eBPF map management for the load balancer. Provides functions to create, operate on, and close all required maps.
eBPF map management for the load balancer. Provides functions to create, operate on, and close all required maps.
(add-listen-port listen-map
ifindex
listen-port
{:keys [ip port] :as target}
&
{:keys [flags] :or {flags 0}})Configure a listen interface/port with its default target. DEPRECATED: Use add-listen-port-weighted for weighted load balancing. ifindex: network interface index listen-port: listen port number target: {:ip <u32> :port <int>} flags: bit flags (bit 0 = stats enabled)
Configure a listen interface/port with its default target.
DEPRECATED: Use add-listen-port-weighted for weighted load balancing.
ifindex: network interface index
listen-port: listen port number
target: {:ip <u32> :port <int>}
flags: bit flags (bit 0 = stats enabled)(add-listen-port-weighted listen-map
ifindex
listen-port
target-group
&
{:keys [flags session-persistence] :or {flags 0}})Configure a listen interface/port with weighted targets. ifindex: network interface index listen-port: listen port number target-group: TargetGroup record with :targets and :cumulative-weights flags: bit flags (bit 0 = stats enabled) session-persistence: if true, enables sticky sessions based on source IP hash
Configure a listen interface/port with weighted targets. ifindex: network interface index listen-port: listen port number target-group: TargetGroup record with :targets and :cumulative-weights flags: bit flags (bit 0 = stats enabled) session-persistence: if true, enables sticky sessions based on source IP hash
(add-sni-route sni-map
hostname
target-group
&
{:keys [flags session-persistence] :or {flags 1}})Add an SNI hostname route with weighted targets to the SNI map. hostname: TLS SNI hostname (will be lowercased) target-group: TargetGroup record with :targets and :cumulative-weights flags: optional flags (default 1 = enabled) session-persistence: if true, enables sticky sessions based on source IP hash
Add an SNI hostname route with weighted targets to the SNI map. hostname: TLS SNI hostname (will be lowercased) target-group: TargetGroup record with :targets and :cumulative-weights flags: optional flags (default 1 = enabled) session-persistence: if true, enables sticky sessions based on source IP hash
(add-source-route config-map
{:keys [ip prefix-len]}
{:keys [ip port] :as target}
&
{:keys [flags] :or {flags 1}})Add a source IP/CIDR route to the config map. DEPRECATED: Use add-source-route-weighted for weighted load balancing. source: {:ip <u32> :prefix-len <int>} target: {:ip <u32> :port <int>} flags: optional flags (default 1 = enabled)
Add a source IP/CIDR route to the config map.
DEPRECATED: Use add-source-route-weighted for weighted load balancing.
source: {:ip <u32> :prefix-len <int>}
target: {:ip <u32> :port <int>}
flags: optional flags (default 1 = enabled)(add-source-route-weighted config-map
{:keys [ip prefix-len]}
target-group
&
{:keys [flags session-persistence] :or {flags 1}})Add a source IP/CIDR route with weighted targets to the config map. source: {:ip <u32> :prefix-len <int>} target-group: TargetGroup record with :targets and :cumulative-weights flags: optional flags (default 1 = enabled) session-persistence: if true, enables sticky sessions based on source IP hash
Add a source IP/CIDR route with weighted targets to the config map.
source: {:ip <u32> :prefix-len <int>}
target-group: TargetGroup record with :targets and :cumulative-weights
flags: optional flags (default 1 = enabled)
session-persistence: if true, enables sticky sessions based on source IP hash(clear-stale-connections conntrack-map current-time-ns timeout-ns)Remove connections that haven't been seen within the timeout period. timeout-ns: timeout in nanoseconds
Remove connections that haven't been seen within the timeout period. timeout-ns: timeout in nanoseconds
(close-all-maps {:keys [config-map listen-map sni-map conntrack-map settings-map
stats-ringbuf rate-limit-config-map rate-limit-src-map
rate-limit-backend-map]})Close all maps and release resources.
Close all maps and release resources.
(create-all-maps)(create-all-maps opts)Create all maps required for the reverse proxy. Returns a map of {:config-map :listen-map :sni-map :conntrack-map :settings-map :stats-ringbuf :rate-limit-config-map :rate-limit-src-map :rate-limit-backend-map}
Create all maps required for the reverse proxy.
Returns a map of {:config-map :listen-map :sni-map :conntrack-map :settings-map
:stats-ringbuf :rate-limit-config-map :rate-limit-src-map
:rate-limit-backend-map}(create-config-map {:keys [max-routes]
:or {max-routes (:max-routes default-config)}})Create LPM trie map for source IP -> target routing with weighted load balancing. Key: {prefix_len (4 bytes) + ip (4 bytes)} = 8 bytes Value: Weighted route format (72 bytes): Header (8 bytes): target_count(1) + reserved(3) + flags(2) + reserved(2) Per target (8 bytes each, max 8): ip(4) + port(2) + cumulative_weight(2)
Create LPM trie map for source IP -> target routing with weighted load balancing.
Key: {prefix_len (4 bytes) + ip (4 bytes)} = 8 bytes
Value: Weighted route format (72 bytes):
Header (8 bytes): target_count(1) + reserved(3) + flags(2) + reserved(2)
Per target (8 bytes each, max 8): ip(4) + port(2) + cumulative_weight(2)(create-conntrack-map {:keys [max-connections]
:or {max-connections (:max-connections default-config)}})Create per-CPU hash map for connection tracking. Using per-CPU variant for lock-free concurrent access. Key: 5-tuple (16 bytes aligned) Value: conntrack state (64 bytes): orig_dst_ip(4) + orig_dst_port(2) + pad(2) + nat_dst_ip(4) + nat_dst_port(2) + pad(2) + created_ns(8) + last_seen_ns(8) + packets_fwd(8) + packets_rev(8) + bytes_fwd(8) + bytes_rev(8)
Create per-CPU hash map for connection tracking. Using per-CPU variant for lock-free concurrent access. Key: 5-tuple (16 bytes aligned) Value: conntrack state (64 bytes): orig_dst_ip(4) + orig_dst_port(2) + pad(2) + nat_dst_ip(4) + nat_dst_port(2) + pad(2) + created_ns(8) + last_seen_ns(8) + packets_fwd(8) + packets_rev(8) + bytes_fwd(8) + bytes_rev(8)
(create-listen-map {:keys [max-listen-ports]
:or {max-listen-ports (:max-listen-ports default-config)}})Create hash map for listen interface/port -> default target with weighted load balancing. Key: {ifindex (4 bytes) + port (2 bytes) + padding (2 bytes)} = 8 bytes Value: Weighted route format (72 bytes): Header (8 bytes): target_count(1) + reserved(3) + flags(2) + reserved(2) Per target (8 bytes each, max 8): ip(4) + port(2) + cumulative_weight(2)
Create hash map for listen interface/port -> default target with weighted load balancing.
Key: {ifindex (4 bytes) + port (2 bytes) + padding (2 bytes)} = 8 bytes
Value: Weighted route format (72 bytes):
Header (8 bytes): target_count(1) + reserved(3) + flags(2) + reserved(2)
Per target (8 bytes each, max 8): ip(4) + port(2) + cumulative_weight(2)(create-rate-limit-backend-map
{:keys [max-rate-limit-backend]
:or {max-rate-limit-backend (:max-rate-limit-backend default-config)}})Create LRU per-CPU hash map for per-backend rate limiting. Key: backend IP:port (8 bytes): ip(4) + port(2) + pad(2) Value: rate bucket (16 bytes): tokens(8) + last_update(8) Using LRU for automatic eviction of stale entries.
Create LRU per-CPU hash map for per-backend rate limiting. Key: backend IP:port (8 bytes): ip(4) + port(2) + pad(2) Value: rate bucket (16 bytes): tokens(8) + last_update(8) Using LRU for automatic eviction of stale entries.
(create-rate-limit-config-map _opts)Create array map for rate limit configuration. Index 0: per-source rate limit config Index 1: per-backend rate limit config Each entry is 16 bytes: rate(8) + burst(8)
Create array map for rate limit configuration. Index 0: per-source rate limit config Index 1: per-backend rate limit config Each entry is 16 bytes: rate(8) + burst(8)
(create-rate-limit-src-map {:keys [max-rate-limit-src]
:or {max-rate-limit-src (:max-rate-limit-src
default-config)}})Create LRU per-CPU hash map for per-source IP rate limiting. Key: source IP (4 bytes) Value: rate bucket (16 bytes): tokens(8) + last_update(8) Using LRU for automatic eviction of stale entries.
Create LRU per-CPU hash map for per-source IP rate limiting. Key: source IP (4 bytes) Value: rate bucket (16 bytes): tokens(8) + last_update(8) Using LRU for automatic eviction of stale entries.
(create-settings-map {:keys [settings-entries]
:or {settings-entries (:settings-entries
default-config)}})Create array map for global settings. Index 0: stats enabled (0/1) Index 1: connection timeout (seconds) Index 2: reserved ... Note: Using default 4-byte values since clj-ebpf array maps use integer serializers.
Create array map for global settings. Index 0: stats enabled (0/1) Index 1: connection timeout (seconds) Index 2: reserved ... Note: Using default 4-byte values since clj-ebpf array maps use integer serializers.
(create-sni-map {:keys [max-sni-routes]
:or {max-sni-routes (:max-sni-routes default-config)}})Create hash map for TLS SNI hostname -> target routing with weighted load balancing. Key: hostname_hash (8 bytes) - FNV-1a 64-bit hash of lowercase hostname Value: Weighted route format (72 bytes): Header (8 bytes): target_count(1) + reserved(3) + flags(2) + reserved(2) Per target (8 bytes each, max 8): ip(4) + port(2) + cumulative_weight(2)
Create hash map for TLS SNI hostname -> target routing with weighted load balancing. Key: hostname_hash (8 bytes) - FNV-1a 64-bit hash of lowercase hostname Value: Weighted route format (72 bytes): Header (8 bytes): target_count(1) + reserved(3) + flags(2) + reserved(2) Per target (8 bytes each, max 8): ip(4) + port(2) + cumulative_weight(2)
(create-stats-ringbuf {:keys [ringbuf-size]
:or {ringbuf-size (:ringbuf-size default-config)}})Create ring buffer for streaming statistics events. Size must be a power of 2.
Create ring buffer for streaming statistics events. Size must be a power of 2.
(decode-rate-config bytes)Decode rate limit configuration from bytes. Returns {:rate <tokens/sec> :burst <max-tokens>}
Decode rate limit configuration from bytes.
Returns {:rate <tokens/sec> :burst <max-tokens>}Default configuration for map creation.
Default configuration for map creation.
(delete-connection conntrack-map five-tuple)Delete a connection from the tracking map.
Delete a connection from the tracking map.
(disable-rate-limit config-map limit-type)Disable rate limiting by setting rate to 0. config-map: the rate_limit_config array map limit-type: :source or :backend
Disable rate limiting by setting rate to 0. config-map: the rate_limit_config array map limit-type: :source or :backend
(disable-stats settings-map)Disable statistics collection in eBPF program.
Disable statistics collection in eBPF program.
(enable-stats settings-map)Enable statistics collection in eBPF program.
Enable statistics collection in eBPF program.
(encode-array-key index)Encode an array map index as a 4-byte key. BPF array maps use u32 keys, which need to be encoded as bytes when using byte array values.
Encode an array map index as a 4-byte key. BPF array maps use u32 keys, which need to be encoded as bytes when using byte array values.
(encode-rate-config rate burst)Encode rate limit configuration to bytes. rate: tokens per second burst: max tokens (burst size) Returns 16-byte buffer: rate(8) + burst(8)
Encode rate limit configuration to bytes. rate: tokens per second burst: max tokens (burst size) Returns 16-byte buffer: rate(8) + burst(8)
(get-connection-timeout settings-map)Get connection timeout in seconds.
Get connection timeout in seconds.
(get-rate-limit-config config-map limit-type)Get rate limit configuration. config-map: the rate_limit_config array map limit-type: :source or :backend Returns {:rate <tokens/sec> :burst <max-tokens>} or nil if not set
Get rate limit configuration.
config-map: the rate_limit_config array map
limit-type: :source or :backend
Returns {:rate <tokens/sec> :burst <max-tokens>} or nil if not set(get-setting settings-map index)Get a global setting by index.
Get a global setting by index.
(list-connections conntrack-map)List all active connections.
List all active connections.
(list-listen-ports listen-map)List all configured listen ports. Returns a sequence of {:listen {...} :route {...}} maps with weighted target data.
List all configured listen ports.
Returns a sequence of {:listen {...} :route {...}} maps with weighted target data.(list-sni-routes sni-map)List all SNI routes in the SNI map. Returns a sequence of {:hostname-hash <long> :route {...}} maps. Note: Original hostnames are not stored in the map, only their hashes.
List all SNI routes in the SNI map.
Returns a sequence of {:hostname-hash <long> :route {...}} maps.
Note: Original hostnames are not stored in the map, only their hashes.(list-source-routes config-map)List all source routes in the config map. Returns a sequence of {:source {...} :route {...}} maps with weighted target data.
List all source routes in the config map.
Returns a sequence of {:source {...} :route {...}} maps with weighted target data.(lookup-connection conntrack-map five-tuple)Look up a connection by its 5-tuple.
Look up a connection by its 5-tuple.
(lookup-listen-port listen-map ifindex port)Look up configuration for a listen interface/port. Returns weighted route data with :target-count, :flags, and :targets.
Look up configuration for a listen interface/port. Returns weighted route data with :target-count, :flags, and :targets.
(lookup-sni-route sni-map hostname)Look up an SNI hostname in the SNI map. Returns weighted route data with :target-count, :flags, and :targets.
Look up an SNI hostname in the SNI map. Returns weighted route data with :target-count, :flags, and :targets.
(lookup-source-route config-map {:keys [ip prefix-len]})Look up a source IP in the config map (exact match on prefix-len + IP). Returns weighted route data with :target-count, :flags, and :targets.
Look up a source IP in the config map (exact match on prefix-len + IP). Returns weighted route data with :target-count, :flags, and :targets.
(map-fd m)Get the raw file descriptor for a map. This is needed when building eBPF programs that reference maps.
Get the raw file descriptor for a map. This is needed when building eBPF programs that reference maps.
(rate-limit-enabled? config-map limit-type)Check if rate limiting is enabled for the given type.
Check if rate limiting is enabled for the given type.
(remove-listen-port listen-map ifindex port)Remove a listen interface/port configuration.
Remove a listen interface/port configuration.
(remove-sni-route sni-map hostname)Remove an SNI hostname route from the SNI map.
Remove an SNI hostname route from the SNI map.
(remove-source-route config-map {:keys [ip prefix-len]})Remove a source IP/CIDR route from the config map.
Remove a source IP/CIDR route from the config map.
(set-connection-timeout settings-map timeout-seconds)Set connection timeout in seconds.
Set connection timeout in seconds.
(set-rate-limit-config config-map limit-type rate burst)Set rate limit configuration. config-map: the rate_limit_config array map limit-type: :source or :backend rate: tokens per second burst: max tokens (burst size)
Set rate limit configuration. config-map: the rate_limit_config array map limit-type: :source or :backend rate: tokens per second burst: max tokens (burst size)
(set-setting settings-map index value)Set a global setting by index.
Set a global setting by index.
(stats-enabled? settings-map)Check if statistics collection is enabled.
Check if statistics collection is enabled.
cljdoc builds & hosts documentation for Clojure/Script libraries
| Ctrl+k | Jump to recent docs |
| ← | Move to previous article |
| → | Move to next article |
| Ctrl+/ | Jump to the search field |