github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/interfaces.go

github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/interfaces.go (about)

     1  package controller
     2  
     3  import (
     4  	"context"
     5  	"time"
     6  
     7  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/packettracing"
     8  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/secrets"
     9  	"go.aporeto.io/enforcerd/trireme-lib/controller/runtime"
    10  	"go.aporeto.io/enforcerd/trireme-lib/policy"
    11  )
    12  
    13  // TriremeController is the main API of the Trireme controller
    14  type TriremeController interface {
    15  	// Run initializes and runs the controller.
    16  	Run(ctx context.Context) error
    17  
    18  	// CleanUp cleans all the supervisors and ACLs for a clean exit
    19  	CleanUp() error
    20  
    21  	// Enforce asks the controller to enforce policy on a processing unit
    22  	Enforce(ctx context.Context, puID string, policy *policy.PUPolicy, runtime *policy.PURuntime) (err error)
    23  
    24  	// UnEnforce asks the controller to ub-enforce policy on a processing unit
    25  	UnEnforce(ctx context.Context, puID string, policy *policy.PUPolicy, runtime *policy.PURuntime) (err error)
    26  
    27  	// UpdatePolicy updates the policy of the isolator for a container.
    28  	UpdatePolicy(ctx context.Context, puID string, policy *policy.PUPolicy, runtime *policy.PURuntime) error
    29  
    30  	// UpdateSecrets updates the secrets of running enforcers managed by trireme. Remote enforcers will get the secret updates with the next policy push
    31  	UpdateSecrets(secrets secrets.Secrets) error
    32  
    33  	// UpdateConfiguration updates the configuration of the controller. Only specific configuration
    34  	// parameters can be updated during run time.
    35  	UpdateConfiguration(cfg *runtime.Configuration) error
    36  	DebugInfo
    37  }
    38  
    39  // DebugInfo is the interface implemented by controllers to support configuring debug options
    40  type DebugInfo interface {
    41  	// EnableReceivedPacketTracing will enable tracing of packets received by the datapath for a particular PU. Setting Disabled as tracing direction will stop tracing for the contextID
    42  	EnableDatapathPacketTracing(ctx context.Context, puID string, policy *policy.PUPolicy, runtime *policy.PURuntime, direction packettracing.TracingDirection, interval time.Duration) error
    43  	// EnablePacketTracing enable iptables -j trace for the particular pu and is much wider packet stream.
    44  	EnableIPTablesPacketTracing(ctx context.Context, puID string, policy *policy.PUPolicy, runtime *policy.PURuntime, interval time.Duration) error
    45  	// Ping runs ping based on the given config.
    46  	Ping(ctx context.Context, puID string, policy *policy.PUPolicy, runtime *policy.PURuntime, pingConfig *policy.PingConfig) error
    47  	// DebugCollect collects debug information, such as packet capture
    48  	DebugCollect(ctx context.Context, puID string, policy *policy.PUPolicy, runtime *policy.PURuntime, debugConfig *policy.DebugConfig) error
    49  }