// useK8sNodeCIDR sets the ipv4-range value from the cluster-node-cidr defined in the, // kube-apiserver. func (d *Daemon) useK8sNodeCIDR(nodeName string) error { if !d.conf.IPv4Enabled { return nil } k8sNode, err := d.k8sClient.Nodes().Get(nodeName) if err != nil { return err } if k8sNode.Spec.PodCIDR == "" { return fmt.Errorf("Empty PodCIDR defined in kubernetes spec for node %s", nodeName) } ip, _, err := net.ParseCIDR(k8sNode.Spec.PodCIDR) if err != nil { return err } ciliumIPv4, err := addressing.NewCiliumIPv4(ip.String()) if err != nil { return err } ipv6NodeAddress := d.conf.NodeAddress.IPv6Address.NodeIP().String() nodeAddr, err := addressing.NewNodeAddress(ipv6NodeAddress, ciliumIPv4.NodeIP().String(), "") if err != nil { return err } log.Infof("Retrieved %s for node %s. Using it for ipv4-range", k8sNode.Spec.PodCIDR, nodeName) d.conf.NodeAddress = nodeAddr return nil }
"github.com/cilium/cilium/common" "github.com/cilium/cilium/common/addressing" "github.com/cilium/cilium/pkg/endpoint" "github.com/cilium/cilium/pkg/labels" "github.com/cilium/cilium/pkg/mac" "github.com/cilium/cilium/pkg/option" "github.com/cilium/cilium/pkg/policy" . "gopkg.in/check.v1" ) var ( HardAddr = mac.MAC{0x01, 0x02, 0x03, 0x04, 0x05, 0x06} IPv6Addr, _ = addressing.NewCiliumIPv6("beef:beef:beef:beef:aaaa:aaaa:1111:1112") IPv4Addr, _ = addressing.NewCiliumIPv4("10.11.12.13") ) func (ds *DaemonSuite) TestFindNode(c *C) { var nullPtr *policy.Node pn := policy.Node{ Name: "io.cilium", Children: map[string]*policy.Node{ "foo": {}, "bar": {}, }, } err := ds.d.PolicyAdd("io.cilium", &pn) c.Assert(err, Equals, nil)
func (s *EndpointSuite) TestDeepCopy(c *C) { ipv4, err := addressing.NewCiliumIPv4("127.0.0.1") c.Assert(err, IsNil) ipv6, err := addressing.NewCiliumIPv6("::1") c.Assert(err, IsNil) epWant := &Endpoint{ ID: 12, DockerID: "123", DockerNetworkID: "1234", DockerEndpointID: "12345", IfName: "lxcifname", LXCMAC: mac.MAC{1, 2, 3, 4, 5, 6}, IPv6: ipv6, IPv4: ipv4, IfIndex: 4, NodeMAC: mac.MAC{1, 2, 3, 4, 5, 6}, NodeIP: net.ParseIP("192.168.0.1"), PortMap: make([]PortMap, 2), Opts: option.NewBoolOptions(&EndpointOptionLibrary), } cpy := epWant.DeepCopy() c.Assert(*cpy, DeepEquals, *epWant) epWant.SecLabel = &labels.SecCtxLabel{ ID: 1, Labels: labels.Labels{ "io.cilium.kubernetes": labels.NewLabel("io.cilium.kubernetes", "", "cilium"), }, Containers: map[string]time.Time{ "1234": time.Now(), }, } epWant.Consumable = &policy.Consumable{ ID: 123, Iteration: 3, Labels: nil, LabelList: []labels.Label{ *labels.NewLabel("io.cilium.kubernetes", "", "cilium"), }, Maps: map[int]*policymap.PolicyMap{ 0: {}, }, Consumers: map[string]*policy.Consumer{ "foo": policy.NewConsumer(12), }, ReverseRules: map[uint32]*policy.Consumer{ 12: policy.NewConsumer(12), }, } epWant.PolicyMap = &policymap.PolicyMap{} cpy = epWant.DeepCopy() c.Assert(*cpy.SecLabel, DeepEquals, *epWant.SecLabel) c.Assert(*cpy.Consumable, DeepEquals, *epWant.Consumable) c.Assert(*cpy.PolicyMap, DeepEquals, *epWant.PolicyMap) epWant.Consumable.Labels = &labels.SecCtxLabel{ ID: 1, Labels: labels.Labels{ "io.cilium.kubernetes": labels.NewLabel("io.cilium.kubernetes", "", "cilium"), }, Containers: map[string]time.Time{ "1234": time.Now(), }, } epWant.PolicyMap = &policymap.PolicyMap{} cpy = epWant.DeepCopy() c.Assert(*cpy.Consumable.Labels, DeepEquals, *epWant.Consumable.Labels) cpy.Consumable.Labels.Containers["1234"] = time.Now() c.Assert(*cpy.Consumable.Labels, Not(DeepEquals), *epWant.Consumable.Labels) }