Package identitymanager tracks which global identities are being used by the currently running cilium-agent.

AddReservedIdentity adds the reserved numeric identity with the respective label into the map of reserved identity cache.

AddUserDefinedNumericIdentity adds the given numeric identity and respective label to the list of reservedIdentities.

DelReservedNumericIdentity deletes the given Numeric Identity from the list of reservedIdentities.

GetAllReservedIdentities returns a list of all reserved numeric identities.

InitWellKnownIdentities establishes all well-known identities.

IsUserReservedIdentity returns true if the given NumericIdentity belongs to the space reserved for users.

IterateReservedIdentities iterates over all reservedIdentities and executes the given function for each key, value pair in reservedIdentities.

LookupReservedIdentity looks up a reserved identity by its NumericIdentity and returns it if found.

NewIdentity creates a new identity.

NewIdentityFromLabelArray creates a new identity.

RequiresGlobalIdentity returns true if the label combination requires a global identity.

UpdateReservedIdentitiesMetrics updates identity metrics based on the reserved identities.

ClusterIDShift specifies the number of bits the cluster ID will be shifted.

IdentityUnknown represents an unknown identity.

InvalidIdentity is the identity assigned if the identity is invalid or not determined yet.

LocalIdentityFlag is the bit in the numeric identity that identifies a numeric identity to have local scope.

MaximumAllocationIdentity is the maximum numeric identity handed out by the identity allocator.

MinimalAllocationIdentity is the minimum numeric identity handed out by the identity allocator.

MinimalNumericIdentity represents the minimal numeric identity not used for reserved purposes.

ReservedCiliumEtcdOperator is the reserved identity used for the Cilium etcd operator.

ReservedCiliumKVStore is the reserved identity used for the kvstore managed by Cilium (etcd-operator).

ReservedCiliumOperator is the reserved identity used for the Cilium operator.

ReservedCoreDNS is the reserved identity used for CoreDNS.

ReservedEKSCoreDNS is the reserved identity used for CoreDNS on EKS.

ReservedEKSKubeDNS is the reserved identity used for kube-dns on EKS.

ReservedETCDOperator is the reserved identity used for the etcd-operator managed by Cilium.

ReservedIdentityHealth represents the local cilium-health endpoint.

ReservedIdentityHost represents the local host.

ReservedIdentityInit is the identity given to endpoints that have not received any labels yet.

ReservedIdentityUnmanaged represents unmanaged endpoints.

ReservedIdentityWorld represents any endpoint outside of the cluster.

ReservedKubeDNS is the reserved identity used for kube-dns.

UserReservedNumericIdentity represents the minimal numeric identity that can be used by users for reserved purposes.

ErrNotUserIdentity is an error returned for an identity that is not user reserved.

ReservedIdentityCache that maps all reserved identities from their numeric identity to their corresponding identity.

WellKnown identities stores global state of all well-known identities.

Identity is the representation of the security context for a particular set of labels.

IPIdentityPair is a pairing of an IP and the security identity to which that IP corresponds.

NumericIdentity is the numeric representation of a security identity.