ecscni

package
v0.0.0-...-fb1fb40 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 8, 2025 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source
const (
	DefaultInterfaceName = "eth0"
	DefaultENIName       = "eth1"

	PluginLogPath = "/var/log/ecs/ecs-cni-warmpool.log"
)
View Source
const (
	NETNS_PATH_DEFAULT = "/var/run/netns"
	NETNS_PROC_FORMAT  = "/proc/%d/task/%d/ns/net"

	NsFileMode = 0444
)
View Source
const (
	PluginName = "testPlugin"
	CNIVersion = "testVersion"
	NetNS      = "testNetNS"
	IfName     = "testIfName"
)

Variables

This section is empty.

Functions

func BuildNetworkConfig

func BuildNetworkConfig(cfg PluginConfig) (*libcni.NetworkConfig, error)

BuildNetworkConfig constructs the network configuration follow the format of libcni

func BuildRuntimeConfig

func BuildRuntimeConfig(cfg PluginConfig) *libcni.RuntimeConf

BuildRuntimeConfig constructs the runtime configuration following the format of libcni.

func SetV2NDstPortAndDeviceName

func SetV2NDstPortAndDeviceName(iface *networkinterface.NetworkInterface, netDAO netlibdata.NetworkDataClient) error

SetV2NDstPortAndDeviceName assigns a destination port to the task ENI and assigns it a device name with the pattern gnv<vni><dst port>.

Types

type AppMeshConfig

type AppMeshConfig struct {
	CNIConfig
	// IgnoredUID specifies egress traffic from the processes owned by the UID will be ignored
	IgnoredUID string `json:"ignoredUID,omitempty"`
	// IgnoredGID specifies egress traffic from the processes owned by the GID will be ignored
	IgnoredGID string `json:"ignoredGID,omitempty"`
	// ProxyIngressPort is the ingress port number that proxy is listening on
	ProxyIngressPort string `json:"proxyIngressPort"`
	// ProxyEgressPort is the egress port number that proxy is listening on
	ProxyEgressPort string `json:"proxyEgressPort"`
	// AppPorts specifies port numbers that application is listening on
	AppPorts []string `json:"appPorts"`
	// EgressIgnoredPorts is the list of ports for which egress traffic will be ignored
	EgressIgnoredPorts []string `json:"egressIgnoredPorts,omitempty"`
	// EgressIgnoredIPs is the list of IPs for which egress traffic will be ignored
	EgressIgnoredIPs []string `json:"egressIgnoredIPs,omitempty"`
}

AppMeshConfig contains the information needed to invoke the appmesh CNI plugin.

func NewAppMeshConfig

func NewAppMeshConfig(cniConfig CNIConfig, cfg *appmesh.AppMesh) *AppMeshConfig

func (*AppMeshConfig) CNIVersion

func (amc *AppMeshConfig) CNIVersion() string

func (*AppMeshConfig) InterfaceName

func (amc *AppMeshConfig) InterfaceName() string

func (*AppMeshConfig) NSPath

func (amc *AppMeshConfig) NSPath() string

func (*AppMeshConfig) PluginName

func (amc *AppMeshConfig) PluginName() string

func (*AppMeshConfig) String

func (amc *AppMeshConfig) String() string

type BridgeConfig

type BridgeConfig struct {
	CNIConfig
	// Name is the name of bridge
	Name string `json:"bridge"`
	// IPAM is the configuration to acquire ip/route from ipam plugin
	IPAM IPAMConfig `json:"ipam,omitempty"`
	// DeviceName is the name of the veth inside the namespace
	// this was used as a parameter of the libcni, thus don't need to be marshalled
	// in the plugin configuration
	DeviceName string `json:"-"`
}

BridgeConfig defines the configuration for bridge plugin

func (*BridgeConfig) CNIVersion

func (bc *BridgeConfig) CNIVersion() string

func (*BridgeConfig) InterfaceName

func (bc *BridgeConfig) InterfaceName() string

InterfaceName returns the veth pair name will be used inside the namespace

func (*BridgeConfig) NSPath

func (bc *BridgeConfig) NSPath() string

func (*BridgeConfig) PluginName

func (bc *BridgeConfig) PluginName() string

func (*BridgeConfig) String

func (bc *BridgeConfig) String() string

type CNI

type CNI interface {
	// Add calls the plugin add command with given configuration
	Add(context.Context, PluginConfig) (types.Result, error)
	// Del calls the plugin del command with given configuration
	Del(context.Context, PluginConfig) error
	// Version calls the version command of plugin
	Version(string) (string, error)
}

CNI defines the plugin invocation interface

func NewCNIClient

func NewCNIClient(paths []string) CNI

NewCNIClient creates a new CNIClient

type CNIConfig

type CNIConfig struct {
	NetNSPath      string `json:"-"`
	CNISpecVersion string `json:"cniVersion"`
	CNIPluginName  string `json:"type"`
}

CNIConfig defines the runtime configuration for invoking the plugin

func (*CNIConfig) ContainerID

func (cc *CNIConfig) ContainerID() string

ContainerID returns a plaintext identifier for a container. In our case we do not make use of this field, although it is required to include a non-empty value for it since the CNI framework enforces it. Hence we return a fixed string.

func (*CNIConfig) NetworkName

func (cc *CNIConfig) NetworkName() string

NetworkName returns a plaintext identifier which should be unique across all network configurations on a host (or other administrative domain). In our case we do not make use of this field, although it is required to include a non-empty value for it since the CNI framework enforces it. Hence we return a fixed string.

func (*CNIConfig) String

func (cc *CNIConfig) String() string

type CNIPluginVersion

type CNIPluginVersion struct {
	Version string `json:"version"`
	Dirty   bool   `json:"dirty"`
	Hash    string `json:"gitShortHash"`
}

CNIPluginVersion is used to convert the JSON output of the '--version' command into a string

func (*CNIPluginVersion) String

func (v *CNIPluginVersion) String() string

String returns the version information as formatted string

type Config

type Config interface {
	String() string
}

Config is a general interface represents all kinds of plugin configs

type ENIConfig

type ENIConfig struct {
	CNIConfig
	// ENIID is the id of ec2 eni
	ENIID string `json:"eni"`
	// MacAddress is the mac address of eni
	MACAddress string `json:"mac"`
	// IPAddresses is the set of IP addresses assigned to the ENI.
	IPAddresses []string `json:"ip-addresses"`
	// GatewayIPAddresses is the set of subnet gateway IP addresses for the ENI.
	GatewayIPAddresses []string `json:"gateway-ip-addresses"`
	// BlockInstanceMetadata specifies if InstanceMetadata endpoint should be blocked.
	BlockInstanceMetadata bool `json:"block-instance-metadata"`
	// StayDown specifies if the ENI device should be brought up and configured.
	StayDown bool `json:"stay-down"`
	// DeviceName is the name of the interface will be set inside the namespace
	// this was used as a parameter of the libcni, which is not part of the plugin
	// configuration, thus no need to marshal
	DeviceName string `json:"-"`
	// MTU is the mtu of the eni that should be set if not default value
	MTU int `json:"mtu"`
}

ENIConfig contains all the information needed to invoke the eni plugin

func NewENIConfig

func NewENIConfig(
	cniConfig CNIConfig,
	eni *networkinterface.NetworkInterface,
	blockInstanceMetadata bool,
	stayDown bool,
	mtu int,
) *ENIConfig

func (*ENIConfig) CNIVersion

func (ec *ENIConfig) CNIVersion() string

func (*ENIConfig) InterfaceName

func (ec *ENIConfig) InterfaceName() string

func (*ENIConfig) NSPath

func (ec *ENIConfig) NSPath() string

func (*ENIConfig) PluginName

func (ec *ENIConfig) PluginName() string

func (*ENIConfig) String

func (ec *ENIConfig) String() string

type EgressConfig

type EgressConfig struct {
	ListenerPort int64     `json:"listenerPort"`
	VIP          vipConfig `json:"vip"`
	// RedirectMode dictates what mechanism the plugin should use for redirecting egress traffic.
	// For awsvpc mode the value is "nat" always.
	RedirectMode string `json:"redirectMode"`
}

EgressConfig defines the egress network config in JSON format for the ecs-serviceconnect CNI plugin.

type IPAMConfig

type IPAMConfig struct {
	CNIConfig
	// IPV4Subnet is the ip address range managed by ipam
	IPV4Subnet string `json:"ipv4-subnet,omitempty"`
	// IPV4Address is the ip address to deal with(assign or release) in ipam
	IPV4Address string `json:"ipv4-address,omitempty"`
	// IPV4Gateway is the gateway returned by ipam, defalut the '.1' in the subnet
	IPV4Gateway string `json:"ipv4-gateway,omitempty"`
	// IPV4Routes is the route to added in the container namespace
	IPV4Routes []*types.Route `json:"ipv4-routes,omitempty"`
	// ID is the key stored with the assigned ip in ipam
	ID string `json:"id"`
}

IPAMConfig defines the configuration required for ipam plugin

func (*IPAMConfig) CNIVersion

func (ic *IPAMConfig) CNIVersion() string

func (*IPAMConfig) InterfaceName

func (ic *IPAMConfig) InterfaceName() string

func (*IPAMConfig) NSPath

func (ic *IPAMConfig) NSPath() string

func (*IPAMConfig) PluginName

func (ic *IPAMConfig) PluginName() string

func (*IPAMConfig) String

func (ic *IPAMConfig) String() string

type IngressConfig

type IngressConfig struct {
	ListenerPort  int64 `json:"listenerPort"`
	InterceptPort int64 `json:"interceptPort,omitempty"`
}

IngressConfig defines the ingress network config in JSON format for the ecs-serviceconnect CNI plugin.

type NetNSUtil

type NetNSUtil interface {
	// NewNetNS creates a new network namespace in the system
	NewNetNS(nsPath string) error
	// DelNetNS deletes the network namespace from the system
	DelNetNS(nsPath string) error
	// GetNetNSPath cretes the network namespace path from named namespace
	GetNetNSPath(nsName string) string
	// GetNetNSName extract the ns name from the netns path
	GetNetNSName(nsPath string) string
	// NSExists checks if the given ns path exists or not
	NSExists(nsPath string) (bool, error)
	// ExecInNSPath invokes the function in the given network namespace
	ExecInNSPath(nsPath string, cb func(cnins.NetNS) error) error
	// BuildResolvConfig constructs the content of dns configuration file resolv.conf
	BuildResolvConfig(nameservers, searchDomains []string) string
}

NetNSUtil provides some basic methods for agent to deal with network namespace

func NewNetNSUtil

func NewNetNSUtil() NetNSUtil

type PluginConfig

type PluginConfig interface {
	// String returns the human-readable information of the configuration
	String() string
	// InterfaceName returns the name of the interface to be configured
	InterfaceName() string
	// NSPath returns the path of the network namespace
	NSPath() string
	// PluginName returns the name of the plugin
	PluginName() string
	// CNIVersion returns the version of the cni spec
	CNIVersion() string
	// NetworkName returns the network name to be used by CNI plugin during network creation.
	// NetworkName is part of the network configuration required as per the CNI specifications.
	// https://github.com/containernetworking/cni/blob/master/SPEC.md
	NetworkName() string
	// ContainerID returns a plaintext identifier for a container. In our case we do not make use
	// of this field, although it is required to include a non-empty value for it since the
	// CNI framework enforces it.
	ContainerID() string
}

PluginConfig is the general interface for a plugin's configuration

type ServiceConnectCNIConfig

type ServiceConnectCNIConfig struct {
	CNIConfig
	// IngressConfig (optional) specifies the netfilter rules to be set for incoming requests.
	IngressConfig []IngressConfig `json:"ingressConfig,omitempty"`
	// EgressConfig (optional) specifies the netfilter rules to be set for outgoing requests.
	EgressConfig EgressConfig `json:"egressConfig,omitempty"`
	// EnableIPv4 (optional) specifies whether to set the rules in IPv4 table. Note that this.
	EnableIPv4 bool `json:"enableIPv4,omitempty"`
	// EnableIPv6 (optional) specifies whether to set the rules in IPv6 table. Default value is false.
	EnableIPv6 bool `json:"enableIPv6,omitempty"`
}

func NewServiceConnectCNIConfig

func NewServiceConnectCNIConfig(
	cniConfig CNIConfig,
	scConfig *serviceconnect.ServiceConnectConfig,
	enableIPV4 bool,
	enableIPV6 bool,
) *ServiceConnectCNIConfig

func (*ServiceConnectCNIConfig) CNIVersion

func (sc *ServiceConnectCNIConfig) CNIVersion() string

func (*ServiceConnectCNIConfig) InterfaceName

func (sc *ServiceConnectCNIConfig) InterfaceName() string

func (*ServiceConnectCNIConfig) NSPath

func (sc *ServiceConnectCNIConfig) NSPath() string

func (*ServiceConnectCNIConfig) PluginName

func (sc *ServiceConnectCNIConfig) PluginName() string

func (*ServiceConnectCNIConfig) String

func (sc *ServiceConnectCNIConfig) String() string

type TestCNIConfig

type TestCNIConfig struct {
	CNIConfig
	NetworkInterfaceName string
}

func (*TestCNIConfig) CNIVersion

func (tc *TestCNIConfig) CNIVersion() string

func (*TestCNIConfig) InterfaceName

func (tc *TestCNIConfig) InterfaceName() string

func (*TestCNIConfig) NSPath

func (tc *TestCNIConfig) NSPath() string

func (*TestCNIConfig) PluginName

func (tc *TestCNIConfig) PluginName() string

type TestResult

type TestResult struct {
	// contains filtered or unexported fields
}

func (*TestResult) GetAsVersion

func (tr *TestResult) GetAsVersion(version string) (types.Result, error)

func (*TestResult) Print

func (tr *TestResult) Print() error

func (*TestResult) PrintTo

func (tr *TestResult) PrintTo(writer io.Writer) error

func (*TestResult) Version

func (tr *TestResult) Version() string

type VPCBranchENIConfig

type VPCBranchENIConfig struct {
	CNIConfig
	TrunkName          string   `json:"trunkName"`
	TrunkMACAddress    string   `json:"trunkMACAddress"`
	BranchVlanID       string   `json:"branchVlanID"`
	BranchMACAddress   string   `json:"branchMACAddress"`
	IPAddresses        []string `json:"ipAddresses"`
	GatewayIPAddresses []string `json:"gatewayIPAddresses"`
	BlockIMDS          bool     `json:"blockInstanceMetadata"`
	InterfaceType      string   `json:"interfaceType"`
	UID                string   `json:"uid"`
	GID                string   `json:"gid"`

	// this was used as a parameter of the libcni, which is not part of the plugin
	// configuration, thus no need to marshal
	IfName string `json:"_"`
}

VPCBranchENIConfig defines the configuration for vpc-branch-eni plugin

func (*VPCBranchENIConfig) CNIVersion

func (c *VPCBranchENIConfig) CNIVersion() string

func (*VPCBranchENIConfig) InterfaceName

func (c *VPCBranchENIConfig) InterfaceName() string

func (*VPCBranchENIConfig) NSPath

func (c *VPCBranchENIConfig) NSPath() string

func (*VPCBranchENIConfig) PluginName

func (c *VPCBranchENIConfig) PluginName() string

func (*VPCBranchENIConfig) String

func (c *VPCBranchENIConfig) String() string

type VPCENIConfig

type VPCENIConfig struct {
	CNIConfig
	// Name is the network name to be used in network configuration.
	Name string `json:"name"`
	// DNS is used to pass DNS information to the plugin.
	DNS types.DNS `json:"dns"`
	// ENIName is the device name of the eni on the instance.
	ENIName string `json:"eniName"`
	// ENIMACAddress is the MAC address of the eni.
	ENIMACAddress string `json:"eniMACAddress"`
	// ENIIPAddresses is the is the ipv4 of eni.
	ENIIPAddresses []string `json:"eniIPAddresses"`
	// GatewayIPAddresses specifies the IPv4 address of the subnet gateway for the eni.
	GatewayIPAddresses []string `json:"gatewayIPAddresses"`
	// UseExistingNetwork specifies if existing network should be used instead of creating a new one.
	// For Task IAM roles, a pre-existing HNS network is available from which the HNS endpoint should be created.
	// This field specifies that an existing network of provided name should be used during the network setup by the plugin.
	UseExistingNetwork bool `json:"useExistingNetwork"`
	// BlockIMDS specified if the instance metadata endpoint should be blocked for the tasks.
	BlockIMDS bool `json:"blockInstanceMetadata"`
}

VPCENIConfig contains all the information required to invoke the vpc-eni plugin.

func (*VPCENIConfig) CNIVersion

func (ec *VPCENIConfig) CNIVersion() string

func (*VPCENIConfig) InterfaceName

func (ec *VPCENIConfig) InterfaceName() string

InterfaceName returns the veth pair name will be used inside the namespace. For this plugin, interface name is redundant and would be generated in the plugin itself.

func (*VPCENIConfig) NSPath

func (ec *VPCENIConfig) NSPath() string

func (*VPCENIConfig) NetworkName

func (ec *VPCENIConfig) NetworkName() string

func (*VPCENIConfig) PluginName

func (ec *VPCENIConfig) PluginName() string

func (*VPCENIConfig) String

func (ec *VPCENIConfig) String() string

type VPCTunnelConfig

type VPCTunnelConfig struct {
	CNIConfig
	DestinationIPAddress string   `json:"destinationIPAddress"`
	VNI                  string   `json:"vni"`
	DestinationPort      string   `json:"destinationPort"`
	Primary              bool     `json:"primary"`
	IPAddresses          []string `json:"ipAddresses"`
	GatewayIPAddress     string   `json:"gatewayIPAddress"`
	InterfaceType        string   `json:"interfaceType"`
	UID                  string   `json:"uid"`
	GID                  string   `json:"gid"`

	// this was used as a parameter of the libcni, which is not part of the plugin
	// configuration, thus no need to marshal
	IfName string `json:"_"`
}

VPCTunnelConfig defines the configuration for vpc-tunnel plugin. This struct will be serialized and included as parameter while executing the CNI plugin.

func (*VPCTunnelConfig) CNIVersion

func (c *VPCTunnelConfig) CNIVersion() string

func (*VPCTunnelConfig) InterfaceName

func (c *VPCTunnelConfig) InterfaceName() string

func (*VPCTunnelConfig) NSPath

func (c *VPCTunnelConfig) NSPath() string

func (*VPCTunnelConfig) PluginName

func (c *VPCTunnelConfig) PluginName() string

func (*VPCTunnelConfig) String

func (c *VPCTunnelConfig) String() string

Directories

Path Synopsis
Package mock_ecscni is a generated GoMock package.
Package mock_ecscni is a generated GoMock package.
Package mock_libcni is a generated GoMock package.
Package mock_libcni is a generated GoMock package.
Package mock_ecscni is a generated GoMock package.
Package mock_ecscni is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL