ecscni

package
v1.52.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 14, 2021 License: Apache-2.0 Imports: 16 Imported by: 47

Documentation

Index

Constants

View Source
const (

	// NetnsFormat is used to construct the path to cotainer network namespace
	NetnsFormat = "/host/proc/%s/ns/net"
	// ECSIPAMPluginName is the binary of the ipam plugin
	ECSIPAMPluginName = "ecs-ipam"
	// ECSBridgePluginName is the binary of the bridge plugin
	ECSBridgePluginName = "ecs-bridge"
	// ECSENIPluginName is the binary of the eni plugin
	ECSENIPluginName = "ecs-eni"
	// ECSAppMeshPluginName is the binary of aws-appmesh plugin
	ECSAppMeshPluginName = "aws-appmesh"
	// ECSBranchENIPluginName is the binary of the branch-eni plugin
	ECSBranchENIPluginName = "vpc-branch-eni"
	// TaskIAMRoleEndpoint is the endpoint of ecs-agent exposes credentials for
	// task IAM role
	TaskIAMRoleEndpoint = "169.254.170.2/32"
	// CapabilityAWSVPCNetworkingMode is the capability string, which when
	// present in the output of the '--capabilities' command of a CNI plugin
	// indicates that the plugin can support the ECS "awsvpc" network mode
	CapabilityAWSVPCNetworkingMode = "awsvpc-network-mode"
)

Variables

This section is empty.

Functions

func NewAppMeshConfig added in v1.31.0

func NewAppMeshConfig(appMesh *appmesh.AppMesh, cfg *Config) (string, *libcni.NetworkConfig, error)

NewAppMeshConfig creates a new AppMesh CNI network configuration.

func NewBranchENINetworkConfig added in v1.31.0

func NewBranchENINetworkConfig(eni *eni.ENI, cfg *Config) (string, *libcni.NetworkConfig, error)

NewBranchENINetworkConfig creates a new branch ENI CNI network configuration.

func NewBridgeNetworkConfig added in v1.31.0

func NewBridgeNetworkConfig(cfg *Config, includeIPAM bool) (string, *libcni.NetworkConfig, error)

NewBridgeNetworkConfig creates the config of bridge for ADD command, where bridge plugin acquires the IP and route information from IPAM.

func NewENINetworkConfig added in v1.31.0

func NewENINetworkConfig(eni *eni.ENI, cfg *Config) (string, *libcni.NetworkConfig, error)

NewENINetworkConfig creates a new ENI CNI network configuration.

func NewIPAMNetworkConfig added in v1.31.0

func NewIPAMNetworkConfig(cfg *Config) (string, *libcni.NetworkConfig, error)

NewIPAMNetworkConfig creates the IPAM configuration accepted by libcni.

Types

type AppMeshConfig added in v1.26.0

type AppMeshConfig struct {
	// Type is the cni plugin name
	Type string `json:"type,omitempty"`
	// CNIVersion is the cni spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// IgnoredUID specifies egress traffic from the processes owned by the UID will be ignored
	IgnoredUID string `json:"ignoredUID,omitempty"`
	// IgnoredGID specifies egress traffic from the processes owned by the GID will be ignored
	IgnoredGID string `json:"ignoredGID,omitempty"`
	// ProxyIngressPort is the ingress port number that proxy is listening on
	ProxyIngressPort string `json:"proxyIngressPort"`
	// ProxyEgressPort is the egress port number that proxy is listening on
	ProxyEgressPort string `json:"proxyEgressPort"`
	// AppPorts specifies port numbers that application is listening on
	AppPorts []string `json:"appPorts"`
	// EgressIgnoredPorts is the list of ports for which egress traffic will be ignored
	EgressIgnoredPorts []string `json:"egressIgnoredPorts,omitempty"`
	// EgressIgnoredIPs is the list of IPs for which egress traffic will be ignored
	EgressIgnoredIPs []string `json:"egressIgnoredIPs,omitempty"`
}

AppMeshConfig contains all the information needed to invoke the app mesh plugin

type BranchENIConfig added in v1.28.0

type BranchENIConfig struct {
	// CNIVersion is the CNI spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// Name is the CNI network name
	Name string `json:"name,omitempty"`
	// Type is the CNI plugin name
	Type string `json:"type,omitempty"`

	// TrunkMACAddress is the MAC address of the trunk ENI
	TrunkMACAddress string `json:"trunkMACAddress,omitempty"`
	// BranchVlanID is the VLAN ID of the branch ENI
	BranchVlanID string `json:"branchVlanID,omitempty"`
	// BranchMacAddress is the MAC address of the branch ENI
	BranchMACAddress string `json:"branchMACAddress"`
	// IPAddresses contains the IP addresses of the branch ENI.
	IPAddresses []string `json:"ipAddresses"`
	// GatewayIPAddresses contains the IP addresses of the default gateway in the subnet.
	GatewayIPAddresses []string `json:"gatewayIPAddresses"`
	// BlockInstanceMetdata specifies if InstanceMetadata endpoint should be blocked.
	BlockInstanceMetadata bool `json:"blockInstanceMetadata"`
	// InterfaceType is the type of the interface to connect the branch ENI to
	InterfaceType string `json:"interfaceType,omitempty"`
}

BranchENIConfig contains all the information needed to invoke the vpc-branch-eni plugin

type BridgeConfig

type BridgeConfig struct {
	// Type is the cni plugin name
	Type string `json:"type,omitempty"`
	// CNIVersion is the cni spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// BridgeName is the name of bridge
	BridgeName string `json:"bridge"`
	// IsGw indicates whether the bridge act as a gateway, it determines whether
	// an ip address needs to assign to the bridge
	IsGW bool `json:"isGateway"`
	// IsDefaultGW indicates whether the bridge is the gateway of the container
	IsDefaultGW bool `json:"isDefaultGateway"`
	// ForceAddress indicates whether a new ip should be assigned if the bridge
	// has already a different ip
	ForceAddress bool `json:"forceAddress"`
	// IPMasq indicates whether to setup the IP Masquerade for traffic originating
	// from this network
	IPMasq bool `json:"ipMasq"`
	// MTU sets MTU of the bridge interface
	MTU int `json:"mtu"`
	// HairpinMode sets the hairpin mode of interface on the bridge
	HairpinMode bool `json:"hairpinMode"`
	// IPAM is the configuration to acquire ip/route from ipam plugin
	IPAM IPAMConfig `json:"ipam,omitempty"`
}

BridgeConfig contains all the information needed to invoke the bridge plugin

type CNIClient

type CNIClient interface {
	// Version returns the version of the plugin
	Version(string) (string, error)
	// Capabilities returns the capabilities supported by a plugin
	Capabilities(string) ([]string, error)
	// SetupNS sets up the namespace of container
	SetupNS(context.Context, *Config, time.Duration) (*current.Result, error)
	// CleanupNS cleans up the container namespace
	CleanupNS(context.Context, *Config, time.Duration) error
	// ReleaseIPResource marks the ip available in the ipam db
	ReleaseIPResource(context.Context, *Config, time.Duration) error
}

CNIClient defines the method of setting/cleaning up container namespace

func NewClient

func NewClient(pluginsPath string) CNIClient

NewClient creates a client of ecscni which is used to invoke the plugin

type Config

type Config struct {
	// PluginsPath indicates the path where cni plugins are located
	PluginsPath string
	// MinSupportedCNIVersion is the minimum cni spec version supported
	MinSupportedCNIVersion string
	// ContainerID is the id of container of which to set up the network namespace
	ContainerID string
	// ContainerPID is the pid of the container
	ContainerPID string
	// BridgeName is the name used to create the bridge
	BridgeName string
	// IPAMV4Address is the ipv4 used to assign from ipam
	IPAMV4Address *cnitypes.IPNet
	// ID is the information associate with ip in ipam
	ID string
	// BlockInstanceMetadata specifies if InstanceMetadata endpoint should be blocked
	BlockInstanceMetadata bool
	// AdditionalLocalRoutes specifies additional routes to be added to the task namespace
	AdditionalLocalRoutes []cnitypes.IPNet
	// NetworkConfigs is the list of CNI network configurations to be invoked
	NetworkConfigs []*NetworkConfig
}

Config contains all the information to set up the container namespace using the plugins

type ENIConfig

type ENIConfig struct {
	// Type is the cni plugin name
	Type string `json:"type,omitempty"`
	// CNIVersion is the cni spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// ENIID is the id of ec2 eni
	ENIID string `json:"eni"`
	// MacAddress is the mac address of eni
	MACAddress string `json:"mac"`
	// IPAddresses contains the ip addresses of the ENI.
	IPAddresses []string `json:"ip-addresses"`
	// GatewayIPAddresses specifies the addresses of the subnet gateway for the ENI.
	GatewayIPAddresses []string `json:"gateway-ip-addresses"`
	// BlockInstanceMetadata specifies if InstanceMetadata endpoint should be blocked
	BlockInstanceMetadata bool `json:"block-instance-metadata"`
}

ENIConfig contains all the information needed to invoke the eni plugin

type IPAMConfig

type IPAMConfig struct {
	// Type is the cni plugin name
	Type string `json:"type,omitempty"`
	// ID is the information stored in the ipam along with ip as key-value pair
	ID string `json:"id,omitempty"`
	// CNIVersion is the cni spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// IPV4Subnet is the ip address range managed by ipam
	IPV4Subnet string `json:"ipv4-subnet,omitempty"`
	// IPV4Address is the ip address to deal with(assign or release) in ipam
	IPV4Address *cnitypes.IPNet `json:"ipv4-address,omitempty"`
	// IPV4Gateway is the gateway returned by ipam, defalut the '.1' in the subnet
	IPV4Gateway string `json:"ipv4-gateway,omitempty"`
	// IPV4Routes is the route to added in the containerr namespace
	IPV4Routes []*cnitypes.Route `json:"ipv4-routes,omitempty"`
}

IPAMConfig contains all the information needed to invoke the ipam plugin

type IPAMNetworkConfig

type IPAMNetworkConfig struct {
	Name       string     `json:"name,omitempty"`
	Type       string     `json:"type,omitempty"`
	CNIVersion string     `json:"cniVersion,omitempty"`
	IPAM       IPAMConfig `json:"ipam"`
}

IPAMNetworkConfig is the config format accepted by the plugin

type NetworkConfig added in v1.31.0

type NetworkConfig struct {
	// IfName is the name of the network interface device, to be set within the
	// network namespace.
	IfName string
	// CNINetworkConfig is the network configuration required to invoke the CNI plugin
	CNINetworkConfig *libcni.NetworkConfig
}

NetworkConfig wraps CNI library's NetworkConfig object. It tracks the interface device name (the IfName param required to invoke AddNetwork) along with libcni's NetworkConfig object. The IfName is required to be set to invoke `AddNetwork` method when invoking plugins to set up the network namespace.

Directories

Path Synopsis
Package mock_ecscni is a generated GoMock package.
Package mock_ecscni is a generated GoMock package.
Package mock_types is a generated GoMock package.
Package mock_types is a generated GoMock package.
Package mock_libcni is a generated GoMock package.
Package mock_libcni is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL