// the global var is nil in this function, although init in the Listen function,and listen func exec first.
// so the common var should init in func init
func CreateVlanNetwork(name string, subnet string, hostif string) error {
if _, err := Kapi.Get(context.Background(), "/vlan/"+name, nil); err == nil {
return errors.New("the vlan name has existed")
}
val := hostif + "," + subnet
if _, err := Kapi.Set(context.Background(), "/vlan/"+name, val, nil); err != nil {
return err
}
tmp := ipallocator.New()
_, net1, err := net.ParseCIDR(subnet)
if err != nil {
return err
}
tmp.RegisterSubnet(net1, net1)
ipallocs[name] = tmp
return nil
}
func createBridge(name, network, natIface string) (*Bridge, error) {
ipAddr, ipNet, err := net.ParseCIDR(network)
if err != nil {
return nil, err
}
if err := netlink.CreateBridge(name, true); err != nil {
return nil, err
}
iface, err := net.InterfaceByName(name)
if err != nil {
return nil, err
}
// We need to explicitly assign the MAC address to avoid it changing to a lower value
// See: https://github.com/flynn/flynn/issues/223
b := random.Bytes(5)
mac := fmt.Sprintf("fe:%02x:%02x:%02x:%02x:%02x", b[0], b[1], b[2], b[3], b[4])
if err := netlink.NetworkSetMacAddress(iface, mac); err != nil {
return nil, err
}
if err := netlink.NetworkLinkAddIp(iface, ipAddr, ipNet); err != nil {
return nil, err
}
if err := netlink.NetworkLinkUp(iface); err != nil {
return nil, err
}
if err := ioutil.WriteFile("/proc/sys/net/ipv4/ip_forward", []byte("1\n"), 0644); err != nil {
return nil, err
}
if err := setupIPTables(name, natIface); err != nil {
return nil, err
}
bridge := &Bridge{
name: name,
iface: iface,
ipAddr: ipAddr,
ipNet: ipNet,
alloc: ipallocator.New(),
}
bridge.alloc.RequestIP(ipNet, ipAddr)
return bridge, nil
}
func NewLibcontainerBackend(config *LibcontainerConfig) (Backend, error) {
factory, err := libcontainer.New(
containerRoot,
libcontainer.Cgroupfs,
libcontainer.InitArgs(os.Args[0], "libcontainer-init"),
)
if err != nil {
return nil, err
}
if err := setupCGroups(config.PartitionCGroups); err != nil {
return nil, err
}
defaultTmpfs, err := createTmpfs(resource.DefaultTempDiskSize)
if err != nil {
return nil, err
}
shutdown.BeforeExit(func() { defaultTmpfs.Delete() })
l := &LibcontainerBackend{
LibcontainerConfig: config,
factory: factory,
logStreams: make(map[string]map[string]*logmux.LogStream),
containers: make(map[string]*Container),
defaultEnv: make(map[string]string),
resolvConf: "/etc/resolv.conf",
ipalloc: ipallocator.New(),
discoverdConfigured: make(chan struct{}),
networkConfigured: make(chan struct{}),
globalState: &libcontainerGlobalState{},
defaultTmpfs: defaultTmpfs,
}
l.httpClient = &http.Client{Transport: &http.Transport{
Dial: dialer.RetryDial(l.discoverdDial),
}}
return l, nil
}
func NewLibcontainerBackend(state *State, vman *volumemanager.Manager, bridgeName, initPath string, mux *logmux.Mux, partitionCGroups map[string]int64, logger log15.Logger) (Backend, error) {
factory, err := libcontainer.New(
containerRoot,
libcontainer.Cgroupfs,
libcontainer.InitArgs(os.Args[0], "libcontainer-init"),
)
pinkertonCtx, err := pinkerton.BuildContext("aufs", imageRoot)
if err != nil {
return nil, err
}
if err := setupCGroups(partitionCGroups); err != nil {
return nil, err
}
return &LibcontainerBackend{
InitPath: initPath,
factory: factory,
state: state,
vman: vman,
pinkerton: pinkertonCtx,
logStreams: make(map[string]map[string]*logmux.LogStream),
containers: make(map[string]*Container),
defaultEnv: make(map[string]string),
resolvConf: "/etc/resolv.conf",
mux: mux,
ipalloc: ipallocator.New(),
bridgeName: bridgeName,
discoverdConfigured: make(chan struct{}),
networkConfigured: make(chan struct{}),
partitionCGroups: partitionCGroups,
logger: logger,
globalState: &libcontainerGlobalState{},
}, nil
}
func init() {
ipAllocator = ipallocator.New()
}
func New(version string, ctx *cli.Context) (Driver, error) {
docker, err := dockerclient.NewDockerClient("unix:///var/run/docker.sock", nil)
if err != nil {
return nil, fmt.Errorf("could not connect to docker: %s", err)
}
// initiate the ovsdb manager port binding
ovsdb, err := libovsdb.Connect(localhost, ovsdbPort)
if err != nil {
return nil, fmt.Errorf("could not connect to openvswitch on port [ %d ]: %s", ovsdbPort, err)
}
// bind user defined flags to the plugin config
if ctx.String("bridge-name") != "" {
bridgeName = ctx.String("bridge-name")
}
// lower bound of v4 MTU is 68-bytes per rfc791
if ctx.Int("mtu") >= minMTU {
defaultMTU = ctx.Int("mtu")
} else {
log.Fatalf("The MTU value passed [ %d ] must be greater then [ %d ] bytes per rfc791", ctx.Int("mtu"), minMTU)
}
// Parse the container subnet
containerGW, containerCidr, err := net.ParseCIDR(ctx.String("bridge-subnet"))
if err != nil {
log.Fatalf("Error parsing cidr from the subnet flag provided [ %s ]: %s", FlagBridgeSubnet, err)
}
// Update the cli.go global var with the network if user provided
bridgeSubnet = containerCidr.String()
switch ctx.String("mode") {
/* [ flat ] mode */
//Flat mode requires a gateway IP address is used just like any other
//normal L2 domain. If no gateway is specified, we attempt to guess using
//the first usable IP on the container subnet from the CLI argument.
//Example "192.168.1.0/24" we guess at a gatway of "192.168.1.1".
//Flat mode requires a bridge-subnet flag with a subnet from your existing network
case modeFlat:
ovsDriverMode = modeFlat
if ctx.String("gateway") != "" {
// bind the container gateway to the IP passed from the CLI
cliGateway := net.ParseIP(ctx.String("gateway"))
if cliGateway == nil {
log.Fatalf("The IP passed with the [ gateway ] flag [ %s ] was not a valid address: %s", FlagGateway.Value, err)
}
containerGW = cliGateway
} else {
// if no gateway was passed, guess the first valid address on the container subnet
containerGW = ipIncrement(containerGW)
}
/* [ nat ] mode */
//If creating a private network that will be NATed on the OVS bridge via IPTables
//it is not required to pass a subnet since in a single host scenario it is hidden
//from the network once it is masqueraded via IP tables.
case modeNAT, "":
ovsDriverMode = modeNAT
if ctx.String("gateway") != "" {
// bind the container gateway to the IP passed from the CLI
cliGateway := net.ParseIP(ctx.String("gateway"))
if cliGateway == nil {
log.Fatalf("The IP passed with the [ gateway ] flag [ %s ] was not a valid address: %s", FlagGateway.Value, err)
}
containerGW = cliGateway
} else {
// if no gateway was passed, guess the first valid address on the container subnet
containerGW = ipIncrement(containerGW)
}
default:
log.Fatalf("Invalid ovs mode supplied [ %s ]. The plugin currently supports two modes: [ %s ] or [ %s ]", ctx.String("mode"), modeFlat, modeNAT)
}
pluginOpts := &pluginConfig{
mtu: defaultMTU,
bridgeName: bridgeName,
mode: ovsDriverMode,
brSubnet: containerCidr,
gatewayIP: containerGW,
}
// Leaving as info for now. Change to debug eventually
log.Infof("Plugin configuration: \n %s", pluginOpts)
ipAllocator := ipallocator.New()
d := &driver{
dockerer: dockerer{
client: docker,
},
ovsdber: ovsdber{
ovsdb: ovsdb,
},
ipAllocator: ipAllocator,
pluginConfig: *pluginOpts,
version: version,
}
// Initialize ovsdb cache at rpc connection setup
d.ovsdber.initDBCache()
return d, nil
}
func New(version string, ctx *cli.Context) (Driver, error) {
docker, err := dockerclient.NewDockerClient("unix:///var/run/docker.sock", nil)
if err != nil {
return nil, fmt.Errorf("could not connect to docker: %s", err)
}
if ctx.String("host-interface") == "" {
log.Fatalf("Required flag [ host-interface ] that is used for off box communication was not defined. Example: --host-interface=eth1")
}
ipVlanEthIface = ctx.String("host-interface")
// bind CLI opts to the user config struct
if ok := validateHostIface(ctx.String("host-interface")); !ok {
log.Fatalf("Requird field [ host-interface ] ethernet interface [ %s ] was not found. Exiting since this is required for both l2 and l3 modes.", ctx.String("host-interface"))
}
// lower bound of v4 MTU is 68-bytes per rfc791
if ctx.Int("mtu") <= 0 {
cliMTU = defaultMTU
} else if ctx.Int("mtu") >= minMTU {
cliMTU = ctx.Int("mtu")
} else {
log.Fatalf("The MTU value passed [ %d ] must be greater then [ %d ] bytes per rfc791", ctx.Int("mtu"), minMTU)
}
// Parse the container IP subnet
containerGW, cidr, err := net.ParseCIDR(ctx.String("ipvlan-subnet"))
if err != nil {
log.Fatalf("Error parsing cidr from the subnet flag provided [ %s ]: %s", FlagSubnet, err)
}
// For ipvlan L2 mode a gateway IP address is used just like any other
// normal L2 domain. If no gateway is specified, we attempt to guess using
// the first usable IP on the container subnet from the CLI argument or from
// the defaultSubnet "192.168.1.0/24" which results in a gatway of "192.168.1.1".
switch ctx.String("mode") {
case ipVlanL2:
ipVlanMode = ipVlanL2
if ctx.String("gateway") != "" {
// bind the container gateway to the IP passed from the CLI
cliGateway := net.ParseIP(ctx.String("gateway"))
if err != nil {
log.Fatalf("The IP passed with the [ gateway ] flag [ %s ] was not a valid address: %s", FlagGateway.Value, err)
}
containerGW = cliGateway
} else {
// if no gateway was passed, guess the first valid address on the container subnet
containerGW = ipIncrement(containerGW)
}
case ipVlanL3:
// IPVlan simply needs the container interface for its
// default route target since only unicast is allowed <3
ipVlanMode = ipVlanL3
containerGW = nil
case ipVlanL3Routing:
// IPVlan simply needs the container interface for its
// default route target since only unicast is allowed <3
ipVlanMode = ipVlanL3Routing
containerGW = nil
managermode := ""
if ctx.String("routemng") != "" {
managermode = ctx.String("routemng")
}
// Initialize Routing monitoring
go routing.InitRoutingMonitering(ipVlanEthIface, managermode)
default:
log.Fatalf("Invalid IPVlan mode supplied [ %s ]. IPVlan has two modes: [ %s ] or [%s ]", ctx.String("mode"), ipVlanL2, ipVlanL3)
}
pluginOpts := &pluginConfig{
mtu: cliMTU,
mode: ipVlanMode,
containerSubnet: cidr,
gatewayIP: containerGW,
hostIface: ipVlanEthIface,
}
// Leaving as info for now to stdout the plugin config
log.Infof("Plugin configuration options are: \n %s", pluginOpts)
ipAllocator := ipallocator.New()
d := &driver{
dockerer: dockerer{
client: docker,
},
ipAllocator: ipAllocator,
version: version,
pluginConfig: *pluginOpts,
}
return d, nil
}
func init() {
ipAllocator = ipallocator.New()
portMapper = portmapper.New()
}
// New constructs a new bridge driver
func newDriver() driverapi.Driver {
ipAllocator = ipallocator.New()
return &driver{networks: map[string]*bridgeNetwork{}}
}
// New constructs a new bridge driver
func newDriver() *driver {
ipAllocator = ipallocator.New()
return &driver{networks: map[string]*bridgeNetwork{}, config: &configuration{}}
}
func New(version string, ctx *cli.Context) (Driver, error) {
docker, err := dockerclient.NewDockerClient("unix:///var/run/docker.sock", nil)
if err != nil {
return nil, fmt.Errorf("could not connect to docker: %s", err)
}
if ctx.String("host-interface") == "" {
log.Fatalf("Required flag [ host-interface ] that is used for off box communication was not defined. Example: --host-interface=eth1")
}
// bind CLI opts to the user config struct
if ok := validateHostIface(ctx.String("host-interface")); !ok {
log.Fatalf("Requird field [ host-interface ] ethernet interface [ %s ] was not found. Exiting since this is required for both l2 and l3 modes.", ctx.String("host-interface"))
}
macvlanEthIface = ctx.String("host-interface")
// lower bound of v4 MTU is 68-bytes per rfc791
if ctx.Int("mtu") <= 0 {
cliMTU = cliMTU
} else if ctx.Int("mtu") >= minMTU {
cliMTU = ctx.Int("mtu")
} else {
log.Fatalf("The MTU value passed [ %d ] must be greater than [ %d ] bytes per rfc791", ctx.Int("mtu"), minMTU)
}
// Parse the container IP subnet and network addr to be used to guess the gateway if necessary
defaultSubnet = ctx.String("macvlan-subnet")
containerGW, containerNet, err := net.ParseCIDR(ctx.String("macvlan-subnet"))
if err != nil {
log.Fatalf("Error parsing cidr from the subnet flag provided [ %s ]: %s", ctx.String("macvlan-subnet"), err)
}
// Set the default mode to bridge
if ctx.String("mode") == "" {
macvlanMode = bridgeMode
}
switch ctx.String("mode") {
case bridgeMode:
macvlanMode = bridgeMode
// todo: in other modes if relevant
default:
log.Fatalf("Invalid macvlan mode supplied [ %s ] we currently only support [ %s ] mode. If mode is left empty, bridge is the default mode.", ctx.String("mode"), macvlanMode)
}
// if no gateway was passed, use the first valid addr on the container subnet
if ctx.String("gateway") != "" {
// bind the container gateway to the IP passed from the CLI
cliGateway := net.ParseIP(ctx.String("gateway"))
if err != nil {
log.Fatalf("The IP passed with the [ gateway ] flag [ %s ] was not a valid address: %s", ctx.String("gateway"), err)
}
containerGW = cliGateway
} else {
containerGW = ipIncrement(containerGW)
}
gatewayIP = containerGW.String()
pluginOpts := &pluginConfig{
mtu: cliMTU,
mode: macvlanMode,
containerSubnet: containerNet,
gatewayIP: containerGW,
hostIface: macvlanEthIface,
}
// Leaving as info for now to stdout the plugin config
log.Infof("Plugin configuration options are: \n %s", pluginOpts)
ipAllocator := ipallocator.New()
d := &driver{
dockerer: dockerer{
client: docker,
},
ipAllocator: ipAllocator,
version: version,
pluginConfig: *pluginOpts,
}
return d, nil
}