Documentation ¶
Overview ¶
The config package provides config inheritance for Felix.
It supports loading config from various sources, parsing and validating the config and merging the config according to the priority of the sources.
Usage ¶
To use it, create a Config object with:
config.New()
Load some raw config using:
envConfig := config.LoadConfigFromEnvironment() fileConfig, err := config.LoadConfigFile()
Then feed it to the config object:
config.UpdateFrom(envConfig, config.EnvironmentVariable) config.UpdateFrom(fileConfig, config.ConfigFile)
The UpdateFrom() method returns an error, but, as a convenience, it also stores the error in config.Err.
Config inheritance ¶
Config from higher-priority sources overrides config from lower-priority sources. The priorities, in increasing order of priority, are:
Default // Default value of a parameter DatastoreGlobal // Cluster-wide config parameters from the datastore. DatastorePerHost // Per-host overrides from the datastore. ConfigFile // The local config file. EnvironmentVariable // Environment variables.
Index ¶
- Constants
- Variables
- func LoadConfigFile(filename string) (map[string]string, error)
- func LoadConfigFileData(data []byte) (map[string]string, error)
- func LoadConfigFromEnvironment(environ []string) map[string]string
- type BoolParam
- type CIDRListParam
- type Config
- func (config *Config) DatastoreConfig() apiconfig.CalicoAPIConfig
- func (c *Config) InterfaceExcludes() []string
- func (c *Config) InterfacePrefixes() []string
- func (config *Config) OpenstackActive() bool
- func (config *Config) RawValues() map[string]string
- func (config *Config) UpdateFrom(rawData map[string]string, source Source) (changed bool, err error)
- func (config *Config) Validate() (err error)
- type EndpointListParam
- type FileParam
- type FloatParam
- type Int32Param
- type IntParam
- type Ipv4Param
- type MarkBitmaskParam
- type Metadata
- type MillisParam
- type OneofListParam
- type PortListParam
- type PortRangeListParam
- type PortRangeParam
- type ProtoPort
- type RegexpParam
- type SecondsParam
- type Source
Constants ¶
const ( Default = iota DatastoreGlobal DatastorePerHost ConfigFile EnvironmentVariable )
const (
MinIptablesMarkBits = 2
)
Variables ¶
var ( IfaceListRegexp = regexp.MustCompile(`^[a-zA-Z0-9_-]{1,15}(,[a-zA-Z0-9_-]{1,15})*$`) AuthorityRegexp = regexp.MustCompile(`^[^:/]+:\d+$`) HostnameRegexp = regexp.MustCompile(`^[a-zA-Z0-9_.-]+$`) StringRegexp = regexp.MustCompile(`^.*$`) )
var SourcesInDescendingOrder = []Source{EnvironmentVariable, ConfigFile, DatastorePerHost, DatastoreGlobal}
Functions ¶
func LoadConfigFromEnvironment ¶
LoadConfigFromEnvironment extracts raw config parameters (identified by case-insensitive prefix "felix_") from the given OS environment variables. An environment entry of "FELIX_FOO=bar" is translated to "foo": "bar".
Types ¶
type CIDRListParam ¶
type CIDRListParam struct {
Metadata
}
func (*CIDRListParam) Parse ¶
func (c *CIDRListParam) Parse(raw string) (result interface{}, err error)
type Config ¶
type Config struct { // Configuration parameters. UseInternalDataplaneDriver bool `config:"bool;true"` DataplaneDriver string `config:"file(must-exist,executable);calico-iptables-plugin;non-zero,die-on-fail,skip-default-validation"` DatastoreType string `config:"oneof(kubernetes,etcdv3);etcdv3;non-zero,die-on-fail,local"` FelixHostname string `config:"hostname;;local,non-zero"` EtcdAddr string `config:"authority;127.0.0.1:2379;local"` EtcdScheme string `config:"oneof(http,https);http;local"` EtcdKeyFile string `config:"file(must-exist);;local"` EtcdCertFile string `config:"file(must-exist);;local"` EtcdCaFile string `config:"file(must-exist);;local"` EtcdEndpoints []string `config:"endpoint-list;;local"` TyphaAddr string `config:"authority;;local"` TyphaK8sServiceName string `config:"string;;local"` TyphaK8sNamespace string `config:"string;kube-system;non-zero,local"` TyphaReadTimeout time.Duration `config:"seconds;30;local"` TyphaWriteTimeout time.Duration `config:"seconds;10;local"` // Client-side TLS config for Felix's communication with Typha. If any of these are // specified, they _all_ must be - except that either TyphaCN or TyphaURISAN may be left // unset. Felix will then initiate a secure (TLS) connection to Typha. Typha must present // a certificate signed by a CA in TyphaCAFile, and with CN matching TyphaCN or URI SAN // matching TyphaURISAN. TyphaKeyFile string `config:"file(must-exist);;local"` TyphaCertFile string `config:"file(must-exist);;local"` TyphaCAFile string `config:"file(must-exist);;local"` TyphaCN string `config:"string;;local"` TyphaURISAN string `config:"string;;local"` Ipv6Support bool `config:"bool;true"` IgnoreLooseRPF bool `config:"bool;false"` RouteRefreshInterval time.Duration `config:"seconds;90"` IptablesRefreshInterval time.Duration `config:"seconds;90"` IptablesPostWriteCheckIntervalSecs time.Duration `config:"seconds;1"` IptablesLockFilePath string `config:"file;/run/xtables.lock"` IptablesLockTimeoutSecs time.Duration `config:"seconds;0"` IptablesLockProbeIntervalMillis time.Duration `config:"millis;50"` IpsetsRefreshInterval time.Duration `config:"seconds;10"` MaxIpsetSize int `config:"int;1048576;non-zero"` PolicySyncPathPrefix string `config:"file;;"` NetlinkTimeoutSecs time.Duration `config:"seconds;10"` MetadataAddr string `config:"hostname;127.0.0.1;die-on-fail"` MetadataPort int `config:"int(0,65535);8775;die-on-fail"` InterfacePrefix string `config:"iface-list;cali;non-zero,die-on-fail"` InterfaceExclude string `config:"iface-list;kube-ipvs0"` ChainInsertMode string `config:"oneof(insert,append);insert;non-zero,die-on-fail"` DefaultEndpointToHostAction string `config:"oneof(DROP,RETURN,ACCEPT);DROP;non-zero,die-on-fail"` IptablesFilterAllowAction string `config:"oneof(ACCEPT,RETURN);ACCEPT;non-zero,die-on-fail"` IptablesMangleAllowAction string `config:"oneof(ACCEPT,RETURN);ACCEPT;non-zero,die-on-fail"` LogPrefix string `config:"string;calico-packet"` LogFilePath string `config:"file;/var/log/calico/felix.log;die-on-fail"` LogSeverityFile string `config:"oneof(DEBUG,INFO,WARNING,ERROR,FATAL);INFO"` LogSeverityScreen string `config:"oneof(DEBUG,INFO,WARNING,ERROR,FATAL);INFO"` LogSeveritySys string `config:"oneof(DEBUG,INFO,WARNING,ERROR,FATAL);INFO"` IpInIpEnabled bool `config:"bool;false"` IpInIpMtu int `config:"int;1440;non-zero"` IpInIpTunnelAddr net.IP `config:"ipv4;"` ReportingIntervalSecs time.Duration `config:"seconds;30"` ReportingTTLSecs time.Duration `config:"seconds;90"` EndpointReportingEnabled bool `config:"bool;false"` EndpointReportingDelaySecs time.Duration `config:"seconds;1"` IptablesMarkMask uint32 `config:"mark-bitmask;0xffff0000;non-zero,die-on-fail"` DisableConntrackInvalidCheck bool `config:"bool;false"` HealthEnabled bool `config:"bool;false"` HealthPort int `config:"int(0,65535);9099"` HealthHost string `config:"string;localhost"` PrometheusMetricsEnabled bool `config:"bool;false"` PrometheusMetricsPort int `config:"int(0,65535);9091"` PrometheusGoMetricsEnabled bool `config:"bool;true"` PrometheusProcessMetricsEnabled bool `config:"bool;true"` FailsafeInboundHostPorts []ProtoPort `config:"port-list;tcp:22,udp:68,tcp:179,tcp:2379,tcp:2380,tcp:6666,tcp:6667;die-on-fail"` FailsafeOutboundHostPorts []ProtoPort `config:"port-list;udp:53,udp:67,tcp:179,tcp:2379,tcp:2380,tcp:6666,tcp:6667;die-on-fail"` KubeNodePortRanges []numorstring.Port `config:"portrange-list;30000:32767"` NATPortRange numorstring.Port `config:"portrange;"` UsageReportingEnabled bool `config:"bool;true"` UsageReportingInitialDelaySecs time.Duration `config:"seconds;300"` UsageReportingIntervalSecs time.Duration `config:"seconds;86400"` ClusterGUID string `config:"string;baddecaf"` ClusterType string `config:"string;"` CalicoVersion string `config:"string;"` ExternalNodesCIDRList []string `config:"cidr-list;;die-on-fail"` DebugMemoryProfilePath string `config:"file;;"` DebugCPUProfilePath string `config:"file;/tmp/felix-cpu-<timestamp>.pprof;"` DebugDisableLogDropping bool `config:"bool;false"` DebugSimulateCalcGraphHangAfter time.Duration `config:"seconds;0"` DebugSimulateDataplaneHangAfter time.Duration `config:"seconds;0"` Err error // contains filtered or unexported fields }
Config contains the best, parsed config values loaded from the various sources. We use tags to control the parsing and validation.
func (*Config) DatastoreConfig ¶
func (config *Config) DatastoreConfig() apiconfig.CalicoAPIConfig
func (*Config) InterfaceExcludes ¶
func (*Config) InterfacePrefixes ¶
func (*Config) OpenstackActive ¶
func (*Config) UpdateFrom ¶
func (config *Config) UpdateFrom(rawData map[string]string, source Source) (changed bool, err error)
Load parses and merges the rawData from one particular source into this config object. If there is a config value already loaded from a higher-priority source, then the new value will be ignored (after validation).
type EndpointListParam ¶
type EndpointListParam struct {
Metadata
}
func (*EndpointListParam) Parse ¶
func (p *EndpointListParam) Parse(raw string) (result interface{}, err error)
type FloatParam ¶
type FloatParam struct {
Metadata
}
func (*FloatParam) Parse ¶
func (p *FloatParam) Parse(raw string) (result interface{}, err error)
type Int32Param ¶
type Int32Param struct {
Metadata
}
func (*Int32Param) Parse ¶
func (p *Int32Param) Parse(raw string) (interface{}, error)
type MarkBitmaskParam ¶
type MarkBitmaskParam struct {
Metadata
}
func (*MarkBitmaskParam) Parse ¶
func (p *MarkBitmaskParam) Parse(raw string) (interface{}, error)
type Metadata ¶
type Metadata struct { Name string Default interface{} ZeroValue interface{} NonZero bool DieOnParseFailure bool Local bool }
func (*Metadata) GetMetadata ¶
type MillisParam ¶
type MillisParam struct {
Metadata
}
func (*MillisParam) Parse ¶
func (p *MillisParam) Parse(raw string) (result interface{}, err error)
type OneofListParam ¶
type OneofListParam struct { Metadata // contains filtered or unexported fields }
func (*OneofListParam) Parse ¶
func (p *OneofListParam) Parse(raw string) (result interface{}, err error)
type PortListParam ¶
type PortListParam struct {
Metadata
}
func (*PortListParam) Parse ¶
func (p *PortListParam) Parse(raw string) (interface{}, error)
type PortRangeListParam ¶
type PortRangeListParam struct {
Metadata
}
func (*PortRangeListParam) Parse ¶
func (p *PortRangeListParam) Parse(raw string) (interface{}, error)
type PortRangeParam ¶
type PortRangeParam struct {
Metadata
}
func (*PortRangeParam) Parse ¶
func (p *PortRangeParam) Parse(raw string) (interface{}, error)
type RegexpParam ¶
func (*RegexpParam) Parse ¶
func (p *RegexpParam) Parse(raw string) (result interface{}, err error)
type SecondsParam ¶
type SecondsParam struct {
Metadata
}
func (*SecondsParam) Parse ¶
func (p *SecondsParam) Parse(raw string) (result interface{}, err error)