util

package
v0.0.0-...-1da16c0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 14, 2025 License: Apache-2.0 Imports: 119 Imported by: 15

Documentation

Index

Constants

View Source
const (
	DPUConnectionDetailsAnnot = "k8s.ovn.org/dpu.connection-details"
	DPUConnectionStatusAnnot  = "k8s.ovn.org/dpu.connection-status"

	DPUConnectionStatusReady = "Ready"
	DPUConnectionStatusError = "Error"
)
View Source
const (
	EgressIPMarkAnnotation = "k8s.ovn.org/egressip-mark"
	EgressIPMarkBase       = 50000
	EgressIPMarkMax        = 55000
)
View Source
const (
	// Annotation used to enable/disable multicast in the namespace
	NsMulticastAnnotation = "k8s.ovn.org/multicast-enabled"
	// Annotations used by multiple external gateways feature
	RoutingExternalGWsAnnotation    = "k8s.ovn.org/routing-external-gws"
	RoutingNamespaceAnnotation      = "k8s.ovn.org/routing-namespaces"
	RoutingNetworkAnnotation        = "k8s.ovn.org/routing-network"
	BfdAnnotation                   = "k8s.ovn.org/bfd-enabled"
	ExternalGatewayPodIPsAnnotation = "k8s.ovn.org/external-gw-pod-ips"
	// Annotation for enabling ACL logging to controller's log file
	AclLoggingAnnotation = "k8s.ovn.org/acl-logging"
)
View Source
const (
	// OvnNodeL3GatewayConfig is the constant string representing the l3 gateway annotation key
	OvnNodeL3GatewayConfig = "k8s.ovn.org/l3-gateway-config"

	// OvnNodeGatewayMtuSupport determines if option:gateway_mtu shall be set for GR router ports.
	OvnNodeGatewayMtuSupport = "k8s.ovn.org/gateway-mtu-support"

	// OvnNodeManagementPort is the constant string representing the annotation key
	OvnNodeManagementPort = "k8s.ovn.org/node-mgmt-port"

	// OvnNodeManagementPortMacAddresses contains all mac addresses of the management ports
	// on all networks keyed by the network-name
	// k8s.ovn.org/node-mgmt-port-mac-addresses: {
	// "default":"ca:53:88:23:bc:98",
	// "l2-network":"5e:52:2a:c0:98:f4",
	// "l3-network":"1a:2c:34:29:b7:be"}
	OvnNodeManagementPortMacAddresses = "k8s.ovn.org/node-mgmt-port-mac-addresses"

	// OvnNodeChassisID is the systemID of the node needed for creating L3 gateway
	OvnNodeChassisID = "k8s.ovn.org/node-chassis-id"

	// OvnNodeIfAddr is the CIDR form representation of primary network interface's attached IP address (i.e: 192.168.126.31/24 or 0:0:0:0:0:feff:c0a8:8e0c/64)
	OvnNodeIfAddr = "k8s.ovn.org/node-primary-ifaddr"

	// ovnNodeGRLRPAddrs is the CIDR form representation of Gate Router LRP IP address to join switch (i.e: 100.64.0.4/16)
	// for all the networks keyed by the network-name and ipFamily.
	// "k8s.ovn.org/node-gateway-router-lrp-ifaddrs": "{
	//		\"default\":{\"ipv4\":\"100.64.0.4/16\",\"ipv6\":\"fd98::4/64\"},
	//		\"l2-network\":{\"ipv4\":\"100.65.0.4/16\",\"ipv6\":\"fd99::4/64\"},
	//		\"l3-network\":{\"ipv4\":\"100.65.0.4/16\",\"ipv6\":\"fd99::4/64\"}
	// }",
	OVNNodeGRLRPAddrs = "k8s.ovn.org/node-gateway-router-lrp-ifaddrs"

	// OvnNodeMasqCIDR is the CIDR form representation of the masquerade subnet that is currently configured on this node (i.e. 169.254.169.0/29)
	OvnNodeMasqCIDR = "k8s.ovn.org/node-masquerade-subnet"

	// OVNNodeHostCIDRs is used to track the different host IP addresses and subnet masks on the node
	OVNNodeHostCIDRs = "k8s.ovn.org/host-cidrs"

	// OVNNodeSecondaryHostEgressIPs contains EgressIP addresses that aren't managed by OVN. The EIP addresses are assigned to
	// standard linux interfaces and not interfaces of type OVS.
	OVNNodeSecondaryHostEgressIPs = "k8s.ovn.org/secondary-host-egress-ips"

	// OVNNodeBridgeEgressIPs contains the EIP addresses that are assigned to default external bridge linux interface of type OVS.
	OVNNodeBridgeEgressIPs = "k8s.ovn.org/bridge-egress-ips"

	// OvnNodeZoneName is the zone to which the node belongs to. It is set by ovnkube-node.
	// ovnkube-node gets the node's zone from the OVN Southbound database.
	OvnNodeZoneName = "k8s.ovn.org/zone-name"

	/** HACK BEGIN **/
	// TODO(tssurya): Remove this annotation a few months from now (when one or two release jump
	// upgrades are done). This has been added only to minimize disruption for upgrades when
	// moving to interconnect=true.
	// We want the legacy ovnkube-master to wait for remote ovnkube-node to
	// signal it using "k8s.ovn.org/remote-zone-migrated" annotation before
	// considering a node as remote when we upgrade from "global" (1 zone IC)
	// zone to multi-zone. This is so that network disruption for the existing workloads
	// is negligible and until the point where ovnkube-node flips the switch to connect
	// to the new SBDB, it would continue talking to the legacy RAFT ovnkube-sbdb to ensure
	// OVN/OVS flows are intact.
	// OvnNodeMigratedZoneName is the zone to which the node belongs to. It is set by ovnkube-node.
	// ovnkube-node gets the node's zone from the OVN Southbound database.
	OvnNodeMigratedZoneName = "k8s.ovn.org/remote-zone-migrated"

	// InvalidNodeID indicates an invalid node id
	InvalidNodeID = -1

	// InvalidID signifies its an invalid network id or invalid tunnel id
	InvalidID = -1

	// NoID signifies its an empty tunnel id (its reserved as un-usable when the allocator is created)
	NoID = 0
)
View Source
const (
	OvnNbdbLocation = "/etc/ovn/ovnnb_db.db"
	OvnSbdbLocation = "/etc/ovn/ovnsb_db.db"
	FloodAction     = "FLOOD"
	NormalAction    = "NORMAL"
)
View Source
const (
	// OvnPodAnnotationName is the constant string representing the POD annotation key
	OvnPodAnnotationName = "k8s.ovn.org/pod-networks"
	// DefNetworkAnnotation is the pod annotation for the cluster-wide default network
	DefNetworkAnnotation = "v1.multus-cni.io/default-network"
	// OvnUDNIPAMClaimName is used for workload owners to instruct OVN-K which
	// IPAMClaim will hold the allocation for the workload
	OvnUDNIPAMClaimName = "k8s.ovn.org/primary-udn-ipamclaim"
	// UDNOpenPortsAnnotationName is the pod annotation to open default network pods on UDN pods.
	UDNOpenPortsAnnotationName = "k8s.ovn.org/open-default-ports"
)
View Source
const (
	PcidevPrefix = "device"
	NetSysDir    = "/sys/class/net"
)
View Source
const (
	// OVNEgressIPOwnerRefLabel is the label annotation indicating the egress
	// IP object owner of a CloudPrivateIPConfig object
	OVNEgressIPOwnerRefLabel = "k8s.ovn.org/egressip-owner-ref"
)
View Source
const (
	RoutingTableIDStart = 1000
)
View Source
const UnlimitedNodeCapacity = math.MaxInt32

Variables

View Source
var (
	ErrorAttachDefNotOvnManaged = errors.New("net-attach-def not managed by OVN")
	ErrorUnsupportedIPAMKey     = errors.New("IPAM key is not supported. Use OVN-K provided IPAM via the `subnets` attribute")
)
View Source
var AppFs = afero.NewOsFs()
View Source
var ErrNoPodIPFound = errors.New("no pod IPs found")
View Source
var ErrOverridePodIPs = errors.New("requested pod IPs trying to override IPs exists in pod annotation")
View Source
var ErrorNoIP = errors.New("no IP available")
View Source
var OvnConflictBackoff = wait.Backoff{
	Steps:    2,
	Duration: 10 * time.Millisecond,
	Factor:   5.0,
	Jitter:   0.1,
}

OvnConflictBackoff is the backoff used for pod annotation update conflict

Functions

func AddOFFlowWithSpecificAction

func AddOFFlowWithSpecificAction(bridgeName, action string) (string, string, error)

AddOFFlowWithSpecificAction replaces flows in the bridge by a single flow with a specified action

func AddRoutesGatewayIP

func AddRoutesGatewayIP(
	netinfo NetInfo,
	pod *v1.Pod,
	podAnnotation *PodAnnotation,
	network *nadapi.NetworkSelectionElement) error

addRoutesGatewayIP updates the provided pod annotation for the provided pod with the gateways derived from the allocated IPs

func AllowsPersistentIPs

func AllowsPersistentIPs(netInfo NetInfo) bool

func AreNetworksCompatible

func AreNetworksCompatible(l, r NetInfo) bool

AreNetworksCompatible checks if both networks are compatible and thus can be reconciled. Networks are compatible if they are defined by the same static network configuration.

func BridgeToNic

func BridgeToNic(bridge string) error

BridgeToNic moves the IP address and routes of internal port of the bridge to underlying NIC interface and deletes the OVS bridge.

func CalculateRouteTableID

func CalculateRouteTableID(ifIndex int) int

CalculateRouteTableID will calculate route table ID based on the network interface index

func ContainsCIDR

func ContainsCIDR(ipnet1, ipnet2 *net.IPNet) bool

ContainsCIDR returns true if ipnet1 contains ipnet2

func CopyIPNets

func CopyIPNets(ipnets []*net.IPNet) []*net.IPNet

CopyIPNets copies the provided slice of IPNet

func CreateNodeMasqueradeSubnetAnnotation

func CreateNodeMasqueradeSubnetAnnotation(nodeAnnotation map[string]interface{}, nodeIPNetv4,
	nodeIPNetv6 *net.IPNet) (map[string]interface{}, error)

CreateNodeMasqueradeSubnetAnnotation sets the IPv4 / IPv6 values of the node's Masquerade subnet.

func CreateNodeTransitSwitchPortAddrAnnotation

func CreateNodeTransitSwitchPortAddrAnnotation(nodeAnnotation map[string]interface{}, nodeIPNetv4,
	nodeIPNetv6 *net.IPNet) (map[string]interface{}, error)

CreateNodeTransitSwitchPortAddrAnnotation creates the node annotation for the node's Transit switch port addresses.

func DefaultNetworkPodIPs

func DefaultNetworkPodIPs(pod *v1.Pod) ([]net.IP, error)

func DeleteConntrack

func DeleteConntrack(ip string, port int32, protocol kapi.Protocol, ipFilterType netlink.ConntrackFilterType, labels [][]byte) error

func DeleteConntrackServicePort

func DeleteConntrackServicePort(ip string, port int32, protocol kapi.Protocol, ipFilterType netlink.ConntrackFilterType,
	labels [][]byte) error

DeleteConntrackServicePort is a wrapper around DeleteConntrack for the purpose of deleting conntrack entries that belong to ServicePorts. Before deleting any conntrack entry, it makes sure that the port is valid. If the port is invalid, it will log a level 5 info message and simply return.

func DeleteNodeHostSubnetAnnotation

func DeleteNodeHostSubnetAnnotation(nodeAnnotator kube.Annotator)

DeleteNodeHostSubnetAnnotation removes a "k8s.ovn.org/node-subnets" annotation using a kube.Annotator

func DetectCheckPktLengthSupport

func DetectCheckPktLengthSupport(bridge string) (bool, error)

DetectCheckPktLengthSupport checks if OVN supports check packet length action in OVS kernel datapath

func DetectSCTPSupport

func DetectSCTPSupport() (bool, error)

DetectSCTPSupport checks if OVN supports SCTP for load balancer

func DoesEndpointSliceContainEligibleEndpoint

func DoesEndpointSliceContainEligibleEndpoint(endpointSlice *discovery.EndpointSlice,
	epIP string, epPort int32, protocol kapi.Protocol, service *kapi.Service) bool

DoesEndpointSliceContainEndpoint returns true if the endpointslice contains an endpoint with the given IP, port and Protocol and if this endpoint is considered eligible.

func DoesNetworkNeedReconciliation

func DoesNetworkNeedReconciliation(l, r NetInfo) bool

DoesNetworkNeedReconciliation checks if both networks hold differences in their dynamic network configuration that could potentially be reconciled. Note this method does not check for compatibility.

func DoesNetworkRequireIPAM

func DoesNetworkRequireIPAM(netInfo NetInfo) bool

func DoesNetworkRequireTunnelIDs

func DoesNetworkRequireTunnelIDs(netInfo NetInfo) bool

func EgressIPMarkAnnotationChanged

func EgressIPMarkAnnotationChanged(annotationA, annotationB map[string]string) bool

EgressIPMarkAnnotationChanged returns true if the EgressIP mark annotation changed

func EventRecorder

func EventRecorder(kubeClient kubernetes.Interface) record.EventRecorder

EventRecorder returns an EventRecorder type that can be used to post Events to different object's lifecycles.

func FilterIPsSlice

func FilterIPsSlice(s []string, filter []net.IPNet, keep bool) []string

FilterIPsSlice will filter a list of IPs by a list of CIDRs. By default, it will *remove* all IPs that match filter, unless keep is true.

It is dual-stack aware.

func GenerateExternalIDsForSwitchOrRouter

func GenerateExternalIDsForSwitchOrRouter(netInfo NetInfo) map[string]string

GenerateExternalIDsForSwitchOrRouter returns the external IDs for logical switches and logical routers when it runs on a primary or secondary network. It returns an empty map when on the default cluster network, for backward compatibility.

func GenerateId

func GenerateId(length int) string

GenerateId returns a random id as a string with the requested length

func GenerateRandMAC

func GenerateRandMAC() (net.HardwareAddr, error)

GenerateRandMAC generates a random unicast and locally administered MAC address. LOOTED FROM https://github.com/cilium/cilium/blob/v1.12.6/pkg/mac/mac.go#L106

func GetAllClusterSubnetsFromEntries

func GetAllClusterSubnetsFromEntries(cidrNetEntries []config.CIDRNetworkEntry) []*net.IPNet

GetAllClusterSubnetsFromEntries extracts IPNet info from CIDRNetworkEntry(s)

func GetAnnotatedNetworkName

func GetAnnotatedNetworkName(netattachdef *nettypes.NetworkAttachmentDefinition) string

GetAnnotatedNetworkName gets the network name annotated by cluster manager nad controller

func GetBridgeName

func GetBridgeName(iface string) string

func GetChildStopChanWithTimeout

func GetChildStopChanWithTimeout(parentStopChan <-chan struct{}, duration time.Duration) chan struct{}

func GetClusterIPs

func GetClusterIPs(service *kapi.Service) []string

GetClusterIPs return an array with the ClusterIPs present in the service for backward compatibility with versions < 1.20 we need to handle the case where only ClusterIP exist

func GetClusterSubnets

func GetClusterSubnets() ([]*net.IPNet, []*net.IPNet)

GetClusterSubnets returns the v4 and v6 cluster subnets in two separate slices

func GetClusterSubnetsWithHostPrefix

func GetClusterSubnetsWithHostPrefix() ([]config.CIDRNetworkEntry, []config.CIDRNetworkEntry)

GetClusterSubnetsWithHostPrefix returns the v4 and v6 cluster subnets, along with their host prefix, in two separate slices

func GetConntrackZone

func GetConntrackZone() int

func GetDNSNames

func GetDNSNames(ef *egressfirewall.EgressFirewall) []string

GetDNSNames iterates through the egress firewall rules and returns the DNS names present in them after validating the rules.

func GetDPUHostInterface

func GetDPUHostInterface(bridgeName string) (string, error)

GetDPUHostInterface returns the host representor interface attached to bridge

func GetDatapathType

func GetDatapathType(bridge string) (string, error)

func GetDefaultEndpointSlicesEventHandler

func GetDefaultEndpointSlicesEventHandler(handlerFuncs cache.ResourceEventHandlerFuncs) cache.ResourceEventHandler

func GetDeviceIDFromNetdevice

func GetDeviceIDFromNetdevice(netdev string) (string, error)

GetDeviceIDFromNetdevice retrieves device ID for passed netdevice which is PCI address for regular netdevice, eg. VF, or Auxiliary Device name for SF netdevice

func GetEgressIPNetwork

func GetEgressIPNetwork(node *v1.Node, eIPConfig *ParsedNodeEgressIPConfiguration, eIP net.IP) (string, error)

GetEgressIPNetwork attempts to retrieve a network that contains EgressIP. Check the OVN network first as represented by parameter eIPConfig, and if no match is found, and if not in a cloud environment, check secondary host networks.

func GetEligibleEndpointAddresses

func GetEligibleEndpointAddresses(endpoints []discovery.Endpoint, service *kapi.Service) []string

func GetEligibleEndpointAddressesFromSlices

func GetEligibleEndpointAddressesFromSlices(endpointSlices []*discovery.EndpointSlice, service *kapi.Service) []string

GetEligibleEndpointAddressesFromSlices returns a list of IP addresses of all eligible endpoints from the given endpoint slices.

func GetEndpointSlicesBySelector

func GetEndpointSlicesBySelector(namespace string, labelSelector metav1.LabelSelector, endpointSliceLister discoverylisters.EndpointSliceLister) ([]*discoveryv1.EndpointSlice, error)

GetEndpointSlicesBySelector returns a list of EndpointSlices in a given namespace by the label selector

func GetEndpointSlicesEventHandlerForNetwork

func GetEndpointSlicesEventHandlerForNetwork(handlerFuncs cache.ResourceEventHandlerFuncs, netInfo NetInfo) cache.ResourceEventHandler

GetEndpointSlicesEventHandlerForNetwork returns an event handler based on the provided handlerFuncs and netInfo. On the default network, it returns a handler that filters out the mirrored EndpointSlices. Conversely in a primary network it returns a handler that only keeps the mirrored EndpointSlices and filters out the original ones. Otherwise, returns handlerFuncs as is.

func GetExec

func GetExec() kexec.Interface

GetExec returns the exec interface which can be used for running commands directly. Only use for passing an exec interface into pkg/config which cannot call this function directly because this module imports pkg/config already.

func GetExtPortName

func GetExtPortName(bridgeID, nodeName string) string

GetExtPortName determines the name of a node's logical port to the external bridge.

func GetExtSwitchFromNode

func GetExtSwitchFromNode(node string) string

GetGatewayRouterFromNode determines a node's corresponding gateway router name

func GetExternalAndLBIPs

func GetExternalAndLBIPs(service *kapi.Service) []string

GetExternalAndLBIPs returns an array with the ExternalIPs and LoadBalancer IPs present in the service

func GetExternalIDValByKey

func GetExternalIDValByKey(keyValString, key string) string

GetExternalIDValByKey returns the value of the specified key in a space separated string (each in the form of k=v)

func GetFilteredInterfaceAddrs

func GetFilteredInterfaceAddrs(link netlink.Link, v4, v6 bool) ([]netlink.Addr, error)

GetFilteredInterfaceAddrs returns addresses attached to a link and filters out link local addresses, OVN reserved IPs, keepalived IPs and addresses marked as secondary or deprecated.

func GetFilteredInterfaceV4V6IPs

func GetFilteredInterfaceV4V6IPs(iface string) ([]*net.IPNet, error)

GetFilteredInterfaceV4V6IPs returns the IP addresses for the network interface 'iface' for ipv4 and ipv6. Filter out addresses that are link local, reserved for internal use or added by keepalived.

func GetFunctionRepresentorName

func GetFunctionRepresentorName(deviceID string) (string, error)

GetFunctionRepresentorName returns representor name for passed device ID. Supported devices are Virtual Function or Scalable Function

func GetGatewayRouterFromNode

func GetGatewayRouterFromNode(node string) string

GetGatewayRouterFromNode determines a node's corresponding gateway router name

func GetHybridOverlayPortName

func GetHybridOverlayPortName(nodeName string) string

GetHybridOverlayPortName returns the name of the hybrid overlay switch port for a given node

func GetIFNameAndMTUForAddress

func GetIFNameAndMTUForAddress(ifAddress net.IP) (string, int, error)

GetIFNameAndMTUForAddress returns the interfaceName and MTU for the given network address

func GetIPFamily

func GetIPFamily(v6 bool) int

func GetIPFullMask

func GetIPFullMask(ip net.IP) net.IPMask

GetIPFullMask returns a full IPv4 IPMask if ip is IPV4 family or a full IPv6 IPMask otherwise

func GetIPFullMaskString

func GetIPFullMaskString(ip string) string

GetIPFullMaskString returns /32 if ip is IPV4 family and /128 if ip is IPV6 family

func GetIPNetFullMask

func GetIPNetFullMask(ipStr string) (*net.IPNet, error)

GetIPNetFullMask returns an IPNet object for IPV4 or IPV6 address with a full subnet mask

func GetIPNetFullMaskFromIP

func GetIPNetFullMaskFromIP(ip net.IP) *net.IPNet

GetIPNetFullMaskFromIP returns an IPNet object for IPV4 or IPV6 address with a full subnet mask

func GetIPv6OnSubnet

func GetIPv6OnSubnet(iface string, ip *net.IPNet) (*net.IPNet, error)

GetIPv6OnSubnet when given an IPv6 address with a 128 prefix for an interface, looks for possible broadest subnet on-link routes and returns the same address with the found subnet prefix. Otherwise it returns the provided address unchanged.

func GetIfaceId

func GetIfaceId(podNamespace, podName string) string

func GetK8sMgmtIntfName

func GetK8sMgmtIntfName(nodeName string) string

GetK8sMgmtIntfName returns the management port name for a given node.

func GetK8sPodAllNetworkSelections

func GetK8sPodAllNetworkSelections(pod *v1.Pod) ([]*nadapi.NetworkSelectionElement, error)

GetK8sPodAllNetworkSelections get pod's all network NetworkSelectionElement from k8s.v1.cni.cncf.io/networks annotation

func GetK8sPodDefaultNetworkSelection

func GetK8sPodDefaultNetworkSelection(pod *v1.Pod) (*nadapi.NetworkSelectionElement, error)

GetK8sPodDefaultNetworkSelection get pod default network from annotations

func GetLegacyK8sMgmtIntfName

func GetLegacyK8sMgmtIntfName(nodeName string) string

GetLegacyK8sMgmtIntfName returns legacy management ovs-port name

func GetLocalEligibleEndpointAddressesFromSlices

func GetLocalEligibleEndpointAddressesFromSlices(endpointSlices []*discovery.EndpointSlice, service *kapi.Service, nodeName string) sets.Set[string]

GetLocalEligibleEndpointAddressesFromSlices returns a set of IP addresses of endpoints that are local to the specified node and are eligible.

func GetLogicalPortName

func GetLogicalPortName(podNamespace, podName string) string

func GetMACAddressFromARP

func GetMACAddressFromARP(neighIP net.IP) (net.HardwareAddr, error)

func GetNADName

func GetNADName(namespace, name string) string

GetNADName returns key of NetAttachDefInfo.NetAttachDefs map, also used as Pod annotation key

func GetNamespacePodFromCDNPortName

func GetNamespacePodFromCDNPortName(portName string) (string, string)

func GetNetdevNameFromDeviceId

func GetNetdevNameFromDeviceId(deviceId string, deviceInfo nadapi.DeviceInfo) (string, error)

GetNetdevNameFromDeviceId returns the netdevice name from the passed device ID.

func GetNetworkID

func GetNetworkID(nodes []*corev1.Node, nInfo NetInfo) (int, error)

GetNetworkID will retrieve the network id for the specified network from the first node that contains that network at the network id annotations, it will return at the first ocurrence, rest of nodes will not be parsed.

func GetNetworkScopedK8sMgmtHostIntfName

func GetNetworkScopedK8sMgmtHostIntfName(networkID uint) string

GetNetworkScopedK8sMgmtHostIntfName returns the management port host interface name for a network id NOTE: network id is used instead of name so we don't reach the linux device name limit of 15 chars

func GetNetworkVRFName

func GetNetworkVRFName(netInfo NetInfo) string

func GetNicName

func GetNicName(brName string) (string, error)

GetNicName returns the physical NIC name, given an OVS bridge name configured by NicToBridge()

func GetNodeAddresses

func GetNodeAddresses(ipv4, ipv6 bool, nodes ...*v1.Node) (ipsv4 []net.IP, ipsv6 []net.IP, err error)

GetNodeAddresses returns all of the node's IPv4 and/or IPv6 annotated addresses as requested. Note that nodes not annotated will be ignored.

func GetNodeChassisID

func GetNodeChassisID() (string, error)

GetNodeChassisID returns the machine's OVN chassis ID

func GetNodeEgressLabel

func GetNodeEgressLabel() string

GetNodeEgressLabel returns label annotation needed for marking nodes as egress assignable

func GetNodeGatewayIfAddr

func GetNodeGatewayIfAddr(subnet *net.IPNet) *net.IPNet

GetNodeGatewayIfAddr returns the node logical switch gateway address (the ".1" address), return nil if the subnet is invalid

func GetNodeHostAddrs

func GetNodeHostAddrs(node *kapi.Node) ([]string, error)

GetNodeHostAddrs returns the parsed Host CIDR annotation of the given node as an array of strings. If the annotation is not set, then we return empty list.

func GetNodeHybridOverlayIfAddr

func GetNodeHybridOverlayIfAddr(subnet *net.IPNet) *net.IPNet

GetNodeHybridOverlayIfAddr returns the node logical switch hybrid overlay port address (the ".3" address), return nil if the subnet is invalid

func GetNodeID

func GetNodeID(node *kapi.Node) int

GetNodeID returns the id of the node set in the 'ovnNodeID' node annotation. Returns InvalidNodeID (-1) if the 'ovnNodeID' node annotation is not set or if the value is not an integer value.

func GetNodeIfAddrAnnotation

func GetNodeIfAddrAnnotation(node *kapi.Node) (*primaryIfAddrAnnotation, error)

func GetNodeInternalAddrs

func GetNodeInternalAddrs(node *v1.Node) (net.IP, net.IP)

GetNodeInternalAddrs returns the first IPv4 and/or IPv6 InternalIP defined for the node. On certain cloud providers (AWS) the egress IP will be added to the list of node IPs as an InternalIP address, we don't want to create the default allow logical router policies for that IP. Node IPs are ordered, meaning the egress IP will never be first in this list.

func GetNodeManagementIfAddr

func GetNodeManagementIfAddr(subnet *net.IPNet) *net.IPNet

GetNodeManagementIfAddr returns the node logical switch management port address (the ".2" address), return nil if the subnet is invalid

func GetNodeNetworkIDsAnnotationNetworkIDs

func GetNodeNetworkIDsAnnotationNetworkIDs(node *kapi.Node) (map[string]int, error)

GetNodeNetworkIDsAnnotationNetworkIDs parses the "k8s.ovn.org/network-ids" annotation on a node and returns the map of network name and ids.

func GetNodePrimaryIP

func GetNodePrimaryIP(node *kapi.Node) (string, error)

GetNodePrimaryIP extracts the primary IP address from the node status in the API

func GetNodeSubnetAnnotationNetworkNames

func GetNodeSubnetAnnotationNetworkNames(node *kapi.Node) ([]string, error)

GetNodeSubnetAnnotationNetworkNames parses the "k8s.ovn.org/node-subnets" annotation on a node and returns the list of network names set.

func GetNodeZone

func GetNodeZone(node *kapi.Node) string

GetNodeZone returns the zone of the node set in the 'ovnNodeZoneName' node annotation. If the annotation is not set, it returns the 'default' zone name.

func GetOFFlows

func GetOFFlows(bridgeName string) ([]string, error)

GetOFFlows gets all the flows from a bridge

func GetOVSOfPort

func GetOVSOfPort(args ...string) (string, string, error)

GetOVSOfPort runs get ofport via ovs-vsctl and handle special return strings.

func GetOVSPortMACAddress

func GetOVSPortMACAddress(portName string) (net.HardwareAddr, error)

GetOVSPortMACAddress returns the MAC address of a given OVS port

func GetOVSPortPodInfo

func GetOVSPortPodInfo(hostIfName string) (bool, string, string, error)

GetOVSPortPodInfo gets OVS interface associated pod information (sandbox/NAD), returns false if the OVS interface does not exists

func GetOpenFlowPorts

func GetOpenFlowPorts(bridgeName string, namedPorts bool) ([]string, error)

GetOpenFlowPorts names or numbers for a given bridge

func GetOvnRunDir

func GetOvnRunDir() string

GetOvnRunDir returns the OVN's rundir.

func GetOvsDBServerPID

func GetOvsDBServerPID() (string, error)

GetOvsDBServerPID retrieves the Process IDentifier for ovs-vswitchd daemon.

func GetOvsVSwitchdPID

func GetOvsVSwitchdPID() (string, error)

GetOvsVSwitchdPID retrieves the Process IDentifier for ovs-vswitchd daemon.

func GetPatchPortName

func GetPatchPortName(bridgeID, nodeName string) string

GetPatchPortName determines the name of the patch port on the external bridge, which connects to br-int

func GetPodCIDRsWithFullMask

func GetPodCIDRsWithFullMask(pod *v1.Pod, nInfo NetInfo) ([]*net.IPNet, error)

GetPodCIDRsWithFullMask returns the pod's IP addresses in a CIDR with FullMask format Internally it calls GetPodIPsOfNetwork

func GetPodCIDRsWithFullMaskOfNetwork

func GetPodCIDRsWithFullMaskOfNetwork(pod *v1.Pod, nadName string) []*net.IPNet

GetPodCIDRsWithFullMaskOfNetwork returns the pod's IP addresses in a CIDR with FullMask format from a pod network annotation 'k8s.ovn.org/pod-networks' using key nadName.

func GetPodIPsOfNetwork

func GetPodIPsOfNetwork(pod *v1.Pod, nInfo NetInfo) ([]net.IP, error)

GetPodIPsOfNetwork returns the pod's IP addresses, first from the OVN annotation and then falling back to the Pod Status IPs. This function is intended to also return IPs for HostNetwork and other non-OVN-IPAM-ed pods.

func GetPodNADToNetworkMapping

func GetPodNADToNetworkMapping(pod *kapi.Pod, nInfo NetInfo) (bool, map[string]*nettypes.NetworkSelectionElement, error)

GetPodNADToNetworkMapping sees if the given pod needs to plumb over this given network specified by netconf, and return the matching NetworkSelectionElement if any exists.

Return value:

bool: if this Pod is on this Network; true or false
map[string]*nettypes.NetworkSelectionElement: all NetworkSelectionElement that pod is requested
    for the specified network, key is NADName. Note multiple NADs of the same network are allowed
    on one pod, as long as they are of different NADName.
error:  error in case of failure

func GetPodNADToNetworkMappingWithActiveNetwork

func GetPodNADToNetworkMappingWithActiveNetwork(pod *kapi.Pod, nInfo NetInfo, activeNetwork NetInfo) (bool, map[string]*nettypes.NetworkSelectionElement, error)

GetPodNADToNetworkMappingWithActiveNetwork will call `GetPodNADToNetworkMapping` passing "nInfo" which correspond to the NetInfo representing the NAD, the resulting NetworkSelectingElements will be decorated with the ones from found active network

func GetPrimaryNetworkNADNamesForNamespaceFromNetInfo

func GetPrimaryNetworkNADNamesForNamespaceFromNetInfo(namespace string, netinfo NetInfo) ([]string, error)

func GetSecondaryHostNetworkContainingIP

func GetSecondaryHostNetworkContainingIP(node *v1.Node, ip net.IP) (string, error)

GetSecondaryHostNetworkContainingIP attempts to find a secondary host network to host the argument IP and includes only global unicast addresses.

func GetSecondaryNetworkIfaceId

func GetSecondaryNetworkIfaceId(podNamespace, podName, nadName string) string

func GetSecondaryNetworkLogicalPortName

func GetSecondaryNetworkLogicalPortName(podNamespace, podName, nadName string) string

func GetSecondaryNetworkPrefix

func GetSecondaryNetworkPrefix(netName string) string

GetSecondaryNetworkPrefix gets the string used as prefix of the logical entities of the secondary network of the given network name, in the form of <netName>_.

Note that for port_group and address_set, it does not allow the '-' character, which will be replaced with ".". Also replace "/" in the nadName with "."

func GetServiceEndpointSlices

func GetServiceEndpointSlices(namespace, svcName, network string, endpointSliceLister discoverylisters.EndpointSliceLister) ([]*discovery.EndpointSlice, error)

GetServiceEndpointSlices returns the endpointSlices associated with a service for the specified network if network is DefaultNetworkName the default endpointSlices are returned, otherwise the function looks for mirror endpointslices for the specified network.

func GetUplinkRepresentorName

func GetUplinkRepresentorName(deviceID string) (string, error)

GetUplinkRepresentorName returns uplink representor name for passed device ID. Supported devices are Virtual Function or Scalable Function

func GetUserDefinedNetworkRole

func GetUserDefinedNetworkRole(isPrimary bool) string

func GetWorkerFromGatewayRouter

func GetWorkerFromGatewayRouter(gr string) string

GetWorkerFromGatewayRouter determines a node's corresponding worker switch name from a gateway router name

func HWAddrToIPv6LLA

func HWAddrToIPv6LLA(hwaddr net.HardwareAddr) net.IP

HWAddrToIPv6LLA generates the IPv6 link local address from the given hwaddr, with prefix 'fe80:/64'.

func HasLocalHostNetworkEndpoints

func HasLocalHostNetworkEndpoints(localEndpointAddresses sets.Set[string], nodeAddresses []net.IP) bool

HasLocalHostNetworkEndpoints returns true if any of the nodeAddresses appear in given the set of localEndpointAddresses. This is useful to check whether any of the provided local endpoints are host-networked.

func HasNodeMigratedZone

func HasNodeMigratedZone(node *kapi.Node) bool

HasNodeMigratedZone returns true if node has its ovnNodeMigratedZoneName set already

func HashForOVN

func HashForOVN(s string) string

HashforOVN hashes the provided input to make it a valid addressSet or portGroup name.

func IPAddrToHWAddr

func IPAddrToHWAddr(ip net.IP) net.HardwareAddr

IPAddrToHWAddr takes the four octets of IPv4 address (aa.bb.cc.dd, for example) and uses them in creating a MAC address (0A:58:AA:BB:CC:DD). For IPv6, create a hash from the IPv6 string and use that for MAC Address. Assumption: the caller will ensure that an empty net.IP{} will NOT be passed.

func IPFamilyName

func IPFamilyName(isIPv6 bool) string

IPFamilyName returns IP Family string based on input flag.

func IPNetsIPToStringSlice

func IPNetsIPToStringSlice(ips []*net.IPNet) []string

func IPsToNetworkIPs

func IPsToNetworkIPs(ips ...*net.IPNet) []*net.IPNet

IPsToNetworkIPs returns the network CIDRs of the provided IP CIDRs

func IsAddressAddedByKeepAlived

func IsAddressAddedByKeepAlived(addr netlink.Addr) bool

IsAddressAddedByKeepAlived returns true if the input interface address obtained through netlink has a "vip" label which is how keepalived marks the IP addresses it adds (https://github.com/openshift/machine-config-operator/pull/4040) A previous implementation made the label end with ":vip", so for backwards compatibility "HasSuffix" is used.

func IsAddressReservedForInternalUse

func IsAddressReservedForInternalUse(addr net.IP) bool

func IsAnnotationAlreadySetError

func IsAnnotationAlreadySetError(err error) bool

IsAnnotationAlreadySetError returns true if the error indicates that an annotation is already set

func IsAnnotationNotSetError

func IsAnnotationNotSetError(err error) bool

IsAnnotationNotSetError returns true if the error indicates that an annotation is not set

func IsAuxDeviceName

func IsAuxDeviceName(deviceID string) bool

IsAuxDeviceName check if passed device id is a Auxiliary device name

func IsClusterIP

func IsClusterIP(svcVIP string) bool

IsClusterIP checks if the provided IP is a clusterIP

func IsClusterIPSet

func IsClusterIPSet(service *kapi.Service) bool

IsClusterIPSet checks if the service is an headless service or not

func IsContainedInAnyCIDR

func IsContainedInAnyCIDR(ipnet *net.IPNet, ipnets ...*net.IPNet) bool

IsContainedInAnyCIDR returns true if ipnet is contained in any of ipnets

func IsDNSNameResolverEnabled

func IsDNSNameResolverEnabled() bool

IsDNSNameResolverEnabled retuns true if both EgressFirewall and DNSNameResolver are enabled.

func IsDefaultEndpointSlice

func IsDefaultEndpointSlice(endpointSlice *discoveryv1.EndpointSlice) bool

IsDefaultEndpointSlice checks if the provided EndpointSlice is meant for the default network

func IsDeprecatedAddr

func IsDeprecatedAddr(link netlink.Link, address *net.IPNet) (bool, error)

IsDeprecatedAddr returns true if the address is deprecated. An address is deprecated when preferred lifetime is zero.

func IsEgressIPMarkSet

func IsEgressIPMarkSet(annotations map[string]string) bool

func IsEgressIPMarkValid

func IsEgressIPMarkValid(mark int) bool

func IsEndpointReady

func IsEndpointReady(endpoint discovery.Endpoint) bool

IsEndpointReady takes as input an endpoint from an endpoint slice and returns true if the endpoint is to be considered ready. Considering as ready an endpoint with Conditions.Ready==nil as per doc: "In most cases consumers should interpret this unknown state as ready" https://github.com/kubernetes/api/blob/0478a3e95231398d8b380dc2a1905972be8ae1d5/discovery/v1/types.go#L129-L131

func IsEndpointServing

func IsEndpointServing(endpoint discovery.Endpoint) bool

IsEndpointServing takes as input an endpoint from an endpoint slice and returns true if the endpoint is to be considered serving. Falling back to IsEndpointReady when Serving field is nil, as per doc: "If nil, consumers should defer to the ready condition. https://github.com/kubernetes/api/blob/0478a3e95231398d8b380dc2a1905972be8ae1d5/discovery/v1/types.go#L138-L139

func IsEndpointSliceForNetwork

func IsEndpointSliceForNetwork(endpointSlice *discoveryv1.EndpointSlice, network NetInfo) bool

IsEndpointSliceForNetwork checks if the provided EndpointSlice is meant for the given network if types.LabelUserDefinedEndpointSliceNetwork is set it compares it to the network name, otherwise it returns true if the network is the default

func IsEndpointTerminating

func IsEndpointTerminating(endpoint discovery.Endpoint) bool

func IsHostEndpoint

func IsHostEndpoint(endpointIPstr string) bool

isHostEndpoint determines if the given endpoint ip belongs to a host networked pod

func IsIPNetEqual

func IsIPNetEqual(ipn1 *net.IPNet, ipn2 *net.IPNet) bool

IsIPNetEqual returns true if both IPNet are equal

func IsItemInSlice

func IsItemInSlice[T comparable](slice []T, candidate T) bool

IsItemInSlice checks if candidate is equal to at least one entry in slice

func IsLastUpdatedByManager

func IsLastUpdatedByManager(manager string, managedFields []metav1.ManagedFieldsEntry) bool

IsLastUpdatedByManager checks if an object was updated by the manager last, as indicated by a set of managed fields.

func IsMirrorEndpointSlice

func IsMirrorEndpointSlice(endpointSlice *discoveryv1.EndpointSlice) bool

IsMirrorEndpointSlice checks if the provided EndpointSlice is meant for the user defined network

func IsMultiNetworkPoliciesSupportEnabled

func IsMultiNetworkPoliciesSupportEnabled() bool

func IsNetworkSegmentationSupportEnabled

func IsNetworkSegmentationSupportEnabled() bool

func IsNilOrAnyNetwork

func IsNilOrAnyNetwork(ipNet *net.IPNet) bool

IsNilOrAnyNetwork checks if the argument network is nil or an any network for ipv4 or ipv6.

func IsNodeBridgeEgressIPsAnnotationSet

func IsNodeBridgeEgressIPsAnnotationSet(node *kapi.Node) bool

IsNodeBridgeEgressIPsAnnotationSet returns true if an annotation that tracks assignment of egress IPs to external bridge (breth0) is set

func IsNodeHybridOverlayIfAddr

func IsNodeHybridOverlayIfAddr(ip net.IP, subnets []*net.IPNet) bool

IsNodeHybridOverlayIfAddr returns whether the provided IP is a node hybrid overlay address on any of the provided subnets

func IsNodeSecondaryHostEgressIPsAnnotationSet

func IsNodeSecondaryHostEgressIPsAnnotationSet(node *kapi.Node) bool

IsNodeSecondaryHostEgressIPsAnnotationSet returns true if an annotation that tracks assigned of egress IPs to interfaces OVN doesn't manage is set

func IsOVNNetwork

func IsOVNNetwork(eIPConfig *ParsedNodeEgressIPConfiguration, ip net.IP) bool

IsOVNNetwork attempts to detect if the argument IP can be hosted by a network managed by OVN. Currently, this is only the primary OVN network

func IsOvsHwOffloadEnabled

func IsOvsHwOffloadEnabled() (bool, error)

IsOvsHwOffloadEnabled checks if OvS Hardware Offload is enabled.

func IsPCIDeviceName

func IsPCIDeviceName(deviceID string) bool

IsPCIDeviceName check if passed device id is a PCI device name

func IsPodNetworkAdvertisedAtNode

func IsPodNetworkAdvertisedAtNode(netInfo NetInfo, node string) bool

func IsRouteAdvertisementsEnabled

func IsRouteAdvertisementsEnabled() bool

func IsSecondaryHostNetworkContainingIP

func IsSecondaryHostNetworkContainingIP(node *v1.Node, ip net.IP) (bool, error)

IsSecondaryHostNetworkContainingIP attempts to find a secondary host network that will host the argument IP. If no network is found, false is returned

func IsUDNEnabledService

func IsUDNEnabledService(key string) bool

IsUDNEnabledService checks whether the provided namespaced name key is a UDN enabled service specified in config.Default.UDNAllowedDefaultServices

func IsUnprocessedActiveNetworkError

func IsUnprocessedActiveNetworkError(err error) bool

func IsValidPodAnnotation

func IsValidPodAnnotation(podAnnotation *PodAnnotation) bool

IsValidPodAnnotation tests whether the PodAnnotation is valid, currently true for any PodAnnotation with a MAC which is the only thing required to attach a pod.

func IsWildcard

func IsWildcard(dnsName string) bool

IsWildcard checks if the domain name is wildcard.

func JoinHostPortInt32

func JoinHostPortInt32(host string, port int32) string

JoinHostPortInt32 is like net.JoinHostPort(), but with an int32 for the port

func JoinIPNetIPs

func JoinIPNetIPs(ipnets []*net.IPNet, sep string) string

JoinIPNetIPs joins the string forms of an array of *net.IPNet, as with strings.Join, but does not include the IP mask.

func JoinIPNets

func JoinIPNets(ipnets []*net.IPNet, sep string) string

JoinIPNets joins the string forms of an array of *net.IPNet, as with strings.Join

func JoinIPs

func JoinIPs(ips []net.IP, sep string) string

JoinIPs joins the string forms of an array of net.IP, as with strings.Join

func LinkAddrAdd

func LinkAddrAdd(link netlink.Link, address *net.IPNet, flags, preferredLifetime, validLifetime int) error

LinkAddrAdd adds a new address. If both preferredLifetime & validLifetime, are zero, then they are not applied, but if either parameters are not zero, both are applied.

func LinkAddrDel

func LinkAddrDel(link netlink.Link, address *net.IPNet) error

LinkAddrDel removes an existing address from a link. Expects address is present otherwise, an error is returned.

func LinkAddrExist

func LinkAddrExist(link netlink.Link, address *net.IPNet) (bool, error)

LinkAddrExist returns true if the given address is present on the link

func LinkAddrFlush

func LinkAddrFlush(link netlink.Link) error

LinkAddrFlush flushes all the addresses on the given link, except IPv6 link-local addresses

func LinkAddrGetIPNet

func LinkAddrGetIPNet(link netlink.Link, ip net.IP) (*net.IPNet, error)

LinkAddrGetIPNet returns IPNet given the IP of an address present on given link

func LinkByName

func LinkByName(interfaceName string) (netlink.Link, error)

LinkByName returns the netlink device

func LinkDelete

func LinkDelete(interfaceName string) error

LinkDelete removes an interface

func LinkNeighAdd

func LinkNeighAdd(link netlink.Link, neighIP net.IP, neighMAC net.HardwareAddr) error

LinkNeighAdd adds MAC/IP bindings for the given link

func LinkNeighDel

func LinkNeighDel(link netlink.Link, neighIP net.IP) error

LinkNeighDel deletes an ip binding for a given link

func LinkNeighExists

func LinkNeighExists(link netlink.Link, neighIP net.IP, neighMAC net.HardwareAddr) (bool, error)

LinkNeighExists checks to see if the given MAC/IP bindings exists

func LinkNeighIPExists

func LinkNeighIPExists(link netlink.Link, neighIP net.IP) (bool, error)

LinkNeighIPExists checks to see if the IP exists in IP neighbour cache

func LinkRouteGetByDstAndGw

func LinkRouteGetByDstAndGw(link netlink.Link, gwIP net.IP, subnet *net.IPNet) (*netlink.Route, error)

LinkRouteGetByDstAndGw checks for existence of routes for the given subnet through gwIPStr

func LinkRouteGetFilteredRoute

func LinkRouteGetFilteredRoute(routeFilter *netlink.Route, filterMask uint64) (*netlink.Route, error)

LinkRouteGetFilteredRoute gets a route for the given route filter. returns nil if route is not found

func LinkRoutesAdd

func LinkRoutesAdd(link netlink.Link, gwIP net.IP, subnets []*net.IPNet, mtu int, src net.IP) error

LinkRoutesAdd adds a new route for given subnets through the gwIPstr

func LinkRoutesDel

func LinkRoutesDel(link netlink.Link, subnets []*net.IPNet) error

LinkRoutesDel deletes all the routes for the given subnets via the link if subnets is empty, then all routes will be removed for a link if any item in subnets is nil the default route will be removed

func LinkSetUp

func LinkSetUp(interfaceName string) (netlink.Link, error)

LinkSetUp returns the netlink device with its state marked up

func LoadBalancerServiceHasNodePortAllocation

func LoadBalancerServiceHasNodePortAllocation(service *kapi.Service) bool

func LowerCaseFQDN

func LowerCaseFQDN(dnsName string) string

LowerCaseFQDN convert the DNS name to lower case fully qualified domain name.

func MarshalPodAnnotation

func MarshalPodAnnotation(annotations map[string]string, podInfo *PodAnnotation, nadName string) (map[string]string, error)

MarshalPodAnnotation adds the pod's network details of the specified network to the corresponding pod annotation.

func MarshalPodDPUConnDetails

func MarshalPodDPUConnDetails(annotations map[string]string, dcd *DPUConnectionDetails, nadName string) (map[string]string, error)

MarshalPodDPUConnDetails adds the pod's connection details of the specified NAD to the corresponding pod annotation; if dcd is nil, delete the pod's connection details of the specified NAD

func MarshalPodDPUConnStatus

func MarshalPodDPUConnStatus(annotations map[string]string, scs *DPUConnectionStatus, nadName string) (map[string]string, error)

MarshalPodDPUConnStatus adds the pod's connection status of the specified NAD to the corresponding pod annotation. if scs is nil, delete the pod's connection status of the specified NAD

func MatchAllIPNetFamily

func MatchAllIPNetFamily(isIPv6 bool, ipnets []*net.IPNet) []*net.IPNet

MatchAllIPNetFamily loops through the array of *net.IPNet and returns a slice of ipnets with the same IP Family, based on input flag isIPv6.

func MatchAllIPNetsStringFamily

func MatchAllIPNetsStringFamily(isIPv6 bool, ipnets []string) []string

MatchAllCIDRStringFamily loops through the array of string and returns a slice of addresses in the same IP Family, based on input flag isIPv6.

func MatchAllIPStringFamily

func MatchAllIPStringFamily(isIPv6 bool, ipStrings []string) ([]string, error)

MatchAllIPStringFamily loops through the array of string and returns a slice of addresses in the same IP Family, based on input flag isIPv6.

func MatchFirstIPFamily

func MatchFirstIPFamily(isIPv6 bool, ips []net.IP) (net.IP, error)

MatchFirstIPFamily loops through the array of net.IP and returns the first entry in the list in the same IP Family, based on input flag isIPv6.

func MatchFirstIPNetFamily

func MatchFirstIPNetFamily(isIPv6 bool, ipnets []*net.IPNet) (*net.IPNet, error)

MatchFirstIPNetFamily loops through the array of ipnets and returns the first entry in the list in the same IP Family, based on input flag isIPv6.

func MatchIPFamily

func MatchIPFamily(isIPv6 bool, ips []net.IP) ([]net.IP, error)

MatchIPFamily loops through the array of net.IP and returns a slice of addresses in the same IP Family, based on input flag isIPv6.

func MatchIPStringFamily

func MatchIPStringFamily(isIPv6 bool, ipStrings []string) (string, error)

MatchIPStringFamily loops through the array of string and returns the first entry in the list in the same IP Family, based on input flag isIPv6.

func NewKubernetesClientset

func NewKubernetesClientset(conf *config.KubernetesConfig) (*kubernetes.Clientset, error)

NewKubernetesClientset creates a Kubernetes clientset from a KubernetesConfig

func NewNamespace

func NewNamespace(namespace string) *v1.Namespace

func NewObjectMeta

func NewObjectMeta(name, namespace string) metav1.ObjectMeta

func NewObjectMetaWithLabels

func NewObjectMetaWithLabels(name, namespace string, labels map[string]string) metav1.ObjectMeta

func NicToBridge

func NicToBridge(iface string) (string, error)

NicToBridge creates a OVS bridge for the 'iface' and also moves the IP address and routes of 'iface' to OVS bridge.

func NoHostSubnet

func NoHostSubnet(node *kapi.Node) bool

NoHostSubnet() compares the no-hostsubnet-nodes flag with node labels to see if the node is managing its own network.

func NodeChassisIDAnnotationChanged

func NodeChassisIDAnnotationChanged(oldNode, newNode *kapi.Node) bool

func NodeGatewayRouterLRPAddrsAnnotationChanged

func NodeGatewayRouterLRPAddrsAnnotationChanged(oldNode, newNode *corev1.Node) bool

func NodeHostCIDRsAnnotationChanged

func NodeHostCIDRsAnnotationChanged(oldNode, newNode *v1.Node) bool

func NodeIDAnnotationChanged

func NodeIDAnnotationChanged(oldNode, newNode *corev1.Node) bool

NodeIDAnnotationChanged returns true if the ovnNodeID in the corev1.Nodes doesn't match

func NodeL3GatewayAnnotationChanged

func NodeL3GatewayAnnotationChanged(oldNode, newNode *kapi.Node) bool

func NodeMigratedZoneAnnotationChanged

func NodeMigratedZoneAnnotationChanged(oldNode, newNode *corev1.Node) bool

NodeMigratedZoneAnnotationChanged returns true if the ovnNodeMigratedZoneName annotation changed for the node

func NodeNetworkIDAnnotationChanged

func NodeNetworkIDAnnotationChanged(oldNode, newNode *corev1.Node, netName string) bool

NodeNetworkIDAnnotationChanged returns true if the ovnNetworkIDs annotation in the corev1.Nodes doesn't match

func NodeSubnetAnnotationChanged

func NodeSubnetAnnotationChanged(oldNode, newNode *v1.Node) bool

func NodeTransitSwitchPortAddrAnnotationChanged

func NodeTransitSwitchPortAddrAnnotationChanged(oldNode, newNode *corev1.Node) bool

func NodeZoneAnnotationChanged

func NodeZoneAnnotationChanged(oldNode, newNode *corev1.Node) bool

NodeZoneAnnotationChanged returns true if the ovnNodeZoneName in the corev1.Nodes doesn't match

func ParseIPNets

func ParseIPNets(strs []string) ([]*net.IPNet, error)

ParseIPNets parses the provided string formatted CIDRs

func ParseNetConf

func ParseNetConf(netattachdef *nettypes.NetworkAttachmentDefinition) (*ovncnitypes.NetConf, error)

ParseNetConf parses config in NAD spec for secondary networks

func ParseNetworkIDAnnotation

func ParseNetworkIDAnnotation(node *kapi.Node, netName string) (int, error)

ParseNetworkIDAnnotation parses the 'ovnNetworkIDs' annotation for the specified network in 'netName' and returns the network id.

func ParseNodeBridgeEgressIPsAnnotation

func ParseNodeBridgeEgressIPsAnnotation(node *kapi.Node) ([]string, error)

ParseNodeBridgeEgressIPsAnnotation returns egress IPs assigned to the external bridge (breth0)

func ParseNodeChassisIDAnnotation

func ParseNodeChassisIDAnnotation(node *kapi.Node) (string, error)

ParseNodeChassisIDAnnotation returns the node's ovnNodeChassisID annotation

func ParseNodeGatewayMTUSupport

func ParseNodeGatewayMTUSupport(node *kapi.Node) bool

ParseNodeGatewayMTUSupport parses annotation "k8s.ovn.org/gateway-mtu-support". The default behavior should be true, therefore only an explicit string of "false" will make this function return false.

func ParseNodeGatewayRouterJoinAddrs

func ParseNodeGatewayRouterJoinAddrs(node *kapi.Node, netName string) ([]*net.IPNet, error)

ParseNodeGatewayRouterJoinAddrs returns the IPv4 and/or IPv6 addresses for the node's gateway router port stored in the 'OVNNodeGRLRPAddrs' annotation

func ParseNodeGatewayRouterJoinIPv4

func ParseNodeGatewayRouterJoinIPv4(node *kapi.Node, netName string) (net.IP, error)

ParseNodeGatewayRouterJoinIPv4 returns the IPv4 address for the node's gateway router port stored in the 'OVNNodeGRLRPAddrs' annotation

func ParseNodeGatewayRouterJoinIPv6

func ParseNodeGatewayRouterJoinIPv6(node *kapi.Node, netName string) (net.IP, error)

ParseNodeGatewayRouterJoinIPv6 returns the IPv6 address for the node's gateway router port stored in the 'OVNNodeGRLRPAddrs' annotation

func ParseNodeGatewayRouterJoinNetwork

func ParseNodeGatewayRouterJoinNetwork(node *kapi.Node, netName string) (primaryIfAddrAnnotation, error)

func ParseNodeGatewayRouterLRPAddr

func ParseNodeGatewayRouterLRPAddr(node *kapi.Node) (net.IP, error)

ParseNodeGatewayRouterLRPAddr returns the IPv4 / IPv6 values for the node's gateway router DEPRECATED; kept for backwards compatibility

func ParseNodeGatewayRouterLRPAddrs

func ParseNodeGatewayRouterLRPAddrs(node *kapi.Node) ([]*net.IPNet, error)

ParseNodeGatewayRouterLRPAddrs returns the IPv4 and/or IPv6 addresses for the node's gateway router port stored in the 'ovnNodeGRLRPAddr' annotation

func ParseNodeHostCIDRs

func ParseNodeHostCIDRs(node *kapi.Node) (sets.Set[string], error)

ParseNodeHostCIDRs returns the parsed host CIDRS living on a node

func ParseNodeHostCIDRsDropNetMask

func ParseNodeHostCIDRsDropNetMask(node *kapi.Node) (sets.Set[string], error)

ParseNodeHostCIDRsDropNetMask returns the parsed host IP addresses found on a node's host CIDR annotation. Removes the mask.

func ParseNodeHostCIDRsExcludeOVNNetworks

func ParseNodeHostCIDRsExcludeOVNNetworks(node *kapi.Node) ([]string, error)

func ParseNodeHostCIDRsList

func ParseNodeHostCIDRsList(node *kapi.Node) ([]string, error)

func ParseNodeHostIPDropNetMask

func ParseNodeHostIPDropNetMask(node *kapi.Node) (sets.Set[string], error)

ParseNodeHostIPDropNetMask returns the parsed host IP addresses found on a node's host CIDR annotation. Removes the mask.

func ParseNodeHostSubnetAnnotation

func ParseNodeHostSubnetAnnotation(node *kapi.Node, netName string) ([]*net.IPNet, error)

ParseNodeHostSubnetAnnotation parses the "k8s.ovn.org/node-subnets" annotation on a node and returns the host subnet for the given network.

func ParseNodeHostSubnetsAnnotation

func ParseNodeHostSubnetsAnnotation(node *kapi.Node) (map[string][]*net.IPNet, error)

ParseNodeHostSubnetsAnnotation parses parses the "k8s.ovn.org/node-subnets" annotation for all the networks

func ParseNodeManagementPortAnnotation

func ParseNodeManagementPortAnnotation(node *kapi.Node) (int, int, error)

ParseNodeManagementPortAnnotation returns the parsed host addresses living on a node

func ParseNodeManagementPortMACAddresses

func ParseNodeManagementPortMACAddresses(node *kapi.Node, netName string) (net.HardwareAddr, error)

ParseNodeManagementPortMACAddresses parses the 'OvnNodeManagementPortMacAddresses' annotation for the specified network in 'netName' and returns the mac address.

func ParseNodeMasqueradeSubnet

func ParseNodeMasqueradeSubnet(node *kapi.Node) ([]*net.IPNet, error)

ParseNodeMasqueradeSubnet returns the IPv4 and/or IPv6 networks for the node's gateway router port stored in the 'OvnNodeMasqCIDR' annotation

func ParseNodeSecondaryHostEgressIPsAnnotation

func ParseNodeSecondaryHostEgressIPsAnnotation(node *kapi.Node) (sets.Set[string], error)

ParseNodeSecondaryHostEgressIPsAnnotation returns secondary host egress IPs addresses for a node

func ParseNodeTransitSwitchPortAddrs

func ParseNodeTransitSwitchPortAddrs(node *kapi.Node) ([]*net.IPNet, error)

ParseNodeTransitSwitchPortAddrs returns the IPv4 and/or IPv6 addresses for the node's transit switch port stored in the 'ovnTransitSwitchPortAddr' annotation

func ParseNodesHostSubnetAnnotation

func ParseNodesHostSubnetAnnotation(nodes []*kapi.Node, netName string) ([]*net.IPNet, error)

ParseNodesHostSubnetAnnotation parses parses the "k8s.ovn.org/node-subnets" annotation for all the provided nodes

func ParseRoutingExternalGWAnnotation

func ParseRoutingExternalGWAnnotation(annotation string) (sets.Set[string], error)

func ParseUDNLayer2NodeGRLRPTunnelIDs

func ParseUDNLayer2NodeGRLRPTunnelIDs(node *kapi.Node, netName string) (int, error)

ParseUDNLayer2NodeGRLRPTunnelIDs parses the 'ovnUDNLayer2NodeGRLRPTunnelIDs' annotation for the specified network in 'netName' and returns the tunnelID.

func PlatformTypeIsEgressIPCloudProvider

func PlatformTypeIsEgressIPCloudProvider() bool

func PodCompleted

func PodCompleted(pod *kapi.Pod) bool

PodCompleted checks if the pod is marked as completed (in a terminal state)

func PodNadNames

func PodNadNames(pod *v1.Pod, netinfo NetInfo) ([]string, error)

PodNadNames returns pod's NAD names associated with given network specified by netconf. If netinfo belongs to user defined primary network, then retrieve NAD names from netinfo.GetNADs() which is serving pod's namespace. For all other cases, retrieve NAD names for the pod based on NetworkSelectionElement.

func PodNeedsSNAT

func PodNeedsSNAT(pod *kapi.Pod) bool

PodNeedsSNAT returns true if the given pod is eligible to setup snat entry in ovn for its egress traffic outside cluster, otherwise returns false.

func PodRunning

func PodRunning(pod *kapi.Pod) bool

PodRunning checks if the pod is in running state or not

func PodScheduled

func PodScheduled(pod *kapi.Pod) bool

PodScheduled returns if the given pod is scheduled

func PodTerminating

func PodTerminating(pod *kapi.Pod) bool

PodTerminating checks if the pod has been deleted via API but still in the process of terminating

func PodWantsHostNetwork

func PodWantsHostNetwork(pod *kapi.Pod) bool

PodWantsHostNetwork returns if the given pod is hostNetworked or not to determine if networking needs to be setup

func PrepareTestConfig

func PrepareTestConfig()

PrepareTestConfig restores default config values. Used by testcases to provide a pristine environment between tests.

func ReconcileNetInfo

func ReconcileNetInfo(to ReconcilableNetInfo, from NetInfo) error

ReconcileNetInfo reconciles the dynamic network configuration

func RemoveIndexFromSliceUnstable

func RemoveIndexFromSliceUnstable[T comparable](slice []T, i int) []T

RemoveIndexFromSliceUnstable attempts to remove slice index specified by parameter i. Slice order is not preserved.

func RemoveItemFromSliceUnstable

func RemoveItemFromSliceUnstable[T comparable](slice []T, candidate T) []T

RemoveItemFromSliceUnstable attempts to remove an item from a slice specified by parameter candidate. Slice order is not preserved.

func ReplaceOFFlows

func ReplaceOFFlows(bridgeName string, flows []string) (string, string, error)

ReplaceOFFlows replaces flows in the bridge with a slice of flows

func ResetNetLinkOpMockInst

func ResetNetLinkOpMockInst()

ResetNetLinkOpMockInst resets the mock instance for netlink to the defaultNetLinkOps

func ResetRunner

func ResetRunner()

ResetRunner used by unit-tests to reset runner to its initial (un-initialized) value

func RunIP

func RunIP(args ...string) (string, string, error)

RunIP runs a command via the iproute2 "ip" utility

func RunNetsh

func RunNetsh(args ...string) (string, string, error)

RunNetsh runs a command via the Windows netsh utility

func RunOVNAppctlWithTimeout

func RunOVNAppctlWithTimeout(timeout int, args ...string) (string, string, error)

RunOVNAppctlWithTimeout runs a command via ovn-appctl. If ovn-appctl is not present, then it falls back to using ovs-appctl.

func RunOVNControllerAppCtl

func RunOVNControllerAppCtl(args ...string) (string, string, error)

RunOVNControllerAppCtl runs an 'ovs-appctl -t ovn-controller.pid.ctl command'.

func RunOVNNBAppCtl

func RunOVNNBAppCtl(args ...string) (string, string, error)

RunOVNNBAppCtl runs an 'ovn-appctl -t nbdbCtlFileName command'.

func RunOVNNBAppCtlWithTimeout

func RunOVNNBAppCtlWithTimeout(timeout int, args ...string) (string, string, error)

RunOVNNBAppCtlWithTimeout runs an ovn-appctl command with a timeout to nbdb

func RunOVNNbctl

func RunOVNNbctl(args ...string) (string, string, error)

RunOVNNbctl runs a command via ovn-nbctl. FIXME: Remove when https://github.com/ovn-org/libovsdb/issues/235 is fixed

func RunOVNNbctlRawOutput

func RunOVNNbctlRawOutput(timeout int, args ...string) (string, string, error)

RunOVNNbctlRawOutput returns the output with no trimming or other string manipulation FIXME: Remove when https://github.com/ovn-org/libovsdb/issues/235 is fixed

func RunOVNNbctlWithTimeout

func RunOVNNbctlWithTimeout(timeout int, args ...string) (string, string, error)

RunOVNNbctlWithTimeout runs command via ovn-nbctl with a specific timeout FIXME: Remove when https://github.com/ovn-org/libovsdb/issues/235 is fixed

func RunOVNNorthAppCtl

func RunOVNNorthAppCtl(args ...string) (string, string, error)

RunOVNNorthAppCtl runs an 'ovs-appctl -t ovn-northd command'. TODO: Currently no module is invoking this function, will need to consider adding an unit test when actively used

func RunOVNSBAppCtl

func RunOVNSBAppCtl(args ...string) (string, string, error)

RunOVNSBAppCtl runs an 'ovn-appctl -t sbdbCtlFileName command'.

func RunOVNSBAppCtlWithTimeout

func RunOVNSBAppCtlWithTimeout(timeout int, args ...string) (string, string, error)

RunOVNSBAppCtlWithTimeout runs an ovn-appctl command with a timeout to sbdb

func RunOVNSbctl

func RunOVNSbctl(args ...string) (string, string, error)

RunOVNSbctl runs a command via ovn-sbctl. FIXME: Remove when https://github.com/ovn-org/libovsdb/issues/235 is fixed

func RunOVNSbctlWithTimeout

func RunOVNSbctlWithTimeout(timeout int, args ...string) (string, string,
	error)

RunOVNSbctlWithTimeout runs command via ovn-sbctl with a specific timeout FIXME: Remove when https://github.com/ovn-org/libovsdb/issues/235 is fixed

func RunOVSAppctl

func RunOVSAppctl(args ...string) (string, string, error)

RunOVSAppctl runs a command via ovs-appctl.

func RunOVSAppctlWithTimeout

func RunOVSAppctlWithTimeout(timeout int, args ...string) (string, string, error)

RunOVSAppctlWithTimeout runs a command via ovs-appctl.

func RunOVSDBClient

func RunOVSDBClient(args ...string) (string, string, error)

RunOVSDBClient runs an 'ovsdb-client [OPTIONS] COMMAND [ARG...] command'.

func RunOVSDBClientOVNNB

func RunOVSDBClientOVNNB(command string, args ...string) (string, string, error)

RunOVSDBClientOVN runs an 'ovsdb-client [OPTIONS] COMMAND [SERVER] [ARG...] command' against OVN NB database.

func RunOVSDBTool

func RunOVSDBTool(args ...string) (string, string, error)

RunOVSDBTool runs an 'ovsdb-tool [OPTIONS] COMMAND [ARG...] command'.

func RunOVSOfctl

func RunOVSOfctl(args ...string) (string, string, error)

RunOVSOfctl runs a command via ovs-ofctl.

func RunOVSVsctl

func RunOVSVsctl(args ...string) (string, string, error)

RunOVSVsctl runs a command via ovs-vsctl.

func RunOvsVswitchdAppCtl

func RunOvsVswitchdAppCtl(args ...string) (string, string, error)

RunOvsVswitchdAppCtl runs an 'ovs-appctl -t /var/run/openvsiwthc/ovs-vswitchd.pid.ctl command'

func RunPowershell

func RunPowershell(args ...string) (string, string, error)

RunPowershell runs a command via the Windows powershell utility

func RunRoute

func RunRoute(args ...string) (string, string, error)

RunRoute runs a command via the Windows route utility

func RunSysctl

func RunSysctl(args ...string) (string, string, error)

RunSysctl runs a command via the procps "sysctl" utility

func SecondaryNetworkPodIPs

func SecondaryNetworkPodIPs(pod *v1.Pod, networkInfo NetInfo) ([]net.IP, error)

func ServiceExternalTrafficPolicyLocal

func ServiceExternalTrafficPolicyLocal(service *kapi.Service) bool

func ServiceFromEndpointSlice

func ServiceFromEndpointSlice(eps *discovery.EndpointSlice, netInfo NetInfo) (*k8stypes.NamespacedName, error)

ServiceFromEndpointSlice returns the namespaced name of the service that corresponds to the given endpointSlice in the given network. If the service label is missing the returned namespaced name and the error are nil.

func ServiceInternalTrafficPolicyLocal

func ServiceInternalTrafficPolicyLocal(service *kapi.Service) bool

func ServiceNamespacedNameFromEndpointSlice

func ServiceNamespacedNameFromEndpointSlice(endpointSlice *discovery.EndpointSlice) (k8stypes.NamespacedName, error)

ServiceNamespacedNameFromEndpointSlice returns the namespaced name of the service that corresponds to the given endpointSlice

func ServiceTypeHasClusterIP

func ServiceTypeHasClusterIP(service *kapi.Service) bool

ServiceTypeHasClusterIP checks if the service has an associated ClusterIP or not

func ServiceTypeHasLoadBalancer

func ServiceTypeHasLoadBalancer(service *kapi.Service) bool

ServiceTypeHasLoadBalancer checks if the service has an associated LoadBalancer or not

func ServiceTypeHasNodePort

func ServiceTypeHasNodePort(service *kapi.Service) bool

ServiceTypeHasNodePort checks if the service has an associated NodePort or not

func SetDNSLibOpsMockInst

func SetDNSLibOpsMockInst(mockInst DNSOps)

func SetExec

func SetExec(exec kexec.Interface) error

SetExec validates executable paths and saves the given exec interface to be used for running various OVS and OVN utilites

func SetExecWithoutOVS

func SetExecWithoutOVS(exec kexec.Interface) error

SetExecWithoutOVS validates executable paths excluding OVS/OVN binaries and saves the given exec interface to be used for running various utilites

func SetFakeIPTablesHelpers

func SetFakeIPTablesHelpers() (IPTablesHelper, IPTablesHelper)

SetFakeIPTablesHelpers populates `helpers` with FakeIPTablesHelper that can be used in unit tests

func SetFileSystemOps

func SetFileSystemOps(mockInst FileSystemOps)

func SetGatewayMTUSupport

func SetGatewayMTUSupport(nodeAnnotator kube.Annotator, set bool) error

SetGatewayMTUSupport sets annotation "k8s.ovn.org/gateway-mtu-support" to "false" or removes the annotation from this node.

func SetIPTablesHelper

func SetIPTablesHelper(proto iptables.Protocol, ipt IPTablesHelper)

SetIPTablesHelper sets the IPTablesHelper to be used

func SetL3GatewayConfig

func SetL3GatewayConfig(nodeAnnotator kube.Annotator, cfg *L3GatewayConfig) error

func SetNetLinkOpMockInst

func SetNetLinkOpMockInst(mockInst NetLinkOps)

SetNetLinkOpMockInst method would be used by unit tests in other packages

func SetNodeHostCIDRs

func SetNodeHostCIDRs(nodeAnnotator kube.Annotator, cidrs sets.Set[string]) error

func SetNodeHostSubnetAnnotation

func SetNodeHostSubnetAnnotation(nodeAnnotator kube.Annotator, defaultSubnets []*net.IPNet) error

SetNodeHostSubnetAnnotation sets a "k8s.ovn.org/node-subnets" annotation using a kube.Annotator

func SetNodeManagementPortAnnotation

func SetNodeManagementPortAnnotation(nodeAnnotator kube.Annotator, PfId int, FuncId int) error

func SetNodePrimaryIfAddrs

func SetNodePrimaryIfAddrs(nodeAnnotator kube.Annotator, ifAddrs []*net.IPNet) (err error)

SetNodePrimaryIfAddr sets the IPv4 / IPv6 values of the node's primary network interface

func SetNodeZone

func SetNodeZone(nodeAnnotator kube.Annotator, zoneName string) error

SetNodeZone sets the node's zone in the 'ovnNodeZoneName' node annotation.

func SetNodeZoneMigrated

func SetNodeZoneMigrated(nodeAnnotator kube.Annotator, zoneName string) error

* HACK BEGIN * TODO(tssurya): Remove this a few months from now SetNodeZoneMigrated sets the node's zone in the 'ovnNodeMigratedZoneName' node annotation.

func SetSpecificExec

func SetSpecificExec(exec kexec.Interface, commands ...string) error

SetSpecificExec validates executable paths for selected commands. It also saves the given exec interface to be used for running selected commands

func SetSriovnetOpsInst

func SetSriovnetOpsInst(mockInst SriovnetOps)

SetSriovnetOpsInst method would be used by unit tests in other packages

func SetVFHardwreAddress

func SetVFHardwreAddress(deviceID string, mac net.HardwareAddr) error

SetVFHardwreAddress sets mac address for a VF interface

func SetVdpaOpsInst

func SetVdpaOpsInst(mockInst VdpaOps)

SetVdpaOpsInst method should be used by unit tests in

func SliceHasStringItem

func SliceHasStringItem(slice []string, item string) bool

func SortedKeys

func SortedKeys[K constraints.Ordered, V any](m map[K]V) []K

func SplitHostPortInt32

func SplitHostPortInt32(vip string) (string, int32, error)

SplitHostPortInt32 splits a vip into its host and port counterparts

func StartNodeCertificateManager

func StartNodeCertificateManager(ctx context.Context, wg *sync.WaitGroup, nodeName string, conf *config.KubernetesConfig) error

StartNodeCertificateManager manages the creation and rotation of the node-specific client certificate. When there is no existing certificate, it will use the BootstrapKubeconfig kubeconfig to create a CSR and it will wait for the certificate before returning.

func StringArg

func StringArg(context *cli.Context, name string) (string, error)

StringArg gets the named command-line argument or returns an error if it is empty

func StringSlice

func StringSlice[T fmt.Stringer](items []T) []string

StringSlice converts to a slice of the string representation of the input items

func SyncAddresses

func SyncAddresses(link netlink.Link, addresses []*net.IPNet) error

SyncAddresses ensures the link has the provided addresses only Ignores IPv6 LLA addresses should all be of the same family

func SyncConntrackForExternalGateways

func SyncConntrackForExternalGateways(gwIPsToKeep sets.Set[string], isPodInLocalZone func(pod *kapi.Pod) (bool, error),
	podsGetter func() ([]*kapi.Pod, error)) error

SyncConntrackForExternalGateways removes stale conntrack entries for pods returned by podsGetter. To do so, it resolves all given gwIPsToKeep MAC addresses that are used as labels by ecmp conntrack flows. Conntrack flows with MAC labels that do not belong to any of gwIPsToKeep are removed.

func UnmarshalPodAnnotationAllNetworks

func UnmarshalPodAnnotationAllNetworks(annotations map[string]string) (map[string]podAnnotation, error)

func UnmarshalPodDPUConnDetailsAllNetworks

func UnmarshalPodDPUConnDetailsAllNetworks(annotations map[string]string) (map[string]DPUConnectionDetails, error)

UnmarshalPodDPUConnDetailsAllNetworks returns the DPUConnectionDetails map of all networks from the given Pod annotation

func UnmarshalPodDPUConnStatusAllNetworks

func UnmarshalPodDPUConnStatusAllNetworks(annotations map[string]string) (map[string]DPUConnectionStatus, error)

UnmarshalPodDPUConnStatusAllNetworks returns the DPUConnectionStatus map of all networks from the given Pod annotation

func UpdateExternalGatewayPodIPsAnnotation

func UpdateExternalGatewayPodIPsAnnotation(k kube.Interface, namespace string, exgwIPs []string) error

func UpdateIPsSlice

func UpdateIPsSlice(s, oldIPs, newIPs []string) ([]string, bool)

UpdateIPsSlice will search for values of oldIPs in the slice "s" and update it with newIPs values of same IP family

func UpdateManagementPortMACAddressesAnnotation

func UpdateManagementPortMACAddressesAnnotation(annotations map[string]string, netName string, macAddress net.HardwareAddr) (map[string]string, error)

UpdateManagementPortMACAddressesAnnotation updates the OvnNodeManagementPortMacAddresses annotation for the network name 'netName' with the provided MAC Address

func UpdateNetworkIDAnnotation

func UpdateNetworkIDAnnotation(annotations map[string]string, netName string, networkID int) (map[string]string, error)

UpdateNetworkIDAnnotation updates the ovnNetworkIDs annotation for the network name 'netName' with the network id 'networkID'. If 'networkID' is invalid network ID (-1), then it deletes that network from the network ids annotation.

func UpdateNodeGatewayRouterLRPAddrsAnnotation

func UpdateNodeGatewayRouterLRPAddrsAnnotation(annotations map[string]string, joinSubnets []*net.IPNet, netName string) (map[string]string, error)

UpdateNodeGatewayRouterLRPAddrsAnnotation updates a "k8s.ovn.org/node-gateway-router-lrp-ifaddrs" annotation for network "netName", with the specified network, suitable for passing to kube.SetAnnotationsOnNode. If joinSubnets is empty, it deletes the "k8s.ovn.org/node-gateway-router-lrp-ifaddrs" annotation for network "netName"

func UpdateNodeHostSubnetAnnotation

func UpdateNodeHostSubnetAnnotation(annotations map[string]string, hostSubnets []*net.IPNet, netName string) (map[string]string, error)

UpdateNodeHostSubnetAnnotation updates a "k8s.ovn.org/node-subnets" annotation for network "netName", with the specified network, suitable for passing to kube.SetAnnotationsOnNode. If hostSubnets is empty, it deleted the "k8s.ovn.org/node-subnets" annotation for network "netName"

func UpdateNodeIDAnnotation

func UpdateNodeIDAnnotation(annotations map[string]interface{}, nodeID int) map[string]interface{}

UpdateNodeIDAnnotation updates the ovnNodeID annotation with the node id in the annotations map and returns it.

func UpdateNodeManagementPortMACAddresses

func UpdateNodeManagementPortMACAddresses(node *kapi.Node, nodeAnnotator kube.Annotator, macAddress net.HardwareAddr, netName string) error

UpdateNodeManagementPortMACAddresses used only from unit tests

func UpdateNodeManagementPortMACAddressesWithRetry

func UpdateNodeManagementPortMACAddressesWithRetry(node *kapi.Node, nodeLister listers.NodeLister, kubeInterface kube.Interface, macAddress net.HardwareAddr, netName string) error

UpdateNodeManagementPortMACAddressesWithRetry will update the node's mac address annotation for the provided netName, macAddress values Retry if it fails because of potential conflict which is transient. This function is called from both default network's controller and user defined network's controller as it attempts to add mac addresses of management ports belonging to different networks. Return error in the case of other errors (say temporary API server down), and it will be taken care of by the retry mechanism.

func UpdatePodAnnotationWithRetry

func UpdatePodAnnotationWithRetry(podLister listers.PodLister, kube kube.Interface, pod *v1.Pod, podAnnotation *PodAnnotation, nadName string) error

UpdatePodAnnotationWithRetry updates the pod annotation on the pod retrying on conflict

func UpdatePodDPUConnDetailsWithRetry

func UpdatePodDPUConnDetailsWithRetry(podLister listers.PodLister, kube kube.Interface, pod *v1.Pod, dpuConnDetails *DPUConnectionDetails, nadName string) error

UpdatePodDPUConnDetailsWithRetry updates the DPU connection details annotation on the pod retrying on conflict

func UpdatePodDPUConnStatusWithRetry

func UpdatePodDPUConnStatusWithRetry(podLister listers.PodLister, kube kube.Interface, pod *v1.Pod, dpuConnStatus *DPUConnectionStatus, nadName string) error

UpdatePodDPUConnStatusWithRetry updates the DPU connection status annotation on the pod retrying on conflict

func UpdatePodWithRetryOrRollback

func UpdatePodWithRetryOrRollback(podLister listers.PodLister, kube kube.Interface, pod *v1.Pod, allocate AllocateToPodWithRollbackFunc) error

UpdatePodWithRetryOrRollback updates the pod with the result of the allocate function. If the pod update fails, it applies the rollback provided by the allocate function.

func UpdateUDNLayer2NodeGRLRPTunnelIDs

func UpdateUDNLayer2NodeGRLRPTunnelIDs(annotations map[string]string, netName string, tunnelID int) (map[string]string, error)

UpdateUDNLayer2NodeGRLRPTunnelIDs updates the ovnUDNLayer2NodeGRLRPTunnelIDs annotation for the network name 'netName' with the tunnel id 'tunnelID'. If 'tunnelID' is invalid tunnel ID (-1), then it deletes that network from the tunnel ids annotation.

func ValidateAndGetEgressFirewallDestination

func ValidateAndGetEgressFirewallDestination(egressFirewallDestination egressfirewallapi.EgressFirewallDestination) (
	cidrSelector string,
	dnsName string,
	clusterSubnetIntersection bool,
	nodeSelector *metav1.LabelSelector,
	err error)

ValidateAndGetEgressFirewallDestination validates an egress firewall rule destination and returns the parsed contents of the destination.

func ValidateNetConf

func ValidateNetConf(nadName string, netconf *ovncnitypes.NetConf) error

func ValidatePort

func ValidatePort(proto kapi.Protocol, port int32) error

ValidatePort checks if the port is non-zero and port protocol is valid

func ValidateProtocol

func ValidateProtocol(proto kapi.Protocol) error

ValidateProtocol checks if the protocol is a valid kapi.Protocol type (TCP, UDP, or SCTP) or returns an error

func WaitForHandlerSyncWithTimeout

func WaitForHandlerSyncWithTimeout(controllerName string, stopCh <-chan struct{}, timeout time.Duration, handlerSyncs ...cache.InformerSynced) bool

WaitForHandlerSyncWithTimeout waits for the provided handlers to do a sync on all existing objects for the resource types they're watching. This corresponds to adding all existing objects. If that doesn't happen before the provided timeout, WaitForInformerCacheSyncWithTimeout times out and returns false.

func WaitForInformerCacheSyncWithTimeout

func WaitForInformerCacheSyncWithTimeout(controllerName string, stopCh <-chan struct{}, cacheSyncs ...cache.InformerSynced) bool

WaitForInformerCacheSyncWithTimeout waits for the provided informer caches to be populated with all existing objects by their respective informer. This corresponds to a LIST operation on the corresponding resource types. WaitForInformerCacheSyncWithTimeout times out and returns false if the provided caches haven't all synchronized within types.InformerSyncTimeout

Types

type AllocateToPodWithRollbackFunc

type AllocateToPodWithRollbackFunc func(pod *v1.Pod) (*v1.Pod, func(), error)

AllocateToPodWithRollbackFunc is a function used to allocate a resource to a pod that depends on the current state of the pod, and possibly updating it. To be used with UpdatePodWithAllocationOrRollback. Implementations can return a nil pod if no update is warranted. Implementations can also return a rollback function that will be invoked if the pod update fails.

type CancelableContext

type CancelableContext struct {
	// contains filtered or unexported fields
}

CancelableContext utility wraps a context that can be canceled

func NewCancelableContext

func NewCancelableContext() CancelableContext

func NewCancelableContextChild

func NewCancelableContextChild(ctx CancelableContext) CancelableContext

func (*CancelableContext) Cancel

func (ctx *CancelableContext) Cancel()

Cancel this context

func (*CancelableContext) Done

func (ctx *CancelableContext) Done() <-chan struct{}

Done returns a channel that is closed when this or any parent context is canceled

type Capacity

type Capacity struct {
	IPv4 int `json:"ipv4,omitempty"`
	IPv6 int `json:"ipv6,omitempty"`
	IP   int `json:"ip,omitempty"`
}

type DNS

type DNS struct {
	// contains filtered or unexported fields
}

func NewDNS

func NewDNS(resolverConfigFile string) (*DNS, error)

func (*DNS) Add

func (d *DNS) Add(dns string) error

func (*DNS) Delete

func (d *DNS) Delete(dns string)

func (*DNS) GetIPs

func (d *DNS) GetIPs(dns string) []net.IP

func (*DNS) GetNextQueryTime

func (d *DNS) GetNextQueryTime() (time.Time, string, bool)

func (*DNS) Size

func (d *DNS) Size() int

func (*DNS) Update

func (d *DNS) Update(dnsName string) (bool, error)

type DNSOps

type DNSOps interface {
	ClientConfigFromFile(resolvconf string) (*dns.ClientConfig, error)
	Fqdn(s string) string
	Exchange(c *dns.Client, m *dns.Msg, a string) (r *dns.Msg, rtt time.Duration, err error)
	SetQuestion(msg *dns.Msg, z string, t uint16) *dns.Msg
}

func GetDNSLibOps

func GetDNSLibOps() DNSOps

type DPUConnectionDetails

type DPUConnectionDetails struct {
	PfId         string `json:"pfId"`
	VfId         string `json:"vfId"`
	SandboxId    string `json:"sandboxId"`
	VfNetdevName string `json:"vfNetdevName,omitempty"`
}

func UnmarshalPodDPUConnDetails

func UnmarshalPodDPUConnDetails(annotations map[string]string, nadName string) (*DPUConnectionDetails, error)

UnmarshalPodDPUConnDetails returns dpu connection details for the specified NAD

type DPUConnectionStatus

type DPUConnectionStatus struct {
	Status string `json:"Status"`
	Reason string `json:"Reason,omitempty"`
}

func UnmarshalPodDPUConnStatus

func UnmarshalPodDPUConnStatus(annotations map[string]string, nadName string) (*DPUConnectionStatus, error)

UnmarshalPodDPUConnStatus returns DPU connection status for the specified NAD

type DefaultNetInfo

type DefaultNetInfo struct {
	// contains filtered or unexported fields
}

DefaultNetInfo is the default network information

func (*DefaultNetInfo) AddNADs

func (nInfo *DefaultNetInfo) AddNADs(nadNames ...string)

AddNADs adds the specified NAD

func (*DefaultNetInfo) AllowsPersistentIPs

func (nInfo *DefaultNetInfo) AllowsPersistentIPs() bool

AllowsPersistentIPs returns the defaultNetConfInfo's AllowPersistentIPs value

func (*DefaultNetInfo) DeleteNADs

func (nInfo *DefaultNetInfo) DeleteNADs(nadNames ...string)

DeleteNADs deletes the specified NAD

func (*DefaultNetInfo) ExcludeSubnets

func (nInfo *DefaultNetInfo) ExcludeSubnets() []*net.IPNet

ExcludeSubnets returns the defaultNetConfInfo's ExcludeSubnets value

func (*DefaultNetInfo) GetEgressIPAdvertisedNodes

func (nInfo *DefaultNetInfo) GetEgressIPAdvertisedNodes() []string

func (*DefaultNetInfo) GetEgressIPAdvertisedOnNodeVRFs

func (nInfo *DefaultNetInfo) GetEgressIPAdvertisedOnNodeVRFs(node string) []string

func (*DefaultNetInfo) GetEgressIPAdvertisedVRFs

func (nInfo *DefaultNetInfo) GetEgressIPAdvertisedVRFs() map[string][]string

func (*DefaultNetInfo) GetNADs

func (nInfo *DefaultNetInfo) GetNADs() []string

GetNADs returns all the NADs associated with this network

func (*DefaultNetInfo) GetNamespaces

func (nInfo *DefaultNetInfo) GetNamespaces() []string

func (*DefaultNetInfo) GetNetInfo

func (nInfo *DefaultNetInfo) GetNetInfo() NetInfo

func (*DefaultNetInfo) GetNetworkID

func (nInfo *DefaultNetInfo) GetNetworkID() int

func (*DefaultNetInfo) GetNetworkName

func (nInfo *DefaultNetInfo) GetNetworkName() string

GetNetworkName returns the network name

func (*DefaultNetInfo) GetNetworkScopedClusterRouterName

func (nInfo *DefaultNetInfo) GetNetworkScopedClusterRouterName() string

func (*DefaultNetInfo) GetNetworkScopedClusterSubnetSNATMatch

func (nInfo *DefaultNetInfo) GetNetworkScopedClusterSubnetSNATMatch(nodeName string) string

func (*DefaultNetInfo) GetNetworkScopedExtPortName

func (nInfo *DefaultNetInfo) GetNetworkScopedExtPortName(bridgeID, nodeName string) string

func (*DefaultNetInfo) GetNetworkScopedExtSwitchName

func (nInfo *DefaultNetInfo) GetNetworkScopedExtSwitchName(nodeName string) string

func (*DefaultNetInfo) GetNetworkScopedGWRouterName

func (nInfo *DefaultNetInfo) GetNetworkScopedGWRouterName(nodeName string) string

func (*DefaultNetInfo) GetNetworkScopedJoinSwitchName

func (nInfo *DefaultNetInfo) GetNetworkScopedJoinSwitchName() string

func (*DefaultNetInfo) GetNetworkScopedK8sMgmtIntfName

func (nInfo *DefaultNetInfo) GetNetworkScopedK8sMgmtIntfName(nodeName string) string

func (*DefaultNetInfo) GetNetworkScopedLoadBalancerGroupName

func (nInfo *DefaultNetInfo) GetNetworkScopedLoadBalancerGroupName(lbGroupName string) string

func (*DefaultNetInfo) GetNetworkScopedLoadBalancerName

func (nInfo *DefaultNetInfo) GetNetworkScopedLoadBalancerName(lbName string) string

func (*DefaultNetInfo) GetNetworkScopedName

func (nInfo *DefaultNetInfo) GetNetworkScopedName(name string) string

GetNetworkScopedName returns a network scoped name form the provided one appropriate to use globally.

func (*DefaultNetInfo) GetNetworkScopedPatchPortName

func (nInfo *DefaultNetInfo) GetNetworkScopedPatchPortName(bridgeID, nodeName string) string

func (*DefaultNetInfo) GetNetworkScopedSwitchName

func (nInfo *DefaultNetInfo) GetNetworkScopedSwitchName(nodeName string) string

func (*DefaultNetInfo) GetPodNetworkAdvertisedOnNodeVRFs

func (nInfo *DefaultNetInfo) GetPodNetworkAdvertisedOnNodeVRFs(node string) []string

func (*DefaultNetInfo) GetPodNetworkAdvertisedVRFs

func (nInfo *DefaultNetInfo) GetPodNetworkAdvertisedVRFs() map[string][]string

func (*DefaultNetInfo) HasNAD

func (nInfo *DefaultNetInfo) HasNAD(nadName string) bool

HasNAD returns true if the given NAD exists, used to check if the network needs to be plumbed over

func (*DefaultNetInfo) IPMode

func (nInfo *DefaultNetInfo) IPMode() (bool, bool)

IPMode returns the defaultNetConfInfo's ipv4/ipv6 mode

func (*DefaultNetInfo) IsDefault

func (nInfo *DefaultNetInfo) IsDefault() bool

IsDefault always returns true for default network.

func (*DefaultNetInfo) IsPrimaryNetwork

func (nInfo *DefaultNetInfo) IsPrimaryNetwork() bool

IsPrimaryNetwork always returns false for default network. The boolean indicates if this secondary network is meant to be the primary network for the pod. Since default network is never a secondary network this is always false. This cannot be true if IsSecondary() is not true.

func (*DefaultNetInfo) IsSecondary

func (nInfo *DefaultNetInfo) IsSecondary() bool

IsSecondary returns if this network is secondary

func (*DefaultNetInfo) JoinSubnetV4

func (nInfo *DefaultNetInfo) JoinSubnetV4() *net.IPNet

JoinSubnetV4 returns the defaultNetConfInfo's JoinSubnetV4 value call when ipv4mode=true

func (*DefaultNetInfo) JoinSubnetV6

func (nInfo *DefaultNetInfo) JoinSubnetV6() *net.IPNet

JoinSubnetV6 returns the defaultNetConfInfo's JoinSubnetV6 value call when ipv6mode=true

func (*DefaultNetInfo) JoinSubnets

func (nInfo *DefaultNetInfo) JoinSubnets() []*net.IPNet

JoinSubnets returns the secondaryNetInfo's joinsubnet values (both v4&v6) used from Equals

func (*DefaultNetInfo) MTU

func (nInfo *DefaultNetInfo) MTU() int

MTU returns the defaultNetConfInfo's MTU value

func (*DefaultNetInfo) PhysicalNetworkName

func (nInfo *DefaultNetInfo) PhysicalNetworkName() string

PhysicalNetworkName has no impact on defaultNetConfInfo (localnet feature)

func (*DefaultNetInfo) RemoveNetworkScopeFromName

func (nInfo *DefaultNetInfo) RemoveNetworkScopeFromName(name string) string

func (*DefaultNetInfo) SetEgressIPAdvertisedVRFs

func (nInfo *DefaultNetInfo) SetEgressIPAdvertisedVRFs(eipAdvertisements map[string][]string)

func (*DefaultNetInfo) SetNADs

func (nInfo *DefaultNetInfo) SetNADs(nadNames ...string)

SetNADs replaces the NADs associated with the network

func (*DefaultNetInfo) SetNetworkID

func (nInfo *DefaultNetInfo) SetNetworkID(id int)

func (*DefaultNetInfo) SetPodNetworkAdvertisedVRFs

func (nInfo *DefaultNetInfo) SetPodNetworkAdvertisedVRFs(podAdvertisements map[string][]string)

func (*DefaultNetInfo) Subnets

func (nInfo *DefaultNetInfo) Subnets() []config.CIDRNetworkEntry

Subnets returns the defaultNetConfInfo's Subnets value

func (*DefaultNetInfo) TopologyType

func (nInfo *DefaultNetInfo) TopologyType() string

TopologyType returns the defaultNetConfInfo's topology type which is empty

func (*DefaultNetInfo) Vlan

func (nInfo *DefaultNetInfo) Vlan() uint

Vlan returns the defaultNetConfInfo's Vlan value

type EgressIPMark

type EgressIPMark struct {
	// contains filtered or unexported fields
}

func ParseEgressIPMark

func ParseEgressIPMark(annotations map[string]string) (EgressIPMark, error)

func (EgressIPMark) IsAvailable

func (em EgressIPMark) IsAvailable() bool

func (EgressIPMark) IsValid

func (em EgressIPMark) IsValid() bool

func (EgressIPMark) String

func (em EgressIPMark) String() string

func (EgressIPMark) ToInt

func (em EgressIPMark) ToInt() int

type EventDetails

type EventDetails struct {
	EventType    EventType
	Reason, Note string
}

EventDetails may be used to pass event details to the event recorder, that is not used directly. It based on the EventRecorder interface for core.Events. It doesn't have related objects, as they are not used in the current implementation.

type EventType

type EventType = string
const (
	EventTypeNormal  EventType = corev1.EventTypeNormal
	EventTypeWarning EventType = corev1.EventTypeWarning
)

There are only 2 allowed event types for now: Normal and Warning

type ExecRunner

type ExecRunner interface {
	RunCmd(cmd kexec.Cmd, cmdPath string, envVars []string, args ...string) (*bytes.Buffer, *bytes.Buffer, error)
}

type FakeIPTables

type FakeIPTables struct {
	sync.Mutex
	// contains filtered or unexported fields
}

FakeIPTables is a mock implementation of go-iptables

func (*FakeIPTables) Append

func (f *FakeIPTables) Append(tableName, chainName string, rulespec ...string) error

Append appends rulespec to specified table/chain

func (*FakeIPTables) ChangePolicy

func (f *FakeIPTables) ChangePolicy(table, chain, target string) error

ChangePolicy sets an entry in FakeIPTables.policies using "table/chain" as key and target as value

func (*FakeIPTables) ClearChain

func (f *FakeIPTables) ClearChain(tableName, chainName string) error

ClearChain removes all rules in the specified table/chain. If the chain does not exist, a new one will be created

func (*FakeIPTables) Delete

func (f *FakeIPTables) Delete(tableName, chainName string, rulespec ...string) error

Delete removes a rule from the specified table/chain

func (*FakeIPTables) DeleteChain

func (f *FakeIPTables) DeleteChain(tableName, chainName string) error

DeleteChain deletes the chain in the specified table. The chain must be empty

func (*FakeIPTables) Exists

func (f *FakeIPTables) Exists(tableName, chainName string, rulespec ...string) (bool, error)

Exists checks if given rulespec in specified table/chain exists

func (*FakeIPTables) Insert

func (f *FakeIPTables) Insert(tableName, chainName string, pos int, rulespec ...string) error

Insert inserts a rule into the specified table/chain

func (*FakeIPTables) List

func (f *FakeIPTables) List(tableName, chainName string) ([]string, error)

List rules in specified table/chain

func (*FakeIPTables) ListChains

func (f *FakeIPTables) ListChains(tableName string) ([]string, error)

ListChains returns the names of all chains in the table

func (*FakeIPTables) MatchState

func (f *FakeIPTables) MatchState(tables map[string]FakeTable, policies map[FakePolicyKey]string) error

MatchState matches the expected state against the actual rules and policies code under test added to iptables

func (*FakeIPTables) NewChain

func (f *FakeIPTables) NewChain(tableName, chainName string) error

NewChain creates a new chain in the specified table

func (*FakeIPTables) Restore

func (f *FakeIPTables) Restore(tableName string, rulesMap map[string][][]string) error

type FakePolicyKey

type FakePolicyKey struct {
	Table string
	Chain string
}

type FakeTable

type FakeTable map[string][]string

FakeTable represents a mock iptables table and can be used for unit tests to verify that the code creates the expected rules

func (*FakeTable) String

func (t *FakeTable) String() string

type FileSystemOps

type FileSystemOps interface {
	Readlink(path string) (string, error)
}

func GetFileSystemOps

func GetFileSystemOps() FileSystemOps

type IPTablesHelper

type IPTablesHelper interface {
	// List rules in specified table/chain
	List(table, chain string) ([]string, error)
	// ListChains returns the names of all chains in the table
	ListChains(string) ([]string, error)
	// ClearChain removes all rules in the specified table/chain.
	// If the chain does not exist, a new one will be created
	ClearChain(string, string) error
	// DeleteChain deletes the chain in the specified table.
	DeleteChain(string, string) error
	// NewChain creates a new chain in the specified table.
	// If the chain already exists, it will result in an error.
	NewChain(string, string) error
	// Exists checks if given rulespec in specified table/chain exists
	Exists(string, string, ...string) (bool, error)
	// Insert inserts a rule into the specified table/chain
	Insert(string, string, int, ...string) error
	// Append appends rulespec to specified table/chain
	Append(string, string, ...string) error
	// Delete removes rulespec in specified table/chain
	Delete(string, string, ...string) error
	// Restore uses iptables-restore to restore rules for multiple chains in a table at once
	Restore(table string, rulesMap map[string][][]string) error
	// ChangePolicy changes the policy on the chain to target
	ChangePolicy(table, chain, target string) error
}

IPTablesHelper is an interface that wraps go-iptables to allow mock implementations for unit testing

func GetIPTablesHelper

func GetIPTablesHelper(proto iptables.Protocol) (IPTablesHelper, error)

GetIPTablesHelper returns an IPTablesHelper. If SetIPTablesHelper has not yet been called, it will create a new IPTablesHelper wrapping "live" go-iptables

type L3GatewayConfig

type L3GatewayConfig struct {
	Mode                config.GatewayMode
	ChassisID           string
	BridgeID            string
	InterfaceID         string
	MACAddress          net.HardwareAddr
	IPAddresses         []*net.IPNet
	EgressGWInterfaceID string
	EgressGWMACAddress  net.HardwareAddr
	EgressGWIPAddresses []*net.IPNet
	NextHops            []net.IP
	NodePortEnable      bool
	VLANID              *uint
}

func ParseNodeL3GatewayAnnotation

func ParseNodeL3GatewayAnnotation(node *kapi.Node) (*L3GatewayConfig, error)

ParseNodeL3GatewayAnnotation returns the parsed l3-gateway-config annotation

func (*L3GatewayConfig) MarshalJSON

func (cfg *L3GatewayConfig) MarshalJSON() ([]byte, error)

func (*L3GatewayConfig) UnmarshalJSON

func (cfg *L3GatewayConfig) UnmarshalJSON(bytes []byte) error

type ManagementPortDetails

type ManagementPortDetails struct {
	PfId   int `json:"PfId"`
	FuncId int `json:"FuncId"`
}

type MutableNetInfo

type MutableNetInfo interface {
	NetInfo

	// SetNetworkID sets the network ID before any controller handles the
	// network
	SetNetworkID(id int)

	// NADs referencing a network
	SetNADs(nadName ...string)
	AddNADs(nadName ...string)
	DeleteNADs(nadName ...string)

	// VRFs a pod network is being advertised on, also per node
	SetPodNetworkAdvertisedVRFs(podAdvertisements map[string][]string)

	// Nodes advertising Egress IP
	SetEgressIPAdvertisedVRFs(eipAdvertisements map[string][]string)
}

MutableNetInfo is a NetInfo where selected information can be changed. Intended to be used by network managers that aggregate network information from multiple sources that can change over time.

func NewMutableNetInfo

func NewMutableNetInfo(netInfo NetInfo) MutableNetInfo

NewMutableNetInfo builds a copy of netInfo as a MutableNetInfo

type NetInfo

type NetInfo interface {
	// static information, not expected to change.
	GetNetworkName() string
	GetNetworkID() int
	IsDefault() bool
	IsPrimaryNetwork() bool
	IsSecondary() bool
	TopologyType() string
	MTU() int
	IPMode() (bool, bool)
	Subnets() []config.CIDRNetworkEntry
	ExcludeSubnets() []*net.IPNet
	JoinSubnetV4() *net.IPNet
	JoinSubnetV6() *net.IPNet
	JoinSubnets() []*net.IPNet
	Vlan() uint
	AllowsPersistentIPs() bool
	PhysicalNetworkName() string

	// dynamic information, can change over time
	GetNADs() []string
	HasNAD(nadName string) bool
	// GetPodNetworkAdvertisedVRFs returns the target VRFs where the pod network
	// is advertised per node, through a map of node names to slice of VRFs.
	GetPodNetworkAdvertisedVRFs() map[string][]string
	// GetPodNetworkAdvertisedOnNodeVRFs returns the target VRFs where the pod
	// network is advertised on the specified node.
	GetPodNetworkAdvertisedOnNodeVRFs(node string) []string
	// GetEgressIPAdvertisedVRFs returns the target VRFs where egress IPs are
	// advertised per node, through a map of node names to slice of VRFs.
	GetEgressIPAdvertisedVRFs() map[string][]string
	// GetEgressIPAdvertisedOnNodeVRFs returns the target VRFs where egress IPs
	// are advertised on the specified node.
	GetEgressIPAdvertisedOnNodeVRFs(node string) []string
	// GetEgressIPAdvertisedNodes return the nodes where egress IP are
	// advertised.
	GetEgressIPAdvertisedNodes() []string

	// derived information.
	GetNamespaces() []string
	GetNetworkScopedName(name string) string
	RemoveNetworkScopeFromName(name string) string
	GetNetworkScopedK8sMgmtIntfName(nodeName string) string
	GetNetworkScopedClusterRouterName() string
	GetNetworkScopedGWRouterName(nodeName string) string
	GetNetworkScopedSwitchName(nodeName string) string
	GetNetworkScopedJoinSwitchName() string
	GetNetworkScopedExtSwitchName(nodeName string) string
	GetNetworkScopedPatchPortName(bridgeID, nodeName string) string
	GetNetworkScopedExtPortName(bridgeID, nodeName string) string
	GetNetworkScopedLoadBalancerName(lbName string) string
	GetNetworkScopedLoadBalancerGroupName(lbGroupName string) string
	GetNetworkScopedClusterSubnetSNATMatch(nodeName string) string

	// GetNetInfo is an identity method used to get the specific NetInfo
	// implementation
	GetNetInfo() NetInfo
}

NetInfo exposes read-only information about a network.

func NewNetInfo

func NewNetInfo(netconf *ovncnitypes.NetConf) (NetInfo, error)

func ParseNADInfo

func ParseNADInfo(netattachdef *nettypes.NetworkAttachmentDefinition) (NetInfo, error)

ParseNADInfo parses config in NAD spec and return a NetAttachDefInfo object for secondary networks

type NetLinkOps

type NetLinkOps interface {
	LinkList() ([]netlink.Link, error)
	LinkByName(ifaceName string) (netlink.Link, error)
	LinkByIndex(index int) (netlink.Link, error)
	LinkSetDown(link netlink.Link) error
	LinkAdd(link netlink.Link) error
	LinkDelete(link netlink.Link) error
	LinkSetName(link netlink.Link, newName string) error
	LinkSetUp(link netlink.Link) error
	LinkSetNsFd(link netlink.Link, fd int) error
	LinkSetHardwareAddr(link netlink.Link, hwaddr net.HardwareAddr) error
	LinkSetMaster(link netlink.Link, master netlink.Link) error
	LinkSetNoMaster(link netlink.Link) error
	LinkSetMTU(link netlink.Link, mtu int) error
	LinkSetTxQLen(link netlink.Link, qlen int) error
	IsLinkNotFoundError(err error) bool
	AddrList(link netlink.Link, family int) ([]netlink.Addr, error)
	AddrDel(link netlink.Link, addr *netlink.Addr) error
	AddrAdd(link netlink.Link, addr *netlink.Addr) error
	RouteList(link netlink.Link, family int) ([]netlink.Route, error)
	RouteDel(route *netlink.Route) error
	RouteAdd(route *netlink.Route) error
	RouteReplace(route *netlink.Route) error
	RouteListFiltered(family int, filter *netlink.Route, filterMask uint64) ([]netlink.Route, error)
	RuleListFiltered(family int, filter *netlink.Rule, filterMask uint64) ([]netlink.Rule, error)
	NeighAdd(neigh *netlink.Neigh) error
	NeighDel(neigh *netlink.Neigh) error
	NeighList(linkIndex, family int) ([]netlink.Neigh, error)
	ConntrackDeleteFilter(table netlink.ConntrackTableType, family netlink.InetFamily, filter netlink.CustomConntrackFilter) (uint, error)
	LinkSetVfHardwareAddr(pfLink netlink.Link, vfIndex int, hwaddr net.HardwareAddr) error
	RouteSubscribeWithOptions(ch chan<- netlink.RouteUpdate, done <-chan struct{}, options netlink.RouteSubscribeOptions) error
	LinkSubscribeWithOptions(ch chan<- netlink.LinkUpdate, done <-chan struct{}, options netlink.LinkSubscribeOptions) error
}

func GetNetLinkOps

func GetNetLinkOps() NetLinkOps

GetNetLinkOps will be invoked by functions in other packages that would need access to the netlink library methods.

type OVNClientset

type OVNClientset struct {
	KubeClient                kubernetes.Interface
	ANPClient                 anpclientset.Interface
	EgressIPClient            egressipclientset.Interface
	EgressFirewallClient      egressfirewallclientset.Interface
	OCPNetworkClient          ocpnetworkclientset.Interface
	CloudNetworkClient        ocpcloudnetworkclientset.Interface
	EgressQoSClient           egressqosclientset.Interface
	NetworkAttchDefClient     networkattchmentdefclientset.Interface
	MultiNetworkPolicyClient  multinetworkpolicyclientset.Interface
	EgressServiceClient       egressserviceclientset.Interface
	AdminPolicyRouteClient    adminpolicybasedrouteclientset.Interface
	IPAMClaimsClient          ipamclaimssclientset.Interface
	UserDefinedNetworkClient  userdefinednetworkclientset.Interface
	RouteAdvertisementsClient routeadvertisementsclientset.Interface
	FRRClient                 frrclientset.Interface
}

OVNClientset is a wrapper around all clientsets used by OVN-Kubernetes

func GetOVNClientset

func GetOVNClientset(objects ...runtime.Object) *OVNClientset

func NewOVNClientset

func NewOVNClientset(conf *config.KubernetesConfig) (*OVNClientset, error)

NewOVNClientset creates a OVNClientset from a KubernetesConfig

func (*OVNClientset) GetClusterManagerClientset

func (cs *OVNClientset) GetClusterManagerClientset() *OVNClusterManagerClientset

func (*OVNClientset) GetMasterClientset

func (cs *OVNClientset) GetMasterClientset() *OVNMasterClientset

func (*OVNClientset) GetNodeClientset

func (cs *OVNClientset) GetNodeClientset() *OVNNodeClientset

func (*OVNClientset) GetOVNKubeControllerClientset

func (cs *OVNClientset) GetOVNKubeControllerClientset() *OVNKubeControllerClientset

type OVNClusterManagerClientset

type OVNClusterManagerClientset struct {
	KubeClient                kubernetes.Interface
	ANPClient                 anpclientset.Interface
	EgressIPClient            egressipclientset.Interface
	CloudNetworkClient        ocpcloudnetworkclientset.Interface
	NetworkAttchDefClient     networkattchmentdefclientset.Interface
	EgressServiceClient       egressserviceclientset.Interface
	AdminPolicyRouteClient    adminpolicybasedrouteclientset.Interface
	EgressFirewallClient      egressfirewallclientset.Interface
	EgressQoSClient           egressqosclientset.Interface
	IPAMClaimsClient          ipamclaimssclientset.Interface
	OCPNetworkClient          ocpnetworkclientset.Interface
	UserDefinedNetworkClient  userdefinednetworkclientset.Interface
	RouteAdvertisementsClient routeadvertisementsclientset.Interface
	FRRClient                 frrclientset.Interface
}

type OVNDBServerStatus

type OVNDBServerStatus struct {
	Connected bool
	Leader    bool
	Index     int
}

ovsdb-server(5) says a clustered database is connected if the server is in contact with a majority of its cluster.

func GetOVNDBServerInfo

func GetOVNDBServerInfo(timeout int, direction, database string) (*OVNDBServerStatus, error)

type OVNKubeControllerClientset

type OVNKubeControllerClientset struct {
	KubeClient                kubernetes.Interface
	ANPClient                 anpclientset.Interface
	EgressIPClient            egressipclientset.Interface
	EgressFirewallClient      egressfirewallclientset.Interface
	OCPNetworkClient          ocpnetworkclientset.Interface
	EgressQoSClient           egressqosclientset.Interface
	MultiNetworkPolicyClient  multinetworkpolicyclientset.Interface
	EgressServiceClient       egressserviceclientset.Interface
	AdminPolicyRouteClient    adminpolicybasedrouteclientset.Interface
	IPAMClaimsClient          ipamclaimssclientset.Interface
	NetworkAttchDefClient     networkattchmentdefclientset.Interface
	UserDefinedNetworkClient  userdefinednetworkclientset.Interface
	RouteAdvertisementsClient routeadvertisementsclientset.Interface
}

OVNKubeControllerClientset

type OVNMasterClientset

type OVNMasterClientset struct {
	KubeClient                kubernetes.Interface
	ANPClient                 anpclientset.Interface
	EgressIPClient            egressipclientset.Interface
	CloudNetworkClient        ocpcloudnetworkclientset.Interface
	EgressFirewallClient      egressfirewallclientset.Interface
	OCPNetworkClient          ocpnetworkclientset.Interface
	EgressQoSClient           egressqosclientset.Interface
	MultiNetworkPolicyClient  multinetworkpolicyclientset.Interface
	EgressServiceClient       egressserviceclientset.Interface
	AdminPolicyRouteClient    adminpolicybasedrouteclientset.Interface
	IPAMClaimsClient          ipamclaimssclientset.Interface
	NetworkAttchDefClient     networkattchmentdefclientset.Interface
	UserDefinedNetworkClient  userdefinednetworkclientset.Interface
	RouteAdvertisementsClient routeadvertisementsclientset.Interface
	FRRClient                 frrclientset.Interface
}

OVNMasterClientset

func (*OVNMasterClientset) GetNodeClientset

func (cs *OVNMasterClientset) GetNodeClientset() *OVNNodeClientset

func (*OVNMasterClientset) GetOVNKubeControllerClientset

func (cs *OVNMasterClientset) GetOVNKubeControllerClientset() *OVNKubeControllerClientset

type OVNNodeClientset

type OVNNodeClientset struct {
	KubeClient                kubernetes.Interface
	EgressServiceClient       egressserviceclientset.Interface
	EgressIPClient            egressipclientset.Interface
	AdminPolicyRouteClient    adminpolicybasedrouteclientset.Interface
	NetworkAttchDefClient     networkattchmentdefclientset.Interface
	UserDefinedNetworkClient  userdefinednetworkclientset.Interface
	RouteAdvertisementsClient routeadvertisementsclientset.Interface
}

type OpenPort

type OpenPort struct {
	// valid values are tcp, udp, sctp, icmp
	Protocol string `json:"protocol"`
	Port     *int   `json:"port,omitempty"`
}

func UnmarshalUDNOpenPortsAnnotation

func UnmarshalUDNOpenPortsAnnotation(annotations map[string]string) ([]*OpenPort, error)

UnmarshalUDNOpenPortsAnnotation returns the OpenPorts from the pod annotation. If annotation is not present, empty list with no error is returned.

type OvsDbProperties

type OvsDbProperties struct {
	AppCtl        func(timeout int, args ...string) (string, string, error)
	DbAlias       string
	DbName        string
	ElectionTimer int
}

func GetOvsDbProperties

func GetOvsDbProperties(db string) (*OvsDbProperties, error)

GetOvsDbProperties inits OvsDbProperties based on db file path given to it. Now it only works with ovn dbs (nbdb and sbdb)

type ParsedIFAddr

type ParsedIFAddr struct {
	IP  net.IP
	Net *net.IPNet
}

type ParsedNodeEgressIPConfiguration

type ParsedNodeEgressIPConfiguration struct {
	V4       ParsedIFAddr
	V6       ParsedIFAddr
	Capacity Capacity
}

func GetNodeEIPConfig

func GetNodeEIPConfig(node *kapi.Node) (*ParsedNodeEgressIPConfiguration, error)

GetNodeEIPConfig attempts to generate EIP configuration from a nodes annotations. If the platform is running in the cloud, retrieve config info from node obj annotation added by Cloud Network Config Controller (CNCC). If not on a cloud platform (i.e. baremetal), retrieve from the node obj primary interface annotation.

func ParseCloudEgressIPConfig

func ParseCloudEgressIPConfig(node *kapi.Node) (*ParsedNodeEgressIPConfiguration, error)

ParseCloudEgressIPConfig returns the cloud's information concerning the node's primary network interface

func ParseNodePrimaryIfAddr

func ParseNodePrimaryIfAddr(node *kapi.Node) (*ParsedNodeEgressIPConfiguration, error)

ParseNodePrimaryIfAddr returns the IPv4 / IPv6 values for the node's primary network interface

type PodAnnotation

type PodAnnotation struct {
	// IPs are the pod's assigned IP addresses/prefixes
	IPs []*net.IPNet
	// MAC is the pod's assigned MAC address
	MAC net.HardwareAddr
	// Gateways are the pod's gateway IP addresses; note that there may be
	// fewer Gateways than IPs.
	Gateways []net.IP
	// Routes are additional routes to add to the pod's network namespace
	Routes []PodRoute

	// TunnelID assigned to each pod for layer2 secondary networks
	TunnelID int

	// Role defines what role this network plays for the given pod.
	// Expected values are:
	// (1) "primary" if this network is the primary network of the pod.
	//     The "default" network is the primary network of any pod usually
	//     unless user-defined-network-segmentation feature has been activated.
	//     If network segmentation feature is enabled then any user defined
	//     network can be the primary network of the pod.
	// (2) "secondary" if this network is the secondary network of the pod.
	//     Only user defined networks can be secondary networks for a pod.
	// (3) "infrastructure-locked" is applicable only to "default" network if
	//     a user defined network is the "primary" network for this pod. This
	//     signifies the "default" network is only used for probing and
	//     is otherwise locked for all intents and purposes.
	// At a given time a pod can have only 1 network with role:"primary"
	Role string
}

PodAnnotation describes the assigned network details for a single pod network. (The actual annotation may include the equivalent of multiple PodAnnotations.)

func UnmarshalPodAnnotation

func UnmarshalPodAnnotation(annotations map[string]string, nadName string) (*PodAnnotation, error)

UnmarshalPodAnnotation returns the Pod's network info of the given network from pod.Annotations

type PodRoute

type PodRoute struct {
	// Dest is the route destination
	Dest *net.IPNet
	// NextHop is the IP address of the next hop for traffic destined for Dest
	NextHop net.IP
}

PodRoute describes any routes to be added to the pod's network namespace

func (PodRoute) String

func (r PodRoute) String() string

type ReconcilableNetInfo

type ReconcilableNetInfo interface {
	NetInfo
	// contains filtered or unexported methods
}

ReconcilableNetInfo is a NetInfo that can be reconciled

func NewReconcilableNetInfo

func NewReconcilableNetInfo(netInfo NetInfo) ReconcilableNetInfo

NewReconcilableNetInfo builds a copy of netInfo as a ReconcilableNetInfo

type SriovnetOps

type SriovnetOps interface {
	GetNetDevicesFromPci(pciAddress string) ([]string, error)
	GetNetDevicesFromAux(auxDev string) ([]string, error)
	GetPciFromNetDevice(name string) (string, error)
	GetUplinkRepresentor(vfPciAddress string) (string, error)
	GetUplinkRepresentorFromAux(auxDev string) (string, error)
	GetVfIndexByPciAddress(vfPciAddress string) (int, error)
	GetPfIndexByVfPciAddress(vfPciAddress string) (int, error)
	GetSfIndexByAuxDev(auxDev string) (int, error)
	GetVfRepresentor(uplink string, vfIndex int) (string, error)
	GetSfRepresentor(uplink string, sfIndex int) (string, error)
	GetPfPciFromVfPci(vfPciAddress string) (string, error)
	GetPfPciFromAux(auxDev string) (string, error)
	GetVfRepresentorDPU(pfID, vfIndex string) (string, error)
	IsVfPciVfioBound(pciAddr string) bool
	GetRepresentorPeerMacAddress(netdev string) (net.HardwareAddr, error)
	GetRepresentorPortFlavour(netdev string) (sriovnet.PortFlavour, error)
	GetPCIFromDeviceName(netdevName string) (string, error)
	GetPortIndexFromRepresentor(name string) (int, error)
}

func GetSriovnetOps

func GetSriovnetOps() SriovnetOps

GetSriovnetOps will be invoked by functions in other packages that would need access to the sriovnet library methods.

type UnprocessedActiveNetworkError

type UnprocessedActiveNetworkError struct {
	// contains filtered or unexported fields
}

func NewUnprocessedActiveNetworkError

func NewUnprocessedActiveNetworkError(namespace, udnName string) *UnprocessedActiveNetworkError

func (*UnprocessedActiveNetworkError) Error

type VdpaDevice

type VdpaDevice interface {
	kvdpa.VdpaDevice
}

type VdpaOps

type VdpaOps interface {
	GetVdpaDeviceByPci(pciAddress string) (kvdpa.VdpaDevice, error)
}

func GetVdpaOps

func GetVdpaOps() VdpaOps

GetVdpaOps will be invoked by functions in other packages that would need access to the govdpa library methods.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL