node

package
v0.0.0-...-6fbeca2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 10, 2025 License: Apache-2.0 Imports: 73 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// udn-isolation chain contains rules for udn isolation from the host side.
	UDNIsolationChain = "udn-isolation"
)
View Source
const (

	// UDNMasqueradeIPRulePriority the priority of the ip routing rules created for masquerade IP address
	// allocated for every user defined network.
	UDNMasqueradeIPRulePriority = 2000
)

Variables

This section is empty.

Functions

func CleanupClusterNode

func CleanupClusterNode(name string) error

CleanupClusterNode cleans up OVS resources on the k8s node on ovnkube-node daemonset deletion. This is going to be a best effort cleanup.

func CleanupUDNHostIsolation

func CleanupUDNHostIsolation() error

CleanupUDNHostIsolation removes all nftables chains and sets created by UDNHostIsolationManager.

func DelLegacyMgtPortIptRules

func DelLegacyMgtPortIptRules()

DelLegacyMgtPortIptRules deletes legacy iptables rules for the management port; this is only used for cleaning up stale rules when upgrading, and can eventually be removed.

func DummyMasqueradeIPs

func DummyMasqueradeIPs() []net.IP

DummyMasqueradeIPs returns the fake host masquerade IPs used for service traffic routing. It is used in: br-ex, where we SNAT the traffic destined towards a service IP

func DummyNextHopIPs

func DummyNextHopIPs() []net.IP

DummyNextHopIPs returns the fake next hops used for service traffic routing. It is used in: - br-ex, where we don't really care about the next hop GW in use as traffic is always routed to OVN - OVN, only when there is no default GW as it wouldn't matter since there is no external traffic

func GetUDNMarkChain

func GetUDNMarkChain(pktMark string) string

GetUDNMarkChain returns the UDN mark chain name

func NewManagementPortEntry

func NewManagementPortEntry(port ManagementPort, cfg *managementPortConfig, routeManager *routemanager.Controller) *managementPortEntry

Types

type BaseNodeNetworkController

type BaseNodeNetworkController struct {
	CommonNodeNetworkControllerInfo

	// network information
	util.ReconcilableNetInfo
	// contains filtered or unexported fields
}

BaseNodeNetworkController structure per-network fields and network specific configuration

type CommonNodeNetworkControllerInfo

type CommonNodeNetworkControllerInfo struct {
	Kube kube.Interface
	// contains filtered or unexported fields
}

func NewCommonNodeNetworkControllerInfo

func NewCommonNodeNetworkControllerInfo(kubeClient clientset.Interface, apbExternalRouteClient adminpolicybasedrouteclientset.Interface, wf factory.NodeWatchFactory,
	eventRecorder record.EventRecorder, name string, routeManager *routemanager.Controller) *CommonNodeNetworkControllerInfo

NewCommonNodeNetworkControllerInfo creates and returns the base node network controller info

type DefaultNodeNetworkController

type DefaultNodeNetworkController struct {
	BaseNodeNetworkController

	Gateway Gateway
	// contains filtered or unexported fields
}

DefaultNodeNetworkController is the object holder for utilities meant for node management of default network

func NewDefaultNodeNetworkController

func NewDefaultNodeNetworkController(cnnci *CommonNodeNetworkControllerInfo, networkManager networkmanager.Interface) (*DefaultNodeNetworkController, error)

NewDefaultNodeNetworkController creates a new network controller for node management of the default network

func (*DefaultNodeNetworkController) PreStart

PreStart executes the first steps to start the DefaultNodeNetworkController. It is split from Start() and executed before SecondaryNodeNetworkController (SNNC), to allow SNNC to reference the openflow manager created in PreStart.

func (*DefaultNodeNetworkController) Reconcile

func (oc *DefaultNodeNetworkController) Reconcile(netInfo util.NetInfo) error

func (*DefaultNodeNetworkController) Start

Start learns the subnets assigned to it by the master controller and calls the SetupNode script which establishes the logical switch

func (*DefaultNodeNetworkController) Stop

func (nc *DefaultNodeNetworkController) Stop()

Stop gracefully stops the controller deleteLogicalEntities will never be true for default network

func (*DefaultNodeNetworkController) WatchEndpointSlices

func (nc *DefaultNodeNetworkController) WatchEndpointSlices() error

func (*DefaultNodeNetworkController) WatchNamespaces

func (nc *DefaultNodeNetworkController) WatchNamespaces() error

type Gateway

type Gateway interface {
	informer.ServiceAndEndpointsEventHandler
	Init(<-chan struct{}, *sync.WaitGroup) error
	Start()
	GetGatewayBridgeIface() string
	SetDefaultGatewayBridgeMAC(addr net.HardwareAddr)
	SetPodNetworkAdvertised(bool)
	Reconcile() error
}

Gateway responds to Service and Endpoint K8s events and programs OVN gateway functionality. It may also spawn threads to ensure the flow tables are kept in sync

type GatewayInterfaceMismatchError

type GatewayInterfaceMismatchError struct {
	// contains filtered or unexported fields
}

func (*GatewayInterfaceMismatchError) Error

func (error *GatewayInterfaceMismatchError) Error() string

type ManagementPort

type ManagementPort interface {
	// Create Management port, use annotator to update node annotation with management port details
	// and waiter to set up condition to wait on for management port creation
	Create(isRoutingAdvertised bool, routeManager *routemanager.Controller, node *v1.Node, nodeLister listers.NodeLister, kubeInterface kube.Interface, waiter *startupWaiter) (*managementPortConfig, error)
	// CheckManagementPortHealth checks periodically for management port health until stopChan is posted
	// or closed and reports any warnings/errors to log
	CheckManagementPortHealth(routeManager *routemanager.Controller, cfg *managementPortConfig) error
	// Currently, the management port(s) that doesn't have an assignable IP address are the following cases:
	//   - Full mode with HW backed device (e.g. Virtual Function Representor).
	//   - DPU mode with Virtual Function Representor.
	// It is up to the implementation of the ManagementPort to report whether an IP address can be assigned for the
	// type of ManagementPort.
	HasIpAddr() bool
}

ManagementPort is an interface that provides creation and healthcheck for ovn-k8s management port

func NewManagementPorts

func NewManagementPorts(nodeName string, hostSubnets []*net.IPNet, netdevName, rep string) []ManagementPort

NewManagementPorts creates a new ManagementPorts

type SecondaryNodeNetworkController

type SecondaryNodeNetworkController struct {
	BaseNodeNetworkController
	// contains filtered or unexported fields
}

SecondaryNodeNetworkController structure is the object which holds the controls for starting and reacting upon the watched resources (e.g. pods, endpoints) for secondary network

func NewSecondaryNodeNetworkController

func NewSecondaryNodeNetworkController(
	cnnci *CommonNodeNetworkControllerInfo,
	netInfo util.NetInfo,
	vrfManager *vrfmanager.Controller,
	ruleManager *iprulemanager.Controller,
	defaultNetworkGateway Gateway,
) (*SecondaryNodeNetworkController, error)

NewSecondaryNodeNetworkController creates a new OVN controller for creating logical network infrastructure and policy for the given secondary network. It supports layer3, layer2 and localnet topology types.

func (*SecondaryNodeNetworkController) Cleanup

func (nc *SecondaryNodeNetworkController) Cleanup() error

Cleanup cleans up node entities for the given secondary network

func (*SecondaryNodeNetworkController) Reconcile

func (oc *SecondaryNodeNetworkController) Reconcile(netInfo util.NetInfo) error

func (*SecondaryNodeNetworkController) Start

Start starts the default controller; handles all events and creates all needed logical entities

func (*SecondaryNodeNetworkController) Stop

func (nc *SecondaryNodeNetworkController) Stop()

Stop gracefully stops the controller

type UDNHostIsolationManager

type UDNHostIsolationManager struct {
	// contains filtered or unexported fields
}

UDNHostIsolationManager manages the host isolation for user defined networks. It uses nftables chain "udn-isolation" to only allow connection to primary UDN pods from kubelet. It also listens to systemd events to re-apply the rules after kubelet restart as cgroup matching is used.

func NewUDNHostIsolationManager

func NewUDNHostIsolationManager(ipv4, ipv6 bool, podInformer coreinformers.PodInformer) *UDNHostIsolationManager

func (*UDNHostIsolationManager) Start

Start must be called on node setup.

func (*UDNHostIsolationManager) Stop

func (m *UDNHostIsolationManager) Stop()

type UserDefinedNetworkGateway

type UserDefinedNetworkGateway struct {
	// network information
	util.NetInfo
	// contains filtered or unexported fields
}

UserDefinedNetworkGateway contains information required to program a UDN at each node's gateway. NOTE: Currently invoked only for primary networks.

func NewUserDefinedNetworkGateway

func NewUserDefinedNetworkGateway(netInfo util.NetInfo, networkID int, node *v1.Node, nodeLister listers.NodeLister,
	kubeInterface kube.Interface, vrfManager *vrfmanager.Controller, ruleManager *iprulemanager.Controller,
	defaultNetworkGateway Gateway) (*UserDefinedNetworkGateway, error)

func (UserDefinedNetworkGateway) AddEgressIP

func (g UserDefinedNetworkGateway) AddEgressIP(eip *egressipv1.EgressIP) error

func (UserDefinedNetworkGateway) AddEndpointSlice

func (g UserDefinedNetworkGateway) AddEndpointSlice(epSlice *discovery.EndpointSlice) error

func (*UserDefinedNetworkGateway) AddNetwork

func (udng *UserDefinedNetworkGateway) AddNetwork() error

AddNetwork will be responsible to create all plumbings required by this UDN on the gateway side

func (UserDefinedNetworkGateway) AddService

func (g UserDefinedNetworkGateway) AddService(svc *kapi.Service) error

func (*UserDefinedNetworkGateway) DelNetwork

func (udng *UserDefinedNetworkGateway) DelNetwork() error

DelNetwork will be responsible to remove all plumbings used by this UDN on the gateway side

func (UserDefinedNetworkGateway) DeleteEgressIP

func (g UserDefinedNetworkGateway) DeleteEgressIP(eip *egressipv1.EgressIP) error

func (UserDefinedNetworkGateway) DeleteEndpointSlice

func (g UserDefinedNetworkGateway) DeleteEndpointSlice(epSlice *discovery.EndpointSlice) error

func (UserDefinedNetworkGateway) DeleteService

func (g UserDefinedNetworkGateway) DeleteService(svc *kapi.Service) error

func (UserDefinedNetworkGateway) GetGatewayBridgeIface

func (g UserDefinedNetworkGateway) GetGatewayBridgeIface() string

func (*UserDefinedNetworkGateway) GetNetworkRuleMetadata

func (udng *UserDefinedNetworkGateway) GetNetworkRuleMetadata() string

func (UserDefinedNetworkGateway) Init

func (g UserDefinedNetworkGateway) Init(stopChan <-chan struct{}, wg *sync.WaitGroup) error

func (UserDefinedNetworkGateway) Reconcile

func (g UserDefinedNetworkGateway) Reconcile() error

Reconcile handles triggering updates to different components of a gateway, like OFM, Services

func (UserDefinedNetworkGateway) SetDefaultGatewayBridgeMAC

func (g UserDefinedNetworkGateway) SetDefaultGatewayBridgeMAC(macAddr net.HardwareAddr)

SetDefaultGatewayBridgeMAC updates the mac address for the OFM used to render flows with

func (UserDefinedNetworkGateway) SetPodNetworkAdvertised

func (g UserDefinedNetworkGateway) SetPodNetworkAdvertised(isPodNetworkAdvertised bool)

func (UserDefinedNetworkGateway) Start

func (g UserDefinedNetworkGateway) Start()

func (UserDefinedNetworkGateway) SyncEgressIP

func (g UserDefinedNetworkGateway) SyncEgressIP(eips []interface{}) error

func (UserDefinedNetworkGateway) SyncServices

func (g UserDefinedNetworkGateway) SyncServices(objs []interface{}) error

func (UserDefinedNetworkGateway) UpdateEgressIP

func (g UserDefinedNetworkGateway) UpdateEgressIP(oldEIP, newEIP *egressipv1.EgressIP) error

func (UserDefinedNetworkGateway) UpdateEndpointSlice

func (g UserDefinedNetworkGateway) UpdateEndpointSlice(oldEpSlice, newEpSlice *discovery.EndpointSlice) error

func (UserDefinedNetworkGateway) UpdateService

func (g UserDefinedNetworkGateway) UpdateService(old, new *kapi.Service) error

Directories

Path Synopsis
controllers

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL