config

package
v1.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 21, 2022 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// Invalid ofport_request number is in range 1 to 65,279. For ofport_request number not in the range, OVS
	// ignore the it and automatically assign a port number.
	// Here we use an invalid port number "0" to request for automatically port allocation.
	AutoAssignedOFPort = 0
	DefaultTunOFPort   = 1
	HostGatewayOFPort  = 2
	UplinkOFPort       = 3
	// 0xfffffffe is a reserved port number in OpenFlow protocol, which is dedicated for the Bridge interface.
	BridgeOFPort = 0xfffffffe
)
View Source
const (
	VXLANOverhead     = 50
	GeneveOverhead    = 50
	GREOverhead       = 38
	WireGuardOverhead = 80
	// IPsec ESP can add a maximum of 38 bytes to the packet including the ESP
	// header and trailer.
	IPSecESPOverhead  = 38
	IPv6ExtraOverhead = 20
)

Variables

View Source
var (
	// VirtualServiceIPv4 / VirtualServiceIPv6 are used in the following situations:
	// - Use the virtual IP to perform SNAT for packets of Service from Antrea gateway and the Endpoint is not on
	//   local Pod CIDR or any remote Pod CIDRs. It is used in OVS flow of table serviceConntrackCommitTable.
	// - Use the virtual IP to perform DNAT for packets of NodePort on host. It is used in iptables rules on host.
	// - Use the virtual IP as onlink routing entry gateway in host routing entry.
	// - Use the virtual IP as destination IP in host routing entry. It is used to forward DNATed NodePort packets
	//   or replied SNATed Service packets back to Antrea gateway.
	// - Use the virtual IP for InternalIPAddress parameter of Add-NetNatStaticMapping.
	//   The IP cannot be one used in the network, and cannot be within the 169.254.1.0 - 169.254.254.255 range
	//   according to https://datatracker.ietf.org/doc/html/rfc3927#section-2.1
	VirtualServiceIPv4 = net.ParseIP("169.254.0.253")
	VirtualServiceIPv6 = net.ParseIP("fc01::aabb:ccdd:eeff")
)

Functions

func IsIPv4Enabled

func IsIPv4Enabled(nodeConfig *NodeConfig, trafficEncapMode TrafficEncapModeType) bool

IsIPv4Enabled returns true if the cluster network supports IPv4.

func IsIPv6Enabled

func IsIPv6Enabled(nodeConfig *NodeConfig, trafficEncapMode TrafficEncapModeType) bool

IsIPv6Enabled returns true if the cluster network supports IPv6.

Types

type AdapterNetConfig

type AdapterNetConfig struct {
	Name       string
	Index      int
	MAC        net.HardwareAddr
	IP         *net.IPNet
	Gateway    string
	DNSServers string
	Routes     []interface{}
}

type EgressConfig added in v1.4.0

type EgressConfig struct {
	ExceptCIDRs []net.IPNet
}

type GatewayConfig

type GatewayConfig struct {
	// Name is the name of host gateway, e.g. antrea-gw0.
	Name string

	IPv4 net.IP
	IPv6 net.IP
	MAC  net.HardwareAddr
	// LinkIndex is the link index of host gateway.
	LinkIndex int
}

func (*GatewayConfig) String

func (g *GatewayConfig) String() string

type NetworkConfig

type NetworkConfig struct {
	TrafficEncapMode      TrafficEncapModeType
	TunnelType            ovsconfig.TunnelType
	TrafficEncryptionMode TrafficEncryptionModeType
	IPSecPSK              string
	TransportIface        string
	TransportIfaceCIDRs   []string
}

NetworkConfig includes user provided network configuration parameters.

func (*NetworkConfig) NeedsDirectRoutingToPeer added in v1.3.0

func (nc *NetworkConfig) NeedsDirectRoutingToPeer(peerIP net.IP, localIP *net.IPNet) bool

NeedsDirectRoutingToPeer returns true if Pod traffic to peer Node needs a direct route installed to the routing table.

func (*NetworkConfig) NeedsTunnelToPeer added in v1.3.0

func (nc *NetworkConfig) NeedsTunnelToPeer(peerIP net.IP, localIP *net.IPNet) bool

NeedsTunnelToPeer returns true if Pod traffic to peer Node needs to be encapsulated by OVS tunneling.

type NodeConfig

type NodeConfig struct {
	// The Node's name used in Kubernetes.
	Name string
	// The name of the OpenVSwitch bridge antrea-agent uses.
	OVSBridge string
	// The name of the default tunnel interface. Defaults to "antrea-tun0", but can
	// be overridden by the discovered tunnel interface name from the OVS bridge.
	DefaultTunName string
	// The CIDR block from which to allocate IPv4 address to Pod.
	// It's nil for the networkPolicyOnly trafficEncapMode which doesn't do IPAM.
	PodIPv4CIDR *net.IPNet
	// The CIDR block from where to allocate IPv6 address to Pod.
	// It's nil for the networkPolicyOnly trafficEncapMode which doesn't do IPAM.
	PodIPv6CIDR *net.IPNet
	// The Node's IPv4 address used in Kubernetes. It has the network mask information.
	NodeIPv4Addr *net.IPNet
	// The Node's IPv6 address used in Kubernetes. It has the network mask information.
	NodeIPv6Addr *net.IPNet
	// The name of the Node's transport interface. The transport interface defaults to the interface that has the K8s
	// Node IP, and can be overridden by the configuration parameters TransportInterface and TransportInterfaceCIDRs.
	NodeTransportInterfaceName string
	// The IPv4 address on the Node's transport interface. It is used for tunneling or routing the Pod traffic across Nodes.
	NodeTransportIPv4Addr *net.IPNet
	// The IPv6 address on the Node's transport interface. It is used for tunneling or routing the Pod traffic across Nodes.
	NodeTransportIPv6Addr *net.IPNet
	// The original MTU of the Node's transport interface.
	NodeTransportInterfaceMTU int
	// Set either via defaultMTU config in antrea.yaml or auto discovered.
	// Auto discovery will use MTU value of the Node's primary interface.
	// For Encap and Hybrid mode, Node MTU will be adjusted to account for encap header.
	NodeMTU int
	// The config of the gateway interface on the OVS bridge.
	GatewayConfig *GatewayConfig
	// The config of the OVS bridge uplink interface. Only for Windows Node.
	UplinkNetConfig *AdapterNetConfig
	// The config of the WireGuard interface.
	WireGuardConfig *WireGuardConfig
	// The config of the Egress interface.
	EgressConfig *EgressConfig
}

Local Node configurations retrieved from K8s API or host networking state.

func (*NodeConfig) String

func (n *NodeConfig) String() string

type TrafficEncapModeType

type TrafficEncapModeType int
const (
	TrafficEncapModeEncap TrafficEncapModeType = iota
	TrafficEncapModeNoEncap
	TrafficEncapModeHybrid
	TrafficEncapModeNetworkPolicyOnly
	TrafficEncapModeInvalid = -1
)

func GetTrafficEncapModeFromStr

func GetTrafficEncapModeFromStr(str string) (bool, TrafficEncapModeType)

GetTrafficEncapModeFromStr returns true and TrafficEncapModeType corresponding to input string. Otherwise, false and undefined value is returned

func GetTrafficEncapModes

func GetTrafficEncapModes() []TrafficEncapModeType

func (TrafficEncapModeType) IsNetworkPolicyOnly

func (m TrafficEncapModeType) IsNetworkPolicyOnly() bool

IsNetworkPolicyOnly returns true if TrafficEncapModeType is network policy only.

func (TrafficEncapModeType) String

func (m TrafficEncapModeType) String() string

String returns value in string.

func (TrafficEncapModeType) SupportsEncap

func (m TrafficEncapModeType) SupportsEncap() bool

SupportsEncap returns true if TrafficEncapModeType supports encap.

func (TrafficEncapModeType) SupportsNoEncap

func (m TrafficEncapModeType) SupportsNoEncap() bool

SupportsNoEncap returns true if TrafficEncapModeType supports noEncap.

type TrafficEncryptionModeType added in v1.3.0

type TrafficEncryptionModeType int
const (
	TrafficEncryptionModeNone TrafficEncryptionModeType = iota
	TrafficEncryptionModeIPSec
	TrafficEncryptionModeWireGuard
	TrafficEncryptionModeInvalid = -1
)

func GetTrafficEncryptionModeFromStr added in v1.3.0

func GetTrafficEncryptionModeFromStr(str string) (bool, TrafficEncryptionModeType)

GetTrafficEncryptionModeFromStr returns true and TrafficEncryptionModeType corresponding to input string. Otherwise, false and undefined value is returned

func GetTrafficEncryptionModes added in v1.3.0

func GetTrafficEncryptionModes() []TrafficEncryptionModeType

func (TrafficEncryptionModeType) String added in v1.3.0

func (m TrafficEncryptionModeType) String() string

String returns value in string.

type WireGuardConfig added in v1.3.0

type WireGuardConfig struct {
	// Name is the name of WireGurad interface. e.g. antrea-wg0.
	Name string
	// LinkIndex is the link index of WireGuard interface.
	LinkIndex int
	// Port is the port for the WireGuard to receive traffic.
	Port int
	// The MTU of WireGuard interface.
	MTU int
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL