespace: "Host system service", Pod: "", Container: "", Optional: true, }, { Direction: "Ingress", Protocol: "TCP", Port: 10256, NodeGroup: "worker", Service: "ovnkube", Namespace: "openshift-ovn-kubernetes", Pod: "ovnkube", Container: "ovnkube-controller", Optional: false, }, }
View Source
var KubeletNodePortDefaultDynamicRange = DynamicRangeList{ { Direction: "Ingress", Protocol: "TCP", MinPort: 30000, MaxPort: 32767, Description: "Kubelet node ports", Optional: true, }, { Direction: "Ingress", Protocol: "UDP", MinPort: 30000, MaxPort: 32767, Description: "Kubelet node ports", Optional: true, }, }
View Source
var LinuxDynamicPrivateDefaultDynamicRange = DynamicRangeList{ { Direction: "Ingress", Protocol: "TCP", MinPort: 32768, MaxPort: 60999, Description: "Linux dynamic/private ports", Optional: true, }, { Direction: "Ingress", Protocol: "UDP", MinPort: 32768, MaxPort: 60999, Description: "Linux dynamic/private ports", Optional: true, }, }
View Source
var NoneStaticEntriesMaster = []ComDetails{ { Direction: "Ingress", Protocol: "TCP", Port: 53, NodeGroup: "master", Service: "dns-default", Namespace: "openshift-dns", Pod: "dns-default", Container: "dns", Optional: false, }, { Direction: "Ingress", Protocol: "UDP", Port: 53, NodeGroup: "master", Service: "dns-default", Namespace: "openshift-dns", Pod: "dns-default", Container: "dns", Optional: false, }, }
View Source
var NoneStaticEntriesWorker = []ComDetails{ { Direction: "Ingress", Protocol: "TCP", Port: 53, NodeGroup: "worker", Service: "dns-default", Namespace: "openshift-dns", Pod: "dns-default", Container: "dns", Optional: false, }, { Direction: "Ingress", Protocol: "UDP", Port: 53, NodeGroup: "worker", Service: "dns-default", Namespace: "openshift-dns", Pod: "dns-default", Container: "dns", Optional: false, }, }
View Source
var StandardStaticEntries = []ComDetails{ { Direction: "Ingress", Protocol: "UDP", Port: 6081, NodeGroup: "worker", Service: "ovn-kubernetes geneve", Namespace: "openshift-ovn-kubernetes", Pod: "", Container: "", Optional: false, }, { Direction: "Ingress", Protocol: "UDP", Port: 6081, NodeGroup: "master", Service: "ovn-kubernetes geneve", Namespace: "openshift-ovn-kubernetes", Pod: "", Container: "", Optional: false, }, }
View Source
var SupportedPlatforms = []configv1.PlatformType{ configv1.AWSPlatformType, configv1.BareMetalPlatformType, configv1.NonePlatformType, }
Functions ¶
func ApplyCustomNodeGroupOverrides ¶ added in v0.0.6
func ApplyCustomNodeGroupOverrides(nodeToGroup map[string]string, customNodeGroups map[string]labels.Selector, nodes []corev1.Node) error
ApplyCustomNodeGroupOverrides reassigns nodes that match a label selector to a custom group. Each key in customNodeGroups is a new group name, and the corresponding value is an already-parsed Kubernetes label selector. Nodes in nodeToGroup whose labels match the selector are moved to the new group. Returns an error if a selector matches no nodes or if a node matches multiple selectors.
func BuildNodeToGroupMap ¶ added in v0.0.5
BuildNodeToGroupMap builds a node->group map for clusters without MCP: - Prefer HyperShift NodePool label when present. - Otherwise fall back to Kubernetes node role derived from labels.
func IsSupportedTopology ¶ added in v0.0.5
func IsSupportedTopology(topology configv1.TopologyMode) bool
IsSupportedTopology returns true if the given topology is supported by commatrix.
func ParsePortRangeHyphen ¶ added in v0.0.5
parsePortRangeHyphen parses strings like "MIN-MAX" (hyphen-separated) into numeric bounds.
func ParsePortRangeSpace ¶ added in v0.0.5
parsePortRangeSpace parses strings like "MIN MAX" (space-separated) into numeric bounds.
func SupportedTopologiesList ¶ added in v0.0.5
func SupportedTopologiesList() []configv1.TopologyMode
SupportedTopologiesList returns the list of supported topologies.
Types ¶
type ComDetails ¶
type ComDetails struct {
Direction string `json:"direction" yaml:"direction" csv:"Direction"`
Protocol string `json:"protocol" yaml:"protocol" csv:"Protocol"`
Port int `json:"port" yaml:"port" csv:"Port"`
Namespace string `json:"namespace" yaml:"namespace" csv:"Namespace"`
Service string `json:"service" yaml:"service" csv:"Service"`
Pod string `json:"pod" yaml:"pod" csv:"Pod"`
Container string `json:"container" yaml:"container" csv:"Container"`
NodeGroup string `json:"nodeGroup" yaml:"nodeGroup" csv:"NodeGroup"`
Optional bool `json:"optional" yaml:"optional" csv:"Optional"`
}
func GetStaticEntries ¶ added in v0.0.6
func GetStaticEntries(platformType configv1.PlatformType, topology configv1.TopologyMode, ipv6Enabled, dhcpEnabled bool) ([]ComDetails, error)
GetStaticEntries returns the static entries for the given platform, topology, IPv6 and DHCP configuration.
func (ComDetails) Equals ¶
func (cd ComDetails) Equals(other ComDetails) bool
func (ComDetails) String ¶
func (cd ComDetails) String() string
type ComMatrix ¶
type ComMatrix struct {
Ports []ComDetails
DynamicRanges DynamicRangeList
}
func ParseToComMatrix ¶ added in v0.0.5
ParseToComMatrix parses input content in one of the supported formats (json, yaml, csv) and returns a ComMatrix that includes both ComDetails (Ports) and DynamicRanges.
func (*ComMatrix) Contains ¶
func (m *ComMatrix) Contains(cd ComDetails) bool
func (*ComMatrix) Merge ¶ added in v0.0.6
Merge creates a copy of the current matrix and merges another matrix into it. When both m and other are not nil, it returns a new ComMatrix containing all ports and dynamic ranges from both matrices, sorted and merged. Otherwise, it returns m (if other is nil), other (if m is nil), or an empty ComMatrix{}.
func (*ComMatrix) SeparateMatrixByGroup ¶ added in v0.0.5
SeparateMatrixByGroup groups matrix entries by their group name (stored in NodeGroup).
func (*ComMatrix) SortAndRemoveDuplicates ¶
func (m *ComMatrix) SortAndRemoveDuplicates()
SortAndRemoveDuplicates removes duplicates in the matrix and sort it.
func (*ComMatrix) ToMachineConfig ¶ added in v0.0.6
func (*ComMatrix) ToNFTables ¶
func (*ComMatrix) WriteMatrixToFileByType ¶
type ContainerInfo ¶
type DynamicRange ¶ added in v0.0.5
type DynamicRange struct {
Direction string `json:"direction" yaml:"direction" csv:"Direction"`
Protocol string `json:"protocol" yaml:"protocol" csv:"Protocol"`
MinPort int `json:"minPort" yaml:"minPort" csv:"MinPort"`
MaxPort int `json:"maxPort" yaml:"maxPort" csv:"MaxPort"`
Description string `json:"description" yaml:"description" csv:"Description"`
Optional bool `json:"optional" yaml:"optional" csv:"Optional"`
}
func (*DynamicRange) CanMerge ¶ added in v0.0.6
func (dr *DynamicRange) CanMerge(next DynamicRange) bool
CanMerge returns true if the current DynamicRange can be merged with next. For this comparison to succeed, next must start in dr's range or at max one element after it.
func (*DynamicRange) Merge ¶ added in v0.0.6
func (dr *DynamicRange) Merge(next DynamicRange) bool
Merge merges next into dr if the 2 ranges can merge and returns true. If the ranges cannot merge, dr is not modified and false is returned. See CanMerge() for the criteria of a successful merge. A merge will combine the Descriptions of both elements. If either element into the Merge is mandatory, the entire result of the Merge will be marked as mandatory.
func (*DynamicRange) PortRangeString ¶ added in v0.0.5
func (dr *DynamicRange) PortRangeString() string
type DynamicRangeList ¶ added in v0.0.6
type DynamicRangeList []DynamicRange
func (*DynamicRangeList) Squash ¶ added in v0.0.6
func (drl *DynamicRangeList) Squash()
Squash merges DynamicRanges with matching Direction and Protocol into a single range. Note that this Squash will potentially lose information as Description and Optional will be combined. See DynamicRange.Merge() for details.
Source Files
Click to show internal directories.
Click to hide internal directories.