Documentation
¶
Index ¶
- Constants
- Variables
- func UnexpectedURIError(uri string) error
- type AWS
- type Azure
- type CloudProvider
- type CloudProviderConfig
- type CloudProviderIntf
- type CloudProviderWithMoveIntf
- type FakeCloudProvider
- func (f *FakeCloudProvider) AssignPrivateIP(ip net.IP, node *corev1.Node) error
- func (f *FakeCloudProvider) GetNodeEgressIPConfiguration(node *corev1.Node, cloudPrivateIPConfigs []*v1.CloudPrivateIPConfig) ([]*NodeEgressIPConfiguration, error)
- func (f *FakeCloudProvider) ReleasePrivateIP(ip net.IP, node *corev1.Node) error
- type GCP
- type NodeEgressIPConfiguration
- type OpenStack
- func (o *OpenStack) AssignPrivateIP(ip net.IP, node *corev1.Node) error
- func (o *OpenStack) GetNodeEgressIPConfiguration(node *corev1.Node, cloudPrivateIPConfigs []*v1.CloudPrivateIPConfig) ([]*NodeEgressIPConfiguration, error)
- func (o *OpenStack) MovePrivateIP(ip net.IP, nodeToAdd, nodeToDel *corev1.Node) error
- func (o *OpenStack) ReleasePrivateIP(ip net.IP, node *corev1.Node) error
Constants ¶
const (
PlatformTypeAWS = "AWS"
)
const (
PlatformTypeAzure = "Azure"
)
const (
PlatformTypeGCP = "GCP"
)
const (
// PlatformTypeOpenStack is the string representation for the OpenStack platform type.
PlatformTypeOpenStack = "OpenStack"
)
const UserAgent = "cloud-network-config-controller"
Variables ¶
var ( NoNetworkInterfaceError = errors.New("no retrievable network interface") AlreadyExistingIPError = errors.New("the requested IP for assignment is already assigned") NonExistingIPError = errors.New("the requested IP for removal is not assigned") UnexpectedURIErrorString = "the URI is not expected" )
Functions ¶
func UnexpectedURIError ¶
Types ¶
type AWS ¶
type AWS struct {
CloudProvider
// contains filtered or unexported fields
}
AWS implements the API wrapper for talking to the AWS cloud API
func (*AWS) AssignPrivateIP ¶
AssignPrivateIP assigns the IP address to the node by re-providing all existing ones + the new one. It does this on a per-IP-family basis (since the AWS API is separated per family). If the IP is already existing: it returns an AlreadyExistingIPError.
func (*AWS) GetNodeEgressIPConfiguration ¶
func (a *AWS) GetNodeEgressIPConfiguration(node *corev1.Node, cloudPrivateIPConfigs []*v1.CloudPrivateIPConfig) ([]*NodeEgressIPConfiguration, error)
type Azure ¶
type Azure struct {
CloudProvider
// contains filtered or unexported fields
}
Azure implements the API wrapper for talking to the Azure cloud API
func (*Azure) GetNodeEgressIPConfiguration ¶
func (a *Azure) GetNodeEgressIPConfiguration(node *corev1.Node, cloudPrivateIPConfigs []*v1.CloudPrivateIPConfig) ([]*NodeEgressIPConfiguration, error)
type CloudProvider ¶
type CloudProvider struct {
CloudProviderIntf
// contains filtered or unexported fields
}
type CloudProviderConfig ¶
type CloudProviderConfig struct {
PlatformType string // one of AWS, Azure, GCP
APIOverride string // override the API endpoint URL. Used by all platforms.
CredentialDir string // override the default credential directory
ConfigDir string // override the default config directory
Region string // region, only used by AWS
AWSCAOverride string
AzureEnvironment string // The azure "environment", which is a set of API endpoints
}
CloudProviderConfig is all the command-line options needed to initialize a cloud provider client.
type CloudProviderIntf ¶
type CloudProviderIntf interface {
// AssignPrivateIP attempts to assigning the IP address provided to the VM
// instance corresponding to the corev1.Node provided on the cloud the
// cluster is deployed on. NOTE: this operation is only performed against
// the first network interface defined for the VM. It will return an
// AlreadyExistingIPError if the IP provided is already associated with the
// node, it's up to the caller to decide what to do with that.
AssignPrivateIP(ip net.IP, node *corev1.Node) error
// ReleasePrivateIP attempts to releasing the IP address provided from the
// VM instance corresponding to the corev1.Node provided on the cloud the
// cluster is deployed on. NOTE: this operation is only performed against
// the first network interface defined for the VM.
ReleasePrivateIP(ip net.IP, node *corev1.Node) error
// GetNodeEgressIPConfiguration retrieves the egress IP configuration for
// the node, following the convention the cloud uses. This means
// specifically that: the IP capacity can be either hard-coded and global
// for all instance types and IP families (GCP, Azure) or variable per
// instance and IP family (AWS), also: the interface is either keyed by name
// (GCP) or ID (Azure, AWS).
GetNodeEgressIPConfiguration(node *corev1.Node, cloudPrivateIPConfigs []*v1.CloudPrivateIPConfig) ([]*NodeEgressIPConfiguration, error)
// contains filtered or unexported methods
}
func NewCloudProviderClient ¶
func NewCloudProviderClient(cfg CloudProviderConfig, platformStatus *configv1.PlatformStatus, featureGates featuregates.FeatureGate) (CloudProviderIntf, error)
type CloudProviderWithMoveIntf ¶
type CloudProviderWithMoveIntf interface {
// MovePrivateIP is called instead of ReleasePrivateIP followed by
// AssignPrivateIP if plugin implements CloudProviderWithMoveIntf. It
// should effectively move IP address from nodeToDel to nodeToAdd, but not
// necessarily remove resources from the cloud. E.g. in case of OpenStack
// we don't want to delete the reservation Neutron port, but rather just
// manipulate allowedAddressPairs on the nodeToDel and nodeToAdd ports to
// move the IP from one node to another.
MovePrivateIP(ip net.IP, nodeToAdd *corev1.Node, nodeToDel *corev1.Node) error
}
CloudProviderWithMoveIntf is additional interface that can be added to cloud plugins that can benefit from a separate set of operations on IP address failover, instead of running ReleasePrivateIP followed by AssignPrivateIP.
type FakeCloudProvider ¶
type FakeCloudProvider struct {
StateTracker []string
// contains filtered or unexported fields
}
func NewFakeCloudProvider ¶
func NewFakeCloudProvider(mockErrorOnAssign, mockErrorOnAssignWithExistingIPCondition, mockErrorOnRelease, mockErrorOnWait bool, delayedCompletion time.Duration) *FakeCloudProvider
func (*FakeCloudProvider) AssignPrivateIP ¶
func (*FakeCloudProvider) GetNodeEgressIPConfiguration ¶
func (f *FakeCloudProvider) GetNodeEgressIPConfiguration(node *corev1.Node, cloudPrivateIPConfigs []*v1.CloudPrivateIPConfig) ([]*NodeEgressIPConfiguration, error)
func (*FakeCloudProvider) ReleasePrivateIP ¶
type GCP ¶
type GCP struct {
CloudProvider
// contains filtered or unexported fields
}
GCP implements the API wrapper for talking to the GCP cloud API
func (*GCP) AssignPrivateIP ¶
AssignPrivateIP adds the IP to the associated instance's IP aliases. Important: GCP IP aliases can come in all forms, i.e: if you add 10.0.32.25 GCP can return 10.0.32.25/32 or 10.0.32.25 - we thus need to check for both when validating that the IP provided doesn't already exist
func (*GCP) GetNodeEgressIPConfiguration ¶
func (g *GCP) GetNodeEgressIPConfiguration(node *corev1.Node, cloudPrivateIPConfigs []*v1.CloudPrivateIPConfig) ([]*NodeEgressIPConfiguration, error)
type NodeEgressIPConfiguration ¶
type NodeEgressIPConfiguration struct {
Interface string `json:"interface"`
IFAddr ifAddr `json:"ifaddr"`
Capacity capacity `json:"capacity"`
}
- Interface - ID / Name, depending on the cloud's convention
- IP address capacity for each node, where the capacity is either IP family agnostic or not.
- Subnet information for the first network interface, IP family specific
func (*NodeEgressIPConfiguration) String ¶
func (n *NodeEgressIPConfiguration) String() string
String implements the stringer interface for pointers to NodeEgressIPConfiguration. This is used for the unit tests as it simplifies printing of the actual values instead of returning the memory address that is being pointed to.
type OpenStack ¶
type OpenStack struct {
CloudProvider
CloudProviderWithMoveIntf
// contains filtered or unexported fields
}
OpenStack implements the API wrapper for talking to the OpenStack API
func (*OpenStack) AssignPrivateIP ¶
AssignPrivateIP attempts to assigning the IP address provided to the VM instance corresponding to the corev1.Node provided on the cloud the cluster is deployed on. NOTE: This operation is performed against all interfaces that are attached to the server. In case that an instance has 2 interfaces with the same CIDR that this IP address could fit in, the first interface that is found will be used. No guarantees about the correct interface ordering are given in such a case. Throw an AlreadyExistingIPError if the IP provided is already associated with the node, it's up to the caller to decide what to do with that. NOTE: For OpenStack, this is a 2 step operation which is not atomic:
a) Reserve a neutron port. b) Add the IP address to the allowed_address_pairs field.
If step b) fails, then we will try to undo step a). However, if this undo fails, then we will be in a situation where the user or an upper layer will have to call ReleasePrivateIP to get out of this situation.
func (*OpenStack) GetNodeEgressIPConfiguration ¶
func (o *OpenStack) GetNodeEgressIPConfiguration(node *corev1.Node, cloudPrivateIPConfigs []*v1.CloudPrivateIPConfig) ([]*NodeEgressIPConfiguration, error)
GetNodeEgressIPConfiguration retrieves the egress IP configuration for the node, following the convention the cloud uses. This means specifically for OpenStack that the interface is keyed by the port's neutron UUID.
func (*OpenStack) MovePrivateIP ¶
MovePrivateIP implements moving the IP from one node to another to serve cases like a failover. What's different from calling ReleasePrivateIP followed by AssignPrivateIP is that the reservation Neutron port will not get deleted - MovePrivateIP will only change the allowed_address_pairs on the node's ports to remove IP from nodeToDel and add it to nodeToAdd and update the existing reservation port with the DeviceID of nodeToAdd. Additionally, if reservation port is missing MovePrivateIP will attempt to recreate it (this is a corner case and should not happen in normal operation).
func (*OpenStack) ReleasePrivateIP ¶
ReleasePrivateIP attempts to release the IP address provided from the VM instance corresponding to the corev1.Node provided on the cloud the cluster is deployed on. ReleasePrivateIP must be idempotent, meaning that it will release all matching IP allowed_address_pairs for ports which are bound to this server. It also means that any unbound port on any network that is attached to this server - having the IP address to be released and matching the correct DeviceOwner and DeviceID containing the serverID will be deleted, as well. In OpenStack, it is possible to create different subnets with the exact same CIDR. These different subnets can then be assigned to ports on the same server. Hence, a server could be connected to several ports where the same IP is part of the allowed_address_pairs and where the same IP is reserved in neutron. NOTE: If the IP is non-existant: it returns an NonExistingIPError. The caller will likely want to ignore such an error and continue its normal operation.
Source Files