github.com/elfadel/cilium@v1.6.12/pkg/proxy/logger/epinfo.go (about) 1 // Copyright 2018 Authors of Cilium 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package logger 16 17 import ( 18 "net" 19 20 "github.com/cilium/cilium/pkg/identity" 21 "github.com/cilium/cilium/pkg/policy" 22 "github.com/cilium/cilium/pkg/proxy/accesslog" 23 ) 24 25 // EndpointInfoSource returns information about an endpoint being proxied. 26 // The read lock must be held when calling any method. 27 type EndpointInfoSource interface { 28 UnconditionalRLock() 29 RUnlock() 30 GetID() uint64 31 GetIPv4Address() string 32 GetIPv6Address() string 33 GetIdentityLocked() identity.NumericIdentity 34 GetLabels() []string 35 GetLabelsSHA() string 36 HasSidecarProxy() bool 37 ConntrackName() string 38 GetIngressPolicyEnabledLocked() bool 39 GetEgressPolicyEnabledLocked() bool 40 ProxyID(l4 *policy.L4Filter) string 41 } 42 43 // getEndpointInfo returns a consistent snapshot of the given source. 44 // The source's read lock must not be held. 45 func getEndpointInfo(source EndpointInfoSource) *accesslog.EndpointInfo { 46 source.UnconditionalRLock() 47 defer source.RUnlock() 48 return &accesslog.EndpointInfo{ 49 ID: source.GetID(), 50 IPv4: source.GetIPv4Address(), 51 IPv6: source.GetIPv6Address(), 52 Labels: source.GetLabels(), 53 LabelsSHA256: source.GetLabelsSHA(), 54 Identity: uint64(source.GetIdentityLocked()), 55 } 56 } 57 58 // EndpointUpdater returns information about an endpoint being proxied and 59 // is called back to update the endpoint when proxy events occur. 60 // This is a subset of `Endpoint`. 61 type EndpointUpdater interface { 62 EndpointInfoSource 63 64 // OnProxyPolicyUpdate is called when the proxy acknowledges that it 65 // has applied a policy. 66 OnProxyPolicyUpdate(policyRevision uint64) 67 68 // UpdateProxyStatistics updates the Endpoint's proxy statistics to account 69 // for a new observed flow with the given characteristics. 70 UpdateProxyStatistics(l4Protocol string, port uint16, ingress, request bool, verdict accesslog.FlowVerdict) 71 } 72 73 // EndpointInfoRegistry provides endpoint information lookup by endpoint IP 74 // address. 75 type EndpointInfoRegistry interface { 76 // FillEndpointIdentityByID resolves the labels of the specified identity 77 // if known locally and fills in the following info member fields: 78 // - info.Identity 79 // - info.Labels 80 // - info.LabelsSHA256 81 // Returns true if found, false if not found. 82 FillEndpointIdentityByID(id identity.NumericIdentity, info *accesslog.EndpointInfo) bool 83 84 // FillEndpointIdentityByIP resolves the labels of the endpoint with the 85 // specified IP if known locally and fills in the following info member 86 // fields: 87 // - info.ID 88 // - info.Identity 89 // - info.Labels 90 // - info.LabelsSHA256 91 // Returns true if found, false if not found. 92 FillEndpointIdentityByIP(ip net.IP, info *accesslog.EndpointInfo) bool 93 }