The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil. This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
* added lockedfileapi support for CNI
* fixed interface changes
* addressed comments
fixed ut
* addressed comments
* fixed copy to buffer part in writer api
* fixed copy to buffer part in writer api
* keeping old code not changing it.
* Initial pass at Netlink interface
* changing some netlink and epc
* Resolcing all dependencies on netlink package
* first pass at adding a netlinkinterface
* windows working now
* feat: update cns client (#992)
* fix debug commands
Signed-off-by: Evan Baker <rbtr@users.noreply.github.com>
* fix: update cns client
Signed-off-by: Evan Baker <rbtr@users.noreply.github.com>
* add ctx to debug calls
Signed-off-by: Evan Baker <rbtr@users.noreply.github.com>
* repackage cns client
Signed-off-by: Evan Baker <rbtr@users.noreply.github.com>
* add ctx to all methods and preinit all route urls
Signed-off-by: Evan Baker <rbtr@users.noreply.github.com>
* down-scope cns client interface and move to consumer packages
Signed-off-by: Evan Baker <rbtr@users.noreply.github.com>
* no unkeyed struct literals
Signed-off-by: Evan Baker <rbtr@users.noreply.github.com>
* trace updated client method signatures out through windows paths
* delint
Signed-off-by: Evan Baker <rbtr@users.noreply.github.com>
* fix windows build
Signed-off-by: Evan Baker <rbtr@users.noreply.github.com>
* delint
Signed-off-by: Evan Baker <rbtr@users.noreply.github.com>
* windows working now
* Some golints checks
* commenting a flaky NPM UT and adding some golint checks
* renaming fakenetlink to mocknetlink
* removing a mock netlink usage
* fixing more golints and a test fix
* fixing more go lints
* Adding in netlink from higher level as input
* adding netlinkinterface to windows endpoint impl
* removing netlink name confusion
Co-authored-by: Evan Baker <rbtr@users.noreply.github.com>
Co-authored-by: Vamsi Kalapala <vakr@microsoft.com>
Co-authored-by: Evan Baker <rbtr@users.noreply.github.com>
* disable cleaning up hns network and state files from windows cni
* fixed uts
* fixed ut
* remove the ut which is not needed anymore
* addressed comments
* updated same pattern for cnm
* added comments
* addressed comments
* removed lock for version command
* updated variable name
* catch and return error on lock
* added log for release lock file
* separated out lock and store initialization
* addressed comments
* inital dump state and ipam interface update
* add reconcile command to CNI
* add integration test
* pass endpoint id on add
* address some feedback
* fix test path and linting
* address feedback and logging
* remove return and rename to PodEndpointID
* Modify CNI for windows baremetal scenario in Azure
* Fix the CNI result for baremetal case
* Addressed PR comments from Tamilmani and Ramiro
* Remove azure-telemetry.exe from cni-baremetal package
* Fix formatting in logging
* Addressed Ramiro's PR review comments
* Formatting fix in printf
Co-authored-by: VK <abc@gmail.com>
* write to temp file and move to state file
* fixed memleak and other issues
* call windows replace function with MOVEFILE_WRITE_THROUGH flag
* moved few functions to platform package
* moved test files to correct dir
* addressed comments
CNI is some cases is unable to talk to CNS. This can happen, CNS crashing or race between start/CNI getting invoked.
Currently if this communication errrs out on DEL calls, CNI will silently ignore the error. Container runtime assumes everything went fine and deletes the container. But the HNS endpoints are still there on the host result into them being orphaned. If a container with similar configuration is placed on the host , then ADD call will fail with object already exists error.
Please note, CNI DEL are supposed to be idempotent, and should generally handle the resource not found/exist error elegantely without any error.
* For HnsV2 we will only add outbound nat policy for single tenant scenario or if enableSnatForDns is true.
* adding comments to detail results of determineSnat func
Co-authored-by: Jaeryn <tsun.chu@microsoft.com>
* Added else if to catch empty messages
* Stopped sending empty messages to AI telemetry for CNI
* Removing cni prefix from log messages
* Reverting go.sum change back to what it was before
* Adding check for empty messages before sending metric
* Moving empty message check before cnimetric initialization
* Added EB rule for ip addresses in conflist for linux
* Made methods more generic and removed line from endpoint struct
* Adding log statement
* Fixed syntax error
* Made review2 changes
* Made review3 changes
* Made method lowercase
log.SetTarget creates the log file under log directory using golang os package. Whenever code sets the log directory, it needed to call SetTarget to create the actual log file under that directory. In the recent logger changes, InitLogger by default set the log directory to the current folder. This created the log file in the current folder. The code then set the log directory to a different location without a subsequent call to log.SetTarget. This resulted into the logger to not find the actual log file in the set log directory.
This fix updates the logger InitLogger function to accept the log directory to create the file in correct log directory. To avoid having such issue, this fix also combines the function calls to set log directory and set target into a single function. This prevents any out of order calls resulting into such issue.
* Added AITelemetry support for CNI
* added new files
* added other configs in config file
* fixed ut
* updated disableall similar to cns
* added container name to report
* addressed review comments
* addressed review comments
* added check for azure environment
* added log
* close log handle in unit test
* addressed review comments
* addressed review comments
* fixed a condition
* keep the netagent channel for logs
* fixed error
* addressed review comments
* added config option for disabling iptable lock
* added log for iptable and ebtable version
* moved logging dependency package details to platform specific file
enableExactMatchForPodName flag is missing in the multitenancy config
for windows. This changes adds this missing flag in the config.
Default set to true
* added removeorphanlockfile function
* remove lock file if process holding that exited
* addressed comments
* addressed comments and added a condition to check get process cmd is supported
* Addressed comments
fixed trim line ending
* updated log
* Save enable snat on host settings after querying NMagent version
* Adding changes to exclude outbound snat for win cni if new NMAgent is running
* try to acquire lock file when writing to disableSnatOnHost.json
* addressed some of Tamilmani's comments
* Adding snat for DNS if current NMAgent does not support it yet
* Adding DNS NAT changes for Windows CNI
* vendoring HCSShim changes that support destination based SNATing
* Reverting k8s.io/api dependencies from master branch to last working version
* Addressing Tamilmani's comments
* syncing with an older version of k8s.io dependencies
* verify valid windows version before Dns NAT.
* only remove snat on windows when host has full support
* addressing Tamilmani's comments
* addressing Tamilmani's comments
* rebased and re-depped
This PR adds support for host NC bidirectional communication with windows HnsV2. This is supported in multitenant scenario only. AllowHostToNCCommunication and AllowNCToHostCommunication flags are used to enable Host to NC and NC to host communication respectively.
* allow inbound connection to container from host if the feature is enabled
* Allowinbound from host to NC if flag is enabled
* fixed old changes
* minor fixes
* added NC to host commn support
* added NCToHostCommunication field in cns contract
* addressed review comments
* addressed review comments
* addressed review comments
* address comments
* fixed space damage
* change telemetry to message queue and add npm
* remove [Azure-NPM] prefix
* remove npmreport url
* fair scheduling
* holds up to 1k reports for each type
* fix cap on reports
* Pass CNS server url when invoking CNI during add/del call in windows and update call in linux.
* Addressing Tamilmani's comments.
* Forgot to fix linux side of networkcontainers_linux.go
* Enabling exact match for pod name in attach/detach containertonetwork APIs.
* Returning the correct error when invoking Cni.
* Checking if orchestrator is Batch for attach/detach network calls.
* Moving similar lines for NewNetPluginConfiguration into a single function.
* Removing CNI configuration manipulation in CNS.
* Addressing Tamilmani's comments.
* Addressing Vivek's comments.
* Addressing Tamilmani's comments.
* Addressing Vivek's comment.
* Addressing Tamilmani's comments.
* Spawn telemetry buffer in a separate process instead of goroutine.
* Adding an option to disable telemetry.
* Addressing some of Tamilmani's comments.
* 1. Start telemetry service as separate process for all components cns/networkmonitor
2. Added telemetry config through which we can configure reportTohost interval
3. Added unit tests for changes
* added new files for telemetry testing
* added tests for invalid cases
* updated with dummy subid
* fixed logging part of telemetry
* fixed an issue
* added more test coverage
* fixed an issue
* fixed invalid condition and added UT
* initialize telemetry logger as part of telemetry server
* changed checkifsockexists to sockexists
* changed interval time to push telemetry data to host
* Add dns capabilities to allow for custom dns in Windows
Co-authored-by: James Sturtevant <jstur@microsoft.com>
* Move customDNS logic for Windows into network_windows.go and update link for RuntimeDNSConfig
Co-authored-by: James Sturtevant <jstur@microsoft.com>
* Concatenate the elements of DNS.Searches
* 1. fix for closing telemetry socket in cni
2. fix for closing connection socket if server receives error on read
* added uts and addressed comments
* removed from slice after closing connection
Signed-off-by: John Howard <jhoward@microsoft.com>
- First, the store timeout is woefully low. Bumped to 20 seconds from 2 seconds.
This may fix https://github.com/Azure/azure-container-networking/issues/242#issuecomment-422701838
IMO, as only test code calls it non-blocked, why even have a block parameter to Lock()?
IMO also, why a timeout at all? They're always fraught with error and machine timing.
- Presence of a key should be checked using `raw, ok := hvs.data[key]`, not the current nil checked
- ErrKeyNotFound should be returned if the store file does not exist. It shouldn't ignore that error.
- Actually now reports if a timeout occurred correctly, along with non-block lock attempt when already locked.
- Serial pattern abuse in not always closing the lock file.
- Some golang correctness (errors should be lower case)
- go build ./... actually passes on Windows now - various compile errors previously.
- golang pattern conformance `if err:=<test>; err!=nil {....`
- Simplified timeout duration (no need for time.Duration(...))
* Adding telemetry report functions for DNC.
* Addressing Yongli's suggestions.
* commit to switch branches
* Adding some changes to npm due to telemetry change.
* Modifying tests for interface reports...
This PR adds the following capabilities
1. Support to create and connect containers to different Azure Vnets. Every VlanId corresponds to a different Azure Vnet.
2. SNAT support for containers to reach Internet using the container's host IP as the SNAT address.
Both the above options are controlled by the config parameters in Azure CNI.
* configure dnssuffix & dnsServerList
* add dns info to conflist
* change case for dns info
* remove hardcoding
* remove hardcoding
* parse k8s pod info
* add AdditionalArgs and Dns info to conflist
* serialize policies
* program route info
* start addressign ipam ip leak
* fix 1) ip inconsistency in k8s & pod. 2) IP leak in IPAM.
* remove comments
* separate windows & linux
* remove dnsServers
* remove comments
* address comments
* add dns verification
* abstract linux policy struct
* remove setPolicies
* separte Windows & Linux code
* change package
* add policy structure to Linux
* move policy code to policy.go
* fix network_linux func signature
* restructure policy pkg
Paul Johnston
Eng Zer Jun
tamilmani1989
Jaeryn
Mathew Merrick
Evan Baker
Matthew Long
msvik
aegal
Vamsi Kalapala
vivekagg-MSFT
Adelina Tuvenie
Ali Egal
PrIce Qian
shchen
Sathya Singh
Ashvin Deodhar
Vipul Hattiwale
Yongli Chen
Ashvin Deodhar
Michelle Cone
Tamilmani Manoharan
Sushant Sharma
erfrimod
John Howard
Sushant Sharma
Madhan Raj Mookkandy