ITQC/containernetworking-plugins
24
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 34 Wiki Activity
1,383 Commits 6 Branches 48 Tags
Commit Graph

129 Commits

Author SHA1 Message Date
Dan Williams
6bceb68143
Merge pull request #309 from nagiesek/flannel 
Flannel: Pass through runtimeConfig to delegate
 2019-05-08 10:25:50 -05:00
Nathan Gieseker
071907f867 Flannel: pass runtimeConfig into delegate 2019-05-01 15:58:24 -07:00
Dan Williams
ae0b03787f windows,flannel: cmdGet -> cmdCheck and fix flannel Check return 2019-05-01 10:48:14 -05:00
Michael Cambria
cc4976a43c return nil instead of error for cmdCheck until support is added 2019-04-24 13:47:58 -04:00
Casey Callendrello
72f2a1ffd4 plugins: correctly output build version, cosmetic cleanups 
Now that libcni has the ability to print a version message, plumb it
through correctly.

While we're at it,
- fix import paths
- run gofmt
- add some more comments to sample
- add container runtime swappability for release
 2019-04-15 16:52:07 +02:00
Michael Cambria
d47387c6fe Add Check support to firewall meta plugin, test cases 2019-04-12 14:37:21 -04:00
Dan Williams
95be5da5e2 firewall: add a couple more testcases 2019-04-12 14:37:21 -04:00
Dan Williams
b46e1a0138 firewall: consolidate firewalld code into firewall plugin 2019-04-12 14:37:21 -04:00
Michal Rostecki
9d6f1e9975 firewall: add firewalld functionality to firewall plugin 
Example of usage, which uses flannel for allocating IP
addresses for containers and then registers them in `trusted`
zone in firewalld:

{
  "cniVersion": "0.3.1",
  "name": "flannel-firewalld",
  "plugins": [
    {
      "name": "cbr0",
      "type": "flannel",
      "delegate": {
        "isDefaultGateway": true
      }
    },
    {
      "type": "firewall",
      "backend": "firewalld",
      "zone": "trusted"
    }
  ]
}

Fixes #114

Signed-off-by: Alban Crequy <alban@kinvolk.io>
Signed-off-by: Michal Rostecki <mrostecki@suse.com>
 2019-04-12 14:37:21 -04:00
Dan Williams
d096a4df48 firewall: new plugin which allows a host interface to send/receive traffic 
Distros often have additional rules in the their iptabvles 'filter' table
that do things like:

-A FORWARD -j REJECT --reject-with icmp-host-prohibited

docker, for example, gets around this by adding explicit rules to the filter
table's FORWARD chain to allow traffic from the docker0 interface.  Do that
for a given host interface too, as a chained plugin.
 2019-04-12 14:37:21 -04:00
Michael Cambria
74a2596573 Add check support for: bridge, ipvlan, macvlan, p2p, vlan and host-device main plugins 
host-local and static ipam plugins
  tuning, bandwidth and portmap meta plugins

  Utility functions created for common PrevResult checking

  Fix windows build
 2019-04-03 13:08:07 -04:00
Casey Callendrello
9fab520c37 Portmap: append, rather than prepend, entry rules 
This means that portmapped connections can be more easily controlled /
firewalled.
 2019-03-18 14:03:13 -05:00
Nguyen Quang Huy
4bca3e76bf Fix redundant import alias 
Because these package names are short and they are unique, it can not conflict. So the import aliases that can be omitted and we should remove them.
 2019-02-20 16:58:45 +07:00
Dan Williams
1865a0701e
Merge pull request #212 from plwhite/sbrplugin 
Create new Source Based Routing plugin
 2019-02-06 10:15:56 -06:00
Peter White
29928cff4d Create new Source Based Routing plugin 
This creates a new plugin (sbr) which sets up source based routing, for use
as a chained plugin for multi-network environments.
 2019-01-31 09:27:59 +00:00
Michael Cambria
6f3332e9fe Fix for windows too 2018-11-05 16:52:12 -05:00
Michael Cambria
ddbf22f7f9 Vendor github.com/containernetworking/cni libcni and pkg file needed for CHECK 
Update plugins/tests to deal with changes made to this vendor'ed code
 2018-11-05 16:35:03 -05:00
Dan Williams
9b86f52791
Merge pull request #200 from s1061123/fix/tuning-doc 
Add description for mac/mtu/promisc in tuning README.md
 2018-09-24 20:53:38 -05:00
Dan Williams
8a579a7fbc
Merge pull request #204 from mrostecki/always-check-err 
Add missing error checks
 2018-09-24 20:52:38 -05:00
MaiWJ
b56ca2fe45 Windows Support 
Patch for https://github.com/containernetworking/plugins/pull/85

+ Windows cni plugins are added
   (*) win-bridge (hostgw)
   (*) win-overlay (vxlan)
+ Windows netconf unit test
+ Fix appveyor config to run the test
+ Build release support for windows plugins

Address comments

From:
    - https://github.com/containernetworking/plugins/pull/85
    - 0049c64e3f
 2018-09-21 00:34:07 +08:00
Tomofumi Hayashi
93178bf026 Fix typo. 2018-09-20 22:18:15 +09:00
Michal Rostecki
f5f787057d plugins/meta: Add missing error checks 
Signed-off-by: Michal Rostecki <mrostecki@suse.de>
 2018-09-20 11:06:50 +02:00
Tomofumi Hayashi
d22e75316f Incorporate comments in PR. 2018-09-13 01:49:47 +09:00
Dan Williams
35b87a34db
Merge pull request #191 from dcbw/portmap-panic-fix 
portmap: don't panic if listing a chain returns fewer lines than exected
 2018-09-05 10:09:02 -05:00
Tomofumi Hayashi
9048a61dda Add description for mac/mtu/promisc in tuning README.md 
This diff adds documents for #177 change (mac/mtu/promisc) in tuning
README.md. Fixes #199.
 2018-09-05 16:01:24 +09:00
Dan Williams
7d329215b0 portmap: don't panic if listing a chain returns fewer lines than expected 2018-08-16 09:50:28 -05:00
Dong Jun
220499db6b Correct the bandwidth unit in description 
Replace Kbps with bps and Kb with bits in bandwidth description.
 2018-08-15 19:26:13 +08:00
Tomofumi Hayashi
9425d24c28 Incorporate @jelloneck/@bboreham/@squeed's comments. 2018-08-09 22:28:12 +09:00
Tomofumi Hayashi
635cb22f12 Merge remote-tracking branch 'origin/master' into tuninig-iplink 2018-08-09 21:43:33 +09:00
Tomofumi Hayashi
3a7f254a63 Introduce iplink(MTU MAC and promiscas) feature into tuning 
This change adds 'ip link' command related feature into tuning
meta cni plugin. Currently MTU, MAC and promiscas mode are
supported.
 2018-07-31 12:54:15 +09:00
Ye Yin
7571169160 Fix tc-tbf burst value in bytes. 2018-07-03 18:36:49 +08:00
Casey Callendrello
68b4efb405 plugins/* stub-out GET functions so plugins build with v0.7 2018-06-15 15:28:53 +02:00
Dan Williams
731298003c plugins/testutils: pass CNI_CONTAINERID to plugins in testcases 
Recent CNI specification changes require the container ID on ADD/DEL,
which the testcases were not providing.  Fix that up so things work
when this repo gets CNI revendored.
 2018-04-26 11:24:30 -05:00
Dan Williams
1df359a210
Merge pull request #144 from squeed/build-fixes 
build: some small improvements; bump to go1.10
 2018-04-25 10:41:32 -05:00
Casey Callendrello
adba9ec16e
Merge pull request #138 from m1093782566/runtime-config 
traffic shaping: take configuration via a runtimeConfig
 2018-04-25 17:09:41 +02:00
Lion-Wei
4a0971bcd8 update integration test configlist 2018-04-19 10:08:25 +08:00
m1093782566
7cf02869ec traffic shaping: take configuration via a runtimeConfig 2018-04-13 10:57:17 +08:00
Casey Callendrello
aade7b93ee build: some small improvements; bump to go1.10 
- bump to go 1.10
- Add a linker tag with the build version
- Remove fastbuild, go builds are cached now
- Use better ginkgo suite names
 2018-04-12 16:59:51 +02:00
Casey Callendrello
a0eac8d7d9 pkg/ns: remove namespace creation (and move to testutils) 
Namespace creation had an unergonomic interface and isn't used, except
for testing code. Remove it; downstream users should really be creating
their own namespaces
 2018-04-03 18:56:25 +02:00
Tyler Schultz
fe0cf201f8 Safely print error 
Format plugin code

Signed-off-by: Aidan Obley <aobley@pivotal.io>
 2018-03-12 15:53:23 -07:00
Aidan Obley
d2f6472474 Ensure the bandwith plugin chooses the host veth device 
When chained with a plugin that returns multiple devices, the bandwidth
plugin chooses the host veth device.

Signed-off-by: Tyler Schultz <tschultz@pivotal.io>
 2018-03-12 15:08:53 -07:00
Gabe Rosenhouse
90252c30fb meta/bandwidth: package main so we can build a binary 2018-02-27 22:24:26 -08:00
Gabe Rosenhouse
59fa37252f meta/bandwidth: group and sort imports 
ref: https://github.com/golang/go/wiki/CodeReviewComments#imports
 2018-02-27 20:47:42 -08:00
Gabe Rosenhouse
dce91d11d6 meta/bandwidth: remove boilerplate comments 2018-02-27 20:47:41 -08:00
DennisDenuto
b78e535055 plugins/meta/bandwith: traffic shaping plugin 
Add chained plugin to add a tbf qdisc to shape ingress/egress traffic
 2018-02-27 20:47:41 -08:00
Casey Callendrello
2c05055101
Merge pull request #81 from squeed/portmap-hairpin 
portmap: support hairpin, improve performance
 2017-11-15 17:34:35 +01:00
Gabriel Rosenhouse
99f6be0319 Enable Windows CI (Appveyor) 
- start list of linux_only plugins; ignore them when testing on Windows
- Isolate linux-only code by filename suffix
- Remove stub (NotImplemented) functions
- other misc. fixes for Windows compatibility
 2017-11-10 08:09:29 -08:00
Casey Callendrello
5576f3120e portmap: support hairpin, improve performance 
This change improves the performance of the portmap plugin and fixes
hairpin, when a container is mapped back to itself.

Performance is improved by using a multiport test to reduce rule
traversal, and by using a masquerade mark.

Hairpin is fixed by enabling masquerading for hairpin traffic.
 2017-11-10 16:56:52 +01:00
Gabriel Rosenhouse
d8f2fd7a3c testing: move echosvr into testutils 2017-09-06 19:10:48 -07:00
Gabriel Rosenhouse
008024125a portmap integration test: echo server runs in separate process 
this way we're not mixing goroutines and namespaces
 2017-09-05 23:36:12 -07:00