Azure
/
azure-container-networking
зеркало из https://github.com/Azure/azure-container-networking.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

[CNI] Migrate network and platform package logging to zap (#2209) 

* network package zap logger

* add zaplogger for platform
This commit is contained in:
Paul Yu 2023-09-15 20:14:44 -04:00 коммит произвёл GitHub
Родитель c9adf9a41a
Коммит 44dc74e5ec
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
29 изменённых файлов: 564 добавлений и 472 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

25
cni/log/logger.go
Просмотреть файл

@ -5,31 +5,12 @@ import (
"github.com/Azure/azure-container-networking/zaplog"
"go.uber.org/zap"
"go.uber.org/zap/zapcore"
)
const (
maxLogFileSizeInMb = 5
maxLogFileCount = 8
)
var (
loggerName string
loggerFile string
)
var LoggerCfg = &zaplog.Config{
Level: zapcore.DebugLevel,
LogPath: loggerFile,
MaxSizeInMB: maxLogFileSizeInMb,
MaxBackups: maxLogFileCount,
Name: loggerName,
}
func InitZapLogCNI(loggerName, loggerFile string) *zap.Logger {
LoggerCfg.Name = loggerName
LoggerCfg.LogPath = LogPath + loggerFile
logger := zaplog.InitZapLog(LoggerCfg)
zaplog.LoggerCfg.Name = loggerName
zaplog.LoggerCfg.LogPath = zaplog.LogPath + loggerFile
logger := zaplog.InitZapLog(&zaplog.LoggerCfg)
// only log process id on CNI package
logger = logger.With(zap.Int("pid", os.Getpid()))

2
cni/network/network_windows.go
Просмотреть файл

@ -385,7 +385,7 @@ func getIPV6EndpointPolicy(nwInfo *network.NetworkInfo) (policy.Policy, error) {
Data: rawPolicy,
}
logger.Info("[net] ipv6 outboundnat policy", zap.Any("policy", eppolicy))
logger.Info("ipv6 outboundnat policy", zap.Any("policy", eppolicy))
return eppolicy, nil
}

3
cni/telemetry/service/telemetrymain.go
Просмотреть файл

@ -13,6 +13,7 @@ import (
"github.com/Azure/azure-container-networking/cni/log"
acn "github.com/Azure/azure-container-networking/common"
"github.com/Azure/azure-container-networking/telemetry"
"github.com/Azure/azure-container-networking/zaplog"
"go.uber.org/zap"
"go.uber.org/zap/zapcore"
)
@ -116,7 +117,7 @@ func main() {
os.Exit(0)
}
log.LoggerCfg.Level = logLevel
zaplog.LoggerCfg.Level = logLevel
logger := log.InitZapLogCNI(azureVnetTelemetry, azureVnetTelemetry+".log")
logger.Info("Telemetry invocation info", zap.Any("arguments", os.Args))

50
network/bridge_endpointclient_linux.go
Просмотреть файл

@ -5,11 +5,11 @@ import (
"net"
"github.com/Azure/azure-container-networking/ebtables"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netio"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/networkutils"
"github.com/Azure/azure-container-networking/platform"
"go.uber.org/zap"
)
const (
@ -76,7 +76,7 @@ func (client *LinuxBridgeEndpointClient) AddEndpoints(epInfo *EndpointInfo) erro
func (client *LinuxBridgeEndpointClient) AddEndpointRules(epInfo *EndpointInfo) error {
var err error
log.Printf("[net] Setting link %v master %v.", client.hostVethName, client.bridgeName)
logger.Info("Setting link master", zap.String("hostVethName", client.hostVethName), zap.String("bridgeName", client.bridgeName))
if err := client.netlink.SetLinkMaster(client.hostVethName, client.bridgeName); err != nil {
return err
}
@ -84,20 +84,20 @@ func (client *LinuxBridgeEndpointClient) AddEndpointRules(epInfo *EndpointInfo)
for _, ipAddr := range epInfo.IPAddresses {
if ipAddr.IP.To4() != nil {
// Add ARP reply rule.
log.Printf("[net] Adding ARP reply rule for IP address %v", ipAddr.String())
logger.Info("Adding ARP reply rule for IP address", zap.String("address", ipAddr.String()))
if err = ebtables.SetArpReply(ipAddr.IP, client.getArpReplyAddress(client.containerMac), ebtables.Append); err != nil {
return err
}
}
// Add MAC address translation rule.
log.Printf("[net] Adding MAC DNAT rule for IP address %v", ipAddr.String())
logger.Info("Adding MAC DNAT rule for IP address", zap.String("address", ipAddr.String()))
if err := ebtables.SetDnatForIPAddress(client.hostPrimaryIfName, ipAddr.IP, client.containerMac, ebtables.Append); err != nil {
return err
}
if client.mode != opModeTunnel && ipAddr.IP.To4() != nil {
log.Printf("[net] Adding static arp for IP address %v and MAC %v in VM", ipAddr.String(), client.containerMac.String())
logger.Info("Adding static arp for IP address and MAC in VM", zap.String("address", ipAddr.String()), zap.String("MAC", client.containerMac.String()))
linkInfo := netlink.LinkInfo{
Name: client.bridgeName,
IPAddr: ipAddr.IP,
@ -105,16 +105,16 @@ func (client *LinuxBridgeEndpointClient) AddEndpointRules(epInfo *EndpointInfo)
}
if err := client.netlink.SetOrRemoveLinkAddress(linkInfo, netlink.ADD, netlink.NUD_PERMANENT); err != nil {
log.Printf("Failed setting arp in vm: %v", err)
logger.Info("Failed setting arp in vm with", zap.Error(err))
}
}
}
addRuleToRouteViaHost(epInfo)
log.Printf("[net] Setting hairpin for hostveth %v", client.hostVethName)
logger.Info("Setting hairpin for ", zap.String("hostveth", client.hostVethName))
if err := client.netlink.SetLinkHairpin(client.hostVethName, true); err != nil {
log.Printf("Setting up hairpin failed for interface %v error %v", client.hostVethName, err)
logger.Info("Setting up hairpin failed for interface error", zap.String("interfaceName", client.hostVethName), zap.Error(err))
return err
}
@ -126,22 +126,22 @@ func (client *LinuxBridgeEndpointClient) DeleteEndpointRules(ep *endpoint) {
for _, ipAddr := range ep.IPAddresses {
if ipAddr.IP.To4() != nil {
// Delete ARP reply rule.
log.Printf("[net] Deleting ARP reply rule for IP address %v on %v.", ipAddr.String(), ep.Id)
logger.Info("Deleting ARP reply rule for IP address on", zap.String("address", ipAddr.String()), zap.String("id", ep.Id))
err := ebtables.SetArpReply(ipAddr.IP, client.getArpReplyAddress(ep.MacAddress), ebtables.Delete)
if err != nil {
log.Printf("[net] Failed to delete ARP reply rule for IP address %v: %v.", ipAddr.String(), err)
logger.Error("Failed to delete ARP reply rule for IP address", zap.String("address", ipAddr.String()), zap.Error(err))
}
}
// Delete MAC address translation rule.
log.Printf("[net] Deleting MAC DNAT rule for IP address %v on %v.", ipAddr.String(), ep.Id)
logger.Info("Deleting MAC DNAT rule for IP address on", zap.String("address", ipAddr.String()), zap.String("id", ep.Id))
err := ebtables.SetDnatForIPAddress(client.hostPrimaryIfName, ipAddr.IP, ep.MacAddress, ebtables.Delete)
if err != nil {
log.Printf("[net] Failed to delete MAC DNAT rule for IP address %v: %v.", ipAddr.String(), err)
logger.Error("Failed to delete MAC DNAT rule for IP address", zap.String("address", ipAddr.String()), zap.Error(err))
}
if client.mode != opModeTunnel && ipAddr.IP.To4() != nil {
log.Printf("[net] Removing static arp for IP address %v and MAC %v from VM", ipAddr.String(), ep.MacAddress.String())
logger.Info("Removing static arp for IP address and MAC from VM", zap.String("address", ipAddr.String()), zap.String("MAC", ep.MacAddress.String()))
linkInfo := netlink.LinkInfo{
Name: client.bridgeName,
IPAddr: ipAddr.IP,
@ -149,7 +149,7 @@ func (client *LinuxBridgeEndpointClient) DeleteEndpointRules(ep *endpoint) {
}
err := client.netlink.SetOrRemoveLinkAddress(linkInfo, netlink.REMOVE, netlink.NUD_INCOMPLETE)
if err != nil {
log.Printf("Failed removing arp from vm: %v", err)
logger.Error("Failed removing arp from vm with", zap.Error(err))
}
}
}
@ -172,7 +172,7 @@ func (client *LinuxBridgeEndpointClient) getArpReplyAddress(epMacAddress net.Har
func (client *LinuxBridgeEndpointClient) MoveEndpointsToContainerNS(epInfo *EndpointInfo, nsID uintptr) error {
// Move the container interface to container's network namespace.
log.Printf("[net] Setting link %v netns %v.", client.containerVethName, epInfo.NetNsPath)
logger.Info("Setting link netns", zap.String("containerVethName", client.containerVethName), zap.String("NetNsPath", epInfo.NetNsPath))
if err := client.netlink.SetLinkNetNs(client.containerVethName, nsID); err != nil {
return newErrorLinuxBridgeClient(err.Error())
}
@ -211,10 +211,10 @@ func (client *LinuxBridgeEndpointClient) ConfigureContainerInterfacesAndRoutes(e
}
func (client *LinuxBridgeEndpointClient) DeleteEndpoints(ep *endpoint) error {
log.Printf("[net] Deleting veth pair %v %v.", ep.HostIfName, ep.IfName)
logger.Info("Deleting veth pair", zap.String("hostIfName", ep.HostIfName), zap.String("interfaceName", ep.IfName))
err := client.netlink.DeleteLink(ep.HostIfName)
if err != nil {
log.Printf("[net] Failed to delete veth pair %v: %v.", ep.HostIfName, err)
logger.Error("Failed to delete veth pair", zap.String("hostIfName", ep.HostIfName), zap.Error(err))
return err
}
@ -228,21 +228,21 @@ func addRuleToRouteViaHost(epInfo *EndpointInfo) error {
rule := fmt.Sprintf("-p IPv4 --ip-dst %s -j redirect", ipAddr)
// Check if EB rule exists
log.Printf("[net] Checking if EB rule %s already exists in table %s chain %s", rule, tableName, chainName)
logger.Info("Checking if EB rule already exists in table chain", zap.String("rule", rule), zap.String("tableName", tableName), zap.String("chainName", chainName))
exists, err := ebtables.EbTableRuleExists(tableName, chainName, rule)
if err != nil {
log.Printf("[net] Failed to check if EB table rule exists: %v", err)
logger.Error("Failed to check if EB table rule exists", zap.Error(err))
return err
}
if exists {
// EB rule already exists.
log.Printf("[net] EB rule %s already exists in table %s chain %s.", rule, tableName, chainName)
logger.Info("EB rule already exists in table chain", zap.String("rule", rule), zap.String("tableName", tableName), zap.String("chainName", chainName))
} else {
// Add EB rule to route via host.
log.Printf("[net] Adding EB rule to route via host for IP address %v", ipAddr)
logger.Info("Adding EB rule to route via host for IP", zap.Any("address", ipAddr))
if err := ebtables.SetBrouteAccept(ipAddr, ebtables.Append); err != nil {
log.Printf("[net] Failed to add EB rule to route via host: %v", err)
logger.Error("Failed to add EB rule to route via host with", zap.Error(err))
return err
}
}
@ -287,7 +287,7 @@ func (client *LinuxBridgeEndpointClient) setupIPV6Routes(epInfo *EndpointInfo) e
routes = append(routes, vmV6Route)
routes = append(routes, defaultV6Route)
log.Printf("[net] Adding ipv6 routes in container %+v", routes)
logger.Info("Adding ipv6 routes in", zap.Any("container", routes))
if err := addRoutes(client.netlink, client.netioshim, client.containerVethName, routes); err != nil {
return nil
}
@ -298,7 +298,7 @@ func (client *LinuxBridgeEndpointClient) setupIPV6Routes(epInfo *EndpointInfo) e
func (client *LinuxBridgeEndpointClient) setIPV6NeighEntry(epInfo *EndpointInfo) error {
if epInfo.IPV6Mode != "" {
log.Printf("[net] Add neigh entry for host gw ip")
logger.Info("Add neigh entry for host gw ip")
hardwareAddr, _ := net.ParseMAC(defaultHostGwMac)
hostGwIp := net.ParseIP(defaultV6HostGw)
linkInfo := netlink.LinkInfo{
@ -307,7 +307,7 @@ func (client *LinuxBridgeEndpointClient) setIPV6NeighEntry(epInfo *EndpointInfo)
MacAddress: hardwareAddr,
}
if err := client.netlink.SetOrRemoveLinkAddress(linkInfo, netlink.ADD, netlink.NUD_PERMANENT); err != nil {
log.Printf("Failed setting neigh entry in container: %v", err)
logger.Error("Failed setting neigh entry in", zap.Any("container", err.Error()))
return err
}
}

16
network/bridge_networkclient_linux.go
Просмотреть файл

@ -6,10 +6,10 @@ import (
"net"
"github.com/Azure/azure-container-networking/ebtables"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/networkutils"
"github.com/Azure/azure-container-networking/platform"
"go.uber.org/zap"
)
const (
@ -49,7 +49,7 @@ func NewLinuxBridgeClient(
}
func (client *LinuxBridgeClient) CreateBridge() error {
log.Printf("[net] Creating bridge %v.", client.bridgeName)
logger.Info("Creating bridge", zap.String("bridgeName", client.bridgeName))
link := netlink.BridgeLink{
LinkInfo: netlink.LinkInfo{
@ -73,13 +73,13 @@ func (client *LinuxBridgeClient) DeleteBridge() error {
// Disconnect external interface from its bridge.
err := client.netlink.SetLinkMaster(client.hostInterfaceName, "")
if err != nil {
log.Printf("[net] Failed to disconnect interface %v from bridge, err:%v.", client.hostInterfaceName, err)
logger.Error("Failed to disconnect interface from bridge", zap.String("hostInterfaceName", client.hostInterfaceName), zap.Error(err))
}
// Delete the bridge.
err = client.netlink.DeleteLink(client.bridgeName)
if err != nil {
log.Printf("[net] Failed to delete bridge %v, err:%v.", client.bridgeName, err)
logger.Error("Failed to delete bridge", zap.String("bridgeName", client.bridgeName), zap.Error(err))
}
return nil
@ -92,7 +92,7 @@ func (client *LinuxBridgeClient) AddL2Rules(extIf *externalInterface) error {
}
// Add SNAT rule to translate container egress traffic.
log.Printf("[net] Adding SNAT rule for egress traffic on %v.", client.hostInterfaceName)
logger.Info("Adding SNAT rule for egress traffic on", zap.String("hostInterfaceName", client.hostInterfaceName))
if err := ebtables.SetSnatForInterface(client.hostInterfaceName, hostIf.HardwareAddr, ebtables.Append); err != nil {
return err
}
@ -101,13 +101,13 @@ func (client *LinuxBridgeClient) AddL2Rules(extIf *externalInterface) error {
// ARP requests for all IP addresses are forwarded to the SDN fabric, but fabric
// doesn't respond to ARP requests from the VM for its own primary IP address.
primary := extIf.IPAddresses[0].IP
log.Printf("[net] Adding ARP reply rule for primary IP address %v.", primary)
logger.Info("Adding ARP reply rule for primary IP address", zap.Any("address", primary))
if err := ebtables.SetArpReply(primary, hostIf.HardwareAddr, ebtables.Append); err != nil {
return err
}
// Add DNAT rule to forward ARP replies to container interfaces.
log.Printf("[net] Adding DNAT rule for ingress ARP traffic on interface %v.", client.hostInterfaceName)
logger.Info("Adding DNAT rule for ingress ARP traffic on interface", zap.String("hostInterfaceName", client.hostInterfaceName))
if err := ebtables.SetDnatForArpReplies(client.hostInterfaceName, ebtables.Append); err != nil {
return err
}
@ -138,7 +138,7 @@ func (client *LinuxBridgeClient) AddL2Rules(extIf *externalInterface) error {
// Enable VEPA for host policy enforcement if necessary.
if client.nwInfo.Mode == opModeTunnel {
log.Printf("[net] Enabling VEPA mode for %v.", client.hostInterfaceName)
logger.Info("Enabling VEPA mode for", zap.String("hostInterfaceName", client.hostInterfaceName))
if err := ebtables.SetVepaMode(client.bridgeName, commonInterfacePrefix, virtualMacAddress, ebtables.Append); err != nil {
return err
}

39
network/endpoint.go
Просмотреть файл

@ -9,17 +9,23 @@ import (
"net"
"strings"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netio"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/log"
"github.com/Azure/azure-container-networking/network/policy"
"github.com/Azure/azure-container-networking/platform"
"go.uber.org/zap"
)
const (
InfraVnet = 0
)
var (
loggerName = "net"
logger = log.InitZapLogNet(loggerName)
)
type AzureHNSEndpoint struct{}
// Endpoint represents a container network interface.
@ -121,7 +127,7 @@ func (nw *network) newEndpoint(
defer func() {
if err != nil {
log.Printf("[net] Failed to create endpoint %v, err:%v.", epInfo.Id, err)
logger.Error("Failed to create endpoint with err", zap.String("id", epInfo.Id), zap.Error(err))
}
}()
@ -133,7 +139,7 @@ func (nw *network) newEndpoint(
}
nw.Endpoints[epInfo.Id] = ep
log.Printf("[net] Created endpoint %+v. Num of endpoints:%d", ep, len(nw.Endpoints))
logger.Info("Created endpoint. Num of endpoints", zap.Any("ep", ep), zap.Int("numEndpoints", len(nw.Endpoints)))
return ep, nil
}
@ -141,17 +147,17 @@ func (nw *network) newEndpoint(
func (nw *network) deleteEndpoint(nl netlink.NetlinkInterface, plc platform.ExecClient, endpointID string) error {
var err error
log.Printf("[net] Deleting endpoint %v from network %v.", endpointID, nw.Id)
logger.Info("Deleting endpoint from network", zap.String("endpointID", endpointID), zap.String("id", nw.Id))
defer func() {
if err != nil {
log.Printf("[net] Failed to delete endpoint %v, err:%v.", endpointID, err)
logger.Error("Failed to delete endpoint with", zap.String("endpointID", endpointID), zap.Error(err))
}
}()
// Look up the endpoint.
ep, err := nw.getEndpoint(endpointID)
if err != nil {
log.Printf("[net] Endpoint %v not found. Not Returning error", endpointID)
logger.Error("Endpoint not found. Not Returning error", zap.String("endpointID", endpointID), zap.Error(err))
return nil
}
@ -164,7 +170,7 @@ func (nw *network) deleteEndpoint(nl netlink.NetlinkInterface, plc platform.Exec
// Remove the endpoint object.
delete(nw.Endpoints, endpointID)
log.Printf("[net] Deleted endpoint %+v. Num of endpoints:%d", ep, len(nw.Endpoints))
logger.Info("Deleted endpoint. Num of endpoints", zap.Any("ep", ep), zap.Int("numEndpoints", len(nw.Endpoints)))
return nil
}
@ -181,7 +187,7 @@ func (nw *network) getEndpoint(endpointId string) (*endpoint, error) {
// GetEndpointByPOD returns the endpoint with the given ID.
func (nw *network) getEndpointByPOD(podName string, podNameSpace string, doExactMatchForPodName bool) (*endpoint, error) {
log.Printf("Trying to retrieve endpoint for pod name: %v in namespace: %v", podName, podNameSpace)
logger.Info("Trying to retrieve endpoint for pod name in namespace", zap.String("podName", podName), zap.String("podNameSpace", podNameSpace))
var ep *endpoint
@ -258,7 +264,7 @@ func (ep *endpoint) attach(sandboxKey string) error {
ep.SandboxKey = sandboxKey
log.Printf("[net] Attached endpoint %v to sandbox %v.", ep.Id, sandboxKey)
logger.Info("Attached endpoint to sandbox", zap.String("id", ep.Id), zap.String("sandboxKey", sandboxKey))
return nil
}
@ -269,7 +275,7 @@ func (ep *endpoint) detach() error {
return errEndpointNotInUse
}
log.Printf("[net] Detached endpoint %v from sandbox %v.", ep.Id, ep.SandboxKey)
logger.Info("Detached endpoint from sandbox", zap.String("id", ep.Id), zap.String("sandboxKey", ep.SandboxKey))
ep.SandboxKey = ""
@ -280,21 +286,22 @@ func (ep *endpoint) detach() error {
func (nm *networkManager) updateEndpoint(nw *network, exsitingEpInfo *EndpointInfo, targetEpInfo *EndpointInfo) error {
var err error
log.Printf("[net] Updating existing endpoint [%+v] in network %v to target [%+v].", exsitingEpInfo, nw.Id, targetEpInfo)
logger.Info("Updating existing endpoint in network to target", zap.Any("exsitingEpInfo", exsitingEpInfo),
zap.String("id", nw.Id), zap.Any("targetEpInfo", targetEpInfo))
defer func() {
if err != nil {
log.Printf("[net] Failed to update endpoint %v, err:%v.", exsitingEpInfo.Id, err)
logger.Error("Failed to update endpoint with err", zap.String("id", exsitingEpInfo.Id), zap.Error(err))
}
}()
log.Printf("Trying to retrieve endpoint id %v", exsitingEpInfo.Id)
logger.Info("Trying to retrieve endpoint id", zap.String("id", exsitingEpInfo.Id))
ep := nw.Endpoints[exsitingEpInfo.Id]
if ep == nil {
return errEndpointNotFound
}
log.Printf("[net] Retrieved endpoint to update %+v.", ep)
logger.Info("Retrieved endpoint to update", zap.Any("ep", ep))
// Call the platform implementation.
ep, err = nm.updateEndpointImpl(nw, exsitingEpInfo, targetEpInfo)
@ -310,13 +317,13 @@ func (nm *networkManager) updateEndpoint(nw *network, exsitingEpInfo *EndpointIn
func GetPodNameWithoutSuffix(podName string) string {
nameSplit := strings.Split(podName, "-")
log.Printf("namesplit %v", nameSplit)
logger.Info("namesplit", zap.Any("nameSplit", nameSplit))
if len(nameSplit) > 2 {
nameSplit = nameSplit[:len(nameSplit)-2]
} else {
return podName
}
log.Printf("Pod name after splitting based on - : %v", nameSplit)
logger.Info("Pod name after splitting based on", zap.Any("nameSplit", nameSplit))
return strings.Join(nameSplit, "-")
}

81
network/endpoint_linux.go
Просмотреть файл

@ -10,12 +10,12 @@ import (
"net"
"strings"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netio"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/networkutils"
"github.com/Azure/azure-container-networking/ovsctl"
"github.com/Azure/azure-container-networking/platform"
"go.uber.org/zap"
)
const (
@ -38,7 +38,7 @@ func ConstructEndpointID(containerID string, _ string, ifName string) (string, s
if len(containerID) > 8 {
containerID = containerID[:8]
} else {
log.Printf("Container ID is not greater than 8 ID: %v", containerID)
logger.Info("Container ID is not greater than 8 ID", zap.String("containerID", containerID))
return "", ""
}
@ -66,7 +66,7 @@ func (nw *network) newEndpointImpl(
var vlanid int = 0
if nw.Endpoints[epInfo.Id] != nil {
log.Printf("[net] Endpoint alreday exists.")
logger.Info("Endpoint alreday exists")
err = errEndpointExists
return nil, err
}
@ -83,13 +83,13 @@ func (nw *network) newEndpointImpl(
if _, ok := epInfo.Data[OptVethName]; ok {
key := epInfo.Data[OptVethName].(string)
log.Printf("Generate veth name based on the key provided %v", key)
logger.Info("Generate veth name based on the key provided", zap.String("key", key))
vethname := generateVethName(key)
hostIfName = fmt.Sprintf("%s%s", hostVEthInterfacePrefix, vethname)
contIfName = fmt.Sprintf("%s%s2", hostVEthInterfacePrefix, vethname)
} else {
// Create a veth pair.
log.Printf("Generate veth name based on endpoint id")
logger.Info("Generate veth name based on endpoint id")
hostIfName = fmt.Sprintf("%s%s", hostVEthInterfacePrefix, epInfo.Id[:7])
contIfName = fmt.Sprintf("%s%s-2", hostVEthInterfacePrefix, epInfo.Id[:7])
}
@ -99,13 +99,13 @@ func (nw *network) newEndpointImpl(
//nolint:gocritic
if vlanid != 0 {
if nw.Mode == opModeTransparentVlan {
log.Printf("Transparent vlan client")
logger.Info("Transparent vlan client")
if _, ok := epInfo.Data[SnatBridgeIPKey]; ok {
nw.SnatBridgeIP = epInfo.Data[SnatBridgeIPKey].(string)
}
epClient = NewTransparentVlanEndpointClient(nw, epInfo, hostIfName, contIfName, vlanid, localIP, nl, plc)
} else {
log.Printf("OVS client")
logger.Info("OVS client")
if _, ok := epInfo.Data[SnatBridgeIPKey]; ok {
nw.SnatBridgeIP = epInfo.Data[SnatBridgeIPKey].(string)
}
@ -122,10 +122,10 @@ func (nw *network) newEndpointImpl(
plc)
}
} else if nw.Mode != opModeTransparent {
log.Printf("Bridge client")
logger.Info("Bridge client")
epClient = NewLinuxBridgeEndpointClient(nw.extIf, hostIfName, contIfName, nw.Mode, nl, plc)
} else {
log.Printf("Transparent client")
logger.Info("Transparent client")
epClient = NewTransparentEndpointClient(nw.extIf, hostIfName, contIfName, nw.Mode, nl, plc)
}
}
@ -133,7 +133,7 @@ func (nw *network) newEndpointImpl(
// Cleanup on failure.
defer func() {
if err != nil {
log.Printf("CNI error:%v. Delete Endpoint %v and rules that are created.", err, contIfName)
logger.Error("CNI error. Delete Endpoint and rules that are created", zap.Error(err), zap.String("contIfName", contIfName))
endpt := &endpoint{
Id: epInfo.Id,
IfName: contIfName,
@ -179,7 +179,7 @@ func (nw *network) newEndpointImpl(
// If a network namespace for the container interface is specified...
if epInfo.NetNsPath != "" {
// Open the network namespace.
log.Printf("[net] Opening netns %v.", epInfo.NetNsPath)
logger.Info("Opening netns", zap.Any("NetNsPath", epInfo.NetNsPath))
ns, err = OpenNamespace(epInfo.NetNsPath)
if err != nil {
return nil, err
@ -191,23 +191,23 @@ func (nw *network) newEndpointImpl(
}
// Enter the container network namespace.
log.Printf("[net] Entering netns %v.", epInfo.NetNsPath)
logger.Info("Entering netns", zap.Any("NetNsPath", epInfo.NetNsPath))
if err = ns.Enter(); err != nil {
return nil, err
}
// Return to host network namespace.
defer func() {
log.Printf("[net] Exiting netns %v.", epInfo.NetNsPath)
logger.Info("Exiting netns", zap.Any("NetNsPath", epInfo.NetNsPath))
if err := ns.Exit(); err != nil {
log.Printf("[net] Failed to exit netns, err:%v.", err)
logger.Error("Failed to exit netns with", zap.Error(err))
}
}()
}
if epInfo.IPV6Mode != "" {
// Enable ipv6 setting in container
log.Printf("Enable ipv6 setting in container.")
logger.Info("Enable ipv6 setting in container.")
nuc := networkutils.NewNetworkUtils(nl, plc)
if err = nuc.UpdateIPV6Setting(0); err != nil {
return nil, fmt.Errorf("Enable ipv6 in container failed:%w", err)
@ -267,7 +267,7 @@ func (nw *network) deleteEndpointImpl(nl netlink.NetlinkInterface, plc platform.
if ep.VlanID != 0 {
epInfo := ep.getInfo()
if nw.Mode == opModeTransparentVlan {
log.Printf("Transparent vlan client")
logger.Info("Transparent vlan client")
epClient = NewTransparentVlanEndpointClient(nw, epInfo, ep.HostIfName, "", ep.VlanID, ep.LocalIP, nl, plc)
} else {
@ -303,7 +303,7 @@ func addRoutes(nl netlink.NetlinkInterface, netioshim netio.NetIOInterface, inte
} else {
interfaceIf, err := netioshim.GetNetworkInterfaceByName(interfaceName)
if err != nil {
log.Errorf("Interface not found:%v", err)
logger.Error("Interface not found with", zap.Error(err))
return fmt.Errorf("addRoutes failed: %w", err)
}
ifIndex = interfaceIf.Index
@ -325,12 +325,12 @@ func addRoutes(nl netlink.NetlinkInterface, netioshim netio.NetIOInterface, inte
Table: route.Table,
}
log.Printf("[net] Adding IP route %+v to link %v.", route, interfaceName)
logger.Info("Adding IP route to link", zap.Any("route", route), zap.String("interfaceName", interfaceName))
if err := nl.AddIPRoute(nlRoute); err != nil {
if !strings.Contains(strings.ToLower(err.Error()), "file exists") {
return err
} else {
log.Printf("[net] route already exists")
logger.Info("route already exists")
}
}
}
@ -345,7 +345,7 @@ func deleteRoutes(nl netlink.NetlinkInterface, netioshim netio.NetIOInterface, i
if route.DevName != "" {
devIf, _ := netioshim.GetNetworkInterfaceByName(route.DevName)
if devIf == nil {
log.Printf("[net] Not deleting route. Interface %v doesn't exist", interfaceName)
logger.Info("Not deleting route. Interface doesn't exist", zap.String("interfaceName", interfaceName))
continue
}
@ -353,7 +353,7 @@ func deleteRoutes(nl netlink.NetlinkInterface, netioshim netio.NetIOInterface, i
} else if interfaceName != "" {
interfaceIf, _ := netioshim.GetNetworkInterfaceByName(interfaceName)
if interfaceIf == nil {
log.Printf("[net] Not deleting route. Interface %v doesn't exist", interfaceName)
logger.Info("Not deleting route. Interface doesn't exist", zap.String("interfaceName", interfaceName))
continue
}
ifIndex = interfaceIf.Index
@ -373,7 +373,7 @@ func deleteRoutes(nl netlink.NetlinkInterface, netioshim netio.NetIOInterface, i
Scope: route.Scope,
}
log.Printf("[net] Deleting IP route %+v from link %v.", route, interfaceName)
logger.Info("Deleting IP route from link", zap.Any("route", route), zap.String("interfaceName", interfaceName))
if err := nl.DeleteIPRoute(nlRoute); err != nil {
return err
}
@ -389,9 +389,9 @@ func (nm *networkManager) updateEndpointImpl(nw *network, existingEpInfo *Endpoi
var err error
existingEpFromRepository := nw.Endpoints[existingEpInfo.Id]
log.Printf("[updateEndpointImpl] Going to retrieve endpoint with Id %+v to update.", existingEpInfo.Id)
logger.Info("[updateEndpointImpl] Going to retrieve endpoint with Id to update", zap.String("id", existingEpInfo.Id))
if existingEpFromRepository == nil {
log.Printf("[updateEndpointImpl] Endpoint cannot be updated as it does not exist.")
logger.Info("[updateEndpointImpl] Endpoint cannot be updated as it does not exist")
err = errEndpointNotFound
return nil, err
}
@ -400,7 +400,7 @@ func (nm *networkManager) updateEndpointImpl(nw *network, existingEpInfo *Endpoi
// Network namespace for the container interface has to be specified
if netns != "" {
// Open the network namespace.
log.Printf("[updateEndpointImpl] Opening netns %v.", netns)
logger.Info("[updateEndpointImpl] Opening netns", zap.Any("netns", netns))
ns, err = OpenNamespace(netns)
if err != nil {
return nil, err
@ -408,25 +408,26 @@ func (nm *networkManager) updateEndpointImpl(nw *network, existingEpInfo *Endpoi
defer ns.Close()
// Enter the container network namespace.
log.Printf("[updateEndpointImpl] Entering netns %v.", netns)
logger.Info("[updateEndpointImpl] Entering netns", zap.Any("netns", netns))
if err = ns.Enter(); err != nil {
return nil, err
}
// Return to host network namespace.
defer func() {
log.Printf("[updateEndpointImpl] Exiting netns %v.", netns)
logger.Info("[updateEndpointImpl] Exiting netns", zap.Any("netns", netns))
if err := ns.Exit(); err != nil {
log.Printf("[updateEndpointImpl] Failed to exit netns, err:%v.", err)
logger.Error("[updateEndpointImpl] Failed to exit netns with", zap.Error(err))
}
}()
} else {
log.Printf("[updateEndpointImpl] Endpoint cannot be updated as the network namespace does not exist: Epid: %v", existingEpInfo.Id)
logger.Info("[updateEndpointImpl] Endpoint cannot be updated as the network namespace does not exist: Epid", zap.String("id", existingEpInfo.Id),
zap.String("component", "updateEndpointImpl"))
err = errNamespaceNotFound
return nil, err
}
log.Printf("[updateEndpointImpl] Going to update routes in netns %v.", netns)
logger.Info("[updateEndpointImpl] Going to update routes in netns", zap.Any("netns", netns))
if err = nm.updateRoutes(existingEpInfo, targetEpInfo); err != nil {
return nil, err
}
@ -443,8 +444,8 @@ func (nm *networkManager) updateEndpointImpl(nw *network, existingEpInfo *Endpoi
}
func (nm *networkManager) updateRoutes(existingEp *EndpointInfo, targetEp *EndpointInfo) error {
log.Printf("Updating routes for the endpoint %+v.", existingEp)
log.Printf("Target endpoint is %+v", targetEp)
logger.Info("Updating routes for the endpoint", zap.Any("existingEp", existingEp))
logger.Info("Target endpoint is", zap.Any("targetEp", targetEp))
existingRoutes := make(map[string]RouteInfo)
targetRoutes := make(map[string]RouteInfo)
@ -455,8 +456,8 @@ func (nm *networkManager) updateRoutes(existingEp *EndpointInfo, targetEp *Endpo
// we do not support enable/disable snat for now
defaultDst := net.ParseIP("0.0.0.0")
log.Printf("Going to collect routes and skip default and infravnet routes if applicable.")
log.Printf("Key for default route: %+v", defaultDst.String())
logger.Info("Going to collect routes and skip default and infravnet routes if applicable.")
logger.Info("Key for default route", zap.String("route", defaultDst.String()))
infraVnetKey := ""
if targetEp.EnableInfraVnet {
@ -466,15 +467,15 @@ func (nm *networkManager) updateRoutes(existingEp *EndpointInfo, targetEp *Endpo
}
}
log.Printf("Key for route to infra vnet: %+v", infraVnetKey)
logger.Info("Key for route to infra vnet", zap.String("infraVnetKey", infraVnetKey))
for _, route := range existingEp.Routes {
destination := route.Dst.IP.String()
log.Printf("Checking destination as %+v to skip or not", destination)
logger.Info("Checking destination as to skip or not", zap.String("destination", destination))
isDefaultRoute := destination == defaultDst.String()
isInfraVnetRoute := targetEp.EnableInfraVnet && (destination == infraVnetKey)
if !isDefaultRoute && !isInfraVnetRoute {
existingRoutes[route.Dst.String()] = route
log.Printf("%+v was skipped", destination)
logger.Info("was skipped", zap.String("destination", destination))
}
}
@ -486,7 +487,7 @@ func (nm *networkManager) updateRoutes(existingEp *EndpointInfo, targetEp *Endpo
dst := existingRoute.Dst.String()
if _, ok := targetRoutes[dst]; !ok {
tobeDeletedRoutes = append(tobeDeletedRoutes, existingRoute)
log.Printf("Adding following route to the tobeDeleted list: %+v", existingRoute)
logger.Info("Adding following route to the tobeDeleted list", zap.Any("existingRoute", existingRoute))
}
}
@ -494,7 +495,7 @@ func (nm *networkManager) updateRoutes(existingEp *EndpointInfo, targetEp *Endpo
dst := targetRoute.Dst.String()
if _, ok := existingRoutes[dst]; !ok {
tobeAddedRoutes = append(tobeAddedRoutes, targetRoute)
log.Printf("Adding following route to the tobeAdded list: %+v", targetRoute)
logger.Info("Adding following route to the tobeAdded list", zap.Any("targetRoute", targetRoute))
}
}
@ -509,7 +510,7 @@ func (nm *networkManager) updateRoutes(existingEp *EndpointInfo, targetEp *Endpo
return err
}
log.Printf("Successfully updated routes for the endpoint %+v using target: %+v", existingEp, targetEp)
logger.Info("Successfully updated routes for the endpoint using target", zap.Any("existingEp", existingEp), zap.Any("targetEp", targetEp))
return nil
}

8
network/endpoint_snatroute_linux.go
Просмотреть файл

@ -3,12 +3,12 @@ package network
import (
"fmt"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/networkutils"
"github.com/Azure/azure-container-networking/network/snat"
"github.com/Azure/azure-container-networking/platform"
"github.com/pkg/errors"
"go.uber.org/zap"
)
func GetSnatHostIfName(epInfo *EndpointInfo) string {
@ -58,7 +58,7 @@ func AddSnatEndpointRules(snatClient *snat.Client, hostToNC, ncToHost bool, nl n
func MoveSnatEndpointToContainerNS(snatClient *snat.Client, netnsPath string, nsID uintptr) error {
if err := snatClient.MoveSnatEndpointToContainerNS(netnsPath, nsID); err != nil {
if delErr := snatClient.DeleteSnatEndpoint(); delErr != nil {
log.Errorf("failed to delete snat endpoint on error(moving to container ns): %v", delErr)
logger.Error("failed to delete snat endpoint on error(moving to container ns)", zap.Error(delErr))
}
return errors.Wrap(err, "failed to move snat endpoint to container ns. deleted snat endpoint")
}
@ -90,14 +90,14 @@ func DeleteSnatEndpointRules(snatClient *snat.Client, hostToNC, ncToHost bool) {
if hostToNC {
err := snatClient.DeleteInboundFromHostToNC()
if err != nil {
log.Errorf("failed to delete inbound from host to nc rules")
logger.Error("failed to delete inbound from host to nc rules", zap.Error(err))
}
}
if ncToHost {
err := snatClient.DeleteInboundFromNCToHost()
if err != nil {
log.Errorf("failed to delete inbound from nc to host rules")
logger.Error("failed to delete inbound from nc to host rules", zap.Error(err))
}
}
}

68
network/endpoint_windows.go
Просмотреть файл

@ -9,13 +9,13 @@ import (
"net"
"strings"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netio"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/policy"
"github.com/Azure/azure-container-networking/platform"
"github.com/Microsoft/hcsshim"
"github.com/Microsoft/hcsshim/hcn"
"go.uber.org/zap"
)
const (
@ -121,21 +121,21 @@ func (nw *network) newEndpointImplHnsV1(epInfo *EndpointInfo) (*endpoint, error)
defer func() {
if err != nil {
log.Printf("[net] HNSEndpointRequest DELETE id:%v", hnsResponse.Id)
logger.Info("HNSEndpointRequest DELETE id", zap.String("id", hnsResponse.Id))
hnsResponse, err := Hnsv1.DeleteEndpoint(hnsResponse.Id)
log.Printf("[net] HNSEndpointRequest DELETE response:%+v err:%v.", hnsResponse, err)
logger.Error("HNSEndpointRequest DELETE response", zap.Any("hnsResponse", hnsResponse), zap.Error(err))
}
}()
if epInfo.SkipHotAttachEp {
log.Printf("[net] Skipping attaching the endpoint %v to container %v.",
hnsResponse.Id, epInfo.ContainerID)
logger.Info("Skipping attaching the endpoint to container",
zap.String("id", hnsResponse.Id), zap.String("id", epInfo.ContainerID))
} else {
// Attach the endpoint.
log.Printf("[net] Attaching endpoint %v to container %v.", hnsResponse.Id, epInfo.ContainerID)
logger.Info("Attaching endpoint to container", zap.String("id", hnsResponse.Id), zap.String("ContainerID", epInfo.ContainerID))
err = Hnsv1.HotAttachEndpoint(epInfo.ContainerID, hnsResponse.Id)
if err != nil {
log.Printf("[net] Failed to attach endpoint: %v.", err)
logger.Error("Failed to attach endpoint", zap.Error(err))
return nil, err
}
}
@ -184,7 +184,7 @@ func (nw *network) addIPv6NeighborEntryForGateway(epInfo *EndpointInfo) error {
cmd := fmt.Sprintf("New-NetNeighbor -IPAddress %s -InterfaceAlias \"%s (%s)\" -LinkLayerAddress \"%s\"",
nw.Subnets[1].Gateway.String(), containerIfNamePrefix, epInfo.Id, defaultGwMac)
if out, err = platform.ExecutePowershellCommand(cmd); err != nil {
log.Errorf("[net] Adding ipv6 gw neigh entry failed %v:%v", out, err)
logger.Error("Adding ipv6 gw neigh entry failed", zap.Any("out", out), zap.Error(err))
return err
}
}
@ -216,7 +216,7 @@ func (nw *network) configureHcnEndpoint(epInfo *EndpointInfo) (*hcn.HostComputeE
hcnEndpoint.Policies = append(hcnEndpoint.Policies, epPolicy)
}
} else {
log.Printf("[net] Failed to get endpoint policies due to error: %v", err)
logger.Error("Failed to get endpoint policies due to", zap.Error(err))
return nil, err
}
@ -249,7 +249,7 @@ func (nw *network) deleteHostNCApipaEndpoint(networkContainerID string) error {
// HostNCApipaEndpoint name is derived from NC ID
endpointName := fmt.Sprintf("%s-%s", hostNCApipaEndpointNamePrefix, networkContainerID)
log.Printf("[net] Deleting HostNCApipaEndpoint: %s for NC: %s", endpointName, networkContainerID)
logger.Info("Deleting HostNCApipaEndpoint for NC", zap.String("endpointName", endpointName), zap.String("networkContainerID", networkContainerID))
// Check if the endpoint exists
endpoint, err := Hnsv2.GetEndpointByName(endpointName)
@ -257,10 +257,10 @@ func (nw *network) deleteHostNCApipaEndpoint(networkContainerID string) error {
// If error is anything other than EndpointNotFoundError, return error.
// else log the error but don't return error because endpoint is already deleted.
if _, endpointNotFound := err.(hcn.EndpointNotFoundError); !endpointNotFound {
return fmt.Errorf("[net] deleteEndpointByNameHnsV2 failed due to error with GetEndpointByName: %w", err)
return fmt.Errorf("deleteEndpointByNameHnsV2 failed due to error with GetEndpointByName: %w", err)
}
log.Printf("[net] Delete called on the Endpoint: %s which doesn't exist. Error: %v", endpointName, err)
logger.Error("Delete called on the Endpoint which doesn't exist. Error:", zap.String("endpointName", endpointName), zap.Error(err))
return nil
}
@ -268,7 +268,7 @@ func (nw *network) deleteHostNCApipaEndpoint(networkContainerID string) error {
return fmt.Errorf("failed to delete HostNCApipa endpoint: %+v: %w", endpoint, err)
}
log.Printf("[net] Successfully deleted HostNCApipa endpoint: %+v", endpoint)
logger.Info("Successfully deleted HostNCApipa endpoint", zap.Any("endpoint", endpoint))
return nil
}
@ -287,8 +287,8 @@ func (nw *network) createHostNCApipaEndpoint(cli apipaClient, epInfo *EndpointIn
" due to error: %v", epInfo.NetNsPath, err)
}
log.Printf("[net] Creating HostNCApipaEndpoint for host container connectivity for NC: %s",
epInfo.NetworkContainerID)
logger.Info("Creating HostNCApipaEndpoint for host container connectivity for NC",
zap.String("NetworkContainerID", epInfo.NetworkContainerID))
if hostNCApipaEndpointID, err = cli.CreateHostNCApipaEndpoint(context.TODO(), epInfo.NetworkContainerID); err != nil {
return err
@ -301,8 +301,7 @@ func (nw *network) createHostNCApipaEndpoint(cli apipaClient, epInfo *EndpointIn
}()
if err = hcn.AddNamespaceEndpoint(namespace.Id, hostNCApipaEndpointID); err != nil {
return fmt.Errorf("[net] Failed to add HostNCApipaEndpoint: %s to namespace: %s due to error: %v",
hostNCApipaEndpointID, namespace.Id, err)
return fmt.Errorf("Failed to add HostNCApipaEndpoint: %s to namespace: %s due to error: %v", hostNCApipaEndpointID, namespace.Id, err) //nolint
}
return nil
@ -312,24 +311,24 @@ func (nw *network) createHostNCApipaEndpoint(cli apipaClient, epInfo *EndpointIn
func (nw *network) newEndpointImplHnsV2(cli apipaClient, epInfo *EndpointInfo) (*endpoint, error) {
hcnEndpoint, err := nw.configureHcnEndpoint(epInfo)
if err != nil {
log.Printf("[net] Failed to configure hcn endpoint due to error: %v", err)
logger.Error("Failed to configure hcn endpoint due to", zap.Error(err))
return nil, err
}
// Create the HCN endpoint.
log.Printf("[net] Creating hcn endpoint: %s computenetwork:%s", hcnEndpoint.Name, hcnEndpoint.HostComputeNetwork)
logger.Info("Creating hcn endpoint", zap.String("name", hcnEndpoint.Name), zap.String("computenetwork", hcnEndpoint.HostComputeNetwork))
hnsResponse, err := Hnsv2.CreateEndpoint(hcnEndpoint)
if err != nil {
return nil, fmt.Errorf("Failed to create endpoint: %s due to error: %v", hcnEndpoint.Name, err)
}
log.Printf("[net] Successfully created hcn endpoint with response: %+v", hnsResponse)
logger.Info("Successfully created hcn endpoint with response", zap.Any("hnsResponse", hnsResponse))
defer func() {
if err != nil {
log.Printf("[net] Deleting hcn endpoint with id: %s", hnsResponse.Id)
logger.Info("Deleting hcn endpoint with id", zap.String("id", hnsResponse.Id))
err = Hnsv2.DeleteEndpoint(hnsResponse)
log.Printf("[net] Completed hcn endpoint deletion for id: %s with error: %v", hnsResponse.Id, err)
logger.Error("Completed hcn endpoint deletion for id with error", zap.String("id", hnsResponse.Id), zap.Error(err))
}
}()
@ -339,15 +338,14 @@ func (nw *network) newEndpointImplHnsV2(cli apipaClient, epInfo *EndpointInfo) (
}
if err = Hnsv2.AddNamespaceEndpoint(namespace.Id, hnsResponse.Id); err != nil {
return nil, fmt.Errorf("[net] Failed to add endpoint: %s to hcn namespace: %s due to error: %v",
hnsResponse.Id, namespace.Id, err)
return nil, fmt.Errorf("Failed to add endpoint: %s to hcn namespace: %s due to error: %v", hnsResponse.Id, namespace.Id, err) //nolint
}
defer func() {
if err != nil {
if errRemoveNsEp := Hnsv2.RemoveNamespaceEndpoint(namespace.Id, hnsResponse.Id); errRemoveNsEp != nil {
log.Printf("[net] Failed to remove endpoint: %s from namespace: %s due to error: %v",
hnsResponse.Id, hnsResponse.Id, errRemoveNsEp)
logger.Error("Failed to remove endpoint from namespace due to error",
zap.String("id", hnsResponse.Id), zap.String("id", hnsResponse.Id), zap.Error(errRemoveNsEp))
}
}
}()
@ -415,16 +413,16 @@ func (nw *network) deleteEndpointImpl(_ netlink.NetlinkInterface, _ platform.Exe
// deleteEndpointImplHnsV1 deletes an existing endpoint from the network using HNS v1.
func (nw *network) deleteEndpointImplHnsV1(ep *endpoint) error {
log.Printf("[net] HNSEndpointRequest DELETE id:%v", ep.HnsId)
logger.Info("HNSEndpointRequest DELETE id", zap.String("id", ep.HnsId))
hnsResponse, err := Hnsv1.DeleteEndpoint(ep.HnsId)
log.Printf("[net] HNSEndpointRequest DELETE response:%+v err:%v.", hnsResponse, err)
logger.Info("HNSEndpointRequest DELETE response err", zap.Any("hnsResponse", hnsResponse), zap.Error(err))
// todo: may need to improve error handling if hns or hcsshim change their error bubbling.
// hcsshim bubbles up a generic error when delete fails with message "The endpoint was not found".
// the best we can do at the moment is string comparison, which is never great for error checking
if err != nil {
if strings.Contains(strings.ToLower(err.Error()), "not found") {
log.Printf("[net] HNS endpoint id %s not found", ep.HnsId)
logger.Info("HNS endpoint id not found", zap.String("id", ep.HnsId))
return nil
}
}
@ -441,12 +439,12 @@ func (nw *network) deleteEndpointImplHnsV2(ep *endpoint) error {
if ep.AllowInboundFromHostToNC || ep.AllowInboundFromNCToHost {
if err = nw.deleteHostNCApipaEndpoint(ep.NetworkContainerID); err != nil {
log.Errorf("[net] Failed to delete HostNCApipaEndpoint due to error: %v", err)
logger.Error("Failed to delete HostNCApipaEndpoint due to error", zap.Error(err))
return err
}
}
log.Printf("[net] Deleting hcn endpoint with id: %s", ep.HnsId)
logger.Info("Deleting hcn endpoint with id", zap.String("HnsId", ep.HnsId))
hcnEndpoint, err = Hnsv2.GetEndpointByID(ep.HnsId)
if err != nil {
@ -456,21 +454,21 @@ func (nw *network) deleteEndpointImplHnsV2(ep *endpoint) error {
return fmt.Errorf("Failed to get hcn endpoint with id: %s due to err: %w", ep.HnsId, err)
}
log.Printf("[net] Delete called on the Endpoint: %s which doesn't exist. Error: %v", ep.HnsId, err)
logger.Error("Delete called on the Endpoint which doesn't exist. Error:", zap.String("HnsId", ep.HnsId), zap.Error(err))
return nil
}
// Remove this endpoint from the namespace
if err = Hnsv2.RemoveNamespaceEndpoint(hcnEndpoint.HostComputeNamespace, hcnEndpoint.Id); err != nil {
log.Errorf("Failed to remove hcn endpoint: %s from namespace: %s due to error: %v", ep.HnsId,
hcnEndpoint.HostComputeNamespace, err)
logger.Error("Failed to remove hcn endpoint from namespace due to error", zap.String("HnsId", ep.HnsId),
zap.String("HostComputeNamespace", hcnEndpoint.HostComputeNamespace), zap.Error(err))
}
if err = Hnsv2.DeleteEndpoint(hcnEndpoint); err != nil {
return fmt.Errorf("Failed to delete hcn endpoint: %s due to error: %v", ep.HnsId, err)
}
log.Printf("[net] Successfully deleted hcn endpoint with id: %s", ep.HnsId)
logger.Info("Successfully deleted hcn endpoint with id", zap.String("HnsId", ep.HnsId))
return nil
}

16
network/hnswrapper/hnsv1wrapper.go
Просмотреть файл

@ -6,8 +6,14 @@ package hnswrapper
import (
"encoding/json"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/network/log"
"github.com/Microsoft/hcsshim"
"go.uber.org/zap"
)
var (
loggerName = "net"
logger = log.InitZapLogNet(loggerName)
)
type Hnsv1wrapper struct{}
@ -21,9 +27,9 @@ func (Hnsv1wrapper) CreateEndpoint(endpoint *hcsshim.HNSEndpoint, path string) (
hnsRequest := string(buffer)
// Create the HNS endpoint.
log.Printf("[net] HNSEndpointRequest POST request:%+v", hnsRequest)
logger.Info("HNSEndpointRequest POST", zap.String("request", hnsRequest))
hnsResponse, err := hcsshim.HNSEndpointRequest("POST", path, hnsRequest)
log.Printf("[net] HNSEndpointRequest POST response:%+v err:%v.", hnsResponse, err)
logger.Info("HNSEndpointRequest POST", zap.Any("response", hnsResponse), zap.Error(err))
if err != nil {
return nil, err
@ -50,9 +56,9 @@ func (Hnsv1wrapper) CreateNetwork(network *hcsshim.HNSNetwork, path string) (*hc
hnsRequest := string(buffer)
// Create the HNS network.
log.Printf("[net] HNSNetworkRequest POST request:%+v", hnsRequest)
logger.Info("HNSNetworkRequest POST request", zap.String("request", hnsRequest))
hnsResponse, err := hcsshim.HNSNetworkRequest("POST", path, hnsRequest)
log.Printf("[net] HNSNetworkRequest POST response:%+v err:%v.", hnsResponse, err)
logger.Info("HNSNetworkRequest POST response", zap.Any("response", hnsResponse), zap.Error(err))
if err != nil {
return nil, err

20
network/log/logger.go Normal file
Просмотреть файл

@ -0,0 +1,20 @@
package log
import (
"os"
"github.com/Azure/azure-container-networking/zaplog"
"go.uber.org/zap"
)
var loggerFile = "azure-vnet.log"
func InitZapLogNet(loggerName string) *zap.Logger {
zaplog.LoggerCfg.Name = loggerName
zaplog.LoggerCfg.LogPath = zaplog.LogPath + loggerFile
logger := zaplog.InitZapLog(&zaplog.LoggerCfg)
// only log process id on CNI package
logger = logger.With(zap.Int("pid", os.Getpid()))
return logger
}

36
network/manager.go
Просмотреть файл

@ -10,11 +10,11 @@ import (
cnms "github.com/Azure/azure-container-networking/cnms/cnmspackage"
"github.com/Azure/azure-container-networking/common"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netio"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/platform"
"github.com/Azure/azure-container-networking/store"
"go.uber.org/zap"
)
const (
@ -127,7 +127,7 @@ func (nm *networkManager) Uninitialize() {
func (nm *networkManager) restore(isRehydrationRequired bool) error {
// Skip if a store is not provided.
if nm.store == nil {
log.Printf("[net] network store is nil")
logger.Info("network store is nil")
return nil
}
@ -139,14 +139,14 @@ func (nm *networkManager) restore(isRehydrationRequired bool) error {
err := nm.store.Read(storeKey, nm)
if err != nil {
if err == store.ErrKeyNotFound {
log.Printf("[net] network store key not found")
logger.Info("network store key not found")
// Considered successful.
return nil
} else if err == store.ErrStoreEmpty {
log.Printf("[net] network store empty")
logger.Info("network store empty")
return nil
} else {
log.Printf("[net] Failed to restore state, err:%v\n", err)
logger.Error("Failed to restore state", zap.Error(err))
return err
}
}
@ -155,20 +155,20 @@ func (nm *networkManager) restore(isRehydrationRequired bool) error {
modTime, err := nm.store.GetModificationTime()
if err == nil {
rebootTime, err := platform.GetLastRebootTime()
log.Printf("[net] reboot time %v store mod time %v", rebootTime, modTime)
logger.Info("reboot time, store mod time", zap.Any("rebootTime", rebootTime), zap.Any("modTime", modTime))
if err == nil && rebootTime.After(modTime) {
log.Printf("[net] Detected Reboot")
logger.Info("Detected Reboot")
rebooted = true
if clearNwConfig, err := platform.ClearNetworkConfiguration(); clearNwConfig {
if err != nil {
log.Printf("[net] Failed to clear network configuration, err:%v\n", err)
logger.Error("Failed to clear network configuration", zap.Error(err))
return err
}
// Delete the networks left behind after reboot
for _, extIf := range nm.ExternalInterfaces {
for _, nw := range extIf.Networks {
log.Printf("[net] Deleting the network %s on reboot\n", nw.Id)
logger.Info("Deleting the network on reboot", zap.String("id", nw.Id))
_ = nm.deleteNetwork(nw.Id)
}
}
@ -193,12 +193,13 @@ func (nm *networkManager) restore(isRehydrationRequired bool) error {
// if rebooted recreate the network that existed before reboot.
if rebooted {
log.Printf("[net] Rehydrating network state from persistent store")
logger.Info("Rehydrating network state from persistent store")
for _, extIf := range nm.ExternalInterfaces {
for _, nw := range extIf.Networks {
nwInfo, err := nm.GetNetworkInfo(nw.Id)
if err != nil {
log.Printf("[net] Failed to fetch network info for network %v extif %v err %v. This should not happen", nw, extIf, err)
logger.Error("Failed to fetch network info for network extif err. This should not happen",
zap.Any("nw", nw), zap.Any("extIf", extIf), zap.Error(err))
return err
}
@ -206,14 +207,15 @@ func (nm *networkManager) restore(isRehydrationRequired bool) error {
_, err = nm.newNetworkImpl(&nwInfo, extIf)
if err != nil {
log.Printf("[net] Restoring network failed for nwInfo %v extif %v. This should not happen %v", nwInfo, extIf, err)
logger.Error("Restoring network failed for nwInfo extif. This should not happen",
zap.Any("nwInfo", nwInfo), zap.Any("extIf", extIf), zap.Error(err))
return err
}
}
}
}
log.Printf("[net] Restored state")
logger.Info("Restored state")
return nil
}
@ -229,9 +231,9 @@ func (nm *networkManager) save() error {
err := nm.store.Write(storeKey, nm)
if err == nil {
log.Printf("[net] Save succeeded.\n")
logger.Info("Save succeeded")
} else {
log.Printf("[net] Save failed, err:%v\n", err)
logger.Error("Save failed", zap.Error(err))
}
return err
}
@ -336,7 +338,7 @@ func (nm *networkManager) CreateEndpoint(cli apipaClient, networkID string, epIn
if nw.VlanId != 0 {
if epInfo.Data[VlanIDKey] == nil {
log.Printf("overriding endpoint vlanid with network vlanid")
logger.Info("overriding endpoint vlanid with network vlanid")
epInfo.Data[VlanIDKey] = nw.VlanId
}
}
@ -403,7 +405,7 @@ func (nm *networkManager) GetAllEndpoints(networkId string) (map[string]*Endpoin
// Special case when CNS invokes CNI, but there is no state, but return gracefully
if len(nm.ExternalInterfaces) == 0 {
log.Printf("Network manager has no external interfaces, is the state file populated?")
logger.Info("Network manager has no external interfaces, is the state file populated?")
return eps, store.ErrStoreEmpty
}

4
network/monitor_linux.go
Просмотреть файл

@ -5,7 +5,7 @@ import (
cnms "github.com/Azure/azure-container-networking/cnms/cnmspackage"
"github.com/Azure/azure-container-networking/ebtables"
"github.com/Azure/azure-container-networking/log"
"go.uber.org/zap"
)
const (
@ -16,7 +16,7 @@ const (
func (nm *networkManager) monitorNetworkState(networkMonitor *cnms.NetworkMonitor) error {
currentEbtableRulesMap, err := cnms.GetEbTableRulesInMap()
if err != nil {
log.Printf("GetEbTableRulesInMap failed with error %v", err)
logger.Error("GetEbTableRulesInMap failed with", zap.Error(err))
return err
}

24
network/network.go
Просмотреть файл

@ -8,9 +8,9 @@ import (
"net"
"strings"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/network/policy"
"github.com/Azure/azure-container-networking/platform"
"go.uber.org/zap"
)
const (
@ -122,7 +122,7 @@ func (nm *networkManager) newExternalInterface(ifName string, subnet string) err
nm.ExternalInterfaces[ifName] = &extIf
log.Printf("[net] Added ExternalInterface %v for subnet %v.", ifName, subnet)
logger.Info("Added ExternalInterface for subnet", zap.String("ifName", ifName), zap.String("subnet", subnet))
return nil
}
@ -131,7 +131,7 @@ func (nm *networkManager) newExternalInterface(ifName string, subnet string) err
func (nm *networkManager) deleteExternalInterface(ifName string) error {
delete(nm.ExternalInterfaces, ifName)
log.Printf("[net] Deleted ExternalInterface %v.", ifName)
logger.Info("Deleted ExternalInterface", zap.String("ifName", ifName))
return nil
}
@ -164,10 +164,10 @@ func (nm *networkManager) newNetwork(nwInfo *NetworkInfo) (*network, error) {
var nw *network
var err error
log.Printf("[net] Creating network %s.", nwInfo.PrettyString())
logger.Info("Creating", zap.String("network", nwInfo.PrettyString()))
defer func() {
if err != nil {
log.Printf("[net] Failed to create network %v, err:%v.", nwInfo.Id, err)
logger.Error("Failed to create network", zap.String("id", nwInfo.Id), zap.Error(err))
}
}()
@ -205,7 +205,7 @@ func (nm *networkManager) newNetwork(nwInfo *NetworkInfo) (*network, error) {
nw.Subnets = nwInfo.Subnets
extIf.Networks[nwInfo.Id] = nw
log.Printf("[net] Created network %v on interface %v.", nwInfo.Id, extIf.Name)
logger.Info("Created network on interface", zap.String("id", nwInfo.Id), zap.String("Name", extIf.Name))
return nw, nil
}
@ -213,10 +213,10 @@ func (nm *networkManager) newNetwork(nwInfo *NetworkInfo) (*network, error) {
func (nm *networkManager) deleteNetwork(networkID string) error {
var err error
log.Printf("[net] Deleting network %v.", networkID)
logger.Info("Deleting network", zap.String("networkID", networkID))
defer func() {
if err != nil {
log.Printf("[net] Failed to delete network %v, err:%v.", networkID, err)
logger.Error("Failed to delete network", zap.String("networkID", networkID), zap.Error(err))
}
}()
@ -237,7 +237,7 @@ func (nm *networkManager) deleteNetwork(networkID string) error {
delete(nw.extIf.Networks, networkID)
}
log.Printf("[net] Deleted network %+v.", nw)
logger.Info("Deleted network", zap.Any("nw", nw))
return nil
}
@ -256,7 +256,7 @@ func (nm *networkManager) getNetwork(networkId string) (*network, error) {
// getNetworkIDForNetNs finds the network that contains the endpoint that was created for this netNs. Returns
// and errNetworkNotFound if the netNs is not found in any network
func (nm *networkManager) FindNetworkIDFromNetNs(netNs string) (string, error) {
log.Printf("Querying state for network for NetNs [%s]", netNs)
logger.Info("Querying state for network for NetNs", zap.String("netNs", netNs))
// Look through the external interfaces
for _, iface := range nm.ExternalInterfaces {
@ -266,7 +266,7 @@ func (nm *networkManager) FindNetworkIDFromNetNs(netNs string) (string, error) {
for _, endpoint := range network.Endpoints {
// If the netNs matches for this endpoint, return the network ID (which is the name)
if endpoint.NetNs == netNs {
log.Printf("Found network [%s] for NetNS [%s]", network.Id, netNs)
logger.Info("Found network for NetNS", zap.String("id", network.Id), zap.String("netNs", netNs))
return network.Id, nil
}
}
@ -287,7 +287,7 @@ func (nm *networkManager) GetNumEndpointsByContainerID(containerID string) int {
for _, endpoint := range network.Endpoints {
// If the netNs matches for this endpoint, return the network ID (which is the name)
if endpoint.ContainerID == containerID {
log.Printf("Found endpoint [%s] for containerID [%s]", endpoint.Id, containerID)
logger.Info("Found endpoint for containerID", zap.String("id", endpoint.Id), zap.String("containerID", containerID))
numEndpoints++
}
}

117
network/network_linux.go
Просмотреть файл

@ -11,12 +11,12 @@ import (
"strings"
"github.com/Azure/azure-container-networking/iptables"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netio"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/networkutils"
"github.com/Azure/azure-container-networking/ovsctl"
"github.com/Azure/azure-container-networking/platform"
"go.uber.org/zap"
"golang.org/x/sys/unix"
)
@ -64,13 +64,13 @@ func (nm *networkManager) newNetworkImpl(nwInfo *NetworkInfo, extIf *externalInt
ifName string
)
opt, _ := nwInfo.Options[genericData].(map[string]interface{})
log.Printf("opt %+v options %+v", opt, nwInfo.Options)
logger.Info("opt options", zap.Any("opt", opt), zap.Any("options", nwInfo.Options))
switch nwInfo.Mode {
case opModeTunnel:
fallthrough
case opModeBridge:
log.Printf("create bridge")
logger.Info("create bridge")
ifName = extIf.BridgeName
if err := nm.connectExternalInterface(extIf, nwInfo); err != nil {
return nil, err
@ -80,7 +80,7 @@ func (nm *networkManager) newNetworkImpl(nwInfo *NetworkInfo, extIf *externalInt
vlanid, _ = strconv.Atoi(opt[VlanIDKey].(string))
}
case opModeTransparent:
log.Printf("Transparent mode")
logger.Info("Transparent mode")
ifName = extIf.Name
if nwInfo.IPV6Mode != "" {
nu := networkutils.NewNetworkUtils(nm.netlink, nm.plClient)
@ -89,7 +89,7 @@ func (nm *networkManager) newNetworkImpl(nwInfo *NetworkInfo, extIf *externalInt
}
}
case opModeTransparentVlan:
log.Printf("Transparent vlan mode")
logger.Info("Transparent vlan mode")
ifName = extIf.Name
default:
return nil, errNetworkModeInvalid
@ -97,7 +97,7 @@ func (nm *networkManager) newNetworkImpl(nwInfo *NetworkInfo, extIf *externalInt
err := nm.handleCommonOptions(ifName, nwInfo)
if err != nil {
log.Printf("handleCommonOptions failed with error %s", err.Error())
logger.Error("handleCommonOptions failed with", zap.Error(err))
return nil, err
}
@ -157,7 +157,7 @@ func (nm *networkManager) saveIPConfig(hostIf *net.Interface, extIf *externalInt
// Save the default routes on the interface.
routes, err := nm.netlink.GetIPRoute(&netlink.Route{Dst: &net.IPNet{}, LinkIndex: hostIf.Index})
if err != nil {
log.Printf("[net] Failed to query routes: %v.", err)
logger.Error("Failed to query routes", zap.Error(err))
return err
}
@ -188,7 +188,7 @@ func (nm *networkManager) saveIPConfig(hostIf *net.Interface, extIf *externalInt
extIf.IPAddresses = append(extIf.IPAddresses, ipNet)
log.Printf("[net] Deleting IP address %v from interface %v.", ipNet, hostIf.Name)
logger.Info("Deleting IP address from interface", zap.Any("ipNet", ipNet), zap.String("hostInfName", hostIf.Name))
err = nm.netlink.DeleteIPAddress(hostIf.Name, ipAddr, ipNet)
if err != nil {
@ -196,7 +196,7 @@ func (nm *networkManager) saveIPConfig(hostIf *net.Interface, extIf *externalInt
}
}
log.Printf("[net] Saved interface IP configuration %+v.", extIf)
logger.Info("Saved interface IP configuration", zap.Any("extIf", extIf))
return err
}
@ -212,17 +212,17 @@ func getMajorVersion(version string) (int, error) {
return retrieved_version, err
}
return 0, fmt.Errorf("[net] Error getting major version")
return 0, fmt.Errorf("Error getting major version") //nolint
}
func isGreaterOrEqaulUbuntuVersion(versionToMatch int) bool {
osInfo, err := platform.GetOSDetails()
if err != nil {
log.Printf("[net] Unable to get OS Details: %v", err)
logger.Error("Unable to get OS Details", zap.Error(err))
return false
}
log.Printf("[net] OSInfo: %+v", osInfo)
logger.Info("OSInfo", zap.Any("osInfo", osInfo))
version := osInfo[versionID]
distro := osInfo[distroID]
@ -231,7 +231,7 @@ func isGreaterOrEqaulUbuntuVersion(versionToMatch int) bool {
version = strings.Trim(version, "\"")
retrieved_version, err := getMajorVersion(version)
if err != nil {
log.Printf("[net] Not setting dns. Unable to retrieve major version: %v", err)
logger.Error("Not setting dns. Unable to retrieve major version", zap.Error(err))
return false
}
@ -253,11 +253,11 @@ func readDnsInfo(ifName string) (DNSInfo, error) {
return dnsInfo, err
}
log.Printf("[net] console output for above cmd: %s", out)
logger.Info("console output for above cmd", zap.Any("out", out))
lineArr := strings.Split(out, lineDelimiter)
if len(lineArr) <= 0 {
return dnsInfo, fmt.Errorf("[net] Console output doesn't have any lines")
return dnsInfo, fmt.Errorf("Console output doesn't have any lines") //nolint
}
dnsServerFound := false
@ -292,12 +292,13 @@ func readDnsInfo(ifName string) (DNSInfo, error) {
func saveDnsConfig(extIf *externalInterface) error {
dnsInfo, err := readDnsInfo(extIf.Name)
if err != nil || len(dnsInfo.Servers) == 0 || dnsInfo.Suffix == "" {
log.Printf("[net] Failed to read dns info %+v from interface %v: %v", dnsInfo, extIf.Name, err)
logger.Info("Failed to read dns info from interface", zap.Any("dnsInfo", dnsInfo), zap.String("extIfName", extIf.Name),
zap.Error(err))
return err
}
extIf.DNSInfo = dnsInfo
log.Printf("[net] Saved DNS Info %v from %v", extIf.DNSInfo, extIf.Name)
logger.Info("Saved DNS Info", zap.Any("DNSInfo", extIf.DNSInfo), zap.String("extIfName", extIf.Name))
return nil
}
@ -306,11 +307,11 @@ func saveDnsConfig(extIf *externalInterface) error {
func (nm *networkManager) applyIPConfig(extIf *externalInterface, targetIf *net.Interface) error {
// Add IP addresses.
for _, addr := range extIf.IPAddresses {
log.Printf("[net] Adding IP address %v to interface %v.", addr, targetIf.Name)
logger.Info("Adding IP address to interface", zap.Any("addr", addr), zap.String("Name", targetIf.Name))
err := nm.netlink.AddIPAddress(targetIf.Name, addr.IP, addr)
if err != nil && !strings.Contains(strings.ToLower(err.Error()), "file exists") {
log.Printf("[net] Failed to add IP address %v: %v.", addr, err)
logger.Info("Failed to add IP address", zap.Any("addr", addr), zap.Error(err))
return err
}
}
@ -319,11 +320,11 @@ func (nm *networkManager) applyIPConfig(extIf *externalInterface, targetIf *net.
for _, route := range extIf.Routes {
route.LinkIndex = targetIf.Index
log.Printf("[net] Adding IP route %+v.", route)
logger.Info("Adding IP route", zap.Any("route", route))
err := nm.netlink.AddIPRoute((*netlink.Route)(route))
if err != nil {
log.Printf("[net] Failed to add IP route %v: %v.", route, err)
logger.Error("Failed to add IP route", zap.Any("route", route), zap.Error(err))
return err
}
}
@ -341,7 +342,7 @@ func applyDnsConfig(extIf *externalInterface, ifName string) error {
if extIf != nil {
for _, server := range extIf.DNSInfo.Servers {
if net.ParseIP(server).To4() == nil {
log.Errorf("[net] Invalid dns ip %s.", server)
logger.Error("Invalid dns ip", zap.String("server", server))
continue
}
@ -374,12 +375,13 @@ func (nm *networkManager) connectExternalInterface(extIf *externalInterface, nwI
networkClient NetworkClient
)
log.Printf("[net] Connecting interface %v.", extIf.Name)
defer func() { log.Printf("[net] Connecting interface %v completed with err:%v.", extIf.Name, err) }()
logger.Info("Connecting interface", zap.String("Name", extIf.Name))
defer func() {
logger.Info("Connecting interface completed", zap.String("Name", extIf.Name), zap.Error(err))
}()
// Check whether this interface is already connected.
if extIf.BridgeName != "" {
log.Printf("[net] Interface is already connected to bridge %v.", extIf.BridgeName)
logger.Info("Interface is already connected to bridge", zap.String("BridgeName", extIf.BridgeName))
return nil
}
@ -408,7 +410,7 @@ func (nm *networkManager) connectExternalInterface(extIf *externalInterface, nwI
if err != nil {
// Create the bridge.
if err = networkClient.CreateBridge(); err != nil {
log.Printf("Error while creating bridge %+v", err)
logger.Error("Error while creating bridge", zap.Error(err))
return err
}
@ -418,12 +420,12 @@ func (nm *networkManager) connectExternalInterface(extIf *externalInterface, nwI
}
} else {
// Use the existing bridge.
log.Printf("[net] Found existing bridge %v.", bridgeName)
logger.Info("Found existing bridge", zap.String("bridgeName", bridgeName))
}
defer func() {
if err != nil {
log.Printf("[net] cleanup network")
logger.Info("cleanup network")
nm.disconnectExternalInterface(extIf, networkClient)
}
}()
@ -431,7 +433,8 @@ func (nm *networkManager) connectExternalInterface(extIf *externalInterface, nwI
// Save host IP configuration.
err = nm.saveIPConfig(hostIf, extIf)
if err != nil {
log.Printf("[net] Failed to save IP configuration for interface %v: %v.", hostIf.Name, err)
logger.Error("Failed to save IP configuration for interface",
zap.String("Name", hostIf.Name), zap.Error(err))
}
/*
@ -444,36 +447,36 @@ func (nm *networkManager) connectExternalInterface(extIf *externalInterface, nwI
// Don't copy dns servers if systemd-resolved isn't available
if _, cmderr := p.ExecuteCommand("systemctl status systemd-resolved"); cmderr == nil {
isSystemdResolvedActive = true
log.Printf("[net] Saving dns config from %v", extIf.Name)
logger.Info("Saving dns config from", zap.String("Name", hostIf.Name))
if err = saveDnsConfig(extIf); err != nil {
log.Printf("[net] Failed to save dns config: %v", err)
logger.Error("Failed to save dns config", zap.Error(err))
return err
}
}
}
// External interface down.
log.Printf("[net] Setting link %v state down.", hostIf.Name)
logger.Info("Setting link state down", zap.String("Name", hostIf.Name))
err = nm.netlink.SetLinkState(hostIf.Name, false)
if err != nil {
return err
}
// Connect the external interface to the bridge.
log.Printf("[net] Setting link %v master %v.", hostIf.Name, bridgeName)
logger.Info("Setting link master", zap.String("Name", hostIf.Name), zap.String("bridgeName", bridgeName))
if err = networkClient.SetBridgeMasterToHostInterface(); err != nil {
return err
}
// External interface up.
log.Printf("[net] Setting link %v state up.", hostIf.Name)
logger.Info("Setting link state up", zap.String("Name", hostIf.Name))
err = nm.netlink.SetLinkState(hostIf.Name, true)
if err != nil {
return err
}
// Bridge up.
log.Printf("[net] Setting link %v state up.", bridgeName)
logger.Info("Setting link state up", zap.String("bridgeName", bridgeName))
err = nm.netlink.SetLinkState(bridgeName, true)
if err != nil {
return err
@ -487,7 +490,7 @@ func (nm *networkManager) connectExternalInterface(extIf *externalInterface, nwI
// External interface hairpin on.
if !nwInfo.DisableHairpinOnHostInterface {
log.Printf("[net] Setting link %v hairpin on.", hostIf.Name)
logger.Info("Setting link hairpin on", zap.String("Name", hostIf.Name))
if err = networkClient.SetHairpinOnHostInterface(true); err != nil {
return err
}
@ -496,90 +499,90 @@ func (nm *networkManager) connectExternalInterface(extIf *externalInterface, nwI
// Apply IP configuration to the bridge for host traffic.
err = nm.applyIPConfig(extIf, bridge)
if err != nil {
log.Printf("[net] Failed to apply interface IP configuration: %v.", err)
logger.Error("Failed to apply interface IP configuration", zap.Error(err))
return err
}
if isGreaterOrEqualUbuntu17 && isSystemdResolvedActive {
log.Printf("[net] Applying dns config on %v", bridgeName)
logger.Info("Applying dns config on", zap.String("bridgeName", bridgeName))
if err = applyDnsConfig(extIf, bridgeName); err != nil {
log.Printf("[net] Failed to apply DNS configuration: %v.", err)
logger.Error("Failed to apply DNS configuration with", zap.Error(err))
return err
}
log.Printf("[net] Applied dns config %v on %v", extIf.DNSInfo, bridgeName)
logger.Info("Applied dns config on", zap.Any("DNSInfo", extIf.DNSInfo), zap.String("bridgeName", bridgeName))
}
if nwInfo.IPV6Mode == IPV6Nat {
// adds pod cidr gateway ip to bridge
if err = nm.addIpv6NatGateway(nwInfo); err != nil {
log.Errorf("[net] Adding IPv6 Nat Gateway failed:%v", err)
logger.Error("Adding IPv6 Nat Gateway failed with", zap.Error(err))
return err
}
if err = nm.addIpv6SnatRule(extIf, nwInfo); err != nil {
log.Errorf("[net] Adding IPv6 Snat Rule failed:%v", err)
logger.Error("Adding IPv6 Snat Rule failed with", zap.Error(err))
return err
}
// unmark packet if set by kube-proxy to skip kube-postrouting rule and processed
// by cni snat rule
if err = iptables.InsertIptableRule(iptables.V6, iptables.Mangle, iptables.Postrouting, "", "MARK --set-mark 0x0"); err != nil {
log.Errorf("[net] Adding Iptable mangle rule failed:%v", err)
logger.Error("Adding Iptable mangle rule failed", zap.Error(err))
return err
}
}
extIf.BridgeName = bridgeName
log.Printf("[net] Connected interface %v to bridge %v.", extIf.Name, extIf.BridgeName)
logger.Info("Connected interface to bridge", zap.String("Name", extIf.Name), zap.String("BridgeName", extIf.BridgeName))
return nil
}
// DisconnectExternalInterface disconnects a host interface from its bridge.
func (nm *networkManager) disconnectExternalInterface(extIf *externalInterface, networkClient NetworkClient) {
log.Printf("[net] Disconnecting interface %v.", extIf.Name)
logger.Info("Disconnecting interface", zap.String("Name", extIf.Name))
log.Printf("[net] Deleting bridge rules")
logger.Info("Deleting bridge rules")
// Delete bridge rules set on the external interface.
networkClient.DeleteL2Rules(extIf)
log.Printf("[net] Deleting bridge")
logger.Info("Deleting bridge")
// Delete Bridge
networkClient.DeleteBridge()
extIf.BridgeName = ""
log.Printf("Restoring ipconfig with primary interface %v", extIf.Name)
logger.Info("Restoring ipconfig with primary interface", zap.String("Name", extIf.Name))
// Restore IP configuration.
hostIf, _ := net.InterfaceByName(extIf.Name)
err := nm.applyIPConfig(extIf, hostIf)
if err != nil {
log.Printf("[net] Failed to apply IP configuration: %v.", err)
logger.Error("Failed to apply IP configuration", zap.Error(err))
}
extIf.IPAddresses = nil
extIf.Routes = nil
log.Printf("[net] Disconnected interface %v.", extIf.Name)
logger.Info("Disconnected interface", zap.String("Name", extIf.Name))
}
func (*networkManager) addToIptables(cmds []iptables.IPTableEntry) error {
log.Printf("Adding additional iptable rules...")
logger.Info("Adding additional iptable rules...")
for _, cmd := range cmds {
err := iptables.RunCmd(cmd.Version, cmd.Params)
if err != nil {
return err
}
log.Printf("Succesfully run iptables rule %v", cmd)
logger.Info("Successfully run iptables rule", zap.Any("cmd", cmd))
}
return nil
}
// Add ipv6 nat gateway IP on bridge
func (nm *networkManager) addIpv6NatGateway(nwInfo *NetworkInfo) error {
log.Printf("[net] Adding ipv6 nat gateway on azure bridge")
logger.Info("Adding ipv6 nat gateway on azure bridge")
for _, subnetInfo := range nwInfo.Subnets {
if subnetInfo.Family == platform.AfINET6 {
ipAddr := []net.IPNet{{
@ -617,7 +620,7 @@ func (*networkManager) addIpv6SnatRule(extIf *externalInterface, nwInfo *Network
for _, ipAddr := range extIf.IPAddresses {
if ipAddr.IP.To4() == nil {
log.Printf("[net] Adding ipv6 snat rule")
logger.Info("Adding ipv6 snat rule")
matchSrcPrefix := fmt.Sprintf("-s %s", ipv6SubnetPrefix.String())
if err := networkutils.AddSnatRule(matchSrcPrefix, ipAddr.IP); err != nil {
return fmt.Errorf("Adding iptable snat rule failed:%w", err)
@ -643,7 +646,7 @@ func getNetworkInfoImpl(nwInfo *NetworkInfo, nw *network) {
// AddStaticRoute adds a static route to the interface.
func AddStaticRoute(nl netlink.NetlinkInterface, netioshim netio.NetIOInterface, ip, interfaceName string) error {
log.Printf("[ovs] Adding %v static route", ip)
logger.Info("Adding static route", zap.String("ip", ip))
var routes []RouteInfo
_, ipNet, _ := net.ParseCIDR(ip)
gwIP := net.ParseIP("0.0.0.0")
@ -651,7 +654,7 @@ func AddStaticRoute(nl netlink.NetlinkInterface, netioshim netio.NetIOInterface,
routes = append(routes, route)
if err := addRoutes(nl, netioshim, interfaceName, routes); err != nil {
if err != nil && !strings.Contains(strings.ToLower(err.Error()), "file exists") {
log.Printf("addroutes failed with error %v", err)
logger.Error("addroutes failed with error", zap.Error(err))
return err
}
}

38
network/network_windows.go
Просмотреть файл

@ -11,12 +11,12 @@ import (
"strings"
"time"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/network/hnswrapper"
"github.com/Azure/azure-container-networking/network/policy"
"github.com/Microsoft/hcsshim"
"github.com/Microsoft/hcsshim/hcn"
"github.com/google/uuid"
"go.uber.org/zap"
)
const (
@ -53,7 +53,7 @@ func UseHnsV2(netNs string) (bool, error) {
if _, err = uuid.Parse(netNs); err == nil {
useHnsV2 = true
if err = hcn.V2ApiSupported(); err != nil {
log.Printf("HNSV2 is not supported on this windows platform")
logger.Info("HNSV2 is not supported on this windows platform")
}
}
@ -98,11 +98,11 @@ func (nm *networkManager) newNetworkImplHnsV1(nwInfo *NetworkInfo, extIf *extern
// FixMe: Find a better way to check if a nic that is selected is not part of a vSwitch
// per hns team, the hns calls fails if passed a vSwitch interface
if strings.HasPrefix(networkAdapterName, vEthernetAdapterPrefix) {
log.Printf("[net] vSwitch detected, setting adapter name to empty")
logger.Info("vSwitch detected, setting adapter name to empty")
networkAdapterName = ""
}
log.Printf("[net] Adapter name used with HNS is : %s", networkAdapterName)
logger.Info("Adapter name used with HNS is", zap.String("networkAdapterName", networkAdapterName))
// Initialize HNS network.
hnsNetwork := &hcsshim.HNSNetwork{
@ -154,9 +154,9 @@ func (nm *networkManager) newNetworkImplHnsV1(nwInfo *NetworkInfo, extIf *extern
defer func() {
if err != nil {
log.Printf("[net] HNSNetworkRequest DELETE id:%v", hnsResponse.Id)
logger.Info("HNSNetworkRequest DELETE", zap.String("id", hnsResponse.Id))
hnsResponse, err := Hnsv1.DeleteNetwork(hnsResponse.Id)
log.Printf("[net] HNSNetworkRequest DELETE response:%+v err:%v.", hnsResponse, err)
logger.Info("HNSNetworkRequest DELETE response", zap.Any("hnsResponse", hnsResponse), zap.Error(err))
}
}()
@ -208,13 +208,13 @@ func (nm *networkManager) appIPV6RouteEntry(nwInfo *NetworkInfo) error {
cmd := fmt.Sprintf(routeCmd, "delete", nwInfo.Subnets[1].Prefix.String(),
ifName, ipv6DefaultHop)
if out, err = nm.plClient.ExecuteCommand(cmd); err != nil {
log.Printf("[net] Deleting ipv6 route failed: %v:%v", out, err)
logger.Error("Deleting ipv6 route failed", zap.Any("out", out), zap.Error(err))
}
cmd = fmt.Sprintf(routeCmd, "add", nwInfo.Subnets[1].Prefix.String(),
ifName, ipv6DefaultHop)
if out, err = nm.plClient.ExecuteCommand(cmd); err != nil {
log.Printf("[net] Adding ipv6 route failed: %v:%v", out, err)
logger.Error("Adding ipv6 route failed", zap.Any("out", out), zap.Error(err))
}
}
@ -254,11 +254,11 @@ func (nm *networkManager) configureHcnNetwork(nwInfo *NetworkInfo, extIf *extern
adapterName = extIf.Name
}
log.Printf("[net] Adapter name used with HNS is : %s", adapterName)
logger.Info("Adapter name used with HNS is", zap.String("adapterName", adapterName))
netAdapterNamePolicy, err := policy.GetHcnNetAdapterPolicy(adapterName)
if err != nil {
log.Printf("[net] Failed to serialize network adapter policy due to error: %v", err)
logger.Error("Failed to serialize network adapter policy due to", zap.Error(err))
return nil, err
}
@ -277,7 +277,7 @@ func (nm *networkManager) configureHcnNetwork(nwInfo *NetworkInfo, extIf *extern
vlanID, _ := strconv.ParseUint(opt[VlanIDKey].(string), baseDecimal, bitSize)
subnetPolicy, err = policy.SerializeHcnSubnetVlanPolicy((uint32)(vlanID))
if err != nil {
log.Printf("[net] Failed to serialize subnet vlan policy due to error: %v", err)
logger.Error("Failed to serialize subnet vlan policy due to", zap.Error(err))
return nil, err
}
@ -322,7 +322,7 @@ func (nm *networkManager) configureHcnNetwork(nwInfo *NetworkInfo, extIf *extern
func (nm *networkManager) newNetworkImplHnsV2(nwInfo *NetworkInfo, extIf *externalInterface) (*network, error) {
hcnNetwork, err := nm.configureHcnNetwork(nwInfo, extIf)
if err != nil {
log.Printf("[net] Failed to configure hcn network due to error: %v", err)
logger.Error("Failed to configure hcn network due to", zap.Error(err))
return nil, err
}
@ -332,19 +332,19 @@ func (nm *networkManager) newNetworkImplHnsV2(nwInfo *NetworkInfo, extIf *extern
if err != nil {
// if network not found, create the HNS network.
if errors.As(err, &hcn.NetworkNotFoundError{}) {
log.Printf("[net] Creating hcn network: %+v", hcnNetwork)
logger.Info("Creating hcn network", zap.Any("hcnNetwork", hcnNetwork))
hnsResponse, err = Hnsv2.CreateNetwork(hcnNetwork)
if err != nil {
return nil, fmt.Errorf("Failed to create hcn network: %s due to error: %v", hcnNetwork.Name, err)
}
log.Printf("[net] Successfully created hcn network with response: %+v", hnsResponse)
logger.Info("Successfully created hcn network with response", zap.Any("hnsResponse", hnsResponse))
} else {
// we can't validate if the network already exists, don't continue
return nil, fmt.Errorf("Failed to create hcn network: %s, failed to query for existing network with error: %v", hcnNetwork.Name, err)
}
} else {
log.Printf("[net] Network with name %s already exists", hcnNetwork.Name)
logger.Info("Network with name already exists", zap.String("name", hcnNetwork.Name))
}
var vlanid int
@ -393,9 +393,9 @@ func (nm *networkManager) deleteNetworkImpl(nw *network) error {
// DeleteNetworkImplHnsV1 deletes an existing container network using HnsV1.
func (nm *networkManager) deleteNetworkImplHnsV1(nw *network) error {
log.Printf("[net] HNSNetworkRequest DELETE id:%v", nw.HnsId)
logger.Info("HNSNetworkRequest DELETE id", zap.String("id", nw.HnsId))
hnsResponse, err := Hnsv1.DeleteNetwork(nw.HnsId)
log.Printf("[net] HNSNetworkRequest DELETE response:%+v err:%v.", hnsResponse, err)
logger.Info("HNSNetworkRequest DELETE response", zap.Any("hnsResponse", hnsResponse), zap.Error(err))
return err
}
@ -404,7 +404,7 @@ func (nm *networkManager) deleteNetworkImplHnsV1(nw *network) error {
func (nm *networkManager) deleteNetworkImplHnsV2(nw *network) error {
var hcnNetwork *hcn.HostComputeNetwork
var err error
log.Printf("[net] Deleting hcn network with id: %s", nw.HnsId)
logger.Info("Deleting hcn network with id", zap.String("id", nw.HnsId))
if hcnNetwork, err = Hnsv2.GetNetworkByID(nw.HnsId); err != nil {
return fmt.Errorf("Failed to get hcn network with id: %s due to err: %v", nw.HnsId, err)
@ -414,7 +414,7 @@ func (nm *networkManager) deleteNetworkImplHnsV2(nw *network) error {
return fmt.Errorf("Failed to delete hcn network: %s due to error: %v", nw.HnsId, err)
}
log.Printf("[net] Successfully deleted hcn network with id: %s", nw.HnsId)
logger.Info("Successfully deleted hcn network with id", zap.String("id", nw.HnsId))
return err
}

39
network/networkutils/networkutils_linux.go
Просмотреть файл

@ -8,10 +8,11 @@ import (
"net"
"github.com/Azure/azure-container-networking/iptables"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/log"
"github.com/Azure/azure-container-networking/platform"
"github.com/pkg/errors"
"go.uber.org/zap"
)
/*RFC For Private Address Space: https://tools.ietf.org/html/rfc1918
@ -37,6 +38,11 @@ const (
acceptRAV6File = "/proc/sys/net/ipv6/conf/%s/accept_ra"
)
var (
loggerName = "net"
logger = log.InitZapLogNet(loggerName)
)
var errorNetworkUtils = errors.New("NetworkUtils Error")
func newErrorNetworkUtils(errStr string) error {
@ -56,7 +62,7 @@ func NewNetworkUtils(nl netlink.NetlinkInterface, plClient platform.ExecClient)
}
func (nu NetworkUtils) CreateEndpoint(hostVethName, containerVethName string, macAddress net.HardwareAddr) error {
log.Printf("[net] Creating veth pair %v %v.", hostVethName, containerVethName)
logger.Info("Creating veth pair", zap.String("hostVethName", hostVethName), zap.String("containerVethName", containerVethName))
link := netlink.VEthLink{
LinkInfo: netlink.LinkInfo{
@ -69,11 +75,11 @@ func (nu NetworkUtils) CreateEndpoint(hostVethName, containerVethName string, ma
err := nu.netlink.AddLink(&link)
if err != nil {
log.Printf("[net] Failed to create veth pair, err:%v.", err)
logger.Error("Failed to create veth pair with", zap.Error(err))
return newErrorNetworkUtils(err.Error())
}
log.Printf("[net] Setting link %v state up.", hostVethName)
logger.Info("Setting link state up", zap.String("hostVethName", hostVethName))
err = nu.netlink.SetLinkState(hostVethName, true)
if err != nil {
return newErrorNetworkUtils(err.Error())
@ -88,13 +94,13 @@ func (nu NetworkUtils) CreateEndpoint(hostVethName, containerVethName string, ma
func (nu NetworkUtils) SetupContainerInterface(containerVethName, targetIfName string) error {
// Interface needs to be down before renaming.
log.Printf("[net] Setting link %v state down.", containerVethName)
logger.Info("Setting link state down", zap.String("containerVethName", containerVethName))
if err := nu.netlink.SetLinkState(containerVethName, false); err != nil {
return newErrorNetworkUtils(err.Error())
}
// Rename the container interface.
log.Printf("[net] Setting link %v name %v.", containerVethName, targetIfName)
logger.Info("Setting link", zap.String("containerVethName", containerVethName), zap.String("targetIfName", targetIfName))
if err := nu.netlink.SetLinkName(containerVethName, targetIfName); err != nil {
return newErrorNetworkUtils(err.Error())
}
@ -104,7 +110,7 @@ func (nu NetworkUtils) SetupContainerInterface(containerVethName, targetIfName s
}
// Bring the interface back up.
log.Printf("[net] Setting link %v state up.", targetIfName)
logger.Info("Setting link state up.", zap.String("targetIfName", targetIfName))
err := nu.netlink.SetLinkState(targetIfName, true)
if err != nil {
return newErrorNetworkUtils(err.Error())
@ -116,7 +122,7 @@ func (nu NetworkUtils) AssignIPToInterface(interfaceName string, ipAddresses []n
var err error
// Assign IP address to container network interface.
for i, ipAddr := range ipAddresses {
log.Printf("[net] Adding IP address %v to link %v.", ipAddr.String(), interfaceName)
logger.Info("Adding IP", zap.String("address", ipAddr.String()), zap.String("interfaceName", interfaceName))
err = nu.netlink.AddIPAddress(interfaceName, ipAddr.IP, &ipAddresses[i])
if err != nil {
return newErrorNetworkUtils(err.Error())
@ -152,7 +158,7 @@ func AllowIPAddresses(bridgeName string, skipAddresses []string, action string)
chains := getFilterChains()
target := getFilterchainTarget()
log.Printf("[net] Addresses to allow %v", skipAddresses)
logger.Info("Addresses to allow", zap.Any("skipAddresses", skipAddresses))
for _, address := range skipAddresses {
if err := addOrDeleteFilterRule(bridgeName, action, address, chains[0], target[0]); err != nil {
@ -177,7 +183,7 @@ func BlockIPAddresses(bridgeName, action string) error {
chains := getFilterChains()
target := getFilterchainTarget()
log.Printf("[net] Addresses to block %v", privateIPAddresses)
logger.Info("Addresses to block", zap.Any("privateIPAddresses", privateIPAddresses))
for _, ipAddress := range privateIPAddresses {
if err := addOrDeleteFilterRule(bridgeName, action, ipAddress, chains[0], target[1]); err != nil {
@ -203,13 +209,14 @@ func (nu NetworkUtils) EnableIPForwarding(ifName string) error {
cmd := fmt.Sprint(enableIPForwardCmd)
_, err := nu.plClient.ExecuteCommand(cmd)
if err != nil {
log.Printf("[net] Enable ipforwarding failed with: %v", err)
logger.Error("Enable ipforwarding failed with", zap.Error(err))
return err
}
// Append a rule in forward chain to allow forwarding from bridge
if err := iptables.AppendIptableRule(iptables.V4, iptables.Filter, iptables.Forward, "", iptables.Accept); err != nil {
log.Printf("[net] Appending forward chain rule: allow traffic coming from snatbridge failed with: %v", err)
logger.Error("Appending forward chain rule: allow traffic coming from snatbridge failed with",
zap.Error(err))
return err
}
@ -220,7 +227,7 @@ func (nu NetworkUtils) EnableIPV6Forwarding() error {
cmd := fmt.Sprint(enableIPV6ForwardCmd)
_, err := nu.plClient.ExecuteCommand(cmd)
if err != nil {
log.Printf("[net] Enable ipv6 forwarding failed with: %v", err)
logger.Error("Enable ipv6 forwarding failed with", zap.Error(err))
return err
}
@ -233,7 +240,7 @@ func (nu NetworkUtils) UpdateIPV6Setting(disable int) error {
cmd := fmt.Sprintf(toggleIPV6Cmd, disable)
_, err := nu.plClient.ExecuteCommand(cmd)
if err != nil {
log.Printf("[net] Update IPV6 Setting failed with: %v", err)
logger.Error("Update IPV6 Setting failed with", zap.Error(err))
}
return err
@ -254,14 +261,14 @@ func (nu NetworkUtils) DisableRAForInterface(ifName string) error {
raFilePath := fmt.Sprintf(acceptRAV6File, ifName)
exist, err := platform.CheckIfFileExists(raFilePath)
if !exist {
log.Printf("[net] accept_ra file doesn't exist:err:%v", err)
logger.Error("accept_ra file doesn't exist with", zap.Error(err))
return nil
}
cmd := fmt.Sprintf(disableRACmd, ifName)
out, err := nu.plClient.ExecuteCommand(cmd)
if err != nil {
log.Errorf("[net] Diabling ra failed with err: %v out: %v", err, out)
logger.Error("Diabling ra failed with", zap.Error(err), zap.Any("out", out))
}
return err

8
network/ovs_endpoint_snatroute_linux.go
Просмотреть файл

@ -3,11 +3,11 @@ package network
import (
"net"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/networkutils"
"github.com/Azure/azure-container-networking/network/snat"
"github.com/pkg/errors"
"go.uber.org/zap"
)
// Communication between ovs switch and snat bridge, master of azuresnatveth0 is snat bridge itself
@ -45,7 +45,7 @@ func (client *OVSEndpointClient) AddSnatEndpoint() error {
snatClient := client.snatClient
log.Printf("Drop ARP for snat bridge ip: %s", snatClient.SnatBridgeIP)
logger.Info("Drop ARP for snat bridge ip", zap.String("SnatBridgeIP", snatClient.SnatBridgeIP))
if err := client.snatClient.DropArpForSnatBridgeApipaRange(snatClient.SnatBridgeIP, azureSnatVeth0); err != nil {
return err
}
@ -54,7 +54,7 @@ func (client *OVSEndpointClient) AddSnatEndpoint() error {
// of veth will be attached to linux bridge
_, err := net.InterfaceByName(azureSnatVeth0)
if err == nil {
log.Printf("Azure snat veth already exists")
logger.Error("Azure snat veth already exists")
return nil
}
@ -68,7 +68,7 @@ func (client *OVSEndpointClient) AddSnatEndpoint() error {
err = client.netlink.AddLink(&vethLink)
if err != nil {
log.Printf("[net] Failed to create veth pair, err:%v.", err)
logger.Error("Failed to create veth pair", zap.Error(err))
return errors.Wrap(err, "failed to create veth pair")
}
nuc := networkutils.NewNetworkUtils(client.netlink, client.plClient)

46
network/ovs_endpointclient_linux.go
Просмотреть файл

@ -6,7 +6,6 @@ package network
import (
"net"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netio"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/networkutils"
@ -14,6 +13,7 @@ import (
"github.com/Azure/azure-container-networking/network/snat"
"github.com/Azure/azure-container-networking/ovsctl"
"github.com/Azure/azure-container-networking/platform"
"go.uber.org/zap"
)
type OVSEndpointClient struct {
@ -85,7 +85,7 @@ func (client *OVSEndpointClient) AddEndpoints(epInfo *EndpointInfo) error {
containerIf, err := net.InterfaceByName(client.containerVethName)
if err != nil {
log.Printf("InterfaceByName returns error for ifname %v with error %v", client.containerVethName, err)
logger.Error("InterfaceByName returns error for ifname", zap.String("containerVethName", client.containerVethName), zap.Error(err))
return err
}
@ -103,22 +103,22 @@ func (client *OVSEndpointClient) AddEndpoints(epInfo *EndpointInfo) error {
}
func (client *OVSEndpointClient) AddEndpointRules(epInfo *EndpointInfo) error {
log.Printf("[ovs] Setting link %v master %v.", client.hostVethName, client.bridgeName)
logger.Info("[ovs] Setting link master", zap.String("hostVethName", client.hostVethName), zap.String("bridgeName", client.bridgeName))
if err := client.ovsctlClient.AddPortOnOVSBridge(client.hostVethName, client.bridgeName, client.vlanID); err != nil {
return err
}
log.Printf("[ovs] Get ovs port for interface %v.", client.hostVethName)
logger.Info("[ovs] Get ovs port for interface", zap.String("hostVethName", client.hostVethName))
containerOVSPort, err := client.ovsctlClient.GetOVSPortNumber(client.hostVethName)
if err != nil {
log.Printf("[ovs] Get ofport failed with error %v", err)
logger.Error("[ovs] Get ofport failed with", zap.Error(err))
return err
}
log.Printf("[ovs] Get ovs port for interface %v.", client.hostPrimaryIfName)
logger.Info("[ovs] Get ovs port for interface", zap.String("hostPrimaryIfName", client.hostPrimaryIfName))
hostPort, err := client.ovsctlClient.GetOVSPortNumber(client.hostPrimaryIfName)
if err != nil {
log.Printf("[ovs] Get ofport failed with error %v", err)
logger.Error("[ovs] Get ofport failed with", zap.Error(err))
return err
}
@ -132,14 +132,15 @@ func (client *OVSEndpointClient) AddEndpointRules(epInfo *EndpointInfo) error {
// IP SNAT Rule - Change src mac to VM Mac for packets coming from container host veth port.
// This rule also checks if packets coming from right source ip based on the ovs port to prevent ip spoofing.
// Otherwise it drops the packet.
log.Printf("[ovs] Adding IP SNAT rule for egress traffic on %v.", containerOVSPort)
logger.Info("[ovs] Adding IP SNAT rule for egress traffic on", zap.String("containerOVSPort", containerOVSPort))
if err := client.ovsctlClient.AddIPSnatRule(client.bridgeName, ipAddr.IP, client.vlanID, containerOVSPort, client.hostPrimaryMac, hostPort); err != nil {
return err
}
// Add IP DNAT rule based on dst ip and vlanid - This rule changes the destination mac to corresponding container mac based on the ip and
// forwards the packet to corresponding container hostveth port
log.Printf("[ovs] Adding MAC DNAT rule for IP address %v on hostport %v, containerport: %v", ipAddr.IP.String(), hostPort, containerOVSPort)
logger.Info("[ovs] Adding MAC DNAT rule for IP address on hostport, containerport", zap.String("address", ipAddr.IP.String()),
zap.String("hostPort", hostPort), zap.String("containerOVSPort", containerOVSPort))
if err := client.ovsctlClient.AddMacDnatRule(client.bridgeName, hostPort, ipAddr.IP, client.containerMac, client.vlanID, containerOVSPort); err != nil {
return err
}
@ -153,34 +154,37 @@ func (client *OVSEndpointClient) AddEndpointRules(epInfo *EndpointInfo) error {
}
func (client *OVSEndpointClient) DeleteEndpointRules(ep *endpoint) {
log.Printf("[ovs] Get ovs port for interface %v.", ep.HostIfName)
logger.Info("[ovs] Get ovs port for interface", zap.String("HostIfName", ep.HostIfName))
containerPort, err := client.ovsctlClient.GetOVSPortNumber(client.hostVethName)
if err != nil {
log.Printf("[ovs] Get portnum failed with error %v", err)
logger.Error("[ovs] Get portnum failed with", zap.Error(err))
}
log.Printf("[ovs] Get ovs port for interface %v.", client.hostPrimaryIfName)
logger.Info("Get ovs port for interface", zap.String("hostPrimaryIfName", client.hostPrimaryIfName))
hostPort, err := client.ovsctlClient.GetOVSPortNumber(client.hostPrimaryIfName)
if err != nil {
log.Printf("[ovs] Get portnum failed with error %v", err)
logger.Error("Get portnum failed with", zap.Error(err))
}
// Delete IP SNAT
log.Printf("[ovs] Deleting IP SNAT for port %v", containerPort)
logger.Info("[ovs] Deleting IP SNAT for port", zap.String("containerPort", containerPort))
client.ovsctlClient.DeleteIPSnatRule(client.bridgeName, containerPort)
// Delete Arp Reply Rules for container
log.Printf("[ovs] Deleting ARP reply rule for ip %v vlanid %v for container port %v", ep.IPAddresses[0].IP.String(), ep.VlanID, containerPort)
logger.Info("[ovs] Deleting ARP reply rule for ip vlanid for container port", zap.String("address", ep.IPAddresses[0].IP.String()),
zap.Any("VlanID", ep.VlanID), zap.String("containerPort", containerPort))
client.ovsctlClient.DeleteArpReplyRule(client.bridgeName, containerPort, ep.IPAddresses[0].IP, ep.VlanID)
// Delete MAC address translation rule.
log.Printf("[ovs] Deleting MAC DNAT rule for IP address %v and vlan %v.", ep.IPAddresses[0].IP.String(), ep.VlanID)
logger.Info("[ovs] Deleting MAC DNAT rule for IP address and vlan", zap.String("address", ep.IPAddresses[0].IP.String()),
zap.Any("VlanID", ep.VlanID))
client.ovsctlClient.DeleteMacDnatRule(client.bridgeName, hostPort, ep.IPAddresses[0].IP, ep.VlanID)
// Delete port from ovs bridge
log.Printf("[ovs] Deleting interface %v from bridge %v", client.hostVethName, client.bridgeName)
logger.Info("[ovs] Deleting MAC DNAT rule for IP address and vlan", zap.String("address", ep.IPAddresses[0].IP.String()),
zap.Any("VlanID", ep.VlanID))
if err := client.ovsctlClient.DeletePortFromOVS(client.bridgeName, client.hostVethName); err != nil {
log.Printf("[ovs] Deletion of interface %v from bridge %v failed", client.hostVethName, client.bridgeName)
logger.Error("[ovs] Deletion of interface from bridge failed", zap.String("hostVethName", client.hostVethName), zap.String("bridgeName", client.bridgeName))
}
client.DeleteSnatEndpointRules()
@ -189,7 +193,7 @@ func (client *OVSEndpointClient) DeleteEndpointRules(ep *endpoint) {
func (client *OVSEndpointClient) MoveEndpointsToContainerNS(epInfo *EndpointInfo, nsID uintptr) error {
// Move the container interface to container's network namespace.
log.Printf("[ovs] Setting link %v netns %v.", client.containerVethName, epInfo.NetNsPath)
logger.Info("[ovs] Setting link netns", zap.String("containerVethName", client.containerVethName), zap.Any("NetNsPath", epInfo.NetNsPath))
if err := client.netlink.SetLinkNetNs(client.containerVethName, nsID); err != nil {
return err
}
@ -234,10 +238,10 @@ func (client *OVSEndpointClient) ConfigureContainerInterfacesAndRoutes(epInfo *E
}
func (client *OVSEndpointClient) DeleteEndpoints(ep *endpoint) error {
log.Printf("[ovs] Deleting veth pair %v %v.", ep.HostIfName, ep.IfName)
logger.Info("[ovs] Deleting veth pair", zap.String("HostIfName", ep.HostIfName), zap.String("IfName", ep.IfName))
err := client.netlink.DeleteLink(ep.HostIfName)
if err != nil {
log.Printf("[ovs] Failed to delete veth pair %v: %v.", ep.HostIfName, err)
logger.Error("[ovs] Failed to delete veth pair", zap.String("HostIfName", ep.HostIfName), zap.Error(err))
return err
}

19
network/ovs_networkclient_linux.go
Просмотреть файл

@ -10,11 +10,11 @@ import (
"os"
"strings"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/networkutils"
"github.com/Azure/azure-container-networking/ovsctl"
"github.com/Azure/azure-container-networking/platform"
"go.uber.org/zap"
)
var errorOVSNetworkClient = errors.New("OVSNetworkClient Error")
@ -40,7 +40,7 @@ const (
func updateOVSConfig(option string) error {
f, err := os.OpenFile(ovsConfigFile, os.O_APPEND|os.O_RDWR, 0o666)
if err != nil {
log.Printf("Error while opening ovs config %v", err)
logger.Error("Error while opening ovs config", zap.Error(err))
return err
}
@ -53,15 +53,15 @@ func updateOVSConfig(option string) error {
conSplit := strings.Split(contents, "\n")
for _, existingOption := range conSplit {
if option == existingOption {
log.Printf("Not updating ovs config. Found option already written")
logger.Info("Not updating ovs config. Found option already written")
return nil
}
}
log.Printf("writing ovsconfig option %v", option)
logger.Info("writing ovsconfig option", zap.Any("option", option))
if _, err = f.WriteString(option); err != nil {
log.Printf("Error while writing ovs config %v", err)
logger.Error("Error while writing ovs config", zap.Error(err))
return err
}
@ -109,7 +109,7 @@ func (client *OVSNetworkClient) CreateBridge() error {
func (client *OVSNetworkClient) DeleteBridge() error {
if err := client.ovsctlClient.DeleteOVSBridge(client.bridgeName); err != nil {
log.Printf("Deleting ovs bridge failed with error %v", err)
logger.Error("Deleting ovs bridge failed with", zap.Error(err))
}
return nil
@ -125,12 +125,12 @@ func (client *OVSNetworkClient) AddL2Rules(extIf *externalInterface) error {
}
// Arp SNAT Rule
log.Printf("[ovs] Adding ARP SNAT rule for egress traffic on interface %v", client.hostInterfaceName)
logger.Info("[ovs] Adding ARP SNAT rule for egress traffic on interface", zap.String("hostInterfaceName", client.hostInterfaceName))
if err := client.ovsctlClient.AddArpSnatRule(client.bridgeName, mac, macHex, ofport); err != nil {
return err
}
log.Printf("[ovs] Adding DNAT rule for ingress ARP traffic on interface %v.", client.hostInterfaceName)
logger.Info("[ovs] Adding DNAT rule for ingress ARP traffic on interface", zap.String("hostInterfaceName", client.hostInterfaceName))
err = client.ovsctlClient.AddArpDnatRule(client.bridgeName, ofport, macHex)
if err != nil {
return newErrorOVSNetworkClient(err.Error())
@ -141,7 +141,8 @@ func (client *OVSNetworkClient) AddL2Rules(extIf *externalInterface) error {
func (client *OVSNetworkClient) DeleteL2Rules(extIf *externalInterface) {
if err := client.ovsctlClient.DeletePortFromOVS(client.bridgeName, client.hostInterfaceName); err != nil {
log.Printf("[ovs] Deletion of interface %v from bridge %v failed", client.hostInterfaceName, client.bridgeName)
logger.Error("[ovs] Deletion of interface from bridge failed", zap.String("hostInterfaceName", client.hostInterfaceName),
zap.String("bridgeName", client.bridgeName))
}
}

47
network/ovsinfravnet/infravnet_linux.go
Просмотреть файл

@ -8,11 +8,17 @@ import (
"fmt"
"net"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/log"
"github.com/Azure/azure-container-networking/network/networkutils"
"github.com/Azure/azure-container-networking/ovsctl"
"github.com/Azure/azure-container-networking/platform"
"go.uber.org/zap"
)
var (
loggerName = "net"
logger = log.InitZapLogNet(loggerName)
)
const (
@ -41,7 +47,7 @@ func NewInfraVnetClient(hostIfName, contIfName string, nl netlink.NetlinkInterfa
plClient: plc,
}
log.Printf("Initialize new infravnet client %+v", infraVnetClient)
logger.Info("Initialize new infravnet client", zap.Any("infraVnetClient", infraVnetClient))
return infraVnetClient
}
@ -50,19 +56,20 @@ func (client *OVSInfraVnetClient) CreateInfraVnetEndpoint(bridgeName string) err
ovs := ovsctl.NewOvsctl()
epc := networkutils.NewNetworkUtils(client.netlink, client.plClient)
if err := epc.CreateEndpoint(client.hostInfraVethName, client.ContainerInfraVethName, nil); err != nil {
log.Printf("Creating infraep failed with error %v", err)
logger.Error("Creating infraep failed with", zap.Error(err))
return err
}
log.Printf("[ovs] Adding port %v master %v.", client.hostInfraVethName, bridgeName)
logger.Info("Adding port master", zap.String("hostInfraVethName", client.hostInfraVethName), zap.String("bridgeName", bridgeName))
if err := ovs.AddPortOnOVSBridge(client.hostInfraVethName, bridgeName, 0); err != nil {
log.Printf("Adding infraveth to ovsbr failed with error %v", err)
logger.Error("Adding infraveth to ovsbr failed with", zap.Error(err))
return err
}
infraContainerIf, err := net.InterfaceByName(client.ContainerInfraVethName)
if err != nil {
log.Printf("InterfaceByName returns error for ifname %v with error %v", client.ContainerInfraVethName, err)
logger.Error("InterfaceByName returns error for ifname with", zap.String("ContainerInfraVethName", client.ContainerInfraVethName),
zap.Error(err))
return err
}
@ -81,19 +88,19 @@ func (client *OVSInfraVnetClient) CreateInfraVnetRules(
infraContainerPort, err := ovs.GetOVSPortNumber(client.hostInfraVethName)
if err != nil {
log.Printf("[ovs] Get ofport failed with error %v", err)
logger.Error("[ovs] Get ofport failed with", zap.Error(err))
return err
}
// 0 signifies not to add vlan tag to this traffic
if err := ovs.AddIPSnatRule(bridgeName, infraIP.IP, 0, infraContainerPort, hostPrimaryMac, hostPort); err != nil {
log.Printf("[ovs] AddIpSnatRule failed with error %v", err)
logger.Error("[ovs] AddIpSnatRule failed with", zap.Error(err))
return err
}
// 0 signifies not to match traffic based on vlan tag
if err := ovs.AddMacDnatRule(bridgeName, hostPort, infraIP.IP, client.containerInfraMac, 0, infraContainerPort); err != nil {
log.Printf("[ovs] AddMacDnatRule failed with error %v", err)
logger.Error("[ovs] AddMacDnatRule failed with", zap.Error(err))
return err
}
@ -101,7 +108,8 @@ func (client *OVSInfraVnetClient) CreateInfraVnetRules(
}
func (client *OVSInfraVnetClient) MoveInfraEndpointToContainerNS(netnsPath string, nsID uintptr) error {
log.Printf("[ovs] Setting link %v netns %v.", client.ContainerInfraVethName, netnsPath)
logger.Info("[ovs] Setting link netns", zap.String("ContainerInfraVethName", client.ContainerInfraVethName),
zap.Any("netnsPath", netnsPath))
err := client.netlink.SetLinkNetNs(client.ContainerInfraVethName, nsID)
if err != nil {
return newErrorOVSInfraVnetClient(err.Error())
@ -121,7 +129,7 @@ func (client *OVSInfraVnetClient) SetupInfraVnetContainerInterface() error {
}
func (client *OVSInfraVnetClient) ConfigureInfraVnetContainerInterface(infraIP net.IPNet) error {
log.Printf("[ovs] Adding IP address %v to link %v.", infraIP.String(), client.ContainerInfraVethName)
logger.Info("[ovs] Adding IP address to link", zap.String("IP", infraIP.String()), zap.String("ContainerInfraVethName", client.ContainerInfraVethName))
err := client.netlink.AddIPAddress(client.ContainerInfraVethName, infraIP.IP, &infraIP)
if err != nil {
return newErrorOVSInfraVnetClient(err.Error())
@ -136,29 +144,30 @@ func (client *OVSInfraVnetClient) DeleteInfraVnetRules(
) {
ovs := ovsctl.NewOvsctl()
log.Printf("[ovs] Deleting MAC DNAT rule for infravnet IP address %v", infraIP.IP.String())
logger.Info("[ovs] Deleting MAC DNAT rule for infravnet IP address", zap.String("IP", infraIP.IP.String()))
ovs.DeleteMacDnatRule(bridgeName, hostPort, infraIP.IP, 0)
log.Printf("[ovs] Get ovs port for infravnet interface %v.", client.hostInfraVethName)
logger.Info("[ovs] Get ovs port for infravnet interface", zap.String("hostInfraVethName", client.hostInfraVethName))
infraContainerPort, err := ovs.GetOVSPortNumber(client.hostInfraVethName)
if err != nil {
log.Printf("[ovs] Get infravnet portnum failed with error %v", err)
logger.Error("[ovs] Get infravnet portnum failed with", zap.Error(err))
}
log.Printf("[ovs] Deleting IP SNAT for infravnet port %v", infraContainerPort)
logger.Info("Deleting IP SNAT for infravnet port", zap.String("infraContainerPort", infraContainerPort))
ovs.DeleteIPSnatRule(bridgeName, infraContainerPort)
log.Printf("[ovs] Deleting infravnet interface %v from bridge %v", client.hostInfraVethName, bridgeName)
logger.Info("[ovs] Deleting infravnet interface", zap.String("hostInfraVethName", client.hostInfraVethName), zap.String("bridgeName", bridgeName))
if err := ovs.DeletePortFromOVS(bridgeName, client.hostInfraVethName); err != nil {
log.Printf("[ovs] Deletion of infravnet interface %v from bridge %v failed", client.hostInfraVethName, bridgeName)
logger.Error("[ovs] Deletion of infravnet interface", zap.String("hostInfraVethName", client.hostInfraVethName), zap.String("bridgeName", bridgeName))
}
}
func (client *OVSInfraVnetClient) DeleteInfraVnetEndpoint() error {
log.Printf("[ovs] Deleting Infra veth pair %v.", client.hostInfraVethName)
logger.Info("[ovs] Deleting Infra veth pair", zap.String("hostInfraVethName", client.hostInfraVethName))
err := client.netlink.DeleteLink(client.hostInfraVethName)
if err != nil {
log.Printf("[ovs] Failed to delete veth pair %v: %v.", client.hostInfraVethName, err)
logger.Error("[ovs] Failed to delete veth pair", zap.String("hostInfraVethName", client.hostInfraVethName),
zap.Error(err))
return newErrorOVSInfraVnetClient(err.Error())
}

36
network/policy/policy_windows.go
Просмотреть файл

@ -5,11 +5,17 @@ import (
"fmt"
"net"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/network/log"
"github.com/Azure/azure-container-networking/network/networkutils"
"github.com/Microsoft/hcsshim"
"github.com/Microsoft/hcsshim/hcn"
"github.com/pkg/errors"
"go.uber.org/zap"
)
var (
loggerName = "policy"
logger = log.InitZapLogNet(loggerName)
)
const (
@ -71,7 +77,7 @@ func SerializePolicies(policyType CNIPolicyType, policies []Policy, epInfoData m
case OutBoundNatPolicy:
if snatAndSerialize || !enableMultiTenancy {
if serializedOutboundNatPolicy, err := SerializeOutBoundNATPolicy(policy, epInfoData); err != nil {
log.Printf("Failed to serialize OutBoundNAT policy")
logger.Error("Failed to serialize OutBoundNAT policy", zap.Error(err))
} else {
jsonPolicies = append(jsonPolicies, serializedOutboundNatPolicy)
}
@ -79,13 +85,13 @@ func SerializePolicies(policyType CNIPolicyType, policies []Policy, epInfoData m
case PortMappingPolicy:
// NATPolicy comes as a HNSv2 type, it needs to be converted to HNSv1
if serializedNatPolicy, err := SerializeNATPolicy(policy); err != nil {
log.Printf("Failed to serialize NatPolicy")
logger.Error("Failed to serialize NatPolicy", zap.Error(err))
} else {
jsonPolicies = append(jsonPolicies, serializedNatPolicy)
}
case LoopbackDSRPolicy:
if dsrPolicy, err := SerializeLoopbackDSRPolicy(policy); err != nil {
log.Printf("Failed to serialize DSR policy")
logger.Error("Failed to serialize DSR policy", zap.Error(err))
} else {
jsonPolicies = append(jsonPolicies, dsrPolicy)
}
@ -98,7 +104,7 @@ func SerializePolicies(policyType CNIPolicyType, policies []Policy, epInfoData m
if snatAndSerialize && ValidWinVerForDnsNat {
// SerializePolicies is only called for HnsV1 operations
if serializedDnsNatPolicy, err := AddDnsNATPolicyV1(); err != nil {
log.Printf("Failed to serialize DnsNAT policy")
logger.Error("Failed to serialize DnsNAT policy", zap.Error(err))
} else {
jsonPolicies = append(jsonPolicies, serializedDnsNatPolicy)
}
@ -122,7 +128,7 @@ func GetOutBoundNatExceptionList(policy Policy) ([]string, error) {
return exceptionList, nil
}
log.Printf("OutBoundNAT policy not set")
logger.Info("OutBoundNAT policy not set")
return nil, nil
}
@ -158,7 +164,7 @@ func SerializeOutBoundNATPolicy(policy Policy, epInfoData map[string]interface{}
exceptionList, err := GetOutBoundNatExceptionList(policy)
if err != nil {
log.Printf("Failed to parse outbound NAT policy %v", err)
logger.Error("Failed to parse outbound NAT policy", zap.Error(err))
return nil, err
}
@ -195,7 +201,7 @@ func SerializeLoopbackDSRPolicy(policy Policy) (json.RawMessage, error) {
return []byte{}, errors.Wrap(err, "unmarshal dsr data failed")
}
log.Printf("DSR policy for ip:%s", dsrData.IPAddress.String())
logger.Info("DSR policy for", zap.String("ip", dsrData.IPAddress.String()))
hnsLoopbackRoute := hcsshim.OutboundNatPolicy{
Policy: hcsshim.Policy{Type: hcsshim.OutboundNat},
@ -259,7 +265,7 @@ func GetPolicyType(policy Policy) CNIPolicyType {
}
}
// Return empty string if the policy type is invalid
log.Printf("Returning policyType INVALID")
logger.Info("Returning policyType INVALID")
return ""
}
@ -316,7 +322,7 @@ func GetHcnOutBoundNATPolicy(policy Policy, epInfoData map[string]interface{}) (
outBoundNATPolicySetting := hcn.OutboundNatPolicySetting{}
exceptionList, err := GetOutBoundNatExceptionList(policy)
if err != nil {
log.Printf("Failed to parse outbound NAT policy %v", err)
logger.Error("Failed to parse outbound NAT policy", zap.Error(err))
return outBoundNATPolicy, err
}
@ -456,7 +462,7 @@ func GetHcnLoopbackDSRPolicy(policy Policy) (hcn.EndpointPolicy, error) {
return hcn.EndpointPolicy{}, errors.Wrap(err, "unmarshal dsr data failed")
}
log.Printf("DSR policy for ip:%s", dsrData.IPAddress.String())
logger.Info("DSR policy for", zap.String("ip", dsrData.IPAddress.String()))
hcnLoopbackRoute := hcn.OutboundNatPolicySetting{
Destinations: []string{dsrData.IPAddress.String()},
@ -500,13 +506,13 @@ func GetHcnEndpointPolicies(policyType CNIPolicyType, policies []Policy, epInfoD
}
if err != nil {
log.Printf("Failed to parse policy: %+v with error %v", policy.Data, err)
logger.Error("Failed to parse policy", zap.Any("data", policy.Data), zap.Error(err))
return hcnEndPointPolicies, err
}
if !(isOutboundNatPolicy && enableMultiTenancy && !enableSnatForDns) {
hcnEndPointPolicies = append(hcnEndPointPolicies, endpointPolicy)
log.Printf("Successfully retrieve endpoint policy: %s", endpointPolicy.Type)
logger.Info("Successfully retrieve endpoint policy", zap.Any("type", endpointPolicy.Type))
}
}
}
@ -515,12 +521,12 @@ func GetHcnEndpointPolicies(policyType CNIPolicyType, policies []Policy, epInfoD
for _, natRule := range natInfo {
natPolicy, err := AddNATPolicyV2(natRule.VirtualIP, natRule.Destinations)
if err != nil {
log.Printf("Failed to retrieve NAT endpoint policy due to error: %v", err)
logger.Error("Failed to retrieve NAT endpoint policy due to error", zap.Error(err))
return hcnEndPointPolicies, err
}
hcnEndPointPolicies = append(hcnEndPointPolicies, natPolicy)
log.Printf("Successfully retrieve natInfo policy: %s", natPolicy.Type)
logger.Info("Successfully retrieve natInfo policy", zap.Any("type", natPolicy.Type))
}
}

115
network/snat/snat_linux.go
Просмотреть файл

@ -10,11 +10,12 @@ import (
"github.com/Azure/azure-container-networking/ebtables"
"github.com/Azure/azure-container-networking/iptables"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/log"
"github.com/Azure/azure-container-networking/network/networkutils"
"github.com/Azure/azure-container-networking/platform"
"github.com/pkg/errors"
"go.uber.org/zap"
)
const (
@ -27,6 +28,11 @@ const (
l2PreroutingEntries = "ebtables -t nat -L PREROUTING"
)
var (
loggerName = "net"
logger = log.InitZapLogNet(loggerName)
)
var errorSnatClient = errors.New("SnatClient Error")
func newErrorSnatClient(errStr string) error {
@ -55,7 +61,7 @@ func NewSnatClient(hostIfName string,
nl netlink.NetlinkInterface,
plClient platform.ExecClient,
) Client {
log.Printf("Initialize new snat client")
logger.Info("Initialize new snat client")
snatClient := Client{
hostSnatVethName: hostIfName,
containerSnatVethName: contIfName,
@ -69,15 +75,14 @@ func NewSnatClient(hostIfName string,
snatClient.SkipAddressesFromBlock = append(snatClient.SkipAddressesFromBlock, skipAddressesFromBlock...)
log.Printf("Initialize new snat client %+v", snatClient)
logger.Info("Initialize new snat client", zap.Any("snatClient", snatClient))
return snatClient
}
func (client *Client) CreateSnatEndpoint() error {
// Create linux Bridge for outbound connectivity
if err := client.createSnatBridge(client.SnatBridgeIP, client.hostPrimaryMac); err != nil {
log.Printf("creating snat bridge failed with error %v", err)
logger.Error("creating snat bridge failed with", zap.Error(err))
return err
}
@ -86,26 +91,26 @@ func (client *Client) CreateSnatEndpoint() error {
if client.enableProxyArpOnBridge {
// Enable proxy arp on bridge
if err := nuc.SetProxyArp(SnatBridgeName); err != nil {
log.Printf("Enabling proxy arp failed with error %v", err)
logger.Error("Enabling proxy arp failed with", zap.Error(err))
return errors.Wrap(err, "")
}
}
// SNAT Rule to masquerade packets destined to non-vnet ip
if err := client.addMasqueradeRule(client.SnatBridgeIP); err != nil {
log.Printf("Adding snat rule failed with error %v", err)
logger.Error("Adding snat rule failed with", zap.Error(err))
return err
}
// Drop all vlan packets coming via linux bridge.
if err := client.addVlanDropRule(); err != nil {
log.Printf("Adding vlan drop rule failed with error %v", err)
logger.Error("Adding vlan drop rule failed", zap.Error(err))
return err
}
// Create veth pair to tie one end to container and other end to linux bridge
if err := nuc.CreateEndpoint(client.hostSnatVethName, client.containerSnatVethName, nil); err != nil {
log.Printf("Creating Snat Endpoint failed with error %v", err)
logger.Error("AllowIPAddresses failed with", zap.Error(err))
return newErrorSnatClient(err.Error())
}
@ -119,7 +124,7 @@ func (client *Client) CreateSnatEndpoint() error {
// AllowIPAddressesOnSnatBridge adds iptables rules that allows only specific Private IPs via linux bridge
func (client *Client) AllowIPAddressesOnSnatBridge() error {
if err := networkutils.AllowIPAddresses(SnatBridgeName, client.SkipAddressesFromBlock, iptables.Insert); err != nil {
log.Printf("AllowIPAddresses failed with error %v", err)
logger.Error("AllowIPAddresses failed with", zap.Error(err))
return newErrorSnatClient(err.Error())
}
@ -129,7 +134,7 @@ func (client *Client) AllowIPAddressesOnSnatBridge() error {
// BlockIPAddressesOnSnatBridge adds iptables rules that blocks all private IPs flowing via linux bridge
func (client *Client) BlockIPAddressesOnSnatBridge() error {
if err := networkutils.BlockIPAddresses(SnatBridgeName, iptables.Append); err != nil {
log.Printf("AllowIPAddresses failed with error %v", err)
logger.Error("AllowIPAddresses failed with", zap.Error(err))
return newErrorSnatClient(err.Error())
}
@ -138,7 +143,8 @@ func (client *Client) BlockIPAddressesOnSnatBridge() error {
// Move container veth inside container network namespace
func (client *Client) MoveSnatEndpointToContainerNS(netnsPath string, nsID uintptr) error {
log.Printf("[snat] Setting link %v netns %v.", client.containerSnatVethName, netnsPath)
logger.Info("Setting link netns", zap.String("containerSnatVethName", client.containerSnatVethName),
zap.Any("netnsPath", netnsPath))
err := client.netlink.SetLinkNetNs(client.containerSnatVethName, nsID)
if err != nil {
return newErrorSnatClient(err.Error())
@ -170,13 +176,13 @@ func (client *Client) AllowInboundFromHostToNC() error {
// Create CNI Output chain
if err := iptables.CreateChain(iptables.V4, iptables.Filter, iptables.CNIOutputChain); err != nil {
log.Printf("AllowInboundFromHostToNC: Creating %v failed with error: %v", iptables.CNIOutputChain, err)
logger.Error("AllowInboundFromHostToNC: Creating failed with", zap.Any("CNIOutputChain", iptables.CNIOutputChain), zap.Error(err))
return newErrorSnatClient(err.Error())
}
// Forward traffic from Ouptut chain to CNI Output chain
if err := iptables.InsertIptableRule(iptables.V4, iptables.Filter, iptables.Output, "", iptables.CNIOutputChain); err != nil {
log.Printf("AllowInboundFromHostToNC: Inserting forward rule to %v failed with error: %v", iptables.CNIOutputChain, err)
logger.Error("AllowInboundFromHostToNC: Creating failed with", zap.Any("CNIOutputChain", iptables.CNIOutputChain), zap.Error(err))
return newErrorSnatClient(err.Error())
}
@ -184,19 +190,19 @@ func (client *Client) AllowInboundFromHostToNC() error {
matchCondition := fmt.Sprintf("-s %s -d %s", bridgeIP.String(), containerIP.String())
err := iptables.InsertIptableRule(iptables.V4, iptables.Filter, iptables.CNIOutputChain, matchCondition, iptables.Accept)
if err != nil {
log.Printf("AllowInboundFromHostToNC: Inserting output rule failed: %v", err)
logger.Error("AllowInboundFromHostToNC: Inserting output rule failed with ", zap.Error(err))
return newErrorSnatClient(err.Error())
}
// Create cniinput chain
if err := iptables.CreateChain(iptables.V4, iptables.Filter, iptables.CNIInputChain); err != nil {
log.Printf("AllowInboundFromHostToNC: Creating %v failed with error: %v", iptables.CNIInputChain, err)
logger.Error("AllowInboundFromHostToNC: Creating failed with", zap.Any("CNIOutputChain", iptables.CNIOutputChain), zap.Error(err))
return newErrorSnatClient(err.Error())
}
// Forward from Input to cniinput chain
if err := iptables.InsertIptableRule(iptables.V4, iptables.Filter, iptables.Input, "", iptables.CNIInputChain); err != nil {
log.Printf("AllowInboundFromHostToNC: Inserting forward rule to %v failed with error: %v", iptables.CNIInputChain, err)
logger.Error("AllowInboundFromHostToNC: Inserting forward rule to failed with", zap.Any("CNIOutputChain", iptables.CNIOutputChain), zap.Error(err))
return newErrorSnatClient(err.Error())
}
@ -204,14 +210,15 @@ func (client *Client) AllowInboundFromHostToNC() error {
matchCondition = fmt.Sprintf(" -i %s -m state --state %s,%s", SnatBridgeName, iptables.Established, iptables.Related)
err = iptables.InsertIptableRule(iptables.V4, iptables.Filter, iptables.CNIInputChain, matchCondition, iptables.Accept)
if err != nil {
log.Printf("AllowInboundFromHostToNC: Inserting input rule failed: %v", err)
logger.Error("AllowInboundFromHostToNC: Inserting input rule failed with", zap.Error(err))
return newErrorSnatClient(err.Error())
}
snatContainerVeth, _ := net.InterfaceByName(client.containerSnatVethName)
// Add static arp entry for localIP to prevent arp going out of VM
log.Printf("Adding static arp entry for ip %s mac %s", containerIP, snatContainerVeth.HardwareAddr.String())
logger.Info("Adding static arp entry for ip", zap.Any("containerIP", containerIP),
zap.String("HardwareAddr", snatContainerVeth.HardwareAddr.String()))
linkInfo := netlink.LinkInfo{
Name: SnatBridgeName,
IPAddr: containerIP,
@ -220,7 +227,8 @@ func (client *Client) AllowInboundFromHostToNC() error {
err = client.netlink.SetOrRemoveLinkAddress(linkInfo, netlink.ADD, netlink.NUD_PERMANENT)
if err != nil {
log.Printf("AllowInboundFromHostToNC: Error adding static arp entry for ip %s mac %s: %v", containerIP, snatContainerVeth.HardwareAddr.String(), err)
logger.Error("AllowInboundFromHostToNC: Error adding static arp entry for ip", zap.Any("containerIP", containerIP),
zap.String("HardwareAddr", snatContainerVeth.HardwareAddr.String()), zap.Error(err))
return newErrorSnatClient(err.Error())
}
@ -234,11 +242,11 @@ func (client *Client) DeleteInboundFromHostToNC() error {
matchCondition := fmt.Sprintf("-s %s -d %s", bridgeIP.String(), containerIP.String())
err := iptables.DeleteIptableRule(iptables.V4, iptables.Filter, iptables.CNIOutputChain, matchCondition, iptables.Accept)
if err != nil {
log.Printf("DeleteInboundFromHostToNC: Error removing output rule %v", err)
logger.Error("DeleteInboundFromHostToNC: Error removing output rule", zap.Error(err))
}
// Remove static arp entry added for container local IP
log.Printf("Removing static arp entry for ip %s ", containerIP)
logger.Info("Removing static arp entry for ip", zap.Any("containerIP", containerIP))
linkInfo := netlink.LinkInfo{
Name: SnatBridgeName,
IPAddr: containerIP,
@ -247,7 +255,8 @@ func (client *Client) DeleteInboundFromHostToNC() error {
err = client.netlink.SetOrRemoveLinkAddress(linkInfo, netlink.REMOVE, netlink.NUD_INCOMPLETE)
if err != nil {
log.Printf("AllowInboundFromHostToNC: Error removing static arp entry for ip %s: %v", containerIP, err)
logger.Error("AllowInboundFromHostToNC: Error removing static arp entry for ip", zap.Any("containerIP", containerIP),
zap.Error(err))
}
return err
@ -259,13 +268,15 @@ func (client *Client) AllowInboundFromNCToHost() error {
// Create CNI Input chain
if err := iptables.CreateChain(iptables.V4, iptables.Filter, iptables.CNIInputChain); err != nil {
log.Printf("AllowInboundFromHostToNC: Creating %v failed with error: %v", iptables.CNIInputChain, err)
logger.Error("AllowInboundFromHostToNC: Creating failed with", zap.String("CNIInputChain", iptables.CNIInputChain),
zap.Error(err))
return err
}
// Forward traffic from Input to cniinput chain
if err := iptables.InsertIptableRule(iptables.V4, iptables.Filter, iptables.Input, "", iptables.CNIInputChain); err != nil {
log.Printf("AllowInboundFromHostToNC: Inserting forward rule to %v failed with error: %v", iptables.CNIInputChain, err)
logger.Error("AllowInboundFromHostToNC: Inserting forward rule to failed with", zap.String("CNIInputChain", iptables.CNIInputChain),
zap.Error(err))
return err
}
@ -273,19 +284,21 @@ func (client *Client) AllowInboundFromNCToHost() error {
matchCondition := fmt.Sprintf("-s %s -d %s", containerIP.String(), bridgeIP.String())
err := iptables.InsertIptableRule(iptables.V4, iptables.Filter, iptables.CNIInputChain, matchCondition, iptables.Accept)
if err != nil {
log.Printf("AllowInboundFromHostToNC: Inserting output rule failed: %v", err)
logger.Error("AllowInboundFromHostToNC: Inserting output rule failed with", zap.Error(err))
return err
}
// Create CNI output chain
if err := iptables.CreateChain(iptables.V4, iptables.Filter, iptables.CNIOutputChain); err != nil {
log.Printf("AllowInboundFromHostToNC: Creating %v failed with error: %v", iptables.CNIOutputChain, err)
logger.Error("AllowInboundFromHostToNC: Creating failed with", zap.String("CNIInputChain", iptables.CNIInputChain),
zap.Error(err))
return err
}
// Forward traffic from Output to CNI Output chain
if err := iptables.InsertIptableRule(iptables.V4, iptables.Filter, iptables.Output, "", iptables.CNIOutputChain); err != nil {
log.Printf("AllowInboundFromHostToNC: Inserting forward rule to %v failed with error: %v", iptables.CNIOutputChain, err)
logger.Error("AllowInboundFromHostToNC: Inserting forward rule to failed with", zap.String("CNIInputChain", iptables.CNIInputChain),
zap.Error(err))
return err
}
@ -293,14 +306,14 @@ func (client *Client) AllowInboundFromNCToHost() error {
matchCondition = fmt.Sprintf(" -o %s -m state --state %s,%s", SnatBridgeName, iptables.Established, iptables.Related)
err = iptables.InsertIptableRule(iptables.V4, iptables.Filter, iptables.CNIOutputChain, matchCondition, iptables.Accept)
if err != nil {
log.Printf("AllowInboundFromHostToNC: Inserting input rule failed: %v", err)
logger.Error("AllowInboundFromHostToNC: Inserting input rule failed with", zap.Error(err))
return err
}
snatContainerVeth, _ := net.InterfaceByName(client.containerSnatVethName)
// Add static arp entry for localIP to prevent arp going out of VM
log.Printf("Adding static arp entry for ip %s mac %s", containerIP, snatContainerVeth.HardwareAddr.String())
logger.Info("Adding static arp entry for ip", zap.Any("containerIP", containerIP), zap.String("HardwareAddr", snatContainerVeth.HardwareAddr.String()))
linkInfo := netlink.LinkInfo{
Name: SnatBridgeName,
IPAddr: containerIP,
@ -309,7 +322,8 @@ func (client *Client) AllowInboundFromNCToHost() error {
err = client.netlink.SetOrRemoveLinkAddress(linkInfo, netlink.ADD, netlink.NUD_PERMANENT)
if err != nil {
log.Printf("AllowInboundFromNCToHost: Error adding static arp entry for ip %s mac %s: %v", containerIP, snatContainerVeth.HardwareAddr.String(), err)
logger.Error("AllowInboundFromNCToHost: Error adding static arp entry for ip", zap.Any("containerIP", containerIP),
zap.String("HardwareAddr", snatContainerVeth.HardwareAddr.String()), zap.Error(err))
}
return err
@ -322,11 +336,11 @@ func (client *Client) DeleteInboundFromNCToHost() error {
matchCondition := fmt.Sprintf("-s %s -d %s", containerIP.String(), bridgeIP.String())
err := iptables.DeleteIptableRule(iptables.V4, iptables.Filter, iptables.CNIInputChain, matchCondition, iptables.Accept)
if err != nil {
log.Printf("DeleteInboundFromNCToHost: Error removing output rule %v", err)
logger.Error("DeleteInboundFromNCToHost: Error removing output rule", zap.Error(err))
}
// Remove static arp entry added for container local IP
log.Printf("Removing static arp entry for ip %s ", containerIP)
logger.Info("Removing static arp entry for ip", zap.Any("containerIP", containerIP))
linkInfo := netlink.LinkInfo{
Name: SnatBridgeName,
IPAddr: containerIP,
@ -335,7 +349,8 @@ func (client *Client) DeleteInboundFromNCToHost() error {
err = client.netlink.SetOrRemoveLinkAddress(linkInfo, netlink.REMOVE, netlink.NUD_INCOMPLETE)
if err != nil {
log.Printf("DeleteInboundFromNCToHost: Error removing static arp entry for ip %s: %v", containerIP, err)
logger.Error("DeleteInboundFromNCToHost: Error removing static arp entry for ip",
zap.Any("containerIP", containerIP), zap.Error(err))
}
return err
@ -343,7 +358,8 @@ func (client *Client) DeleteInboundFromNCToHost() error {
// Configures Local IP Address for container Veth
func (client *Client) ConfigureSnatContainerInterface() error {
log.Printf("[snat] Adding IP address %v to link %v.", client.localIP, client.containerSnatVethName)
logger.Info("[snat] IP address", zap.String("localIP", client.localIP),
zap.String("containerSnatVethName", client.containerSnatVethName))
ip, intIpAddr, _ := net.ParseCIDR(client.localIP)
err := client.netlink.AddIPAddress(client.containerSnatVethName, ip, intIpAddr)
if err != nil {
@ -353,10 +369,11 @@ func (client *Client) ConfigureSnatContainerInterface() error {
}
func (client *Client) DeleteSnatEndpoint() error {
log.Printf("[snat] Deleting snat veth pair %v.", client.hostSnatVethName)
logger.Info("[snat] Deleting snat veth pair", zap.String("hostSnatVethName", client.hostSnatVethName))
err := client.netlink.DeleteLink(client.hostSnatVethName)
if err != nil {
log.Printf("[snat] Failed to delete veth pair %v: %v.", client.hostSnatVethName, err)
logger.Error("[snat] Failed to delete veth pair", zap.String("hostSnatVethName", client.hostSnatVethName),
zap.Error(err))
return newErrorSnatClient(err.Error())
}
@ -366,12 +383,14 @@ func (client *Client) DeleteSnatEndpoint() error {
func (client *Client) setBridgeMac(hostPrimaryMac string) error {
hwAddr, err := net.ParseMAC(hostPrimaryMac)
if err != nil {
log.Errorf("Error while parsing host primary mac: %s error:%+v", hostPrimaryMac, err)
logger.Error("Error while parsing host primary mac", zap.String("hostPrimaryMac", hostPrimaryMac),
zap.Error(err))
return err
}
if err = client.netlink.SetLinkAddress(SnatBridgeName, hwAddr); err != nil {
log.Errorf("Error while setting macaddr on bridge: %s error:%+v", hwAddr.String(), err)
logger.Error("Error while setting macaddr on bridge", zap.String("hwAddr", hwAddr.String()),
zap.Error(err))
}
return err
}
@ -380,7 +399,7 @@ func (client *Client) DropArpForSnatBridgeApipaRange(snatBridgeIP, azSnatVethIfN
var err error
_, ipCidr, _ := net.ParseCIDR(snatBridgeIP)
if err = ebtables.SetArpDropRuleForIpCidr(ipCidr.String(), azSnatVethIfName); err != nil {
log.Errorf("Error setting arp drop rule for snatbridge ip :%s", snatBridgeIP)
logger.Error("Error setting arp drop rule for snatbridge ip", zap.String("snatBridgeIP", snatBridgeIP))
}
return err
@ -390,9 +409,9 @@ func (client *Client) DropArpForSnatBridgeApipaRange(snatBridgeIP, azSnatVethIfN
func (client *Client) createSnatBridge(snatBridgeIP, hostPrimaryMac string) error {
_, err := net.InterfaceByName(SnatBridgeName)
if err == nil {
log.Printf("Snat Bridge already exists")
logger.Info("Snat Bridge already exists")
} else {
log.Printf("[net] Creating Snat bridge %v.", SnatBridgeName)
logger.Info("Creating Snat bridge", zap.String("SnatBridgeName", SnatBridgeName))
link := netlink.BridgeLink{
LinkInfo: netlink.LinkInfo{
@ -406,7 +425,7 @@ func (client *Client) createSnatBridge(snatBridgeIP, hostPrimaryMac string) erro
}
}
log.Printf("Setting snat bridge mac: %s", hostPrimaryMac)
logger.Info("Setting snat bridge mac", zap.String("hostPrimaryMac", hostPrimaryMac))
if err := client.setBridgeMac(hostPrimaryMac); err != nil {
return err
}
@ -417,12 +436,12 @@ func (client *Client) createSnatBridge(snatBridgeIP, hostPrimaryMac string) erro
return err
}
log.Printf("Assigning %v on snat bridge", snatBridgeIP)
logger.Info("Setting snat bridge mac", zap.String("hostPrimaryMac", hostPrimaryMac))
ip, addr, _ := net.ParseCIDR(snatBridgeIP)
err = client.netlink.AddIPAddress(SnatBridgeName, ip, addr)
if err != nil && !strings.Contains(strings.ToLower(err.Error()), "file exists") {
log.Printf("[net] Failed to add IP address %v: %v.", addr, err)
logger.Error("Failed to add IP address", zap.Any("addr", addr), zap.Error(err))
return newErrorSnatClient(err.Error())
}
@ -444,17 +463,17 @@ func (client *Client) addMasqueradeRule(snatBridgeIPWithPrefix string) error {
func (client *Client) addVlanDropRule() error {
out, err := client.plClient.ExecuteCommand(l2PreroutingEntries)
if err != nil {
log.Printf("Error while listing ebtable rules %v", err)
logger.Error("Error while listing ebtable rules")
return err
}
out = strings.TrimSpace(out)
if strings.Contains(out, vlanDropMatch) {
log.Printf("vlan drop rule already exists")
logger.Info("vlan drop rule already exists")
return nil
}
log.Printf("Adding ebtable rule to drop vlan traffic on snat bridge %v", vlanDropAddRule)
logger.Info("Adding ebtable rule to drop vlan traffic on snat bridge", zap.String("vlanDropAddRule", vlanDropAddRule))
_, err = client.plClient.ExecuteCommand(vlanDropAddRule)
return err
}

42
network/transparent_endpointclient_linux.go
Просмотреть файл

@ -5,11 +5,11 @@ import (
"fmt"
"net"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/netio"
"github.com/Azure/azure-container-networking/netlink"
"github.com/Azure/azure-container-networking/network/networkutils"
"github.com/Azure/azure-container-networking/platform"
"go.uber.org/zap"
)
const (
@ -78,9 +78,9 @@ func (client *TransparentEndpointClient) setArpProxy(ifName string) error {
func (client *TransparentEndpointClient) AddEndpoints(epInfo *EndpointInfo) error {
if _, err := client.netioshim.GetNetworkInterfaceByName(client.hostVethName); err == nil {
log.Printf("Deleting old host veth %v", client.hostVethName)
logger.Info("Deleting old host veth", zap.String("hostVethName", client.hostVethName))
if err = client.netlink.DeleteLink(client.hostVethName); err != nil {
log.Printf("[net] Failed to delete old hostveth %v: %v.", client.hostVethName, err)
logger.Error("Failed to delete old", zap.String("hostVethName", client.hostVethName), zap.Error(err))
return newErrorTransparentEndpointClient(err.Error())
}
}
@ -92,7 +92,7 @@ func (client *TransparentEndpointClient) AddEndpoints(epInfo *EndpointInfo) erro
mac, err := net.ParseMAC(defaultHostVethHwAddr)
if err != nil {
log.Printf("[net] Failed to parse the mac addrress %v", defaultHostVethHwAddr)
logger.Error("Failed to parse the mac addrress", zap.String("defaultHostVethHwAddr", defaultHostVethHwAddr))
}
if err = client.netUtilsClient.CreateEndpoint(client.hostVethName, client.containerVethName, mac); err != nil {
@ -102,7 +102,7 @@ func (client *TransparentEndpointClient) AddEndpoints(epInfo *EndpointInfo) erro
defer func() {
if err != nil {
if delErr := client.netlink.DeleteLink(client.hostVethName); delErr != nil {
log.Errorf("Deleting veth failed on addendpoint failure:%v", delErr)
logger.Error("Deleting veth failed on addendpoint failure", zap.Error(delErr))
}
}
}()
@ -121,13 +121,15 @@ func (client *TransparentEndpointClient) AddEndpoints(epInfo *EndpointInfo) erro
client.hostVethMac = hostVethIf.HardwareAddr
log.Printf("Setting mtu %d on veth interface %s", primaryIf.MTU, client.hostVethName)
logger.Info("Setting mtu on veth interface", zap.Int("MTU", primaryIf.MTU), zap.String("hostVethName", client.hostVethName))
if err := client.netlink.SetLinkMTU(client.hostVethName, primaryIf.MTU); err != nil {
log.Errorf("Setting mtu failed for hostveth %s:%v", client.hostVethName, err)
logger.Error("Setting mtu failed for hostveth", zap.String("hostVethName", client.hostVethName),
zap.Error(err))
}
if err := client.netlink.SetLinkMTU(client.containerVethName, primaryIf.MTU); err != nil {
log.Errorf("Setting mtu failed for containerveth %s:%v", client.containerVethName, err)
logger.Error("Setting mtu failed for containerveth", zap.String("containerVethName", client.containerVethName),
zap.Error(err))
}
return nil
@ -149,7 +151,7 @@ func (client *TransparentEndpointClient) AddEndpointRules(epInfo *EndpointInfo)
} else {
ipNet = net.IPNet{IP: ipAddr.IP, Mask: net.CIDRMask(ipv6FullMask, ipv6Bits)}
}
log.Printf("[net] Adding route for the ip %v", ipNet.String())
logger.Info("Adding route for the", zap.String("ip", ipNet.String()))
routeInfo.Dst = ipNet
routeInfoList = append(routeInfoList, routeInfo)
}
@ -158,9 +160,9 @@ func (client *TransparentEndpointClient) AddEndpointRules(epInfo *EndpointInfo)
return newErrorTransparentEndpointClient(err.Error())
}
log.Printf("calling setArpProxy for %v", client.hostVethName)
logger.Info("calling setArpProxy for", zap.String("hostVethName", client.hostVethName))
if err := client.setArpProxy(client.hostVethName); err != nil {
log.Printf("setArpProxy failed with: %v", err)
logger.Error("setArpProxy failed with", zap.Error(err))
return err
}
@ -182,17 +184,17 @@ func (client *TransparentEndpointClient) DeleteEndpointRules(ep *endpoint) {
ipNet = net.IPNet{IP: ipAddr.IP, Mask: net.CIDRMask(ipv6FullMask, ipv6Bits)}
}
log.Printf("[net] Deleting route for the ip %v", ipNet.String())
logger.Info("Deleting route for the", zap.String("ip", ipNet.String()))
routeInfo.Dst = ipNet
if err := deleteRoutes(client.netlink, client.netioshim, client.hostVethName, []RouteInfo{routeInfo}); err != nil {
log.Printf("[net] Failed to delete route on VM for the ip %v: %v", ipNet.String(), err)
logger.Error("Failed to delete route on VM for the", zap.String("ip", ipNet.String()), zap.Error(err))
}
}
}
func (client *TransparentEndpointClient) MoveEndpointsToContainerNS(epInfo *EndpointInfo, nsID uintptr) error {
// Move the container interface to container's network namespace.
log.Printf("[net] Setting link %v netns %v.", client.containerVethName, epInfo.NetNsPath)
logger.Info("Setting link netns", zap.String("containerVethName", client.containerVethName), zap.String("NetNsPath", epInfo.NetNsPath))
if err := client.netlink.SetLinkNetNs(client.containerVethName, nsID); err != nil {
return newErrorTransparentEndpointClient(err.Error())
}
@ -251,8 +253,8 @@ func (client *TransparentEndpointClient) ConfigureContainerInterfacesAndRoutes(e
}
// arp -s 169.254.1.1 e3:45:f4:ac:34:12 - add static arp entry for virtualgwip to hostveth interface mac
log.Printf("[net] Adding static arp for IP address %v and MAC %v in Container namespace",
virtualGwNet.String(), client.hostVethMac)
logger.Info("Adding static arp for IP address and MAC in Container namespace",
zap.String("address", virtualGwNet.String()), zap.Any("hostVethMac", client.hostVethMac))
linkInfo := netlink.LinkInfo{
Name: client.containerVethName,
IPAddr: virtualGwNet.IP,
@ -279,7 +281,7 @@ func (client *TransparentEndpointClient) ConfigureContainerInterfacesAndRoutes(e
}
func (client *TransparentEndpointClient) setupIPV6Routes() error {
log.Printf("Setting up ipv6 routes in container")
logger.Info("Setting up ipv6 routes in container")
// add route for virtualgwip
// ip -6 route add fe80::1234:5678:9abc/128 dev eth0
@ -291,7 +293,7 @@ func (client *TransparentEndpointClient) setupIPV6Routes() error {
// ip -6 route add default via fe80::1234:5678:9abc dev eth0
_, defaultIPNet, _ := net.ParseCIDR(defaultv6Cidr)
log.Printf("defaultv6ipnet :%+v", defaultIPNet)
logger.Info("defaultv6ipnet", zap.Any("defaultIPNet", defaultIPNet))
defaultRoute := RouteInfo{
Dst: *defaultIPNet,
Gw: virtualGwIP,
@ -301,7 +303,7 @@ func (client *TransparentEndpointClient) setupIPV6Routes() error {
}
func (client *TransparentEndpointClient) setIPV6NeighEntry() error {
log.Printf("[net] Add v6 neigh entry for default gw ip")
logger.Info("Add v6 neigh entry for default gw ip")
hostGwIP, _, _ := net.ParseCIDR(virtualv6GwString)
linkInfo := netlink.LinkInfo{
Name: client.containerVethName,
@ -310,7 +312,7 @@ func (client *TransparentEndpointClient) setIPV6NeighEntry() error {
}
if err := client.netlink.SetOrRemoveLinkAddress(linkInfo, netlink.ADD, netlink.NUD_PERMANENT); err != nil {
log.Printf("Failed setting neigh entry in container: %+v", err)
logger.Error("Failed setting neigh entry in container", zap.Error(err))
return fmt.Errorf("Failed setting neigh entry in container: %w", err)
}

61
network/transparent_vlan_endpointclient_linux.go
Просмотреть файл

@ -16,6 +16,7 @@ import (
"github.com/Azure/azure-container-networking/platform"
"github.com/pkg/errors"
vishnetlink "github.com/vishvananda/netlink"
"go.uber.org/zap"
)
const (
@ -131,16 +132,16 @@ func (client *TransparentVlanEndpointClient) createNetworkNamespace(vmNS, numRet
if err != nil {
return errors.Wrap(err, "failed to create vnet ns")
}
log.Printf("Vnet Namespace created: %s", client.netnsClient.NamespaceUniqueID(vnetNS))
logger.Info("Vnet Namespace created", zap.String("vnetNS", client.netnsClient.NamespaceUniqueID(vnetNS)))
if !client.netnsClient.IsNamespaceEqual(vnetNS, vmNS) {
client.vnetNSFileDescriptor = vnetNS
isNamespaceUnique = true
break
}
log.Printf("Vnet Namespace is the same as VM namespace. Deleting and retrying...")
logger.Info("Vnet Namespace is the same as VM namespace. Deleting and retrying...")
delErr := client.netnsClient.DeleteNamed(client.vnetNSName)
if delErr != nil {
log.Errorf("failed to cleanup/delete ns after failing to create vlan veth:%v", delErr)
logger.Error("failed to cleanup/delete ns after failing to create vlan veth", zap.Any("error:", delErr.Error()))
}
time.Sleep(time.Duration(sleepInMs) * time.Millisecond)
}
@ -159,14 +160,14 @@ func (client *TransparentVlanEndpointClient) PopulateVM(epInfo *EndpointInfo) er
return errors.Wrap(err, "failed to get vm ns handle")
}
log.Printf("[transparent vlan] Checking if NS exists...")
logger.Info("Checking if NS exists...")
var existingErr error
client.vnetNSFileDescriptor, existingErr = client.netnsClient.GetFromName(client.vnetNSName)
// If the ns does not exist, the below code will trigger to create it
// This will also (we assume) mean the vlan veth does not exist
if existingErr != nil {
// We assume the only possible error is that the namespace doesn't exist
log.Printf("[transparent vlan] No existing NS detected. Creating the vnet namespace and switching to it")
logger.Info("No existing NS detected. Creating the vnet namespace and switching to it")
if err = client.createNetworkNamespace(vmNS, numRetries); err != nil {
return errors.Wrap(err, "")
@ -176,10 +177,10 @@ func (client *TransparentVlanEndpointClient) PopulateVM(epInfo *EndpointInfo) er
// Any failure will trigger removing the namespace created
defer func() {
if deleteNSIfNotNilErr != nil {
log.Logf("[transparent vlan] removing vnet ns due to failure...")
logger.Info("[transparent vlan] removing vnet ns due to failure...")
err = client.netnsClient.DeleteNamed(client.vnetNSName)
if err != nil {
log.Errorf("failed to cleanup/delete ns after failing to create vlan veth")
logger.Error("failed to cleanup/delete ns after failing to create vlan veth")
}
}
}()
@ -188,7 +189,7 @@ func (client *TransparentVlanEndpointClient) PopulateVM(epInfo *EndpointInfo) er
}
// Now create vlan veth
log.Printf("[transparent vlan] Create the host vlan link after getting eth0: %s", client.primaryHostIfName)
logger.Info("Create the host vlan link after getting eth0", zap.String("primaryHostIfName", client.primaryHostIfName))
// Get parent interface index. Index is consistent across libraries.
eth0, deleteNSIfNotNilErr := client.netioshim.GetNetworkInterfaceByName(client.primaryHostIfName)
if deleteNSIfNotNilErr != nil {
@ -202,7 +203,7 @@ func (client *TransparentVlanEndpointClient) PopulateVM(epInfo *EndpointInfo) er
LinkAttrs: linkAttrs,
VlanId: client.vlanID,
}
log.Printf("[transparent vlan] Attempting to create %s link in VM NS", client.vlanIfName)
logger.Info("Attempting to create link in VM NS", zap.String("vlanIfName", client.vlanIfName))
// Create vlan veth
deleteNSIfNotNilErr = vishnetlink.LinkAdd(link)
if deleteNSIfNotNilErr != nil {
@ -214,9 +215,9 @@ func (client *TransparentVlanEndpointClient) PopulateVM(epInfo *EndpointInfo) er
}
defer func() {
if deleteNSIfNotNilErr != nil {
log.Logf("[transparent vlan] removing vlan veth due to failure...")
logger.Info("removing vlan veth due to failure...")
if delErr := client.netlink.DeleteLink(client.vlanIfName); delErr != nil {
log.Errorf("deleting vlan veth failed on addendpoint failure")
logger.Error("deleting vlan veth failed on addendpoint failure with", zap.Any("error:", delErr.Error()))
}
}
}()
@ -238,19 +239,19 @@ func (client *TransparentVlanEndpointClient) PopulateVM(epInfo *EndpointInfo) er
return errors.Wrap(deleteNSIfNotNilErr, "failed to disable router advertisements for vlan vnet link")
}
// vlan veth was created successfully, so move the vlan veth you created
log.Printf("[transparent vlan] Move vlan link (%s) to vnet NS: %d", client.vlanIfName, uintptr(client.vnetNSFileDescriptor))
logger.Info("Move vlan link to vnet NS", zap.String("vlanIfName", client.vlanIfName), zap.Any("vnetNSFileDescriptor", uintptr(client.vnetNSFileDescriptor)))
deleteNSIfNotNilErr = client.netlink.SetLinkNetNs(client.vlanIfName, uintptr(client.vnetNSFileDescriptor))
if deleteNSIfNotNilErr != nil {
return errors.Wrap(deleteNSIfNotNilErr, "deleting vlan veth in vm ns due to addendpoint failure")
}
} else {
log.Printf("[transparent vlan] Existing NS (%s) detected. Assuming %s exists too", client.vnetNSName, client.vlanIfName)
logger.Info("Existing NS detected. Assuming exists too", zap.String("vnetNSName", client.vnetNSName), zap.String("vlanIfName", client.vlanIfName))
}
// Get the default constant host veth mac
mac, err := net.ParseMAC(defaultHostVethHwAddr)
if err != nil {
log.Printf("[net] Failed to parse the mac addrress %v", defaultHostVethHwAddr)
logger.Info("Failed to parse the mac addrress", zap.String("defaultHostVethHwAddr", defaultHostVethHwAddr))
}
// Create veth pair
@ -260,20 +261,20 @@ func (client *TransparentVlanEndpointClient) PopulateVM(epInfo *EndpointInfo) er
// Disable RA for veth pair, and delete if any failure
if err = client.netUtilsClient.DisableRAForInterface(client.vnetVethName); err != nil {
if delErr := client.netlink.DeleteLink(client.vnetVethName); delErr != nil {
log.Errorf("Deleting vnet veth failed on addendpoint failure:%v", delErr)
logger.Error("Deleting vnet veth failed on addendpoint failure with", zap.Error(delErr))
}
return errors.Wrap(err, "failed to disable RA on vnet veth, deleting")
}
if err = client.netUtilsClient.DisableRAForInterface(client.containerVethName); err != nil {
if delErr := client.netlink.DeleteLink(client.containerVethName); delErr != nil {
log.Errorf("Deleting container veth failed on addendpoint failure:%v", delErr)
logger.Error("Deleting container veth failed on addendpoint failure with", zap.Error(delErr))
}
return errors.Wrap(err, "failed to disable RA on container veth, deleting")
}
if err = client.netlink.SetLinkNetNs(client.vnetVethName, uintptr(client.vnetNSFileDescriptor)); err != nil {
if delErr := client.netlink.DeleteLink(client.vnetVethName); delErr != nil {
log.Errorf("Deleting vnet veth failed on addendpoint failure:%v", delErr)
logger.Error("Deleting vnet veth failed on addendpoint failure with", zap.Error(delErr))
}
return errors.Wrap(err, "failed to move vnetVethName into vnet ns, deleting")
}
@ -314,7 +315,7 @@ func (client *TransparentVlanEndpointClient) AddEndpointRules(epInfo *EndpointIn
if err := client.AddSnatEndpointRules(); err != nil {
return errors.Wrap(err, "failed to add snat endpoint rules")
}
log.Printf("[transparent vlan] Adding tunneling rules in vnet namespace")
logger.Info("[transparent-vlan] Adding tunneling rules in vnet namespace")
err := ExecuteInNS(client.vnetNSName, func() error {
return client.AddVnetRules(epInfo)
})
@ -451,7 +452,7 @@ func (client *TransparentVlanEndpointClient) ConfigureVnetInterfacesAndRoutesImp
// Delete old route if any for this IP
err = deleteRoutes(client.netlink, client.netioshim, "", routeInfoList)
log.Printf("[transparent-vlan] Deleting old routes returned:%v", err)
logger.Info("[transparent-vlan] Deleting old routes returned", zap.Error(err))
if err = addRoutes(client.netlink, client.netioshim, client.vnetVethName, routeInfoList); err != nil {
return errors.Wrap(err, "failed adding routes to vnet specific to this container")
@ -524,8 +525,8 @@ func (client *TransparentVlanEndpointClient) addDefaultRoutes(linkToName string,
// Example: (169.254.2.1) at 12:34:56:78:9a:bc [ether] PERM on <interfaceName>
func (client *TransparentVlanEndpointClient) AddDefaultArp(interfaceName, destMac string) error {
_, virtualGwNet, _ := net.ParseCIDR(virtualGwIPVlanString)
log.Printf("[net] Adding static arp for IP address %v and MAC %v in namespace",
virtualGwNet.String(), destMac)
logger.Info("Adding static arp for",
zap.String("IP", virtualGwNet.String()), zap.String("MAC", destMac))
hardwareAddr, err := net.ParseMAC(destMac)
if err != nil {
return errors.Wrap(err, "unable to parse mac")
@ -574,7 +575,7 @@ func (client *TransparentVlanEndpointClient) DeleteEndpointsImpl(ep *endpoint, _
return errors.Wrap(err, "failed to remove routes")
}
log.Printf("Deleting host veth %v", client.vnetVethName)
logger.Info("Deleting host veth", zap.String("vnetVethName", client.vnetVethName))
// Delete Host Veth
if err := client.netlink.DeleteLink(client.vnetVethName); err != nil {
return errors.Wrapf(err, "deleteLink for %v failed", client.vnetVethName)
@ -601,35 +602,35 @@ func ExecuteInNS(nsName string, f func() error) error {
// Current namespace
returnedTo, err := GetCurrentThreadNamespace()
if err != nil {
log.Errorf("[ExecuteInNS] Could not get NS we are in: %v", err)
logger.Error("[ExecuteInNS] Could not get NS we are in", zap.Error(err))
} else {
log.Printf("[ExecuteInNS] In NS before switch: %s", returnedTo.file.Name())
logger.Info("[ExecuteInNS] In NS before switch", zap.String("fileName", returnedTo.file.Name()))
}
// Open the network namespace
log.Printf("[ExecuteInNS] Opening ns %v.", fmt.Sprintf("/var/run/netns/%s", nsName))
logger.Info("[ExecuteInNS] Opening ns", zap.String("nsName", fmt.Sprintf("/var/run/netns/%s", nsName)))
ns, err := OpenNamespace(fmt.Sprintf("/var/run/netns/%s", nsName))
if err != nil {
return err
}
defer ns.Close()
// Enter the network namespace
log.Printf("[ExecuteInNS] Entering ns %s.", ns.file.Name())
logger.Info("[ExecuteInNS] Entering ns", zap.String("nsFileName", ns.file.Name()))
if err := ns.Enter(); err != nil {
return err
}
// Exit network namespace
defer func() {
log.Printf("[ExecuteInNS] Exiting ns %s.", ns.file.Name())
logger.Info("[ExecuteInNS] Exiting ns", zap.String("nsFileName", ns.file.Name()))
if err := ns.Exit(); err != nil {
log.Errorf("[ExecuteInNS] Could not exit ns, err:%v.", err)
logger.Error("[ExecuteInNS] Could not exit ns", zap.Error(err))
}
returnedTo, err := GetCurrentThreadNamespace()
if err != nil {
log.Errorf("[ExecuteInNS] Could not get NS we returned to: %v", err)
logger.Error("[ExecuteInNS] Could not get NS we returned to", zap.Error(err))
} else {
log.Printf("[ExecuteInNS] Returned to NS: %s", returnedTo.file.Name())
logger.Info("[ExecuteInNS] Returned to NS", zap.String("fileName", returnedTo.file.Name()))
}
}()
return f()

54
ovsctl/ovsctl.go
Просмотреть файл

@ -10,8 +10,14 @@ import (
"strings"
"github.com/Azure/azure-container-networking/common"
"github.com/Azure/azure-container-networking/log"
"github.com/Azure/azure-container-networking/network/log"
"github.com/Azure/azure-container-networking/platform"
"go.uber.org/zap"
)
var (
loggerName = "ovs"
logger = log.InitZapLogNet(loggerName)
)
const (
@ -59,12 +65,12 @@ func NewOvsctl() Ovsctl {
}
func (o Ovsctl) CreateOVSBridge(bridgeName string) error {
log.Printf("[ovs] Creating OVS Bridge %v", bridgeName)
logger.Info("Creating OVS Bridge", zap.String("name", bridgeName))
ovsCreateCmd := fmt.Sprintf("ovs-vsctl add-br %s", bridgeName)
_, err := o.execcli.ExecuteCommand(ovsCreateCmd)
if err != nil {
log.Printf("[ovs] Error while creating OVS bridge %v", err)
logger.Error("Error while creating OVS bridge", zap.Error(err))
return newErrorOvsctl(err.Error())
}
@ -72,12 +78,12 @@ func (o Ovsctl) CreateOVSBridge(bridgeName string) error {
}
func (o Ovsctl) DeleteOVSBridge(bridgeName string) error {
log.Printf("[ovs] Deleting OVS Bridge %v", bridgeName)
logger.Info("Deleting OVS Bridge", zap.String("name", bridgeName))
ovsCreateCmd := fmt.Sprintf("ovs-vsctl del-br %s", bridgeName)
_, err := o.execcli.ExecuteCommand(ovsCreateCmd)
if err != nil {
log.Printf("[ovs] Error while deleting OVS bridge %v", err)
logger.Error("Error while deleting OVS bridge", zap.Error(err))
return newErrorOvsctl(err.Error())
}
@ -88,7 +94,7 @@ func (o Ovsctl) AddPortOnOVSBridge(hostIfName, bridgeName string, vlanID int) er
cmd := fmt.Sprintf("ovs-vsctl add-port %s %s", bridgeName, hostIfName)
_, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[ovs] Error while setting OVS as master to primary interface %v", err)
logger.Error("Error while setting OVS as master to primary interface", zap.Error(err))
return newErrorOvsctl(err.Error())
}
@ -99,7 +105,7 @@ func (o Ovsctl) GetOVSPortNumber(interfaceName string) (string, error) {
cmd := fmt.Sprintf("ovs-vsctl get Interface %s ofport", interfaceName)
ofport, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[ovs] Get ofport failed with error %v", err)
logger.Error("Get ofport failed with", zap.Error(err))
return "", newErrorOvsctl(err.Error())
}
@ -110,7 +116,7 @@ func (o Ovsctl) AddVMIpAcceptRule(bridgeName, primaryIP, mac string) error {
cmd := fmt.Sprintf("ovs-ofctl add-flow %s ip,nw_dst=%s,dl_dst=%s,priority=%d,actions=normal", bridgeName, primaryIP, mac, high)
_, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[ovs] Adding SNAT rule failed with error %v", err)
logger.Error("Adding SNAT rule failed with", zap.Error(err))
return newErrorOvsctl(err.Error())
}
@ -122,7 +128,7 @@ func (o Ovsctl) AddArpSnatRule(bridgeName, mac, macHex, ofport string) error {
load:0x%s->NXM_NX_ARP_SHA[],output:%s'`, bridgeName, low, mac, macHex, ofport)
_, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[ovs] Adding ARP SNAT rule failed with error %v", err)
logger.Error("Adding ARP SNAT rule failed with", zap.Error(err))
return newErrorOvsctl(err.Error())
}
@ -148,7 +154,7 @@ func (o Ovsctl) AddIPSnatRule(bridgeName string, ip net.IP, vlanID int, port, ma
_, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[ovs] Adding IP SNAT rule failed with error %v", err)
logger.Error("Adding IP SNAT rule failed with", zap.Error(err))
return newErrorOvsctl(err.Error())
}
@ -157,7 +163,7 @@ func (o Ovsctl) AddIPSnatRule(bridgeName string, ip net.IP, vlanID int, port, ma
bridgeName, low, port)
_, err = o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[ovs] Dropping vlantag packet rule failed with error %v", err)
logger.Error("Dropping vlantag packet rule failed with", zap.Error(err))
return newErrorOvsctl(err.Error())
}
@ -170,7 +176,7 @@ func (o Ovsctl) AddArpDnatRule(bridgeName, port, mac string) error {
load:0x%s->NXM_NX_ARP_THA[],normal'`, bridgeName, port, mac)
_, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[ovs] Adding DNAT rule failed with error %v", err)
logger.Error("Adding DNAT rule failed with", zap.Error(err))
return newErrorOvsctl(err.Error())
}
@ -182,7 +188,7 @@ func (o Ovsctl) AddFakeArpReply(bridgeName string, ip net.IP) error {
macAddrHex := strings.Replace(defaultMacForArpResponse, ":", "", -1)
ipAddrInt := common.IpToInt(ip)
log.Printf("[ovs] Adding ARP reply rule for IP address %v ", ip.String())
logger.Info("Adding ARP reply rule for IP", zap.String("address", ip.String()))
cmd := fmt.Sprintf(`ovs-ofctl add-flow %s arp,arp_op=1,priority=%d,actions='load:0x2->NXM_OF_ARP_OP[],
move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],mod_dl_src:%s,
move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[],move:NXM_OF_ARP_TPA[]->NXM_OF_ARP_SPA[],
@ -190,7 +196,7 @@ func (o Ovsctl) AddFakeArpReply(bridgeName string, ip net.IP) error {
bridgeName, high, defaultMacForArpResponse, macAddrHex, ipAddrInt)
_, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[ovs] Adding ARP reply rule failed with error %v", err)
logger.Error("[ovs] Adding ARP reply rule failed with", zap.Error(err))
return newErrorOvsctl(err.Error())
}
@ -201,17 +207,17 @@ func (o Ovsctl) AddArpReplyRule(bridgeName, port string, ip net.IP, mac string,
ipAddrInt := common.IpToInt(ip)
macAddrHex := strings.Replace(mac, ":", "", -1)
log.Printf("[ovs] Adding ARP reply rule to add vlan %v and forward packet to table 1 for port %v", vlanid, port)
logger.Info("Adding ARP reply rule to add vlan and forward packet to table 1 for port", zap.Int("vlanid", vlanid), zap.String("port", port))
cmd := fmt.Sprintf(`ovs-ofctl add-flow %s arp,arp_op=1,in_port=%s,actions='mod_vlan_vid:%v,resubmit(,1)'`,
bridgeName, port, vlanid)
_, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[ovs] Adding ARP reply rule failed with error %v", err)
logger.Error("Adding ARP reply rule failed with", zap.Error(err))
return newErrorOvsctl(err.Error())
}
// If arp fields matches, set arp reply rule for the request
log.Printf("[ovs] Adding ARP reply rule for IP address %v and vlanid %v.", ip, vlanid)
logger.Info("Adding ARP reply rule for IP", zap.Any("address", ip), zap.Int("vlanid", vlanid))
cmd = fmt.Sprintf(`ovs-ofctl add-flow %s table=1,arp,arp_tpa=%s,dl_vlan=%v,arp_op=1,priority=%d,actions='load:0x2->NXM_OF_ARP_OP[],
move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],mod_dl_src:%s,
move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[],move:NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[],
@ -219,7 +225,7 @@ func (o Ovsctl) AddArpReplyRule(bridgeName, port string, ip net.IP, mac string,
bridgeName, ip.String(), vlanid, high, mac, macAddrHex, ipAddrInt)
_, err = o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[ovs] Adding ARP reply rule failed with error %v", err)
logger.Error("Adding ARP reply rule failed with", zap.Error(err))
return newErrorOvsctl(err.Error())
}
@ -240,7 +246,7 @@ func (o Ovsctl) AddMacDnatRule(bridgeName, port string, ip net.IP, mac string, v
}
_, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[ovs] Adding MAC DNAT rule failed with error %v", err)
logger.Error("Adding MAC DNAT rule failed with", zap.Error(err))
return newErrorOvsctl(err.Error())
}
@ -252,14 +258,14 @@ func (o Ovsctl) DeleteArpReplyRule(bridgeName, port string, ip net.IP, vlanid in
bridgeName, port)
_, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[net] Deleting ARP reply rule failed with error %v", err)
logger.Error("[net] Deleting ARP reply rule failed with", zap.Error(err))
}
cmd = fmt.Sprintf("ovs-ofctl del-flows %s table=1,arp,arp_tpa=%s,dl_vlan=%v,arp_op=1",
bridgeName, ip.String(), vlanid)
_, err = o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[net] Deleting ARP reply rule failed with error %v", err)
logger.Error("[net] Deleting ARP reply rule failed with", zap.Error(err))
}
}
@ -268,7 +274,7 @@ func (o Ovsctl) DeleteIPSnatRule(bridgeName, port string) {
bridgeName, port)
_, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("Error while deleting ovs rule %v error %v", cmd, err)
logger.Error("Error while deleting ovs rule", zap.String("cmd", cmd), zap.Error(err))
}
}
@ -285,7 +291,7 @@ func (o Ovsctl) DeleteMacDnatRule(bridgeName, port string, ip net.IP, vlanid int
_, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[net] Deleting MAC DNAT rule failed with error %v", err)
logger.Error("[net] Deleting MAC DNAT rule failed with", zap.Error(err))
}
}
@ -294,7 +300,7 @@ func (o Ovsctl) DeletePortFromOVS(bridgeName, interfaceName string) error {
cmd := fmt.Sprintf("ovs-vsctl del-port %s %s", bridgeName, interfaceName)
_, err := o.execcli.ExecuteCommand(cmd)
if err != nil {
log.Printf("[ovs] Failed to disconnect interface %v from bridge, err:%v.", interfaceName, err)
logger.Error("Failed to disconnect interface", zap.String("from", interfaceName), zap.Error(err))
return newErrorOvsctl(err.Error())
}

2
cni/log/logger_linux.go → zaplog/logger_linux.go
Просмотреть файл

@ -1,4 +1,4 @@
package log
package zaplog
const (
// LogPath is the path where log files are stored.

2
cni/log/logger_windows.go → zaplog/logger_windows.go
Просмотреть файл

@ -1,4 +1,4 @@
package log
package zaplog
const (
// LogPath is the path where log files are stored.

18
zaplog/zaplog.go
Просмотреть файл

@ -14,6 +14,24 @@ type Config struct {
Name string
}
const (
maxLogFileSizeInMb = 5
maxLogFileCount = 8
)
var (
loggerName string
loggerFile string
)
var LoggerCfg = Config{
Level: zapcore.DebugLevel,
LogPath: loggerFile,
MaxSizeInMB: maxLogFileSizeInMb,
MaxBackups: maxLogFileCount,
Name: loggerName,
}
func InitZapLog(cfg *Config) *zap.Logger {
logFileWriter := zapcore.AddSync(&lumberjack.Logger{
Filename: cfg.LogPath,