k3s/pkg/agent/flannel/flannel.go

262 lines
8.8 KiB
Go
Raw Normal View History

2019-01-01 08:23:01 +00:00
//
2019-01-09 16:54:15 +00:00
// Copyright 2015 flannel authors
2019-01-01 08:23:01 +00:00
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package flannel
import (
"fmt"
"net"
"os"
"path/filepath"
"sync"
"github.com/flannel-io/flannel/pkg/backend"
"github.com/flannel-io/flannel/pkg/ip"
"github.com/flannel-io/flannel/pkg/subnet/kube"
"github.com/flannel-io/flannel/pkg/trafficmngr/iptables"
"github.com/joho/godotenv"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
2019-01-01 08:23:01 +00:00
"golang.org/x/net/context"
// Backends need to be imported for their init() to get executed and them to register
_ "github.com/flannel-io/flannel/pkg/backend/extension"
_ "github.com/flannel-io/flannel/pkg/backend/hostgw"
_ "github.com/flannel-io/flannel/pkg/backend/ipsec"
_ "github.com/flannel-io/flannel/pkg/backend/vxlan"
_ "github.com/flannel-io/flannel/pkg/backend/wireguard"
2019-01-01 08:23:01 +00:00
)
const (
subnetFile = "/run/flannel/subnet.env"
)
var (
FlannelBaseAnnotation = "flannel.alpha.coreos.com"
FlannelExternalIPv4Annotation = FlannelBaseAnnotation + "/public-ip-overwrite"
FlannelExternalIPv6Annotation = FlannelBaseAnnotation + "/public-ipv6-overwrite"
)
func flannel(ctx context.Context, flannelIface *net.Interface, flannelConf, kubeConfigFile string, flannelIPv6Masq bool, netMode int) error {
extIface, err := LookupExtInterface(flannelIface, netMode)
2019-01-01 08:23:01 +00:00
if err != nil {
return errors.Wrap(err, "failed to find the interface")
2019-01-01 08:23:01 +00:00
}
sm, err := kube.NewSubnetManager(ctx,
"",
kubeConfigFile,
FlannelBaseAnnotation,
flannelConf,
Update Kubernetes to v1.29.0+k3s1 (#9052) * Update to v1.29.0 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Update to v1.29.0 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Update go to 1.21.5 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update golangci-lint Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update flannel to 0.23.0-k3s1 This update uses k3s' fork of flannel to allow the removal of multicluster cidr flag logic from the code Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix flannel calls Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update cri-tools to version v1.29.0-k3s1 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Remove GOEXPERIMENT=nounified from arm builds Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Skip golangci-lint Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Fix setup logging with newer go version Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Move logging flags to components arguments Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * add sysctl commands to the test script Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Update scripts/test Signed-off-by: Brad Davidson <brad@oatmail.org> * disable secretsencryption tests Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> --------- Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> Signed-off-by: Brad Davidson <brad@oatmail.org> Co-authored-by: Brad Davidson <brad@oatmail.org>
2023-12-19 03:14:02 +00:00
false)
2019-01-01 08:23:01 +00:00
if err != nil {
return errors.Wrap(err, "failed to create the SubnetManager")
2019-01-01 08:23:01 +00:00
}
config, err := sm.GetNetworkConfig(ctx)
if err != nil {
return errors.Wrap(err, "failed to get the network config")
2019-01-01 08:23:01 +00:00
}
// Create a backend manager then use it to create the backend and register the network with it.
bm := backend.NewManager(ctx, sm, extIface)
be, err := bm.GetBackend(config.BackendType)
if err != nil {
return errors.Wrap(err, "failed to create the flannel backend")
2019-01-01 08:23:01 +00:00
}
bn, err := be.RegisterNetwork(ctx, &sync.WaitGroup{}, config)
2019-01-01 08:23:01 +00:00
if err != nil {
return errors.Wrap(err, "failed to register flannel network")
2019-01-01 08:23:01 +00:00
}
trafficMngr := &iptables.IPTablesManager{}
err = trafficMngr.Init(ctx, &sync.WaitGroup{})
if err != nil {
return errors.Wrap(err, "failed to initialize flannel ipTables manager")
}
2019-01-01 08:23:01 +00:00
if netMode == (ipv4+ipv6) || netMode == ipv4 {
if config.Network.Empty() {
return errors.New("ipv4 mode requested but no ipv4 network provided")
}
}
2019-01-01 08:23:01 +00:00
//setup masq rules
prevNetwork := ReadCIDRFromSubnetFile(subnetFile, "FLANNEL_NETWORK")
prevSubnet := ReadCIDRFromSubnetFile(subnetFile, "FLANNEL_SUBNET")
prevIPv6Network := ReadIP6CIDRFromSubnetFile(subnetFile, "FLANNEL_IPV6_NETWORK")
prevIPv6Subnet := ReadIP6CIDRFromSubnetFile(subnetFile, "FLANNEL_IPV6_SUBNET")
if flannelIPv6Masq {
err = trafficMngr.SetupAndEnsureMasqRules(ctx, config.Network, prevSubnet, prevNetwork, config.IPv6Network, prevIPv6Subnet, prevIPv6Network, bn.Lease(), 60)
} else {
//set empty flannel ipv6 Network to prevent masquerading
err = trafficMngr.SetupAndEnsureMasqRules(ctx, config.Network, prevSubnet, prevNetwork, ip.IP6Net{}, prevIPv6Subnet, prevIPv6Network, bn.Lease(), 60)
}
if err != nil {
return errors.Wrap(err, "failed to setup masq rules")
}
//setup forward rules
trafficMngr.SetupAndEnsureForwardRules(ctx, config.Network, config.IPv6Network, 50)
if err := WriteSubnetFile(subnetFile, config.Network, config.IPv6Network, true, bn, netMode); err != nil {
2019-01-01 08:23:01 +00:00
// Continue, even though it failed.
logrus.Warningf("Failed to write flannel subnet file: %s", err)
2019-01-01 08:23:01 +00:00
} else {
logrus.Infof("Wrote flannel subnet file to %s", subnetFile)
2019-01-01 08:23:01 +00:00
}
// Start "Running" the backend network. This will block until the context is done so run in another goroutine.
logrus.Info("Running flannel backend.")
2019-01-01 08:23:01 +00:00
bn.Run(ctx)
return nil
}
func LookupExtInterface(iface *net.Interface, netMode int) (*backend.ExternalInterface, error) {
var ifaceAddr []net.IP
var ifacev6Addr []net.IP
2019-01-01 08:23:01 +00:00
var err error
if iface == nil {
logrus.Debug("No interface defined for flannel in the config. Fetching the default gateway interface")
if netMode == ipv4 || netMode == (ipv4+ipv6) {
if iface, err = ip.GetDefaultGatewayInterface(); err != nil {
return nil, errors.Wrap(err, "failed to get default interface")
}
} else {
if iface, err = ip.GetDefaultV6GatewayInterface(); err != nil {
return nil, errors.Wrap(err, "failed to get default interface")
}
}
2019-01-01 08:23:01 +00:00
}
logrus.Debugf("The interface %s will be used by flannel", iface.Name)
2019-01-01 08:23:01 +00:00
switch netMode {
case ipv4:
ifaceAddr, err = ip.GetInterfaceIP4Addrs(iface)
if err != nil {
return nil, errors.Wrap(err, "failed to find IPv4 address for interface")
}
logrus.Infof("The interface %s with ipv4 address %s will be used by flannel", iface.Name, ifaceAddr[0])
ifacev6Addr = append(ifacev6Addr, nil)
case ipv6:
ifacev6Addr, err = ip.GetInterfaceIP6Addrs(iface)
if err != nil {
return nil, errors.Wrap(err, "failed to find IPv6 address for interface")
}
logrus.Infof("The interface %s with ipv6 address %s will be used by flannel", iface.Name, ifacev6Addr[0])
ifaceAddr = append(ifaceAddr, nil)
case (ipv4 + ipv6):
ifaceAddr, err = ip.GetInterfaceIP4Addrs(iface)
if err != nil {
return nil, fmt.Errorf("failed to find IPv4 address for interface %s", iface.Name)
}
ifacev6Addr, err = ip.GetInterfaceIP6Addrs(iface)
if err != nil {
return nil, fmt.Errorf("failed to find IPv6 address for interface %s", iface.Name)
}
logrus.Infof("Using dual-stack mode. The interface %s with ipv4 address %s and ipv6 address %s will be used by flannel", iface.Name, ifaceAddr[0], ifacev6Addr[0])
default:
ifaceAddr = append(ifaceAddr, nil)
ifacev6Addr = append(ifacev6Addr, nil)
}
2019-01-01 08:23:01 +00:00
if iface.MTU == 0 {
return nil, fmt.Errorf("failed to determine MTU for %s interface", iface.Name)
2019-01-01 08:23:01 +00:00
}
return &backend.ExternalInterface{
Iface: iface,
IfaceAddr: ifaceAddr[0],
IfaceV6Addr: ifacev6Addr[0],
ExtAddr: ifaceAddr[0],
ExtV6Addr: ifacev6Addr[0],
2019-01-01 08:23:01 +00:00
}, nil
}
func WriteSubnetFile(path string, nw ip.IP4Net, nwv6 ip.IP6Net, ipMasq bool, bn backend.Network, netMode int) error {
2019-01-01 08:23:01 +00:00
dir, name := filepath.Split(path)
os.MkdirAll(dir, 0755)
tempFile := filepath.Join(dir, "."+name)
f, err := os.Create(tempFile)
if err != nil {
return err
}
// Write out the first usable IP by incrementing
// sn.IP by one
sn := bn.Lease().Subnet
2019-03-25 04:54:52 +00:00
sn.IP++
if netMode == ipv4 || netMode == (ipv4+ipv6) {
fmt.Fprintf(f, "FLANNEL_NETWORK=%s\n", nw)
fmt.Fprintf(f, "FLANNEL_SUBNET=%s\n", sn)
}
if nwv6.String() != emptyIPv6Network {
snv6 := bn.Lease().IPv6Subnet
snv6.IncrementIP()
fmt.Fprintf(f, "FLANNEL_IPV6_NETWORK=%s\n", nwv6)
fmt.Fprintf(f, "FLANNEL_IPV6_SUBNET=%s\n", snv6)
}
2019-01-01 08:23:01 +00:00
fmt.Fprintf(f, "FLANNEL_MTU=%d\n", bn.MTU())
_, err = fmt.Fprintf(f, "FLANNEL_IPMASQ=%v\n", ipMasq)
f.Close()
if err != nil {
return err
}
// rename(2) the temporary file to the desired location so that it becomes
// atomically visible with the contents
return os.Rename(tempFile, path)
//TODO - is this safe? What if it's not on the same FS?
}
// ReadCIDRFromSubnetFile reads the flannel subnet file and extracts the value of IPv4 network CIDRKey
func ReadCIDRFromSubnetFile(path string, CIDRKey string) ip.IP4Net {
var prevCIDR ip.IP4Net
if _, err := os.Stat(path); !os.IsNotExist(err) {
prevSubnetVals, err := godotenv.Read(path)
if err != nil {
logrus.Errorf("Couldn't fetch previous %s from subnet file at %s: %v", CIDRKey, path, err)
} else if prevCIDRString, ok := prevSubnetVals[CIDRKey]; ok {
err = prevCIDR.UnmarshalJSON([]byte(prevCIDRString))
if err != nil {
logrus.Errorf("Couldn't parse previous %s from subnet file at %s: %v", CIDRKey, path, err)
}
}
}
return prevCIDR
}
// ReadIP6CIDRFromSubnetFile reads the flannel subnet file and extracts the value of IPv6 network CIDRKey
func ReadIP6CIDRFromSubnetFile(path string, CIDRKey string) ip.IP6Net {
var prevCIDR ip.IP6Net
if _, err := os.Stat(path); !os.IsNotExist(err) {
prevSubnetVals, err := godotenv.Read(path)
if err != nil {
logrus.Errorf("Couldn't fetch previous %s from subnet file at %s: %v", CIDRKey, path, err)
} else if prevCIDRString, ok := prevSubnetVals[CIDRKey]; ok {
err = prevCIDR.UnmarshalJSON([]byte(prevCIDRString))
if err != nil {
logrus.Errorf("Couldn't parse previous %s from subnet file at %s: %v", CIDRKey, path, err)
}
}
}
return prevCIDR
}