* add accelnet support for CNI
* add uts for AccelnetNIC on CNI
* add more uts
* fix an ut
* fix uts
* add ut to endpoint_test
* add endpoint impl test cases for accelnet
* gofummpt windows test
* fix logic of accelnet
* fix logic of accelnet
* modify uts
* remove an ut
* fix one ut issue
* accelnet interface should set default route
* fix some uts
* remove an ib ut
* fix comments
* fix comments and add uts
* add more uts
* fix an linter issue
* fix comments
* add comment for iov flag
* fix comments
* add endpoint deletion
* add HNSV2 check
* add UT to make sure endpoint and networ deletion called
* add a new test to make infraNIC network is not deleted
* add errMsg
* fix error msg
* add windows test cases for endpoint state deletion
* fix linter issue
* fix a linter issue
* remove hardcode hcniov flag
* comments fix
* add uts for transparent network deletion
* fix comment when hns id is empty
* fix the UT when hns id is empty
* skip linter issue
* change the delegatedVMNIC to NodeNetworkInterfaceFrontendNIC
* fix an ut
* fix add accelnet policy setting ut
* removed cni read config log
* removed duplicated and spam logs
* addressed comment
* commit
* reverting back to old permission
* revert files baxck to original state
* addressing hunter comments
* added dsr changes for windows
* fixed lint and added unit test
removed unused error
* skip adding dsr policy for hnsv1
* addressed comments
lint fix
* fixed windows uts
Fixes#1002
Allow the cni plugin to marshall and apply L4WFPProxyPolicy
to Windows endpoints.
Tested on Kubernetes v1.19 with AKS-engine and docker/containerd runtime
Signed-off-by: Sotiris Nanopoulos <sonanopo@microsoft.com>
* For HnsV2 we will only add outbound nat policy for single tenant scenario or if enableSnatForDns is true.
* adding comments to detail results of determineSnat func
Co-authored-by: Jaeryn <tsun.chu@microsoft.com>
* Save enable snat on host settings after querying NMagent version
* Adding changes to exclude outbound snat for win cni if new NMAgent is running
* try to acquire lock file when writing to disableSnatOnHost.json
* addressed some of Tamilmani's comments
* Adding snat for DNS if current NMAgent does not support it yet
* Adding DNS NAT changes for Windows CNI
* vendoring HCSShim changes that support destination based SNATing
* Reverting k8s.io/api dependencies from master branch to last working version
* Addressing Tamilmani's comments
* syncing with an older version of k8s.io dependencies
* verify valid windows version before Dns NAT.
* only remove snat on windows when host has full support
* addressing Tamilmani's comments
* addressing Tamilmani's comments
* rebased and re-depped
* configure dnssuffix & dnsServerList
* add dns info to conflist
* change case for dns info
* remove hardcoding
* remove hardcoding
* parse k8s pod info
* add AdditionalArgs and Dns info to conflist
* serialize policies
* program route info
* start addressign ipam ip leak
* fix 1) ip inconsistency in k8s & pod. 2) IP leak in IPAM.
* remove comments
* separate windows & linux
* remove dnsServers
* remove comments
* address comments
* add dns verification
* abstract linux policy struct
* remove setPolicies
* separte Windows & Linux code
* change package
* add policy structure to Linux
* move policy code to policy.go
* fix network_linux func signature
* restructure policy pkg
* configure dnssuffix & dnsServerList
* add dns info to conflist
* change case for dns info
* remove hardcoding
* remove hardcoding
* parse k8s pod info
* add AdditionalArgs and Dns info to conflist
* serialize policies
* program route info
* start addressign ipam ip leak
* fix 1) ip inconsistency in k8s & pod. 2) IP leak in IPAM.
* remove comments
* separate windows & linux
* remove dnsServers
* remove comments
* address comments
* add dns verification
* abstract linux policy struct
* remove setPolicies
Paul Yu
tamilmani1989
tamilmani1989
Jaeryn
Sotiris Nanopoulos
Evan Baker
Ashvin Deodhar
Adelina Tuvenie
vivekagg-MSFT
Ashvin Deodhar
Yongli Chen