Merged by openshift-bot
OpenShift Bot authored on 2015/12/05 03:54:14... | ... |
@@ -680,12 +680,12 @@ |
680 | 680 |
{ |
681 | 681 |
"ImportPath": "github.com/openshift/openshift-sdn/pkg", |
682 | 682 |
"Comment": "v0.1-164-g9d342eb", |
683 |
- "Rev": "c3fefe01ae87a2e54c6ee02379679d3eaaf2c45d" |
|
683 |
+ "Rev": "0d3440e224aeb26a056c0c4c91c30fdbb59588f9" |
|
684 | 684 |
}, |
685 | 685 |
{ |
686 | 686 |
"ImportPath": "github.com/openshift/openshift-sdn/plugins", |
687 | 687 |
"Comment": "v0.1-164-g9d342eb", |
688 |
- "Rev": "c3fefe01ae87a2e54c6ee02379679d3eaaf2c45d" |
|
688 |
+ "Rev": "0d3440e224aeb26a056c0c4c91c30fdbb59588f9" |
|
689 | 689 |
}, |
690 | 690 |
{ |
691 | 691 |
"ImportPath": "github.com/openshift/source-to-image/pkg/api", |
... | ... |
@@ -9,7 +9,7 @@ import ( |
9 | 9 |
kcmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" |
10 | 10 |
kerrors "k8s.io/kubernetes/pkg/util/errors" |
11 | 11 |
|
12 |
- "github.com/openshift/openshift-sdn/plugins/osdn/multitenant" |
|
12 |
+ "github.com/openshift/openshift-sdn/plugins/osdn/ovs" |
|
13 | 13 |
"github.com/openshift/origin/pkg/cmd/util/clientcmd" |
14 | 14 |
) |
15 | 15 |
|
... | ... |
@@ -39,7 +39,7 @@ func NewCmdIsolateProjectsNetwork(commandName, fullName string, f *clientcmd.Fac |
39 | 39 |
cmd := &cobra.Command{ |
40 | 40 |
Use: commandName, |
41 | 41 |
Short: "Isolate project network", |
42 |
- Long: fmt.Sprintf(isolateProjectsNetworkLong, multitenant.NetworkPluginName()), |
|
42 |
+ Long: fmt.Sprintf(isolateProjectsNetworkLong, ovs.MultiTenantPluginName()), |
|
43 | 43 |
Example: fmt.Sprintf(isolateProjectsNetworkExample, fullName), |
44 | 44 |
Run: func(c *cobra.Command, args []string) { |
45 | 45 |
if err := opts.Complete(f, c, args, out); err != nil { |
... | ... |
@@ -10,7 +10,7 @@ import ( |
10 | 10 |
kcmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" |
11 | 11 |
kerrors "k8s.io/kubernetes/pkg/util/errors" |
12 | 12 |
|
13 |
- "github.com/openshift/openshift-sdn/plugins/osdn/multitenant" |
|
13 |
+ "github.com/openshift/openshift-sdn/plugins/osdn/ovs" |
|
14 | 14 |
"github.com/openshift/origin/pkg/cmd/util/clientcmd" |
15 | 15 |
) |
16 | 16 |
|
... | ... |
@@ -42,7 +42,7 @@ func NewCmdJoinProjectsNetwork(commandName, fullName string, f *clientcmd.Factor |
42 | 42 |
cmd := &cobra.Command{ |
43 | 43 |
Use: commandName, |
44 | 44 |
Short: "Join project network", |
45 |
- Long: fmt.Sprintf(joinProjectsNetworkLong, multitenant.NetworkPluginName()), |
|
45 |
+ Long: fmt.Sprintf(joinProjectsNetworkLong, ovs.MultiTenantPluginName()), |
|
46 | 46 |
Example: fmt.Sprintf(joinProjectsNetworkExample, fullName), |
47 | 47 |
Run: func(c *cobra.Command, args []string) { |
48 | 48 |
if err := opts.Complete(f, c, args, out); err != nil { |
... | ... |
@@ -10,7 +10,7 @@ import ( |
10 | 10 |
kerrors "k8s.io/kubernetes/pkg/util/errors" |
11 | 11 |
|
12 | 12 |
"github.com/openshift/openshift-sdn/plugins/osdn" |
13 |
- "github.com/openshift/openshift-sdn/plugins/osdn/multitenant" |
|
13 |
+ "github.com/openshift/openshift-sdn/plugins/osdn/ovs" |
|
14 | 14 |
"github.com/openshift/origin/pkg/cmd/util/clientcmd" |
15 | 15 |
) |
16 | 16 |
|
... | ... |
@@ -40,7 +40,7 @@ func NewCmdMakeGlobalProjectsNetwork(commandName, fullName string, f *clientcmd. |
40 | 40 |
cmd := &cobra.Command{ |
41 | 41 |
Use: commandName, |
42 | 42 |
Short: "Make project network global", |
43 |
- Long: fmt.Sprintf(makeGlobalProjectsNetworkLong, multitenant.NetworkPluginName()), |
|
43 |
+ Long: fmt.Sprintf(makeGlobalProjectsNetworkLong, ovs.MultiTenantPluginName()), |
|
44 | 44 |
Example: fmt.Sprintf(makeGlobalProjectsNetworkExample, fullName), |
45 | 45 |
Run: func(c *cobra.Command, args []string) { |
46 | 46 |
if err := opts.Complete(f, c, args, out); err != nil { |
47 | 47 |
deleted file mode 100644 |
... | ... |
@@ -1,77 +0,0 @@ |
1 |
-package netutils |
|
2 |
- |
|
3 |
-import ( |
|
4 |
- "fmt" |
|
5 |
- "net" |
|
6 |
- |
|
7 |
- log "github.com/golang/glog" |
|
8 |
-) |
|
9 |
- |
|
10 |
-type IPAllocator struct { |
|
11 |
- network *net.IPNet |
|
12 |
- allocMap map[string]bool |
|
13 |
-} |
|
14 |
- |
|
15 |
-func NewIPAllocator(network string, inUse []string) (*IPAllocator, error) { |
|
16 |
- _, netIP, err := net.ParseCIDR(network) |
|
17 |
- if err != nil { |
|
18 |
- return nil, fmt.Errorf("Failed to parse network address: %q", network) |
|
19 |
- } |
|
20 |
- |
|
21 |
- amap := make(map[string]bool) |
|
22 |
- for _, netStr := range inUse { |
|
23 |
- _, nIp, err := net.ParseCIDR(netStr) |
|
24 |
- if err != nil { |
|
25 |
- log.Errorf("Failed to parse network address: %s", netStr) |
|
26 |
- continue |
|
27 |
- } |
|
28 |
- if !netIP.Contains(nIp.IP) { |
|
29 |
- log.Errorf("Provided subnet doesn't belong to network: %s", nIp) |
|
30 |
- continue |
|
31 |
- } |
|
32 |
- amap[netStr] = true |
|
33 |
- } |
|
34 |
- |
|
35 |
- // Add the network address to the map |
|
36 |
- amap[netIP.String()] = true |
|
37 |
- return &IPAllocator{network: netIP, allocMap: amap}, nil |
|
38 |
-} |
|
39 |
- |
|
40 |
-func (ipa *IPAllocator) GetIP() (*net.IPNet, error) { |
|
41 |
- var ( |
|
42 |
- numIPs uint32 |
|
43 |
- numIPBits uint |
|
44 |
- ) |
|
45 |
- baseipu := IPToUint32(ipa.network.IP) |
|
46 |
- netMaskSize, _ := ipa.network.Mask.Size() |
|
47 |
- numIPBits = 32 - uint(netMaskSize) |
|
48 |
- numIPs = 1 << numIPBits |
|
49 |
- |
|
50 |
- var i uint32 |
|
51 |
- // We exclude the last address as it is reserved for broadcast |
|
52 |
- for i = 0; i < numIPs-1; i++ { |
|
53 |
- ipu := baseipu | i |
|
54 |
- genIP := &net.IPNet{IP: Uint32ToIP(ipu), Mask: net.CIDRMask(netMaskSize, 32)} |
|
55 |
- if !ipa.allocMap[genIP.String()] { |
|
56 |
- ipa.allocMap[genIP.String()] = true |
|
57 |
- return genIP, nil |
|
58 |
- } |
|
59 |
- } |
|
60 |
- |
|
61 |
- return nil, fmt.Errorf("No IPs available") |
|
62 |
-} |
|
63 |
- |
|
64 |
-func (ipa *IPAllocator) ReleaseIP(ip *net.IPNet) error { |
|
65 |
- if !ipa.network.Contains(ip.IP) { |
|
66 |
- return fmt.Errorf("Provided IP %v doesn't belong to the network %v", ip, ipa.network) |
|
67 |
- } |
|
68 |
- |
|
69 |
- ipStr := ip.String() |
|
70 |
- if !ipa.allocMap[ipStr] { |
|
71 |
- return fmt.Errorf("Provided IP %v is already available", ip) |
|
72 |
- } |
|
73 |
- |
|
74 |
- ipa.allocMap[ipStr] = false |
|
75 |
- |
|
76 |
- return nil |
|
77 |
-} |
78 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,83 +0,0 @@ |
1 |
-package netutils |
|
2 |
- |
|
3 |
-import ( |
|
4 |
- "testing" |
|
5 |
-) |
|
6 |
- |
|
7 |
-func TestAllocateIP(t *testing.T) { |
|
8 |
- ipa, err := NewIPAllocator("10.1.2.0/24", nil) |
|
9 |
- if err != nil { |
|
10 |
- t.Fatal("Failed to initialize IP allocator: %v", err) |
|
11 |
- } |
|
12 |
- |
|
13 |
- ip, err := ipa.GetIP() |
|
14 |
- if err != nil { |
|
15 |
- t.Fatal("Failed to get IP: ", err) |
|
16 |
- } |
|
17 |
- if ip.String() != "10.1.2.1/24" { |
|
18 |
- t.Fatal("Did not get expected IP") |
|
19 |
- } |
|
20 |
- ip, err = ipa.GetIP() |
|
21 |
- if err != nil { |
|
22 |
- t.Fatal("Failed to get IP: ", err) |
|
23 |
- } |
|
24 |
- if ip.String() != "10.1.2.2/24" { |
|
25 |
- t.Fatal("Did not get expected IP") |
|
26 |
- } |
|
27 |
- ip, err = ipa.GetIP() |
|
28 |
- if err != nil { |
|
29 |
- t.Fatal("Failed to get IP: ", err) |
|
30 |
- } |
|
31 |
- if ip.String() != "10.1.2.3/24" { |
|
32 |
- t.Fatal("Did not get expected IP") |
|
33 |
- } |
|
34 |
-} |
|
35 |
- |
|
36 |
-func TestAllocateIPInUse(t *testing.T) { |
|
37 |
- inUse := []string{"10.1.2.1/24", "10.1.2.2/24", "10.2.2.3/24", "Invalid"} |
|
38 |
- ipa, err := NewIPAllocator("10.1.2.0/24", inUse) |
|
39 |
- if err != nil { |
|
40 |
- t.Fatal("Failed to initialize IP allocator: %v", err) |
|
41 |
- } |
|
42 |
- |
|
43 |
- ip, err := ipa.GetIP() |
|
44 |
- if err != nil { |
|
45 |
- t.Fatal("Failed to get IP: ", err) |
|
46 |
- } |
|
47 |
- if ip.String() != "10.1.2.3/24" { |
|
48 |
- t.Fatal("Did not get expected IP", ip) |
|
49 |
- } |
|
50 |
- ip, err = ipa.GetIP() |
|
51 |
- if err != nil { |
|
52 |
- t.Fatal("Failed to get IP: ", err) |
|
53 |
- } |
|
54 |
- if ip.String() != "10.1.2.4/24" { |
|
55 |
- t.Fatal("Did not get expected IP", ip) |
|
56 |
- } |
|
57 |
-} |
|
58 |
- |
|
59 |
-func TestAllocateReleaseIP(t *testing.T) { |
|
60 |
- ipa, err := NewIPAllocator("10.1.2.0/24", nil) |
|
61 |
- if err != nil { |
|
62 |
- t.Fatal("Failed to initialize IP allocator: %v", err) |
|
63 |
- } |
|
64 |
- |
|
65 |
- ip, err := ipa.GetIP() |
|
66 |
- if err != nil { |
|
67 |
- t.Fatal("Failed to get IP: ", err) |
|
68 |
- } |
|
69 |
- if ip.String() != "10.1.2.1/24" { |
|
70 |
- t.Fatal("Did not get expected IP") |
|
71 |
- } |
|
72 |
- |
|
73 |
- if err := ipa.ReleaseIP(ip); err != nil { |
|
74 |
- t.Fatal("Failed to release the IP") |
|
75 |
- } |
|
76 |
- ip, err = ipa.GetIP() |
|
77 |
- if err != nil { |
|
78 |
- t.Fatal("Failed to get IP: ", err) |
|
79 |
- } |
|
80 |
- if ip.String() != "10.1.2.1/24" { |
|
81 |
- t.Fatal("Did not get expected IP") |
|
82 |
- } |
|
83 |
-} |
84 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,129 +0,0 @@ |
1 |
-package server |
|
2 |
- |
|
3 |
-import ( |
|
4 |
- "crypto/tls" |
|
5 |
- "fmt" |
|
6 |
- "net" |
|
7 |
- "net/http" |
|
8 |
- "strconv" |
|
9 |
- "time" |
|
10 |
-) |
|
11 |
- |
|
12 |
-// Server is a http.Handler which exposes netutils functionality over HTTP. |
|
13 |
-type Server struct { |
|
14 |
- ipam IpamInterface |
|
15 |
- mux *http.ServeMux |
|
16 |
-} |
|
17 |
- |
|
18 |
-type TLSOptions struct { |
|
19 |
- Config *tls.Config |
|
20 |
- CertFile string |
|
21 |
- KeyFile string |
|
22 |
-} |
|
23 |
- |
|
24 |
-// IpamInterface contains all the methods required by the server. |
|
25 |
-type IpamInterface interface { |
|
26 |
- GetIP() (*net.IPNet, error) |
|
27 |
- ReleaseIP(ip *net.IPNet) error |
|
28 |
- //GetStats() string |
|
29 |
-} |
|
30 |
- |
|
31 |
-// ListenAndServeNetutilServer initializes a server to respond to HTTP network requests on the ipam interface |
|
32 |
-func ListenAndServeNetutilServer(ipam IpamInterface, address net.IP, port uint, tlsOptions *TLSOptions) error { |
|
33 |
- handler := NewServer(ipam) |
|
34 |
- addr := net.JoinHostPort(address.String(), strconv.FormatUint(uint64(port), 10)) |
|
35 |
- s := &http.Server{ |
|
36 |
- Handler: handler, |
|
37 |
- ReadTimeout: 5 * time.Minute, |
|
38 |
- WriteTimeout: 5 * time.Minute, |
|
39 |
- MaxHeaderBytes: 1 << 20, |
|
40 |
- } |
|
41 |
- var listener net.Listener |
|
42 |
- var err error |
|
43 |
- if tlsOptions != nil { |
|
44 |
- listener, err = tls.Listen("tcp", addr, tlsOptions.Config) |
|
45 |
- } else { |
|
46 |
- listener, err = net.Listen("tcp", addr) |
|
47 |
- } |
|
48 |
- if err != nil { |
|
49 |
- return err |
|
50 |
- } |
|
51 |
- go s.Serve(listener) |
|
52 |
- return nil |
|
53 |
-} |
|
54 |
- |
|
55 |
-// NewServer initializes and configures the netutils_server.Server object to handle HTTP requests. |
|
56 |
-func NewServer(ipam IpamInterface) *Server { |
|
57 |
- server := Server{ |
|
58 |
- ipam: ipam, |
|
59 |
- mux: http.NewServeMux(), |
|
60 |
- } |
|
61 |
- server.InstallDefaultHandlers() |
|
62 |
- return &server |
|
63 |
-} |
|
64 |
- |
|
65 |
-// InstallDefaultHandlers registers the default set of supported HTTP request patterns with the mux. |
|
66 |
-func (s *Server) InstallDefaultHandlers() { |
|
67 |
- s.mux.HandleFunc("/netutils/subnet", s.handleSubnet) |
|
68 |
- s.mux.HandleFunc("/netutils/ip/", s.handleIP) |
|
69 |
- s.mux.HandleFunc("/netutils/gateway", s.handleGateway) |
|
70 |
- s.mux.HandleFunc("/stats", s.handleStats) |
|
71 |
-} |
|
72 |
- |
|
73 |
-// error serializes an error object into an HTTP response. |
|
74 |
-func (s *Server) error(w http.ResponseWriter, err error) { |
|
75 |
- msg := fmt.Sprintf("Internal Error: %v", err) |
|
76 |
- http.Error(w, msg, http.StatusInternalServerError) |
|
77 |
-} |
|
78 |
- |
|
79 |
-// handleSubnet handles gateway requests |
|
80 |
-func (s *Server) handleSubnet(w http.ResponseWriter, req *http.Request) { |
|
81 |
- w.Header().Add("Content-type", "application/json") |
|
82 |
- w.Write([]byte("Not implemented")) |
|
83 |
- return |
|
84 |
-} |
|
85 |
- |
|
86 |
-// handleGateway handles gateway requests |
|
87 |
-func (s *Server) handleGateway(w http.ResponseWriter, req *http.Request) { |
|
88 |
- w.Header().Add("Content-type", "application/json") |
|
89 |
- w.Write([]byte("Not implemented")) |
|
90 |
- return |
|
91 |
-} |
|
92 |
- |
|
93 |
-// handleIP handles IP requests |
|
94 |
-func (s *Server) handleIP(w http.ResponseWriter, req *http.Request) { |
|
95 |
- if req.Method == "GET" { |
|
96 |
- w.Header().Add("Content-type", "application/json") |
|
97 |
- ipnet, err := s.ipam.GetIP() |
|
98 |
- if err != nil { |
|
99 |
- s.error(w, err) |
|
100 |
- } else { |
|
101 |
- w.Write([]byte(ipnet.String())) |
|
102 |
- } |
|
103 |
- } else if req.Method == "DELETE" { |
|
104 |
- ip, ipNet, err := net.ParseCIDR(req.URL.Path[len("/netutils/ip/"):]) |
|
105 |
- if err != nil { |
|
106 |
- s.error(w, err) |
|
107 |
- } |
|
108 |
- delIP := &net.IPNet{IP: ip, Mask: ipNet.Mask} |
|
109 |
- err = s.ipam.ReleaseIP(delIP) |
|
110 |
- if err != nil { |
|
111 |
- s.error(w, err) |
|
112 |
- } |
|
113 |
- } else { |
|
114 |
- http.Error(w, "Method can only be GET/DELETE", http.StatusNotFound) |
|
115 |
- } |
|
116 |
- return |
|
117 |
-} |
|
118 |
- |
|
119 |
-// handleStats handles stats requests |
|
120 |
-func (s *Server) handleStats(w http.ResponseWriter, req *http.Request) { |
|
121 |
- w.Header().Add("Content-type", "application/json") |
|
122 |
- w.Write([]byte("Not implemented")) |
|
123 |
- return |
|
124 |
-} |
|
125 |
- |
|
126 |
-// ServeHTTP responds to HTTP requests |
|
127 |
-func (s *Server) ServeHTTP(w http.ResponseWriter, req *http.Request) { |
|
128 |
- s.mux.ServeHTTP(w, req) |
|
129 |
-} |
130 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,73 +0,0 @@ |
1 |
-package server |
|
2 |
- |
|
3 |
-import ( |
|
4 |
- "fmt" |
|
5 |
- "io/ioutil" |
|
6 |
- "net" |
|
7 |
- "net/http" |
|
8 |
- "testing" |
|
9 |
- |
|
10 |
- "github.com/openshift/openshift-sdn/pkg/netutils" |
|
11 |
-) |
|
12 |
- |
|
13 |
-func delIP(t *testing.T, delip string) error { |
|
14 |
- url := fmt.Sprintf("http://127.0.0.1:9080/netutils/ip/%s", delip) |
|
15 |
- req, err := http.NewRequest("DELETE", url, nil) |
|
16 |
- if err != nil { |
|
17 |
- t.Fatalf("Error in forming request to IPAM server: %v", err) |
|
18 |
- } |
|
19 |
- res, err := http.DefaultClient.Do(req) |
|
20 |
- if err != nil { |
|
21 |
- t.Fatalf("Error in connecting to IPAM server: %v", err) |
|
22 |
- } |
|
23 |
- if res.StatusCode > 400 { |
|
24 |
- return fmt.Errorf("Bad response from server: %d", res.StatusCode) |
|
25 |
- } |
|
26 |
- return err |
|
27 |
-} |
|
28 |
- |
|
29 |
-func getIP(t *testing.T) string { |
|
30 |
- res, err := http.Get("http://127.0.0.1:9080/netutils/ip") |
|
31 |
- if err != nil { |
|
32 |
- t.Fatalf("Error in connecting to IPAM server: %v", err) |
|
33 |
- } |
|
34 |
- ip, err := ioutil.ReadAll(res.Body) |
|
35 |
- if err != nil { |
|
36 |
- t.Fatalf("Error in obtaining IP address through server: %v", err) |
|
37 |
- } |
|
38 |
- res.Body.Close() |
|
39 |
- return string(ip) |
|
40 |
-} |
|
41 |
- |
|
42 |
-func TestIPServe(t *testing.T) { |
|
43 |
- inuse := make([]string, 0) |
|
44 |
- ipam, err := netutils.NewIPAllocator("10.20.30.40/24", inuse) |
|
45 |
- if err != nil { |
|
46 |
- t.Fatalf("Error while initializing IPAM: %v", err) |
|
47 |
- } |
|
48 |
- ListenAndServeNetutilServer(ipam, net.ParseIP("127.0.0.1"), 9080, nil) |
|
49 |
- |
|
50 |
- // get, get, delete, get |
|
51 |
- ip := getIP(t) |
|
52 |
- if ip != "10.20.30.1/24" { |
|
53 |
- t.Fatalf("Wrong IP. Expected 10.20.30.1/24, got %s", ip) |
|
54 |
- } |
|
55 |
- ip = getIP(t) |
|
56 |
- if ip != "10.20.30.2/24" { |
|
57 |
- t.Fatalf("Wrong IP. Expected 10.20.30.2/24, got %s", ip) |
|
58 |
- } |
|
59 |
- err = delIP(t, ip) |
|
60 |
- if err != nil { |
|
61 |
- t.Fatalf("Error while deleting IP address %s: %v", ip, err) |
|
62 |
- } |
|
63 |
- // get it again |
|
64 |
- ip = getIP(t) |
|
65 |
- if ip != "10.20.30.2/24" { |
|
66 |
- t.Fatalf("Wrong IP. Expected 10.20.30.2/24, got %s", ip) |
|
67 |
- } |
|
68 |
- // delete the wrong one and fail if there is no error |
|
69 |
- err = delIP(t, "10.10.10.10/23") |
|
70 |
- if err == nil { |
|
71 |
- t.Fatalf("Error while deleting IP address %s: %v", ip, err) |
|
72 |
- } |
|
73 |
-} |
... | ... |
@@ -10,17 +10,16 @@ import ( |
10 | 10 |
oskserver "github.com/openshift/origin/pkg/cmd/server/kubernetes" |
11 | 11 |
kclient "k8s.io/kubernetes/pkg/client/unversioned" |
12 | 12 |
|
13 |
- "github.com/openshift/openshift-sdn/plugins/osdn/flatsdn" |
|
14 |
- "github.com/openshift/openshift-sdn/plugins/osdn/multitenant" |
|
13 |
+ "github.com/openshift/openshift-sdn/plugins/osdn/ovs" |
|
15 | 14 |
) |
16 | 15 |
|
17 | 16 |
// Call by higher layers to create the plugin instance |
18 | 17 |
func NewPlugin(pluginType string, osClient *osclient.Client, kClient *kclient.Client, hostname string, selfIP string, ready chan struct{}) (api.OsdnPlugin, oskserver.FilteringEndpointsConfigHandler, error) { |
19 | 18 |
switch strings.ToLower(pluginType) { |
20 |
- case flatsdn.NetworkPluginName(): |
|
21 |
- return flatsdn.CreatePlugin(osdn.NewRegistry(osClient, kClient), hostname, selfIP, ready) |
|
22 |
- case multitenant.NetworkPluginName(): |
|
23 |
- return multitenant.CreatePlugin(osdn.NewRegistry(osClient, kClient), hostname, selfIP, ready) |
|
19 |
+ case ovs.SingleTenantPluginName(): |
|
20 |
+ return ovs.CreatePlugin(osdn.NewRegistry(osClient, kClient), false, hostname, selfIP, ready) |
|
21 |
+ case ovs.MultiTenantPluginName(): |
|
22 |
+ return ovs.CreatePlugin(osdn.NewRegistry(osClient, kClient), true, hostname, selfIP, ready) |
|
24 | 23 |
} |
25 | 24 |
|
26 | 25 |
return nil, nil, nil |
27 | 26 |
deleted file mode 100755 |
... | ... |
@@ -1,111 +0,0 @@ |
1 |
-#!/bin/bash |
|
2 |
-set -e |
|
3 |
- |
|
4 |
-lock_file=/var/lock/openshift-sdn.lock |
|
5 |
- |
|
6 |
-action=$1 |
|
7 |
-pod_namespace=$2 |
|
8 |
-pod_name=$3 |
|
9 |
-net_container=$4 |
|
10 |
- |
|
11 |
-lockwrap() { |
|
12 |
- ( |
|
13 |
- flock 200 |
|
14 |
- "$@" |
|
15 |
- ) 200>${lock_file} |
|
16 |
-} |
|
17 |
- |
|
18 |
-# Retrieve the name of the host-local member of the veth pair that |
|
19 |
-# connects the container (identified by pid) to the docker bridge. |
|
20 |
-get_veth_host() { |
|
21 |
- local pid=$1 |
|
22 |
- |
|
23 |
- local veth_ifindex=$(nsenter -n -t $pid -- ethtool -S eth0 | sed -n -e 's/.*peer_ifindex: //p') |
|
24 |
- # Strip a suffix starting with '@' from the interface name. |
|
25 |
- # The suffixed interface name won't be recognized by brctl or ovs-* |
|
26 |
- ip link show | sed -ne "s/^$veth_ifindex: \([^:@]*\).*/\1/p" |
|
27 |
-} |
|
28 |
- |
|
29 |
-get_ipaddr_pid_veth() { |
|
30 |
- network_mode=$(docker inspect --format "{{.HostConfig.NetworkMode}}" ${net_container}) |
|
31 |
- if [ "${network_mode}" == "host" ]; then |
|
32 |
- # quit, nothing for the SDN here |
|
33 |
- exit 0 |
|
34 |
- elif [[ "${network_mode}" =~ container:.* ]]; then |
|
35 |
- # Get pod infra container |
|
36 |
- net_container=$(echo ${network_mode} | cut -d ":" -f 2) |
|
37 |
- fi |
|
38 |
- ipaddr=$(docker inspect --format "{{.NetworkSettings.IPAddress}}" ${net_container}) |
|
39 |
- pid=$(docker inspect --format "{{.State.Pid}}" ${net_container}) |
|
40 |
- veth_host=$(get_veth_host $pid) |
|
41 |
-} |
|
42 |
- |
|
43 |
-add_ovs_port() { |
|
44 |
- brctl delif lbr0 $veth_host |
|
45 |
- ovs-vsctl add-port br0 ${veth_host} |
|
46 |
-} |
|
47 |
- |
|
48 |
-del_ovs_port() { |
|
49 |
- ovs-vsctl --if-exists del-port $veth_host |
|
50 |
-} |
|
51 |
- |
|
52 |
-add_ovs_flows() { |
|
53 |
- ovs_port=$(ovs-ofctl -O OpenFlow13 dump-ports-desc br0 | grep ${veth_host} | cut -d "(" -f 1 | tr -d ' ') |
|
54 |
- |
|
55 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=0,cookie=0x${ovs_port},priority=100,ip,nw_dst=${ipaddr},actions=output:${ovs_port}" |
|
56 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=0,cookie=0x${ovs_port},priority=100,arp,nw_dst=${ipaddr},actions=output:${ovs_port}" |
|
57 |
-} |
|
58 |
- |
|
59 |
-del_ovs_flows() { |
|
60 |
- ovs_port=$(ovs-ofctl -O OpenFlow13 dump-ports-desc br0 | grep ${veth_host} | cut -d "(" -f 1 | tr -d ' ') |
|
61 |
- |
|
62 |
- ovs-ofctl -O OpenFlow13 del-flows br0 "table=0,cookie=0x${ovs_port}/0xffffffff" |
|
63 |
-} |
|
64 |
- |
|
65 |
-add_subnet_route() { |
|
66 |
- source /etc/openshift-sdn/config.env |
|
67 |
- local subnet_route="ip route add ${OPENSHIFT_CLUSTER_SUBNET} dev eth0 proto kernel scope link src $ipaddr" |
|
68 |
- nsenter -n -t $pid -- $subnet_route |
|
69 |
-} |
|
70 |
- |
|
71 |
-Init() { |
|
72 |
- true |
|
73 |
-} |
|
74 |
- |
|
75 |
-Setup() { |
|
76 |
- get_ipaddr_pid_veth |
|
77 |
- add_ovs_port |
|
78 |
- add_ovs_flows |
|
79 |
- add_subnet_route |
|
80 |
-} |
|
81 |
- |
|
82 |
-Teardown() { |
|
83 |
- get_ipaddr_pid_veth |
|
84 |
- del_ovs_port |
|
85 |
- del_ovs_flows |
|
86 |
-} |
|
87 |
- |
|
88 |
-Status() { |
|
89 |
- # do nothing, empty output will default to address as picked by docker |
|
90 |
- true |
|
91 |
-} |
|
92 |
- |
|
93 |
-case "$action" in |
|
94 |
- init) |
|
95 |
- lockwrap Init |
|
96 |
- ;; |
|
97 |
- setup) |
|
98 |
- set -x |
|
99 |
- lockwrap Setup |
|
100 |
- ;; |
|
101 |
- teardown) |
|
102 |
- set -x |
|
103 |
- lockwrap Teardown |
|
104 |
- ;; |
|
105 |
- status) |
|
106 |
- lockwrap Status |
|
107 |
- ;; |
|
108 |
- *) |
|
109 |
- echo "Bad input: $@" |
|
110 |
- exit 1 |
|
111 |
-esac |
112 | 1 |
deleted file mode 100755 |
... | ... |
@@ -1,159 +0,0 @@ |
1 |
-#!/bin/bash |
|
2 |
- |
|
3 |
-set -ex |
|
4 |
- |
|
5 |
-lock_file=/var/lock/openshift-sdn.lock |
|
6 |
-local_subnet_gateway=$1 |
|
7 |
-local_subnet_cidr=$2 |
|
8 |
-local_subnet_mask_len=$3 |
|
9 |
-cluster_network_cidr=$4 |
|
10 |
-service_network_cidr=$5 |
|
11 |
-mtu=$6 |
|
12 |
-printf 'Container network is "%s"; local host has subnet "%s", mtu "%d" and gateway "%s".\n' "${cluster_network_cidr}" "${local_subnet_cidr}" "${mtu}" "${local_subnet_gateway}" |
|
13 |
-TUN=tun0 |
|
14 |
- |
|
15 |
-# Synchronize code execution with a file lock. |
|
16 |
-function lockwrap() { |
|
17 |
- ( |
|
18 |
- flock 200 |
|
19 |
- "$@" |
|
20 |
- ) 200>${lock_file} |
|
21 |
-} |
|
22 |
- |
|
23 |
-function docker_network_config() { |
|
24 |
- if [ -z "${DOCKER_NETWORK_OPTIONS}" ]; then |
|
25 |
- DOCKER_NETWORK_OPTIONS="-b=lbr0 --mtu=${mtu}" |
|
26 |
- fi |
|
27 |
- |
|
28 |
- local conf=/run/openshift-sdn/docker-network |
|
29 |
- case "$1" in |
|
30 |
- check) |
|
31 |
- if ! grep -q -s "DOCKER_NETWORK_OPTIONS='${DOCKER_NETWORK_OPTIONS}'" $conf; then |
|
32 |
- return 1 |
|
33 |
- fi |
|
34 |
- return 0 |
|
35 |
- ;; |
|
36 |
- |
|
37 |
- update) |
|
38 |
- mkdir -p $(dirname $conf) |
|
39 |
- cat <<EOF > $conf |
|
40 |
-# This file has been modified by openshift-sdn. |
|
41 |
- |
|
42 |
-DOCKER_NETWORK_OPTIONS='${DOCKER_NETWORK_OPTIONS}' |
|
43 |
-EOF |
|
44 |
- ## linux bridge |
|
45 |
- ip link set lbr0 down || true |
|
46 |
- brctl delbr lbr0 || true |
|
47 |
- brctl addbr lbr0 |
|
48 |
- ip addr add ${local_subnet_gateway}/${local_subnet_mask_len} dev lbr0 |
|
49 |
- ip link set lbr0 up |
|
50 |
- |
|
51 |
- if [ ! -f /.dockerinit ]; then |
|
52 |
- # disable iptables for lbr0 |
|
53 |
- # for kernel version 3.18+, module br_netfilter needs to be loaded upfront |
|
54 |
- # for older ones, br_netfilter may not exist, but is covered by bridge (bridge-utils) |
|
55 |
- # |
|
56 |
- # This operation is assumed to have been performed in advance |
|
57 |
- # for docker-in-docker deployments. |
|
58 |
- modprobe br_netfilter || true |
|
59 |
- sysctl -w net.bridge.bridge-nf-call-iptables=0 |
|
60 |
- fi |
|
61 |
- # when using --pid=host to run docker container, systemctl inside it refuses |
|
62 |
- # to work because it detects that it's running in chroot. using dbus instead |
|
63 |
- # of systemctl is just a workaround |
|
64 |
- dbus-send --system --print-reply --reply-timeout=2000 --type=method_call --dest=org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager.Reload |
|
65 |
- dbus-send --system --print-reply --reply-timeout=2000 --type=method_call --dest=org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager.RestartUnit string:'docker.service' string:'replace' |
|
66 |
- ;; |
|
67 |
- esac |
|
68 |
-} |
|
69 |
- |
|
70 |
-function setup_required() { |
|
71 |
- ip=$(echo `ip a s lbr0 2>/dev/null|awk '/inet / {print $2}'`) |
|
72 |
- if [ "$ip" != "${local_subnet_gateway}/${local_subnet_mask_len}" ]; then |
|
73 |
- return 0 |
|
74 |
- fi |
|
75 |
- if ! ovs-ofctl -O OpenFlow13 dump-flows br0 | grep -q 'table=0.*arp'; then |
|
76 |
- return 0 |
|
77 |
- fi |
|
78 |
- return 1 |
|
79 |
-} |
|
80 |
- |
|
81 |
-# Delete the subnet routing entry created because of ip link up on device |
|
82 |
-# ip link adds local subnet route entry asynchronously |
|
83 |
-# So check for the new route entry every 100 ms upto timeout of 2 secs and |
|
84 |
-# delete the route entry. |
|
85 |
-function delete_local_subnet_route() { |
|
86 |
- local device=$1 |
|
87 |
- local time_interval=0.1 # 100 milli secs |
|
88 |
- local max_intervals=20 # timeout: 2 secs |
|
89 |
- local num_intervals=0 |
|
90 |
- local cmd="ip route | grep -q '${local_subnet_cidr} dev ${device}'" |
|
91 |
- |
|
92 |
- until $(eval $cmd) || [ $num_intervals -ge $max_intervals ]; do |
|
93 |
- sleep $time_interval |
|
94 |
- num_intervals=$((num_intervals + 1)) |
|
95 |
- done |
|
96 |
- |
|
97 |
- if [ $num_intervals -ge $max_intervals ]; then |
|
98 |
- echo "Error: ${local_subnet_cidr} route not found for dev ${device}" >&2 |
|
99 |
- return 1 |
|
100 |
- fi |
|
101 |
- ip route del ${local_subnet_cidr} dev ${device} proto kernel scope link |
|
102 |
-} |
|
103 |
- |
|
104 |
-function setup() { |
|
105 |
- # clear config file |
|
106 |
- rm -f /etc/openshift-sdn/config.env |
|
107 |
- |
|
108 |
- ## openvswitch |
|
109 |
- ovs-vsctl del-br br0 || true |
|
110 |
- ovs-vsctl add-br br0 -- set Bridge br0 fail-mode=secure |
|
111 |
- ovs-vsctl set bridge br0 protocols=OpenFlow13 |
|
112 |
- ovs-vsctl del-port br0 vxlan0 || true |
|
113 |
- ovs-vsctl add-port br0 vxlan0 -- set Interface vxlan0 type=vxlan options:remote_ip="flow" options:key="flow" ofport_request=1 |
|
114 |
- ovs-vsctl add-port br0 ${TUN} -- set Interface ${TUN} type=internal ofport_request=2 |
|
115 |
- |
|
116 |
- ip link del vlinuxbr || true |
|
117 |
- ip link add vlinuxbr type veth peer name vovsbr |
|
118 |
- ip link set vlinuxbr up |
|
119 |
- ip link set vovsbr up |
|
120 |
- ip link set vlinuxbr txqueuelen 0 |
|
121 |
- ip link set vovsbr txqueuelen 0 |
|
122 |
- brctl addif lbr0 vlinuxbr |
|
123 |
- |
|
124 |
- ovs-vsctl del-port br0 vovsbr || true |
|
125 |
- ovs-vsctl add-port br0 vovsbr -- set Interface vovsbr ofport_request=9 |
|
126 |
- |
|
127 |
- # setup tun address |
|
128 |
- ip addr add ${local_subnet_gateway}/${local_subnet_mask_len} dev ${TUN} |
|
129 |
- ip link set ${TUN} up |
|
130 |
- ip route add ${cluster_network_cidr} dev ${TUN} proto kernel scope link |
|
131 |
- |
|
132 |
- # Cleanup docker0 since docker won't do it |
|
133 |
- ip link set docker0 down || true |
|
134 |
- brctl delbr docker0 || true |
|
135 |
- |
|
136 |
- # enable IP forwarding for ipv4 packets |
|
137 |
- sysctl -w net.ipv4.ip_forward=1 |
|
138 |
- sysctl -w net.ipv4.conf.${TUN}.forwarding=1 |
|
139 |
- |
|
140 |
- mkdir -p /etc/openshift-sdn |
|
141 |
- echo "export OPENSHIFT_CLUSTER_SUBNET=${cluster_network_cidr}" >> "/etc/openshift-sdn/config.env" |
|
142 |
- |
|
143 |
- # delete unnecessary routes |
|
144 |
- delete_local_subnet_route lbr0 || true |
|
145 |
- delete_local_subnet_route ${TUN} || true |
|
146 |
-} |
|
147 |
- |
|
148 |
-set +e |
|
149 |
-if ! docker_network_config check; then |
|
150 |
- lockwrap docker_network_config update |
|
151 |
-fi |
|
152 |
- |
|
153 |
-if ! setup_required; then |
|
154 |
- echo "SDN setup not required." |
|
155 |
- exit 140 |
|
156 |
-fi |
|
157 |
-set -e |
|
158 |
- |
|
159 |
-lockwrap setup |
160 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,113 +0,0 @@ |
1 |
-package flatsdn |
|
2 |
- |
|
3 |
-import ( |
|
4 |
- "encoding/hex" |
|
5 |
- "fmt" |
|
6 |
- log "github.com/golang/glog" |
|
7 |
- "net" |
|
8 |
- "os/exec" |
|
9 |
- "syscall" |
|
10 |
- |
|
11 |
- "github.com/openshift/openshift-sdn/pkg/netutils" |
|
12 |
- "github.com/openshift/openshift-sdn/plugins/osdn/api" |
|
13 |
-) |
|
14 |
- |
|
15 |
-type FlowController struct { |
|
16 |
-} |
|
17 |
- |
|
18 |
-func NewFlowController() *FlowController { |
|
19 |
- return &FlowController{} |
|
20 |
-} |
|
21 |
- |
|
22 |
-func (c *FlowController) Setup(localSubnetCIDR, clusterNetworkCIDR, servicesNetworkCIDR string, mtu uint) error { |
|
23 |
- _, ipnet, err := net.ParseCIDR(localSubnetCIDR) |
|
24 |
- localSubnetMaskLength, _ := ipnet.Mask.Size() |
|
25 |
- localSubnetGateway := netutils.GenerateDefaultGateway(ipnet).String() |
|
26 |
- out, err := exec.Command("openshift-sdn-kube-subnet-setup.sh", localSubnetGateway, localSubnetCIDR, fmt.Sprint(localSubnetMaskLength), clusterNetworkCIDR, servicesNetworkCIDR, fmt.Sprint(mtu)).CombinedOutput() |
|
27 |
- log.Infof("Output of setup script:\n%s", out) |
|
28 |
- if err != nil { |
|
29 |
- exitErr, ok := err.(*exec.ExitError) |
|
30 |
- if ok { |
|
31 |
- status := exitErr.ProcessState.Sys().(syscall.WaitStatus) |
|
32 |
- if status.Exited() && status.ExitStatus() == 140 { |
|
33 |
- // valid, do nothing, its just a benevolent restart |
|
34 |
- return nil |
|
35 |
- } |
|
36 |
- } |
|
37 |
- log.Errorf("Error executing setup script. \n\tOutput: %s\n\tError: %v\n", out, err) |
|
38 |
- return err |
|
39 |
- } |
|
40 |
- _, err = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0").CombinedOutput() |
|
41 |
- if err != nil { |
|
42 |
- return err |
|
43 |
- } |
|
44 |
- _, err = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", "cookie=0x0,table=0,priority=50,actions=output:2").CombinedOutput() |
|
45 |
- arprule := fmt.Sprintf("cookie=0x0,table=0,priority=100,arp,nw_dst=%s,actions=output:2", localSubnetGateway) |
|
46 |
- iprule := fmt.Sprintf("cookie=0x0,table=0,priority=100,ip,nw_dst=%s,actions=output:2", localSubnetGateway) |
|
47 |
- _, err = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", arprule).CombinedOutput() |
|
48 |
- _, err = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", iprule).CombinedOutput() |
|
49 |
- return err |
|
50 |
-} |
|
51 |
- |
|
52 |
-func (c *FlowController) AddOFRules(nodeIP, nodeSubnetCIDR, localIP string) error { |
|
53 |
- cookie := generateCookie(nodeIP) |
|
54 |
- if nodeIP == localIP { |
|
55 |
- // self, so add the input rules for containers that are not processed through kube-hooks |
|
56 |
- // for the input rules to pods, see the kube-hook |
|
57 |
- iprule := fmt.Sprintf("table=0,cookie=0x%s,priority=75,ip,nw_dst=%s,actions=output:9", cookie, nodeSubnetCIDR) |
|
58 |
- arprule := fmt.Sprintf("table=0,cookie=0x%s,priority=75,arp,nw_dst=%s,actions=output:9", cookie, nodeSubnetCIDR) |
|
59 |
- o, e := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", iprule).CombinedOutput() |
|
60 |
- log.Infof("Output of adding %s: %s (%v)", iprule, o, e) |
|
61 |
- o, e = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", arprule).CombinedOutput() |
|
62 |
- log.Infof("Output of adding %s: %s (%v)", arprule, o, e) |
|
63 |
- return e |
|
64 |
- } else { |
|
65 |
- iprule := fmt.Sprintf("table=0,cookie=0x%s,priority=100,ip,nw_dst=%s,actions=set_field:%s->tun_dst,output:1", cookie, nodeSubnetCIDR, nodeIP) |
|
66 |
- arprule := fmt.Sprintf("table=0,cookie=0x%s,priority=100,arp,nw_dst=%s,actions=set_field:%s->tun_dst,output:1", cookie, nodeSubnetCIDR, nodeIP) |
|
67 |
- o, e := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", iprule).CombinedOutput() |
|
68 |
- log.Infof("Output of adding %s: %s (%v)", iprule, o, e) |
|
69 |
- o, e = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", arprule).CombinedOutput() |
|
70 |
- log.Infof("Output of adding %s: %s (%v)", arprule, o, e) |
|
71 |
- return e |
|
72 |
- } |
|
73 |
- return nil |
|
74 |
-} |
|
75 |
- |
|
76 |
-func (c *FlowController) DelOFRules(nodeIP, localIP string) error { |
|
77 |
- log.Infof("Calling del rules for %s", nodeIP) |
|
78 |
- cookie := generateCookie(nodeIP) |
|
79 |
- if nodeIP == localIP { |
|
80 |
- iprule := fmt.Sprintf("table=0,cookie=0x%s/0xffffffff,ip,in_port=10", cookie) |
|
81 |
- arprule := fmt.Sprintf("table=0,cookie=0x%s/0xffffffff,arp,in_port=10", cookie) |
|
82 |
- o, e := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0", iprule).CombinedOutput() |
|
83 |
- log.Infof("Output of deleting local ip rules %s (%v)", o, e) |
|
84 |
- o, e = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0", arprule).CombinedOutput() |
|
85 |
- log.Infof("Output of deleting local arp rules %s (%v)", o, e) |
|
86 |
- return e |
|
87 |
- } else { |
|
88 |
- iprule := fmt.Sprintf("table=0,cookie=0x%s/0xffffffff,ip", cookie) |
|
89 |
- arprule := fmt.Sprintf("table=0,cookie=0x%s/0xffffffff,arp", cookie) |
|
90 |
- o, e := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0", iprule).CombinedOutput() |
|
91 |
- log.Infof("Output of deleting %s: %s (%v)", iprule, o, e) |
|
92 |
- o, e = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0", arprule).CombinedOutput() |
|
93 |
- log.Infof("Output of deleting %s: %s (%v)", arprule, o, e) |
|
94 |
- return e |
|
95 |
- } |
|
96 |
- return nil |
|
97 |
-} |
|
98 |
- |
|
99 |
-func generateCookie(ip string) string { |
|
100 |
- return hex.EncodeToString(net.ParseIP(ip).To4()) |
|
101 |
-} |
|
102 |
- |
|
103 |
-func (c *FlowController) AddServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error { |
|
104 |
- return nil |
|
105 |
-} |
|
106 |
- |
|
107 |
-func (c *FlowController) DelServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error { |
|
108 |
- return nil |
|
109 |
-} |
|
110 |
- |
|
111 |
-func (c *FlowController) UpdatePod(namespace, podName, containerID string, netID uint) error { |
|
112 |
- return nil |
|
113 |
-} |
114 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,84 +0,0 @@ |
1 |
-package flatsdn |
|
2 |
- |
|
3 |
-import ( |
|
4 |
- "github.com/golang/glog" |
|
5 |
- |
|
6 |
- "github.com/openshift/openshift-sdn/plugins/osdn" |
|
7 |
- "github.com/openshift/openshift-sdn/plugins/osdn/api" |
|
8 |
- oskserver "github.com/openshift/origin/pkg/cmd/server/kubernetes" |
|
9 |
- |
|
10 |
- knetwork "k8s.io/kubernetes/pkg/kubelet/network" |
|
11 |
- kubeletTypes "k8s.io/kubernetes/pkg/kubelet/types" |
|
12 |
- utilexec "k8s.io/kubernetes/pkg/util/exec" |
|
13 |
-) |
|
14 |
- |
|
15 |
-type flatsdnPlugin struct { |
|
16 |
- osdn.OvsController |
|
17 |
-} |
|
18 |
- |
|
19 |
-func NetworkPluginName() string { |
|
20 |
- return "redhat/openshift-ovs-subnet" |
|
21 |
-} |
|
22 |
- |
|
23 |
-func CreatePlugin(registry *osdn.Registry, hostname string, selfIP string, ready chan struct{}) (api.OsdnPlugin, oskserver.FilteringEndpointsConfigHandler, error) { |
|
24 |
- fsp := &flatsdnPlugin{} |
|
25 |
- |
|
26 |
- err := fsp.BaseInit(registry, NewFlowController(), fsp, hostname, selfIP, ready) |
|
27 |
- if err != nil { |
|
28 |
- return nil, nil, err |
|
29 |
- } |
|
30 |
- |
|
31 |
- return fsp, nil, err |
|
32 |
-} |
|
33 |
- |
|
34 |
-func (plugin *flatsdnPlugin) PluginStartMaster(clusterNetworkCIDR string, clusterBitsPerSubnet uint, serviceNetworkCIDR string) error { |
|
35 |
- if err := plugin.SubnetStartMaster(clusterNetworkCIDR, clusterBitsPerSubnet, serviceNetworkCIDR); err != nil { |
|
36 |
- return err |
|
37 |
- } |
|
38 |
- |
|
39 |
- return nil |
|
40 |
-} |
|
41 |
- |
|
42 |
-func (plugin *flatsdnPlugin) PluginStartNode(mtu uint) error { |
|
43 |
- if err := plugin.SubnetStartNode(mtu); err != nil { |
|
44 |
- return err |
|
45 |
- } |
|
46 |
- |
|
47 |
- return nil |
|
48 |
-} |
|
49 |
- |
|
50 |
-//----------------------------------------------- |
|
51 |
- |
|
52 |
-const ( |
|
53 |
- setUpCmd = "setup" |
|
54 |
- tearDownCmd = "teardown" |
|
55 |
- statusCmd = "status" |
|
56 |
-) |
|
57 |
- |
|
58 |
-func (plugin *flatsdnPlugin) getExecutable() string { |
|
59 |
- return "openshift-ovs-subnet" |
|
60 |
-} |
|
61 |
- |
|
62 |
-func (plugin *flatsdnPlugin) Init(host knetwork.Host) error { |
|
63 |
- return nil |
|
64 |
-} |
|
65 |
- |
|
66 |
-func (plugin *flatsdnPlugin) Name() string { |
|
67 |
- return NetworkPluginName() |
|
68 |
-} |
|
69 |
- |
|
70 |
-func (plugin *flatsdnPlugin) SetUpPod(namespace string, name string, id kubeletTypes.DockerID) error { |
|
71 |
- out, err := utilexec.New().Command(plugin.getExecutable(), setUpCmd, namespace, name, string(id)).CombinedOutput() |
|
72 |
- glog.V(5).Infof("SetUpPod 'flatsdn' network plugin output: %s, %v", string(out), err) |
|
73 |
- return err |
|
74 |
-} |
|
75 |
- |
|
76 |
-func (plugin *flatsdnPlugin) TearDownPod(namespace string, name string, id kubeletTypes.DockerID) error { |
|
77 |
- out, err := utilexec.New().Command(plugin.getExecutable(), tearDownCmd, namespace, name, string(id)).CombinedOutput() |
|
78 |
- glog.V(5).Infof("TearDownPod 'flatsdn' network plugin output: %s, %v", string(out), err) |
|
79 |
- return err |
|
80 |
-} |
|
81 |
- |
|
82 |
-func (plugin *flatsdnPlugin) Status(namespace string, name string, id kubeletTypes.DockerID) (*knetwork.PodNetworkStatus, error) { |
|
83 |
- return nil, nil |
|
84 |
-} |
85 | 1 |
deleted file mode 100755 |
... | ... |
@@ -1,126 +0,0 @@ |
1 |
-#!/bin/bash |
|
2 |
-# TODO: Reuse common portions in openshift-ovs-subnet and openshift-ovs-multitenant (probably we should handle this when we convert shell scripts to libovsdb APIs) |
|
3 |
-set -e |
|
4 |
- |
|
5 |
-lock_file=/var/lock/openshift-sdn.lock |
|
6 |
- |
|
7 |
-action=$1 |
|
8 |
-pod_namespace=$2 |
|
9 |
-pod_name=$3 |
|
10 |
-net_container=$4 |
|
11 |
-tenant_id=$5 |
|
12 |
- |
|
13 |
-lockwrap() { |
|
14 |
- ( |
|
15 |
- flock 200 |
|
16 |
- "$@" |
|
17 |
- ) 200>${lock_file} |
|
18 |
-} |
|
19 |
- |
|
20 |
-# Retrieve the name of the host-local member of the veth pair that |
|
21 |
-# connects the container (identified by pid) to the docker bridge. |
|
22 |
-get_veth_host() { |
|
23 |
- local pid=$1 |
|
24 |
- |
|
25 |
- local veth_ifindex=$(nsenter -n -t $pid -- ethtool -S eth0 | sed -n -e 's/.*peer_ifindex: //p') |
|
26 |
- # Strip a suffix starting with '@' from the interface name. |
|
27 |
- # The suffixed interface name won't be recognized by brctl or ovs-* |
|
28 |
- ip link show | sed -ne "s/^$veth_ifindex: \([^:@]*\).*/\1/p" |
|
29 |
-} |
|
30 |
- |
|
31 |
-get_ipaddr_pid_veth() { |
|
32 |
- network_mode=$(docker inspect --format "{{.HostConfig.NetworkMode}}" ${net_container}) |
|
33 |
- if [ "${network_mode}" == "host" ]; then |
|
34 |
- # quit, nothing for the SDN here |
|
35 |
- exit 0 |
|
36 |
- elif [[ "${network_mode}" =~ container:.* ]]; then |
|
37 |
- # Get pod infra container |
|
38 |
- net_container=$(echo ${network_mode} | cut -d ":" -f 2) |
|
39 |
- fi |
|
40 |
- ipaddr=$(docker inspect --format "{{.NetworkSettings.IPAddress}}" ${net_container}) |
|
41 |
- pid=$(docker inspect --format "{{.State.Pid}}" ${net_container}) |
|
42 |
- veth_host=$(get_veth_host $pid) |
|
43 |
-} |
|
44 |
- |
|
45 |
-add_ovs_port() { |
|
46 |
- brctl delif lbr0 $veth_host |
|
47 |
- ovs-vsctl add-port br0 ${veth_host} |
|
48 |
-} |
|
49 |
- |
|
50 |
-del_ovs_port() { |
|
51 |
- ovs-vsctl --if-exists del-port $veth_host |
|
52 |
-} |
|
53 |
- |
|
54 |
-add_ovs_flows() { |
|
55 |
- ovs_port=$(ovs-ofctl -O OpenFlow13 dump-ports-desc br0 | grep ${veth_host} | cut -d "(" -f 1 | tr -d ' ') |
|
56 |
- |
|
57 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=3,priority=100,in_port=${ovs_port},ip,nw_src=${ipaddr},actions=load:${tenant_id}->NXM_NX_REG0[],goto_table:4" |
|
58 |
- if [ "${tenant_id}" == "0" ]; then |
|
59 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=6,priority=150,ip,nw_dst=${ipaddr},actions=output:${ovs_port}" |
|
60 |
- else |
|
61 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=6,priority=100,ip,nw_dst=${ipaddr},reg0=${tenant_id},actions=output:${ovs_port}" |
|
62 |
- fi |
|
63 |
-} |
|
64 |
- |
|
65 |
-del_ovs_flows() { |
|
66 |
- ovs-ofctl -O OpenFlow13 del-flows br0 "table=3,ip,nw_src=${ipaddr}" |
|
67 |
- ovs-ofctl -O OpenFlow13 del-flows br0 "table=6,ip,nw_dst=${ipaddr}" |
|
68 |
-} |
|
69 |
- |
|
70 |
-add_subnet_route() { |
|
71 |
- source /etc/openshift-sdn/config.env |
|
72 |
- local subnet_route="ip route add ${OPENSHIFT_CLUSTER_SUBNET} dev eth0 proto kernel scope link src $ipaddr" |
|
73 |
- nsenter -n -t $pid -- $subnet_route |
|
74 |
-} |
|
75 |
- |
|
76 |
-Init() { |
|
77 |
- true |
|
78 |
-} |
|
79 |
- |
|
80 |
-Setup() { |
|
81 |
- get_ipaddr_pid_veth |
|
82 |
- add_ovs_port |
|
83 |
- add_ovs_flows |
|
84 |
- add_subnet_route |
|
85 |
-} |
|
86 |
- |
|
87 |
-Update() { |
|
88 |
- get_ipaddr_pid_veth |
|
89 |
- del_ovs_flows |
|
90 |
- add_ovs_flows |
|
91 |
-} |
|
92 |
- |
|
93 |
-Teardown() { |
|
94 |
- get_ipaddr_pid_veth |
|
95 |
- del_ovs_port |
|
96 |
- del_ovs_flows |
|
97 |
-} |
|
98 |
- |
|
99 |
-Status() { |
|
100 |
- # do nothing, empty output will default to address as picked by docker |
|
101 |
- true |
|
102 |
-} |
|
103 |
- |
|
104 |
-case "$action" in |
|
105 |
- init) |
|
106 |
- lockwrap Init |
|
107 |
- ;; |
|
108 |
- setup) |
|
109 |
- set -x |
|
110 |
- lockwrap Setup |
|
111 |
- ;; |
|
112 |
- update) |
|
113 |
- set -x |
|
114 |
- lockwrap Update |
|
115 |
- ;; |
|
116 |
- teardown) |
|
117 |
- set -x |
|
118 |
- lockwrap Teardown |
|
119 |
- ;; |
|
120 |
- status) |
|
121 |
- lockwrap Status |
|
122 |
- ;; |
|
123 |
- *) |
|
124 |
- echo "Bad input: $@" |
|
125 |
- exit 1 |
|
126 |
-esac |
127 | 1 |
deleted file mode 100755 |
... | ... |
@@ -1,198 +0,0 @@ |
1 |
-#!/bin/bash |
|
2 |
- |
|
3 |
-set -ex |
|
4 |
- |
|
5 |
-lock_file=/var/lock/openshift-sdn.lock |
|
6 |
-local_subnet_gateway=$1 |
|
7 |
-local_subnet_cidr=$2 |
|
8 |
-local_subnet_mask_len=$3 |
|
9 |
-cluster_network_cidr=$4 |
|
10 |
-service_network_cidr=$5 |
|
11 |
-mtu=$6 |
|
12 |
-printf 'Container network is "%s"; local host has subnet "%s", mtu "%d" and gateway "%s".\n' "${cluster_network_cidr}" "${local_subnet_cidr}" "${mtu}" "${local_subnet_gateway}" |
|
13 |
-TUN=tun0 |
|
14 |
- |
|
15 |
-# Synchronize code execution with a file lock. |
|
16 |
-function lockwrap() { |
|
17 |
- ( |
|
18 |
- flock 200 |
|
19 |
- "$@" |
|
20 |
- ) 200>${lock_file} |
|
21 |
-} |
|
22 |
- |
|
23 |
-function docker_network_config() { |
|
24 |
- if [ -z "${DOCKER_NETWORK_OPTIONS}" ]; then |
|
25 |
- DOCKER_NETWORK_OPTIONS="-b=lbr0 --mtu=${mtu}" |
|
26 |
- fi |
|
27 |
- |
|
28 |
- local conf=/run/openshift-sdn/docker-network |
|
29 |
- case "$1" in |
|
30 |
- check) |
|
31 |
- if ! grep -q -s "DOCKER_NETWORK_OPTIONS='${DOCKER_NETWORK_OPTIONS}'" $conf; then |
|
32 |
- return 1 |
|
33 |
- fi |
|
34 |
- return 0 |
|
35 |
- ;; |
|
36 |
- |
|
37 |
- update) |
|
38 |
- mkdir -p $(dirname $conf) |
|
39 |
- cat <<EOF > $conf |
|
40 |
-# This file has been modified by openshift-sdn. |
|
41 |
- |
|
42 |
-DOCKER_NETWORK_OPTIONS='${DOCKER_NETWORK_OPTIONS}' |
|
43 |
-EOF |
|
44 |
- |
|
45 |
- ## linux bridge |
|
46 |
- ip link set lbr0 down || true |
|
47 |
- brctl delbr lbr0 || true |
|
48 |
- brctl addbr lbr0 |
|
49 |
- ip addr add ${local_subnet_gateway}/${local_subnet_mask_len} dev lbr0 |
|
50 |
- ip link set lbr0 up |
|
51 |
- |
|
52 |
- if [ ! -f /.dockerinit ]; then |
|
53 |
- # disable iptables for lbr0 |
|
54 |
- # for kernel version 3.18+, module br_netfilter needs to be loaded upfront |
|
55 |
- # for older ones, br_netfilter may not exist, but is covered by bridge (bridge-utils) |
|
56 |
- # |
|
57 |
- # This operation is assumed to have been performed in advance |
|
58 |
- # for docker-in-docker deployments. |
|
59 |
- modprobe br_netfilter || true |
|
60 |
- sysctl -w net.bridge.bridge-nf-call-iptables=0 |
|
61 |
- fi |
|
62 |
- # when using --pid=host to run docker container, systemctl inside it refuses |
|
63 |
- # to work because it detects that it's running in chroot. using dbus instead |
|
64 |
- # of systemctl is just a workaround |
|
65 |
- dbus-send --system --print-reply --reply-timeout=2000 --type=method_call --dest=org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager.Reload |
|
66 |
- dbus-send --system --print-reply --reply-timeout=2000 --type=method_call --dest=org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager.RestartUnit string:'docker.service' string:'replace' |
|
67 |
- ;; |
|
68 |
- esac |
|
69 |
-} |
|
70 |
- |
|
71 |
-function setup_required() { |
|
72 |
- ip=$(echo `ip a s lbr0 2>/dev/null|awk '/inet / {print $2}'`) |
|
73 |
- if [ "$ip" != "${local_subnet_gateway}/${local_subnet_mask_len}" ]; then |
|
74 |
- return 0 |
|
75 |
- fi |
|
76 |
- if ! ovs-ofctl -O OpenFlow13 dump-flows br0 | grep -q NXM_NX_TUN_IPV4; then |
|
77 |
- return 0 |
|
78 |
- fi |
|
79 |
- return 1 |
|
80 |
-} |
|
81 |
- |
|
82 |
-# Delete the subnet routing entry created because of ip link up on device |
|
83 |
-# ip link adds local subnet route entry asynchronously |
|
84 |
-# So check for the new route entry every 100 ms upto timeout of 2 secs and |
|
85 |
-# delete the route entry. |
|
86 |
-function delete_local_subnet_route() { |
|
87 |
- local device=$1 |
|
88 |
- local time_interval=0.1 # 100 milli secs |
|
89 |
- local max_intervals=20 # timeout: 2 secs |
|
90 |
- local num_intervals=0 |
|
91 |
- local cmd="ip route | grep -q '${local_subnet_cidr} dev ${device}'" |
|
92 |
- |
|
93 |
- until $(eval $cmd) || [ $num_intervals -ge $max_intervals ]; do |
|
94 |
- sleep $time_interval |
|
95 |
- num_intervals=$((num_intervals + 1)) |
|
96 |
- done |
|
97 |
- |
|
98 |
- if [ $num_intervals -ge $max_intervals ]; then |
|
99 |
- echo "Error: ${local_subnet_cidr} route not found for dev ${device}" >&2 |
|
100 |
- return 1 |
|
101 |
- fi |
|
102 |
- ip route del ${local_subnet_cidr} dev ${device} proto kernel scope link |
|
103 |
-} |
|
104 |
- |
|
105 |
-function setup() { |
|
106 |
- # clear config file |
|
107 |
- rm -f /etc/openshift-sdn/config.env |
|
108 |
- |
|
109 |
- ## openvswitch |
|
110 |
- ovs-vsctl del-br br0 || true |
|
111 |
- ovs-vsctl add-br br0 -- set Bridge br0 fail-mode=secure |
|
112 |
- ovs-vsctl set bridge br0 protocols=OpenFlow13 |
|
113 |
- ovs-vsctl del-port br0 vxlan0 || true |
|
114 |
- ovs-vsctl add-port br0 vxlan0 -- set Interface vxlan0 type=vxlan options:remote_ip="flow" options:key="flow" ofport_request=1 |
|
115 |
- ovs-vsctl add-port br0 ${TUN} -- set Interface ${TUN} type=internal ofport_request=2 |
|
116 |
- |
|
117 |
- ip link del vlinuxbr || true |
|
118 |
- ip link add vlinuxbr type veth peer name vovsbr |
|
119 |
- ip link set vlinuxbr up |
|
120 |
- ip link set vovsbr up |
|
121 |
- ip link set vlinuxbr txqueuelen 0 |
|
122 |
- ip link set vovsbr txqueuelen 0 |
|
123 |
- brctl addif lbr0 vlinuxbr |
|
124 |
- |
|
125 |
- ovs-vsctl del-port br0 vovsbr || true |
|
126 |
- ovs-vsctl add-port br0 vovsbr -- set Interface vovsbr ofport_request=3 |
|
127 |
- |
|
128 |
- # Table 0; learn MAC addresses and continue with table 1 |
|
129 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=0, actions=learn(table=8, priority=200, hard_timeout=900, NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[], load:NXM_NX_TUN_IPV4_SRC[]->NXM_NX_TUN_IPV4_DST[], output:NXM_OF_IN_PORT[]), goto_table:1" |
|
130 |
- |
|
131 |
- # Table 1; initial dispatch |
|
132 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, arp, actions=goto_table:8" |
|
133 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, in_port=1, actions=goto_table:2" # vxlan0 |
|
134 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, in_port=2, actions=goto_table:5" # tun0 |
|
135 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, in_port=3, actions=goto_table:5" # vovsbr |
|
136 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, actions=goto_table:3" # container |
|
137 |
- |
|
138 |
- # Table 2; incoming from vxlan |
|
139 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, arp, actions=goto_table:8" |
|
140 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, priority=200, ip, nw_dst=${local_subnet_gateway}, actions=output:2" |
|
141 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, tun_id=0, actions=goto_table:5" |
|
142 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, priority=100, ip, nw_dst=${local_subnet_cidr}, actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_REG0[], goto_table:6" |
|
143 |
- |
|
144 |
- # Table 3; incoming from container; filled in by openshift-ovs-multitenant |
|
145 |
- |
|
146 |
- # Table 4; services; mostly filled in by multitenant.go |
|
147 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=4, priority=200, reg0=0, ip, nw_dst=${service_network_cidr}, actions=output:2" |
|
148 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=4, priority=100, ip, nw_dst=${service_network_cidr}, actions=drop" |
|
149 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=4, priority=0, actions=goto_table:5" |
|
150 |
- |
|
151 |
- # Table 5; general routing |
|
152 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=200, ip, nw_dst=${local_subnet_gateway}, actions=output:2" |
|
153 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=150, ip, nw_dst=${local_subnet_cidr}, actions=goto_table:6" |
|
154 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=100, ip, nw_dst=${cluster_network_cidr}, actions=goto_table:7" |
|
155 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=0, ip, actions=output:2" |
|
156 |
- |
|
157 |
- # Table 6; to local container; mostly filled in by openshift-ovs-multitenant |
|
158 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=6, priority=200, ip, reg0=0, actions=goto_table:8" |
|
159 |
- |
|
160 |
- # Table 7; to remote container; filled in by multitenant.go |
|
161 |
- |
|
162 |
- # Table 8; MAC dispatch / ARP, filled in by Table 0's learn() rule |
|
163 |
- # and with per-node vxlan ARP rules by multitenant.go |
|
164 |
- ovs-ofctl -O OpenFlow13 add-flow br0 "table=8, priority=0, arp, actions=flood" |
|
165 |
- |
|
166 |
- # setup tun address |
|
167 |
- ip addr add ${local_subnet_gateway}/${local_subnet_mask_len} dev ${TUN} |
|
168 |
- ip link set ${TUN} up |
|
169 |
- ip route add ${cluster_network_cidr} dev ${TUN} proto kernel scope link |
|
170 |
- |
|
171 |
- # Cleanup docker0 since docker won't do it |
|
172 |
- ip link set docker0 down || true |
|
173 |
- brctl delbr docker0 || true |
|
174 |
- |
|
175 |
- # enable IP forwarding for ipv4 packets |
|
176 |
- sysctl -w net.ipv4.ip_forward=1 |
|
177 |
- sysctl -w net.ipv4.conf.${TUN}.forwarding=1 |
|
178 |
- |
|
179 |
- mkdir -p /etc/openshift-sdn |
|
180 |
- echo "export OPENSHIFT_CLUSTER_SUBNET=${cluster_network_cidr}" >> "/etc/openshift-sdn/config.env" |
|
181 |
- |
|
182 |
- # delete unnecessary routes |
|
183 |
- delete_local_subnet_route lbr0 || true |
|
184 |
- delete_local_subnet_route ${TUN} || true |
|
185 |
-} |
|
186 |
- |
|
187 |
-set +e |
|
188 |
-if ! docker_network_config check; then |
|
189 |
- lockwrap docker_network_config update |
|
190 |
-fi |
|
191 |
- |
|
192 |
-if ! setup_required; then |
|
193 |
- echo "SDN setup not required." |
|
194 |
- exit 140 |
|
195 |
-fi |
|
196 |
-set -e |
|
197 |
- |
|
198 |
-lockwrap setup |
199 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,114 +0,0 @@ |
1 |
-package multitenant |
|
2 |
- |
|
3 |
-import ( |
|
4 |
- "encoding/hex" |
|
5 |
- "fmt" |
|
6 |
- log "github.com/golang/glog" |
|
7 |
- "net" |
|
8 |
- "os/exec" |
|
9 |
- "strings" |
|
10 |
- "syscall" |
|
11 |
- |
|
12 |
- "github.com/openshift/openshift-sdn/pkg/netutils" |
|
13 |
- "github.com/openshift/openshift-sdn/plugins/osdn/api" |
|
14 |
-) |
|
15 |
- |
|
16 |
-type FlowController struct { |
|
17 |
-} |
|
18 |
- |
|
19 |
-func NewFlowController() *FlowController { |
|
20 |
- return &FlowController{} |
|
21 |
-} |
|
22 |
- |
|
23 |
-func (c *FlowController) Setup(localSubnetCIDR, clusterNetworkCIDR, servicesNetworkCIDR string, mtu uint) error { |
|
24 |
- _, ipnet, err := net.ParseCIDR(localSubnetCIDR) |
|
25 |
- localSubnetMaskLength, _ := ipnet.Mask.Size() |
|
26 |
- localSubnetGateway := netutils.GenerateDefaultGateway(ipnet).String() |
|
27 |
- out, err := exec.Command("openshift-sdn-multitenant-setup.sh", localSubnetGateway, localSubnetCIDR, fmt.Sprint(localSubnetMaskLength), clusterNetworkCIDR, servicesNetworkCIDR, fmt.Sprint(mtu)).CombinedOutput() |
|
28 |
- log.Infof("Output of setup script:\n%s", out) |
|
29 |
- if err != nil { |
|
30 |
- exitErr, ok := err.(*exec.ExitError) |
|
31 |
- if ok { |
|
32 |
- status := exitErr.ProcessState.Sys().(syscall.WaitStatus) |
|
33 |
- if status.Exited() && status.ExitStatus() == 140 { |
|
34 |
- // valid, do nothing, its just a benevolent restart |
|
35 |
- return nil |
|
36 |
- } |
|
37 |
- } |
|
38 |
- log.Errorf("Error executing setup script. \n\tOutput: %s\n\tError: %v\n", out, err) |
|
39 |
- return err |
|
40 |
- } |
|
41 |
- return nil |
|
42 |
-} |
|
43 |
- |
|
44 |
-func (c *FlowController) AddOFRules(nodeIP, nodeSubnetCIDR, localIP string) error { |
|
45 |
- if nodeIP == localIP { |
|
46 |
- return nil |
|
47 |
- } |
|
48 |
- |
|
49 |
- cookie := generateCookie(nodeIP) |
|
50 |
- iprule := fmt.Sprintf("table=7,cookie=0x%s,priority=100,ip,nw_dst=%s,actions=move:NXM_NX_REG0[]->NXM_NX_TUN_ID[0..31],set_field:%s->tun_dst,output:1", cookie, nodeSubnetCIDR, nodeIP) |
|
51 |
- arprule := fmt.Sprintf("table=8,cookie=0x%s,priority=100,arp,nw_dst=%s,actions=move:NXM_NX_REG0[]->NXM_NX_TUN_ID[0..31],set_field:%s->tun_dst,output:1", cookie, nodeSubnetCIDR, nodeIP) |
|
52 |
- o, e := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", iprule).CombinedOutput() |
|
53 |
- log.Infof("Output of adding %s: %s (%v)", iprule, o, e) |
|
54 |
- o, e = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", arprule).CombinedOutput() |
|
55 |
- log.Infof("Output of adding %s: %s (%v)", arprule, o, e) |
|
56 |
- return e |
|
57 |
-} |
|
58 |
- |
|
59 |
-func (c *FlowController) DelOFRules(nodeIP, localIP string) error { |
|
60 |
- if nodeIP == localIP { |
|
61 |
- return nil |
|
62 |
- } |
|
63 |
- |
|
64 |
- log.Infof("Calling del rules for %s", nodeIP) |
|
65 |
- cookie := generateCookie(nodeIP) |
|
66 |
- iprule := fmt.Sprintf("table=7,cookie=0x%s/0xffffffff", cookie) |
|
67 |
- arprule := fmt.Sprintf("table=8,cookie=0x%s/0xffffffff", cookie) |
|
68 |
- o, e := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0", iprule).CombinedOutput() |
|
69 |
- log.Infof("Output of deleting local ip rules %s (%v)", o, e) |
|
70 |
- o, e = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0", arprule).CombinedOutput() |
|
71 |
- log.Infof("Output of deleting local arp rules %s (%v)", o, e) |
|
72 |
- return e |
|
73 |
-} |
|
74 |
- |
|
75 |
-func generateCookie(ip string) string { |
|
76 |
- return hex.EncodeToString(net.ParseIP(ip).To4()) |
|
77 |
-} |
|
78 |
- |
|
79 |
-func (c *FlowController) AddServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error { |
|
80 |
- rule := generateAddServiceRule(netID, IP, protocol, port) |
|
81 |
- o, e := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", rule).CombinedOutput() |
|
82 |
- log.Infof("Output of adding %s: %s (%v)", rule, o, e) |
|
83 |
- return e |
|
84 |
-} |
|
85 |
- |
|
86 |
-func (c *FlowController) DelServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error { |
|
87 |
- rule := generateDelServiceRule(IP, protocol, port) |
|
88 |
- o, e := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0", rule).CombinedOutput() |
|
89 |
- log.Infof("Output of deleting %s: %s (%v)", rule, o, e) |
|
90 |
- return e |
|
91 |
-} |
|
92 |
- |
|
93 |
-func generateBaseServiceRule(IP string, protocol api.ServiceProtocol, port uint) string { |
|
94 |
- return fmt.Sprintf("table=4,%s,nw_dst=%s,tp_dst=%d", strings.ToLower(string(protocol)), IP, port) |
|
95 |
-} |
|
96 |
- |
|
97 |
-func generateAddServiceRule(netID uint, IP string, protocol api.ServiceProtocol, port uint) string { |
|
98 |
- baseRule := generateBaseServiceRule(IP, protocol, port) |
|
99 |
- if netID == 0 { |
|
100 |
- return fmt.Sprintf("%s,priority=200,actions=output:2", baseRule) |
|
101 |
- } else { |
|
102 |
- return fmt.Sprintf("%s,priority=200,reg0=%d,actions=output:2", baseRule, netID) |
|
103 |
- } |
|
104 |
-} |
|
105 |
- |
|
106 |
-func generateDelServiceRule(IP string, protocol api.ServiceProtocol, port uint) string { |
|
107 |
- return generateBaseServiceRule(IP, protocol, port) |
|
108 |
-} |
|
109 |
- |
|
110 |
-func (c *FlowController) UpdatePod(namespace, podName, containerID string, netID uint) error { |
|
111 |
- out, err := exec.Command("openshift-ovs-multitenant", "update", namespace, podName, containerID, fmt.Sprint(netID)).CombinedOutput() |
|
112 |
- log.V(5).Infof("UpdatePod output: %s, error: %v", out, err) |
|
113 |
- return err |
|
114 |
-} |
115 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,100 +0,0 @@ |
1 |
-package multitenant |
|
2 |
- |
|
3 |
-import ( |
|
4 |
- "fmt" |
|
5 |
- "strconv" |
|
6 |
- |
|
7 |
- "github.com/golang/glog" |
|
8 |
- |
|
9 |
- "github.com/openshift/openshift-sdn/plugins/osdn" |
|
10 |
- "github.com/openshift/openshift-sdn/plugins/osdn/api" |
|
11 |
- oskserver "github.com/openshift/origin/pkg/cmd/server/kubernetes" |
|
12 |
- |
|
13 |
- knetwork "k8s.io/kubernetes/pkg/kubelet/network" |
|
14 |
- kubeletTypes "k8s.io/kubernetes/pkg/kubelet/types" |
|
15 |
- utilexec "k8s.io/kubernetes/pkg/util/exec" |
|
16 |
-) |
|
17 |
- |
|
18 |
-type multitenantPlugin struct { |
|
19 |
- osdn.OvsController |
|
20 |
-} |
|
21 |
- |
|
22 |
-func NetworkPluginName() string { |
|
23 |
- return "redhat/openshift-ovs-multitenant" |
|
24 |
-} |
|
25 |
- |
|
26 |
-func CreatePlugin(registry *osdn.Registry, hostname string, selfIP string, ready chan struct{}) (api.OsdnPlugin, oskserver.FilteringEndpointsConfigHandler, error) { |
|
27 |
- mtp := &multitenantPlugin{} |
|
28 |
- |
|
29 |
- err := mtp.BaseInit(registry, NewFlowController(), mtp, hostname, selfIP, ready) |
|
30 |
- if err != nil { |
|
31 |
- return nil, nil, err |
|
32 |
- } |
|
33 |
- |
|
34 |
- return mtp, registry, err |
|
35 |
-} |
|
36 |
- |
|
37 |
-func (plugin *multitenantPlugin) PluginStartMaster(clusterNetworkCIDR string, clusterBitsPerSubnet uint, serviceNetworkCIDR string) error { |
|
38 |
- if err := plugin.SubnetStartMaster(clusterNetworkCIDR, clusterBitsPerSubnet, serviceNetworkCIDR); err != nil { |
|
39 |
- return err |
|
40 |
- } |
|
41 |
- |
|
42 |
- if err := plugin.VnidStartMaster(); err != nil { |
|
43 |
- return err |
|
44 |
- } |
|
45 |
- |
|
46 |
- return nil |
|
47 |
-} |
|
48 |
- |
|
49 |
-func (plugin *multitenantPlugin) PluginStartNode(mtu uint) error { |
|
50 |
- if err := plugin.SubnetStartNode(mtu); err != nil { |
|
51 |
- return err |
|
52 |
- } |
|
53 |
- |
|
54 |
- if err := plugin.VnidStartNode(); err != nil { |
|
55 |
- return err |
|
56 |
- } |
|
57 |
- |
|
58 |
- return nil |
|
59 |
-} |
|
60 |
- |
|
61 |
-//----------------------------------------------- |
|
62 |
- |
|
63 |
-const ( |
|
64 |
- setUpCmd = "setup" |
|
65 |
- tearDownCmd = "teardown" |
|
66 |
- statusCmd = "status" |
|
67 |
-) |
|
68 |
- |
|
69 |
-func (plugin *multitenantPlugin) getExecutable() string { |
|
70 |
- return "openshift-ovs-multitenant" |
|
71 |
-} |
|
72 |
- |
|
73 |
-func (plugin *multitenantPlugin) Init(host knetwork.Host) error { |
|
74 |
- return nil |
|
75 |
-} |
|
76 |
- |
|
77 |
-func (plugin *multitenantPlugin) Name() string { |
|
78 |
- return NetworkPluginName() |
|
79 |
-} |
|
80 |
- |
|
81 |
-func (plugin *multitenantPlugin) SetUpPod(namespace string, name string, id kubeletTypes.DockerID) error { |
|
82 |
- vnid, found := plugin.VNIDMap[namespace] |
|
83 |
- if !found { |
|
84 |
- return fmt.Errorf("Error fetching VNID for namespace: %s", namespace) |
|
85 |
- } |
|
86 |
- out, err := utilexec.New().Command(plugin.getExecutable(), setUpCmd, namespace, name, string(id), strconv.FormatUint(uint64(vnid), 10)).CombinedOutput() |
|
87 |
- glog.V(5).Infof("SetUpPod 'multitenant' network plugin output: %s, %v", string(out), err) |
|
88 |
- return err |
|
89 |
-} |
|
90 |
- |
|
91 |
-func (plugin *multitenantPlugin) TearDownPod(namespace string, name string, id kubeletTypes.DockerID) error { |
|
92 |
- // The script's teardown functionality doesn't need the VNID |
|
93 |
- out, err := utilexec.New().Command(plugin.getExecutable(), tearDownCmd, namespace, name, string(id), "-1").CombinedOutput() |
|
94 |
- glog.V(5).Infof("TearDownPod 'multitenant' network plugin output: %s, %v", string(out), err) |
|
95 |
- return err |
|
96 |
-} |
|
97 |
- |
|
98 |
-func (plugin *multitenantPlugin) Status(namespace string, name string, id kubeletTypes.DockerID) (*knetwork.PodNetworkStatus, error) { |
|
99 |
- return nil, nil |
|
100 |
-} |
101 | 1 |
new file mode 100755 |
... | ... |
@@ -0,0 +1,135 @@ |
0 |
+#!/bin/bash |
|
1 |
+set -e |
|
2 |
+ |
|
3 |
+lock_file=/var/lock/openshift-sdn.lock |
|
4 |
+ |
|
5 |
+action=$1 |
|
6 |
+pod_namespace=$2 |
|
7 |
+pod_name=$3 |
|
8 |
+net_container=$4 |
|
9 |
+tenant_id=$5 |
|
10 |
+ |
|
11 |
+lockwrap() { |
|
12 |
+ ( |
|
13 |
+ flock 200 |
|
14 |
+ "$@" |
|
15 |
+ ) 200>${lock_file} |
|
16 |
+} |
|
17 |
+ |
|
18 |
+# Retrieve the name of the host-local member of the veth pair that |
|
19 |
+# connects the container (identified by pid) to the docker bridge. |
|
20 |
+get_veth_host() { |
|
21 |
+ local pid=$1 |
|
22 |
+ |
|
23 |
+ local veth_ifindex=$(nsenter -n -t $pid -- ethtool -S eth0 | sed -n -e 's/.*peer_ifindex: //p') |
|
24 |
+ # Strip a suffix starting with '@' from the interface name. |
|
25 |
+ # The suffixed interface name won't be recognized by brctl or ovs-* |
|
26 |
+ ip link show | sed -ne "s/^$veth_ifindex: \([^:@]*\).*/\1/p" |
|
27 |
+} |
|
28 |
+ |
|
29 |
+get_ipaddr_pid_veth() { |
|
30 |
+ network_mode=$(docker inspect --format "{{.HostConfig.NetworkMode}}" ${net_container}) |
|
31 |
+ if [ "${network_mode}" == "host" ]; then |
|
32 |
+ # quit, nothing for the SDN here |
|
33 |
+ exit 0 |
|
34 |
+ elif [[ "${network_mode}" =~ container:.* ]]; then |
|
35 |
+ # Get pod infra container |
|
36 |
+ net_container=$(echo ${network_mode} | cut -d ":" -f 2) |
|
37 |
+ fi |
|
38 |
+ ipaddr=$(docker inspect --format "{{.NetworkSettings.IPAddress}}" ${net_container}) |
|
39 |
+ pid=$(docker inspect --format "{{.State.Pid}}" ${net_container}) |
|
40 |
+ veth_host=$(get_veth_host $pid) |
|
41 |
+} |
|
42 |
+ |
|
43 |
+add_ovs_port() { |
|
44 |
+ brctl delif lbr0 $veth_host |
|
45 |
+ ovs-vsctl add-port br0 ${veth_host} |
|
46 |
+} |
|
47 |
+ |
|
48 |
+del_ovs_port() { |
|
49 |
+ ovs-vsctl --if-exists del-port $veth_host |
|
50 |
+} |
|
51 |
+ |
|
52 |
+add_ovs_flows() { |
|
53 |
+ ovs_port=$(ovs-ofctl -O OpenFlow13 dump-ports-desc br0 | grep ${veth_host} | cut -d "(" -f 1 | tr -d ' ') |
|
54 |
+ |
|
55 |
+ case $tenant_id in |
|
56 |
+ -1) # single-tenant plugin |
|
57 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=0,priority=100,ip,nw_dst=${ipaddr},actions=output:${ovs_port}" |
|
58 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=0,priority=100,arp,nw_dst=${ipaddr},actions=output:${ovs_port}" |
|
59 |
+ ;; |
|
60 |
+ |
|
61 |
+ 0) # multi-tenant plugin, admin namespace |
|
62 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=3,priority=100,in_port=${ovs_port},ip,nw_src=${ipaddr},actions=load:${tenant_id}->NXM_NX_REG0[],goto_table:4" |
|
63 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=6,priority=150,ip,nw_dst=${ipaddr},actions=output:${ovs_port}" |
|
64 |
+ ;; |
|
65 |
+ |
|
66 |
+ *) # multi-tenant plugin, normal namespace |
|
67 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=3,priority=100,in_port=${ovs_port},ip,nw_src=${ipaddr},actions=load:${tenant_id}->NXM_NX_REG0[],goto_table:4" |
|
68 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=6,priority=100,ip,nw_dst=${ipaddr},reg0=${tenant_id},actions=output:${ovs_port}" |
|
69 |
+ ;; |
|
70 |
+ esac |
|
71 |
+} |
|
72 |
+ |
|
73 |
+del_ovs_flows() { |
|
74 |
+ ovs-ofctl -O OpenFlow13 del-flows br0 "ip,nw_dst=${ipaddr}" |
|
75 |
+ ovs-ofctl -O OpenFlow13 del-flows br0 "arp,nw_dst=${ipaddr}" |
|
76 |
+} |
|
77 |
+ |
|
78 |
+add_subnet_route() { |
|
79 |
+ source /etc/openshift-sdn/config.env |
|
80 |
+ local subnet_route="ip route add ${OPENSHIFT_CLUSTER_SUBNET} dev eth0 proto kernel scope link src $ipaddr" |
|
81 |
+ nsenter -n -t $pid -- $subnet_route |
|
82 |
+} |
|
83 |
+ |
|
84 |
+Init() { |
|
85 |
+ true |
|
86 |
+} |
|
87 |
+ |
|
88 |
+Setup() { |
|
89 |
+ get_ipaddr_pid_veth |
|
90 |
+ add_ovs_port |
|
91 |
+ add_ovs_flows |
|
92 |
+ add_subnet_route |
|
93 |
+} |
|
94 |
+ |
|
95 |
+Update() { |
|
96 |
+ get_ipaddr_pid_veth |
|
97 |
+ del_ovs_flows |
|
98 |
+ add_ovs_flows |
|
99 |
+} |
|
100 |
+ |
|
101 |
+Teardown() { |
|
102 |
+ get_ipaddr_pid_veth |
|
103 |
+ del_ovs_port |
|
104 |
+ del_ovs_flows |
|
105 |
+} |
|
106 |
+ |
|
107 |
+Status() { |
|
108 |
+ # do nothing, empty output will default to address as picked by docker |
|
109 |
+ true |
|
110 |
+} |
|
111 |
+ |
|
112 |
+case "$action" in |
|
113 |
+ init) |
|
114 |
+ lockwrap Init |
|
115 |
+ ;; |
|
116 |
+ setup) |
|
117 |
+ set -x |
|
118 |
+ lockwrap Setup |
|
119 |
+ ;; |
|
120 |
+ update) |
|
121 |
+ set -x |
|
122 |
+ lockwrap Update |
|
123 |
+ ;; |
|
124 |
+ teardown) |
|
125 |
+ set -x |
|
126 |
+ lockwrap Teardown |
|
127 |
+ ;; |
|
128 |
+ status) |
|
129 |
+ lockwrap Status |
|
130 |
+ ;; |
|
131 |
+ *) |
|
132 |
+ echo "Bad input: $@" |
|
133 |
+ exit 1 |
|
134 |
+esac |
0 | 135 |
new file mode 100755 |
... | ... |
@@ -0,0 +1,214 @@ |
0 |
+#!/bin/bash |
|
1 |
+ |
|
2 |
+set -ex |
|
3 |
+ |
|
4 |
+lock_file=/var/lock/openshift-sdn.lock |
|
5 |
+local_subnet_gateway=$1 |
|
6 |
+local_subnet_cidr=$2 |
|
7 |
+local_subnet_mask_len=$3 |
|
8 |
+cluster_network_cidr=$4 |
|
9 |
+service_network_cidr=$5 |
|
10 |
+mtu=$6 |
|
11 |
+multitenant=$7 |
|
12 |
+printf 'Container network is "%s"; local host has subnet "%s", mtu "%d" and gateway "%s".\n' "${cluster_network_cidr}" "${local_subnet_cidr}" "${mtu}" "${local_subnet_gateway}" |
|
13 |
+TUN=tun0 |
|
14 |
+ |
|
15 |
+# Synchronize code execution with a file lock. |
|
16 |
+function lockwrap() { |
|
17 |
+ ( |
|
18 |
+ flock 200 |
|
19 |
+ "$@" |
|
20 |
+ ) 200>${lock_file} |
|
21 |
+} |
|
22 |
+ |
|
23 |
+function docker_network_config() { |
|
24 |
+ if [ -z "${DOCKER_NETWORK_OPTIONS}" ]; then |
|
25 |
+ DOCKER_NETWORK_OPTIONS="-b=lbr0 --mtu=${mtu}" |
|
26 |
+ fi |
|
27 |
+ |
|
28 |
+ local conf=/run/openshift-sdn/docker-network |
|
29 |
+ case "$1" in |
|
30 |
+ check) |
|
31 |
+ if ! grep -q -s "DOCKER_NETWORK_OPTIONS='${DOCKER_NETWORK_OPTIONS}'" $conf; then |
|
32 |
+ return 1 |
|
33 |
+ fi |
|
34 |
+ return 0 |
|
35 |
+ ;; |
|
36 |
+ |
|
37 |
+ update) |
|
38 |
+ mkdir -p $(dirname $conf) |
|
39 |
+ cat <<EOF > $conf |
|
40 |
+# This file has been modified by openshift-sdn. |
|
41 |
+ |
|
42 |
+DOCKER_NETWORK_OPTIONS='${DOCKER_NETWORK_OPTIONS}' |
|
43 |
+EOF |
|
44 |
+ ## linux bridge |
|
45 |
+ ip link set lbr0 down || true |
|
46 |
+ brctl delbr lbr0 || true |
|
47 |
+ brctl addbr lbr0 |
|
48 |
+ ip addr add ${local_subnet_gateway}/${local_subnet_mask_len} dev lbr0 |
|
49 |
+ ip link set lbr0 up |
|
50 |
+ |
|
51 |
+ if [ ! -f /.dockerinit ]; then |
|
52 |
+ # disable iptables for lbr0 |
|
53 |
+ # for kernel version 3.18+, module br_netfilter needs to be loaded upfront |
|
54 |
+ # for older ones, br_netfilter may not exist, but is covered by bridge (bridge-utils) |
|
55 |
+ # |
|
56 |
+ # This operation is assumed to have been performed in advance |
|
57 |
+ # for docker-in-docker deployments. |
|
58 |
+ modprobe br_netfilter || true |
|
59 |
+ sysctl -w net.bridge.bridge-nf-call-iptables=0 |
|
60 |
+ fi |
|
61 |
+ # when using --pid=host to run docker container, systemctl inside it refuses |
|
62 |
+ # to work because it detects that it's running in chroot. using dbus instead |
|
63 |
+ # of systemctl is just a workaround |
|
64 |
+ dbus-send --system --print-reply --reply-timeout=2000 --type=method_call --dest=org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager.Reload |
|
65 |
+ dbus-send --system --print-reply --reply-timeout=2000 --type=method_call --dest=org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager.RestartUnit string:'docker.service' string:'replace' |
|
66 |
+ ;; |
|
67 |
+ esac |
|
68 |
+} |
|
69 |
+ |
|
70 |
+function setup_required() { |
|
71 |
+ ip=$(echo `ip a s lbr0 2>/dev/null|awk '/inet / {print $2}'`) |
|
72 |
+ if [ "$ip" != "${local_subnet_gateway}/${local_subnet_mask_len}" ]; then |
|
73 |
+ return 0 |
|
74 |
+ fi |
|
75 |
+ if [ "$multitenant" = "true" ]; then |
|
76 |
+ flow_rule='NXM_NX_TUN_IPV4' |
|
77 |
+ else |
|
78 |
+ flow_rule='table=0.*arp' |
|
79 |
+ fi |
|
80 |
+ if ! ovs-ofctl -O OpenFlow13 dump-flows br0 | grep -q $flow_rule; then |
|
81 |
+ return 0 |
|
82 |
+ fi |
|
83 |
+ return 1 |
|
84 |
+} |
|
85 |
+ |
|
86 |
+# Delete the subnet routing entry created because of ip link up on device |
|
87 |
+# ip link adds local subnet route entry asynchronously |
|
88 |
+# So check for the new route entry every 100 ms upto timeout of 2 secs and |
|
89 |
+# delete the route entry. |
|
90 |
+function delete_local_subnet_route() { |
|
91 |
+ local device=$1 |
|
92 |
+ local time_interval=0.1 # 100 milli secs |
|
93 |
+ local max_intervals=20 # timeout: 2 secs |
|
94 |
+ local num_intervals=0 |
|
95 |
+ local cmd="ip route | grep -q '${local_subnet_cidr} dev ${device}'" |
|
96 |
+ |
|
97 |
+ until $(eval $cmd) || [ $num_intervals -ge $max_intervals ]; do |
|
98 |
+ sleep $time_interval |
|
99 |
+ num_intervals=$((num_intervals + 1)) |
|
100 |
+ done |
|
101 |
+ |
|
102 |
+ if [ $num_intervals -ge $max_intervals ]; then |
|
103 |
+ echo "Error: ${local_subnet_cidr} route not found for dev ${device}" >&2 |
|
104 |
+ return 1 |
|
105 |
+ fi |
|
106 |
+ ip route del ${local_subnet_cidr} dev ${device} proto kernel scope link |
|
107 |
+} |
|
108 |
+ |
|
109 |
+function setup() { |
|
110 |
+ # clear config file |
|
111 |
+ rm -f /etc/openshift-sdn/config.env |
|
112 |
+ |
|
113 |
+ ## openvswitch |
|
114 |
+ ovs-vsctl del-br br0 || true |
|
115 |
+ ovs-vsctl add-br br0 -- set Bridge br0 fail-mode=secure |
|
116 |
+ ovs-vsctl set bridge br0 protocols=OpenFlow13 |
|
117 |
+ ovs-vsctl del-port br0 vxlan0 || true |
|
118 |
+ ovs-vsctl add-port br0 vxlan0 -- set Interface vxlan0 type=vxlan options:remote_ip="flow" options:key="flow" ofport_request=1 |
|
119 |
+ ovs-vsctl add-port br0 ${TUN} -- set Interface ${TUN} type=internal ofport_request=2 |
|
120 |
+ |
|
121 |
+ ip link del vlinuxbr || true |
|
122 |
+ ip link add vlinuxbr type veth peer name vovsbr |
|
123 |
+ ip link set vlinuxbr up |
|
124 |
+ ip link set vovsbr up |
|
125 |
+ ip link set vlinuxbr txqueuelen 0 |
|
126 |
+ ip link set vovsbr txqueuelen 0 |
|
127 |
+ brctl addif lbr0 vlinuxbr |
|
128 |
+ |
|
129 |
+ if [ "$multitenant" = "true" ]; then |
|
130 |
+ ovs-vsctl del-port br0 vovsbr || true |
|
131 |
+ ovs-vsctl add-port br0 vovsbr -- set Interface vovsbr ofport_request=3 |
|
132 |
+ |
|
133 |
+ # Table 0; learn MAC addresses and continue with table 1 |
|
134 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=0, actions=learn(table=8, priority=200, hard_timeout=900, NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[], load:NXM_NX_TUN_IPV4_SRC[]->NXM_NX_TUN_IPV4_DST[], output:NXM_OF_IN_PORT[]), goto_table:1" |
|
135 |
+ |
|
136 |
+ # Table 1; initial dispatch |
|
137 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, arp, actions=goto_table:8" |
|
138 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, in_port=1, actions=goto_table:2" # vxlan0 |
|
139 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, in_port=2, actions=goto_table:5" # tun0 |
|
140 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, in_port=3, actions=goto_table:5" # vovsbr |
|
141 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, actions=goto_table:3" # container |
|
142 |
+ |
|
143 |
+ # Table 2; incoming from vxlan |
|
144 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, arp, actions=goto_table:8" |
|
145 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, priority=200, ip, nw_dst=${local_subnet_gateway}, actions=output:2" |
|
146 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, tun_id=0, actions=goto_table:5" |
|
147 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, priority=100, ip, nw_dst=${local_subnet_cidr}, actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_REG0[], goto_table:6" |
|
148 |
+ |
|
149 |
+ # Table 3; incoming from container; filled in by openshift-sdn-ovs |
|
150 |
+ |
|
151 |
+ # Table 4; services; mostly filled in by controller.go |
|
152 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=4, priority=200, reg0=0, ip, nw_dst=${service_network_cidr}, actions=output:2" |
|
153 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=4, priority=100, ip, nw_dst=${service_network_cidr}, actions=drop" |
|
154 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=4, priority=0, actions=goto_table:5" |
|
155 |
+ |
|
156 |
+ # Table 5; general routing |
|
157 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=200, ip, nw_dst=${local_subnet_gateway}, actions=output:2" |
|
158 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=150, ip, nw_dst=${local_subnet_cidr}, actions=goto_table:6" |
|
159 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=100, ip, nw_dst=${cluster_network_cidr}, actions=goto_table:7" |
|
160 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=0, ip, actions=output:2" |
|
161 |
+ |
|
162 |
+ # Table 6; to local container; mostly filled in by openshift-sdn-ovs |
|
163 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=6, priority=200, ip, reg0=0, actions=goto_table:8" |
|
164 |
+ |
|
165 |
+ # Table 7; to remote container; filled in by controller.go |
|
166 |
+ |
|
167 |
+ # Table 8; MAC dispatch / ARP, filled in by Table 0's learn() rule |
|
168 |
+ # and with per-node vxlan ARP rules by controller.go |
|
169 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=8, priority=0, arp, actions=flood" |
|
170 |
+ else |
|
171 |
+ ovs-vsctl del-port br0 vovsbr || true |
|
172 |
+ ovs-vsctl add-port br0 vovsbr -- set Interface vovsbr ofport_request=9 |
|
173 |
+ |
|
174 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=0,priority=100,arp,nw_dst=${local_subnet_gateway},actions=output:2" |
|
175 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=0,priority=100,ip,nw_dst=${local_subnet_gateway},actions=output:2" |
|
176 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=0,priority=75,ip,nw_dst=${local_subnet_cidr},actions=output:9" |
|
177 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=0,priority=75,arp,nw_dst=${local_subnet_cidr},actions=output:9" |
|
178 |
+ ovs-ofctl -O OpenFlow13 add-flow br0 "table=0,priority=50,actions=output:2" |
|
179 |
+ fi |
|
180 |
+ |
|
181 |
+ # setup tun address |
|
182 |
+ ip addr add ${local_subnet_gateway}/${local_subnet_mask_len} dev ${TUN} |
|
183 |
+ ip link set ${TUN} up |
|
184 |
+ ip route add ${cluster_network_cidr} dev ${TUN} proto kernel scope link |
|
185 |
+ |
|
186 |
+ # Cleanup docker0 since docker won't do it |
|
187 |
+ ip link set docker0 down || true |
|
188 |
+ brctl delbr docker0 || true |
|
189 |
+ |
|
190 |
+ # enable IP forwarding for ipv4 packets |
|
191 |
+ sysctl -w net.ipv4.ip_forward=1 |
|
192 |
+ sysctl -w net.ipv4.conf.${TUN}.forwarding=1 |
|
193 |
+ |
|
194 |
+ mkdir -p /etc/openshift-sdn |
|
195 |
+ echo "export OPENSHIFT_CLUSTER_SUBNET=${cluster_network_cidr}" >> "/etc/openshift-sdn/config.env" |
|
196 |
+ |
|
197 |
+ # delete unnecessary routes |
|
198 |
+ delete_local_subnet_route lbr0 || true |
|
199 |
+ delete_local_subnet_route ${TUN} || true |
|
200 |
+} |
|
201 |
+ |
|
202 |
+set +e |
|
203 |
+if ! docker_network_config check; then |
|
204 |
+ lockwrap docker_network_config update |
|
205 |
+fi |
|
206 |
+ |
|
207 |
+if ! setup_required; then |
|
208 |
+ echo "SDN setup not required." |
|
209 |
+ exit 140 |
|
210 |
+fi |
|
211 |
+set -e |
|
212 |
+ |
|
213 |
+lockwrap setup |
0 | 214 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,161 @@ |
0 |
+package ovs |
|
1 |
+ |
|
2 |
+import ( |
|
3 |
+ "encoding/hex" |
|
4 |
+ "fmt" |
|
5 |
+ "github.com/golang/glog" |
|
6 |
+ "net" |
|
7 |
+ "os/exec" |
|
8 |
+ "strings" |
|
9 |
+ "syscall" |
|
10 |
+ |
|
11 |
+ "github.com/openshift/openshift-sdn/pkg/netutils" |
|
12 |
+ "github.com/openshift/openshift-sdn/plugins/osdn/api" |
|
13 |
+) |
|
14 |
+ |
|
15 |
+type FlowController struct { |
|
16 |
+ multitenant bool |
|
17 |
+} |
|
18 |
+ |
|
19 |
+func NewFlowController(multitenant bool) *FlowController { |
|
20 |
+ return &FlowController{multitenant} |
|
21 |
+} |
|
22 |
+ |
|
23 |
+func (c *FlowController) Setup(localSubnetCIDR, clusterNetworkCIDR, servicesNetworkCIDR string, mtu uint) error { |
|
24 |
+ _, ipnet, err := net.ParseCIDR(localSubnetCIDR) |
|
25 |
+ localSubnetMaskLength, _ := ipnet.Mask.Size() |
|
26 |
+ localSubnetGateway := netutils.GenerateDefaultGateway(ipnet).String() |
|
27 |
+ out, err := exec.Command("openshift-sdn-ovs-setup.sh", localSubnetGateway, localSubnetCIDR, fmt.Sprint(localSubnetMaskLength), clusterNetworkCIDR, servicesNetworkCIDR, fmt.Sprint(mtu), fmt.Sprint(c.multitenant)).CombinedOutput() |
|
28 |
+ if err != nil { |
|
29 |
+ glog.Infof("Output of setup script:\n%s", out) |
|
30 |
+ exitErr, ok := err.(*exec.ExitError) |
|
31 |
+ if ok { |
|
32 |
+ status := exitErr.ProcessState.Sys().(syscall.WaitStatus) |
|
33 |
+ if status.Exited() && status.ExitStatus() == 140 { |
|
34 |
+ // valid, do nothing, its just a benevolent restart |
|
35 |
+ return nil |
|
36 |
+ } |
|
37 |
+ } |
|
38 |
+ glog.Errorf("Error executing setup script: %v\n", err) |
|
39 |
+ return err |
|
40 |
+ } else { |
|
41 |
+ glog.V(5).Infof("Output of setup script:\n%s", out) |
|
42 |
+ } |
|
43 |
+ return nil |
|
44 |
+} |
|
45 |
+ |
|
46 |
+func (c *FlowController) GetName() string { |
|
47 |
+ if c.multitenant { |
|
48 |
+ return MultiTenantPluginName() |
|
49 |
+ } else { |
|
50 |
+ return SingleTenantPluginName() |
|
51 |
+ } |
|
52 |
+} |
|
53 |
+ |
|
54 |
+func (c *FlowController) AddOFRules(nodeIP, nodeSubnetCIDR, localIP string) error { |
|
55 |
+ if nodeIP == localIP { |
|
56 |
+ return nil |
|
57 |
+ } |
|
58 |
+ |
|
59 |
+ glog.V(5).Infof("AddOFRules for %s", nodeIP) |
|
60 |
+ |
|
61 |
+ var iprule, arprule string |
|
62 |
+ cookie := generateCookie(nodeIP) |
|
63 |
+ if c.multitenant { |
|
64 |
+ iprule = fmt.Sprintf("table=7,cookie=0x%s,priority=100,ip,nw_dst=%s,actions=move:NXM_NX_REG0[]->NXM_NX_TUN_ID[0..31],set_field:%s->tun_dst,output:1", cookie, nodeSubnetCIDR, nodeIP) |
|
65 |
+ arprule = fmt.Sprintf("table=8,cookie=0x%s,priority=100,arp,nw_dst=%s,actions=move:NXM_NX_REG0[]->NXM_NX_TUN_ID[0..31],set_field:%s->tun_dst,output:1", cookie, nodeSubnetCIDR, nodeIP) |
|
66 |
+ } else { |
|
67 |
+ iprule = fmt.Sprintf("table=0,cookie=0x%s,priority=100,ip,nw_dst=%s,actions=set_field:%s->tun_dst,output:1", cookie, nodeSubnetCIDR, nodeIP) |
|
68 |
+ arprule = fmt.Sprintf("table=0,cookie=0x%s,priority=100,arp,nw_dst=%s,actions=set_field:%s->tun_dst,output:1", cookie, nodeSubnetCIDR, nodeIP) |
|
69 |
+ } |
|
70 |
+ out, err := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", iprule).CombinedOutput() |
|
71 |
+ if err != nil { |
|
72 |
+ glog.Errorf("Error adding flow %q: %s (%v)", iprule, out, err) |
|
73 |
+ return err |
|
74 |
+ } |
|
75 |
+ out, err = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", arprule).CombinedOutput() |
|
76 |
+ if err != nil { |
|
77 |
+ glog.Errorf("Error adding flow %q: %s (%v)", arprule, out, err) |
|
78 |
+ return err |
|
79 |
+ } |
|
80 |
+ return nil |
|
81 |
+} |
|
82 |
+ |
|
83 |
+func (c *FlowController) DelOFRules(nodeIP, localIP string) error { |
|
84 |
+ if nodeIP == localIP { |
|
85 |
+ return nil |
|
86 |
+ } |
|
87 |
+ |
|
88 |
+ glog.V(5).Infof("DelOFRules for %s", nodeIP) |
|
89 |
+ |
|
90 |
+ rule := fmt.Sprintf("cookie=0x%s/0xffffffff", generateCookie(nodeIP)) |
|
91 |
+ out, err := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0", rule).CombinedOutput() |
|
92 |
+ if err != nil { |
|
93 |
+ glog.Errorf("Error deleting flow %q: %s (%v)", rule, out, err) |
|
94 |
+ return err |
|
95 |
+ } |
|
96 |
+ return nil |
|
97 |
+} |
|
98 |
+ |
|
99 |
+func generateCookie(ip string) string { |
|
100 |
+ return hex.EncodeToString(net.ParseIP(ip).To4()) |
|
101 |
+} |
|
102 |
+ |
|
103 |
+func (c *FlowController) AddServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error { |
|
104 |
+ if !c.multitenant { |
|
105 |
+ return nil |
|
106 |
+ } |
|
107 |
+ |
|
108 |
+ glog.V(5).Infof("AddServiceOFRules for %s/%s/%d", IP, string(protocol), port) |
|
109 |
+ |
|
110 |
+ rule := generateAddServiceRule(netID, IP, protocol, port) |
|
111 |
+ out, err := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", rule).CombinedOutput() |
|
112 |
+ if err != nil { |
|
113 |
+ glog.Errorf("Error adding flow %q: %s (%v)", rule, out, err) |
|
114 |
+ return err |
|
115 |
+ } |
|
116 |
+ return nil |
|
117 |
+} |
|
118 |
+ |
|
119 |
+func (c *FlowController) DelServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error { |
|
120 |
+ if !c.multitenant { |
|
121 |
+ return nil |
|
122 |
+ } |
|
123 |
+ |
|
124 |
+ glog.V(5).Infof("DelServiceOFRules for %s/%s/%d", IP, string(protocol), port) |
|
125 |
+ |
|
126 |
+ rule := generateDelServiceRule(IP, protocol, port) |
|
127 |
+ out, err := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0", rule).CombinedOutput() |
|
128 |
+ if err != nil { |
|
129 |
+ glog.Errorf("Error deleting flow %q: %s (%v)", rule, out, err) |
|
130 |
+ return err |
|
131 |
+ } |
|
132 |
+ return nil |
|
133 |
+} |
|
134 |
+ |
|
135 |
+func generateBaseServiceRule(IP string, protocol api.ServiceProtocol, port uint) string { |
|
136 |
+ return fmt.Sprintf("table=4,%s,nw_dst=%s,tp_dst=%d", strings.ToLower(string(protocol)), IP, port) |
|
137 |
+} |
|
138 |
+ |
|
139 |
+func generateAddServiceRule(netID uint, IP string, protocol api.ServiceProtocol, port uint) string { |
|
140 |
+ baseRule := generateBaseServiceRule(IP, protocol, port) |
|
141 |
+ if netID == 0 { |
|
142 |
+ return fmt.Sprintf("%s,priority=200,actions=output:2", baseRule) |
|
143 |
+ } else { |
|
144 |
+ return fmt.Sprintf("%s,priority=200,reg0=%d,actions=output:2", baseRule, netID) |
|
145 |
+ } |
|
146 |
+} |
|
147 |
+ |
|
148 |
+func generateDelServiceRule(IP string, protocol api.ServiceProtocol, port uint) string { |
|
149 |
+ return generateBaseServiceRule(IP, protocol, port) |
|
150 |
+} |
|
151 |
+ |
|
152 |
+func (c *FlowController) UpdatePod(namespace, podName, containerID string, netID uint) error { |
|
153 |
+ if !c.multitenant { |
|
154 |
+ return nil |
|
155 |
+ } |
|
156 |
+ |
|
157 |
+ out, err := exec.Command("openshift-sdn-ovs", "update", namespace, podName, containerID, fmt.Sprint(netID)).CombinedOutput() |
|
158 |
+ glog.V(5).Infof("UpdatePod network plugin output: %s, %v", string(out), err) |
|
159 |
+ return err |
|
160 |
+} |
0 | 161 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,124 @@ |
0 |
+package ovs |
|
1 |
+ |
|
2 |
+import ( |
|
3 |
+ "fmt" |
|
4 |
+ "strconv" |
|
5 |
+ |
|
6 |
+ "github.com/golang/glog" |
|
7 |
+ |
|
8 |
+ "github.com/openshift/openshift-sdn/plugins/osdn" |
|
9 |
+ "github.com/openshift/openshift-sdn/plugins/osdn/api" |
|
10 |
+ oskserver "github.com/openshift/origin/pkg/cmd/server/kubernetes" |
|
11 |
+ |
|
12 |
+ knetwork "k8s.io/kubernetes/pkg/kubelet/network" |
|
13 |
+ kubeletTypes "k8s.io/kubernetes/pkg/kubelet/types" |
|
14 |
+ utilexec "k8s.io/kubernetes/pkg/util/exec" |
|
15 |
+) |
|
16 |
+ |
|
17 |
+type ovsPlugin struct { |
|
18 |
+ osdn.OvsController |
|
19 |
+ |
|
20 |
+ multitenant bool |
|
21 |
+} |
|
22 |
+ |
|
23 |
+func SingleTenantPluginName() string { |
|
24 |
+ return "redhat/openshift-ovs-subnet" |
|
25 |
+} |
|
26 |
+ |
|
27 |
+func MultiTenantPluginName() string { |
|
28 |
+ return "redhat/openshift-ovs-multitenant" |
|
29 |
+} |
|
30 |
+ |
|
31 |
+func CreatePlugin(registry *osdn.Registry, multitenant bool, hostname string, selfIP string, ready chan struct{}) (api.OsdnPlugin, oskserver.FilteringEndpointsConfigHandler, error) { |
|
32 |
+ plugin := &ovsPlugin{multitenant: multitenant} |
|
33 |
+ |
|
34 |
+ err := plugin.BaseInit(registry, NewFlowController(multitenant), plugin, hostname, selfIP, ready) |
|
35 |
+ if err != nil { |
|
36 |
+ return nil, nil, err |
|
37 |
+ } |
|
38 |
+ |
|
39 |
+ if multitenant { |
|
40 |
+ return plugin, registry, err |
|
41 |
+ } else { |
|
42 |
+ return plugin, nil, err |
|
43 |
+ } |
|
44 |
+} |
|
45 |
+ |
|
46 |
+func (plugin *ovsPlugin) PluginStartMaster(clusterNetworkCIDR string, clusterBitsPerSubnet uint, serviceNetworkCIDR string) error { |
|
47 |
+ if err := plugin.SubnetStartMaster(clusterNetworkCIDR, clusterBitsPerSubnet, serviceNetworkCIDR); err != nil { |
|
48 |
+ return err |
|
49 |
+ } |
|
50 |
+ |
|
51 |
+ if plugin.multitenant { |
|
52 |
+ if err := plugin.VnidStartMaster(); err != nil { |
|
53 |
+ return err |
|
54 |
+ } |
|
55 |
+ } |
|
56 |
+ |
|
57 |
+ return nil |
|
58 |
+} |
|
59 |
+ |
|
60 |
+func (plugin *ovsPlugin) PluginStartNode(mtu uint) error { |
|
61 |
+ if err := plugin.SubnetStartNode(mtu); err != nil { |
|
62 |
+ return err |
|
63 |
+ } |
|
64 |
+ |
|
65 |
+ if plugin.multitenant { |
|
66 |
+ if err := plugin.VnidStartNode(); err != nil { |
|
67 |
+ return err |
|
68 |
+ } |
|
69 |
+ } |
|
70 |
+ |
|
71 |
+ return nil |
|
72 |
+} |
|
73 |
+ |
|
74 |
+//----------------------------------------------- |
|
75 |
+ |
|
76 |
+const ( |
|
77 |
+ setUpCmd = "setup" |
|
78 |
+ tearDownCmd = "teardown" |
|
79 |
+ statusCmd = "status" |
|
80 |
+) |
|
81 |
+ |
|
82 |
+func (plugin *ovsPlugin) getExecutable() string { |
|
83 |
+ return "openshift-sdn-ovs" |
|
84 |
+} |
|
85 |
+ |
|
86 |
+func (plugin *ovsPlugin) Init(host knetwork.Host) error { |
|
87 |
+ return nil |
|
88 |
+} |
|
89 |
+ |
|
90 |
+func (plugin *ovsPlugin) Name() string { |
|
91 |
+ if plugin.multitenant { |
|
92 |
+ return MultiTenantPluginName() |
|
93 |
+ } else { |
|
94 |
+ return SingleTenantPluginName() |
|
95 |
+ } |
|
96 |
+} |
|
97 |
+ |
|
98 |
+func (plugin *ovsPlugin) SetUpPod(namespace string, name string, id kubeletTypes.DockerID) error { |
|
99 |
+ var vnidstr string |
|
100 |
+ if plugin.multitenant { |
|
101 |
+ vnid, found := plugin.VNIDMap[namespace] |
|
102 |
+ if !found { |
|
103 |
+ return fmt.Errorf("Error fetching VNID for namespace: %s", namespace) |
|
104 |
+ } |
|
105 |
+ vnidstr = strconv.FormatUint(uint64(vnid), 10) |
|
106 |
+ } else { |
|
107 |
+ vnidstr = "-1" |
|
108 |
+ } |
|
109 |
+ out, err := utilexec.New().Command(plugin.getExecutable(), setUpCmd, namespace, name, string(id), vnidstr).CombinedOutput() |
|
110 |
+ glog.V(5).Infof("SetUpPod network plugin output: %s, %v", string(out), err) |
|
111 |
+ return err |
|
112 |
+} |
|
113 |
+ |
|
114 |
+func (plugin *ovsPlugin) TearDownPod(namespace string, name string, id kubeletTypes.DockerID) error { |
|
115 |
+ // The script's teardown functionality doesn't need the VNID |
|
116 |
+ out, err := utilexec.New().Command(plugin.getExecutable(), tearDownCmd, namespace, name, string(id), "-1").CombinedOutput() |
|
117 |
+ glog.V(5).Infof("TearDownPod network plugin output: %s, %v", string(out), err) |
|
118 |
+ return err |
|
119 |
+} |
|
120 |
+ |
|
121 |
+func (plugin *ovsPlugin) Status(namespace string, name string, id kubeletTypes.DockerID) (*knetwork.PodNetworkStatus, error) { |
|
122 |
+ return nil, nil |
|
123 |
+} |
... | ... |
@@ -2,7 +2,6 @@ package osdn |
2 | 2 |
|
3 | 3 |
import ( |
4 | 4 |
"fmt" |
5 |
- "github.com/golang/glog" |
|
6 | 5 |
"net" |
7 | 6 |
"strconv" |
8 | 7 |
"strings" |
... | ... |
@@ -119,7 +118,9 @@ func newSDNPod(kPod *kapi.Pod) osdnapi.Pod { |
119 | 119 |
containerID := "" |
120 | 120 |
if len(kPod.Status.ContainerStatuses) > 0 { |
121 | 121 |
// Extract only container ID, pod.Status.ContainerStatuses[0].ContainerID is of the format: docker://<containerID> |
122 |
- containerID = strings.Split(kPod.Status.ContainerStatuses[0].ContainerID, "://")[1] |
|
122 |
+ if parts := strings.Split(kPod.Status.ContainerStatuses[0].ContainerID, "://"); len(parts) > 1 { |
|
123 |
+ containerID = parts[1] |
|
124 |
+ } |
|
123 | 125 |
} |
124 | 126 |
return osdnapi.Pod{ |
125 | 127 |
Name: kPod.ObjectMeta.Name, |
... | ... |
@@ -623,17 +624,17 @@ EndpointLoop: |
623 | 623 |
for _, addr := range ss.Addresses { |
624 | 624 |
IP := net.ParseIP(addr.IP) |
625 | 625 |
if registry.serviceNetwork.Contains(IP) { |
626 |
- glog.Warningf("Service '%s' in namespace '%s' has an Endpoint inside the service network (%s)", ep.ObjectMeta.Name, ns, addr.IP) |
|
626 |
+ log.Warningf("Service '%s' in namespace '%s' has an Endpoint inside the service network (%s)", ep.ObjectMeta.Name, ns, addr.IP) |
|
627 | 627 |
continue EndpointLoop |
628 | 628 |
} |
629 | 629 |
if registry.clusterNetwork.Contains(IP) { |
630 | 630 |
podNamespace, ok := registry.namespaceOfPodIP[addr.IP] |
631 | 631 |
if !ok { |
632 |
- glog.Warningf("Service '%s' in namespace '%s' has an Endpoint pointing to non-existent pod (%s)", ep.ObjectMeta.Name, ns, addr.IP) |
|
632 |
+ log.Warningf("Service '%s' in namespace '%s' has an Endpoint pointing to non-existent pod (%s)", ep.ObjectMeta.Name, ns, addr.IP) |
|
633 | 633 |
continue EndpointLoop |
634 | 634 |
} |
635 | 635 |
if podNamespace != ns { |
636 |
- glog.Warningf("Service '%s' in namespace '%s' has an Endpoint pointing to pod %s in namespace '%s'", ep.ObjectMeta.Name, ns, addr.IP, podNamespace) |
|
636 |
+ log.Warningf("Service '%s' in namespace '%s' has an Endpoint pointing to pod %s in namespace '%s'", ep.ObjectMeta.Name, ns, addr.IP, podNamespace) |
|
637 | 637 |
continue EndpointLoop |
638 | 638 |
} |
639 | 639 |
} |
640 | 640 |
old mode 100644 |
641 | 641 |
new mode 100755 |
... | ... |
@@ -14,15 +14,12 @@ os::provision::install-sdn() { |
14 | 14 |
local osdn_plugin_path="${osdn_base_path}/plugins/osdn" |
15 | 15 |
mkdir -p "${target}/bin/" |
16 | 16 |
pushd "${osdn_plugin_path}" > /dev/null |
17 |
- cp -f flatsdn/bin/openshift-ovs-subnet "${target}/bin/" |
|
18 |
- cp -f flatsdn/bin/openshift-sdn-kube-subnet-setup.sh "${target}/bin/" |
|
19 |
- |
|
20 |
- cp -f multitenant/bin/openshift-ovs-multitenant "${target}/bin/" |
|
21 |
- cp -f multitenant/bin/openshift-sdn-multitenant-setup.sh "${target}/bin/" |
|
17 |
+ cp -f ovs/bin/openshift-sdn-ovs "${target}/bin/" |
|
18 |
+ cp -f ovs/bin/openshift-sdn-ovs-setup.sh "${target}/bin/" |
|
22 | 19 |
popd > /dev/null |
23 | 20 |
|
24 |
- # subnet and multitenant plugin setup writes docker network options |
|
25 |
- # to /run/openshift-sdn/docker-network, make this file to be exported |
|
21 |
+ # osdn plugin setup writes docker network options to |
|
22 |
+ # /run/openshift-sdn/docker-network, make this file to be exported |
|
26 | 23 |
# as part of docker service start. |
27 | 24 |
local system_docker_path="${target}/lib/systemd/system/docker.service.d/" |
28 | 25 |
mkdir -p "${system_docker_path}" |
... | ... |
@@ -268,13 +268,9 @@ mkdir -p %{buildroot}%{_sharedstatedir}/origin |
268 | 268 |
# Install sdn scripts |
269 | 269 |
install -d -m 0755 %{buildroot}%{_unitdir}/docker.service.d |
270 | 270 |
install -p -m 0644 contrib/systemd/docker-sdn-ovs.conf %{buildroot}%{_unitdir}/docker.service.d/ |
271 |
-pushd _thirdpartyhacks/src/%{sdn_import_path}/plugins/osdn/flatsdn/bin |
|
272 |
- install -p -m 755 openshift-ovs-subnet %{buildroot}%{_bindir}/openshift-ovs-subnet |
|
273 |
- install -p -m 755 openshift-sdn-kube-subnet-setup.sh %{buildroot}%{_bindir}/openshift-sdn-kube-subnet-setup.sh |
|
274 |
-popd |
|
275 |
-pushd _thirdpartyhacks/src/%{sdn_import_path}/plugins/osdn/multitenant/bin |
|
276 |
- install -p -m 755 openshift-ovs-multitenant %{buildroot}%{_bindir}/openshift-ovs-multitenant |
|
277 |
- install -p -m 755 openshift-sdn-multitenant-setup.sh %{buildroot}%{_bindir}/openshift-sdn-multitenant-setup.sh |
|
271 |
+pushd _thirdpartyhacks/src/%{sdn_import_path}/plugins/osdn/ovs/bin |
|
272 |
+ install -p -m 755 openshift-sdn-ovs %{buildroot}%{_bindir}/openshift-sdn-ovs |
|
273 |
+ install -p -m 755 openshift-sdn-ovs-setup.sh %{buildroot}%{_bindir}/openshift-sdn-ovs-setup.sh |
|
278 | 274 |
popd |
279 | 275 |
install -d -m 0755 %{buildroot}%{_unitdir}/%{name}-node.service.d |
280 | 276 |
install -p -m 0644 contrib/systemd/openshift-sdn-ovs.conf %{buildroot}%{_unitdir}/%{name}-node.service.d/openshift-sdn-ovs.conf |
... | ... |
@@ -393,10 +389,8 @@ fi |
393 | 393 |
|
394 | 394 |
%files sdn-ovs |
395 | 395 |
%defattr(-,root,root,-) |
396 |
-%{_bindir}/openshift-sdn-kube-subnet-setup.sh |
|
397 |
-%{_bindir}/openshift-ovs-multitenant |
|
398 |
-%{_bindir}/openshift-sdn-multitenant-setup.sh |
|
399 |
-%{_bindir}/openshift-ovs-subnet |
|
396 |
+%{_bindir}/openshift-sdn-ovs |
|
397 |
+%{_bindir}/openshift-sdn-ovs-setup.sh |
|
400 | 398 |
%{_unitdir}/%{name}-node.service.d/openshift-sdn-ovs.conf |
401 | 399 |
%{_unitdir}/docker.service.d/docker-sdn-ovs.conf |
402 | 400 |
|