ipam

package
v1.7.16 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 20, 2021 License: Apache-2.0 Imports: 34 Imported by: 14

Documentation

Overview

Package ipam handles address allocation management

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrIPv4Disabled is returned when IPv4 allocation is disabled
	ErrIPv4Disabled = errors.New("IPv4 allocation disabled")

	// ErrIPv6Disabled is returned when Ipv6 allocation is disabled
	ErrIPv6Disabled = errors.New("IPv6 allocation disabled")
)

Error definitions

Functions

This section is empty.

Types

type AllocationResult

type AllocationResult struct {
	// IP is the allocated IP
	IP net.IP

	// CIDRs is a list of all CIDRs to which the IP has direct access to.
	// This is primarily useful if the IP has been allocated out of a VPC
	// subnet range and the VPC provides routing to a set of CIDRs in which
	// the IP is routable.
	CIDRs []string

	// Master is the MAC address of the master interface. This is useful
	// when the IP is a secondary address of an interface which is
	// represented on the node as a Linux device and all routing of the IP
	// must occur through that master interface.
	Master string

	// GatewayIP is the IP of the gateway which must be used for this IP.
	// If the allocated IP is derived from a VPC, then the gateway
	// represented the gateway of the VPC or VPC subnet.
	GatewayIP string

	// ExpirationUUID is the UUID of the expiration timer. This field is
	// only set if AllocateNextWithExpiration is used.
	ExpirationUUID string

	// InterfaceNumber is a field for generically identifying an interface.
	// This is only useful in ENI mode.
	InterfaceNumber string
}

AllocationResult is the result of an allocation

type Allocator

type Allocator interface {
	// Allocate allocates a specific IP or fails
	Allocate(ip net.IP, owner string) (*AllocationResult, error)

	// AllocateWithoutSyncUpstream allocates a specific IP without syncing
	// upstream or fails
	AllocateWithoutSyncUpstream(ip net.IP, owner string) (*AllocationResult, error)

	// Release releases a previously allocated IP or fails
	Release(ip net.IP) error

	// AllocateNext allocates the next available IP or fails if no more IPs
	// are available
	AllocateNext(owner string) (*AllocationResult, error)

	// AllocateNextWithoutSyncUpstream allocates the next available IP without syncing
	// upstream or fails if no more IPs are available
	AllocateNextWithoutSyncUpstream(owner string) (*AllocationResult, error)

	// Dump returns a map of all allocated IPs with the IP represented as
	// key in the map. Dump must also provide a status one-liner to
	// represent the overall status, e.g. number of IPs allocated and
	// overall health information if available.
	Dump() (map[string]string, string)

	// RestoreFinished marks the status of restoration as done
	RestoreFinished()
}

Allocator is the interface for an IP allocator implementation

type Configuration

type Configuration struct {
	EnableIPv4 bool
	EnableIPv6 bool
}

Configuration is the configuration of an IP address manager

type ErrAllocation

type ErrAllocation error

type Family

type Family string

Family is the type describing all address families support by the IP allocation manager

const (
	IPv6 Family = "ipv6"
	IPv4 Family = "ipv4"
)

func DeriveFamily

func DeriveFamily(ip net.IP) Family

DeriveFamily derives the address family of an IP

type IPAM

type IPAM struct {
	IPv6Allocator Allocator
	IPv4Allocator Allocator
	// contains filtered or unexported fields
}

Config is the IPAM configuration used for a particular IPAM type.

func NewIPAM

func NewIPAM(nodeAddressing datapath.NodeAddressing, c Configuration, owner Owner, k8sEventReg K8sEventRegister) *IPAM

NewIPAM returns a new IP address manager

func (*IPAM) AllocateIP

func (ipam *IPAM) AllocateIP(ip net.IP, owner string) (err error)

AllocateIP allocates a IP address.

func (*IPAM) AllocateIPString

func (ipam *IPAM) AllocateIPString(ipAddr, owner string) error

AllocateIPString is identical to AllocateIP but takes a string

func (*IPAM) AllocateIPWithoutSyncUpstream

func (ipam *IPAM) AllocateIPWithoutSyncUpstream(ip net.IP, owner string) (err error)

AllocateIPWithoutSyncUpstream allocates a IP address without syncing upstream.

func (*IPAM) AllocateNext

func (ipam *IPAM) AllocateNext(family, owner string) (ipv4Result, ipv6Result *AllocationResult, err error)

AllocateNext allocates the next available IPv4 and IPv6 address out of the configured address pool. If family is set to "ipv4" or "ipv6", then allocation is limited to the specified address family. If the pool has been drained of addresses, an error will be returned.

func (*IPAM) AllocateNextFamily

func (ipam *IPAM) AllocateNextFamily(family Family, owner string) (result *AllocationResult, err error)

AllocateNextFamily allocates the next IP of the requested address family

func (*IPAM) AllocateNextFamilyWithoutSyncUpstream

func (ipam *IPAM) AllocateNextFamilyWithoutSyncUpstream(family Family, owner string) (result *AllocationResult, err error)

AllocateNextFamilyWithoutSyncUpstream allocates the next IP of the requested address family without syncing upstream

func (*IPAM) AllocateNextWithExpiration

func (ipam *IPAM) AllocateNextWithExpiration(family, owner string, timeout time.Duration) (ipv4Result, ipv6Result *AllocationResult, err error)

AllocateNextWithExpiration is identical to AllocateNext but registers an expiration timer as well. This is identical to using AllocateNext() in combination with StartExpirationTimer()

func (*IPAM) BlacklistIP added in v1.6.0

func (ipam *IPAM) BlacklistIP(ip net.IP, owner string)

BlacklistIP ensures that a certain IP is never allocated. It is preferred to use BlacklistIP() instead of allocating the IP as the allocation block can change and suddenly cover the IP to be blacklisted.

func (*IPAM) BlacklistIPNet added in v1.6.0

func (ipam *IPAM) BlacklistIPNet(ipNet net.IPNet, owner string)

BlacklistIPNet ensures that a certain IPNetwork is never allocated, similar to BlacklistIP.

func (*IPAM) DebugStatus

func (ipam *IPAM) DebugStatus() string

DebugStatus implements debug.StatusObject to provide debug status collection ability

func (*IPAM) Dump

func (ipam *IPAM) Dump() (allocv4 map[string]string, allocv6 map[string]string, status string)

Dump dumps the list of allocated IP addresses

func (*IPAM) ReleaseIP

func (ipam *IPAM) ReleaseIP(ip net.IP) error

ReleaseIP release a IP address.

func (*IPAM) ReleaseIPString added in v1.5.0

func (ipam *IPAM) ReleaseIPString(releaseArg string) (err error)

ReleaseIPString is identical to ReleaseIP but takes a string and supports referring to the IPs to be released with the IP itself or the owner name used during allocation. If the owner can be referred to multiple IPs, then all IPs are being released.

func (*IPAM) ReserveLocalRoutes added in v1.5.0

func (ipam *IPAM) ReserveLocalRoutes()

ReserveLocalRoutes walks through local routes/subnets and reserves them in the allocator pool in case of overlap

func (*IPAM) StartExpirationTimer

func (ipam *IPAM) StartExpirationTimer(ip net.IP, timeout time.Duration) (string, error)

StartExpirationTimer installs an expiration timer for a previously allocated IP. Unless StopExpirationTimer is called in time, the IP will be released again after expiration of the specified timeout. The function will return a UUID representing the unique allocation attempt. The same UUID must be passed into StopExpirationTimer again.

This function is to be used as allocation and use of an IP can be controlled by an external entity and that external entity can disappear. Therefore such users should register an expiration timer before returning the IP and then stop the expiration timer when the IP has been used.

func (*IPAM) StopExpirationTimer

func (ipam *IPAM) StopExpirationTimer(ip net.IP, allocationUUID string) error

StopExpirationTimer will remove the expiration timer for a particular IP. The UUID returned by the symmetric StartExpirationTimer must be provided. The expiration timer will only be removed if the UUIDs match. Releasing an IP will also stop the expiration timer.

type IPBlacklist added in v1.6.0

type IPBlacklist struct {
	// contains filtered or unexported fields
}

IPBlacklist is a structure used to store information related to blacklisted IPs and IPNetworks.

func (*IPBlacklist) Contains added in v1.6.0

func (blacklist *IPBlacklist) Contains(ip net.IP) bool

Contains method is used to check if a particular IP is blacklisted or not.

type IPNetWithOwner added in v1.6.0

type IPNetWithOwner struct {
	// contains filtered or unexported fields
}

IPNetWithOwner is a structure containing a net.IPNet struct with the owner of that IP Network.

type K8sEventRegister

type K8sEventRegister interface {
	// K8sEventReceived is called to do metrics accounting for received
	// Kubernetes events
	K8sEventReceived(scope string, action string, valid, equal bool)

	// K8sEventProcessed is called to do metrics accounting for each processed
	// Kubernetes event
	K8sEventProcessed(scope string, action string, status bool)
}

type Owner

type Owner interface {
	// UpdateCiliumNodeResource is called to create/update the CiliumNode
	// resource. The function must block until the custom resource has been
	// created.
	UpdateCiliumNodeResource()
}

Owner is the interface the owner of an IPAM allocator has to implement

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL