ecscni

package

v1.44.3 Latest Latest Go to latest Published: Sep 2, 2020 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/pureweb/ecs-amazon-agent

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func NewAppMeshConfig(appMesh *appmesh.AppMesh, cfg *Config) (string, *libcni.NetworkConfig, error)
func NewBranchENINetworkConfig(eni *eni.ENI, cfg *Config) (string, *libcni.NetworkConfig, error)
func NewBridgeNetworkConfig(cfg *Config, includeIPAM bool) (string, *libcni.NetworkConfig, error)
func NewENINetworkConfig(eni *eni.ENI, cfg *Config) (string, *libcni.NetworkConfig, error)
func NewIPAMNetworkConfig(cfg *Config) (string, *libcni.NetworkConfig, error)
type AppMeshConfig
type BranchENIConfig
type BridgeConfig
type CNIClient
- func NewClient(pluginsPath string) CNIClient
type Config
type ENIConfig
type IPAMConfig
type IPAMNetworkConfig
type NetworkConfig

Constants ¶

View Source

const (

	// NetnsFormat is used to construct the path to cotainer network namespace
	NetnsFormat = "/host/proc/%s/ns/net"
	// ECSIPAMPluginName is the binary of the ipam plugin
	ECSIPAMPluginName = "ecs-ipam"
	// ECSBridgePluginName is the binary of the bridge plugin
	ECSBridgePluginName = "ecs-bridge"
	// ECSENIPluginName is the binary of the eni plugin
	ECSENIPluginName = "ecs-eni"
	// ECSAppMeshPluginName is the binary of aws-appmesh plugin
	ECSAppMeshPluginName = "aws-appmesh"
	// ECSBranchENIPluginName is the binary of the branch-eni plugin
	ECSBranchENIPluginName = "vpc-branch-eni"
	// TaskIAMRoleEndpoint is the endpoint of ecs-agent exposes credentials for
	// task IAM role
	TaskIAMRoleEndpoint = "169.254.170.2/32"
	// CapabilityAWSVPCNetworkingMode is the capability string, which when
	// present in the output of the '--capabilities' command of a CNI plugin
	// indicates that the plugin can support the ECS "awsvpc" network mode
	CapabilityAWSVPCNetworkingMode = "awsvpc-network-mode"
)

Variables ¶

This section is empty.

Functions ¶

func NewAppMeshConfig ¶ added in v1.31.0

func NewAppMeshConfig(appMesh *appmesh.AppMesh, cfg *Config) (string, *libcni.NetworkConfig, error)

NewAppMeshConfig creates a new AppMesh CNI network configuration.

func NewBranchENINetworkConfig ¶ added in v1.31.0

func NewBranchENINetworkConfig(eni *eni.ENI, cfg *Config) (string, *libcni.NetworkConfig, error)

NewBranchENINetworkConfig creates a new branch ENI CNI network configuration.

func NewBridgeNetworkConfig ¶ added in v1.31.0

func NewBridgeNetworkConfig(cfg *Config, includeIPAM bool) (string, *libcni.NetworkConfig, error)

NewBridgeNetworkConfig creates the config of bridge for ADD command, where bridge plugin acquires the IP and route information from IPAM.

func NewENINetworkConfig ¶ added in v1.31.0

func NewENINetworkConfig(eni *eni.ENI, cfg *Config) (string, *libcni.NetworkConfig, error)

NewENINetworkConfig creates a new ENI CNI network configuration.

func NewIPAMNetworkConfig ¶ added in v1.31.0

func NewIPAMNetworkConfig(cfg *Config) (string, *libcni.NetworkConfig, error)

NewIPAMNetworkConfig creates the IPAM configuration accepted by libcni.

Types ¶

type AppMeshConfig ¶ added in v1.26.0

type AppMeshConfig struct {
	// Type is the cni plugin name
	Type string `json:"type,omitempty"`
	// CNIVersion is the cni spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// IgnoredUID specifies egress traffic from the processes owned by the UID will be ignored
	IgnoredUID string `json:"ignoredUID,omitempty"`
	// IgnoredGID specifies egress traffic from the processes owned by the GID will be ignored
	IgnoredGID string `json:"ignoredGID,omitempty"`
	// ProxyIngressPort is the ingress port number that proxy is listening on
	ProxyIngressPort string `json:"proxyIngressPort"`
	// ProxyEgressPort is the egress port number that proxy is listening on
	ProxyEgressPort string `json:"proxyEgressPort"`
	// AppPorts specifies port numbers that application is listening on
	AppPorts []string `json:"appPorts"`
	// EgressIgnoredPorts is the list of ports for which egress traffic will be ignored
	EgressIgnoredPorts []string `json:"egressIgnoredPorts,omitempty"`
	// EgressIgnoredIPs is the list of IPs for which egress traffic will be ignored
	EgressIgnoredIPs []string `json:"egressIgnoredIPs,omitempty"`
}

AppMeshConfig contains all the information needed to invoke the app mesh plugin

type BranchENIConfig ¶ added in v1.28.0

type BranchENIConfig struct {
	// CNIVersion is the CNI spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// Name is the CNI network name
	Name string `json:"name,omitempty"`
	// Type is the CNI plugin name
	Type string `json:"type,omitempty"`

	// TrunkMACAddress is the MAC address of the trunk ENI
	TrunkMACAddress string `json:"trunkMACAddress,omitempty"`
	// BranchVlanID is the VLAN ID of the branch ENI
	BranchVlanID string `json:"branchVlanID,omitempty"`
	// BranchMacAddress is the MAC address of the branch ENI
	BranchMACAddress string `json:"branchMACAddress"`
	// BranchIPAddress is the IP address of the branch ENI
	BranchIPAddress string `json:"branchIPAddress"`
	// BranchGatewayIPAddress is the IP address of the branch ENI's default gateway.
	BranchGatewayIPAddress string `json:"branchGatewayIPAddress"`
	// InterfaceType is the type of the interface to connect the branch ENI to
	InterfaceType string `json:"interfaceType,omitempty"`
	// BlockInstanceMetdata specifies if InstanceMetadata endpoint should be blocked.
	BlockInstanceMetadata bool `json:"blockInstanceMetadata"`
}

BranchENIConfig contains all the information needed to invoke the vpc-branch-eni plugin

type BridgeConfig ¶

type BridgeConfig struct {
	// Type is the cni plugin name
	Type string `json:"type,omitempty"`
	// CNIVersion is the cni spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// BridgeName is the name of bridge
	BridgeName string `json:"bridge"`
	// IsGw indicates whether the bridge act as a gateway, it determines whether
	// an ip address needs to assign to the bridge
	IsGW bool `json:"isGateway"`
	// IsDefaultGW indicates whether the bridge is the gateway of the container
	IsDefaultGW bool `json:"isDefaultGateway"`
	// ForceAddress indicates whether a new ip should be assigned if the bridge
	// has already a different ip
	ForceAddress bool `json:"forceAddress"`
	// IPMasq indicates whether to setup the IP Masquerade for traffic originating
	// from this network
	IPMasq bool `json:"ipMasq"`
	// MTU sets MTU of the bridge interface
	MTU int `json:"mtu"`
	// HairpinMode sets the hairpin mode of interface on the bridge
	HairpinMode bool `json:"hairpinMode"`
	// IPAM is the configuration to acquire ip/route from ipam plugin
	IPAM IPAMConfig `json:"ipam,omitempty"`
}

BridgeConfig contains all the information needed to invoke the bridge plugin

type CNIClient ¶

type CNIClient interface {
	// Version returns the version of the plugin
	Version(string) (string, error)
	// Capabilities returns the capabilities supported by a plugin
	Capabilities(string) ([]string, error)
	// SetupNS sets up the namespace of container
	SetupNS(context.Context, *Config, time.Duration) (*current.Result, error)
	// CleanupNS cleans up the container namespace
	CleanupNS(context.Context, *Config, time.Duration) error
	// ReleaseIPResource marks the ip available in the ipam db
	ReleaseIPResource(context.Context, *Config, time.Duration) error
}

CNIClient defines the method of setting/cleaning up container namespace

func NewClient ¶

func NewClient(pluginsPath string) CNIClient

NewClient creates a client of ecscni which is used to invoke the plugin

type Config ¶

type Config struct {
	// PluginsPath indicates the path where cni plugins are located
	PluginsPath string
	// MinSupportedCNIVersion is the minimum cni spec version supported
	MinSupportedCNIVersion string
	// ContainerID is the id of container of which to set up the network namespace
	ContainerID string
	// ContainerPID is the pid of the container
	ContainerPID string
	// BridgeName is the name used to create the bridge
	BridgeName string
	// IPAMV4Address is the ipv4 used to assign from ipam
	IPAMV4Address *cnitypes.IPNet
	// ID is the information associate with ip in ipam
	ID string
	// BlockInstanceMetadata specifies if InstanceMetadata endpoint should be blocked
	BlockInstanceMetadata bool
	// AdditionalLocalRoutes specifies additional routes to be added to the task namespace
	AdditionalLocalRoutes []cnitypes.IPNet
	// NetworkConfigs is the list of CNI network configurations to be invoked
	NetworkConfigs []*NetworkConfig
}

Config contains all the information to set up the container namespace using the plugins

type ENIConfig ¶

type ENIConfig struct {
	// Type is the cni plugin name
	Type string `json:"type,omitempty"`
	// CNIVersion is the cni spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// ENIID is the id of ec2 eni
	ENIID string `json:"eni"`
	// IPV4Address is the ipv4 of eni
	IPV4Address string `json:"ipv4-address"`
	// IPV6Address is the ipv6 of eni
	IPV6Address string `json:"ipv6-address,omitempty"`
	// MacAddress is the mac address of eni
	MACAddress string `json:"mac"`
	// BlockInstanceMetadata specifies if InstanceMetadata endpoint should be blocked
	BlockInstanceMetadata bool `json:"block-instance-metadata"`
	// SubnetGatewayIPV4Address specifies the IPv4 address of the subnet gateway for the ENI
	SubnetGatewayIPV4Address string `json:"subnetgateway-ipv4-address"`
}

ENIConfig contains all the information needed to invoke the eni plugin

type IPAMConfig ¶

type IPAMConfig struct {
	// Type is the cni plugin name
	Type string `json:"type,omitempty"`
	// ID is the information stored in the ipam along with ip as key-value pair
	ID string `json:"id,omitempty"`
	// CNIVersion is the cni spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// IPV4Subnet is the ip address range managed by ipam
	IPV4Subnet string `json:"ipv4-subnet,omitempty"`
	// IPV4Address is the ip address to deal with(assign or release) in ipam
	IPV4Address *cnitypes.IPNet `json:"ipv4-address,omitempty"`
	// IPV4Gateway is the gateway returned by ipam, defalut the '.1' in the subnet
	IPV4Gateway string `json:"ipv4-gateway,omitempty"`
	// IPV4Routes is the route to added in the containerr namespace
	IPV4Routes []*cnitypes.Route `json:"ipv4-routes,omitempty"`
}

IPAMConfig contains all the information needed to invoke the ipam plugin

type IPAMNetworkConfig ¶

type IPAMNetworkConfig struct {
	Name       string     `json:"name,omitempty"`
	Type       string     `json:"type,omitempty"`
	CNIVersion string     `json:"cniVersion,omitempty"`
	IPAM       IPAMConfig `json:"ipam"`
}

IPAMNetworkConfig is the config format accepted by the plugin

type NetworkConfig ¶ added in v1.31.0

type NetworkConfig struct {
	// IfName is the name of the network interface device, to be set within the
	// network namespace.
	IfName string
	// CNINetworkConfig is the network configuration required to invoke the CNI plugin
	CNINetworkConfig *libcni.NetworkConfig
}

NetworkConfig wraps CNI library's NetworkConfig object. It tracks the interface device name (the IfName param required to invoke AddNetwork) along with libcni's NetworkConfig object. The IfName is required to be set to invoke `AddNetwork` method when invoking plugins to set up the network namespace.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mocks Package mock_ecscni is a generated GoMock package.	Package mock_ecscni is a generated GoMock package.
mocks_cnitypes Package mock_types is a generated GoMock package.	Package mock_types is a generated GoMock package.
mocks_libcni Package mock_libcni is a generated GoMock package.	Package mock_libcni is a generated GoMock package.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL