clusternet

package

v0.0.0-...-5fb8a3f Latest Latest Go to latest Published: Sep 30, 2024 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/monogon-dev/monogon

Documentation ¶

Overview ¶

Package clusternet implements a Cluster Networking mesh service running on all Metropolis nodes.

The mesh is based on wireguard and a centralized configuration store in the cluster Curator (in etcd).

While the implementation is nearly generic, it currently makes an assumption that it is used only for Kubernetes pod networking. That has a few implications:

First, we only have a single real route on the host into the wireguard networking mesh / interface, and that is configured ahead of time in the Service as ClusterNet. All destination addresses that should be carried by the mesh must thus be part of this single route. Otherwise, traffic will be able to flow into the node from other nodes, but will exit through another interface. This is used in practice to allow other host nodes (whose external addresses are outside the cluster network) to access the cluster network.

Second, we have two hardcoded/purpose-specific sources of prefixes:

Pod networking node prefixes from the kubelet
The host's external IP address (as a /32) from the network service.

Index ¶

type Prefixes
type Service
- func (s *Service) Run(ctx context.Context) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Prefixes ¶

type Prefixes []netip.Prefix

Prefixes are network prefixes that should be announced by a node to the Cluster Networking mesh.

func (*Prefixes) Equal ¶

func (p *Prefixes) Equal(o *Prefixes) bool

func (*Prefixes) String ¶

func (p *Prefixes) String() string

String returns a stringified, comma-dalimited representation of the prefixes.

func (*Prefixes) Update ¶

func (p *Prefixes) Update(o *Prefixes)

Update by copying all prefixes from o into p, merging duplicates as necessary.

type Service ¶

type Service struct {
	// Curator is the gRPC client that the service will use to reach the cluster's
	// Curator, for pushing locally announced prefixes and pulling information about
	// other nodes.
	Curator apb.CuratorClient
	// ClusterNet is the prefix that will be programmed to exit through the wireguard
	// mesh.
	ClusterNet net.IPNet
	// DataDirectory is where the WireGuard key of this node will be stored.
	DataDirectory *localstorage.DataKubernetesClusterNetworkingDirectory
	// LocalKubernetesPodNetwork is an event.Value watched for prefixes that should
	// be announced into the mesh. This is to be Set by the Kubernetes service once
	// it knows about the local node's IPAM address assignment.
	LocalKubernetesPodNetwork event.Value[*Prefixes]
	// Network service used to get the local node's IP address to submit it as a /32.
	Network event.Value[*network.Status]
	// contains filtered or unexported fields
}

Service implements the Cluster Networking Mesh. See package-level docs for more details.

func (*Service) Run ¶

func (s *Service) Run(ctx context.Context) error

Run the Service. This must be used in a supervisor Runnable.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL