Documentation ¶
Index ¶
- Constants
- Variables
- func CanAdvertisePodCIDR(ipam string) bool
- type Afi
- type BGPGlobal
- type FakeRouter
- func (f *FakeRouter) AddNeighbor(ctx context.Context, n NeighborRequest) error
- func (f *FakeRouter) AddRoutePolicy(ctx context.Context, p RoutePolicyRequest) error
- func (f *FakeRouter) AdvertisePath(ctx context.Context, p PathRequest) (PathResponse, error)
- func (f *FakeRouter) GetBGP(ctx context.Context) (GetBGPResponse, error)
- func (f *FakeRouter) GetPeerState(ctx context.Context) (GetPeerStateResponse, error)
- func (f *FakeRouter) GetRoutePolicies(ctx context.Context) (*GetRoutePoliciesResponse, error)
- func (f *FakeRouter) GetRoutes(ctx context.Context, r *GetRoutesRequest) (*GetRoutesResponse, error)
- func (f *FakeRouter) RemoveNeighbor(ctx context.Context, n NeighborRequest) error
- func (f *FakeRouter) RemoveRoutePolicy(ctx context.Context, p RoutePolicyRequest) error
- func (f *FakeRouter) ResetNeighbor(ctx context.Context, r ResetNeighborRequest) error
- func (f *FakeRouter) Stop()
- func (f *FakeRouter) UpdateNeighbor(ctx context.Context, n NeighborRequest) error
- func (f *FakeRouter) WithdrawPath(ctx context.Context, p PathRequest) error
- type Family
- type GetBGPResponse
- type GetPeerStateResponse
- type GetRoutePoliciesResponse
- type GetRoutesRequest
- type GetRoutesResponse
- type NeighborRequest
- type Path
- type PathRequest
- type PathResponse
- type PolicyPrefixMatchList
- type ResetNeighborRequest
- type Route
- type RoutePolicy
- type RoutePolicyAction
- type RoutePolicyActions
- type RoutePolicyConditions
- type RoutePolicyPrefixMatch
- type RoutePolicyRequest
- type RoutePolicyStatement
- type RoutePolicyType
- type RouteSelectionOptions
- type Router
- type Safi
- type ServerParameters
- type SessionState
- type SoftResetDirection
- type TableType
Constants ¶
const ( // ReconcilerLogField is used as key for reconciler name in the log field. ReconcilerLogField = "reconciler" // BGPNodeConfigLogField is used as key for BGP node config resource BGPNodeConfigLogField = "bgp_node_config" // InstanceLogField is used as key for BGP instance. InstanceLogField = "instance" // LocalASNLogField is used as key for BGP instance AS number LocalASNLogField = "asn" // ListenPortLogField is used as key for local port of BGP instance ListenPortLogField = "listen_port" // RouterIDLogField is used as key for BGP instance router ID RouterIDLogField = "router_id" // PeerLogField is used as key for BGP peer in the log field. PeerLogField = "peer" // FamilyLogField is used as key for BGP peer address family in the log field. FamilyLogField = "family" // PathLogField is used as key for BGP path in the log field. PathLogField = "path" // PrefixLogField is used as key for BGP prefix in the log field. PrefixLogField = "prefix" // AdvertTypeLogField is used as key for BGP advertisement type in the log field. AdvertTypeLogField = "advertisement_type" )
Variables ¶
var ( // CommonPaths contains common path structure values appearing in the agent code CommonPaths = []struct { Name string Path Path }{ { Name: "IPv4 unicast advertisement", Path: Path{ NLRI: prefixV4, PathAttributes: []bgp.PathAttributeInterface{ originAttribute, nextHopAttribute, }, }, }, { Name: "IPv6 unicast advertisement", Path: Path{ NLRI: prefixV6, PathAttributes: []bgp.PathAttributeInterface{ originAttribute, mpReachNLRIAttribute, }, }, }, } // TestCommonRoutePolicies contains common route policy values to be used in tests TestCommonRoutePolicies = []struct { Name string Policy *RoutePolicy Valid bool }{ { Name: "simple policy", Policy: &RoutePolicy{ Name: "testpolicy1", Type: RoutePolicyTypeExport, Statements: []*RoutePolicyStatement{ { Conditions: RoutePolicyConditions{ MatchNeighbors: []string{"172.16.0.1/32"}, MatchPrefixes: []*RoutePolicyPrefixMatch{ { CIDR: netip.MustParsePrefix("1.2.3.0/24"), PrefixLenMin: 24, PrefixLenMax: 32, }, }, }, Actions: RoutePolicyActions{ RouteAction: RoutePolicyActionNone, AddCommunities: []string{"65000:100"}, AddLargeCommunities: []string{"4294967295:0:100"}, SetLocalPreference: pointer.Int64(150), }, }, }, }, Valid: true, }, { Name: "complex policy", Policy: &RoutePolicy{ Name: "testpolicy1", Type: RoutePolicyTypeExport, Statements: []*RoutePolicyStatement{ { Conditions: RoutePolicyConditions{ MatchNeighbors: []string{"172.16.0.1/32", "10.10.10.10/32"}, MatchPrefixes: []*RoutePolicyPrefixMatch{ { CIDR: netip.MustParsePrefix("1.2.3.0/24"), PrefixLenMin: 24, PrefixLenMax: 32, }, { CIDR: netip.MustParsePrefix("192.188.0.0/16"), PrefixLenMin: 24, PrefixLenMax: 32, }, }, }, Actions: RoutePolicyActions{ RouteAction: RoutePolicyActionNone, AddCommunities: []string{"65000:100", "65000:101"}, SetLocalPreference: pointer.Int64(150), }, }, { Conditions: RoutePolicyConditions{ MatchNeighbors: []string{"fe80::210:5aff:feaa:20a2/128"}, MatchPrefixes: []*RoutePolicyPrefixMatch{ { CIDR: netip.MustParsePrefix("2001:0DB8::/64"), PrefixLenMin: 24, PrefixLenMax: 32, }, { CIDR: netip.MustParsePrefix("2002::/16"), PrefixLenMin: 24, PrefixLenMax: 32, }, }, }, Actions: RoutePolicyActions{ RouteAction: RoutePolicyActionNone, AddCommunities: []string{"65000:100", "65000:101"}, SetLocalPreference: pointer.Int64(150), }, }, }, }, Valid: true, }, { Name: "invalid policy", Policy: &RoutePolicy{ Name: "testpolicy1", Type: RoutePolicyTypeExport, Statements: []*RoutePolicyStatement{ { Conditions: RoutePolicyConditions{ MatchNeighbors: []string{"172.16.0.1/32"}, MatchPrefixes: []*RoutePolicyPrefixMatch{ { CIDR: netip.MustParsePrefix("1.2.3.0/24"), PrefixLenMin: 24, PrefixLenMax: 32, }, }, }, Actions: RoutePolicyActions{ RouteAction: RoutePolicyActionNone, AddCommunities: []string{"65000:100"}, SetLocalPreference: pointer.Int64(150), }, }, { Conditions: RoutePolicyConditions{ MatchNeighbors: []string{"ABCD"}, MatchPrefixes: []*RoutePolicyPrefixMatch{ { CIDR: netip.MustParsePrefix("192.188.0.0/16"), PrefixLenMin: 24, PrefixLenMax: 32, }, }, }, Actions: RoutePolicyActions{ RouteAction: RoutePolicyActionNone, }, }, }, }, Valid: false, }, } )
Functions ¶
func CanAdvertisePodCIDR ¶ added in v1.14.9
CanAdvertisePodCIDR returns true if the provided IPAM mode is supported for advertising PodCIDR
Types ¶
type Afi ¶
type Afi uint32
Afi is address family identifier
func ParseAfi ¶ added in v1.15.0
ParseAfi parses s as an address family identifier. If s is unknown, AfiUnknown is returned.
func (*Afi) FromString ¶
FromString assigns s to a. An error is returned if s is an unknown address family indicator.
type BGPGlobal ¶
type BGPGlobal struct { ASN uint32 RouterID string ListenPort int32 // When -1 gobgp won't listen on tcp:179 RouteSelectionOptions *RouteSelectionOptions }
BGPGlobal contains high level BGP configuration for given instance.
type FakeRouter ¶ added in v1.16.0
type FakeRouter struct{}
func (*FakeRouter) AddNeighbor ¶ added in v1.16.0
func (f *FakeRouter) AddNeighbor(ctx context.Context, n NeighborRequest) error
func (*FakeRouter) AddRoutePolicy ¶ added in v1.16.0
func (f *FakeRouter) AddRoutePolicy(ctx context.Context, p RoutePolicyRequest) error
func (*FakeRouter) AdvertisePath ¶ added in v1.16.0
func (f *FakeRouter) AdvertisePath(ctx context.Context, p PathRequest) (PathResponse, error)
func (*FakeRouter) GetBGP ¶ added in v1.16.0
func (f *FakeRouter) GetBGP(ctx context.Context) (GetBGPResponse, error)
func (*FakeRouter) GetPeerState ¶ added in v1.16.0
func (f *FakeRouter) GetPeerState(ctx context.Context) (GetPeerStateResponse, error)
func (*FakeRouter) GetRoutePolicies ¶ added in v1.16.0
func (f *FakeRouter) GetRoutePolicies(ctx context.Context) (*GetRoutePoliciesResponse, error)
func (*FakeRouter) GetRoutes ¶ added in v1.16.0
func (f *FakeRouter) GetRoutes(ctx context.Context, r *GetRoutesRequest) (*GetRoutesResponse, error)
func (*FakeRouter) RemoveNeighbor ¶ added in v1.16.0
func (f *FakeRouter) RemoveNeighbor(ctx context.Context, n NeighborRequest) error
func (*FakeRouter) RemoveRoutePolicy ¶ added in v1.16.0
func (f *FakeRouter) RemoveRoutePolicy(ctx context.Context, p RoutePolicyRequest) error
func (*FakeRouter) ResetNeighbor ¶ added in v1.16.0
func (f *FakeRouter) ResetNeighbor(ctx context.Context, r ResetNeighborRequest) error
func (*FakeRouter) Stop ¶ added in v1.16.0
func (f *FakeRouter) Stop()
func (*FakeRouter) UpdateNeighbor ¶ added in v1.16.0
func (f *FakeRouter) UpdateNeighbor(ctx context.Context, n NeighborRequest) error
func (*FakeRouter) WithdrawPath ¶ added in v1.16.0
func (f *FakeRouter) WithdrawPath(ctx context.Context, p PathRequest) error
type Family ¶
Family holds Address Family Indicator (AFI) and Subsequent Address Family Indicator for Multi-Protocol BGP
func ToAgentFamily ¶ added in v1.16.0
func ToAgentFamily(fam v2alpha1.CiliumBGPFamily) Family
type GetBGPResponse ¶
type GetBGPResponse struct {
Global BGPGlobal
}
GetBGPResponse contains BGP global parameters
type GetPeerStateResponse ¶
GetPeerStateResponse contains state of peers configured in given instance
type GetRoutePoliciesResponse ¶ added in v1.15.0
type GetRoutePoliciesResponse struct {
Policies []*RoutePolicy
}
GetRoutePoliciesResponse contains route policies retrieved from the underlying router
type GetRoutesRequest ¶
type GetRoutesRequest struct { // TableType specifies a table type to retrieve TableType TableType // Family specifies an address family of the table Family Family // Neighbor specifies which neighbor's table to retrieve. Must be // specified when TableTypeAdjRIBIn/Out is specified in TableType. Neighbor netip.Addr }
GetRoutesRequest contains parameters for retrieving routes from the RIB of underlying router
type GetRoutesResponse ¶
type GetRoutesResponse struct {
Routes []*Route
}
GetRoutesResponse contains routes retrieved from the RIB of underlying router
type NeighborRequest ¶
type NeighborRequest struct { // Deprecated: field kept for backward compatibility. // // Both Neighbor and Peer should not be used at the same time. // Neighbor field is used in BGPv1 and Peer, PeerConfig fields are used in BGPv2. Neighbor *v2alpha1api.CiliumBGPNeighbor Peer *v2alpha1api.CiliumBGPNodePeer PeerConfig *v2alpha1api.CiliumBGPPeerConfigSpec // Password is the "AuthSecret" in the Neighbor, fetched from a secret Password string }
NeighborRequest contains neighbor parameters used when enabling or disabling peer
type Path ¶
type Path struct { // read/write NLRI bgp.AddrPrefixInterface PathAttributes []bgp.PathAttributeInterface Family Family // can be empty, in which case it will be inferred from NLRI // readonly AgeNanoseconds int64 // time duration in nanoseconds since the Path was created Best bool UUID []byte // path identifier in underlying implementation }
Path is an object representing a single routing Path. It is an analogue of GoBGP's Path object, but only contains minimal fields required for Cilium usecases.
func NewPathForPrefix ¶
NewPathForPrefix returns a Path that can be used to advertise the provided IP prefix by the underlying BGP implementation.
The prefix can be either IPv4 or IPv6 and this function will handle the differences between MP BGP and BGP.
The next hop of the path will always be set to "0.0.0.0" for IPv4 and "::" for IPv6, so the underlying BGP implementation selects appropriate actual nexthop address when advertising it.
type PathRequest ¶
type PathRequest struct {
Path *Path
}
PathRequest contains parameters for advertising or withdrawing a Path
type PathResponse ¶
type PathResponse struct {
Path *Path
}
PathResponse contains response after advertising the Path, the returned Path can be used for withdrawing the Path (based on UUID set by the underlying implementation)
type PolicyPrefixMatchList ¶ added in v1.15.0
type PolicyPrefixMatchList []*RoutePolicyPrefixMatch
func (PolicyPrefixMatchList) Less ¶ added in v1.15.0
func (l PolicyPrefixMatchList) Less(i, j int) bool
Less is a comparator of two RoutePolicyPrefixMatch rules to be used for sorting purposes
type ResetNeighborRequest ¶ added in v1.15.0
type ResetNeighborRequest struct { PeerAddress string Soft bool SoftResetDirection SoftResetDirection AdminCommunication string }
ResetNeighborRequest contains parameters used when resetting a BGP peer
type RoutePolicy ¶ added in v1.15.0
type RoutePolicy struct { // Name is a unique string identifier of the policy for the given router. Name string // RoutePolicyType is the type of the policy. Type RoutePolicyType // Statements is an ordered list of policy statements. Statements []*RoutePolicyStatement }
RoutePolicy represents a BGP routing policy, also called "route map" in some BGP implementations. It can contain multiple Statements that are evaluated in the given order. Each Statement contains conditions for matching a route and actions taken if a route matches the conditions. Whenever a Statement matches a route and the action taken on it is to either accept or reject the route, the policy evaluation for the given route stops, and no further Statements nor other RoutePolicies are evaluated.
+deepequal-gen=true
func (*RoutePolicy) DeepEqual ¶ added in v1.15.0
func (in *RoutePolicy) DeepEqual(other *RoutePolicy) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type RoutePolicyAction ¶ added in v1.15.0
type RoutePolicyAction int
RoutePolicyAction defines the action taken on a route matched by a routing policy.
const ( // RoutePolicyActionNone does not affect processing of a route. // The policy evaluation continues with the next policy statements / other policies. RoutePolicyActionNone RoutePolicyAction = iota // RoutePolicyActionAccept accepts a route into the RIB / adjacency RIB. // No further policy statements / policies are evaluated for the route. RoutePolicyActionAccept // RoutePolicyActionReject rejects a route from the RIB / adjacency RIB. // No further policy statements / policies are evaluated for the route. RoutePolicyActionReject )
type RoutePolicyActions ¶ added in v1.15.0
type RoutePolicyActions struct { // RouteAction defines an action taken on the matched route. RouteAction RoutePolicyAction // AddCommunities defines a list of BGP standard community values to be added to the matched route. // If empty, no communities will be added. AddCommunities []string // AddCommunities defines a list of BGP large community values to be added to the matched route. // If empty, no communities will be added. AddLargeCommunities []string // SetLocalPreference define a BGP local preference value to be set on the matched route. // If nil, no local preference is set. SetLocalPreference *int64 }
RoutePolicyActions define policy actions taken on route matched by a routing policy.
+deepequal-gen=true
func (*RoutePolicyActions) DeepEqual ¶ added in v1.15.0
func (in *RoutePolicyActions) DeepEqual(other *RoutePolicyActions) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type RoutePolicyConditions ¶ added in v1.15.0
type RoutePolicyConditions struct { // MatchNeighbors matches ANY of the provided BGP neighbor IP addresses. If empty matches all neighbors. MatchNeighbors []string // MatchPrefixes matches ANY of the provided prefixes. If empty matches all prefixes. MatchPrefixes []*RoutePolicyPrefixMatch }
RoutePolicyConditions represent conditions of a policy statement.
+deepequal-gen=true
func (*RoutePolicyConditions) DeepEqual ¶ added in v1.15.0
func (in *RoutePolicyConditions) DeepEqual(other *RoutePolicyConditions) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type RoutePolicyPrefixMatch ¶ added in v1.15.0
type RoutePolicyPrefixMatch struct { // CIDR is a prefix to match with. // +deepequal-gen=false CIDR netip.Prefix // PrefixLenMin is the minimal prefix length that will match if it falls under CIDR. PrefixLenMin int // PrefixLenMax is the maximal prefix length that will match if it falls under CIDR. PrefixLenMax int }
RoutePolicyPrefixMatch can be used to match a CIDR prefix in a routing policy. It can be used to perform exact prefix length matches (if CIDR.Bits() == PrefixLenMin == PrefixLenMax), or variable prefix length matches.
+deepequal-gen=true +deepequal-gen:private-method=true
func (*RoutePolicyPrefixMatch) DeepEqual ¶ added in v1.15.0
func (m *RoutePolicyPrefixMatch) DeepEqual(other *RoutePolicyPrefixMatch) bool
DeepEqual is a manually created deepequal function, deeply comparing the receiver with another. It compares fields with types that do not implement the `DeepEqual` method and calls the generated private `deepEqual` method which compares the rest of the fields.
type RoutePolicyRequest ¶ added in v1.15.0
type RoutePolicyRequest struct {
Policy *RoutePolicy
}
RoutePolicyRequest contains parameters for adding or removing a routing policy.
type RoutePolicyStatement ¶ added in v1.15.0
type RoutePolicyStatement struct { // Conditions of the statement. If ALL of them match a route, the Actions are taken on the route. Conditions RoutePolicyConditions // Actions define actions taken on a matched route. Actions RoutePolicyActions }
RoutePolicyStatement represents a single statement of a routing RoutePolicy. It contains conditions for matching a route and actions taken if a route matches the conditions.
+deepequal-gen=true
func (*RoutePolicyStatement) DeepEqual ¶ added in v1.15.0
func (in *RoutePolicyStatement) DeepEqual(other *RoutePolicyStatement) bool
DeepEqual is an autogenerated deepequal function, deeply comparing the receiver with other. in must be non-nil.
type RoutePolicyType ¶ added in v1.15.0
type RoutePolicyType int
RoutePolicyType defines the type of routing policy.
const ( // RoutePolicyTypeExport represents export routing policy type (affecting how the routes from RIB are advertised to peers). RoutePolicyTypeExport RoutePolicyType = iota // RoutePolicyTypeImport represents import routing policy type (affecting how the routes are imported into RIB). RoutePolicyTypeImport )
type RouteSelectionOptions ¶
type RouteSelectionOptions struct { // AdvertiseInactiveRoutes when set will advertise route even if it is not present in RIB AdvertiseInactiveRoutes bool }
RouteSelectionOptions contains generic BGP route selection tuning parameters
type Router ¶
type Router interface { Stop() // AddNeighbor configures BGP peer AddNeighbor(ctx context.Context, n NeighborRequest) error // UpdateNeighbor updates BGP peer UpdateNeighbor(ctx context.Context, n NeighborRequest) error // RemoveNeighbor removes BGP peer RemoveNeighbor(ctx context.Context, n NeighborRequest) error // ResetNeighbor resets BGP peering with the provided neighbor address ResetNeighbor(ctx context.Context, r ResetNeighborRequest) error // AdvertisePath advertises BGP Path to all configured peers AdvertisePath(ctx context.Context, p PathRequest) (PathResponse, error) // WithdrawPath removes BGP Path from all peers WithdrawPath(ctx context.Context, p PathRequest) error // AddRoutePolicy adds a new routing policy into the underlying router. AddRoutePolicy(ctx context.Context, p RoutePolicyRequest) error // RemoveRoutePolicy removes a routing policy from the underlying router. RemoveRoutePolicy(ctx context.Context, p RoutePolicyRequest) error // GetPeerState returns status of BGP peers GetPeerState(ctx context.Context) (GetPeerStateResponse, error) // GetRoutes retrieves routes from the RIB of underlying router GetRoutes(ctx context.Context, r *GetRoutesRequest) (*GetRoutesResponse, error) // GetRoutePolicies retrieves route policies from the underlying router GetRoutePolicies(ctx context.Context) (*GetRoutePoliciesResponse, error) // GetBGP returns configured BGP global parameters GetBGP(ctx context.Context) (GetBGPResponse, error) }
Router is vendor-agnostic cilium bgp configuration layer. Parameters of this layer are standard BGP RFC complaint and not specific to any underlying implementation.
func NewFakeRouter ¶ added in v1.16.0
func NewFakeRouter() Router
type Safi ¶
type Safi uint32
Safi is subsequent address family identifier
const ( SafiUnknown Safi = 0 SafiUnicast Safi = 1 SafiMulticast Safi = 2 SafiMplsLabel Safi = 4 SafiEncapsulation Safi = 7 SafiVpls Safi = 65 SafiEvpn Safi = 70 SafiLs Safi = 71 SafiSrPolicy Safi = 73 SafiMup Safi = 85 SafiMplsVpn Safi = 128 SafiMplsVpnMulticast Safi = 129 SafiRouteTargetConstraints Safi = 132 SafiFlowSpecUnicast Safi = 133 SafiFlowSpecVpn Safi = 134 SafiKeyValue Safi = 241 )
func ParseSafi ¶ added in v1.15.0
ParseSafi parses s as a subsequent address family identifier. If s is unknown, SafiUnknown is returned.
func (*Safi) FromString ¶
FromString assigns safi to s. An error is returned if safi is an unknown subsequent address family indicator.
type ServerParameters ¶
type ServerParameters struct {
Global BGPGlobal
}
ServerParameters contains information for underlying bgp implementation layer to initializing BGP process.
type SessionState ¶
type SessionState uint32
SessionState as defined in rfc4271#section-8.2.2
const ( SessionUnknown SessionState = iota SessionIdle SessionConnect SessionActive SessionOpenSent SessionOpenConfirm SessionEstablished )
func (SessionState) String ¶
func (s SessionState) String() string
type SoftResetDirection ¶ added in v1.15.0
type SoftResetDirection int
SoftResetDirection defines the direction in which a BGP soft reset should be performed
const ( SoftResetDirectionIn SoftResetDirection = iota SoftResetDirectionOut SoftResetDirectionBoth )
type TableType ¶
type TableType int
TableType specifies the routing table type of underlying router
func ParseTableType ¶ added in v1.15.0
ParseTableType parses s as a routing table type. If s is unknown, TableTypeUnknown is returned.