github.com/tigera/api@v0.0.0-20240320170621-278e89a8c5fb/pkg/apis/projectcalico/v3/deeppacketinspection.go

github.com/tigera/api@v0.0.0-20240320170621-278e89a8c5fb/pkg/apis/projectcalico/v3/deeppacketinspection.go (about)

     1  // Copyright (c) 2021 Tigera, Inc. All rights reserved.
     2  
     3  package v3
     4  
     5  import (
     6  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
     7  )
     8  
     9  const (
    10  	KindDeepPacketInspection     = "DeepPacketInspection"
    11  	KindDeepPacketInspectionList = "DeepPacketInspectionList"
    12  )
    13  
    14  // +genclient
    15  // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
    16  // +kubebuilder:subresource:status
    17  
    18  type DeepPacketInspection struct {
    19  	metav1.TypeMeta `json:",inline"`
    20  	// Standard object's metadata.
    21  	metav1.ObjectMeta `json:"metadata,omitempty"`
    22  	// Specification of the DeepPacketInspection.
    23  	Spec DeepPacketInspectionSpec `json:"spec,omitempty"`
    24  	// Status of the DeepPacketInspection.
    25  	Status DeepPacketInspectionStatus `json:"status,omitempty"`
    26  }
    27  
    28  // DeepPacketInspectionSpec contains the values of the deep packet inspection.
    29  type DeepPacketInspectionSpec struct {
    30  	// The selector is an expression used to pick out the endpoints for which deep packet inspection should
    31  	// be performed on. The selector will only match endpoints in the same namespace as the
    32  	// DeepPacketInspection resource.
    33  	//
    34  	// Selector expressions follow this syntax:
    35  	//
    36  	// 	label == "string_literal"  ->  comparison, e.g. my_label == "foo bar"
    37  	// 	label != "string_literal"   ->  not equal; also matches if label is not present
    38  	// 	label in { "a", "b", "c", ... }  ->  true if the value of label X is one of "a", "b", "c"
    39  	// 	label not in { "a", "b", "c", ... }  ->  true if the value of label X is not one of "a", "b", "c"
    40  	// 	has(label_name)  -> True if that label is present
    41  	// 	! expr -> negation of expr
    42  	// 	expr && expr  -> Short-circuit and
    43  	// 	expr || expr  -> Short-circuit or
    44  	// 	( expr ) -> parens for grouping
    45  	// 	all() or the empty selector -> matches all endpoints.
    46  	//
    47  	// Label names are allowed to contain alphanumerics, -, _ and /. String literals are more permissive
    48  	// but they do not support escape characters.
    49  	//
    50  	// Examples (with made-up labels):
    51  	//
    52  	// 	type == "webserver" && deployment == "prod"
    53  	// 	type in {"frontend", "backend"}
    54  	// 	deployment != "dev"
    55  	// 	! has(label_name)
    56  	Selector string `json:"selector,omitempty" validate:"selector"`
    57  }
    58  
    59  // DeepPacketInspectionStatus contains status of deep packet inspection in each node.
    60  type DeepPacketInspectionStatus struct {
    61  	Nodes []DPINode `json:"nodes,omitempty"`
    62  }
    63  
    64  type DPINode struct {
    65  	// Node identifies with a physical node from the cluster via its hostname.
    66  	Node   string    `json:"node,omitempty"`
    67  	Active DPIActive `json:"active,omitempty"`
    68  	// +kubebuilder:validation:MaxItems:=10
    69  	ErrorConditions []DPIErrorCondition `json:"errorConditions,omitempty"`
    70  }
    71  
    72  type DPIActive struct {
    73  	// Success indicates if deep packet inspection is running on all workloads matching the selector.
    74  	Success bool `json:"success,omitempty"`
    75  	// Timestamp of when the active status was last updated.
    76  	LastUpdated *metav1.Time `json:"lastUpdated,omitempty"`
    77  }
    78  
    79  type DPIErrorCondition struct {
    80  	// Message from deep packet inspection error.
    81  	Message string `json:"message,omitempty"`
    82  	// Timestamp of when this error message was added.
    83  	LastUpdated *metav1.Time `json:"lastUpdated,omitempty"`
    84  }
    85  
    86  // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
    87  
    88  // DeepPacketInspectionList contains list of DeepPacketInspection resource.
    89  type DeepPacketInspectionList struct {
    90  	metav1.TypeMeta `json:",inline"`
    91  	metav1.ListMeta `json:"metadata"`
    92  	Items           []DeepPacketInspection `json:"items"`
    93  }
    94  
    95  // NewDeepPacketInspection creates a new (zeroed) DeepPacketInspection struct with the TypeMetadata
    96  // initialized to the current version.
    97  func NewDeepPacketInspection() *DeepPacketInspection {
    98  	return &DeepPacketInspection{
    99  		TypeMeta: metav1.TypeMeta{
   100  			Kind:       KindDeepPacketInspection,
   101  			APIVersion: GroupVersionCurrent,
   102  		},
   103  	}
   104  }
   105  
   106  // NewDeepPacketInspectionList creates a new zeroed) DeepPacketInspectionList struct with the TypeMetadata
   107  // initialized to the current version.
   108  func NewDeepPacketInspectionList() *DeepPacketInspectionList {
   109  	return &DeepPacketInspectionList{
   110  		TypeMeta: metav1.TypeMeta{
   111  			Kind:       KindDeepPacketInspectionList,
   112  			APIVersion: GroupVersionCurrent,
   113  		},
   114  	}
   115  }