* Move network utils functions with iptables to new file
* Add receiver to iptables and create interface
* Resolve conflicts from rebasing
* Add changes for building on windows
* Address linter issues
* Address windows linter issues
* Invert if condition for linter nesting
* Scope iptables interfaces to package
* Rename iptables client to avoid stuttering
* Move EnableIPForwarding to snat linux
* Rename ipTablesClientInterface to ipTablesClient
* Address linter issues from moving enable ip forwarding function
* Rename after rebase
* Add vm and vnet ns block wireserver port 80 rule
* Use existing variable for known ip
* Move code to networkutils
* Address feedback
* Address iptables version feedback
* Address protocol and format feedback
* Add comments
* Remove cidr in case ipv6 is used
* Make initial changes to enable forwarding
Reuse existing code to enable ip forwarding
Add forwarding message
Add transparent vlan config to dropgz
Add enable ip forward to each network namespace for redundancy
* Add general run with retries function
* Migrate existing code to use retry function
* Add retries for checking of vnet and container veth creation
* Add preliminary repair item fixes
* Clarify log message
* Fix unit tests, move ensure clean populate vm to add endpoints, remove ip forwarding fix as it is in other branch
* Move setting link netns and confirmation to function
* Add tests for setLinkNetNSAndConfirm
* Address linter issues
* Add vm ns to vnet namespace log statement
* Fix after rebasing in swift refactoring changes from master
* Address feedback and check error message
* Address feedback
* Address linter issue
* Address log feedback
* Address feedback by asserting any error is an interface not found error
* set constant mac for host veth interface
* fixed a race issue in transparent-vlan where delete can happen after add and removes route add by ADD call
* moved log to place where its executed
* enable proxy arp on bridge to allow public connectivity from apipa interface
* validate newly created namespace is not same as host namespace
* addressed comments and added UTs
* fixed cni delete call for linux multitenancy
* lint fixes
* windows lint fixes
* lint fixes
* fix issues with network namespace creation and vlan interface creation
* Removed deletehostveth flag and delete host veth on delete endpoint trigger
* lint fix
* address comment
* deletion of host veth interface on error in transparent_vlan mode
* fixed a typo character
* Fix lint issues
* Windows lint fix
* Windows lint fix
* add netio import
* Fixed newly added ut
* reverting pre-push change
* fix a typo
* Adding constant hardware address to the veth
* update the variable and error log message
* Removing the shadow variable
* Removing the shadow variable
* Adding the hardware ad address while endpoint creation
* Refactoring based on the comments
* Updated based on comments
* removing merge conflicts
* update the function parameter
* Addressing comments
* go lint errors
* updating the IPAddr variable
* updating the state to NUD PROBE for transparent endpoint
Co-authored-by: root <root@DESKTOP-IS3TR2T.redmond.corp.microsoft.com>
* Disabled rp filter to enable packet tunneling
Tests ok (all basic functionality, 2 VMs, NS, delete, add)
* Added tests
* Typo
* Typo
* No need to disable rp filter in VM NS
* Native Endpoint Client Add Endpoints
* AddEndpointRules, ConfigureContainerInterfacesAndRoutes
* Changed interface names, log statements
nw.extIf.Name > eth0 (eth0)
eth0.vlanid > eth0.X (eth0.1)
%s%s hostIfName > vnet (A1veth0)
%s%s-2 contIfName > container (B1veth0)
* Renaming, using lib to set ns
* Namespace "path" is /var/run/netns/<NS>
* Loopback set up, Remove auto kernel subnet route
* Cannot set link to up if it's in another NS
* Multiple containers on same VNET NS
* Delete Endpoint routes on Delete
* Minimizing netns usage
* Moving NS Exec Code
* Further minimized netns.Set usage
* Moved helper methods down, drafted tests
* Removed DevName from Route Info, more tests
* Test existing vnet ns, delete endpoint
* NetNS interface for testing
* Separated tests by namespace
* Endpoints delete if they cannot be moved into NS
* Namespace netns tests
* Added Native Client to deleteEndpointImpl
* Deletion of Endpoints Impl and Tests
* Cleaned code (Tests ok)
* Moved mock/netns to package (Tests ok)
* Fixing Netns (wip)
Moved netnsinterface to consumer package (network).
Removed "Netns" from "NewNetns" and "NewMockNetns" as it is unambiguous.
Changed uintptr to int and casted the int to uintptr when needed later.
* Using errors.Wrap for error context (wip)
* Removed sentence case (wip)
* Removing variable predeclaration
* Removed NewNativeEndpointClient
Directly instantiating struct because nothing special happens in NewNativeEndpointClient
* Removed generics from ExecuteInNS
* Removed uintptr from mocknetns, tests compile
Forgot to remove uintptr from mocknetns
* Fix tests, lint
* Fixes from linter
Works on VMSS
* Replacing references to ethX with vlan veth
* Removed unnecessary log
* Removed unnecessary mac, fix tests
* Mockns method name enum
* Unable to use GetNetworkInterfaceByName due to NS
If I use GetNetworkInterface, I need to be in the vnet NS, but that means I will need to call ExecuteInNS, which causes tests to fail.
* Fixes from linter
* Assume if NS exists, vlan veth exists
Tests ok
* Fixes for Linter
* Snat refactor
* Fix delete tests
* Fix delete tests bug
* More snat refactor
* Breaking, prepping for Native Snat
Delete native endpoint snat route linux to remove errors and in theory, ovs should work fine again.
* Go mod tidy for linting
Hopefully this fixes the windows lint error
* Add fields to native endpoint client for snat
* Using New() func to create Native Client
Creation of the native endpoint client is too complicated to directly instantiate.
* Snat defaults
* Insert SNAT entry points
* Native Snat error handling
* Breaking, decouple ovsctl from snat
Proposed Solution implementation
Moved ovsctlClient.AddPortOnOVSBridge to ovs_endpoint_snatroute_linux.go. Removed ovsctlclient from NewSnatClient. Removed ovsctlClient from testing file.
* Delete unecessary ovssnat files
* No lint on vishvananda netns
Maybe this will fix the windows linter?
* Build linux only for netns package
Maybe this fixes the linter error?
* Remove nolint to see if linter fails
* Breaking, removed bridgeName
bridgeName refers to the OVS Switch I believe
* If native uses snat bridge, should also get IP
* Breaking, Decouple or Wrap snat route
* Check to see if snat triggered
* Snat behaviors specific to ovs/native
* Pass the pointer
Add/Delete ok
* Renaming to make consts public
* Breaking, moving ovs specific parts of snat to ovs
* Remove enable infra vnet (Tests ok)
Tested:
Allow Host to NC only
Allow NC to Host only
Allow both
Wget
Ping between containers
Warning: Enable snat is still hard coded to true!!!
* Move add port to after exists() check
* Moved netns interface to caller, generalized tests
Tests ok, Native ok
* Typos
* Reordered if statement, unwrapped arp
Tests ok, ping ok, wget ok
* Linted, wrapping errors
* Go fumpt entire network package
* Code markers removed, clean (Tests ok)
OVS & Native:
- Ping between two containers same VM, no packets on bridge
- Ping between two containers diff VM, no packets on bridge
- Ping other container not in vnet, no packets on bridge
- Ping snat to container, packets on bridge
- Ping container to snat, packets on bridge
- Tcpdump confirmed on azSnatBr
- Deletion of containers deletes appropriate interfaces
* Renamed veth, fixed logs
* Made deleteEndpoints logic clearer, renamed error
* Renamed eth0 to primaryHostIfName, vlanEth to vlanIf
* Deleted debug log
* Corrected merge (hardware addr) (Tests ok)
* Renamed vlan veth to hostExtIf_vlanID, Disabled RA
eth0.2 makes disable RA look for a folder eth0 and then another sub folder "2". ("eth0/2") However, it should look for a folder named "eth0.2" literally. To solve this, we change the naming scheme to use an underscore instead. (Tests ok)
* Renamed Native to TransparentVlan
Confirmed basic functionality on VM with correct mode
* Make file updated
* Create azure-windows-multitenancy-transparent-vlan.conflist
* Unified snat err format
* Rename to transparent-vlan
* Route table support added to local netlink
* Moved SNAT to end of function
* Defer deleting vlan interface on failure
QxBytes
Jaeryn
Paul Yu
tamilmani1989
Vipul Singh