- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 88 for ruleset (0.2 sec)
-
cni/pkg/iptables/iptables.go
func (cfg *IptablesConfigurator) CreateHostRulesForHealthChecks(hostSNATIP *netip.Addr) error { // Append our rules here builder := cfg.appendHostRules(hostSNATIP) log.Info("Adding host netnamespace iptables rules") if err := cfg.executeCommands(builder); err != nil { log.Errorf("failed to add host netnamespace iptables rules: %v", err) return err } return nil }
Go - Registered: Wed Apr 24 22:53:08 GMT 2024 - Last Modified: Fri Apr 12 01:42:30 GMT 2024 - 19.2K bytes - Viewed (0) -
cni/pkg/iptables/iptables_linux.go
inpodMarkRule.Priority = 32764 rules = append(rules, inpodMarkRule) } for _, rule := range rules { log.Debugf("Iterating netlink rule : %+v", rule) if err := f(rule); err != nil { return fmt.Errorf("failed to configure netlink rule: %w", err) } } return nil } func AddLoopbackRoutes(cfg *Config) error { return forEachLoopbackRoute(cfg, netlink.RouteReplace) }
Go - Registered: Wed Apr 24 22:53:08 GMT 2024 - Last Modified: Fri Jan 26 20:34:28 GMT 2024 - 3.4K bytes - Viewed (0) -
cni/README.md
- and the other end is in ztunnel's pod and setting up iptables rules to funnel traffic thru that socket "tube" to ztunnel and back. This effectively behaves like ztunnel is an in-pod sidecar, without actually requiring the injection of ztunnel as a sidecar into the pod manifest, or mutatating the application pod in any way.
Plain Text - Registered: Wed Apr 24 22:53:08 GMT 2024 - Last Modified: Wed Feb 28 17:29:38 GMT 2024 - 12.1K bytes - Viewed (0) -
common-protos/k8s.io/api/authorization/v1beta1/generated.proto
repeated NonResourceRule nonResourceRules = 2; // Incomplete is true when the rules returned by this call are incomplete. This is most commonly // encountered when an authorizer, such as an external authorizer, doesn't support rules evaluation. optional bool incomplete = 3; // EvaluationError can appear in combination with Rules. It indicates an error occurred during
Plain Text - Registered: Wed Apr 24 22:53:08 GMT 2024 - Last Modified: Mon Mar 11 18:43:24 GMT 2024 - 11.9K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/templates/reader-clusterrole.yaml
kind: ClusterRole metadata: name: istio-reader-clusterrole{{- if not (eq .Values.revision "")}}-{{ .Values.revision }}{{- end }}-{{ .Release.Namespace }} labels: app: istio-reader release: {{ .Release.Name }} rules: - apiGroups: - "config.istio.io" - "security.istio.io" - "networking.istio.io" - "authentication.istio.io" - "rbac.istio.io" resources: ["*"] verbs: ["get", "list", "watch"]
Others - Registered: Wed Mar 20 22:53:08 GMT 2024 - Last Modified: Mon Jul 17 21:19:52 GMT 2023 - 2.1K bytes - Viewed (0) -
cni/pkg/repair/repaircontroller.go
} else if c.cfg.LabelPods { return c.labelBrokenPod(pod) } return nil } // repairPod actually dynamically repairs a pod. This is done by entering the pods network namespace and setting up rules. // This differs from the general CNI plugin flow, which triggers before the pod fully starts. // Additionally, we need to jump through hoops to find the network namespace. func (c *Controller) repairPod(pod *corev1.Pod) error {
Go - Registered: Wed Apr 24 22:53:08 GMT 2024 - Last Modified: Sat Feb 10 00:31:55 GMT 2024 - 10.4K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/templates/revision-tags.yaml
service: name: istiod{{- if not (eq .revision "") }}-{{ .revision }}{{- end }} namespace: {{ .namespace }} path: "{{ .injectionPath }}" port: 443 {{- end }} sideEffects: None rules: - operations: [ "CREATE" ] apiGroups: [""] apiVersions: ["v1"] resources: ["pods"] failurePolicy: Fail admissionReviewVersions: ["v1beta1", "v1"] {{- end }}
Others - Registered: Wed Mar 20 22:53:08 GMT 2024 - Last Modified: Wed Jul 12 18:12:47 GMT 2023 - 4.4K bytes - Viewed (1) -
manifests/charts/istiod-remote/templates/crd-all.gen.yaml
items: type: string type: array http: description: An ordered list of route rules for HTTP traffic. items: properties: corsPolicy: description: Cross-Origin Resource Sharing policy (CORS). properties:
Others - Registered: Wed Mar 20 22:53:08 GMT 2024 - Last Modified: Fri Mar 15 18:46:49 GMT 2024 - 570.3K bytes - Viewed (0) -
common-protos/k8s.io/api/rbac/v1alpha1/generated.proto
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; // Rules holds all the PolicyRules for this ClusterRole // +optional repeated PolicyRule rules = 2; // AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. // If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be // stomped by the controller. // +optional
Plain Text - Registered: Wed Apr 24 22:53:08 GMT 2024 - Last Modified: Mon Mar 11 18:43:24 GMT 2024 - 8.5K bytes - Viewed (0) -
common-protos/k8s.io/api/rbac/v1beta1/generated.proto
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; // Rules holds all the PolicyRules for this ClusterRole // +optional repeated PolicyRule rules = 2; // AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. // If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be // stomped by the controller. // +optional
Plain Text - Registered: Wed Apr 24 22:53:08 GMT 2024 - Last Modified: Mon Mar 11 18:43:24 GMT 2024 - 8.6K bytes - Viewed (0)