Multitenancy Support using vlanid #156
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…working into multitenancy
…working into multitenancy
…working into multitenancy
…working into multitenancy # Conflicts: # cns/dnccontract.go
…iner-networking into multitenancy # Conflicts: # cns/dnccontract.go # cns/restserver/restserver.go
Added getnetworkcontainerbyorchestrator context api and relevant test cases
…working into multitenancy # Conflicts: # cns/dnccontract.go # cns/restserver/restserver.go
…iner-networking into multitenancy # Conflicts: # client/cnsclient/cnsclient.go # cni/network/network.go
…working into multitenancy # Conflicts: # client/cnsclient/cnsclient.go # cni/network/network.go # cns/service/main.go
saiyan86
suggested changes
Jun 1, 2018
cni/network/network.go
Outdated
| if ipAddr.To4() != nil { | ||
| resultIpconfig.Version = "4" | ||
| resultIpconfig.Address = net.IPNet{IP: ipAddr, Mask: net.CIDRMask(int(ipconfig.IPSubnet.PrefixLength), 32)} | ||
| } else { |
cni/network/network.go
Outdated
| gwIP := net.ParseIP(route.GatewayIPAddress) | ||
| result.Routes = append(result.Routes, &types.Route{Dst: *routeIPnet, GW: gwIP}) | ||
| } | ||
| } else { |
Contributor
There was a problem hiding this comment.
We can return route here instead of having else.
cni/network/network.go
Outdated
| } else { | ||
| gwIP := net.ParseIP(networkConfig.IPConfiguration.GatewayIPAddress) | ||
| dstIP := net.IPNet{IP: net.ParseIP("0.0.0.0"), Mask: resultIpconfig.Address.Mask} | ||
| result.Routes = append(result.Routes, &types.Route{Dst: dstIP, GW: gwIP}) |
Contributor
There was a problem hiding this comment.
What happens if result.Routes==nil?
cni/network/network.go
Outdated
| return convertToCniResult(networkConfig), networkConfig.MultiTenancyInfo.ID, *subnetPrefix, nil | ||
| } | ||
|
|
||
| func getPodNameWithoutSuffix(podName string) string { |
Contributor
There was a problem hiding this comment.
Suggestion:
func getPodNameWithoutSuffix(podName string) string {
nameSplit := strings.Split(podName, "-")
if len(nameSplit) < 2 {
return podName
}
return strings.Join(nameSplit[:2], "-")
}…working into ovsabstract # Conflicts: # cni/network/network.go # cns/service/main.go # network/endpoint.go # network/endpoint_linux.go
sharmasushant
suggested changes
Jun 27, 2018
| return nil, err | ||
| } | ||
|
|
||
| defer res.Body.Close() |
Contributor
There was a problem hiding this comment.
Check if we need to close in case we get err!=nil
| @@ -0,0 +1,85 @@ | |||
| package cnsclient | |||
Contributor
There was a problem hiding this comment.
move it under cns package
cni/azure-linux.conflist
Outdated
| "type":"azure-vnet", | ||
| "mode":"bridge", | ||
| "bridge":"azure0", | ||
| "multiTenancy":true, |
Contributor
There was a problem hiding this comment.
Create a new conflist for this
cni/azure-linux.conflist
Outdated
| "type":"azure-vnet", | ||
| "mode":"bridge", | ||
| "bridge":"azure0", | ||
| "multiTenancy":true, |
Contributor
There was a problem hiding this comment.
add enablesnat: true
cni/network/network.go
Outdated
| // Plugin name. | ||
| name = "azure-vnet" | ||
| name = "azure-vnet" | ||
| namespaceKey = "K8S_POD_NAMESPACE" |
Contributor
There was a problem hiding this comment.
remove it as it is not used
| } | ||
|
|
||
| func (service *httpRestService) getNetworkContainerResponse(req cns.GetNetworkContainerRequest) cns.GetNetworkContainerResponse { | ||
| var containerID string |
Contributor
There was a problem hiding this comment.
log at beginning and end
Member
Author
There was a problem hiding this comment.
this is internal function
cns/restserver/restserver.go
Outdated
| } | ||
|
|
||
| func (service *httpRestService) getNetworkContainerByOrchestratorContext(w http.ResponseWriter, r *http.Request) { | ||
| log.Printf("[Azure CNS] getNetworkContainer") |
cns/service/main.go
Outdated
| { | ||
| Name: acn.OptStopAzureVnet, | ||
| Shorthand: acn.OptStopAzureVnetAlias, | ||
| Description: "Start Azure-CNM if flag is true", |
Contributor
There was a problem hiding this comment.
fix description or rename flag
common/utils.go
Outdated
| return err | ||
| } | ||
|
|
||
| func ExecuteShellCommand(command string) (string, error) { |
network/api.go
Outdated
|
|
||
| OptVethName = "vethname" | ||
| OptVethName = "vethname" | ||
| OptEnableSnatOnHost = "enableSnatOnHost" |
…s set to true without reboot
sharmasushant
suggested changes
Jul 3, 2018
cni/network/network.go
Outdated
| } | ||
|
|
||
| func getContainerNetworkConfiguration(namespace string, podName string) (*cniTypesCurr.Result, *cns.GetNetworkContainerResponse, net.IPNet, error) { | ||
| cnsClient, err := cnsclient.NewCnsClient("") |
Contributor
There was a problem hiding this comment.
Lets leave it upto the caller to give CNS address.. ideally, it should come from cni config (when CNI is used)
cni/network/network.go
Outdated
| podInfo := cns.KubernetesPodInfo{PodName: podName, PodNamespace: namespace} | ||
| orchestratorContext, err := json.Marshal(podInfo) | ||
| if err != nil { | ||
| log.Printf("Marshalling azure container instance info failed with %v", err) |
Contributor
There was a problem hiding this comment.
"Marshalling azure container instance info failed with %v" --> "Marshalling cns.KubernetesPodInfo failed with %v"
cni/network/network.go
Outdated
|
|
||
| networkConfig, err := cnsClient.GetNetworkConfiguration(orchestratorContext) | ||
| if err != nil { | ||
| log.Printf("GetNetworkConfiguration failed with %v", err) |
Contributor
There was a problem hiding this comment.
Lets print %v orchestrator context to help debug
cni/network/network.go
Outdated
| return podName | ||
| } | ||
|
|
||
| log.Printf("Final namesplit %v", nameSplit) |
Contributor
There was a problem hiding this comment.
"Pod name after splitting based on - : %v"
cni/network/network.go
Outdated
| Name: args.IfName, | ||
| } | ||
|
|
||
| snatIface := &cniTypesCurr.Interface{ |
Contributor
There was a problem hiding this comment.
Move it out to a linux specific method
network/ovs_networkclient_linux.go
Outdated
| } | ||
|
|
||
| if client.enableSnatOnHost { | ||
|
|
network/ovs_networkclient_linux.go
Outdated
|
|
||
| _, err := net.InterfaceByName(internetBridgeName) | ||
| if err == nil { | ||
| log.Printf("Internet Bridge already exists") |
Contributor
There was a problem hiding this comment.
Replace internet with SNAT everywhere...
| } | ||
|
|
||
| func (client *OVSNetworkClient) AddBridgeRules(extIf *externalInterface) error { | ||
| //primary := extIf.IPAddresses[0].IP.String() |
network/ovs_networkclient_linux.go
Outdated
| return nil | ||
| } | ||
|
|
||
| func (client *OVSNetworkClient) AddBridgeRules(extIf *externalInterface) error { |
ovsctl/ovsctl.go
Outdated
| ) | ||
|
|
||
| const ( | ||
| macAddress = "12:34:56:78:9a:bc" |
Contributor
There was a problem hiding this comment.
defaultMacForArpResponse
jaer-tsun
reviewed
Jul 3, 2018
| epInfo.Data[network.VlanIDKey] = cnsNwConfig.MultiTenancyInfo.ID | ||
| epInfo.Data[network.LocalIPKey] = cnsNwConfig.LocalIPConfiguration.IPSubnet.IPAddress + "/" + strconv.Itoa(int(cnsNwConfig.LocalIPConfiguration.IPSubnet.PrefixLength)) | ||
| epInfo.Data[network.InternetBridgeIPKey] = cnsNwConfig.LocalIPConfiguration.GatewayIPAddress + "/" + strconv.Itoa(int(cnsNwConfig.LocalIPConfiguration.IPSubnet.PrefixLength)) | ||
|
|
cns/NetworkContainerContract.go
Outdated
| PrimaryInterfaceIdentifier string // Primary CA. | ||
| AuthorizationToken string | ||
| OrchestratorInfo OrchestratorInfo | ||
| LocalIPConfiguration IPConfiguration |
Contributor
There was a problem hiding this comment.
What's this? Is this from your dnc change?
Member
Author
There was a problem hiding this comment.
i changed this both in vendor and in my branch
cns/cnsclient/cnsclient.go
Outdated
|
|
||
| defer res.Body.Close() | ||
|
|
||
| if res.StatusCode != 200 { |
Contributor
There was a problem hiding this comment.
http.StatusOK instead of 200
cns/restserver/restserver.go
Outdated
| getNetworkContainerResponse = cns.GetNetworkContainerResponse{ | ||
| IPConfiguration: savedReq.IPConfiguration, | ||
| Routes: savedReq.Routes, | ||
| CnetAddressSpace: savedReq.CnetAddressSpace, |
cns/service/main.go
Outdated
|
|
||
| // Create the key value store. | ||
| pluginConfig.Store, err = store.NewJsonFileStore(platform.CNMRuntimePath + pluginName + ".json") | ||
|
|
network/ovs_networkclient_linux.go
Outdated
| } | ||
|
|
||
| func createInternetBridge(internetBridgeIP string, mainInterface string) error { | ||
|
|
network/ovs_networkclient_linux.go
Outdated
|
|
||
| ip, addr, _ := net.ParseCIDR(internetBridgeIP) | ||
|
|
||
| log.Printf("Assigning %v on internet bridge", internetBridgeIP) |
Contributor
There was a problem hiding this comment.
move ParseCIDR below log.Printf
network/ovs_networkclient_linux.go
Outdated
| log.Printf("[net] Failed to delete bridge %v, err:%v.", internetBridgeName, err) | ||
| } | ||
|
|
||
| return nil |
network/ovs_networkclient_linux.go
Outdated
| mac := extIf.MacAddress.String() | ||
| macHex := strings.Replace(mac, ":", "", -1) | ||
|
|
||
| /*if err := ovsctl.AddVMIpAcceptRule(client.bridgeName, primary, mac); err != nil { |
Contributor
There was a problem hiding this comment.
remove commented section if not necessary
ovsctl/ovsctl.go
Outdated
|
|
||
| ofport = strings.Trim(ofport, "\n") | ||
|
|
||
| return ofport, nil |
Contributor
There was a problem hiding this comment.
return strings.Trim(ofport, "\n"), nil
sharmasushant
approved these changes
Jul 6, 2018
pjohnst5
reviewed
Mar 7, 2024
| return result | ||
| } | ||
|
|
||
| func getPodNameWithoutSuffix(podName string) string { |
Contributor
There was a problem hiding this comment.
What was the use case of this feature?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this PR does / why we need it:
This PR adds multitenancy support in both cnm and cni. The user has the option to pass vlanid. If vlanid is specified, then OVS network will be setup and the packets coming out of container will be tagged with corresponding vlan id. In case of CNM, the vlanid can be specified as option in create network request. CNI will get vlanid after querying CNS for podname and namespace.
Which issue this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close that issue when PR gets merged): fixes #Special notes for your reviewer:
Release note: