func (d *Daemon) init() error {
globalsDir := filepath.Join(d.conf.RunDir, "globals")
if err := os.MkdirAll(globalsDir, 0755); err != nil {
log.Fatalf("Could not create runtime directory %s: %s", globalsDir, err)
}
if err := os.Chdir(d.conf.RunDir); err != nil {
log.Fatalf("Could not change to runtime directory %s: \"%s\"",
d.conf.RunDir, err)
}
f, err := os.Create("./globals/node_config.h")
if err != nil {
log.Warningf("Failed to create node configuration file: %s", err)
return err
}
fw := bufio.NewWriter(f)
hostIP := d.conf.NodeAddress.IPv6Address.HostIP()
fmt.Fprintf(fw, ""+
"/*\n"+
" * Node-IPv6: %s\n"+
" * Host-IPv6: %s\n",
d.conf.NodeAddress.IPv6Address.IP().String(),
hostIP.String())
if d.conf.IPv4Enabled {
fmt.Fprintf(fw, ""+
" * Host-IPv4: %s\n"+
" */\n\n"+
"#define ENABLE_IPV4\n",
d.conf.NodeAddress.IPv4Address.IP().String())
} else {
fw.WriteString(" */\n\n")
}
fmt.Fprintf(fw, "#define NODE_ID %#x\n", d.conf.NodeAddress.IPv6Address.NodeID())
fw.WriteString(common.FmtDefineArray("ROUTER_IP", d.conf.NodeAddress.IPv6Address))
ipv4GW := d.conf.NodeAddress.IPv4Address
fmt.Fprintf(fw, "#define IPV4_GATEWAY %#x\n", binary.LittleEndian.Uint32(ipv4GW))
ipv4Range := d.conf.NodeAddress.IPv4AllocRange()
fmt.Fprintf(fw, "#define IPV4_RANGE %#x\n", binary.LittleEndian.Uint32(ipv4Range.IP))
fmt.Fprintf(fw, "#define IPV4_MASK %#x\n", binary.LittleEndian.Uint32(ipv4Range.Mask))
ipv4ClusterRange := d.conf.NodeAddress.IPv4ClusterRange()
fmt.Fprintf(fw, "#define IPV4_CLUSTER_RANGE %#x\n", binary.LittleEndian.Uint32(ipv4ClusterRange.IP))
fmt.Fprintf(fw, "#define IPV4_CLUSTER_MASK %#x\n", binary.LittleEndian.Uint32(ipv4ClusterRange.Mask))
if nat46Range := d.conf.NAT46Prefix; nat46Range != nil {
fw.WriteString(common.FmtDefineAddress("NAT46_PREFIX", nat46Range.IP))
}
fw.WriteString(common.FmtDefineAddress("HOST_IP", hostIP))
fmt.Fprintf(fw, "#define HOST_ID %d\n", labels.GetID(labels.ID_NAME_HOST))
fmt.Fprintf(fw, "#define WORLD_ID %d\n", labels.GetID(labels.ID_NAME_WORLD))
fw.Flush()
f.Close()
if !d.conf.DryMode {
d.conf.OptsMU.RLock()
if err := d.compileBase(); err != nil {
d.conf.OptsMU.RUnlock()
return err
}
d.conf.OptsMU.RUnlock()
d.conf.LXCMap, err = lxcmap.OpenMap(common.BPFMap)
if err != nil {
log.Warningf("Could not create BPF map '%s': %s", common.BPFMap, err)
return err
}
if _, err := lbmap.Service6Map.OpenOrCreate(); err != nil {
return err
}
if _, err := lbmap.RevNat6Map.OpenOrCreate(); err != nil {
return err
}
if d.conf.IPv4Enabled {
if _, err := lbmap.Service4Map.OpenOrCreate(); err != nil {
return err
}
if _, err := lbmap.RevNat4Map.OpenOrCreate(); err != nil {
return err
}
}
// Clean all lb entries
if !d.conf.RestoreState {
if err := d.SVCDeleteAll(); err != nil {
return err
}
}
}
return nil
}
func (d *Daemon) writeBPFHeader(lxcDir string, ep *endpoint.Endpoint, geneveOpts []byte) error {
headerPath := filepath.Join(lxcDir, common.CHeaderFileName)
f, err := os.Create(headerPath)
if err != nil {
return fmt.Errorf("failed to open file %s for writing: %s", headerPath, err)
}
defer f.Close()
fw := bufio.NewWriter(f)
fmt.Fprint(fw, "/*\n")
if epStr64, err := ep.Base64(); err == nil {
fmt.Fprintf(fw, " * %s%s:%s\n * \n", common.CiliumCHeaderPrefix,
common.Version, epStr64)
} else {
ep.LogStatus(endpoint.Warning, fmt.Sprintf("Unable to create a base64: %s", err))
}
if ep.DockerID == "" {
fmt.Fprintf(fw, " * Docker Network ID: %s\n", ep.DockerNetworkID)
fmt.Fprintf(fw, " * Docker Endpoint ID: %s\n", ep.DockerEndpointID)
} else {
fmt.Fprintf(fw, " * Docker Container ID: %s\n", ep.DockerID)
}
fmt.Fprintf(fw, ""+
" * MAC: %s\n"+
" * IPv6 address: %s\n"+
" * IPv4 address: %s\n"+
" * SecLabelID: %#x\n"+
" * PolicyMap: %s\n"+
" * NodeMAC: %s\n"+
" */\n\n",
ep.LXCMAC, ep.IPv6.String(), ep.IPv4.String(),
ep.SecLabel.ID, path.Base(ep.PolicyMapPath()), ep.NodeMAC)
fw.WriteString("/*\n")
fw.WriteString(" * Labels:\n")
if len(ep.SecLabel.Labels) == 0 {
fmt.Fprintf(fw, " * - %s\n", "(no labels)")
} else {
for _, v := range ep.SecLabel.Labels {
fmt.Fprintf(fw, " * - %s\n", v)
}
}
fw.WriteString(" */\n\n")
fw.WriteString(common.FmtDefineAddress("LXC_MAC", ep.LXCMAC))
fw.WriteString(common.FmtDefineAddress("LXC_IP", ep.IPv6))
if ep.IPv4 != nil {
fmt.Fprintf(fw, "#define LXC_IPV4 %#x\n", binary.BigEndian.Uint32(ep.IPv4))
}
fw.WriteString(common.FmtDefineAddress("NODE_MAC", ep.NodeMAC))
fw.WriteString(common.FmtDefineArray("GENEVE_OPTS", geneveOpts))
fmt.Fprintf(fw, "#define LXC_ID %#x\n", ep.ID)
fmt.Fprintf(fw, "#define LXC_ID_NB %#x\n", common.Swab16(ep.ID))
fmt.Fprintf(fw, "#define SECLABEL_NB %#x\n", common.Swab32(ep.SecLabel.ID))
fmt.Fprintf(fw, "#define SECLABEL %#x\n", ep.SecLabel.ID)
fmt.Fprintf(fw, "#define POLICY_MAP %s\n", path.Base(ep.PolicyMapPath()))
fmt.Fprintf(fw, "#define CT_MAP_SIZE 512000\n")
fmt.Fprintf(fw, "#define CT_MAP6 %s\n", path.Base(common.BPFMapCT6+strconv.Itoa(int(ep.ID))))
fmt.Fprintf(fw, "#define CT_MAP4 %s\n", path.Base(common.BPFMapCT4+strconv.Itoa(int(ep.ID))))
// Always enable L4 and L3 load balancer for now
fw.WriteString("#define LB_L3\n")
fw.WriteString("#define LB_L4\n")
// Endpoint options
fw.WriteString(ep.Opts.GetFmtList())
fw.WriteString("#define LXC_PORT_MAPPINGS ")
for _, m := range ep.PortMap {
// Write mappings directly in network byte order so we don't have
// to convert it in the fast path
fmt.Fprintf(fw, "{%#x,%#x},", common.Swab16(m.From), common.Swab16(m.To))
}
fw.WriteString("\n")
return fw.Flush()
}