// waitForIface waits for network interface to become available in the system. func (h Helper) waitForIface(expectedIface string) bool { for i := 0; i <= h.Agent.waitForIfaceTry; i++ { log.Tracef(trace.Inside, "Helper: Waiting for interface %s, %d attempt", expectedIface, i) ifaceList, err := net.Interfaces() log.Trace(trace.Inside, "Agent: Entering podUpHandlerAsync()") if err != nil { log.Warn("Warning: Helper: failed to read net.Interfaces()") } for iface := range ifaceList { if ifaceList[iface].Name == expectedIface { return true } } time.Sleep(10 * time.Second) } return false }
// podUpHandlerAsync does a number of operations on given endpoint to ensure // it's connected: // 1. Ensures interface is ready // 2. Creates ip route pointing new interface // 3. Provisions firewall rules func (a *Agent) podUpHandlerAsync(netReq NetworkRequest) error { log.Trace(trace.Private, "Agent: Entering podUpHandlerAsync()") currentProvider := a.getFirewallType() netif := netReq.NetIf if netif.Name == "" { return agentErrorString("Agent: Interface name required") } if !a.Helper.waitForIface(netif.Name) { // TODO should we resubmit failed interface in queue for later // retry ? ... considering openstack will give up as well after // timeout msg := fmt.Sprintf("Requested interface not available in time - %s", netif.Name) log.Warn("Agent: ", msg) return agentErrorString(msg) } log.Infof("Agent: Creating endpoint routes - %s", netif.Name) if err := a.Helper.ensureRouteToEndpoint(&netif); err != nil { log.Error(agentError(err)) return agentError(err) } log.Infof("Agent: Provisioning firewall - %s", netif.Name) fw, err := firewall.NewFirewall(currentProvider) if err != nil { return err } err = fw.Init(a.Helper.Executor, a.store, a.networkConfig) if err != nil { return err } if err1 := fw.SetEndpoint(netif); err1 != nil { log.Error(agentError(err)) return agentError(err) } var rules RuleSet switch currentProvider { case firewall.ShellexProvider: rules = KubeShellXRules case firewall.IPTsaveProvider: rules = KubeSaveRestoreRules default: err := fmt.Errorf("Unkown firewall provider in podUpHandler") log.Error(agentError(err)) return agentError(err) } if err := prepareFirewallRules(fw, a.networkConfig, rules, currentProvider); err != nil { log.Error(agentError(err)) return agentError(err) } if err := fw.ProvisionEndpoint(); err != nil { log.Error(agentError(err)) return agentError(err) } log.Trace(trace.Inside, "Agent: All good", netif) return nil }