-
Notifications
You must be signed in to change notification settings - Fork 431
/
gateway_windows.go
145 lines (129 loc) · 4.47 KB
/
gateway_windows.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
package daemon
import (
"context"
"fmt"
k8serrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/klog/v2"
kubeovnv1 "github.com/kubeovn/kube-ovn/pkg/apis/kubeovn/v1"
"github.com/kubeovn/kube-ovn/pkg/ovs"
"github.com/kubeovn/kube-ovn/pkg/util"
)
func (c *Controller) setIPSet() error {
return nil
}
func (c *Controller) setPolicyRouting() error {
return nil
}
func (c *Controller) setIptables() error {
return nil
}
func (c *Controller) gcIPSet() error {
return nil
}
func (c *Controller) addEgressConfig(subnet *kubeovnv1.Subnet, ip string) error {
// nothing to do on Windows
return nil
}
func (c *Controller) removeEgressConfig(subnet, ip string) error {
// nothing to do on Windows
return nil
}
func (c *Controller) setExGateway() error {
node, err := c.nodesLister.Get(c.config.NodeName)
if err != nil {
klog.Errorf("failed to get node, %v", err)
return err
}
enable := node.Labels[util.ExGatewayLabel]
externalBridge := util.ExternalBridgeName(c.config.ExternalGatewaySwitch)
if enable == "true" {
cm, err := c.config.KubeClient.CoreV1().ConfigMaps(c.config.ExternalGatewayConfigNS).Get(context.Background(), util.ExternalGatewayConfig, metav1.GetOptions{})
if err != nil {
klog.Errorf("failed to get ovn-external-gw-config, %v", err)
return err
}
// enable external-gw-config without 'external-gw-nic' configured
// to reuse existing physical network from arg 'external-gateway-net'
linkName, exist := cm.Data["external-gw-nic"]
if !exist || len(linkName) == 0 {
return nil
}
externalBrReady := false
// if external nic already attached into another bridge
if existBr, err := ovs.Exec("port-to-br", linkName); err == nil {
if existBr == externalBridge {
externalBrReady = true
} else {
klog.Infof("external bridge should change from %s to %s, delete external bridge %s", existBr, externalBridge, existBr)
if _, err := ovs.Exec(ovs.IfExists, "del-br", existBr); err != nil {
err = fmt.Errorf("failed to del external br %s, %v", existBr, err)
klog.Error(err)
return err
}
}
}
if !externalBrReady {
if _, err := ovs.Exec(
ovs.MayExist, "add-br", externalBridge, "--",
ovs.MayExist, "add-port", externalBridge, linkName,
); err != nil {
err = fmt.Errorf("failed to enable external gateway, %v", err)
klog.Error(err)
}
}
if err = addOvnMapping("ovn-bridge-mappings", c.config.ExternalGatewaySwitch, externalBridge, true); err != nil {
klog.Error(err)
return err
}
} else {
brExists, err := ovs.BridgeExists(externalBridge)
if err != nil {
return fmt.Errorf("failed to check OVS bridge existence: %v", err)
}
if !brExists {
return nil
}
providerNetworks, err := c.providerNetworksLister.List(labels.Everything())
if err != nil && !k8serrors.IsNotFound(err) {
klog.Errorf("failed to list provider networks: %v", err)
return err
}
for _, pn := range providerNetworks {
// if external nic already attached into another bridge
if existBr, err := ovs.Exec("port-to-br", pn.Spec.DefaultInterface); err == nil {
if existBr == externalBridge {
// delete switch after related provider network not exist
return nil
}
}
}
keepExternalSubnet := false
externalSubnet, err := c.subnetsLister.Get(c.config.ExternalGatewaySwitch)
if err != nil {
if !k8serrors.IsNotFound(err) {
klog.Errorf("failed to get subnet %s, %v", c.config.ExternalGatewaySwitch, err)
return err
}
} else {
if externalSubnet.Spec.Vlan != "" {
keepExternalSubnet = true
}
}
if !keepExternalSubnet {
klog.Infof("delete external bridge %s", externalBridge)
if _, err := ovs.Exec(
ovs.IfExists, "del-br", externalBridge); err != nil {
err = fmt.Errorf("failed to disable external gateway, %v", err)
klog.Error(err)
return err
}
}
}
return nil
}
// Generally, the MTU of the interface is set to 1400. But in special cases, a special pod (docker indocker) will introduce the docker0 interface to the pod. The MTU of docker0 is 1500.
// The network application in pod will calculate the TCP MSS according to the MTU of docker0, and then initiate communication with others. After the other party sends a response, the kernel protocol stack of Linux host will send ICMP unreachable message to the other party, indicating that IP fragmentation is needed, which is not supported by the other party, resulting in communication failure.
func (c *Controller) appendMssRule() {
}