func (c *FlowController) Setup(localSubnet, containerNetwork, servicesNetwork string, mtu uint) error {
_, ipnet, err := net.ParseCIDR(localSubnet)
subnetMaskLength, _ := ipnet.Mask.Size()
gateway := netutils.GenerateDefaultGateway(ipnet).String()
out, err := exec.Command("openshift-sdn-multitenant-setup.sh", gateway, ipnet.String(), containerNetwork, fmt.Sprint(subnetMaskLength), gateway, servicesNetwork, fmt.Sprint(mtu)).CombinedOutput()
log.Infof("Output of setup script:\n%s", out)
if err != nil {
exitErr, ok := err.(*exec.ExitError)
if ok {
status := exitErr.ProcessState.Sys().(syscall.WaitStatus)
if status.Exited() && status.ExitStatus() == 140 {
// valid, do nothing, its just a benevolent restart
err = nil
}
}
}
if err != nil {
log.Errorf("Error executing setup script. \n\tOutput: %s\n\tError: %v\n", out, err)
return err
}
fw := firewalld.New()
err = c.SetupIptables(fw, containerNetwork)
if err != nil {
log.Errorf("Error setting up iptables: %v\n", err)
return err
}
fw.AddReloadFunc(func() {
err = c.SetupIptables(fw, containerNetwork)
if err != nil {
log.Errorf("Error reloading iptables: %v\n", err)
}
})
return nil
}
func (oc *OvsController) StartNode(mtu uint) error {
err := oc.initSelfSubnet()
if err != nil {
log.Errorf("Failed to get subnet for this host: %v", err)
return err
}
// Assume we are working with IPv4
clusterNetworkCIDR, err := oc.subnetRegistry.GetClusterNetworkCIDR()
if err != nil {
log.Errorf("Failed to obtain ClusterNetwork: %v", err)
return err
}
servicesNetworkCIDR, err := oc.subnetRegistry.GetServicesNetworkCIDR()
if err != nil {
log.Errorf("Failed to obtain ServicesNetwork: %v", err)
return err
}
err = oc.flowController.Setup(oc.localSubnet.SubnetCIDR, clusterNetworkCIDR, servicesNetworkCIDR, mtu)
if err != nil {
return err
}
fw := firewalld.New()
err = SetupIptables(fw, clusterNetworkCIDR)
if err != nil {
return err
}
fw.AddReloadFunc(func() {
err := SetupIptables(fw, clusterNetworkCIDR)
if err != nil {
log.Errorf("Error reloading iptables: %v\n", err)
}
})
result, err := oc.watchAndGetResource("HostSubnet")
if err != nil {
return err
}
subnets := result.([]api.Subnet)
for _, s := range subnets {
oc.flowController.AddOFRules(s.NodeIP, s.SubnetCIDR, oc.localIP)
}
if oc.isMultitenant() {
result, err := oc.watchAndGetResource("NetNamespace")
if err != nil {
return err
}
nslist := result.([]api.NetNamespace)
for _, ns := range nslist {
oc.VNIDMap[ns.Name] = ns.NetID
}
result, err = oc.watchAndGetResource("Service")
if err != nil {
return err
}
services := result.([]api.Service)
for _, svc := range services {
netid, found := oc.VNIDMap[svc.Namespace]
if !found {
return fmt.Errorf("Error fetching Net ID for namespace: %s", svc.Namespace)
}
oc.flowController.AddServiceOFRules(netid, svc.IP, svc.Protocol, svc.Port)
}
_, err = oc.watchAndGetResource("Pod")
if err != nil {
return err
}
}
if oc.ready != nil {
close(oc.ready)
}
return nil
}