ecscni

package
v1.29.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 8, 2019 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source
const (

	// ECSIPAMPluginName is the binary of the ipam plugin
	ECSIPAMPluginName = "ecs-ipam"
	// ECSBridgePluginName is the binary of the bridge plugin
	ECSBridgePluginName = "ecs-bridge"
	// ECSENIPluginName is the binary of the eni plugin
	ECSENIPluginName = "ecs-eni"
	// ECSAppMeshPluginName is the binary of aws-appmesh plugin
	ECSAppMeshPluginName = "aws-appmesh"
	// ECSBranchENIPluginName is the binary of the branch-eni plugin
	ECSBranchENIPluginName = "vpc-branch-eni"
	// TaskIAMRoleEndpoint is the endpoint of ecs-agent exposes credentials for
	// task IAM role
	TaskIAMRoleEndpoint = "169.254.170.2/32"
	// CapabilityAWSVPCNetworkingMode is the capability string, which when
	// present in the output of the '--capabilities' command of a CNI plugin
	// indicates that the plugin can support the ECS "awsvpc" network mode
	CapabilityAWSVPCNetworkingMode = "awsvpc-network-mode"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AppMeshConfig added in v1.26.0

type AppMeshConfig struct {
	// Type is the cni plugin name
	Type string `json:"type,omitempty"`
	// CNIVersion is the cni spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// IgnoredUID specifies egress traffic from the processes owned by the UID will be ignored
	IgnoredUID string `json:"ignoredUID,omitempty"`
	// IgnoredGID specifies egress traffic from the processes owned by the GID will be ignored
	IgnoredGID string `json:"ignoredGID,omitempty"`
	// ProxyIngressPort is the ingress port number that proxy is listening on
	ProxyIngressPort string `json:"proxyIngressPort"`
	// ProxyEgressPort is the egress port number that proxy is listening on
	ProxyEgressPort string `json:"proxyEgressPort"`
	// AppPorts specifies port numbers that application is listening on
	AppPorts []string `json:"appPorts"`
	// EgressIgnoredPorts is the list of ports for which egress traffic will be ignored
	EgressIgnoredPorts []string `json:"egressIgnoredPorts,omitempty"`
	// EgressIgnoredIPs is the list of IPs for which egress traffic will be ignored
	EgressIgnoredIPs []string `json:"egressIgnoredIPs,omitempty"`
}

AppMeshConfig contains all the information needed to invoke the app mesh plugin

type BranchENIConfig added in v1.28.0

type BranchENIConfig struct {
	// CNIVersion is the CNI spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// Name is the CNI network name
	Name string `json:"name,omitempty"`
	// Type is the CNI plugin name
	Type string `json:"type,omitempty"`

	// TrunkMACAddress is the MAC address of the trunk ENI
	TrunkMACAddress string `json:"trunkMACAddress,omitempty"`
	// BranchVlanID is the VLAN ID of the branch ENI
	BranchVlanID string `json:"branchVlanID,omitempty"`
	// BranchMacAddress is the MAC address of the branch ENI
	BranchMACAddress string `json:"branchMACAddress"`
	// BranchIPAddress is the IP address of the branch ENI
	BranchIPAddress string `json:"branchIPAddress"`
	// BranchGatewayIPAddress is the IP address of the branch ENI's default gateway.
	BranchGatewayIPAddress string `json:"branchGatewayIPAddress"`
	// InterfaceType is the type of the interface to connect the branch ENI to
	InterfaceType string `json:"interfaceType,omitempty"`
	// BlockInstanceMetdata specifies if InstanceMetadata endpoint should be
	// blocked
	BlockInstanceMetdata bool `json:"blockInstanceMetadata"`
}

BranchENIConfig contains all the information needed to invoke the vpc-branch-eni plugin

type BridgeConfig

type BridgeConfig struct {
	// Type is the cni plugin name
	Type string `json:"type,omitempty"`
	// CNIVersion is the cni spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// BridgeName is the name of bridge
	BridgeName string `json:"bridge"`
	// IsGw indicates whether the bridge act as a gateway, it determines whether
	// an ip address needs to assign to the bridge
	IsGW bool `json:"isGateway"`
	// IsDefaultGW indicates whether the bridge is the gateway of the container
	IsDefaultGW bool `json:"isDefaultGateway"`
	// ForceAddress indicates whether a new ip should be assigned if the bridge
	// has already a different ip
	ForceAddress bool `json:"forceAddress"`
	// IPMasq indicates whether to setup the IP Masquerade for traffic originating
	// from this network
	IPMasq bool `json:"ipMasq"`
	// MTU sets MTU of the bridge interface
	MTU int `json:"mtu"`
	// HairpinMode sets the hairpin mode of interface on the bridge
	HairpinMode bool `json:"hairpinMode"`
	// IPAM is the configuration to acquire ip/route from ipam plugin
	IPAM IPAMConfig `json:"ipam,omitempty"`
}

BridgeConfig contains all the information needed to invoke the bridge plugin

type CNIClient

type CNIClient interface {
	// Version returns the version of the plugin
	Version(string) (string, error)
	// Capabilities returns the capabilities supported by a plugin
	Capabilities(string) ([]string, error)
	// SetupNS sets up the namespace of container
	SetupNS(context.Context, *Config, time.Duration) (*current.Result, error)
	// CleanupNS cleans up the container namespace
	CleanupNS(context.Context, *Config, time.Duration) error
	// ReleaseIPResource marks the ip available in the ipam db
	ReleaseIPResource(context.Context, *Config, time.Duration) error
}

CNIClient defines the method of setting/cleaning up container namespace

func NewClient

func NewClient(cfg *Config) CNIClient

NewClient creates a client of ecscni which is used to invoke the plugin

type Config

type Config struct {
	// PluginsPath indicates the path where cni plugins are located
	PluginsPath string
	// MinSupportedCNIVersion is the minimum cni spec version supported
	MinSupportedCNIVersion string
	//  ENIID is the id of ec2 eni
	ENIID string
	// InterfaceAssociationProtocol is the type of eni, can be "default" or "vlan"
	InterfaceAssociationProtocol string
	// BranchVlanID is the VLAN ID to be used by a "vlan" ENI
	BranchVlanID string `json:"branchVlandID,omitempty"`
	// TrunkMACAddress is the MAC address of the associated Trunk ENI
	// for an ENI of type "vlan"
	TrunkMACAddress string `json:"trunkMACAddress,omitempty"`
	// ContainerID is the id of container of which to set up the network namespace
	ContainerID string
	// ContainerPID is the pid of the container
	ContainerPID string
	// ENIIPV4Address is the ipv4 assigned to the eni
	ENIIPV4Address string
	//ENIIPV6Address is the ipv6 assigned to the eni
	ENIIPV6Address string
	// ENIMACAddress is the mac address of the eni
	ENIMACAddress string
	// BridgeName is the name used to create the bridge
	BridgeName string
	// IPAMV4Address is the ipv4 used to assign from ipam
	IPAMV4Address *cnitypes.IPNet
	// ID is the information associate with ip in ipam
	ID string
	// BlockInstanceMetdata specifies if InstanceMetadata endpoint should be
	// blocked
	BlockInstanceMetdata bool
	// AdditionalLocalRoutes specifies additional routes to be added to the task namespace
	AdditionalLocalRoutes []cnitypes.IPNet
	// SubnetGatewayIPV4Address is the address to the subnet gate for the eni
	SubnetGatewayIPV4Address string
	// AppMeshCNIEnabled specifies if app mesh cni plugin is enabled
	AppMeshCNIEnabled bool
	// IgnoredUID specifies egress traffic from the processes owned
	// by the UID will be ignored
	IgnoredUID string
	// IgnoredGID specifies egress traffic from the processes owned
	// by the GID will be ignored
	IgnoredGID string
	// ProxyIngressPort is the ingress port number that proxy is listening on
	ProxyIngressPort string
	// ProxyEgressPort is the egress port number that proxy is listening on
	ProxyEgressPort string
	// AppPorts specifies port numbers that application is listening on
	AppPorts []string
	// EgressIgnoredPorts is the list of ports for which egress traffic
	// will be ignored
	EgressIgnoredPorts []string
	// EgressIgnoredIPs is the list of IPs for which egress traffic will be ignored
	EgressIgnoredIPs []string
}

Config contains all the information to set up the container namespace using the plugins

type ENIConfig

type ENIConfig struct {
	// Type is the cni plugin name
	Type string `json:"type,omitempty"`
	// CNIVersion is the cni spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// ENIID is the id of ec2 eni
	ENIID string `json:"eni"`
	// IPV4Address is the ipv4 of eni
	IPV4Address string `json:"ipv4-address"`
	// IPV6Address is the ipv6 of eni
	IPV6Address string `json:"ipv6-address,omitempty"`
	// MacAddress is the mac address of eni
	MACAddress string `json:"mac"`
	// BlockInstanceMetdata specifies if InstanceMetadata endpoint should be
	// blocked
	BlockInstanceMetdata bool `json:"block-instance-metadata"`
	// SubnetGatewayIPV4Address specifies the ipv4 address of the subnet gateway
	// for the ENI
	SubnetGatewayIPV4Address string `json:"subnetgateway-ipv4-address"`
}

ENIConfig contains all the information needed to invoke the eni plugin

type IPAMConfig

type IPAMConfig struct {
	// Type is the cni plugin name
	Type string `json:"type,omitempty"`
	// ID is the information stored in the ipam along with ip as key-value pair
	ID string `json:"id,omitempty"`
	// CNIVersion is the cni spec version to use
	CNIVersion string `json:"cniVersion,omitempty"`
	// IPV4Subnet is the ip address range managed by ipam
	IPV4Subnet string `json:"ipv4-subnet,omitempty"`
	// IPV4Address is the ip address to deal with(assign or release) in ipam
	IPV4Address *cnitypes.IPNet `json:"ipv4-address,omitempty"`
	// IPV4Gateway is the gateway returned by ipam, defalut the '.1' in the subnet
	IPV4Gateway string `json:"ipv4-gateway,omitempty"`
	// IPV4Routes is the route to added in the containerr namespace
	IPV4Routes []*cnitypes.Route `json:"ipv4-routes,omitempty"`
}

IPAMConfig contains all the information needed to invoke the ipam plugin

type IPAMNetworkConfig

type IPAMNetworkConfig struct {
	Name       string     `json:"name,omitempty"`
	Type       string     `json:"type,omitempty"`
	CNIVersion string     `json:"cniVersion,omitempty"`
	IPAM       IPAMConfig `json:"ipam"`
}

IPAMNetworkConfig is the config format accepted by the plugin

Directories

Path Synopsis
Package mock_ecscni is a generated GoMock package.
Package mock_ecscni is a generated GoMock package.
Package mock_types is a generated GoMock package.
Package mock_types is a generated GoMock package.
Package mock_libcni is a generated GoMock package.
Package mock_libcni is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL