Documentation ¶
Index ¶
- type Deps
- type Renderer
- func (rndr *Renderer) AddService(service *renderer.ContivService) error
- func (rndr *Renderer) AfterInit() error
- func (rndr *Renderer) Close() error
- func (rndr *Renderer) DeleteService(service *renderer.ContivService, ...) error
- func (rndr *Renderer) Init(snatOnly bool) error
- func (rndr *Renderer) Resync(resyncEv *renderer.ResyncEventData) error
- func (rndr *Renderer) UpdateLocalBackendIfs(oldIfNames, newIfNames renderer.Interfaces) error
- func (rndr *Renderer) UpdateLocalFrontendIfs(oldIfNames, newIfNames renderer.Interfaces) error
- func (rndr *Renderer) UpdateNodePortServices(nodeIPs *renderer.IPAddresses, npServices []*renderer.ContivService) error
- func (rndr *Renderer) UpdateService(oldService, newService *renderer.ContivService, ...) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Deps ¶
type Deps struct { Log logging.Logger Config *config.Config ContivConf contivconf.API IPAM ipam.API IPNet ipnet.API UpdateTxnFactory func(change string) (txn controller.UpdateOperations) ResyncTxnFactory func() (txn controller.ResyncOperations) GoVPPChan govpp.Channel /* used for direct NAT binary API calls */ Stats statscollector.API /* used for exporting the statistics */ }
Deps lists dependencies of the Renderer.
type Renderer ¶
type Renderer struct { Deps // contains filtered or unexported fields }
Renderer implements rendering of services for IPv4 in VPP.
The renderer maps ContivService instances into corresponding NAT44-DNAT model instances, installed into VPP by the Ligato/VPP-agent as a set of static mappings. Frontends and Backends are reflected in the global NAT44 configuration as `in` & `out` interface features, respectively.
NAT global configuration and DNAT instances generated in the Renderer are sent to the Ligato/VPP-agent via the local client interface. The Ligato/VPP-agent in turn updates the VPP-NAT44 configuration through binary APIs. For each transaction, the agent's vpp/ifplugin determines the minimum set of operations that need to be executed to reflect the configuration changes.
To allow access from service to itself, the Contiv plugin is asked to provide the virtual NAT loopback IP address, which is then inserted into the `TwiceNAT` address pool. `self-twice-nat` feature is enabled for every static mapping.
Until VPP supports timing-out of NAT sessions, the renderer also performs periodic cleanup of inactive NAT sessions.
An extra feature of the renderer, outside the scope of services, is a management of the dynamic source-NAT for node-outbound traffic, configured to enable Internet access even for pods with private IPv4 addresses. If dynamic SNAT is enabled in the Contiv configuration, the default interface IP (interface used to connect the node with the default GW) is added into the NAT main address pool and the interface itself is switched into the post-routing NAT mode (`output` feature) - both during Resync.
For more implementation details, please study the developer's guide for services: `docs/dev-guide/SERVICES.md` from the top directory.
func (*Renderer) AddService ¶
func (rndr *Renderer) AddService(service *renderer.ContivService) error
AddService installs destination-NAT rules for a newly added service.
func (*Renderer) DeleteService ¶
func (rndr *Renderer) DeleteService(service *renderer.ContivService, otherExistingServices []*renderer.ContivService) error
DeleteService removes destination-NAT configuration associated with a freshly un-deployed service.
func (*Renderer) Init ¶
Init initializes the renderer. Set <snatOnly> to true if the renderer should only configure SNAT and leave services to another renderer.
func (*Renderer) Resync ¶
func (rndr *Renderer) Resync(resyncEv *renderer.ResyncEventData) error
Resync completely replaces the current NAT configuration with the provided full state of K8s services.
func (*Renderer) UpdateLocalBackendIfs ¶
func (rndr *Renderer) UpdateLocalBackendIfs(oldIfNames, newIfNames renderer.Interfaces) error
UpdateLocalBackendIfs enables in2out VPP/NAT feature for interfaces connecting service backends with VPP.
func (*Renderer) UpdateLocalFrontendIfs ¶
func (rndr *Renderer) UpdateLocalFrontendIfs(oldIfNames, newIfNames renderer.Interfaces) error
UpdateLocalFrontendIfs enables out2in VPP/NAT feature for interfaces connecting clients with VPP.
func (*Renderer) UpdateNodePortServices ¶
func (rndr *Renderer) UpdateNodePortServices(nodeIPs *renderer.IPAddresses, npServices []*renderer.ContivService) error
UpdateNodePortServices updates configuration of nodeport services to reflect the changed list of all node IPs in the cluster.
func (*Renderer) UpdateService ¶
func (rndr *Renderer) UpdateService(oldService, newService *renderer.ContivService, otherExistingServices []*renderer.ContivService) error
UpdateService updates destination-NAT rules for a changed service.