Updated flannel version to v0.21.0

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2 years ago · b8e69712a3
3 changed files with 56 additions and 22 deletions
--- a/go.mod
+++ b/go.mod
@ -97,7 +97,7 @@ require (
 	github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf
 	github.com/docker/docker v20.10.21+incompatible
 	github.com/erikdubbelboer/gspt v0.0.0-20190125194910-e68493906b83
-	github.com/flannel-io/flannel v0.20.2
+	github.com/flannel-io/flannel v0.21.0
 	github.com/go-bindata/go-bindata v3.1.2+incompatible
 	github.com/go-sql-driver/mysql v1.6.0
 	github.com/go-test/deep v1.0.7
--- a/go.sum
+++ b/go.sum
@ -308,8 +308,8 @@ github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwo
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk=
 github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
-github.com/flannel-io/flannel v0.20.2 h1:/hLQsvyQHQQV0mS9xxWVMf1oHPFBSReM1j5D9Cdm5dc=
-github.com/flannel-io/flannel v0.20.2/go.mod h1:A23fmdRQyN4i6Gs5UzvVTlj8kcswPYIqisLhgUkhnxk=
+github.com/flannel-io/flannel v0.21.0 h1:yWEk7JN2p6b5bwKZsdQ3NZblkNWF6DOhGjooat4XXl4=
+github.com/flannel-io/flannel v0.21.0/go.mod h1:YIajK+YeyFL3LMC8VTL7+02plJXl8GVKqCsVJ+KhpT4=
 github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
 github.com/form3tech-oss/jwt-go v3.2.3+incompatible h1:7ZaBxOI7TMoYBfyA3cQHErNNyAWIKUMIwqxEtgHOs5c=
 github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
--- a/pkg/agent/flannel/flannel.go
+++ b/pkg/agent/flannel/flannel.go
@ -21,19 +21,19 @@ import (
 	"path/filepath"
 	"sync"

-	"github.com/flannel-io/flannel/backend"
-	"github.com/flannel-io/flannel/network"
+	"github.com/flannel-io/flannel/pkg/backend"
 	"github.com/flannel-io/flannel/pkg/ip"
-	"github.com/flannel-io/flannel/subnet/kube"
+	"github.com/flannel-io/flannel/pkg/iptables"
+	"github.com/flannel-io/flannel/pkg/subnet/kube"
 	"github.com/sirupsen/logrus"
 	"golang.org/x/net/context"

 	// Backends need to be imported for their init() to get executed and them to register
-	_ "github.com/flannel-io/flannel/backend/extension"
-	_ "github.com/flannel-io/flannel/backend/hostgw"
-	_ "github.com/flannel-io/flannel/backend/ipsec"
-	_ "github.com/flannel-io/flannel/backend/vxlan"
-	_ "github.com/flannel-io/flannel/backend/wireguard"
+	_ "github.com/flannel-io/flannel/pkg/backend/extension"
+	_ "github.com/flannel-io/flannel/pkg/backend/hostgw"
+	_ "github.com/flannel-io/flannel/pkg/backend/ipsec"
+	_ "github.com/flannel-io/flannel/pkg/backend/vxlan"
+	_ "github.com/flannel-io/flannel/pkg/backend/wireguard"
 )

 const (
@ -52,7 +52,13 @@ func flannel(ctx context.Context, flannelIface *net.Interface, flannelConf, kube
 		return err
 	}

-	sm, err := kube.NewSubnetManager(ctx, "", kubeConfigFile, FlannelBaseAnnotation, flannelConf, false)
+	sm, err := kube.NewSubnetManager(ctx,
+		"",
+		kubeConfigFile,
+		FlannelBaseAnnotation,
+		flannelConf,
+		false,
+		false)
 	if err != nil {
 		return err
 	}
@ -76,18 +82,46 @@ func flannel(ctx context.Context, flannelIface *net.Interface, flannelConf, kube
 	}

 	if netMode == (ipv4+ipv6) || netMode == ipv4 {
-		network.CreateIP4Chain("nat", "FLANNEL-POSTRTG")
-		network.CreateIP4Chain("filter", "FLANNEL-FWD")
-		go network.SetupAndEnsureIP4Tables(network.MasqRules(config.Network, bn.Lease()), 60)
-		go network.SetupAndEnsureIP4Tables(network.ForwardRules(config.Network.String()), 50)
+		net, err := config.GetFlannelNetwork(&bn.Lease().Subnet)
+		if err != nil {
+			return err
+		}
+		iptables.CreateIP4Chain("nat", "FLANNEL-POSTRTG")
+		iptables.CreateIP4Chain("filter", "FLANNEL-FWD")
+		getMasqRules := func() []iptables.IPTablesRule {
+			if config.HasNetworks() {
+				return iptables.MasqRules(config.Networks, bn.Lease())
+			}
+			return iptables.MasqRules([]ip.IP4Net{config.Network}, bn.Lease())
+		}
+		getFwdRules := func() []iptables.IPTablesRule {
+			return iptables.ForwardRules(net.String())
+		}
+		go iptables.SetupAndEnsureIP4Tables(getMasqRules, 60)
+		go iptables.SetupAndEnsureIP4Tables(getFwdRules, 50)
 	}

-	if flannelIPv6Masq && config.IPv6Network.String() != emptyIPv6Network {
-		logrus.Debugf("Creating IPv6 masquerading iptables rules for %s network", config.IPv6Network.String())
-		network.CreateIP6Chain("nat", "FLANNEL-POSTRTG")
-		network.CreateIP6Chain("filter", "FLANNEL-FWD")
-		go network.SetupAndEnsureIP6Tables(network.MasqIP6Rules(config.IPv6Network, bn.Lease()), 60)
-		go network.SetupAndEnsureIP6Tables(network.ForwardRules(config.IPv6Network.String()), 50)
+	if config.IPv6Network.String() != emptyIPv6Network {
+		ip6net, err := config.GetFlannelIPv6Network(&bn.Lease().IPv6Subnet)
+		if err != nil {
+			return err
+		}
+		if flannelIPv6Masq {
+			logrus.Debugf("Creating IPv6 masquerading iptables rules for %s network", config.IPv6Network.String())
+			iptables.CreateIP6Chain("nat", "FLANNEL-POSTRTG")
+			getRules := func() []iptables.IPTablesRule {
+				if config.HasIPv6Networks() {
+					return iptables.MasqIP6Rules(config.IPv6Networks, bn.Lease())
+				}
+				return iptables.MasqIP6Rules([]ip.IP6Net{config.IPv6Network}, bn.Lease())
+			}
+			go iptables.SetupAndEnsureIP6Tables(getRules, 60)
+		}
+		iptables.CreateIP6Chain("filter", "FLANNEL-FWD")
+		getRules := func() []iptables.IPTablesRule {
+			return iptables.ForwardRules(ip6net.String())
+		}
+		go iptables.SetupAndEnsureIP6Tables(getRules, 50)
 	}

 	if err := WriteSubnetFile(subnetFile, config.Network, config.IPv6Network, true, bn, netMode); err != nil {