- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 17 for Burles (0.35 sec)
-
cni/pkg/nodeagent/net.go
} // pod is removed from the mesh, but is still running. remove iptables rules log.Debugf("calling DeleteInpodRules.") if err := s.netnsRunner(openNetns, func() error { return s.iptablesConfigurator.DeleteInpodRules() }); err != nil { log.Errorf("failed to delete inpod rules %v", err) return fmt.Errorf("failed to delete inpod rules %w", err) }
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 12.2K bytes - Viewed (1) -
cni/pkg/nodeagent/server.go
} // Create hostprobe rules now, in the host netns // Later we will reuse this same configurator inside the pod netns for adding other rules iptablesConfigurator.DeleteHostRules() if err := iptablesConfigurator.CreateHostRulesForHealthChecks(&HostProbeSNATIP, &HostProbeSNATIPV6); err != nil { return nil, fmt.Errorf("error initializing the host rules for health checks: %w", err) }
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 7.2K bytes - Viewed (0) -
cni/pkg/repair/netns.go
// in a pod, we cannot just access any arbitrary file they happen to bind mount in, as we don't know ahead of time where // it might be. // // Instead, we rely directly on the procfs. // This rules out two possible methods: // * use crictl to inspect the pod; this returns the bind-mounted network namespace file. // * /var/lib/cni/results shows the outputs of CNI plugins; this containers the bind-mounted network namespace file.
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Wed Dec 20 22:14:13 GMT 2023 - 4.8K bytes - Viewed (0) -
cni/pkg/iptables/iptables.go
// Append our rules here builder := cfg.appendHostRules(hostSNATIP, hostSNATIPV6) log.Info("Adding host netnamespace iptables rules") if err := cfg.executeCommands(builder); err != nil { log.Errorf("failed to add host netnamespace iptables rules: %v", err) return err } return nil }
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue May 07 19:54:50 GMT 2024 - 19.7K bytes - Viewed (0) -
cni/pkg/nodeagent/net_test.go
err := netServer.DelPodFromMesh(ctx, pod) assert.NoError(t, err) assert.Equal(t, ztunnelServer.deletedPods.Load(), 1) // with delete iptables is not called, as there is no need to delete the iptables rules // from a pod that's gone from the cluster. assert.Equal(t, nlDeps.DelInpodMarkIPRuleCnt.Load(), 0) assert.Equal(t, nlDeps.DelLoopbackRoutesCnt.Load(), 0) // make sure the uid was taken from cache and netns closed
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 16.4K bytes - Viewed (0) -
istioctl/pkg/authz/analyzer_test.go
}, ClientStatus: 453, }, }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { var buf bytes.Buffer a.Print(&buf) expectedOutput := "ACTION AuthorizationPolicy RULES\n" actualOutput := buf.String() if !reflect.DeepEqual(expectedOutput, actualOutput) { t.Errorf("Found %v, wanted %v", actualOutput, expectedOutput) } }) }
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Sun Apr 21 17:42:54 GMT 2024 - 2.8K bytes - Viewed (0) -
istioctl/pkg/authz/listener.go
} if len(rbacTCP.GetRules().GetPolicies()) == 0 { addPolicy(action, anonymousName, "0") } } } } buf := strings.Builder{} buf.WriteString("ACTION\tAuthorizationPolicy\tRULES\n") for _, action := range []rbacpb.RBAC_Action{rbacpb.RBAC_DENY, rbacpb.RBAC_ALLOW, rbacpb.RBAC_LOG} { if names, ok := actionToPolicy[action]; ok { sortedNames := make([]string, 0, len(names))
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Mon Sep 11 15:29:30 GMT 2023 - 6K bytes - Viewed (0) -
istioctl/pkg/validate/validate.go
var filenames []string var referential bool c := &cobra.Command{ Use: "validate -f FILENAME [options]", Aliases: []string{"v"}, Short: "Validate Istio policy and rules files", Example: ` # Validate bookinfo-gateway.yaml istioctl validate -f samples/bookinfo/networking/bookinfo-gateway.yaml # Validate bookinfo-gateway.yaml with shorthand syntax
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Mon Jan 22 17:58:52 GMT 2024 - 15K bytes - Viewed (0) -
cni/pkg/iptables/iptables_linux.go
inpodMarkRule.Family = family inpodMarkRule.Table = RouteTableInbound inpodMarkRule.Mark = InpodTProxyMark inpodMarkRule.Mask = InpodTProxyMask inpodMarkRule.Priority = 32764 rules = append(rules, inpodMarkRule) } for _, rule := range rules { log.Debugf("Iterating netlink rule : %+v", rule) if err := f(rule); err != nil { return fmt.Errorf("failed to configure netlink rule: %w", err) } } return nil }
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 3.3K bytes - Viewed (0) -
cni/pkg/repair/repaircontroller.go
} else if c.cfg.LabelPods { return c.labelBrokenPod(pod) } return nil } // repairPod actually dynamically repairs a pod. This is done by entering the pods network namespace and setting up rules. // This differs from the general CNI plugin flow, which triggers before the pod fully starts. // Additionally, we need to jump through hoops to find the network namespace. func (c *Controller) repairPod(pod *corev1.Pod) error {
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Sat Feb 10 00:31:55 GMT 2024 - 10.4K bytes - Viewed (0)