kubernetesk8s.io/kubernetes/pkg/proxy/util Index | Files | Directories

package util

import "k8s.io/kubernetes/pkg/proxy/util"

Index

Constants 

const (
	// IPv4ZeroCIDR is the CIDR block for the whole IPv4 address space
	IPv4ZeroCIDR = "0.0.0.0/0"

	// IPv6ZeroCIDR is the CIDR block for the whole IPv6 address space
	IPv6ZeroCIDR = "::/0"
)

Variables 

var (
	// ErrAddressNotAllowed indicates the address is not allowed
	ErrAddressNotAllowed = errors.New("address not allowed")

	// ErrNoAddresses indicates there are no addresses for the hostname
	ErrNoAddresses = errors.New("No addresses for hostname")
)

Functions

func AppendPortIfNeeded 

func AppendPortIfNeeded(addr string, port int32) string

AppendPortIfNeeded appends the given port to IP address unless it is already in "ipv4:port" or "[ipv6]:port" format.

func BuildPortsToEndpointsMap 

func BuildPortsToEndpointsMap(endpoints *v1.Endpoints) map[string][]string

BuildPortsToEndpointsMap builds a map of portname -> all ip:ports for that portname. Explode Endpoints.Subsets[*] into this structure.

func CountBytesLines 

func CountBytesLines(b []byte) int

CountBytesLines counts the number of lines in a bytes slice

func EnsureSysctl 

func EnsureSysctl(sysctl utilsysctl.Interface, name string, newVal int) error

EnsureSysctl sets a kernel sysctl to a given numeric value.

func GetClusterIPByFamily 

func GetClusterIPByFamily(ipFamily v1.IPFamily, service *v1.Service) string

GetClusterIPByFamily returns a service clusterip by family

func GetLocalAddrSet 

func GetLocalAddrSet() utilnet.IPSet

GetLocalAddrSet return a local IPSet. If failed to get local addr, will assume no local ips.

func GetLocalAddrs 

func GetLocalAddrs() ([]net.IP, error)

GetLocalAddrs returns a list of all network addresses on the local system

func GetNodeAddresses 

func GetNodeAddresses(cidrs []string, nw NetworkInterfacer) (sets.String, error)

GetNodeAddresses return all matched node IP addresses based on given cidr slice. Some callers, e.g. IPVS proxier, need concrete IPs, not ranges, which is why this exists. NetworkInterfacer is injected for test purpose. We expect the cidrs passed in is already validated. Given an empty input `[]`, it will return `0.0.0.0/0` and `::/0` directly. If multiple cidrs is given, it will return the minimal IP sets, e.g. given input `[1.2.0.0/16, 0.0.0.0/0]`, it will only return `0.0.0.0/0`. NOTE: GetNodeAddresses only accepts CIDRs, if you want concrete IPs, e.g. 1.2.3.4, then the input should be 1.2.3.4/32.

func IPPart 

func IPPart(s string) string

IPPart returns just the IP part of an IP or IP:port or endpoint string. If the IP part is an IPv6 address enclosed in brackets (e.g. "[fd00:1::5]:9999"), then the brackets are stripped as well.

func IsAllowedHost 

func IsAllowedHost(host net.IP, denied []*net.IPNet) error

IsAllowedHost checks if the given IP host address is in a network in the denied list.

func IsProxyableHostname 

func IsProxyableHostname(ctx context.Context, resolv Resolver, hostname string) error

IsProxyableHostname checks if the IP addresses for a given hostname are permitted to be proxied

func IsProxyableIP 

func IsProxyableIP(ip string) error

IsProxyableIP checks if a given IP address is permitted to be proxied

func IsZeroCIDR 

func IsZeroCIDR(cidr string) bool

IsZeroCIDR checks whether the input CIDR string is either the IPv4 or IPv6 zero CIDR

func LogAndEmitIncorrectIPVersionEvent 

func LogAndEmitIncorrectIPVersionEvent(recorder record.EventRecorder, fieldName, fieldValue, svcNamespace, svcName string, svcUID types.UID)

LogAndEmitIncorrectIPVersionEvent logs and emits incorrect IP version event.

func MapCIDRsByIPFamily 

func MapCIDRsByIPFamily(cidrStrings []string) map[v1.IPFamily][]string

MapCIDRsByIPFamily maps a slice of IPs to their respective IP families (v4 or v6)

func MapIPsByIPFamily 

func MapIPsByIPFamily(ipStrings []string) map[v1.IPFamily][]string

MapIPsByIPFamily maps a slice of IPs to their respective IP families (v4 or v6)

func OtherIPFamily 

func OtherIPFamily(ipFamily v1.IPFamily) v1.IPFamily

OtherIPFamily returns the other ip family

func PortPart 

func PortPart(s string) (int, error)

PortPart returns just the port part of an endpoint string.

func RevertPorts 

func RevertPorts(replacementPortsMap, originalPortsMap map[utilnet.LocalPort]utilnet.Closeable)

RevertPorts is closing ports in replacementPortsMap but not in originalPortsMap. In other words, it only closes the ports opened in this sync.

func ShouldSkipService 

func ShouldSkipService(service *v1.Service) bool

ShouldSkipService checks if a given service should skip proxying

func ShuffleStrings 

func ShuffleStrings(s []string) []string

ShuffleStrings copies strings from the specified slice into a copy in random order. It returns a new slice.

func ToCIDR 

func ToCIDR(ip net.IP) string

ToCIDR returns a host address of the form <ip-address>/32 for IPv4 and <ip-address>/128 for IPv6

func WriteBytesLine 

func WriteBytesLine(buf *bytes.Buffer, bytes []byte)

WriteBytesLine write bytes to buffer, terminate with newline

func WriteLine 

func WriteLine(buf *bytes.Buffer, words ...string)

WriteLine join all words with spaces, terminate with newline and write to buff.

Types

type DialContext 

type DialContext = func(context.Context, string, string) (net.Conn, error)

DialContext is a dial function matching the signature of net.Dialer.DialContext.

func NewFilteredDialContext 

func NewFilteredDialContext(wrapped DialContext, resolv Resolver, opts *FilteredDialOptions) DialContext

NewFilteredDialContext returns a DialContext function that filters connections based on a FilteredDialOptions.

type FilteredDialOptions 

type FilteredDialOptions struct {
	// DialHostIPDenylist restricts hosts from being dialed.
	DialHostCIDRDenylist []*net.IPNet
	// AllowLocalLoopback controls connections to local loopback hosts (as defined by
	// IsProxyableIP).
	AllowLocalLoopback bool
}

FilteredDialOptions configures how a DialContext is wrapped by NewFilteredDialContext.

type NetworkInterfacer 

type NetworkInterfacer interface {
	Addrs(intf *net.Interface) ([]net.Addr, error)
	Interfaces() ([]net.Interface, error)
}

NetworkInterfacer defines an interface for several net library functions. Production code will forward to net library functions, and unit tests will override the methods for testing purposes.

type RealNetwork 

type RealNetwork struct{}

RealNetwork implements the NetworkInterfacer interface for production code, just wrapping the underlying net library function calls.

func (RealNetwork) Addrs 

func (RealNetwork) Addrs(intf *net.Interface) ([]net.Addr, error)

Addrs wraps net.Interface.Addrs(), it's a part of NetworkInterfacer interface.

func (RealNetwork) Interfaces 

func (RealNetwork) Interfaces() ([]net.Interface, error)

Interfaces wraps net.Interfaces(), it's a part of NetworkInterfacer interface.

type Resolver 

type Resolver interface {
	LookupIPAddr(ctx context.Context, host string) ([]net.IPAddr, error)
}

Resolver is an interface for net.Resolver

Source Files

endpoints.go network.go utils.go

Directories

PathSynopsis
pkg/proxy/util/iptables
pkg/proxy/util/testing
Version
v1.21.7
Published
Nov 17, 2021
Platform
js/wasm
Imports
16 packages
Last checked
1 minute ago

Tools for package owners.