trireme-lib: go.aporeto.io/trireme-lib/controller/internal/enforcer/proxy Index | Files

package enforcerproxy

import "go.aporeto.io/trireme-lib/controller/internal/enforcer/proxy"

Package enforcerproxy :: This is the implementation of the RPC client It implements the interface of Trireme Enforcer and forwards these requests to the actual remote enforcer instead of implementing locally

Index

Package Files

enforcerproxy.go rpcserver.go

func NewProxyEnforcer Uses

func NewProxyEnforcer(
    mutualAuth bool,
    filterQueue *fqconfig.FilterQueue,
    collector collector.EventCollector,
    secrets secrets.Secrets,
    serverID string,
    validity time.Duration,
    cmdArg string,
    procMountPoint string,
    ExternalIPCacheTimeout time.Duration,
    packetLogs bool,
    cfg *runtime.Configuration,
    runtimeError chan *policy.RuntimeError,
    remoteParameters *env.RemoteParameters,
    tokenIssuer common.ServiceTokenIssuer,
    binaryTokens bool,
) enforcer.Enforcer

NewProxyEnforcer creates a new proxy to remote enforcers.

type ProxyInfo Uses

type ProxyInfo struct {
    Secrets secrets.Secrets

    ExternalIPCacheTimeout time.Duration

    sync.RWMutex
    // contains filtered or unexported fields
}

ProxyInfo is the struct used to hold state about active enforcers in the system

func (*ProxyInfo) CleanUp Uses

func (s *ProxyInfo) CleanUp() error

CleanUp sends a cleanup command to all the remotes forcing them to exit and clean their state.

func (*ProxyInfo) EnableDatapathPacketTracing Uses

func (s *ProxyInfo) EnableDatapathPacketTracing(contextID string, direction packettracing.TracingDirection, interval time.Duration) error

EnableDatapathPacketTracing enable nfq packet tracing in remote container

func (*ProxyInfo) EnableIPTablesPacketTracing Uses

func (s *ProxyInfo) EnableIPTablesPacketTracing(ctx context.Context, contextID string, interval time.Duration) error

EnableIPTablesPacketTracing enable iptables tracing

func (*ProxyInfo) Enforce Uses

func (s *ProxyInfo) Enforce(contextID string, puInfo *policy.PUInfo) error

Enforce method makes a RPC call for the remote enforcer enforce method

func (*ProxyInfo) GetFilterQueue Uses

func (s *ProxyInfo) GetFilterQueue() *fqconfig.FilterQueue

GetFilterQueue returns the current FilterQueueConfig.

func (*ProxyInfo) Run Uses

func (s *ProxyInfo) Run(ctx context.Context) error

Run starts the the remote enforcer proxy.

func (*ProxyInfo) SetLogLevel Uses

func (s *ProxyInfo) SetLogLevel(level constants.LogLevel) error

SetLogLevel sets log level.

func (*ProxyInfo) SetTargetNetworks Uses

func (s *ProxyInfo) SetTargetNetworks(cfg *runtime.Configuration) error

SetTargetNetworks does the RPC call for SetTargetNetworks to the corresponding remote enforcers

func (*ProxyInfo) Unenforce Uses

func (s *ProxyInfo) Unenforce(contextID string) error

Unenforce stops enforcing policy for the given contextID.

func (*ProxyInfo) UpdateSecrets Uses

func (s *ProxyInfo) UpdateSecrets(token secrets.Secrets) error

UpdateSecrets updates the secrets used for signing communication between trireme instances

type ProxyRPCServer Uses

type ProxyRPCServer struct {
    // contains filtered or unexported fields
}

ProxyRPCServer This struct is a receiver for Statsserver and maintains a handle to the RPC ProxyRPCServer.

func (*ProxyRPCServer) DNSReports Uses

func (r *ProxyRPCServer) DNSReports(req rpcwrapper.Request, resp *rpcwrapper.Response) error

DNSReports is called from the remote to post dns requests

func (*ProxyRPCServer) PostCounterEvent Uses

func (r *ProxyRPCServer) PostCounterEvent(req rpcwrapper.Request, resp *rpcwrapper.Response) error

PostCounterEvent is called from the remote to post multiple counter records from the remoteenforcer

func (*ProxyRPCServer) PostPacketEvent Uses

func (r *ProxyRPCServer) PostPacketEvent(req rpcwrapper.Request, resp *rpcwrapper.Response) error

PostPacketEvent is called from the remote to post multiple records from the remoteenforcer

func (*ProxyRPCServer) PostStats Uses

func (r *ProxyRPCServer) PostStats(req rpcwrapper.Request, resp *rpcwrapper.Response) error

PostStats is the function called from the remoteenforcer when it has new flow events to publish.

func (*ProxyRPCServer) RetrieveToken Uses

func (r *ProxyRPCServer) RetrieveToken(req rpcwrapper.Request, resp *rpcwrapper.Response) error

RetrieveToken propagates the master request to the token retriever and returns a token.

Package enforcerproxy imports 20 packages (graph) and is imported by 2 packages. Updated 2019-09-15. Refresh now. Tools for package owners.