Merge pull request openshift#126 from danwinship/revert-service-isola…

…tion

Revert "Merge pull request openshift#115 from danwinship/service-isolation"

ovssubnet/api/types.go

@@ -31,10 +31,6 @@ type SubnetRegistry interface {
 	GetNetNamespace(name string) (NetNamespace, error)
 	WriteNetNamespace(name string, id uint) error
 	DeleteNetNamespace(name string) error
-
-	GetServicesNetwork() (string, error)
-	GetServices() (*[]Service, error)
-	WatchServices(receiver chan *ServiceEvent, stop chan bool) error
 }
 
 type SubnetEvent struct {
@@ -69,23 +65,3 @@ type NamespaceEvent struct {
 	Type EventType
 	Name string
 }
-
-type ServiceProtocol string
-
-const (
-	TCP ServiceProtocol = "TCP"
-	UDP ServiceProtocol = "UDP"
-)
-
-type Service struct {
-	Name      string
-	Namespace string
-	IP        string
-	Protocol  ServiceProtocol
-	Port      uint
-}
-
-type ServiceEvent struct {
-	Type    EventType
-	Service Service
-}

ovssubnet/common.go

@@ -32,11 +32,9 @@ type OvsController struct {
 }
 
 type FlowController interface {
-	Setup(localSubnet, globalSubnet, servicesSubnet string) error
+	Setup(localSubnet, globalSubnet string) error
 	AddOFRules(nodeIP, localSubnet, localIP string) error
 	DelOFRules(nodeIP, localIP string) error
-	AddServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error
-	DelServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error
 }
 
 func NewKubeController(sub api.SubnetRegistry, hostname string, selfIP string, ready chan struct{}) (*OvsController, error) {
@@ -302,12 +300,7 @@ func (oc *OvsController) StartNode(sync, skipsetup bool) error {
 			log.Errorf("Failed to obtain ContainerNetwork: %v", err)
 			return err
 		}
-		servicesNetwork, err := oc.subnetRegistry.GetServicesNetwork()
-		if err != nil {
-			log.Errorf("Failed to obtain ServicesNetwork: %v", err)
-			return err
-		}
-		err = oc.flowController.Setup(oc.localSubnet.Sub, containerNetwork, servicesNetwork)
+		err = oc.flowController.Setup(oc.localSubnet.Sub, containerNetwork)
 		if err != nil {
 			return err
 		}
@@ -331,15 +324,6 @@ func (oc *OvsController) StartNode(sync, skipsetup bool) error {
 	}
 	go oc.watchCluster()
 
-	services, err := oc.subnetRegistry.GetServices()
-	if err != nil {
-		log.Errorf("Could not fetch existing services: %v", err)
-	}
-	for _, svc := range *services {
-		oc.flowController.AddServiceOFRules(oc.VnidMap[svc.Namespace], svc.IP, svc.Protocol, svc.Port)
-	}
-	go oc.watchServices()
-
 	if oc.ready != nil {
 		close(oc.ready)
 	}
@@ -424,28 +408,6 @@ func (oc *OvsController) watchNodes() {
 	}
 }
 
-func (oc *OvsController) watchServices() {
-	stop := make(chan bool)
-	svcevent := make(chan *api.ServiceEvent)
-	go oc.subnetRegistry.WatchServices(svcevent, stop)
-	for {
-		select {
-		case ev := <-svcevent:
-			netid := oc.VnidMap[ev.Service.Namespace]
-			switch ev.Type {
-			case api.Added:
-				oc.flowController.AddServiceOFRules(netid, ev.Service.IP, ev.Service.Protocol, ev.Service.Port)
-			case api.Deleted:
-				oc.flowController.DelServiceOFRules(netid, ev.Service.IP, ev.Service.Protocol, ev.Service.Port)
-			}
-		case <-oc.sig:
-			log.Error("Signal received. Stopping watching of services.")
-			stop <- true
-			return
-		}
-	}
-}
-
 func (oc *OvsController) watchCluster() {
 	stop := make(chan bool)
 	clusterEvent := make(chan *api.SubnetEvent)

ovssubnet/controller/kube/kube.go

@@ -10,7 +10,6 @@ import (
 	"strconv"
 	"syscall"
 
-	"github.com/openshift/openshift-sdn/ovssubnet/api"
 	"github.com/openshift/openshift-sdn/pkg/netutils"
 	netutils_server "github.com/openshift/openshift-sdn/pkg/netutils/server"
 )
@@ -22,7 +21,7 @@ func NewFlowController() *FlowController {
 	return &FlowController{}
 }
 
-func (c *FlowController) Setup(localSubnet, containerNetwork, servicesNetwork string) error {
+func (c *FlowController) Setup(localSubnet, containerNetwork string) error {
 	_, ipnet, err := net.ParseCIDR(localSubnet)
 	subnetMaskLength, _ := ipnet.Mask.Size()
 	gateway := netutils.GenerateDefaultGateway(ipnet).String()
@@ -122,11 +121,3 @@ func (c *FlowController) DelOFRules(node, localIP string) error {
 func generateCookie(ip string) string {
 	return hex.EncodeToString(net.ParseIP(ip).To4())
 }
-
-func (c *FlowController) AddServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error {
-	return nil
-}
-
-func (c *FlowController) DelServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error {
-	return nil
-}

ovssubnet/controller/lbr/lbr.go

@@ -8,7 +8,6 @@ import (
 	"os/exec"
 	"strconv"
 
-	"github.com/openshift/openshift-sdn/ovssubnet/api"
 	"github.com/openshift/openshift-sdn/pkg/netutils"
 )
 
@@ -19,7 +18,7 @@ func NewFlowController() *FlowController {
 	return &FlowController{}
 }
 
-func (c *FlowController) Setup(localSubnet, containerNetwork, servicesNetwork string) error {
+func (c *FlowController) Setup(localSubnet, containerNetwork string) error {
 	_, ipnet, err := net.ParseCIDR(localSubnet)
 	subnetMaskLength, _ := ipnet.Mask.Size()
 	out, err := exec.Command("openshift-sdn-simple-setup-node.sh", netutils.GenerateDefaultGateway(ipnet).String(), ipnet.String(), containerNetwork, strconv.Itoa(subnetMaskLength)).CombinedOutput()
@@ -80,11 +79,3 @@ func (c *FlowController) DelOFRules(node, localIP string) error {
 func generateCookie(ip string) string {
 	return hex.EncodeToString(net.ParseIP(ip).To4())
 }
-
-func (c *FlowController) AddServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error {
-	return nil
-}
-
-func (c *FlowController) DelServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error {
-	return nil
-}

ovssubnet/controller/multitenant/bin/openshift-ovs-multitenant

@@ -57,9 +57,9 @@ Setup() {
 
     ovs-ofctl -O OpenFlow13 add-flow br0 "table=3,cookie=0x${ovs_port},priority=100,in_port=${ovs_port},ip,nw_src=${ipaddr},actions=load:${tenant_id}->NXM_NX_REG0[],goto_table:4"
     if [ "${tenant_id}" == "0" ]; then
-      ovs-ofctl -O OpenFlow13 add-flow br0 "table=6,cookie=0x${ovs_port},priority=150,ip,nw_dst=${ipaddr},actions=output:${ovs_port}"
+      ovs-ofctl -O OpenFlow13 add-flow br0 "table=5,cookie=0x${ovs_port},priority=150,ip,nw_dst=${ipaddr},actions=output:${ovs_port}"
     else
-      ovs-ofctl -O OpenFlow13 add-flow br0 "table=6,cookie=0x${ovs_port},priority=100,ip,nw_dst=${ipaddr},reg0=${tenant_id},actions=output:${ovs_port}"
+      ovs-ofctl -O OpenFlow13 add-flow br0 "table=5,cookie=0x${ovs_port},priority=100,ip,nw_dst=${ipaddr},reg0=${tenant_id},actions=output:${ovs_port}"
     fi
 
     add_subnet_route="ip route add ${cluster_subnet} dev eth0 proto kernel scope link src $ipaddr"
@@ -79,7 +79,7 @@ Teardown() {
     ovs_port=$(ovs-ofctl -O OpenFlow13 dump-ports-desc br0  | grep ${veth_host} | cut -d "(" -f 1 | tr -d ' ')
     ovs-vsctl del-port $veth_host
     ovs-ofctl -O OpenFlow13 del-flows br0 "table=3,cookie=0x${ovs_port}/0xffffffff"
-    ovs-ofctl -O OpenFlow13 del-flows br0 "table=6,cookie=0x${ovs_port}/0xffffffff"
+    ovs-ofctl -O OpenFlow13 del-flows br0 "table=5,cookie=0x${ovs_port}/0xffffffff"
 }
 
 case "$action" in

ovssubnet/controller/multitenant/bin/openshift-sdn-multitenant-setup.sh

@@ -8,7 +8,6 @@ subnet=$2
 cluster_subnet=$3
 subnet_mask_len=$4
 tun_gateway=$5
-services_subnet=$6
 printf 'Container network is "%s"; local host has subnet "%s" and gateway "%s".\n' "${cluster_subnet}" "${subnet}" "${subnet_gateway}"
 TUN=tun0
 
@@ -54,41 +53,37 @@ function setup() {
     ovs-vsctl add-port br0 vovsbr -- set Interface vovsbr ofport_request=9
 
     # Table 0; learn MAC addresses and continue with table 1
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=0, actions=learn(table=8, priority=200, hard_timeout=900, NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[], load:NXM_NX_TUN_IPV4_SRC[]->NXM_NX_TUN_IPV4_DST[], output:NXM_OF_IN_PORT[]), goto_table:1"
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=0, actions=learn(table=7, priority=200, hard_timeout=900, NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[], load:NXM_NX_TUN_IPV4_SRC[]->NXM_NX_TUN_IPV4_DST[], output:NXM_OF_IN_PORT[]), goto_table:1"
 
     # Table 1; initial dispatch
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, arp, actions=goto_table:8"
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, arp, actions=goto_table:7"
     ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, in_port=1, actions=goto_table:2" # vxlan0
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, in_port=2, actions=goto_table:5" # tun0
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, in_port=9, actions=goto_table:5" # vovsbr
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, in_port=2, actions=goto_table:4" # tun0
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, in_port=9, actions=goto_table:4" # vovsbr
     ovs-ofctl -O OpenFlow13 add-flow br0 "table=1, actions=goto_table:3"            # container
 
     # Table 2; incoming from vxlan
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, arp, actions=goto_table:8"
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, arp, actions=goto_table:7"
     ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, priority=200, ip, nw_dst=${subnet_gateway}, actions=output:2"
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, tun_id=0, actions=goto_table:5"
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, priority=100, ip, nw_dst=${subnet}, actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_REG0[], goto_table:6"
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, tun_id=0, actions=goto_table:4"
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=2, priority=100, ip, nw_dst=${subnet}, actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_REG0[], goto_table:5"
 
     # Table 3; incoming from container; filled in by openshift-ovs-multitenant
 
-    # Table 4; services; mostly filled in by multitenant.go
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=4, priority=100, ip, nw_dst=${services_subnet}, actions=drop"
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=4, priority=0, actions=goto_table:5"
+    # Table 4; general routing
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=4, priority=200, ip, nw_dst=${subnet_gateway}, actions=output:2"
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=4, priority=150, ip, nw_dst=${subnet}, actions=goto_table:5"
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=4, priority=100, ip, nw_dst=${cluster_subnet}, actions=goto_table:6"
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=4, priority=0, ip, actions=output:2"
 
-    # Table 5; general routing
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=200, ip, nw_dst=${subnet_gateway}, actions=output:2"
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=150, ip, nw_dst=${subnet}, actions=goto_table:6"
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=100, ip, nw_dst=${cluster_subnet}, actions=goto_table:7"
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=0, ip, actions=output:2"
+    # Table 5; to local container; mostly filled in by openshift-ovs-multitenant
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=5, priority=200, ip, reg0=0, actions=goto_table:7"
 
-    # Table 6; to local container; mostly filled in by openshift-ovs-multitenant
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=6, priority=200, ip, reg0=0, actions=goto_table:8"
+    # Table 6; to remote container; filled in by multitenant.go
 
-    # Table 7; to remote container; filled in by multitenant.go
-
-    # Table 8; MAC dispatch / ARP, filled in by Table 0's learn() rule
+    # Table 7; MAC dispatch / ARP, filled in by Table 0's learn() rule
     # and with per-node vxlan ARP rules by multitenant.go
-    ovs-ofctl -O OpenFlow13 add-flow br0 "table=8, priority=0, arp, actions=flood"
+    ovs-ofctl -O OpenFlow13 add-flow br0 "table=7, priority=0, arp, actions=flood"
 
     ## linux bridge
     ip link set lbr0 down || true

ovssubnet/controller/multitenant/multitenant.go

@@ -7,10 +7,8 @@ import (
 	"net"
 	"os/exec"
 	"strconv"
-	"strings"
 	"syscall"
 
-	"github.com/openshift/openshift-sdn/ovssubnet/api"
 	"github.com/openshift/openshift-sdn/pkg/netutils"
 )
 
@@ -21,11 +19,11 @@ func NewFlowController() *FlowController {
 	return &FlowController{}
 }
 
-func (c *FlowController) Setup(localSubnet, containerNetwork, servicesNetwork string) error {
+func (c *FlowController) Setup(localSubnet, containerNetwork string) error {
 	_, ipnet, err := net.ParseCIDR(localSubnet)
 	subnetMaskLength, _ := ipnet.Mask.Size()
 	gateway := netutils.GenerateDefaultGateway(ipnet).String()
-	out, err := exec.Command("openshift-sdn-multitenant-setup.sh", gateway, ipnet.String(), containerNetwork, strconv.Itoa(subnetMaskLength), gateway, servicesNetwork).CombinedOutput()
+	out, err := exec.Command("openshift-sdn-multitenant-setup.sh", gateway, ipnet.String(), containerNetwork, strconv.Itoa(subnetMaskLength), gateway).CombinedOutput()
 	log.Infof("Output of setup script:\n%s", out)
 	if err != nil {
 		exitErr, ok := err.(*exec.ExitError)
@@ -47,8 +45,8 @@ func (c *FlowController) AddOFRules(nodeIP, subnet, localIP string) error {
 	}
 
 	cookie := generateCookie(nodeIP)
-	iprule := fmt.Sprintf("table=7,cookie=0x%s,priority=100,ip,nw_dst=%s,actions=move:NXM_NX_REG0[]->NXM_NX_TUN_ID[0..31],set_field:%s->tun_dst,output:1", cookie, subnet, nodeIP)
-	arprule := fmt.Sprintf("table=8,cookie=0x%s,priority=100,arp,nw_dst=%s,actions=move:NXM_NX_REG0[]->NXM_NX_TUN_ID[0..31],set_field:%s->tun_dst,output:1", cookie, subnet, nodeIP)
+	iprule := fmt.Sprintf("table=6,cookie=0x%s,priority=100,ip,nw_dst=%s,actions=move:NXM_NX_REG0[]->NXM_NX_TUN_ID[0..31],set_field:%s->tun_dst,output:1", cookie, subnet, nodeIP)
+	arprule := fmt.Sprintf("table=7,cookie=0x%s,priority=100,arp,nw_dst=%s,actions=move:NXM_NX_REG0[]->NXM_NX_TUN_ID[0..31],set_field:%s->tun_dst,output:1", cookie, subnet, nodeIP)
 	o, e := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", iprule).CombinedOutput()
 	log.Infof("Output of adding %s: %s (%v)", iprule, o, e)
 	o, e = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", arprule).CombinedOutput()
@@ -63,8 +61,8 @@ func (c *FlowController) DelOFRules(node, localIP string) error {
 
 	log.Infof("Calling del rules for %s", node)
 	cookie := generateCookie(node)
-	iprule := fmt.Sprintf("table=7,cookie=0x%s/0xffffffff", cookie)
-	arprule := fmt.Sprintf("table=8,cookie=0x%s/0xffffffff", cookie)
+	iprule := fmt.Sprintf("table=6,cookie=0x%s/0xffffffff", cookie)
+	arprule := fmt.Sprintf("table=7,cookie=0x%s/0xffffffff", cookie)
 	o, e := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0", iprule).CombinedOutput()
 	log.Infof("Output of deleting local ip rules %s (%v)", o, e)
 	o, e = exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0", arprule).CombinedOutput()
@@ -75,25 +73,3 @@ func (c *FlowController) DelOFRules(node, localIP string) error {
 func generateCookie(ip string) string {
 	return hex.EncodeToString(net.ParseIP(ip).To4())
 }
-
-func (c *FlowController) AddServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error {
-	rule := generateServiceRule(netID, IP, protocol, port)
-	o, e := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "add-flow", "br0", rule).CombinedOutput()
-	log.Infof("Output of adding %s: %s (%v)", rule, o, e)
-	return e
-}
-
-func (c *FlowController) DelServiceOFRules(netID uint, IP string, protocol api.ServiceProtocol, port uint) error {
-	rule := generateServiceRule(netID, IP, protocol, port)
-	o, e := exec.Command("ovs-ofctl", "-O", "OpenFlow13", "del-flows", "br0", rule).CombinedOutput()
-	log.Infof("Output of deleting %s: %s (%v)", rule, o, e)
-	return e
-}
-
-func generateServiceRule(netID uint, IP string, protocol api.ServiceProtocol, port uint) string {
-	if netID == 0 {
-		return fmt.Sprintf("table=4,priority=200,%s,nw_dst=%s,tp_dst=%d,actions=output:2", strings.ToLower(string(protocol)), IP, port)
-	} else {
-		return fmt.Sprintf("table=4,priority=200,reg0=%d,%s,nw_dst=%s,tp_dst=%d,actions=output:2", netID, strings.ToLower(string(protocol)), IP, port)
-	}
-}

ovssubnet/registry/registry.go

@@ -166,14 +166,6 @@ func (sub *EtcdSubnetRegistry) GetNodes() (*[]string, error) {
 	return &nodes, nil
 }
 
-func (sub *EtcdSubnetRegistry) InitServices() error {
-	return nil
-}
-
-func (sub *EtcdSubnetRegistry) GetServices() (*[]api.Service, error) {
-	return nil, nil
-}
-
 func (sub *EtcdSubnetRegistry) GetSubnets() (*[]api.Subnet, error) {
 	key := sub.etcdCfg.SubnetPath
 	resp, err := sub.client().Get(key, false, true)
@@ -253,11 +245,6 @@ func (sub *EtcdSubnetRegistry) GetContainerNetwork() (string, error) {
 	return resp.Node.Value, err
 }
 
-func (sub *EtcdSubnetRegistry) GetServicesNetwork() (string, error) {
-	// FIXME
-	return "172.30.0.0/16", nil
-}
-
 func (sub *EtcdSubnetRegistry) GetSubnetLength() (uint64, error) {
 	key := path.Join(sub.etcdCfg.SubnetConfigPath, "SubnetLength")
 	resp, err := sub.client().Get(key, false, false)
@@ -344,10 +331,6 @@ func (sub *EtcdSubnetRegistry) watch(key string, rev uint64, stop chan bool) (*e
 	return rawResp.Unmarshal()
 }
 
-func (sub *EtcdSubnetRegistry) WatchServices(receiver chan *api.ServiceEvent, stop chan bool) error {
-	return nil
-}
-
 func (sub *EtcdSubnetRegistry) WatchSubnets(receiver chan *api.SubnetEvent, stop chan bool) error {
 	for {
 		var rev uint64