trireme-lib: Index | Files | Directories

package controller

import ""


Package Files

config.go controller.go helpers.go interfaces.go

func CleanOldState Uses

func CleanOldState()

CleanOldState ensures all state in trireme is cleaned up.

func LaunchRemoteEnforcer Uses

func LaunchRemoteEnforcer(service packetprocessor.PacketProcessor) error

LaunchRemoteEnforcer launches a remote enforcer instance.

type DebugInfo Uses

type DebugInfo interface {
    // EnableReceivedPacketTracing will enable tracing of packets received by the datapath for a particular PU. Setting Disabled as tracing direction will stop tracing for the contextID
    EnableDatapathPacketTracing(contextID string, direction packettracing.TracingDirection, interval time.Duration, putype common.PUType) error
    // EnablePacketTracing enable iptables -j trace for the particular pu and is much wider packet stream.
    EnableIPTablesPacketTracing(ctx context.Context, contextID string, interval time.Duration, putype common.PUType) error

DebugInfo is the interface implemented by controllers to support configuring debug options

type Option Uses

type Option func(*config)

Option is provided using functional arguments.

func OptionCollector Uses

func OptionCollector(c collector.EventCollector) Option

OptionCollector is an option to provide an external collector implementation.

func OptionDatapathService Uses

func OptionDatapathService(s packetprocessor.PacketProcessor) Option

OptionDatapathService is an option to provide an external datapath service implementation.

func OptionDisableMutualAuth Uses

func OptionDisableMutualAuth() Option

OptionDisableMutualAuth is an option to disable MutualAuth (enabled by default)

func OptionEnforceFqConfig Uses

func OptionEnforceFqConfig(f *fqconfig.FilterQueue) Option

OptionEnforceFqConfig is an option to override filter queues.

func OptionEnforceLinuxProcess Uses

func OptionEnforceLinuxProcess() Option

OptionEnforceLinuxProcess is an option to request support for linux process support.

func OptionPacketLogs Uses

func OptionPacketLogs() Option

OptionPacketLogs is an option to enable packet level logging.

func OptionProcMountPoint Uses

func OptionProcMountPoint(p string) Option

OptionProcMountPoint is an option to provide proc mount point.

func OptionRuntimeErrorChannel Uses

func OptionRuntimeErrorChannel(errorChannel chan *policy.RuntimeError) Option

OptionRuntimeErrorChannel configures the error channel for the policy engine.

func OptionSecret Uses

func OptionSecret(s secrets.Secrets) Option

OptionSecret is an option to provide an external datapath service implementation.

func OptionTargetNetworks Uses

func OptionTargetNetworks(n []string) Option

OptionTargetNetworks is an option to provide target network configuration.

type TriremeController Uses

type TriremeController interface {
    // Run initializes and runs the controller.
    Run(ctx context.Context) error

    // CleanUp cleans all the supervisors and ACLs for a clean exit
    CleanUp() error

    // Enforce asks the controller to enforce policy on a processing unit
    Enforce(ctx context.Context, puID string, policy *policy.PUPolicy, runtime *policy.PURuntime) (err error)

    // UnEnforce asks the controller to ub-enforce policy on a processing unit
    UnEnforce(ctx context.Context, puID string, policy *policy.PUPolicy, runtime *policy.PURuntime) (err error)

    // UpdatePolicy updates the policy of the isolator for a container.
    UpdatePolicy(ctx context.Context, puID string, policy *policy.PUPolicy, runtime *policy.PURuntime) error

    // UpdateSecrets updates the secrets of running enforcers managed by trireme. Remote enforcers will get the secret updates with the next policy push
    UpdateSecrets(secrets secrets.Secrets) error

    // UpdateConfiguration updates the configuration of the controller. Only specific configuration
    // parameters can be updated during run time.
    UpdateConfiguration(networks []string) error

TriremeController is the main API of the Trireme controller

func New Uses

func New(serverID string, mode constants.ModeType, opts ...Option) TriremeController

New returns a trireme interface implementation based on configuration provided.


internal/enforcer/proxyPackage enforcerproxy :: This is the implementation of the RPC client It implements the interface of Trireme Enforcer and forwards these requests to the actual remote enforcer instead of implementing locally
internal/enforcer/utils/packetgenPackage packetgen "PacketGen" is a Packet Generator library Current version: V1.0, Updates are coming soon
internal/enforcer/utils/rpcwrapper/mockrpcwrapperPackage mockrpcwrapper is a generated GoMock package.
internal/processmonPackage processmon is to manage and monitor remote enforcers.
internal/supervisor/mocksupervisorPackage mocksupervisor is a generated GoMock package.
mockcontrollerPackage mockcontroller is a generated GoMock package.
pkg/remoteenforcer/internal/statsclient/mockstatsclientPackage mockstatsclient is a generated GoMock package.
pkg/remoteenforcer/internal/statscollector/mockstatscollectorPackage mockstatscollector is a generated GoMock package.
pkg/remoteenforcer/mockremoteenforcerPackage mockremoteenforcer is a generated GoMock package.

Package controller imports 23 packages (graph) and is imported by 3 packages. Updated 2019-02-20. Refresh now. Tools for package owners.