github.com/elfadel/cilium@v1.6.12/pkg/proxy/redirect.go

github.com/elfadel/cilium@v1.6.12/pkg/proxy/redirect.go (about)

     1  // Copyright 2016-2018 Authors of Cilium
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package proxy
    16  
    17  import (
    18  	"github.com/cilium/cilium/pkg/revert"
    19  	"time"
    20  
    21  	"github.com/cilium/cilium/pkg/completion"
    22  	"github.com/cilium/cilium/pkg/lock"
    23  	"github.com/cilium/cilium/pkg/policy"
    24  	"github.com/cilium/cilium/pkg/proxy/logger"
    25  )
    26  
    27  // RedirectImplementation is the generic proxy redirect interface that each
    28  // proxy redirect type must implement
    29  type RedirectImplementation interface {
    30  	// UpdateRules notifies the proxy implementation that the new rules in
    31  	// parameter l4 are to be applied. The implementation should .Add to the
    32  	// WaitGroup if the update is asynchronous and the update should not return
    33  	// until it is complete.
    34  	// The returned RevertFunc must be non-nil.
    35  	// Note: UpdateRules is not called when a redirect is created.
    36  	UpdateRules(wg *completion.WaitGroup, l4 *policy.L4Filter) (revert.RevertFunc, error)
    37  
    38  	// Close closes and cleans up resources associated with the redirect
    39  	// implementation. The implementation should .Add to the WaitGroup if the
    40  	// update is asynchronous and the update should not return until it is
    41  	// complete.
    42  	Close(wg *completion.WaitGroup) (revert.FinalizeFunc, revert.RevertFunc)
    43  }
    44  
    45  type Redirect struct {
    46  	// The following fields are only written to during initialization, it
    47  	// is safe to read these fields without locking the mutex
    48  	listener       *ProxyPort
    49  	dstPort        uint16
    50  	endpointID     uint64
    51  	localEndpoint  logger.EndpointUpdater
    52  	created        time.Time
    53  	implementation RedirectImplementation
    54  
    55  	// The following fields are updated while the redirect is alive, the
    56  	// mutex must be held to read and write these fields
    57  	mutex       lock.RWMutex
    58  	lastUpdated time.Time
    59  	rules       policy.L7DataMap
    60  }
    61  
    62  func newRedirect(localEndpoint logger.EndpointUpdater, listener *ProxyPort, dstPort uint16) *Redirect {
    63  	return &Redirect{
    64  		listener:      listener,
    65  		dstPort:       dstPort,
    66  		endpointID:    localEndpoint.GetID(),
    67  		localEndpoint: localEndpoint,
    68  		created:       time.Now(),
    69  		lastUpdated:   time.Now(),
    70  	}
    71  }
    72  
    73  // updateRules updates the rules of the redirect, Redirect.mutex must be held
    74  // 'implementation' is not initialized when this is called the first time.
    75  // TODO: Replace this with RedirectImplementation UpdateRules method!
    76  func (r *Redirect) updateRules(l4 *policy.L4Filter) revert.RevertFunc {
    77  	oldRules := r.rules
    78  	r.rules = make(policy.L7DataMap, len(l4.L7RulesPerEp))
    79  	for key, val := range l4.L7RulesPerEp {
    80  		r.rules[key] = val
    81  	}
    82  	return func() error {
    83  		r.mutex.Lock()
    84  		r.rules = oldRules
    85  		r.mutex.Unlock()
    86  		return nil
    87  	}
    88  }