azure-container-networking/network/endpoint_linux.go

// Copyright 2017 Microsoft. All rights reserved.
// MIT License

// +build linux

package network

import (
	"fmt"
	"net"

	"github.com/Azure/azure-container-networking/ebtables"
	"github.com/Azure/azure-container-networking/log"
	"github.com/Azure/azure-container-networking/netlink"
)

const (
	// Prefix for host virtual network interface names.
	hostInterfacePrefix = "veth"

	// Prefix for container network interface names.
	containerInterfacePrefix = "eth"
)

// newEndpointImpl creates a new endpoint in the network.
func (nw *network) newEndpointImpl(epInfo *EndpointInfo) (*endpoint, error) {
	var containerIf *net.Interface
	var ns *Namespace
	var ep *endpoint
	var err error

	// Create a veth pair.
	hostIfName := fmt.Sprintf("%s%s", hostInterfacePrefix, epInfo.Id[:7])
	contIfName := fmt.Sprintf("%s%s-2", hostInterfacePrefix, epInfo.Id[:7])

	log.Printf("[net] Creating veth pair %v %v.", hostIfName, contIfName)

	link := netlink.VEthLink{
		LinkInfo: netlink.LinkInfo{
			Type: netlink.LINK_TYPE_VETH,
			Name: contIfName,
		},
		PeerName: hostIfName,
	}

	err = netlink.AddLink(&link)
	if err != nil {
		log.Printf("[net] Failed to create veth pair, err:%v.", err)
		return nil, err
	}

	//
	// Host network interface setup.
	//

	// Host interface up.
	log.Printf("[net] Setting link %v state up.", hostIfName)
	err = netlink.SetLinkState(hostIfName, true)
	if err != nil {
		goto cleanup
	}

	// Connect host interface to the bridge.
	log.Printf("[net] Setting link %v master %v.", hostIfName, nw.extIf.BridgeName)
	err = netlink.SetLinkMaster(hostIfName, nw.extIf.BridgeName)
	if err != nil {
		goto cleanup
	}

	//
	// Container network interface setup.
	//

	// Query container network interface info.
	containerIf, err = net.InterfaceByName(contIfName)
	if err != nil {
		goto cleanup
	}

	// Setup MAC address translation rules for container interface.
	log.Printf("[net] Setting up MAC address translation rules for endpoint %v.", contIfName)
	for _, ipAddr := range epInfo.IPAddresses {
		err = ebtables.SetDnatForIPAddress(nw.extIf.Name, ipAddr.IP, containerIf.HardwareAddr, ebtables.Append)
		if err != nil {
			goto cleanup
		}
	}

	// If a network namespace for the container interface is specified...
	if epInfo.NetNsPath != "" {
		// Open the network namespace.
		log.Printf("[net] Opening netns %v.", epInfo.NetNsPath)
		ns, err = OpenNamespace(epInfo.NetNsPath)
		if err != nil {
			goto cleanup
		}
		defer ns.Close()

		// Move the container interface to container's network namespace.
		log.Printf("[net] Setting link %v netns %v.", contIfName, epInfo.NetNsPath)
		err = netlink.SetLinkNetNs(contIfName, ns.GetFd())
		if err != nil {
			goto cleanup
		}

		// Enter the container network namespace.
		log.Printf("[net] Entering netns %v.", epInfo.NetNsPath)
		err = ns.Enter()
		if err != nil {
			goto cleanup
		}
	}

	// If a name for the container interface is specified...
	if epInfo.IfName != "" {
		// Interface needs to be down before renaming.
		log.Printf("[net] Setting link %v state down.", contIfName)
		err = netlink.SetLinkState(contIfName, false)
		if err != nil {
			goto cleanup
		}

		// Rename the container interface.
		log.Printf("[net] Setting link %v name %v.", contIfName, epInfo.IfName)
		err = netlink.SetLinkName(contIfName, epInfo.IfName)
		if err != nil {
			goto cleanup
		}
		contIfName = epInfo.IfName

		// Bring the interface back up.
		log.Printf("[net] Setting link %v state up.", contIfName)
		err = netlink.SetLinkState(contIfName, true)
		if err != nil {
			goto cleanup
		}
	}

	// Assign IP address to container network interface.
	for _, ipAddr := range epInfo.IPAddresses {
		log.Printf("[net] Adding IP address %v to link %v.", ipAddr.String(), contIfName)
		err = netlink.AddIpAddress(contIfName, ipAddr.IP, &ipAddr)
		if err != nil {
			goto cleanup
		}
	}

	// Add IP routes to container network interface.
	for _, route := range epInfo.Routes {
		log.Printf("[net] Adding IP route %+v to link %v.", route, contIfName)

		nlRoute := &netlink.Route{
			Family:    netlink.GetIpAddressFamily(route.Gw),
			Dst:       &route.Dst,
			Gw:        route.Gw,
			LinkIndex: containerIf.Index,
		}

		err = netlink.AddIpRoute(nlRoute)
		if err != nil {
			goto cleanup
		}
	}

	// If inside the container network namespace...
	if ns != nil {
		// Return to host network namespace.
		log.Printf("[net] Exiting netns %v.", epInfo.NetNsPath)
		err = ns.Exit()
		if err != nil {
			goto cleanup
		}
	}

	// Create the endpoint object.
	ep = &endpoint{
		Id:          epInfo.Id,
		IfName:      contIfName,
		HostIfName:  hostIfName,
		MacAddress:  containerIf.HardwareAddr,
		IPAddresses: epInfo.IPAddresses,
		Gateways:    []net.IP{nw.extIf.IPv4Gateway},
	}

	return ep, nil

cleanup:
	// Roll back the changes for the endpoint.
	netlink.DeleteLink(contIfName)

	return nil, err
}

// deleteEndpointImpl deletes an existing endpoint from the network.
func (nw *network) deleteEndpointImpl(ep *endpoint) error {
	// Delete the veth pair by deleting one of the peer interfaces.
	// Deleting the host interface is more convenient since it does not require
	// entering the container netns and hence works both for CNI and CNM.
	log.Printf("[net] Deleting veth pair %v %v.", ep.HostIfName, ep.IfName)
	err := netlink.DeleteLink(ep.HostIfName)
	if err != nil {
		goto cleanup
	}

	// Delete MAC address translation rule.
	log.Printf("[net] Deleting MAC address translation rules for endpoint %v.", ep.Id)
	for _, ipAddr := range ep.IPAddresses {
		err = ebtables.SetDnatForIPAddress(nw.extIf.Name, ipAddr.IP, ep.MacAddress, ebtables.Delete)
		if err != nil {
			goto cleanup
		}
	}

cleanup:
	return err
}

// getInfoImpl returns information about the endpoint.
func (ep *endpoint) getInfoImpl(epInfo *EndpointInfo) {
}
Refactor network logic for Windows support 2017-02-11 03:15:53 +03:00			`// Copyright 2017 Microsoft. All rights reserved.`
			`// MIT License`

			`// +build linux`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00
			`package network`

			`import (`
			`"fmt"`
			`"net"`

Updated package references with new repo name 2016-10-07 00:40:29 +03:00			`"github.com/Azure/azure-container-networking/ebtables"`
			`"github.com/Azure/azure-container-networking/log"`
			`"github.com/Azure/azure-container-networking/netlink"`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`)`

			`const (`
			`// Prefix for host virtual network interface names.`
			`hostInterfacePrefix = "veth"`

			`// Prefix for container network interface names.`
			`containerInterfacePrefix = "eth"`
			`)`

Refactor network logic for Windows support 2017-02-11 03:15:53 +03:00			`// newEndpointImpl creates a new endpoint in the network.`
			`func (nw network) newEndpointImpl(epInfo EndpointInfo) (*endpoint, error) {`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`var containerIf *net.Interface`
Added support for creating endpoints in other namespaces for CNI 2016-11-23 02:28:57 +03:00			`var ns *Namespace`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`var ep *endpoint`
			`var err error`

			`// Create a veth pair.`
Exposed NetworkManager interface and made it more generic to support CNI 2016-11-22 23:31:48 +03:00			`hostIfName := fmt.Sprintf("%s%s", hostInterfacePrefix, epInfo.Id[:7])`
			`contIfName := fmt.Sprintf("%s%s-2", hostInterfacePrefix, epInfo.Id[:7])`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00
Improved logging for network and endpoint creation 2016-11-22 23:19:54 +03:00			`log.Printf("[net] Creating veth pair %v %v.", hostIfName, contIfName)`
Added IPVLAN link support 2017-02-28 12:27:20 +03:00
			`link := netlink.VEthLink{`
			`LinkInfo: netlink.LinkInfo{`
			`Type: netlink.LINK_TYPE_VETH,`
			`Name: contIfName,`
			`},`
			`PeerName: hostIfName,`
			`}`

			`err = netlink.AddLink(&link)`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`if err != nil {`
Added support for creating endpoints in other namespaces for CNI 2016-11-23 02:28:57 +03:00			`log.Printf("[net] Failed to create veth pair, err:%v.", err)`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`return nil, err`
			`}`

Improved logging for network and endpoint creation 2016-11-22 23:19:54 +03:00			`//`
			`// Host network interface setup.`
			`//`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00
			`// Host interface up.`
Improved logging for network and endpoint creation 2016-11-22 23:19:54 +03:00			`log.Printf("[net] Setting link %v state up.", hostIfName)`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`err = netlink.SetLinkState(hostIfName, true)`
			`if err != nil {`
			`goto cleanup`
			`}`

			`// Connect host interface to the bridge.`
Improved logging for network and endpoint creation 2016-11-22 23:19:54 +03:00			`log.Printf("[net] Setting link %v master %v.", hostIfName, nw.extIf.BridgeName)`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`err = netlink.SetLinkMaster(hostIfName, nw.extIf.BridgeName)`
			`if err != nil {`
			`goto cleanup`
			`}`

Improved logging for network and endpoint creation 2016-11-22 23:19:54 +03:00			`//`
			`// Container network interface setup.`
			`//`

Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`// Query container network interface info.`
			`containerIf, err = net.InterfaceByName(contIfName)`
			`if err != nil {`
			`goto cleanup`
			`}`

			`// Setup MAC address translation rules for container interface.`
Improved logging for network and endpoint creation 2016-11-22 23:19:54 +03:00			`log.Printf("[net] Setting up MAC address translation rules for endpoint %v.", contIfName)`
Added support for multiple IPv4 addresses and routes 2016-12-13 03:03:10 +03:00			`for _, ipAddr := range epInfo.IPAddresses {`
Added support for Linux l2tunnel mode 2017-03-07 03:24:20 +03:00			`err = ebtables.SetDnatForIPAddress(nw.extIf.Name, ipAddr.IP, containerIf.HardwareAddr, ebtables.Append)`
Added support for multiple IPv4 addresses and routes 2016-12-13 03:03:10 +03:00			`if err != nil {`
			`goto cleanup`
			`}`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`}`

Added support for creating endpoints in other namespaces for CNI 2016-11-23 02:28:57 +03:00			`// If a network namespace for the container interface is specified...`
			`if epInfo.NetNsPath != "" {`
			`// Open the network namespace.`
			`log.Printf("[net] Opening netns %v.", epInfo.NetNsPath)`
			`ns, err = OpenNamespace(epInfo.NetNsPath)`
			`if err != nil {`
			`goto cleanup`
			`}`
			`defer ns.Close()`

			`// Move the container interface to container's network namespace.`
			`log.Printf("[net] Setting link %v netns %v.", contIfName, epInfo.NetNsPath)`
			`err = netlink.SetLinkNetNs(contIfName, ns.GetFd())`
			`if err != nil {`
			`goto cleanup`
			`}`

			`// Enter the container network namespace.`
			`log.Printf("[net] Entering netns %v.", epInfo.NetNsPath)`
			`err = ns.Enter()`
			`if err != nil {`
			`goto cleanup`
			`}`
			`}`

Exposed NetworkManager interface and made it more generic to support CNI 2016-11-22 23:31:48 +03:00			`// If a name for the container interface is specified...`
			`if epInfo.IfName != "" {`
			`// Interface needs to be down before renaming.`
			`log.Printf("[net] Setting link %v state down.", contIfName)`
			`err = netlink.SetLinkState(contIfName, false)`
			`if err != nil {`
			`goto cleanup`
			`}`

			`// Rename the container interface.`
			`log.Printf("[net] Setting link %v name %v.", contIfName, epInfo.IfName)`
			`err = netlink.SetLinkName(contIfName, epInfo.IfName)`
			`if err != nil {`
			`goto cleanup`
			`}`
			`contIfName = epInfo.IfName`

			`// Bring the interface back up.`
			`log.Printf("[net] Setting link %v state up.", contIfName)`
			`err = netlink.SetLinkState(contIfName, true)`
			`if err != nil {`
			`goto cleanup`
			`}`
			`}`

Improved logging for network and endpoint creation 2016-11-22 23:19:54 +03:00			`// Assign IP address to container network interface.`
Added support for multiple IPv4 addresses and routes 2016-12-13 03:03:10 +03:00			`for _, ipAddr := range epInfo.IPAddresses {`
			`log.Printf("[net] Adding IP address %v to link %v.", ipAddr.String(), contIfName)`
			`err = netlink.AddIpAddress(contIfName, ipAddr.IP, &ipAddr)`
			`if err != nil {`
			`goto cleanup`
			`}`
			`}`

			`// Add IP routes to container network interface.`
			`for _, route := range epInfo.Routes {`
			`log.Printf("[net] Adding IP route %+v to link %v.", route, contIfName)`

			`nlRoute := &netlink.Route{`
			`Family: netlink.GetIpAddressFamily(route.Gw),`
			`Dst: &route.Dst,`
			`Gw: route.Gw,`
			`LinkIndex: containerIf.Index,`
			`}`

			`err = netlink.AddIpRoute(nlRoute)`
			`if err != nil {`
			`goto cleanup`
			`}`
Improved logging for network and endpoint creation 2016-11-22 23:19:54 +03:00			`}`

Added support for creating endpoints in other namespaces for CNI 2016-11-23 02:28:57 +03:00			`// If inside the container network namespace...`
			`if ns != nil {`
			`// Return to host network namespace.`
			`log.Printf("[net] Exiting netns %v.", epInfo.NetNsPath)`
			`err = ns.Exit()`
			`if err != nil {`
			`goto cleanup`
			`}`
			`}`

Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`// Create the endpoint object.`
			`ep = &endpoint{`
Exposed NetworkManager interface and made it more generic to support CNI 2016-11-22 23:31:48 +03:00			`Id: epInfo.Id,`
Updated endpoint to persist host ifname and delete veth pair using it on removal 2016-12-08 02:56:19 +03:00			`IfName: contIfName,`
			`HostIfName: hostIfName,`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`MacAddress: containerIf.HardwareAddr,`
Added support for multiple IPv4 addresses and routes 2016-12-13 03:03:10 +03:00			`IPAddresses: epInfo.IPAddresses,`
			`Gateways: []net.IP{nw.extIf.IPv4Gateway},`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`}`

			`return ep, nil`

			`cleanup:`
			`// Roll back the changes for the endpoint.`
			`netlink.DeleteLink(contIfName)`

			`return nil, err`
			`}`

Refactor network logic for Windows support 2017-02-11 03:15:53 +03:00			`// deleteEndpointImpl deletes an existing endpoint from the network.`
			`func (nw network) deleteEndpointImpl(ep endpoint) error {`
Updated endpoint to persist host ifname and delete veth pair using it on removal 2016-12-08 02:56:19 +03:00			`// Delete the veth pair by deleting one of the peer interfaces.`
			`// Deleting the host interface is more convenient since it does not require`
			`// entering the container netns and hence works both for CNI and CNM.`
			`log.Printf("[net] Deleting veth pair %v %v.", ep.HostIfName, ep.IfName)`
Refactor network logic for Windows support 2017-02-11 03:15:53 +03:00			`err := netlink.DeleteLink(ep.HostIfName)`
Updated endpoint to persist host ifname and delete veth pair using it on removal 2016-12-08 02:56:19 +03:00			`if err != nil {`
			`goto cleanup`
			`}`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00
Updated endpoint to persist host ifname and delete veth pair using it on removal 2016-12-08 02:56:19 +03:00			`// Delete MAC address translation rule.`
Refactor network logic for Windows support 2017-02-11 03:15:53 +03:00			`log.Printf("[net] Deleting MAC address translation rules for endpoint %v.", ep.Id)`
Added support for multiple IPv4 addresses and routes 2016-12-13 03:03:10 +03:00			`for _, ipAddr := range ep.IPAddresses {`
Added support for Linux l2tunnel mode 2017-03-07 03:24:20 +03:00			`err = ebtables.SetDnatForIPAddress(nw.extIf.Name, ipAddr.IP, ep.MacAddress, ebtables.Delete)`
Added support for multiple IPv4 addresses and routes 2016-12-13 03:03:10 +03:00			`if err != nil {`
			`goto cleanup`
			`}`
Updated endpoint to persist host ifname and delete veth pair using it on removal 2016-12-08 02:56:19 +03:00			`}`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00
Updated endpoint to persist host ifname and delete veth pair using it on removal 2016-12-08 02:56:19 +03:00			`cleanup:`
			`return err`
Refactor core network logic to NetworkManager 2016-09-22 01:39:25 +03:00			`}`
Implement CNM GetEndpointInfo on Windows 2017-05-17 23:36:57 +03:00
			`// getInfoImpl returns information about the endpoint.`
			`func (ep endpoint) getInfoImpl(epInfo EndpointInfo) {`
			`}`