- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 13 for socketio (0.18 sec)
-
cni/README.md
### Design details Broadly, `istio-cni` accomplishes ambient redirection by instructing ztunnel to set up sockets within the application pod network namespace, where: - one end of the socket is in the application pod - and the other end is in ztunnel's pod and setting up iptables rules to funnel traffic thru that socket "tube" to ztunnel and back.
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri May 03 19:29:42 GMT 2024 - 12.3K bytes - Viewed (0) -
cni/pkg/iptables/testdata/hostprobe.golden
iptables -t nat -N ISTIO_POSTRT iptables -t nat -A POSTROUTING -j ISTIO_POSTRT
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 222 bytes - Viewed (0) -
cni/pkg/config/config.go
// The HTTP port for monitoring MonitoringPort int // The UDS server address that CNI plugin will send log to. LogUDSAddress string // The watch server socket address that CNI plugin will forward CNI events to. CNIEventAddress string // The ztunnel server socket address that the ztunnel will connect to. ZtunnelUDSAddress string // Whether ambient is enabled AmbientEnabled bool
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 5.5K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/grpc-agent.yaml
resources: {{ template "resources" . }} volumeMounts: - name: workload-socket mountPath: /var/run/secrets/workload-spiffe-uds {{- if eq .Values.global.caName "GkeWorkloadCertificate" }} - name: gke-workload-certificate mountPath: /var/run/secrets/workload-spiffe-credentials
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri Apr 26 16:51:17 GMT 2024 - 12.1K bytes - Viewed (0) -
cni/pkg/iptables/testdata/hostprobe_ipv6.golden
iptables -t nat -N ISTIO_POSTRT iptables -t nat -A POSTROUTING -j ISTIO_POSTRT iptables -t nat -A ISTIO_POSTRT -m owner --socket-exists -p tcp -m set --match-set istio-inpod-probes-v4 dst -j SNAT --to-source 169.254.7.127 ip6tables -t nat -N ISTIO_POSTRT ip6tables -t nat -A POSTROUTING -j ISTIO_POSTRT
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 473 bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/waypoint.yaml
privileged: false runAsGroup: 1337 runAsUser: 0 capabilities: drop: - ALL volumeMounts: - name: workload-socket mountPath: /var/run/secrets/workload-spiffe-uds - mountPath: /var/run/secrets/istio name: istiod-ca-cert - mountPath: /var/lib/istio/data name: istio-data
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri May 03 19:29:42 GMT 2024 - 10.1K bytes - Viewed (0) -
Makefile.core.mk
./pkg/istio-agent/... | sort | uniq |\ grep -Pv '^k8s.io/(utils|klog|apimachinery)/' |\ grep -Pv 'envoy/type/|envoy/annotations|envoy/config/core/' |\ grep -Pv 'envoy/extensions/transport_sockets/tls/' |\ grep -Pv 'envoy/service/discovery/v3' |\ grep -Pv 'envoy/extensions/wasm/' |\ grep -Pv 'envoy/extensions/filters/(http|network)/wasm/' |\
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Wed May 08 20:25:15 GMT 2024 - 22.5K bytes - Viewed (0) -
cni/pkg/iptables/iptables.go
// // We want to do the same thing in ambient but can't rely on podSpec injection. So, do effectively the same thing, // but with iptables rules - use `--socket-exists` as a proxy for "is this a forwarded packet" vs "is this originating from // a local node socket". If the latter, outside the pod in the host netns, redirect that traffic to a hardcoded/custom proxy
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue May 07 19:54:50 GMT 2024 - 19.7K bytes - Viewed (0) -
manifests/charts/istiod-remote/files/injection-template.yaml
runAsUser: {{ .ProxyUID | default "1337" }} {{- end }} {{- end }} resources: {{ template "resources" . }} volumeMounts: - name: workload-socket mountPath: /var/run/secrets/workload-spiffe-uds - name: credential-socket mountPath: /var/run/secrets/credential-uds {{- if eq .Values.global.caName "GkeWorkloadCertificate" }} - name: gke-workload-certificate
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri Apr 26 16:51:17 GMT 2024 - 23.7K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/injection-template.yaml
runAsUser: {{ .ProxyUID | default "1337" }} {{- end }} {{- end }} resources: {{ template "resources" . }} volumeMounts: - name: workload-socket mountPath: /var/run/secrets/workload-spiffe-uds - name: credential-socket mountPath: /var/run/secrets/credential-uds {{- if eq .Values.global.caName "GkeWorkloadCertificate" }} - name: gke-workload-certificate
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri Apr 26 16:51:17 GMT 2024 - 23.7K bytes - Viewed (1)