Documentation ¶
Overview ¶
Package networkutils is a collection of iptables and netlink functions
Index ¶
- Constants
- func ContainsNoSuchRule(err error) bool
- func GeneratePodHostVethName(prefix string, podNamespace string, podName string) string
- func GeneratePodHostVethNameSuffix(podNamespace string, podName string) string
- func GetConfigForDebug() map[string]interface{}
- func GetEthernetMTU() int
- func GetIPv4Gateway(eniSubnetCIDR *net.IPNet) net.IP
- func GetIPv6Gateway() net.IP
- func GetPodMTU(podMTU string) int
- func IsRuleExistsError(err error) bool
- func NetLinkRuleDelAll(netlink netlinkwrapper.NetLink, rule *netlink.Rule) error
- type NetworkAPIs
Constants ¶
const ( // Vlan rule priority VlanRulePriority = 10 // Rule priority for traffic destined to pod IP ToContainerRulePriority = 512 // Rule priority for traffic from pod FromPodRulePriority = 1536 )
Variables ¶
This section is empty.
Functions ¶
func ContainsNoSuchRule ¶ added in v1.13.0
func GeneratePodHostVethName ¶ added in v1.12.0
GeneratePodHostVethName generates the name for Pod's host-side veth device. The veth name is generated in a way that aligns with the value expected by Calico for NetworkPolicy enforcement.
func GeneratePodHostVethNameSuffix ¶ added in v1.12.0
GeneratePodHostVethNameSuffix generates the name suffix for Pod's hostVeth.
func GetConfigForDebug ¶ added in v1.2.0
func GetConfigForDebug() map[string]interface{}
GetConfigForDebug returns the active values of the configuration env vars (for debugging purposes).
func GetEthernetMTU ¶ added in v1.6.1
func GetEthernetMTU() int
GetEthernetMTU returns the MTU value to program for ENIs. Note that the value was already validated during container initialization.
func GetIPv6Gateway ¶ added in v1.16.0
On AWS/VPC, the subnet gateway can always be reached at FE80:EC2::1 https://aws.amazon.com/about-aws/whats-new/2022/11/ipv6-subnet-default-gateway-router-multiple-addresses/
func GetPodMTU ¶ added in v1.16.4
GetPodMTU validates the pod MTU value. If an invalid value is passed, the default is used.
func IsRuleExistsError ¶ added in v1.13.0
func NetLinkRuleDelAll ¶ added in v1.13.0
func NetLinkRuleDelAll(netlink netlinkwrapper.NetLink, rule *netlink.Rule) error
NetLinkRuleDelAll deletes all matching route rules (instead of only first instance).
Types ¶
type NetworkAPIs ¶
type NetworkAPIs interface { // SetupNodeNetwork performs node level network configuration SetupHostNetwork(vpcCIDRs []string, primaryMAC string, primaryAddr *net.IP, enablePodENI bool, v4Enabled bool, v6Enabled bool) error // SetupENINetwork performs ENI level network configuration. Not needed on the primary ENI SetupENINetwork(eniIP string, mac string, deviceNumber int, subnetCIDR string) error // UpdateHostIptablesRules updates the nat table iptables rules on the host UpdateHostIptablesRules(vpcCIDRs []string, primaryMAC string, primaryAddr *net.IP, v4Enabled bool, v6Enabled bool) error CleanUpStaleAWSChains(v4Enabled, v6Enabled bool) error UseExternalSNAT() bool GetExcludeSNATCIDRs() []string GetExternalServiceCIDRs() []string GetRuleList() ([]netlink.Rule, error) GetRuleListBySrc(ruleList []netlink.Rule, src net.IPNet) ([]netlink.Rule, error) UpdateRuleListBySrc(ruleList []netlink.Rule, src net.IPNet) error UpdateExternalServiceIpRules(ruleList []netlink.Rule, externalIPs []string) error GetLinkByMac(mac string, retryInterval time.Duration) (netlink.Link, error) }
NetworkAPIs defines the host level and the ENI level network related operations