agent

package
v1.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 27, 2023 License: Apache-2.0 Imports: 26 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrMultiplePolicies is a static error typed when the controller encounters
	// multiple policies which apply to its host.
	ErrMultiplePolicies = fmt.Errorf("more then one CiliumBGPPeeringPolicy applies to this node, please ensure only a single Policy matches this node's labels")
)

Functions

func NewNodeSpecer added in v1.13.0 

func NewNodeSpecer(params localNodeStoreSpecerParams) (nodeSpecer, error)

NewNodeSpecer constructs a new nodeSpecer and registers it in the hive lifecycle

func PolicySelection 

func PolicySelection(ctx context.Context, labels map[string]string, policies []*v2alpha1api.CiliumBGPPeeringPolicy) (*v2alpha1api.CiliumBGPPeeringPolicy, error)

PolicySelection returns a CiliumBGPPeeringPolicy which applies to the provided *corev1.Node, enforced by a set of policy selection rules.

Policy selection follows the following rules:

  • A policy matches a node if said policy's "nodeSelector" field matches the node's labels. If "nodeSelector" is omitted, it is unconditionally selected.
  • If (N > 1) policies match the provided *corev1.Node an error is returned. only a single policy may apply to a node to avoid ambiguity at this stage of development.

Types

type AnnotationMap 

type AnnotationMap map[int64]Attributes

AnnotationMap coorelates a parsed Annotations structure with the local ASN its annotating.

func NewAnnotationMap 

func NewAnnotationMap(a map[string]string) (AnnotationMap, error)

NewAnnotationMap parses a Node's annotations into a AnnotationMap and returns the latter.

An error is returned containing one or more parsing errors.

This is for convenience so the caller can log all parsing errors at once. The error should still be treated as a normal descrete error and an empty AnnotationMap is returned.

type Attributes 

type Attributes struct {
	// The local ASN of the virtual router these Attributes targets.
	ASN int64
	// The router ID to use for the virtual router with the above local ASN.
	RouterID string
	// The local BGP port to listen on.
	LocalPort int32
}

The BGP control plane may need some node-specific configuration for instantiating virtual routers.

For example, BGP router IDs cannot repeat in a BGP peering topology. When Cilium cannot generate a unique router ID it will look for a unique router ID for the virtual router identified by its local ASN.

We define a set of attributes which can be defined via Node-specific kubernetes annotations.

This Kubernetes annotation's syntax is: `cilium.io/bgp-virtual-router.{asn}="attr1=value1,attr2=value2"

Where {asn} is replaced by the local ASN of the virtual router.

Currently supported attributes are: 

router-id=IPv4 (string): when present on a specific node, use this value for
                         the router ID of the virtual router with local {asn}
local-port=port (int):  the local port to listen on for incoming BGP connections

type BGPRouterManager 

type BGPRouterManager interface {
	// ConfigurePeers evaluates the provided CiliumBGPPeeringPolicy
	// and the implementation will configure itself to apply this policy.
	//
	// A ControllerState structure is provided which captures Cilium's runtime
	// state at the time of this method's invocation. It must remain read-only.
	//
	// ConfigurePeers should block until it can ensure a subsequent call
	// to ConfigurePeers can occur without conflict.
	//
	// ConfigurePeers should not be called concurrently and expects invocations
	// to be serialized contingent to the method's completion.
	//
	// An error is returned only when the implementation can determine a
	// critical flaw with the peering policy, not when network connectivity
	// is an issue.
	//
	// Providing a nil policy to ConfigurePeers will withdrawal all routes
	// and disconnect from the peers.
	ConfigurePeers(ctx context.Context, policy *v2alpha1api.CiliumBGPPeeringPolicy, state *ControlPlaneState) error

	// GetPeers fetches BGP peering state from underlying routing daemon.
	//
	// List of all peers will be returned and if there are multiple instances of
	// BGP daemon running locally, then peers can be differentiated based on
	// local AS number.
	GetPeers(ctx context.Context) ([]*models.BgpPeer, error)

	// Stop will stop all BGP instances and clean up local state.
	Stop()
}

BGPRouterManager provides a declarative API for defining BGP peers.

type ControlPlaneState added in v1.12.0 

type ControlPlaneState struct {
	// A list of configured PodCIDRs for the current Node.
	PodCIDRs []string
	// Parsed 'cilium.io/bgp-virtual-router' annotations of the the node this
	// control plane is running on.
	Annotations AnnotationMap
	// The current IPv4 address of the agent, reachable externally.
	IPv4 netip.Addr
	// The current IPv6 address of the agent, reachable externally.
	IPv6 netip.Addr
	// The current node name
	CurrentNodeName string
}

ControlPlaneState captures a subset of Cilium's runtime state.

This state carries information interesting to various BGP sub-systems and provides a contract for information a sub-system will be provided about Cilium's runtime state.

ControlPlaneState should be a point-in-time snapshot of Cilium's runtime state and remain read-only to all sub systems its passed to.

func (*ControlPlaneState) ResolveRouterID added in v1.14.0 

func (cstate *ControlPlaneState) ResolveRouterID(localASN int64) (string, error)

ResolveRouterID resolves router ID, if we have an annotation and it can be parsed into a valid ipv4 address use it. If not, determine if Cilium is configured with an IPv4 address, if so use it. If neither, return an error, we cannot assign an router ID.

type Controller 

type Controller struct {
	NodeSpec nodeSpecer
	// PolicyResource provides a store of cached policies and allows us to observe changes to the objects in its
	// store.
	PolicyResource resource.Resource[*v2alpha1api.CiliumBGPPeeringPolicy]
	// PolicyLister is an interface which allows for the listing of all known policies
	PolicyLister policyLister
	// Sig informs the Controller that a Kubernetes
	// event of interest has occurred.
	//
	// The signal itself provides no other information,
	// when it occurs the Controller will query each
	// informer for the latest API information required
	// to drive it's control loop.
	Sig Signaler
	// BGPMgr is an implementation of the BGPRouterManager interface
	// and provides a declarative API for configuring BGP peers.
	BGPMgr BGPRouterManager
	// contains filtered or unexported fields
}

Controller is the agent side BGP Control Plane controller.

Controller listens for events and drives BGP related sub-systems to maintain a desired state.

func NewController 

func NewController(params ControllerParams) (*Controller, error)

NewController constructs a new BGP Control Plane Controller.

When the constructor returns the Controller will be actively watching for events and configuring BGP related sub-systems.

The constructor requires an implementation of BGPRouterManager to be provided. This implementation defines which BGP backend will be used (GoBGP, FRR, Bird, etc...) NOTE: only GoBGP currently implemented.

func (*Controller) FullWithdrawal 

func (c *Controller) FullWithdrawal(ctx context.Context)

FullWithdrawal will instruct the configured BGPRouterManager to withdraw all BGP servers and peers.

func (*Controller) Reconcile 

func (c *Controller) Reconcile(ctx context.Context) error

Reconcile is the control loop for the Controller.

Reconcile will be invoked when one or more event sources trigger a signal via the Controller's Signaler structure.

On signal, Reconcile will obtain the state of the world necessary to drive the BGP control plane toward any new BGP peering policies.

Reconcile will only allow a single CiliumBGPPeeringPolicy to apply to the node its running on.

func (*Controller) Run 

func (c *Controller) Run(ctx context.Context)

Run places the Controller into its control loop.

Kubernetes shared informers are started just before entering the long running loop.

When new events trigger a signal the control loop will be evaluated.

A cancel of the provided ctx will kill the control loop along with the running informers.

func (*Controller) Start 

func (c *Controller) Start(startCtx hive.HookContext) error

Start is called by hive after all of our dependencies have been started.

func (*Controller) Stop 

func (c *Controller) Stop(ctx hive.HookContext) error

Stop is called by hive upon shutdown, after all of our dependants have been stopped. We should perform a graceful shutdown and return as soon as done or when the stop context is done.

type ControllerParams 

type ControllerParams struct {
	cell.In

	Lifecycle      hive.Lifecycle
	Sig            Signaler
	RouteMgr       BGPRouterManager
	PolicyResource resource.Resource[*v2alpha1api.CiliumBGPPeeringPolicy]
	DaemonConfig   *option.DaemonConfig
	NodeSpec       nodeSpecer
}

ControllerParams contains all parameters needed to construct a Controller

type ErrASNAnno 

type ErrASNAnno struct {
	// contains filtered or unexported fields
}

ErrASN is an error returned from parseAnnotation() when the bgp-virtual-router annotation includes an ASN that cannot be parsed into an

func (ErrASNAnno) Error 

func (e ErrASNAnno) Error() string

type ErrAttrib 

type ErrAttrib struct {
	// contains filtered or unexported fields
}

ErrAttrib is an error returned from parseAnnotation() when an attribute is provided but its value is malformed.

func (ErrAttrib) Error 

func (e ErrAttrib) Error() string

type ErrMulti 

type ErrMulti struct {
	// contains filtered or unexported fields
}

ErrMulti holds multiple errors and formats them sanely when printed.

func (ErrMulti) Error 

func (e ErrMulti) Error() string

type ErrNoASNAnno 

type ErrNoASNAnno struct {
	// contains filtered or unexported fields
}

ErrNoASNAnno is an error returned from parseAnnotation() when the bgp-virtual-router annotation does not include a local ASN.

func (ErrNoASNAnno) Error 

func (e ErrNoASNAnno) Error() string

type ErrNotVRouterAnno 

type ErrNotVRouterAnno struct {
	// contains filtered or unexported fields
}

ErrNotVRouterAnno is an error returned from parseAnnotation() when the the casted string is not a `cilium.io/bgp-virtual-router` annotation

func (ErrNotVRouterAnno) Error 

func (e ErrNotVRouterAnno) Error() string

type MockCiliumBGPPeeringPolicyLister 

type MockCiliumBGPPeeringPolicyLister struct {
	List_ func() ([]*v2alpha1.CiliumBGPPeeringPolicy, error)
}

func (*MockCiliumBGPPeeringPolicyLister) List 

func (m *MockCiliumBGPPeeringPolicyLister) List() ([]*v2alpha1.CiliumBGPPeeringPolicy, error)

type Signaler added in v1.12.0 

type Signaler struct {
	Sig chan struct{}
}

Signaler multiplexes multiple event sources into a single level-triggered event.

Signaler should always be constructed with a channel of size 1.

Use of a Signaler allows for bursts of events to be "rolled-up". This is a suitable approach since the Controller checks the entire state of the world on each iteration of its control loop.

Additionally, this precludes any need for ordering between different event sources.

func NewSignaler added in v1.12.0 

func NewSignaler() Signaler

NewSignaler constructs a Signaler

func (Signaler) Event added in v1.12.0 

func (s Signaler) Event(_ interface{})

Event adds an edge triggered event to the Signaler.

A controller which uses this Signaler will be notified of this event some time after.

This signature adheres to the common event handling signatures of cache.ResourceEventHandlerFuncs for convenience.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.