Embed BPF templates in cilium-agent

.travis/prepare.sh

@@ -11,5 +11,7 @@ sudo tar -C /usr/local -xJf $CLANG_FILE
 sudo ln -s /usr/local/$CLANG_DIR /usr/local/clang
 rm $CLANG_FILE
 
+go get -u github.com/jteeuwen/go-bindata/...
+
 NEWPATH="/usr/local/clang/bin"
 export PATH="$NEWPATH:$PATH"

Makefile

@@ -68,8 +68,6 @@ clean:
 
 install: all
 	$(INSTALL) -m 0755 -d $(DESTDIR)$(BINDIR)
-	$(INSTALL) -m 0755 -d $(DESTDIR)$(LIBDIR)/cilium/lib
-	$(INSTALL) -m 0755 -d $(DESTDIR)$(LIBDIR)/cilium/githooks
 	for i in $(SUBDIRS); do $(MAKE) -C $$i install; done
 	for i in $(SUBDIRSLIB); do $(MAKE) -C $$i install; done
 

Makefile.defs

@@ -1,6 +1,5 @@
 PREFIX?=/usr
 BINDIR?=$(PREFIX)/bin
-LIBDIR?=$(PREFIX)/lib
 RUNDIR?=/var/run
 CONFDIR?=/etc
 

bpf/Makefile

@@ -33,16 +33,5 @@ all:
 
 endif
 
-install:
-	$(INSTALL) -m 0644 -t $(DESTDIR)$(LIBDIR)/cilium/ $(BPF:.o=.c)
-	$(INSTALL) -m 0755 -t $(DESTDIR)$(LIBDIR)/cilium/ $(SCRIPTS)
-	$(INSTALL) -m 0644 -t $(DESTDIR)$(LIBDIR)/cilium/lib/ $(LIB)
-	for dir in `find include probes -type d`; do \
-		$(INSTALL) -m 0755 -d $(DESTDIR)$(LIBDIR)/cilium/$$dir; \
-		for f in `find $$dir -maxdepth 1 -type f`; do \
-			$(INSTALL) -m 0644 -t $(DESTDIR)$(LIBDIR)/cilium/$$dir $$f; \
-		done; \
-	done
-
 clean:
 	rm -fr *.o

cilium/Makefile

@@ -1,7 +1,7 @@
 include ../Makefile.defs
 
 TARGET=cilium
-SOURCES := $(shell find ../api ../bpf ../daemon ../common ../pkg cmd . -name '*.go')
+SOURCES := $(shell find ../api ../daemon ../common ../pkg cmd . -name '*.go')
 $(TARGET): $(SOURCES)
 	go build $(GOBUILD) -ldflags "-X "github.com/cilium/cilium/common".Version=$(VERSION)" -o $(TARGET)
 

cilium/cmd/bpf_ct_list.go

@@ -17,8 +17,8 @@ package cmd
 import (
 	"fmt"
 
-	"github.com/cilium/cilium/bpf/ctmap"
 	"github.com/cilium/cilium/pkg/bpf"
+	"github.com/cilium/cilium/pkg/maps/ctmap"
 
 	"github.com/spf13/cobra"
 )

cilium/cmd/bpf_policy_add.go

@@ -17,8 +17,8 @@ package cmd
 import (
 	"strconv"
 
-	"github.com/cilium/cilium/bpf/policymap"
 	"github.com/cilium/cilium/pkg/bpf"
+	"github.com/cilium/cilium/pkg/maps/policymap"
 	"github.com/cilium/cilium/pkg/policy"
 
 	"github.com/spf13/cobra"

cilium/cmd/bpf_policy_list.go

@@ -20,8 +20,8 @@ import (
 	"strconv"
 	"text/tabwriter"
 
-	"github.com/cilium/cilium/bpf/policymap"
 	"github.com/cilium/cilium/pkg/bpf"
+	"github.com/cilium/cilium/pkg/maps/policymap"
 	"github.com/cilium/cilium/pkg/policy"
 
 	"github.com/spf13/cobra"

contrib/packaging/rpm/cfg/cilium.spec

@@ -52,56 +52,8 @@ chmod 644 %{buildroot}/etc/init/*
 /lib/systemd/system/cilium.service
 /opt/cni/bin/cilium-cni
 /usr/bin/cilium
+/usr/bin/cilium-agent
 /usr/bin/cilium-docker
-/usr/lib/cilium/bpf_lb.c
-/usr/lib/cilium/bpf_lxc.c
-/usr/lib/cilium/bpf_netdev.c
-/usr/lib/cilium/bpf_overlay.c
-/usr/lib/cilium/include/bpf/api.h
-/usr/lib/cilium/include/iproute2/bpf_elf.h
-/usr/lib/cilium/include/linux/bpf.h
-/usr/lib/cilium/include/linux/bpf_common.h
-/usr/lib/cilium/include/linux/byteorder.h
-/usr/lib/cilium/include/linux/byteorder/big_endian.h
-/usr/lib/cilium/include/linux/byteorder/little_endian.h
-/usr/lib/cilium/include/linux/icmp.h
-/usr/lib/cilium/include/linux/icmpv6.h
-/usr/lib/cilium/include/linux/if_arp.h
-/usr/lib/cilium/include/linux/if_ether.h
-/usr/lib/cilium/include/linux/in.h
-/usr/lib/cilium/include/linux/in6.h
-/usr/lib/cilium/include/linux/ioctl.h
-/usr/lib/cilium/include/linux/ip.h
-/usr/lib/cilium/include/linux/ipv6.h
-/usr/lib/cilium/include/linux/perf_event.h
-/usr/lib/cilium/include/linux/swab.h
-/usr/lib/cilium/include/linux/tcp.h
-/usr/lib/cilium/include/linux/type_mapper.h
-/usr/lib/cilium/include/linux/udp.h
-/usr/lib/cilium/init.sh
-/usr/lib/cilium/join_ep.sh
-/usr/lib/cilium/lib/arp.h
-/usr/lib/cilium/lib/common.h
-/usr/lib/cilium/lib/conntrack.h
-/usr/lib/cilium/lib/csum.h
-/usr/lib/cilium/lib/dbg.h
-/usr/lib/cilium/lib/drop.h
-/usr/lib/cilium/lib/eth.h
-/usr/lib/cilium/lib/events.h
-/usr/lib/cilium/lib/geneve.h
-/usr/lib/cilium/lib/icmp6.h
-/usr/lib/cilium/lib/ipv4.h
-/usr/lib/cilium/lib/ipv6.h
-/usr/lib/cilium/lib/l3.h
-/usr/lib/cilium/lib/l4.h
-/usr/lib/cilium/lib/lb.h
-/usr/lib/cilium/lib/lxc.h
-/usr/lib/cilium/lib/maps.h
-/usr/lib/cilium/lib/nat46.h
-/usr/lib/cilium/lib/policy.h
-/usr/lib/cilium/lib/utils.h
-/usr/lib/cilium/probes/skb_change_tail.c
-/usr/lib/cilium/run_probes.sh
 
 %changelog
 * Wed Oct 12 2016 Andre Martins <andre@cilium.io> - ${VERSION}

daemon/.gitignore

@@ -1,2 +1,3 @@
 cilium-agent
 globals
+bindata.go

daemon/Makefile

@@ -3,8 +3,8 @@ include ../Makefile.defs
 all:
 
 TARGET=cilium-agent
-SOURCES := $(shell find ../api ../bpf ../common ../daemon ../pkg . -name '*.go')
-$(TARGET): $(SOURCES)
+SOURCES := $(shell find ../api ../common ../daemon ../pkg . -name '*.go')
+$(TARGET): $(SOURCES) bindata.go
 	go build $(GOBUILD) -ldflags "-X "github.com/cilium/cilium/common".Version=$(VERSION)" -o $(TARGET)
 
 all: $(TARGET)
@@ -17,3 +17,6 @@ install: all
 	groupadd -f cilium
 	$(INSTALL) -m 0755 -d $(DESTDIR)$(BINDIR)
 	$(INSTALL) -m 0755 $(TARGET) $(DESTDIR)$(BINDIR)
+
+bindata.go: $(shell find ../bpf)
+	go-bindata -prefix ../ -ignore Makefile -ignore '.+\.o$$' ../bpf/...

daemon/config.go

@@ -19,10 +19,10 @@ import (
 	"net"
 	"sync"
 
-	"github.com/cilium/cilium/bpf/lxcmap"
 	"github.com/cilium/cilium/common/addressing"
 	"github.com/cilium/cilium/daemon/options"
 	"github.com/cilium/cilium/pkg/labels"
+	"github.com/cilium/cilium/pkg/maps/lxcmap"
 	"github.com/cilium/cilium/pkg/option"
 
 	etcdAPI "github.com/coreos/etcd/clientv3"
@@ -35,7 +35,7 @@ var (
 
 // Config is the configuration used by Daemon.
 type Config struct {
-	LibDir                string                  // Cilium library directory
+	BpfDir                string                  // BPF template files directory
 	RunDir                string                  // Cilium runtime directory
 	LXCMap                *lxcmap.LXCMap          // LXCMap where all LXCs are stored
 	NodeAddress           *addressing.NodeAddress // Node IPv6 Address
@@ -56,9 +56,10 @@ type Config struct {
 	LBInterface           string // Set with name of the interface to loadbalance packets from
 	Tunnel                string // Tunnel mode
 
-	DryMode      bool // Do not create BPF maps, devices, ..
-	RestoreState bool // RestoreState restores the state from previous running daemons.
-	KeepConfig   bool // Keep configuration of existing endpoints when starting up.
+	DryMode       bool // Do not create BPF maps, devices, ..
+	RestoreState  bool // RestoreState restores the state from previous running daemons.
+	KeepConfig    bool // Keep configuration of existing endpoints when starting up.
+	KeepTemplates bool // Do not overwrite the template files
 
 	// Options changeable at runtime
 	Opts   *option.BoolOptions

daemon/ct.go

@@ -20,9 +20,9 @@ import (
 	"strconv"
 	"time"
 
-	"github.com/cilium/cilium/bpf/ctmap"
 	"github.com/cilium/cilium/pkg/bpf"
 	"github.com/cilium/cilium/pkg/endpoint"
+	"github.com/cilium/cilium/pkg/maps/ctmap"
 )
 
 const (

daemon/daemon.go

@@ -28,10 +28,6 @@ import (
 
 	"github.com/cilium/cilium/api/v1/models"
 	. "github.com/cilium/cilium/api/v1/server/restapi/daemon"
-	"github.com/cilium/cilium/bpf/ctmap"
-	"github.com/cilium/cilium/bpf/lbmap"
-	"github.com/cilium/cilium/bpf/lxcmap"
-	"github.com/cilium/cilium/bpf/policymap"
 	"github.com/cilium/cilium/common"
 	"github.com/cilium/cilium/common/addressing"
 	"github.com/cilium/cilium/common/ipam"
@@ -44,6 +40,10 @@ import (
 	"github.com/cilium/cilium/pkg/events"
 	"github.com/cilium/cilium/pkg/kvstore"
 	"github.com/cilium/cilium/pkg/labels"
+	"github.com/cilium/cilium/pkg/maps/ctmap"
+	"github.com/cilium/cilium/pkg/maps/lbmap"
+	"github.com/cilium/cilium/pkg/maps/lxcmap"
+	"github.com/cilium/cilium/pkg/maps/policymap"
 	"github.com/cilium/cilium/pkg/policy"
 
 	cniTypes "github.com/containernetworking/cni/pkg/types"
@@ -91,8 +91,8 @@ func (d *Daemon) GetRuntimeDir() string {
 	return d.conf.RunDir
 }
 
-func (d *Daemon) GetLibraryDir() string {
-	return d.conf.LibDir
+func (d *Daemon) GetBpfDir() string {
+	return d.conf.BpfDir
 }
 
 func (d *Daemon) GetPolicyTree() *policy.Tree {
@@ -220,19 +220,19 @@ func (d *Daemon) compileBase() error {
 			mode = "direct"
 		}
 
-		args = []string{d.conf.LibDir, d.conf.RunDir, d.conf.NodeAddress.String(), d.conf.NodeAddress.IPv4Address.String(), mode, d.conf.Device}
+		args = []string{d.conf.BpfDir, d.conf.RunDir, d.conf.NodeAddress.String(), d.conf.NodeAddress.IPv4Address.String(), mode, d.conf.Device}
 	} else {
 		if d.conf.IsLBEnabled() {
 			//FIXME: allow LBMode in tunnel
 			return fmt.Errorf("Unable to run LB mode with tunnel mode")
 		}
-		args = []string{d.conf.LibDir, d.conf.RunDir, d.conf.NodeAddress.String(), d.conf.NodeAddress.IPv4Address.String(), d.conf.Tunnel}
+		args = []string{d.conf.BpfDir, d.conf.RunDir, d.conf.NodeAddress.String(), d.conf.NodeAddress.IPv4Address.String(), d.conf.Tunnel}
 	}
 
-	out, err := exec.Command(filepath.Join(d.conf.LibDir, "init.sh"), args...).CombinedOutput()
+	out, err := exec.Command(filepath.Join(d.conf.BpfDir, "init.sh"), args...).CombinedOutput()
 	if err != nil {
 		log.Warningf("Command execution %s %s failed: %s",
-			filepath.Join(d.conf.LibDir, "init.sh"),
+			filepath.Join(d.conf.BpfDir, "init.sh"),
 			strings.Join(args, " "), err)
 		log.Warningf("Command output:\n%s", out)
 		return err
@@ -341,7 +341,7 @@ func (d *Daemon) init() error {
 	fw.Flush()
 	f.Close()
 
-	if !d.conf.DryMode {
+	if !d.DryModeEnabled() {
 		d.conf.OptsMU.RLock()
 		if err := d.compileBase(); err != nil {
 			d.conf.OptsMU.RUnlock()
@@ -428,12 +428,24 @@ func (c *Config) createIPAMConf() (*ipam.IPAMConfig, error) {
 	return ipamConf, nil
 }
 
+func (d *Daemon) restoreBPFtemplates() error {
+	if !d.conf.KeepTemplates {
+		if err := RestoreAssets(d.conf.RunDir, "bpf"); err != nil {
+			return fmt.Errorf("Unable to restore agent assets: %s", err)
+		}
+	}
+
+	return nil
+}
+
 // NewDaemon creates and returns a new Daemon with the parameters set in c.
 func NewDaemon(c *Config) (*Daemon, error) {
 	if c == nil {
 		return nil, fmt.Errorf("Configuration is nil")
 	}
 
+	c.BpfDir = filepath.Join(c.RunDir, defaults.BpfDir)
+
 	var kvClient kvstore.KVClient
 
 	// FIXME: This should really be a single configuration flag
@@ -475,6 +487,10 @@ func NewDaemon(c *Config) (*Daemon, error) {
 		ignoredContainers: make(map[string]int),
 	}
 
+	if err := d.restoreBPFtemplates(); err != nil {
+		return nil, err
+	}
+
 	d.listenForCiliumEvents()
 
 	if c.IsK8sEnabled() {

daemon/defaults/defaults.go

@@ -21,8 +21,8 @@ const (
 	// RuntimePathRights are the default access rights of the RuntimePath directory
 	RuntimePathRights = 0770
 
-	// LibDir is the default path to static library files
-	LibDir = "/usr/lib/cilium"
+	// BpfDir is the default path for template files relative to RuntimePath
+	BpfDir = "bpf"
 
 	// SockPath is the path to the UNIX domain socket exposing the API to clients locally
 	SockPath = RuntimePath + "/cilium.sock"

daemon/labels_test.go

@@ -59,8 +59,6 @@ var (
 
 func (ds *DaemonSuite) SetUpTest(c *C) {
 	time.Local = time.UTC
-	tempLibDir, err := ioutil.TempDir("", "cilium-test")
-	c.Assert(err, IsNil)
 	tempRunDir, err := ioutil.TempDir("", "cilium-test-run")
 	c.Assert(err, IsNil)
 	err = os.Mkdir(filepath.Join(tempRunDir, "globals"), 0777)
@@ -73,7 +71,6 @@ func (ds *DaemonSuite) SetUpTest(c *C) {
 		DryMode: true,
 		Opts:    option.NewBoolOptions(&options.Library),
 	}
-	daemonConf.LibDir = tempLibDir
 	daemonConf.RunDir = tempRunDir
 	daemonConf.LXCMap = nil
 	daemonConf.NodeAddress = nodeAddress
@@ -88,20 +85,13 @@ func (ds *DaemonSuite) SetUpTest(c *C) {
 	err = daemonConf.SetKVBackend()
 	c.Assert(err, IsNil)
 
-	d1 := []byte("#!/usr/bin/env bash\necho \"OK\"\n")
-	err = ioutil.WriteFile(filepath.Join(daemonConf.LibDir, "join_ep.sh"), d1, 0755)
-	c.Assert(err, IsNil)
-	err = ioutil.WriteFile(filepath.Join(daemonConf.LibDir, "init.sh"), d1, 0755)
-	c.Assert(err, IsNil)
-
 	d, err := NewDaemon(daemonConf)
 	c.Assert(err, IsNil)
 	ds.d = d
 	d.kvClient.DeleteTree(common.OperationalPath)
 }
 
 func (ds *DaemonSuite) TearDownTest(c *C) {
-	os.RemoveAll(ds.d.conf.LibDir)
 	os.RemoveAll(ds.d.conf.RunDir)
 }
 

daemon/loadbalancer.go

@@ -19,10 +19,10 @@ import (
 
 	"github.com/cilium/cilium/api/v1/models"
 	. "github.com/cilium/cilium/api/v1/server/restapi/service"
-	"github.com/cilium/cilium/bpf/lbmap"
 	"github.com/cilium/cilium/common/types"
 	"github.com/cilium/cilium/pkg/apierror"
 	"github.com/cilium/cilium/pkg/bpf"
+	"github.com/cilium/cilium/pkg/maps/lbmap"
 
 	"github.com/go-openapi/runtime/middleware"
 )

daemon/logstash.go

@@ -21,7 +21,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/cilium/cilium/bpf/policymap"
+	"github.com/cilium/cilium/pkg/maps/policymap"
 	"github.com/cilium/cilium/pkg/policy"
 )