func main() { // glog will log to tmp files by default. override so all entries // can flow into journald (if running under systemd) flag.Set("logtostderr", "true") // now parse command line args flag.Parse() if opts.help { fmt.Fprintf(os.Stderr, "Usage: %s [OPTION]...\n", os.Args[0]) flag.PrintDefaults() os.Exit(0) } if opts.version { fmt.Fprintln(os.Stderr, Version) os.Exit(0) } flagsFromEnv("FLANNELD", flag.CommandLine) be, sm, err := newBackend() if err != nil { log.Info(err) os.Exit(1) } // Register for SIGINT and SIGTERM and wait for one of them to arrive log.Info("Installing signal handlers") sigs := make(chan os.Signal, 1) signal.Notify(sigs, os.Interrupt, syscall.SIGTERM) exit := make(chan int) go run(be, sm, exit) for { select { case <-sigs: // unregister to get default OS nuke behaviour in case we don't exit cleanly signal.Stop(sigs) log.Info("Exiting...") be.Stop() case code := <-exit: log.Infof("%s mode exited", be.Name()) os.Exit(code) } } }
func (rb *HostgwBackend) Run() { rb.wg.Add(1) go func() { rb.sm.LeaseRenewer(rb.stop) rb.wg.Done() }() log.Info("Watching for new subnet leases") evts := make(chan subnet.EventBatch) rb.wg.Add(1) go func() { rb.sm.WatchLeases(evts, rb.stop) rb.wg.Done() }() defer rb.wg.Wait() for { select { case evtBatch := <-evts: rb.handleSubnetEvents(evtBatch) case <-rb.stop: return } } }
func setupIpMasq(localNet ip.IP4Net, overlayNet ip.IP4Net) error { ipt, err := ip.NewIPTables() if err != nil { return err } err = ipt.ClearChain("nat", "FLANNEL") if err != nil { return fmt.Errorf("Failed to create/clear FLANNEL chain in NAT table: %v", err) } rules := [][]string{ []string{"FLANNEL", "-s", localNet.String(), "-o", "lo", "-j", "ACCEPT"}, []string{"FLANNEL", "-s", localNet.String(), "!", "-d", overlayNet.String(), "-j", "MASQUERADE"}, []string{"POSTROUTING", "-s", localNet.String(), "-j", "FLANNEL"}, } for _, args := range rules { log.Info("Adding iptables rule: ", strings.Join(args, " ")) if err := ipt.AppendUnique("nat", args...); err != nil { return fmt.Errorf("Failed to insert IP masquerade rule: %v", err) } } return nil }
func (sm *SubnetManager) LeaseRenewer(cancel chan bool) { for { dur := sm.leaseExp.Sub(time.Now()) - renewMargin select { case <-time.After(dur): sm.mtx.RLock() attrBytes, err := json.Marshal(&sm.myLease.Attrs) sm.mtx.RUnlock() if err != nil { log.Error("Error renewing lease (trying again in 1 min): ", err) dur = time.Minute continue } sm.mtx.RLock() resp, err := sm.registry.UpdateSubnet(sm.myLease.Network.StringSep(".", "-"), string(attrBytes), subnetTTL) sm.mtx.RUnlock() if err != nil { log.Error("Error renewing lease (trying again in 1 min): ", err) dur = time.Minute continue } sm.leaseExp = *resp.Expiration log.Info("Lease renewed, new expiration: ", sm.leaseExp) dur = sm.leaseExp.Sub(time.Now()) - renewMargin case <-cancel: return } } }
func setupIpMasq(ipn ip.IP4Net, iface string) error { ipt, err := ip.NewIPTables() if err != nil { return fmt.Errorf("failed to setup IP Masquerade. iptables was not found") } err = ipt.ClearChain("nat", "FLANNEL") if err != nil { return fmt.Errorf("Failed to create/clear FLANNEL chain in NAT table: %v", err) } rules := [][]string{ // This rule makes sure we don't NAT traffic within overlay network (e.g. coming out of docker0) {"FLANNEL", "-d", ipn.String(), "-j", "ACCEPT"}, // This rule makes sure we don't NAT multicast traffic within overlay network {"FLANNEL", "-d", "224.0.0.0/4", "-j", "ACCEPT"}, // This rule will NAT everything originating from our overlay network and {"FLANNEL", "!", "-o", iface, "-j", "MASQUERADE"}, // This rule will take everything coming from overlay and sent it to FLANNEL chain {"POSTROUTING", "-s", ipn.String(), "-j", "FLANNEL"}, } for _, args := range rules { log.Info("Adding iptables rule: ", strings.Join(args, " ")) err = ipt.AppendUnique("nat", args...) if err != nil { return fmt.Errorf("Failed to insert IP masquerade rule: %v", err) } } return nil }
func lookupIface() (*net.Interface, net.IP, error) { var iface *net.Interface var ipaddr net.IP var err error if len(opts.iface) > 0 { if ipaddr = net.ParseIP(opts.iface); ipaddr != nil { iface, err = ip.GetInterfaceByIP(ipaddr) if err != nil { return nil, nil, fmt.Errorf("Error looking up interface %s: %s", opts.iface, err) } } else { iface, err = net.InterfaceByName(opts.iface) if err != nil { return nil, nil, fmt.Errorf("Error looking up interface %s: %s", opts.iface, err) } } } else { log.Info("Determining IP address of default interface") if iface, err = ip.GetDefaultGatewayIface(); err != nil { return nil, nil, fmt.Errorf("Failed to get default interface: %s", err) } } if ipaddr == nil { ipaddr, err = ip.GetIfaceIP4Addr(iface) if err != nil { return nil, nil, fmt.Errorf("Failed to find IPv4 address for interface %s", iface.Name) } } return iface, ipaddr, nil }
func ensureExpiration(resp *etcd.Response, ttl uint64) { if resp.Node.Expiration == nil { // should not be but calc it ourselves in this case log.Info("Expiration field missing on etcd response, calculating locally") exp := time.Now().Add(time.Duration(ttl) * time.Second) resp.Node.Expiration = &exp } }
func (m *UdpBackend) processSubnetEvents(batch subnet.EventBatch) { for _, evt := range batch { switch evt.Type { case subnet.SubnetAdded: log.Info("Subnet added: ", evt.Lease.Network) setRoute(m.ctl, evt.Lease.Network, evt.Lease.Attrs.PublicIP, m.cfg.Port) case subnet.SubnetRemoved: log.Info("Subnet removed: ", evt.Lease.Network) removeRoute(m.ctl, evt.Lease.Network) default: log.Error("Internal error: unknown event type: ", int(evt.Type)) } } }
func (rb *HostgwBackend) handleSubnetEvents(batch subnet.EventBatch) { for _, evt := range batch { switch evt.Type { case subnet.SubnetAdded: log.Infof("Subnet added: %v via %v", evt.Lease.Network, evt.Lease.Attrs.PublicIP) if evt.Lease.Attrs.BackendType != "host-gw" { log.Warningf("Ignoring non-host-gw subnet: type=%v", evt.Lease.Attrs.BackendType) continue } route := netlink.Route{ Dst: evt.Lease.Network.ToIPNet(), Gw: evt.Lease.Attrs.PublicIP.ToIP(), LinkIndex: rb.extIface.Index, } if err := netlink.RouteAdd(&route); err != nil { log.Errorf("Error adding route to %v via %v: %v", evt.Lease.Network, evt.Lease.Attrs.PublicIP, err) continue } case subnet.SubnetRemoved: log.Info("Subnet removed: ", evt.Lease.Network) if evt.Lease.Attrs.BackendType != "host-gw" { log.Warningf("Ignoring non-host-gw subnet: type=%v", evt.Lease.Attrs.BackendType) continue } route := netlink.Route{ Dst: evt.Lease.Network.ToIPNet(), Gw: evt.Lease.Attrs.PublicIP.ToIP(), LinkIndex: rb.extIface.Index, } if err := netlink.RouteDel(&route); err != nil { log.Errorf("Error deleting route to %v: %v", evt.Lease.Network, err) continue } default: log.Error("Internal error: unknown event type: ", int(evt.Type)) } } }
func (m *UdpBackend) monitorEvents() { log.Info("Watching for new subnet leases") evts := make(chan subnet.EventBatch) m.wg.Add(1) go func() { m.sm.WatchLeases(evts, m.stop) m.wg.Done() }() for { select { case evtBatch := <-evts: m.processSubnetEvents(evtBatch) case <-m.stop: return } } }
func (sm *SubnetManager) AcquireLease(attrs *LeaseAttrs, cancel chan bool) (ip.IP4Net, error) { for { sn, err := sm.acquireLeaseOnce(attrs, cancel) switch { case err == nil: log.Info("Subnet lease acquired: ", sn) return sn, nil case err == task.ErrCanceled: return ip.IP4Net{}, err default: log.Error("Failed to acquire subnet: ", err) } select { case <-time.After(time.Second): case <-cancel: return ip.IP4Net{}, task.ErrCanceled } } }