// ServiceKeynValue2FEnBE converts the given svcKey and svcValue to a frontend int the
// form of L3n4AddrID and backend int he form of L3n4Addr.
func ServiceKeynValue2FEnBE(svcKey ServiceKey, svcValue ServiceValue) (*types.L3n4AddrID, *types.L3n4Addr, error) {
var (
beIP net.IP
svcID types.ServiceID
bePort uint16
)
if svcKey.IsIPv6() {
svc6Val := svcValue.(*Service6Value)
svcID = types.ServiceID(svc6Val.RevNat)
beIP = svc6Val.Address.IP()
bePort = svc6Val.Port
} else {
svc4Val := svcValue.(*Service4Value)
svcID = types.ServiceID(svc4Val.RevNat)
beIP = svc4Val.Address.IP()
bePort = svc4Val.Port
}
feL3n4Addr, err := ServiceKey2L3n4Addr(svcKey)
if err != nil {
return nil, nil, fmt.Errorf("unable to create a new FE for service key %s: %s", svcKey, err)
}
beL3n4Addr, err := types.NewL3n4Addr(types.TCP, beIP, bePort)
if err != nil {
return nil, nil, fmt.Errorf("unable to create a new BE for IP: %s Port: %d: %s", beIP, bePort, err)
}
feL3n4AddrID := &types.L3n4AddrID{
L3n4Addr: *feL3n4Addr,
ID: svcID,
}
return feL3n4AddrID, beL3n4Addr, nil
}
func cliUpdateService(ctx *cli.Context) {
feL3n4Addr := parseServiceKey(ctx.String("frontend"))
backends := []types.L3n4Addr{}
fe := types.L3n4AddrID{
ID: types.ServiceID(ctx.Int("id")),
L3n4Addr: *feL3n4Addr,
}
backendList := ctx.StringSlice("backend")
if len(backendList) == 0 {
fmt.Printf("Reading backend list from stdin...\n")
scanner := bufio.NewScanner(os.Stdin)
for scanner.Scan() {
backendList = append(backendList, scanner.Text())
}
}
for _, backend := range backendList {
beAddr, err := net.ResolveTCPAddr("tcp", backend)
if err != nil {
fmt.Fprintf(os.Stderr, "%s\n", err)
os.Exit(1)
}
be, err := types.NewL3n4Addr(types.TCP, beAddr.IP, uint16(beAddr.Port))
if err != nil {
fmt.Fprintf(os.Stderr, "Unable to create a new L3n4Addr for backend %s: %s\n", backend, err)
os.Exit(1)
}
if !be.IsIPv6() && fe.IsIPv6() {
fmt.Fprintf(os.Stderr, "Address mismatch between frontend and backend %s\n",
backend)
os.Exit(1)
}
if fe.Port == 0 && beAddr.Port != 0 {
fmt.Fprintf(os.Stderr, "L4 backend found (%v) with L3 frontend\n", beAddr)
os.Exit(1)
}
backends = append(backends, *be)
}
if err := client.SVCAdd(fe, backends, addRev); err != nil {
fmt.Fprintf(os.Stderr, "Unable to add the service: %s\n", err)
os.Exit(1)
}
fmt.Printf("Added %d backends\n", len(backends))
}
func parseServiceKey(address string) *types.L3n4Addr {
frontend, err := net.ResolveTCPAddr("tcp", address)
if err != nil {
fmt.Fprintf(os.Stderr, "Unable to parse frontend address: %s\n", err)
os.Exit(1)
}
l3n4Addr, err := types.NewL3n4Addr(types.TCP, frontend.IP, uint16(frontend.Port))
if err != nil {
fmt.Fprintf(os.Stderr, "Unable to parse frontend address: %s\n", err)
os.Exit(1)
}
return l3n4Addr
}
func (s *DaemonSuite) TestSVCDeleteFail(c *C) {
feWant, err := types.NewL3n4Addr(types.TCP, randomAddr1, 1984)
c.Assert(err, IsNil)
feL3n4SHA256Want, err := feWant.SHA256Sum()
c.Assert(err, IsNil)
s.d.OnSVCDeleteBySHA256Sum = func(feL3n4SHA256Sum string) error {
c.Assert(feL3n4SHA256Sum, Equals, feL3n4SHA256Want)
return errors.New("Unable to read lbmap")
}
err = s.c.SVCDelete(*feWant)
c.Assert(err, ErrorMatches, ".*Unable to read lbmap.*")
}
func (s *DaemonSuite) TestSVCDeleteOK(c *C) {
feWant, err := types.NewL3n4Addr(types.TCP, randomAddr1, 1984)
c.Assert(err, IsNil)
feL3n4SHA256Want, err := feWant.SHA256Sum()
c.Assert(err, IsNil)
s.d.OnSVCDeleteBySHA256Sum = func(feL3n4SHA256Sum string) error {
c.Assert(feL3n4SHA256Sum, Equals, feL3n4SHA256Want)
return nil
}
err = s.c.SVCDelete(*feWant)
c.Assert(err, IsNil)
}
func (s *DaemonSuite) TestSVCGetBySHA256SumFail(c *C) {
feWant, err := types.NewL3n4Addr(types.TCP, randomAddr1, 1984)
c.Assert(err, IsNil)
feL3n4SHA256Want, err := feWant.SHA256Sum()
c.Assert(err, IsNil)
s.d.OnSVCGetBySHA256Sum = func(feL3n4SHA256Sum string) (*types.LBSVC, error) {
c.Assert(feL3n4SHA256Sum, Equals, feL3n4SHA256Want)
return nil, errors.New("Unable to read lbmap")
}
lbSvcReceived, err := s.c.SVCGetBySHA256Sum(feL3n4SHA256Want)
c.Assert(err, ErrorMatches, ".*Unable to read lbmap.*")
c.Assert(lbSvcReceived, IsNil)
}
// ServiceValue2L3n4Addr converts the svcValue to a L3n4Addr. The svcKey is necessary to
// determine which IP version svcValue is.
func ServiceValue2L3n4Addr(svcKey ServiceKey, svcValue ServiceValue) (*types.L3n4Addr, error) {
var (
feIP net.IP
fePort uint16
)
if svcKey.IsIPv6() {
svc6Value := svcValue.(*Service6Value)
feIP = svc6Value.Address.IP()
fePort = svc6Value.Port
} else {
svc4Value := svcValue.(*Service4Value)
feIP = svc4Value.Address.IP()
fePort = svc4Value.Port
}
return types.NewL3n4Addr(types.TCP, feIP, fePort)
}
// ServiceKey2L3n4Addr converts the given svcKey to a L3n4Addr.
func ServiceKey2L3n4Addr(svcKey ServiceKey) (*types.L3n4Addr, error) {
var (
feIP net.IP
fePort uint16
)
if svcKey.IsIPv6() {
svc6Key := svcKey.(*Service6Key)
feIP = svc6Key.Address.IP()
fePort = svc6Key.Port
} else {
svc4Key := svcKey.(*Service4Key)
feIP = svc4Key.Address.IP()
fePort = svc4Key.Port
}
return types.NewL3n4Addr(types.TCP, feIP, fePort)
}
func (s *CiliumNetClientSuite) TestSVCDeleteOK(c *C) {
fe, err := types.NewL3n4Addr(types.TCP, randomAddr1, 1984)
c.Assert(err, IsNil)
feSHA256Sum, err := fe.SHA256Sum()
c.Assert(err, IsNil)
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
c.Assert(r.Method, Equals, "DELETE")
c.Assert(r.URL.Path, Equals, "/lb/service/"+feSHA256Sum)
w.WriteHeader(http.StatusNoContent)
}))
defer server.Close()
cli := NewTestClient(server.URL, c)
err = cli.SVCDelete(*fe)
c.Assert(err, Equals, nil)
}
func cliUpdateRevNat(ctx *cli.Context) {
tcpAddr, err := net.ResolveTCPAddr("tcp", ctx.String("address"))
if err != nil {
fmt.Fprintf(os.Stderr, "%s\n", err)
os.Exit(1)
}
val, err := types.NewL3n4Addr(types.TCP, tcpAddr.IP, uint16(tcpAddr.Port))
if err != nil {
fmt.Fprintf(os.Stderr, "Unable to create a new L3n4Addr: %s\n", err)
os.Exit(1)
}
id := types.ServiceID(ctx.Int("id"))
if err := client.RevNATAdd(id, *val); err != nil {
fmt.Fprintf(os.Stderr, "%s\n", err)
os.Exit(1)
}
}
func (d *Daemon) delK8sSVCs(svc types.K8sServiceNamespace, svcInfo *types.K8sServiceInfo, se *types.K8sServiceEndpoint) {
isSvcIPv4 := svcInfo.FEIP.To4() != nil
if !areIPsConsistent(d.conf.IPv4Enabled, isSvcIPv4, svc, se) {
return
}
repPorts := getUniqPorts(svcInfo.Ports)
for _, svcPort := range svcInfo.Ports {
if !repPorts[svcPort.Port] {
continue
}
repPorts[svcPort.Port] = false
if svcPort.ID != 0 {
if err := d.DeleteL3n4AddrIDByUUID(uint32(svcPort.ID)); err != nil {
log.Warningf("Error while cleaning service ID: %s", err)
}
}
fe, err := types.NewL3n4Addr(svcPort.Protocol, svcInfo.FEIP, svcPort.Port)
if err != nil {
log.Errorf("Error while creating a New L3n4AddrID: %s. Ignoring service %v...", err, svcInfo)
continue
}
if err := d.SVCDelete(*fe); err != nil {
log.Warningf("Error deleting service %+v, %s", fe, err)
} else {
log.Debugf("# cilium lb delete-service %s %d 0", svcInfo.FEIP, svcPort.Port)
}
if err := d.RevNATDelete(svcPort.ID); err != nil {
log.Warningf("Error deleting reverse NAT %+v, %s", svcPort.ID, err)
} else {
log.Debugf("# cilium lb delete-rev-nat %d", svcPort.ID)
}
}
}
func (s *CiliumNetClientSuite) TestSVCDeleteFail(c *C) {
fe, err := types.NewL3n4Addr(types.TCP, randomAddr1, 1984)
c.Assert(err, IsNil)
feSHA256Sum, err := fe.SHA256Sum()
c.Assert(err, IsNil)
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
c.Assert(r.Method, Equals, "DELETE")
c.Assert(r.URL.Path, Equals, "/lb/service/"+feSHA256Sum)
w.WriteHeader(http.StatusInternalServerError)
w.Header().Set("Content-Type", "application/json")
e := json.NewEncoder(w)
err := e.Encode(types.ServerError{Code: -1, Text: "daemon didn't complete your request"})
c.Assert(err, Equals, nil)
}))
defer server.Close()
cli := NewTestClient(server.URL, c)
err = cli.SVCDelete(*fe)
c.Assert(strings.Contains(err.Error(), "daemon didn't complete your request"), Equals, true)
}
// RevNat4Value2L3n4Addr converts the given RevNat4Value to a L3n4Addr.
func RevNat4Value2L3n4Addr(revNATV *RevNat4Value) (*types.L3n4Addr, error) {
return types.NewL3n4Addr(types.TCP, revNATV.Address.IP(), revNATV.Port)
}
func (d *Daemon) addK8sSVCs(svc types.K8sServiceNamespace, svcInfo *types.K8sServiceInfo, se *types.K8sServiceEndpoint) {
isSvcIPv4 := svcInfo.FEIP.To4() != nil
if !areIPsConsistent(d.conf.IPv4Enabled, isSvcIPv4, svc, se) {
return
}
uniqPorts := getUniqPorts(svcInfo.Ports)
for fePortName, fePort := range svcInfo.Ports {
if !uniqPorts[fePort.Port] {
continue
}
k8sBEPort := se.Ports[fePortName]
uniqPorts[fePort.Port] = false
if fePort.ID == 0 {
feAddr, err := types.NewL3n4Addr(fePort.Protocol, svcInfo.FEIP, fePort.Port)
if err != nil {
log.Errorf("Error while creating a new L3n4Addr: %s. Ignoring service...", err)
continue
}
feAddrID, err := d.PutL3n4Addr(*feAddr, 0)
if err != nil {
log.Errorf("Error while getting a new service ID: %s. Ignoring service %v...", err, feAddr)
continue
}
log.Debugf("Got feAddr ID %d for service %+v", feAddrID.ID, svc)
fePort.ID = feAddrID.ID
}
isServerPresent := false
besValues := []types.L3n4Addr{}
if k8sBEPort != nil {
for epIP := range se.BEIPs {
bePort := types.L3n4Addr{
IP: net.ParseIP(epIP),
L4Addr: *k8sBEPort,
}
besValues = append(besValues, bePort)
if !isServerPresent {
d.ipamConf.AllocatorMutex.RLock()
if isSvcIPv4 && d.conf.IPv4Enabled {
isServerPresent = d.conf.NodeAddress.IPv4Address.IP().Equal(bePort.IP) ||
d.ipamConf.IPv4Allocator.Has(bePort.IP)
} else {
isServerPresent = d.conf.NodeAddress.IPv6Address.HostIP().Equal(bePort.IP) ||
d.ipamConf.IPv6Allocator.Has(bePort.IP)
}
d.ipamConf.AllocatorMutex.RUnlock()
}
}
}
fe, err := types.NewL3n4AddrID(fePort.Protocol, svcInfo.FEIP, fePort.Port, fePort.ID)
if err != nil {
log.Errorf("Error while creating a New L3n4AddrID: %s. Ignoring service %v...", err, svcInfo)
continue
}
if err := d.svcAdd(*fe, besValues, isServerPresent); err != nil {
log.Errorf("Error while inserting service in LB map: %s", err)
}
}
}