def create(self, namespace, pod_name, docker_id):
""""Create a pod."""
self.pod_name = pod_name
self.docker_id = docker_id
self.namespace = namespace
self.policy_parser = PolicyParser(self.namespace)
logger.info('Configuring pod %s/%s (container_id %s)', self.namespace,
self.pod_name, self.docker_id)
# Obtain information from Docker Client and validate container state.
# If validation fails, the plugin will exit.
self._validate_container_state(self.docker_id)
try:
endpoint = self._configure_interface()
logger.info("Created Calico endpoint: %s", endpoint.endpoint_id)
self._configure_profile(endpoint)
except BaseException:
# Check to see if an endpoint has been created. If so,
# we need to tear down any state we may have created.
logger.exception("Error networking pod - cleaning up")
try:
self.delete(namespace, pod_name, docker_id)
except BaseException:
# Catch all errors tearing down the pod - this
# is best-effort.
logger.exception("Error cleaning up pod")
# We've torn down, exit.
logger.info("Done cleaning up")
sys.exit(1)
else:
logger.info("Successfully configured networking for pod %s/%s",
self.namespace, self.pod_name)
def __init__(self, observations):
# encode observation data as int values
self.state_action_encoder = StateActionEncoder(observations)
self.state_action_encoder.observations_to_int()
dimensions = self.state_action_encoder.parse_dimensions()
# create reward, transition, and policy parsers
self.reward_parser = RewardParser(observations, dimensions)
self.transition_parser = TransitionParser(observations, dimensions)
self.policy_parser = PolicyParser(dimensions)
def create(self, namespace, pod_name, docker_id):
""""Create a pod."""
self.pod_name = pod_name
self.docker_id = docker_id
self.namespace = namespace
self.policy_parser = PolicyParser(self.namespace)
self.profile_name = "%s_%s_%s" % (self.namespace,
self.pod_name,
str(self.docker_id)[:12])
logger.info('Configuring pod %s/%s (container_id %s)',
self.namespace, self.pod_name, self.docker_id)
try:
endpoint = self._configure_interface()
logger.info("Created Calico endpoint: %s", endpoint.endpoint_id)
self._configure_profile(endpoint)
except CalledProcessError as e:
logger.error('Error code %d creating pod networking: %s\n%s',
e.returncode, e.output, e)
sys.exit(1)
logger.info("Successfully configured networking for pod %s/%s",
self.namespace, self.pod_name)
def __init__(self,
uriKeys=defaults.uriKeys,
directiveKeys=defaults.directiveKeys,
policyKeys=defaults.policyKeys,
keyNameReplacements=defaults.reportKeyNameReplacements,
requiredKeys=defaults.requiredReportKeys,
strict=True,
addSchemeToURIs=False,
defaultURIScheme=defaults.defaultURIScheme,
addPortToURIs=False,
defaultURIPort=defaults.defaultURIPort,
schemePortMappings=defaults.schemePortMappings,
portSchemeMappings=defaults.portSchemeMappings,
directiveTypeTranslations=defaults.directiveTypeTranslations,
allowedDirectiveTypes=defaults.allowedDirectiveTypes,
ignoredDirectiveTypes=defaults.ignoredDirectiveTypes,
expandDefaultSrc=False,
defaultSrcTypes=defaults.defaultSrcReplacementDirectiveTypes):
"""
Creates a new ReportParser object configured with the following parameters:
'uriKeys': an iterable of key (entry) names of which the corresponding values, if present,
will be parsed and replaced with an URI object.
'directiveKeys': an iterable of key (entry) names of which the corresponding values, if present,
will be parsed and replaced with a Directive object.
'policyKeys': an iterable of key (entry) names of which the corresponding values, if present,
will be parsed and replaced with a Policy object.
The 'uriKeys', 'directiveKeys', and 'policyKeys' lists are mutually exclusive (a key may appear
in at most one of these lists.)
'keyNameReplacements': a dictionary of old key (entry) names mapped to the new name to be given
to them before any further parsing. This can be used to adjust to renamed
fields in the violation reports generated by different browser versions.
'requiredKeys': an iterable of key (entry) names that are mandatory and must appear in the report
with a valid value (if parsed, cannot be URI.INVALID()/Directive.INVALID()/
Policy.INVALID()). If this constraint is violated, the parsing result will be
Report.INVALID() (independent of the 'strict' setting). This restriction is
applied after performing key name replacement.
'strict': whether a parsing error of a child element should be ignored if it can be fixed (if
set to False, invalid children will be skipped), or if any parsing error
should cause the Report to become Report.INVALID() (if set to True).
'addSchemeToURIs': [for parsed URIs] whether to add the scheme. (See URIParser for details.)
'defaultURIScheme': [for parsed URIs] if the scheme should be added, the default scheme to be
assumed if nothing can be inferred from the port. (See URIParser for details.)
'addPortToURIs': [for parsed URIs] whether to add the port. (See URIParser for details.)
'defaultURIPort': [for parsed URIs] if the port should be added, the default port to be assumed
if nothing can be inferred from the scheme. (See URIParser for details.)
'schemePortMappings': [for parsed URIs and policy/directive parsing] A map from scheme names to the
corresponding default port, or None if the scheme does not use ports. Any scheme
that may appear inside an URI, source expression, directive or policy should be
listed. (See URIParser and SourceExpressionParser for details.)
'portSchemeMappings': [for parsed URIs] A map from port numbers to scheme names (only for "real" ports).
See URIParser for details.
'directiveTypeTranslations': [for parsed directives and policies] A map from the old directive name to
the new name to be used. (See DirectiveParser for details.)
'allowedDirectiveTypes': [for parsed directives and policies] a list of directive types that are allowed.
(See DirectiveParser or PolicyParser for details.)
'ignoredDirectiveTypes': [for parsed policies] a list of directive types that are ignored when parsing
policies. (See PolicyParser for details.)
'expandDefaultSrc': [for parsed policies] if set to True, each "default-src" directive in a parsed policy
will be expanded to the corresponding elementary directive types, if not yet present.
(See PolicyParser for details.)
'defaultSrcTypes': [for parsed policies] when "default-src" is expanded, the elementary directive types
that will be added to replace the default policy. (See PolicyParser for details.)
"""
self._strict = strict
self._uriKeys = uriKeys
self._directiveKeys = directiveKeys
self._policyKeys = policyKeys
self._keyNameReplacements = keyNameReplacements
self._requiredKeys = requiredKeys
self._uriParser = URIParser(addSchemeToURIs, defaultURIScheme, addPortToURIs, defaultURIPort,
schemePortMappings, portSchemeMappings, True)
self._directiveParser = DirectiveParser(directiveTypeTranslations, allowedDirectiveTypes,
schemePortMappings.keys(), strict)
self._policyParser = PolicyParser(directiveTypeTranslations, allowedDirectiveTypes, ignoredDirectiveTypes,
schemePortMappings.keys(), strict, expandDefaultSrc, defaultSrcTypes)
