kubernetesk8s.io/kubernetes/pkg/proxy/util Index | Files | Directories

package util

import "k8s.io/kubernetes/pkg/proxy/util"

Index

Constants 

const (
	// IPv4ZeroCIDR is the CIDR block for the whole IPv4 address space
	IPv4ZeroCIDR = "0.0.0.0/0"

	// IPv6ZeroCIDR is the CIDR block for the whole IPv6 address space
	IPv6ZeroCIDR = "::/0"
)

Variables 

var (
	// ErrAddressNotAllowed indicates the address is not allowed
	ErrAddressNotAllowed = errors.New("address not allowed")

	// ErrNoAddresses indicates there are no addresses for the hostname
	ErrNoAddresses = errors.New("no addresses for hostname")
)

Functions

func AddressSet 

func AddressSet(isValid func(ip net.IP) bool, addrs []net.Addr) sets.String

AddressSet validates the addresses in the slice using the "isValid" function. Addresses that pass the validation are returned as a string Set.

func AppendPortIfNeeded 

func AppendPortIfNeeded(addr string, port int32) string

AppendPortIfNeeded appends the given port to IP address unless it is already in "ipv4:port" or "[ipv6]:port" format.

func BuildPortsToEndpointsMap 

func BuildPortsToEndpointsMap(endpoints *v1.Endpoints) map[string][]string

BuildPortsToEndpointsMap builds a map of portname -> all ip:ports for that portname. Explode Endpoints.Subsets[*] into this structure.

func ContainsIPv4Loopback 

func ContainsIPv4Loopback(cidrStrings []string) bool

ContainsIPv4Loopback returns true if the input is empty or one of the CIDR contains an IPv4 loopback address.

func EnsureSysctl 

func EnsureSysctl(sysctl utilsysctl.Interface, name string, newVal int) error

EnsureSysctl sets a kernel sysctl to a given numeric value.

func GetClusterIPByFamily 

func GetClusterIPByFamily(ipFamily v1.IPFamily, service *v1.Service) string

GetClusterIPByFamily returns a service clusterip by family

func GetLocalAddrSet 

func GetLocalAddrSet() netutils.IPSet

GetLocalAddrSet return a local IPSet. If failed to get local addr, will assume no local ips.

func GetLocalAddrs 

func GetLocalAddrs() ([]net.IP, error)

GetLocalAddrs returns a list of all network addresses on the local system

func GetNodeAddresses 

func GetNodeAddresses(cidrs []string, nw NetworkInterfacer) (sets.String, error)

GetNodeAddresses return all matched node IP addresses based on given cidr slice. Some callers, e.g. IPVS proxier, need concrete IPs, not ranges, which is why this exists. NetworkInterfacer is injected for test purpose. We expect the cidrs passed in is already validated. Given an empty input `[]`, it will return `0.0.0.0/0` and `::/0` directly. If multiple cidrs is given, it will return the minimal IP sets, e.g. given input `[1.2.0.0/16, 0.0.0.0/0]`, it will only return `0.0.0.0/0`. NOTE: GetNodeAddresses only accepts CIDRs, if you want concrete IPs, e.g. 1.2.3.4, then the input should be 1.2.3.4/32.

func IPPart 

func IPPart(s string) string

IPPart returns just the IP part of an IP or IP:port or endpoint string. If the IP part is an IPv6 address enclosed in brackets (e.g. "[fd00:1::5]:9999"), then the brackets are stripped as well.

func IsAllowedHost 

func IsAllowedHost(host net.IP, denied []*net.IPNet) error

IsAllowedHost checks if the given IP host address is in a network in the denied list.

func IsProxyableHostname 

func IsProxyableHostname(ctx context.Context, resolv Resolver, hostname string) error

IsProxyableHostname checks if the IP addresses for a given hostname are permitted to be proxied

func IsProxyableIP 

func IsProxyableIP(ip string) error

IsProxyableIP checks if a given IP address is permitted to be proxied

func IsZeroCIDR 

func IsZeroCIDR(cidr string) bool

IsZeroCIDR checks whether the input CIDR string is either the IPv4 or IPv6 zero CIDR

func LogAndEmitIncorrectIPVersionEvent 

func LogAndEmitIncorrectIPVersionEvent(recorder events.EventRecorder, fieldName, fieldValue, svcNamespace, svcName string, svcUID types.UID)

LogAndEmitIncorrectIPVersionEvent logs and emits incorrect IP version event.

func MapCIDRsByIPFamily 

func MapCIDRsByIPFamily(cidrStrings []string) map[v1.IPFamily][]string

MapCIDRsByIPFamily maps a slice of IPs to their respective IP families (v4 or v6)

func MapIPsByIPFamily 

func MapIPsByIPFamily(ipStrings []string) map[v1.IPFamily][]string

MapIPsByIPFamily maps a slice of IPs to their respective IP families (v4 or v6)

func OtherIPFamily 

func OtherIPFamily(ipFamily v1.IPFamily) v1.IPFamily

OtherIPFamily returns the other ip family

func PortPart 

func PortPart(s string) (int, error)

PortPart returns just the port part of an endpoint string.

func RevertPorts 

func RevertPorts(replacementPortsMap, originalPortsMap map[netutils.LocalPort]netutils.Closeable)

RevertPorts is closing ports in replacementPortsMap but not in originalPortsMap. In other words, it only closes the ports opened in this sync.

func ShouldSkipService 

func ShouldSkipService(service *v1.Service) bool

ShouldSkipService checks if a given service should skip proxying

func ShuffleStrings 

func ShuffleStrings(s []string) []string

ShuffleStrings copies strings from the specified slice into a copy in random order. It returns a new slice.

Types

type DialContext 

type DialContext = func(context.Context, string, string) (net.Conn, error)

DialContext is a dial function matching the signature of net.Dialer.DialContext.

func NewFilteredDialContext 

func NewFilteredDialContext(wrapped DialContext, resolv Resolver, opts *FilteredDialOptions) DialContext

NewFilteredDialContext returns a DialContext function that filters connections based on a FilteredDialOptions.

type FilteredDialOptions 

type FilteredDialOptions struct {
	// DialHostIPDenylist restricts hosts from being dialed.
	DialHostCIDRDenylist []*net.IPNet
	// AllowLocalLoopback controls connections to local loopback hosts (as defined by
	// IsProxyableIP).
	AllowLocalLoopback bool
}

FilteredDialOptions configures how a DialContext is wrapped by NewFilteredDialContext.

type LineBuffer 

type LineBuffer struct {
	// contains filtered or unexported fields
}

func (*LineBuffer) Bytes 

func (buf *LineBuffer) Bytes() []byte

Bytes returns the contents of buf as a []byte

func (*LineBuffer) Lines 

func (buf *LineBuffer) Lines() int

Lines returns the number of lines in buf. Note that more precisely, this returns the number of times Write() or WriteBytes() was called; it assumes that you never wrote any newlines to the buffer yourself.

func (*LineBuffer) Reset 

func (buf *LineBuffer) Reset()

Reset clears buf

func (*LineBuffer) Write 

func (buf *LineBuffer) Write(args ...interface{})

Write takes a list of arguments, each a string or []string, joins all the individual strings with spaces, terminates with newline, and writes to buf. Any other argument type will panic.

func (*LineBuffer) WriteBytes 

func (buf *LineBuffer) WriteBytes(bytes []byte)

WriteBytes writes bytes to buffer, and terminates with newline.

type NetworkInterfacer 

type NetworkInterfacer interface {
	InterfaceAddrs() ([]net.Addr, error)
}

NetworkInterfacer defines an interface for several net library functions. Production code will forward to net library functions, and unit tests will override the methods for testing purposes.

type RealNetwork 

type RealNetwork struct{}

RealNetwork implements the NetworkInterfacer interface for production code, just wrapping the underlying net library function calls.

func (RealNetwork) InterfaceAddrs 

func (RealNetwork) InterfaceAddrs() ([]net.Addr, error)

InterfaceAddrs wraps net.InterfaceAddrs(), it's a part of NetworkInterfacer interface.

type Resolver 

type Resolver interface {
	LookupIPAddr(ctx context.Context, host string) ([]net.IPAddr, error)
}

Resolver is an interface for net.Resolver

Source Files

endpoints.go network.go utils.go

Directories

PathSynopsis
pkg/proxy/util/iptables
pkg/proxy/util/testing
Version
v1.24.10-rc.0
Published
Dec 8, 2022
Platform
js/wasm
Imports
17 packages
Last checked
31 seconds ago

Tools for package owners.