Documentation ¶
Index ¶
- Constants
- func ConfigureLink(link netlink.Link, info *cnicurrent.Result) error
- func CreateEscapeVethPair(innerNS ns.NetNS, ifName string, mtu int) (outerVeth, innerVeth netlink.Link, err error)
- func ExtractLinkInfo(link netlink.Link) (*cnicurrent.Result, error)
- func FindVeth() (netlink.Link, error)
- func GenerateMacAddress() (net.HardwareAddr, error)
- func OpenTAP(devName string) (*os.File, error)
- func RandomVethName() (string, error)
- func SetupBridge(bridgeName string, links []netlink.Link) (*netlink.Bridge, error)
- func SetupVeth(contVethName string, mtu int, hostNS ns.NetNS) (netlink.Link, netlink.Link, error)
- func StripLink(link netlink.Link) error
- func TeardownBridge(bridge netlink.Link, links []netlink.Link) error
- type ContainerNetwork
- type ContainerSideNetwork
- type InterfaceInfo
- type Route
Constants ¶
const ( SizeOfIfReq = 40 IFNAMSIZ = 16 )
Variables ¶
This section is empty.
Functions ¶
func ConfigureLink ¶
func ConfigureLink(link netlink.Link, info *cnicurrent.Result) error
ConfigureLink adds to link ip address and routes based on info.
func CreateEscapeVethPair ¶
func CreateEscapeVethPair(innerNS ns.NetNS, ifName string, mtu int) (outerVeth, innerVeth netlink.Link, err error)
CreateEscapeVethPair creates a veth pair with innerVeth residing in the specified network namespace innerNS and outerVeth residing in the 'outer' (current) namespace. TBD: move this to test tools
func ExtractLinkInfo ¶
func ExtractLinkInfo(link netlink.Link) (*cnicurrent.Result, error)
ExtractLinkInfo extracts ip address and netmask from veth interface in the current namespace, together with routes for this interface. There must be exactly one veth interface in the namespace and exactly one address associated with veth. Returns interface info struct and error, if any.
func FindVeth ¶
FindVeth locates veth link in the current network namespace. There must be exactly one veth interface in the namespace.
func GenerateMacAddress ¶
func GenerateMacAddress() (net.HardwareAddr, error)
copied from: https://github.com/coreos/rkt/blob/56564bac090b44788684040f2ffd66463f29d5d0/stage1/init/kvm/network.go#L71
func RandomVethName ¶
RandomVethName returns string "veth" with random prefix (hashed from entropy)
func SetupBridge ¶
SetupBridge creates a bridge and adds specified links to it. It sets bridge's MTU to MTU value of the first link.
func SetupVeth ¶
SetupVeth sets up a pair of virtual ethernet devices. Call SetupVeth from inside the container netns. It will create both veth devices and move the host-side veth into the provided hostNS namespace. On success, SetupVeth returns (hostVeth, containerVeth, nil)
Types ¶
type ContainerNetwork ¶
type ContainerNetwork struct { Info *cnicurrent.Result DhcpNS ns.NetNS }
type ContainerSideNetwork ¶
type ContainerSideNetwork struct { // Result contains CNI result object describing the network settings Result *cnicurrent.Result // TapFile contains an open File object pointing to Tap device inside // the network namespace TapFile *os.File // HardwareAddr stores the original hardware address of the // CNI veth interface HardwareAddr net.HardwareAddr }
ContainerSideNetwork struct describes the container (VM) network namespace properties
func SetupContainerSideNetwork ¶
func SetupContainerSideNetwork(info *cnicurrent.Result) (*ContainerSideNetwork, error)
SetupContainerSideNetwork sets up networking in container namespace. It does so by calling ExtractLinkInfo() first unless non-nil info argument is provided and then preparing the following network interfaces in container ns:
tap0 - tap interface for the VM br0 - a bridge that joins tap0 and original CNI veth
The bridge (br0) gets assigned a link-local address to be used for dhcp server. The function should be called from within container namespace. Returns container network struct and an error, if any
func (*ContainerSideNetwork) Teardown ¶
func (csn *ContainerSideNetwork) Teardown() error
Teardown cleans up container network configuration. It does so by invoking teardown sequence which removes ebtables rules, links and addresses in an order opposite to that of their creation in SetupContainerSideNetwork. The end result is the same network configuration in the container network namespace as it was before SetupContainerSideNetwork() call.