internal

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 31, 2022 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func FilterBySandbox 

func FilterBySandbox(
	sandbox string, ifaces ...*current.Interface,
) (in []*current.Interface, out []*current.Interface)

FilterBySandbox returns scans the provided list of interfaces and returns two lists: the first are a list of interfaces with the provided sandboxID, the second are the other interfaces not in that sandboxID.

func IfacesWithName 

func IfacesWithName(name string, ifaces ...*current.Interface) []*current.Interface

IfacesWithName scans the provided list of ifaces and returns the ones with the provided name

func InterfaceIPs 

func InterfaceIPs(result *current.Result, ifaceName string, sandbox string) []*current.IPConfig

InterfaceIPs returns the IPs associated with the interface possessing the provided name and sandbox.

func RootFilterHandle 

func RootFilterHandle() uint32

RootFilterHandle returns a u32 filter handle representing the root of the Qdisc. It's defined as a func so it can be immutable even though the value is retrieved through the netlink library

func VMTapPair 

func VMTapPair(
	result *current.Result,
	vmID string,
) (
	vmIface *current.Interface,
	tapIface *current.Interface,
	err error,
)

VMTapPair takes a CNI result and returns the vm iface and the tap iface corresponding to the provided vmID. See the vmconf package docs for details on the expected vm and tap iface configurations.

Types

type FilterNotFoundError 

type FilterNotFoundError struct {
	// contains filtered or unexported fields
}

func (FilterNotFoundError) Error 

func (e FilterNotFoundError) Error() string

type LinkNotFoundError 

type LinkNotFoundError struct {
	// contains filtered or unexported fields
}

func (LinkNotFoundError) Error 

func (e LinkNotFoundError) Error() string
type MockLink struct {
	netlink.Link
	netlink.LinkAttrs
}

MockLink provides a mocked out netlink.Link implementation

func (MockLink) Attrs 

func (l MockLink) Attrs() *netlink.LinkAttrs

Attrs() returns the LinkAttrs configured in the MockLink object

type MockNetNS 

type MockNetNS struct {
	ns.NetNS
	MockPath string
}

MockNetNS provides a mocked out ns.NetNS implementation that just executes callbacks in the host netns (to avoid permissions issues that require root to resolve).

func (MockNetNS) Do 

func (m MockNetNS) Do(f func(ns.NetNS) error) error

Do executes the provided callback in the host's netns (it does not actually switch ns)

func (MockNetNS) Path 

func (m MockNetNS) Path() string

Path returns the configured MockPath object in the MockNetNS object

type MockNetlinkOps 

type MockNetlinkOps struct {
	// CreatedTap is the mock tap device object that will be returned by the mock methods
	CreatedTap netlink.Link

	// RedirectIface is the mock device object that will be returned by the mock methods as the
	// device with which the tap has a filter redirection with.
	RedirectIface netlink.Link

	// AddIngressQdiscErr is an error that will be returned from all AddIngressQdisc calls
	AddIngressQdiscErr error

	// GetIngressQdiscErr is an error that will be returned from all GetIngressQdisc calls
	GetIngressQdiscErr error

	// RemoveIngressQdiscErr is an error that will be returned from all RemoveIngressQdisc calls
	RemoveIngressQdiscErr error
	// RemoveIngressQdiscCalls records the args provided to each call to RemoveIngressQdisc
	RemoveIngressQdiscCalls []netlink.Link

	// AddRedirectFilterErr is an error that will be returned from all AddRedirectFilter calls
	AddRedirectFilterErr error

	// GetRedirectFilterErr is an error that will be returned from all GetRedirectFilter calls
	GetRedirectFilterErr error

	// CreateTapErr is an error that will be returned from all CreateTap calls
	CreateTapErr error

	// RemoveLinkErr is an error that will be returned from all RemoveLink calls
	RemoveLinkErr error
	// RemoveLinkCalls records the args provided to each call to RemoveLink
	RemoveLinkCalls []string

	// GetLinkErr is an error that will be returned from all GetLink calls
	GetLinkErr error
}

MockNetlinkOps provides a no-op implementation of the NetlinkOps interface

func (*MockNetlinkOps) AddIngressQdisc 

func (m *MockNetlinkOps) AddIngressQdisc(link netlink.Link) error

AddIngressQdisc does nothing and returns an error if configured to do so (otherwise nil)

func (*MockNetlinkOps) AddRedirectFilter 

func (m *MockNetlinkOps) AddRedirectFilter(sourceLink netlink.Link, targetLink netlink.Link) error

AddRedirectFilter does nothing and returns an error if configured to do so (otherwise nil)

func (*MockNetlinkOps) CreateTap 

func (m *MockNetlinkOps) CreateTap(name string, mtu int, ownerUID, ownerGID int) (netlink.Link, error)

CreateTap returns the configured mock tap link and/or a configured error

func (*MockNetlinkOps) GetIngressQdisc 

func (m *MockNetlinkOps) GetIngressQdisc(sourceLink netlink.Link) (netlink.Qdisc, error)

GetIngressQdisc does nothing and returns an error if configured to do so (otherwise nil) 

func (m *MockNetlinkOps) GetLink(name string) (netlink.Link, error)

GetLink returns CreatedTap if provided the name of CreatedTap, RedirectIface if provided the name of RedirectIface or otherwise a netlink.LinkNotFoundError

func (*MockNetlinkOps) GetRedirectFilter 

func (m *MockNetlinkOps) GetRedirectFilter(sourceLink netlink.Link, targetLink netlink.Link) (netlink.Filter, error)

GetRedirectFilter does nothing and returns an error if configured to do so (otherwise nil)

func (*MockNetlinkOps) RemoveIngressQdisc 

func (m *MockNetlinkOps) RemoveIngressQdisc(sourceLink netlink.Link) error

RemoveIngressQdisc does nothing and returns an error if configured to do so (otherwise nil) 

func (m *MockNetlinkOps) RemoveLink(name string) error

RemoveLink returns a nil error if provided the name of CreatedTap or RedirectIface. Otherwise it returns a LinkNotFoundError.

type NetlinkOps 

type NetlinkOps interface {
	// CreateTap will create a tap device configured as expected by the tc-redirect-tap plugin for
	// use by a Firecracker VM. It sets the tap in the up state and with the provided MTU.
	CreateTap(name string, mtu int, ownerUID int, ownerGID int) (netlink.Link, error)

	// AddIngressQdisc adds a qdisc to the ingress queue of the provided device.
	AddIngressQdisc(link netlink.Link) error
	// GetIngressQdisc looks for an ingress qdisc matching the one added by AddIngressQdisc,
	// returning it if found. If not found, it returns a QdiscNotFoundError
	GetIngressQdisc(link netlink.Link) (netlink.Qdisc, error)
	// RemoveIngressQdisc removes the ingress qdisc added by AddIngressQdisc from the provided
	// device. It returns a QdiscNotFoundError if the expected qdisc is not attached to the
	// provided device.
	RemoveIngressQdisc(link netlink.Link) error

	// AddRedirectFilter adds a u32 redirect filter to the provided sourceLink that redirects
	// packets from its ingress queue to the egress queue of the provided targetLink. It requires
	// that sourceLink have an ingress qdisc attached prior to the call.
	AddRedirectFilter(sourceLink netlink.Link, targetLink netlink.Link) error
	// GetRedirectFilter looks for a u32 redirect filter matching the one added by
	// AddRedirectFilter, returning it if found. If not found, it returns a FilterNotFoundError
	GetRedirectFilter(sourceLink netlink.Link, targetLink netlink.Link) (netlink.Filter, error)

	// GetLink returns the netlink.Link for the device with the provided name, or a
	// LinkNotFoundError if no such device is found in the network namespace in which the call is
	// executed.
	GetLink(name string) (netlink.Link, error)
	// RemoveLink deletes the link with the provided device name. It returns LinkNotFoundError if
	// the link doesn't exist
	RemoveLink(name string) error
}

NetlinkOps is an interface to the underlying low-level netlink operations that need to be performed by the tc-redirect-tap plugin. It helps keep the system-specific logic separate from the higher-level logic of the plugin. This makes writing unit tests easier and makes it easier to support multiple implementations of the underlying system code if the need ever arises.

The interfaces support setting up a tap device whose traffic is redirected with another device via a U32 tc filter. More background on qdiscs, TC and the idea behind the redirect setup can be found here: * Qdiscs+filters: http://tldp.org/HOWTO/Traffic-Control-HOWTO/components.html * U32 Filters: http://man7.org/linux/man-pages/man8/tc-u32.8.html * Using u32 redirects with taps: https://gist.github.com/mcastelino/7d85f4164ffdaf48242f9281bb1d0f9b

func DefaultNetlinkOps 

func DefaultNetlinkOps() NetlinkOps

DefaultNetlinkOps returns a standard implementation of NetlinkOps that performs the corresponding operations via standard netlink calls.

type QdiscNotFoundError 

type QdiscNotFoundError struct {
	// contains filtered or unexported fields
}

func (QdiscNotFoundError) Error 

func (e QdiscNotFoundError) Error() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.