func (cmd *GuardianCommand) wireNetworker(log lager.Logger, propManager kawasaki.ConfigStore, portPool *ports.PortPool) (gardener.Networker, gardener.Starter, error) { externalIP, err := defaultExternalIP(cmd.Network.ExternalIP) if err != nil { return nil, nil, err } dnsServers := make([]net.IP, len(cmd.Network.DNSServers)) for i, ip := range cmd.Network.DNSServers { dnsServers[i] = ip.IP() } if cmd.Network.Plugin.Path() != "" { resolvConfigurer := &kawasaki.ResolvConfigurer{ HostsFileCompiler: &dns.HostsFileCompiler{}, ResolvFileCompiler: &dns.ResolvFileCompiler{}, FileWriter: &dns.RootfsWriter{}, IDMapReader: &kawasaki.RootIdMapReader{}, } externalNetworker := netplugin.New( linux_command_runner.New(), propManager, externalIP, dnsServers, resolvConfigurer, cmd.Network.Plugin.Path(), cmd.Network.PluginExtraArgs, ) return externalNetworker, externalNetworker, nil } var denyNetworksList []string for _, network := range cmd.Network.DenyNetworks { denyNetworksList = append(denyNetworksList, network.String()) } interfacePrefix := fmt.Sprintf("w%s", cmd.Server.Tag) chainPrefix := fmt.Sprintf("w-%s-", cmd.Server.Tag) idGenerator := kawasaki.NewSequentialIDGenerator(time.Now().UnixNano()) iptRunner := &logging.Runner{CommandRunner: linux_command_runner.New(), Logger: log.Session("iptables-runner")} locksmith := &locksmithpkg.FileSystem{} ipTables := iptables.New(cmd.Bin.IPTables.Path(), cmd.Bin.IPTablesRestore.Path(), iptRunner, locksmith, chainPrefix) ipTablesStarter := iptables.NewStarter(ipTables, cmd.Network.AllowHostAccess, interfacePrefix, denyNetworksList, cmd.Containers.DestroyContainersOnStartup) ruleTranslator := iptables.NewRuleTranslator() networker := kawasaki.New( kawasaki.SpecParserFunc(kawasaki.ParseSpec), subnets.NewPool(cmd.Network.Pool.CIDR()), kawasaki.NewConfigCreator(idGenerator, interfacePrefix, chainPrefix, externalIP, dnsServers, cmd.Network.Mtu), propManager, factory.NewDefaultConfigurer(ipTables), portPool, iptables.NewPortForwarder(ipTables), iptables.NewFirewallOpener(ruleTranslator, ipTables), ) return networker, ipTablesStarter, nil }
var err error ip, subnet, err = net.ParseCIDR("192.168.12.20/24") Expect(err).NotTo(HaveOccurred()) externalIP = net.ParseIP("220.10.120.5") dnsServers = []net.IP{ net.ParseIP("8.8.8.8"), net.ParseIP("8.8.4.4"), } logger = lagertest.NewTestLogger("test") idGenerator = &fakes.FakeIDGenerator{} mtu = 1234 creator = kawasaki.NewConfigCreator(idGenerator, "w1", "0123456789abcdef", externalIP, dnsServers, mtu) }) It("panics if the interface prefix is longer than 2 characters", func() { Expect(func() { kawasaki.NewConfigCreator(idGenerator, "too-long", "wc", externalIP, dnsServers, mtu) }).To(Panic()) }) It("panics if the chain prefix is longer than 16 characters", func() { Expect(func() { kawasaki.NewConfigCreator(idGenerator, "w1", "0123456789abcdefg", externalIP, dnsServers, mtu) }).To(Panic()) }) It("assigns the same bridge name to all IPs in the same subnet", func() {