github.com/noironetworks/cilium-net@v1.6.12/pkg/endpoint/regeneration/owner.go

github.com/noironetworks/cilium-net@v1.6.12/pkg/endpoint/regeneration/owner.go (about)

     1  // Copyright 2016-2019 Authors of Cilium
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package regeneration
    16  
    17  import (
    18  	"context"
    19  
    20  	"github.com/cilium/cilium/pkg/completion"
    21  	"github.com/cilium/cilium/pkg/datapath"
    22  	"github.com/cilium/cilium/pkg/identity"
    23  	"github.com/cilium/cilium/pkg/identity/cache"
    24  	"github.com/cilium/cilium/pkg/lock"
    25  	monitorAPI "github.com/cilium/cilium/pkg/monitor/api"
    26  	"github.com/cilium/cilium/pkg/policy"
    27  	"github.com/cilium/cilium/pkg/proxy/accesslog"
    28  	"github.com/cilium/cilium/pkg/revert"
    29  )
    30  
    31  // Owner is the interface defines the requirements for anybody owning policies.
    32  type Owner interface {
    33  
    34  	// Must return the policy repository
    35  	GetPolicyRepository() *policy.Repository
    36  
    37  	// UpdateProxyRedirect must update the redirect configuration of an endpoint in the proxy
    38  	UpdateProxyRedirect(e EndpointUpdater, l4 *policy.L4Filter, proxyWaitGroup *completion.WaitGroup) (uint16, error, revert.FinalizeFunc, revert.RevertFunc)
    39  
    40  	// RemoveProxyRedirect must remove the redirect installed by UpdateProxyRedirect
    41  	RemoveProxyRedirect(e EndpointInfoSource, id string, proxyWaitGroup *completion.WaitGroup) (error, revert.FinalizeFunc, revert.RevertFunc)
    42  
    43  	// UpdateNetworkPolicy adds or updates a network policy in the set
    44  	// published to L7 proxies.
    45  	UpdateNetworkPolicy(e EndpointUpdater, policy *policy.L4Policy,
    46  		proxyWaitGroup *completion.WaitGroup) (error, revert.RevertFunc)
    47  
    48  	// RemoveNetworkPolicy removes a network policy from the set published to
    49  	// L7 proxies.
    50  	RemoveNetworkPolicy(e EndpointInfoSource)
    51  
    52  	// QueueEndpointBuild puts the given endpoint in the processing queue
    53  	QueueEndpointBuild(ctx context.Context, epID uint64) (func(), error)
    54  
    55  	// RemoveFromEndpointQueue removes an endpoint from the working queue
    56  	RemoveFromEndpointQueue(epID uint64)
    57  
    58  	// GetCompilationLock returns the mutex responsible for synchronizing compilation
    59  	// of BPF programs.
    60  	GetCompilationLock() *lock.RWMutex
    61  
    62  	// SendNotification is called to emit an agent notification
    63  	SendNotification(typ monitorAPI.AgentNotification, text string) error
    64  
    65  	// Datapath returns a reference to the datapath implementation.
    66  	Datapath() datapath.Datapath
    67  
    68  	// GetNodeSuffix returns the suffix to be appended to kvstore keys of this
    69  	GetNodeSuffix() string
    70  
    71  	// UpdateIdentities propagates identity updates to selectors
    72  	UpdateIdentities(added, deleted cache.IdentityCache)
    73  }
    74  
    75  // EndpointInfoSource returns information about an endpoint being proxied.
    76  // The read lock must be held when calling any method.
    77  type EndpointInfoSource interface {
    78  	UnconditionalRLock()
    79  	RUnlock()
    80  	GetID() uint64
    81  	GetIPv4Address() string
    82  	GetIPv6Address() string
    83  	GetIdentityLocked() identity.NumericIdentity
    84  	GetLabels() []string
    85  	GetLabelsSHA() string
    86  	HasSidecarProxy() bool
    87  	ConntrackName() string
    88  	GetIngressPolicyEnabledLocked() bool
    89  	GetEgressPolicyEnabledLocked() bool
    90  	ProxyID(l4 *policy.L4Filter) string
    91  }
    92  
    93  // EndpointUpdater returns information about an endpoint being proxied and
    94  // is called back to update the endpoint when proxy events occur.
    95  // This is a subset of `Endpoint`.
    96  type EndpointUpdater interface {
    97  	EndpointInfoSource
    98  	// OnProxyPolicyUpdate is called when the proxy acknowledges that it
    99  	// has applied a policy.
   100  	OnProxyPolicyUpdate(policyRevision uint64)
   101  
   102  	// UpdateProxyStatistics updates the Endpoint's proxy statistics to account
   103  	// for a new observed flow with the given characteristics.
   104  	UpdateProxyStatistics(l4Protocol string, port uint16, ingress, request bool, verdict accesslog.FlowVerdict)
   105  }