ITQC/containernetworking-plugins
24
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 34 Wiki Activity
1,649 Commits 6 Branches 48 Tags
Commit Graph

87 Commits

Author SHA1 Message Date
Miguel Duarte Barroso
83fe87c5b0 build: consume specific tables/chains via go-nft 
This go-nft version allows its users to only read particular
tables/chains when invoking `ReadConfig`, instead of the entire ruleset.

This will make deleting rules from a large ruleset faster, thus speeding
up CNI DELs.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2175041

Signed-off-by: Miguel Duarte Barroso <mdbarroso@redhat.com>
 2023-04-20 10:08:18 +02:00
Casey Callendrello
bc5f3defe7 go.mod: bump all deps 
Bump all transitive and direct dependencies.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2023-04-04 16:31:14 +02:00
liornoy
23c2134110
Update ginkgo to v2 in go.mod, go.sum, vendor 
This commit updates ginkgo to v2.
Note that because ginkgo/v2 requires go1.18, it was
updated as well.

Signed-off-by: liornoy <lnoy@redhat.com>
Co-authored-by: Sascha Grunert <sgrunert@redhat.com>
 2023-02-13 21:15:18 +02:00
mmirecki
01d0031487 Tap plugin 
This PR adds a plugin to create tap devices.
The plugin adds a tap device to the container.

The plugin has a workaround for a golang netlink library
which does not allow for tap devices with no owner/group
to be created. When no tap owner/group is requested, the
plugin will fall back to using the ip tool for creating
the tap device. A fix to the golang netlink lib is pending.

Signed-off-by: mmirecki <mmirecki@redhat.com>
 2023-02-13 17:14:46 +01:00
dependabot[bot]
9a2f763345
build(deps): bump github.com/onsi/gomega from 1.24.2 to 1.26.0 
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.24.2 to 1.26.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.24.2...v1.26.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-13 10:23:59 +00:00
Matthieu MOREL
ec924a4be2 build(deps): bump github.com/safchain/ethtool to v0.2.0 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2023-01-09 18:17:27 +00:00
dependabot[bot]
b769956cf4 build(deps): bump github.com/containernetworking/cni from 1.0.1 to 1.1.2 
Bumps [github.com/containernetworking/cni](https://github.com/containernetworking/cni) from 1.0.1 to 1.1.2.
- [Release notes](https://github.com/containernetworking/cni/releases)
- [Commits](https://github.com/containernetworking/cni/compare/v1.0.1...v1.1.2)

---
updated-dependencies:
- dependency-name: github.com/containernetworking/cni
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2022-12-26 21:36:15 +00:00
dependabot[bot]
df141fc722 build(deps): bump github.com/coreos/go-systemd/v22 from 22.3.2 to 22.5.0 
Bumps [github.com/coreos/go-systemd/v22](https://github.com/coreos/go-systemd) from 22.3.2 to 22.5.0.
- [Release notes](https://github.com/coreos/go-systemd/releases)
- [Commits](https://github.com/coreos/go-systemd/compare/v22.3.2...v22.5.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-systemd/v22
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2022-12-26 21:36:15 +00:00
dependabot[bot]
35047644a8 build(deps): bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5 
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.16.4 to 1.16.5.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.4...v1.16.5)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2022-12-26 21:36:15 +00:00
dependabot[bot]
91b1a0e385 build(deps): bump github.com/godbus/dbus/v5 from 5.0.4 to 5.1.0 
Bumps [github.com/godbus/dbus/v5](https://github.com/godbus/dbus) from 5.0.4 to 5.1.0.
- [Release notes](https://github.com/godbus/dbus/releases)
- [Commits](https://github.com/godbus/dbus/compare/v5.0.4...v5.1.0)

---
updated-dependencies:
- dependency-name: github.com/godbus/dbus/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2022-12-26 21:36:15 +00:00
dependabot[bot]
648dd2e14c build(deps): bump github.com/vishvananda/netlink 
Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.2.0-beta to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/compare/v1.2.0-beta...v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2022-12-26 21:36:15 +00:00
dependabot[bot]
615420fa9f build(deps): bump github.com/alexflint/go-filemutex from 1.1.0 to 1.2.0 
Bumps [github.com/alexflint/go-filemutex](https://github.com/alexflint/go-filemutex) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/alexflint/go-filemutex/releases)
- [Commits](https://github.com/alexflint/go-filemutex/compare/v1.1...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/alexflint/go-filemutex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2022-12-26 21:36:15 +00:00
dependabot[bot]
90ed30a55a build(deps): bump github.com/Microsoft/hcsshim from 0.8.20 to 0.9.6 
Bumps [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) from 0.8.20 to 0.9.6.
- [Release notes](https://github.com/Microsoft/hcsshim/releases)
- [Commits](https://github.com/Microsoft/hcsshim/compare/v0.8.20...v0.9.6)

---
updated-dependencies:
- dependency-name: github.com/Microsoft/hcsshim
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2022-12-26 21:36:15 +00:00
dependabot[bot]
020b8db6ab build(deps): bump github.com/onsi/gomega from 1.15.0 to 1.24.2 
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.15.0 to 1.24.2.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.15.0...v1.24.2)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2022-12-26 21:36:15 +00:00
Dominique Martinet
f891722833 Update github.com/vishvananda/netlink to v1.2.0-beta 
Latest version fixes a segfault when used on some ppp setup

Signed-off-by: Dominique Martinet <dominique.martinet@atmark-techno.com>
 2022-04-27 10:58:34 +09:00
Casey Callendrello
152e7a48e4 go mod tidy 
Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2022-01-19 18:24:47 +01:00
Michael Zappa
5d073d690c plugins: replace arping package with arp_notify 
this replaces the arping package with the linux arp_notify feature.

Resolves: #588
Signed-off-by: Michael Zappa <Michael.Zappa@stateless.net>
 2022-01-06 20:53:54 -07:00
Matt Dupre
f1f128e3c9
Merge pull request #639 from EdDev/bridge-macspoofchk 
bridge: Add macspoofchk support
 2021-10-06 08:39:10 -07:00
Edward Haas
081ed44a1d bridge: Add macspoofchk support 
The new macspoofchk field is added to the bridge plugin to support
anti-mac-spoofing.
When the parameter is enabled, traffic is limited to the mac addresses
of the container interface (the veth peer that is placed in the
container ns).
Any traffic that exits the pod is checked against the source mac address
that is expected. If the mac address is different, the frames are
dropped.

The implementation is using nftables and should only be used on nodes
that support it.

Signed-off-by: Edward Haas <edwardh@redhat.com>
 2021-09-14 12:46:15 +03:00
Casey Callendrello
62952ffdac vendor: bump to libcni v1.0.1 
Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2021-09-07 15:43:54 +02:00
Casey Callendrello
0818512c7a vendor: bump all direct dependencies 
Just good hygiene.

Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2021-08-10 14:55:43 +02:00
Casey Callendrello
9b1666d489 vendor: bump to libcni v1.0 
Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2021-08-10 14:55:43 +02:00
Michael Cambria
d6bf1eac6c Update to lastest vendor/github.com/vishvananda/netlink 
Signed-off-by: Michael Cambria <mcambria@redhat.com>
 2021-05-05 11:17:59 -04:00
Casey Callendrello
33a29292da vendor: bump to libcni v1.0-rc1 
Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2021-05-04 17:45:44 -04:00
Sebastiaan van Stijn
2eac102887
go.mod: github.com/j-keck/arping v1.0.1 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:34 +02:00
Sebastiaan van Stijn
f4d2925220
go.mod: github.com/buger/jsonparser v1.1.1 
Fix CVE-2020-35381

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:32 +02:00
Sebastiaan van Stijn
c3d01539d5
go.mod: github.com/alexflint/go-filemutex v1.1.0 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:30 +02:00
Sebastiaan van Stijn
75b64e0f60
go.mod github.com/Microsoft/hcsshim v0.8.16 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:28 +02:00
Sebastiaan van Stijn
bc856372bb
go.mod: godbus/dbus/v5 v5.0.3, coreos/go-systemd v22.2.0 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:25 +02:00
Sebastiaan van Stijn
d2d89ddfad
go.mod: github.com/mattn/go-shellwords v1.0.11 
adds go module support, among others

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:23 +02:00
Sebastiaan van Stijn
59a6259f8c
go.mod: github.com/sirupsen/logrus v1.8.1 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:19 +02:00
Dan Williams
9e2430bb80 vendor: bump CNI to 1.0.0-pre @ 62e54113 
go get github.com/containernetworking/cni@62e54113f44a762923fd2ef3115cda92a2111ca2
go mod vendor
go mod tidy

Signed-off-by: Dan Williams <dcbw@redhat.com>
 2021-02-11 23:27:07 -06:00
Casey Callendrello
74a6b28a2c vendor: bump libcni 
Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2021-02-03 14:38:29 +01:00
toby lorne
23a1d90e0b deps: bump coreos/go-iptables 
Closes #544

The above issue describes a situation where using the bridge plugin
with IPv6 addresses prevented `DEL` from working correctly.

`DEL` seems to be failing in the body of `TeardownIPMasq`

This arises because:

* twice delete postrouting rules: `ipn.String()` `ipn.IP.String()` #279
* we are using a version of go-iptables which is bugged for v6

PR github.com/coreos/go-iptables/pull/74 describes why this does
not work. The error message is not being checked correctly.

Using a later version of go-iptables means that
* when the second `ipt.Delete` fails (this is okay)
* we will correctly interpret this as an non-fatal error
* `TeardownIPMasq` will not prematurely exit the method
* `ipt.ClearChain` now can run
* `ipt.DeleteChain` now can run

This explains why this was working for v4 but not v6

This commit was amended to include v0.5.0 instead of a pseudo-version
v0.4.6-0.20200318170312-12696f5c9108

Signed-off-by: toby lorne <toby@toby.codes>
 2021-01-05 19:28:14 +00:00
Casey Callendrello
b47d178ae0 vendor: bump ginkgo, gover 
Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2020-12-08 16:33:10 +01:00
Antonio Ojea
c41c78b600 update netlink dependencies 
Signed-off-by: Antonio Ojea <aojea@redhat.com>
 2020-11-17 23:32:35 +01:00
Federico Paolinelli
362f5d626a Update github.com/vishvananda/netlink to v1.1.0 
Latest version allows to set a VRF device as master and not only
a bridge one.

Signed-off-by: Federico Paolinelli <fpaoline@redhat.com>
 2020-10-14 17:40:50 +02:00
Dan Williams
c50490eb76 cni: bump to 0.8.0 
Signed-off-by: Dan Williams <dcbw@redhat.com>
 2020-08-05 14:12:09 -05:00
Dan Williams
01a8de9997 Bump Go version to 1.13 and 1.14 
Signed-off-by: Dan Williams <dcbw@redhat.com>
 2020-08-05 14:12:09 -05:00
Bruce Ma
486ef96e6f [DO NOT REVIEW] vendor upate to remove useless dependencies 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2020-03-17 14:30:28 +08:00
Antonio Ojea
5a02c5bc61
bump go-iptables module to v0.4.5 
bump the go-iptables module to v0.4.5 to avoid
concurrency issues with the portmap plugin and
errors related to iptables not able to hold the
lock.

Signed-off-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>
 2019-12-16 17:42:20 +01:00
Bruce Ma
b76ace9c64 bump up libcni to v0.7.1 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2019-08-23 20:24:16 +08:00
Michael Cambria
91a68d56f9 Vendor update go-iptables to obtain commit f1d0510cabcb710d5c5dd284096f81444b9d8d10 
Update go.mod & go.sub
 2019-08-07 10:56:30 -04:00
Nathan Gieseker
d42007865a update iptables 2019-06-26 02:14:56 -07:00
Nathan Gieseker
ce60e8eb3d dhcp module update 2019-06-26 02:07:24 -07:00
Nathan Gieseker
addbcd34b4 update ethtool 2019-06-26 02:07:24 -07:00
Nathan Gieseker
e8c953999e vendor update 2019-06-26 02:07:24 -07:00
Bruce Ma
93919752fb bump containernetworking/cni up to v0.7.1 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2019-06-18 20:49:51 +08:00
Moshe Levi
2753b9af8f fix compilation error on 386 
Update github.com/safchain/ethtool to fix the compilation
error on 386. Also added 386 to the tarvis yaml.

Fixes #322

Signed-off-by: Moshe Levi <moshele@mellanox.com>
 2019-05-24 23:43:37 +03:00
Casey Callendrello
0950a3607b
Merge pull request #279 from mars1024/bugfix/ipmasq_source 
change source of ipmasq rule from ipn to ip
 2019-05-10 13:40:17 +02:00