Documentation ¶
Index ¶
- Constants
- func FilteredWatch(ctx context.Context, watcherCreator WatchCreator, targetNamespaces []string, ...) (<-chan *WatchEvent, <-chan error)
- func GetLocalhostOnPort(port uint16) string
- func GetNodeHostToTappedPodsMap(tappedPods []core.Pod) shared.NodeToPodsMap
- func GetPodInfosForPods(pods []core.Pod) []*shared.PodInfo
- func IsPodRunning(pod *core.Pod) bool
- func NewPortForward(kubernetesProvider *Provider, namespace string, podRegex *regexp.Regexp, ...) (*portforward.PortForwarder, error)
- func StartProxy(kubernetesProvider *Provider, proxyHost string, srcPort uint16, dstPort uint16, ...) (*http.Server, error)
- func ValidateKubernetesVersion(serverVersionSemVer *semver.SemVersion) error
- type ApiServerOptions
- type ClusterBehindProxyError
- type EventFilterer
- type EventWatchHelper
- type InvalidObjectType
- type K8sTapManagerError
- type K8sTapManagerErrorReason
- type KubesharkTapperSyncer
- type PodWatchHelper
- type Provider
- func (provider *Provider) ApplyKubesharkTapperDaemonSet(ctx context.Context, namespace string, daemonSetName string, podImage string, ...) error
- func (provider *Provider) BuildApiServerPod(opts *ApiServerOptions, mountVolumeClaim bool, volumeClaimName string, ...) (*core.Pod, error)
- func (provider *Provider) BuildFrontPod(opts *ApiServerOptions, mountVolumeClaim bool, volumeClaimName string, ...) (*core.Pod, error)
- func (provider *Provider) CanI(ctx context.Context, namespace string, resource string, verb string, ...) (bool, error)
- func (provider *Provider) CreateConfigMap(ctx context.Context, namespace string, configMapName string, ...) error
- func (provider *Provider) CreateKubesharkRBAC(ctx context.Context, namespace string, serviceAccountName string, ...) error
- func (provider *Provider) CreateKubesharkRBACNamespaceRestricted(ctx context.Context, namespace string, serviceAccountName string, ...) error
- func (provider *Provider) CreateNamespace(ctx context.Context, name string) (*core.Namespace, error)
- func (provider *Provider) CreatePod(ctx context.Context, namespace string, podSpec *core.Pod) (*core.Pod, error)
- func (provider *Provider) CreateService(ctx context.Context, namespace string, serviceName string, ...) (*core.Service, error)
- func (provider *Provider) CurrentNamespace() (string, error)
- func (provider *Provider) DoesClusterRoleBindingExist(ctx context.Context, name string) (bool, error)
- func (provider *Provider) DoesClusterRoleExist(ctx context.Context, name string) (bool, error)
- func (provider *Provider) DoesConfigMapExist(ctx context.Context, namespace string, name string) (bool, error)
- func (provider *Provider) DoesNamespaceExist(ctx context.Context, name string) (bool, error)
- func (provider *Provider) DoesRoleBindingExist(ctx context.Context, namespace string, name string) (bool, error)
- func (provider *Provider) DoesRoleExist(ctx context.Context, namespace string, name string) (bool, error)
- func (provider *Provider) DoesServiceAccountExist(ctx context.Context, namespace string, name string) (bool, error)
- func (provider *Provider) DoesServiceExist(ctx context.Context, namespace string, name string) (bool, error)
- func (provider *Provider) GetKubernetesVersion() (*semver.SemVersion, error)
- func (provider *Provider) GetNamespaceEvents(ctx context.Context, namespace string) (string, error)
- func (provider *Provider) GetPod(ctx context.Context, namespaces string, podName string) (*core.Pod, error)
- func (provider *Provider) GetPodLogs(ctx context.Context, namespace string, podName string, containerName string) (string, error)
- func (provider *Provider) ListAllNamespaces(ctx context.Context) ([]core.Namespace, error)
- func (provider *Provider) ListAllPodsMatchingRegex(ctx context.Context, regex *regexp.Regexp, namespaces []string) ([]core.Pod, error)
- func (provider *Provider) ListAllRunningPodsMatchingRegex(ctx context.Context, regex *regexp.Regexp, namespaces []string) ([]core.Pod, error)
- func (provider *Provider) ListManagedClusterRoleBindings(ctx context.Context) (*rbac.ClusterRoleBindingList, error)
- func (provider *Provider) ListManagedClusterRoles(ctx context.Context) (*rbac.ClusterRoleList, error)
- func (provider *Provider) ListManagedRoleBindings(ctx context.Context, namespace string) (*rbac.RoleBindingList, error)
- func (provider *Provider) ListManagedRoles(ctx context.Context, namespace string) (*rbac.RoleList, error)
- func (provider *Provider) ListManagedServiceAccounts(ctx context.Context, namespace string) (*core.ServiceAccountList, error)
- func (provider *Provider) ListPodsByAppLabel(ctx context.Context, namespaces string, labelName string) ([]core.Pod, error)
- func (provider *Provider) RemoveClusterRole(ctx context.Context, name string) error
- func (provider *Provider) RemoveClusterRoleBinding(ctx context.Context, name string) error
- func (provider *Provider) RemoveConfigMap(ctx context.Context, namespace string, configMapName string) error
- func (provider *Provider) RemoveDaemonSet(ctx context.Context, namespace string, daemonSetName string) error
- func (provider *Provider) RemoveNamespace(ctx context.Context, name string) error
- func (provider *Provider) RemovePod(ctx context.Context, namespace string, podName string) error
- func (provider *Provider) RemoveRole(ctx context.Context, namespace string, name string) error
- func (provider *Provider) RemoveRoleBinding(ctx context.Context, namespace string, name string) error
- func (provider *Provider) RemoveService(ctx context.Context, namespace string, serviceName string) error
- func (provider *Provider) RemoveServiceAccount(ctx context.Context, namespace string, name string) error
- func (provider *Provider) ResetKubesharkTapperDaemonSet(ctx context.Context, namespace string, daemonSetName string, podImage string, ...) error
- func (provider *Provider) ValidateNotProxy() error
- func (provider *Provider) WaitUtilNamespaceDeleted(ctx context.Context, name string) error
- type TappedPodChangeEvent
- type TapperSyncerConfig
- type WatchCreator
- type WatchEvent
Constants ¶
const ( KubesharkResourcesPrefix = "ks-" ApiServerPodName = KubesharkResourcesPrefix + "hub" ClusterRoleBindingName = KubesharkResourcesPrefix + "cluster-role-binding" ClusterRoleName = KubesharkResourcesPrefix + "cluster-role" K8sAllNamespaces = "" RoleBindingName = KubesharkResourcesPrefix + "role-binding" RoleName = KubesharkResourcesPrefix + "role" ServiceAccountName = KubesharkResourcesPrefix + "service-account" TapperDaemonSetName = KubesharkResourcesPrefix + "worker-daemon-set" TapperPodName = KubesharkResourcesPrefix + "worker" ConfigMapName = KubesharkResourcesPrefix + "config" MinKubernetesServerVersion = "1.16.0" )
const ( LabelPrefixApp = "app.kubernetes.io/" LabelManagedBy = LabelPrefixApp + "managed-by" LabelCreatedBy = LabelPrefixApp + "created-by" LabelValueKubeshark = "kubeshark" LabelValueKubesharkCLI = "kubeshark-cli" LabelValueKubesharkAgent = "kubeshark-agent" )
Variables ¶
This section is empty.
Functions ¶
func FilteredWatch ¶
func FilteredWatch(ctx context.Context, watcherCreator WatchCreator, targetNamespaces []string, filterer EventFilterer) (<-chan *WatchEvent, <-chan error)
func GetLocalhostOnPort ¶
func GetNodeHostToTappedPodsMap ¶
func GetNodeHostToTappedPodsMap(tappedPods []core.Pod) shared.NodeToPodsMap
func IsPodRunning ¶
func NewPortForward ¶
func NewPortForward(kubernetesProvider *Provider, namespace string, podRegex *regexp.Regexp, srcPort uint16, dstPort uint16, ctx context.Context, cancel context.CancelFunc) (*portforward.PortForwarder, error)
func StartProxy ¶
func ValidateKubernetesVersion ¶
func ValidateKubernetesVersion(serverVersionSemVer *semver.SemVersion) error
Types ¶
type ApiServerOptions ¶
type ClusterBehindProxyError ¶
type ClusterBehindProxyError struct{}
func (*ClusterBehindProxyError) Error ¶
func (e *ClusterBehindProxyError) Error() string
ClusterBehindProxyError implements the Error interface.
type EventFilterer ¶
type EventFilterer interface {
Filter(*WatchEvent) (bool, error)
}
type EventWatchHelper ¶
type EventWatchHelper struct { NameRegexFilter *regexp.Regexp Kind string // contains filtered or unexported fields }
func NewEventWatchHelper ¶
func NewEventWatchHelper(kubernetesProvider *Provider, NameRegexFilter *regexp.Regexp, kind string) *EventWatchHelper
func (*EventWatchHelper) Filter ¶
func (wh *EventWatchHelper) Filter(wEvent *WatchEvent) (bool, error)
Implements the EventFilterer Interface
func (*EventWatchHelper) NewWatcher ¶
func (wh *EventWatchHelper) NewWatcher(ctx context.Context, namespace string) (watch.Interface, error)
Implements the WatchCreator Interface
type InvalidObjectType ¶
func (*InvalidObjectType) Error ¶
func (iot *InvalidObjectType) Error() string
Implements the error interface
type K8sTapManagerError ¶
type K8sTapManagerError struct { OriginalError error TapManagerReason K8sTapManagerErrorReason }
func (*K8sTapManagerError) Error ¶
func (e *K8sTapManagerError) Error() string
K8sTapManagerError implements the Error interface.
type K8sTapManagerErrorReason ¶
type K8sTapManagerErrorReason string
const ( TapManagerTapperUpdateError K8sTapManagerErrorReason = "TAPPER_UPDATE_ERROR" TapManagerPodWatchError K8sTapManagerErrorReason = "POD_WATCH_ERROR" TapManagerPodListError K8sTapManagerErrorReason = "POD_LIST_ERROR" )
type KubesharkTapperSyncer ¶
type KubesharkTapperSyncer struct { CurrentlyTappedPods []core.Pod TapPodChangesOut chan TappedPodChangeEvent TapperStatusChangedOut chan shared.TapperStatus ErrorOut chan K8sTapManagerError // contains filtered or unexported fields }
KubesharkTapperSyncer uses a k8s pod watch to update tapper daemonsets when targeted pods are removed or created
func CreateAndStartKubesharkTapperSyncer ¶
func CreateAndStartKubesharkTapperSyncer(ctx context.Context, kubernetesProvider *Provider, config TapperSyncerConfig, startTime time.Time) (*KubesharkTapperSyncer, error)
type PodWatchHelper ¶
type PodWatchHelper struct { NameRegexFilter *regexp.Regexp // contains filtered or unexported fields }
func NewPodWatchHelper ¶
func NewPodWatchHelper(kubernetesProvider *Provider, NameRegexFilter *regexp.Regexp) *PodWatchHelper
func (*PodWatchHelper) Filter ¶
func (wh *PodWatchHelper) Filter(wEvent *WatchEvent) (bool, error)
Implements the EventFilterer Interface
func (*PodWatchHelper) NewWatcher ¶
func (wh *PodWatchHelper) NewWatcher(ctx context.Context, namespace string) (watch.Interface, error)
Implements the WatchCreator Interface
type Provider ¶
type Provider struct {
// contains filtered or unexported fields
}
func NewProviderInCluster ¶
NewProviderInCluster Used in another repo that calls this function
func (*Provider) ApplyKubesharkTapperDaemonSet ¶
func (provider *Provider) ApplyKubesharkTapperDaemonSet(ctx context.Context, namespace string, daemonSetName string, podImage string, tapperPodName string, apiServerPodIp string, nodeNames []string, serviceAccountName string, resources shared.Resources, imagePullPolicy core.PullPolicy, kubesharkApiFilteringOptions api.TrafficFilteringOptions, logLevel logging.Level, serviceMesh bool, tls bool, maxLiveStreams int) error
func (*Provider) BuildApiServerPod ¶
func (*Provider) BuildFrontPod ¶
func (*Provider) CreateConfigMap ¶
func (*Provider) CreateKubesharkRBAC ¶
func (*Provider) CreateKubesharkRBACNamespaceRestricted ¶
func (*Provider) CreateNamespace ¶
func (*Provider) CreateService ¶
func (*Provider) CurrentNamespace ¶
func (*Provider) DoesClusterRoleBindingExist ¶
func (*Provider) DoesClusterRoleExist ¶
func (*Provider) DoesConfigMapExist ¶
func (*Provider) DoesNamespaceExist ¶
func (*Provider) DoesRoleBindingExist ¶
func (*Provider) DoesRoleExist ¶
func (*Provider) DoesServiceAccountExist ¶
func (*Provider) DoesServiceExist ¶
func (*Provider) GetKubernetesVersion ¶
func (provider *Provider) GetKubernetesVersion() (*semver.SemVersion, error)
func (*Provider) GetNamespaceEvents ¶
func (*Provider) GetPodLogs ¶
func (*Provider) ListAllNamespaces ¶
func (*Provider) ListAllPodsMatchingRegex ¶
func (*Provider) ListAllRunningPodsMatchingRegex ¶
func (*Provider) ListManagedClusterRoleBindings ¶
func (*Provider) ListManagedClusterRoles ¶
func (*Provider) ListManagedRoleBindings ¶
func (*Provider) ListManagedRoles ¶
func (*Provider) ListManagedServiceAccounts ¶
func (*Provider) ListPodsByAppLabel ¶
func (*Provider) RemoveClusterRole ¶
func (*Provider) RemoveClusterRoleBinding ¶
func (*Provider) RemoveConfigMap ¶
func (*Provider) RemoveDaemonSet ¶
func (*Provider) RemoveNamespace ¶
func (*Provider) RemoveRole ¶
func (*Provider) RemoveRoleBinding ¶
func (*Provider) RemoveService ¶
func (*Provider) RemoveServiceAccount ¶
func (*Provider) ResetKubesharkTapperDaemonSet ¶
func (*Provider) ValidateNotProxy ¶
ValidateNotProxy We added this after a customer tried to run kubeshark from lens, which used len's kube config, which have cluster server configuration, which points to len's local proxy. The workaround was to use the user's local default kube config. For now - we are blocking the option to run kubeshark through a proxy to k8s server
type TappedPodChangeEvent ¶
type TapperSyncerConfig ¶
type TapperSyncerConfig struct { TargetNamespaces []string PodFilterRegex regexp.Regexp KubesharkResourcesNamespace string AgentImage string TapperResources shared.Resources ImagePullPolicy core.PullPolicy LogLevel logging.Level KubesharkApiFilteringOptions api.TrafficFilteringOptions KubesharkServiceAccountExists bool ServiceMesh bool Tls bool MaxLiveStreams int }
type WatchCreator ¶
type WatchEvent ¶
func (*WatchEvent) ToError ¶
func (we *WatchEvent) ToError() error