flannel: set up route for the entire flannel network
Without it, packets leave via default route iface and come back via interface added by flannel plugin. If rp_filter=1, the packets are dropped.
This commit is contained in:
Eugene Yakubovich
parent
8c8753e409
commit
e38572b967
@ -45,6 +45,7 @@ type NetConf struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type subnetEnv struct {
|
type subnetEnv struct {
|
||||||
|
nw *net.IPNet
|
||||||
sn *net.IPNet
|
sn *net.IPNet
|
||||||
mtu uint
|
mtu uint
|
||||||
ipmasq bool
|
ipmasq bool
|
||||||
@ -73,6 +74,12 @@ func loadFlannelSubnetEnv(fn string) (*subnetEnv, error) {
|
|||||||
for s.Scan() {
|
for s.Scan() {
|
||||||
parts := strings.SplitN(s.Text(), "=", 2)
|
parts := strings.SplitN(s.Text(), "=", 2)
|
||||||
switch parts[0] {
|
switch parts[0] {
|
||||||
|
case "FLANNEL_NETWORK":
|
||||||
|
_, se.nw, err = net.ParseCIDR(parts[1])
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
case "FLANNEL_SUBNET":
|
case "FLANNEL_SUBNET":
|
||||||
_, se.sn, err = net.ParseCIDR(parts[1])
|
_, se.sn, err = net.ParseCIDR(parts[1])
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -189,9 +196,14 @@ func cmdAdd(args *skel.CmdArgs) error {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
n.Delegate["ipam"] = map[string]string{
|
n.Delegate["ipam"] = map[string]interface{}{
|
||||||
"type": "host-local",
|
"type": "host-local",
|
||||||
"subnet": fenv.sn.String(),
|
"subnet": fenv.sn.String(),
|
||||||
|
"routes": []plugin.Route{
|
||||||
|
plugin.Route{
|
||||||
|
Dst: *fenv.nw,
|
||||||
|
},
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
return delegateAdd(args.ContainerID, n.Delegate)
|
return delegateAdd(args.ContainerID, n.Delegate)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user