3ffc42cdfd
Bumps the golang group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) | `0.12.7` | `0.12.9` | | [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.20.2` | `2.22.0` | | [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.34.2` | `1.36.0` | | [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) | `1.11.0` | `1.11.1` | | [github.com/safchain/ethtool](https://github.com/safchain/ethtool) | `0.4.1` | `0.5.9` | | [sigs.k8s.io/knftables](https://github.com/kubernetes-sigs/knftables) | `0.0.17` | `0.0.18` | Updates `github.com/Microsoft/hcsshim` from 0.12.7 to 0.12.9 - [Release notes](https://github.com/Microsoft/hcsshim/releases) - [Commits](https://github.com/Microsoft/hcsshim/compare/v0.12.7...v0.12.9) Updates `github.com/onsi/ginkgo/v2` from 2.20.2 to 2.22.0 - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/ginkgo/compare/v2.20.2...v2.22.0) Updates `github.com/onsi/gomega` from 1.34.2 to 1.36.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.34.2...v1.36.0) Updates `github.com/opencontainers/selinux` from 1.11.0 to 1.11.1 - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](https://github.com/opencontainers/selinux/compare/v1.11.0...v1.11.1) Updates `github.com/safchain/ethtool` from 0.4.1 to 0.5.9 - [Release notes](https://github.com/safchain/ethtool/releases) - [Commits](https://github.com/safchain/ethtool/compare/v0.4.1...v0.5.9) Updates `golang.org/x/sys` from 0.26.0 to 0.27.0 - [Commits](https://github.com/golang/sys/compare/v0.26.0...v0.27.0) Updates `sigs.k8s.io/knftables` from 0.0.17 to 0.0.18 - [Changelog](https://github.com/kubernetes-sigs/knftables/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes-sigs/knftables/compare/v0.0.17...v0.0.18) --- updated-dependencies: - dependency-name: github.com/Microsoft/hcsshim dependency-type: direct:production update-type: version-update:semver-patch dependency-group: golang - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: github.com/opencontainers/selinux dependency-type: direct:production update-type: version-update:semver-patch dependency-group: golang - dependency-name: github.com/safchain/ethtool dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: sigs.k8s.io/knftables dependency-type: direct:production update-type: version-update:semver-patch dependency-group: golang ... Signed-off-by: dependabot[bot] <support@github.com>
362 lines
11 KiB
Go
362 lines
11 KiB
Go
//go:build windows
|
|
|
|
package hns
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net"
|
|
"strings"
|
|
|
|
"github.com/sirupsen/logrus"
|
|
)
|
|
|
|
// EndpointState represents the states of an HNS Endpoint lifecycle.
|
|
type EndpointState uint16
|
|
|
|
// EndpointState const
|
|
// The lifecycle of an Endpoint goes through created, attached, AttachedSharing - endpoint is being shared with other containers,
|
|
// detached, after being attached, degraded and finally destroyed.
|
|
// Note: This attribute is used by calico to define stale containers and is dependent on HNS v1 api, if we move to HNS v2 api we will need
|
|
// to update the current calico code and cordinate the change with calico. Reach out to Microsoft to facilate the change via HNS.
|
|
const (
|
|
Uninitialized EndpointState = iota
|
|
Created EndpointState = 1
|
|
Attached EndpointState = 2
|
|
AttachedSharing EndpointState = 3
|
|
Detached EndpointState = 4
|
|
Degraded EndpointState = 5
|
|
Destroyed EndpointState = 6
|
|
)
|
|
|
|
func (es EndpointState) String() string {
|
|
return [...]string{"Uninitialized", "Created", "Attached", "AttachedSharing", "Detached", "Degraded", "Destroyed"}[es]
|
|
}
|
|
|
|
// HNSEndpoint represents a network endpoint in HNS
|
|
type HNSEndpoint struct {
|
|
Id string `json:"ID,omitempty"`
|
|
Name string `json:",omitempty"`
|
|
VirtualNetwork string `json:",omitempty"`
|
|
VirtualNetworkName string `json:",omitempty"`
|
|
Policies []json.RawMessage `json:",omitempty"`
|
|
MacAddress string `json:",omitempty"`
|
|
IPAddress net.IP `json:",omitempty"`
|
|
IPv6Address net.IP `json:",omitempty"`
|
|
DNSSuffix string `json:",omitempty"`
|
|
DNSServerList string `json:",omitempty"`
|
|
DNSDomain string `json:",omitempty"`
|
|
GatewayAddress string `json:",omitempty"`
|
|
GatewayAddressV6 string `json:",omitempty"`
|
|
EnableInternalDNS bool `json:",omitempty"`
|
|
DisableICC bool `json:",omitempty"`
|
|
PrefixLength uint8 `json:",omitempty"`
|
|
IPv6PrefixLength uint8 `json:",omitempty"`
|
|
IsRemoteEndpoint bool `json:",omitempty"`
|
|
EnableLowMetric bool `json:",omitempty"`
|
|
Namespace *Namespace `json:",omitempty"`
|
|
EncapOverhead uint16 `json:",omitempty"`
|
|
SharedContainers []string `json:",omitempty"`
|
|
State EndpointState `json:",omitempty"`
|
|
}
|
|
|
|
// SystemType represents the type of the system on which actions are done
|
|
type SystemType string
|
|
|
|
// SystemType const
|
|
const (
|
|
ContainerType SystemType = "Container"
|
|
VirtualMachineType SystemType = "VirtualMachine"
|
|
HostType SystemType = "Host"
|
|
)
|
|
|
|
// EndpointAttachDetachRequest is the structure used to send request to the container to modify the system
|
|
// Supported resource types are Network and Request Types are Add/Remove
|
|
type EndpointAttachDetachRequest struct {
|
|
ContainerID string `json:"ContainerId,omitempty"`
|
|
SystemType SystemType `json:"SystemType"`
|
|
CompartmentID uint16 `json:"CompartmentId,omitempty"`
|
|
VirtualNICName string `json:"VirtualNicName,omitempty"`
|
|
}
|
|
|
|
// EndpointResquestResponse is object to get the endpoint request response
|
|
type EndpointResquestResponse struct {
|
|
Success bool
|
|
Error string
|
|
}
|
|
|
|
// EndpointStats is the object that has stats for a given endpoint
|
|
type EndpointStats struct {
|
|
BytesReceived uint64 `json:"BytesReceived"`
|
|
BytesSent uint64 `json:"BytesSent"`
|
|
DroppedPacketsIncoming uint64 `json:"DroppedPacketsIncoming"`
|
|
DroppedPacketsOutgoing uint64 `json:"DroppedPacketsOutgoing"`
|
|
EndpointID string `json:"EndpointId"`
|
|
InstanceID string `json:"InstanceId"`
|
|
PacketsReceived uint64 `json:"PacketsReceived"`
|
|
PacketsSent uint64 `json:"PacketsSent"`
|
|
}
|
|
|
|
// HNSEndpointRequest makes a HNS call to modify/query a network endpoint
|
|
func HNSEndpointRequest(method, path, request string) (*HNSEndpoint, error) {
|
|
endpoint := &HNSEndpoint{}
|
|
err := hnsCall(method, "/endpoints/"+path, request, &endpoint)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return endpoint, nil
|
|
}
|
|
|
|
// HNSListEndpointRequest makes a HNS call to query the list of available endpoints
|
|
func HNSListEndpointRequest() ([]HNSEndpoint, error) {
|
|
var endpoint []HNSEndpoint
|
|
err := hnsCall("GET", "/endpoints/", "", &endpoint)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return endpoint, nil
|
|
}
|
|
|
|
// hnsEndpointStatsRequest makes a HNS call to query the stats for a given endpoint ID
|
|
func hnsEndpointStatsRequest(id string) (*EndpointStats, error) {
|
|
var stats EndpointStats
|
|
err := hnsCall("GET", "/endpointstats/"+id, "", &stats)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &stats, nil
|
|
}
|
|
|
|
// GetHNSEndpointByID get the Endpoint by ID
|
|
func GetHNSEndpointByID(endpointID string) (*HNSEndpoint, error) {
|
|
return HNSEndpointRequest("GET", endpointID, "")
|
|
}
|
|
|
|
// GetHNSEndpointStats get the stats for a n Endpoint by ID
|
|
func GetHNSEndpointStats(endpointID string) (*EndpointStats, error) {
|
|
return hnsEndpointStatsRequest(endpointID)
|
|
}
|
|
|
|
// GetHNSEndpointByName gets the endpoint filtered by Name
|
|
func GetHNSEndpointByName(endpointName string) (*HNSEndpoint, error) {
|
|
hnsResponse, err := HNSListEndpointRequest()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
for _, hnsEndpoint := range hnsResponse {
|
|
if hnsEndpoint.Name == endpointName {
|
|
return &hnsEndpoint, nil
|
|
}
|
|
}
|
|
return nil, EndpointNotFoundError{EndpointName: endpointName}
|
|
}
|
|
|
|
type endpointAttachInfo struct {
|
|
SharedContainers json.RawMessage `json:",omitempty"`
|
|
}
|
|
|
|
func (endpoint *HNSEndpoint) IsAttached(vID string) (bool, error) {
|
|
attachInfo := endpointAttachInfo{}
|
|
err := hnsCall("GET", "/endpoints/"+endpoint.Id, "", &attachInfo)
|
|
|
|
// Return false allows us to just return the err
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
if strings.Contains(strings.ToLower(string(attachInfo.SharedContainers)), strings.ToLower(vID)) {
|
|
return true, nil
|
|
}
|
|
|
|
return false, nil
|
|
}
|
|
|
|
// Create Endpoint by sending EndpointRequest to HNS. TODO: Create a separate HNS interface to place all these methods
|
|
func (endpoint *HNSEndpoint) Create() (*HNSEndpoint, error) {
|
|
operation := "Create"
|
|
title := "hcsshim::HNSEndpoint::" + operation
|
|
logrus.Debugf(title+" id=%s", endpoint.Id)
|
|
|
|
jsonString, err := json.Marshal(endpoint)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return HNSEndpointRequest("POST", "", string(jsonString))
|
|
}
|
|
|
|
// Delete Endpoint by sending EndpointRequest to HNS
|
|
func (endpoint *HNSEndpoint) Delete() (*HNSEndpoint, error) {
|
|
operation := "Delete"
|
|
title := "hcsshim::HNSEndpoint::" + operation
|
|
logrus.Debugf(title+" id=%s", endpoint.Id)
|
|
|
|
return HNSEndpointRequest("DELETE", endpoint.Id, "")
|
|
}
|
|
|
|
// Update Endpoint
|
|
func (endpoint *HNSEndpoint) Update() (*HNSEndpoint, error) {
|
|
operation := "Update"
|
|
title := "hcsshim::HNSEndpoint::" + operation
|
|
logrus.Debugf(title+" id=%s", endpoint.Id)
|
|
jsonString, err := json.Marshal(endpoint)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
err = hnsCall("POST", "/endpoints/"+endpoint.Id, string(jsonString), &endpoint)
|
|
|
|
return endpoint, err
|
|
}
|
|
|
|
// ApplyACLPolicy applies a set of ACL Policies on the Endpoint
|
|
func (endpoint *HNSEndpoint) ApplyACLPolicy(policies ...*ACLPolicy) error {
|
|
operation := "ApplyACLPolicy"
|
|
title := "hcsshim::HNSEndpoint::" + operation
|
|
logrus.Debugf(title+" id=%s", endpoint.Id)
|
|
|
|
for _, policy := range policies {
|
|
if policy == nil {
|
|
continue
|
|
}
|
|
jsonString, err := json.Marshal(policy)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
endpoint.Policies = append(endpoint.Policies, jsonString)
|
|
}
|
|
|
|
_, err := endpoint.Update()
|
|
return err
|
|
}
|
|
|
|
// ApplyProxyPolicy applies a set of Proxy Policies on the Endpoint
|
|
func (endpoint *HNSEndpoint) ApplyProxyPolicy(policies ...*ProxyPolicy) error {
|
|
operation := "ApplyProxyPolicy"
|
|
title := "hcsshim::HNSEndpoint::" + operation
|
|
logrus.Debugf(title+" id=%s", endpoint.Id)
|
|
|
|
for _, policy := range policies {
|
|
if policy == nil {
|
|
continue
|
|
}
|
|
jsonString, err := json.Marshal(policy)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
endpoint.Policies = append(endpoint.Policies, jsonString)
|
|
}
|
|
|
|
_, err := endpoint.Update()
|
|
return err
|
|
}
|
|
|
|
// ContainerAttach attaches an endpoint to container
|
|
func (endpoint *HNSEndpoint) ContainerAttach(containerID string, compartmentID uint16) error {
|
|
operation := "ContainerAttach"
|
|
title := "hcsshim::HNSEndpoint::" + operation
|
|
logrus.Debugf(title+" id=%s", endpoint.Id)
|
|
|
|
requestMessage := &EndpointAttachDetachRequest{
|
|
ContainerID: containerID,
|
|
CompartmentID: compartmentID,
|
|
SystemType: ContainerType,
|
|
}
|
|
response := &EndpointResquestResponse{}
|
|
jsonString, err := json.Marshal(requestMessage)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return hnsCall("POST", "/endpoints/"+endpoint.Id+"/attach", string(jsonString), &response)
|
|
}
|
|
|
|
// ContainerDetach detaches an endpoint from container
|
|
func (endpoint *HNSEndpoint) ContainerDetach(containerID string) error {
|
|
operation := "ContainerDetach"
|
|
title := "hcsshim::HNSEndpoint::" + operation
|
|
logrus.Debugf(title+" id=%s", endpoint.Id)
|
|
|
|
requestMessage := &EndpointAttachDetachRequest{
|
|
ContainerID: containerID,
|
|
SystemType: ContainerType,
|
|
}
|
|
response := &EndpointResquestResponse{}
|
|
|
|
jsonString, err := json.Marshal(requestMessage)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return hnsCall("POST", "/endpoints/"+endpoint.Id+"/detach", string(jsonString), &response)
|
|
}
|
|
|
|
// HostAttach attaches a nic on the host
|
|
func (endpoint *HNSEndpoint) HostAttach(compartmentID uint16) error {
|
|
operation := "HostAttach"
|
|
title := "hcsshim::HNSEndpoint::" + operation
|
|
logrus.Debugf(title+" id=%s", endpoint.Id)
|
|
requestMessage := &EndpointAttachDetachRequest{
|
|
CompartmentID: compartmentID,
|
|
SystemType: HostType,
|
|
}
|
|
response := &EndpointResquestResponse{}
|
|
|
|
jsonString, err := json.Marshal(requestMessage)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return hnsCall("POST", "/endpoints/"+endpoint.Id+"/attach", string(jsonString), &response)
|
|
}
|
|
|
|
// HostDetach detaches a nic on the host
|
|
func (endpoint *HNSEndpoint) HostDetach() error {
|
|
operation := "HostDetach"
|
|
title := "hcsshim::HNSEndpoint::" + operation
|
|
logrus.Debugf(title+" id=%s", endpoint.Id)
|
|
requestMessage := &EndpointAttachDetachRequest{
|
|
SystemType: HostType,
|
|
}
|
|
response := &EndpointResquestResponse{}
|
|
|
|
jsonString, err := json.Marshal(requestMessage)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return hnsCall("POST", "/endpoints/"+endpoint.Id+"/detach", string(jsonString), &response)
|
|
}
|
|
|
|
// VirtualMachineNICAttach attaches a endpoint to a virtual machine
|
|
func (endpoint *HNSEndpoint) VirtualMachineNICAttach(virtualMachineNICName string) error {
|
|
operation := "VirtualMachineNicAttach"
|
|
title := "hcsshim::HNSEndpoint::" + operation
|
|
logrus.Debugf(title+" id=%s", endpoint.Id)
|
|
requestMessage := &EndpointAttachDetachRequest{
|
|
VirtualNICName: virtualMachineNICName,
|
|
SystemType: VirtualMachineType,
|
|
}
|
|
response := &EndpointResquestResponse{}
|
|
|
|
jsonString, err := json.Marshal(requestMessage)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return hnsCall("POST", "/endpoints/"+endpoint.Id+"/attach", string(jsonString), &response)
|
|
}
|
|
|
|
// VirtualMachineNICDetach detaches a endpoint from a virtual machine
|
|
func (endpoint *HNSEndpoint) VirtualMachineNICDetach() error {
|
|
operation := "VirtualMachineNicDetach"
|
|
title := "hcsshim::HNSEndpoint::" + operation
|
|
logrus.Debugf(title+" id=%s", endpoint.Id)
|
|
|
|
requestMessage := &EndpointAttachDetachRequest{
|
|
SystemType: VirtualMachineType,
|
|
}
|
|
response := &EndpointResquestResponse{}
|
|
|
|
jsonString, err := json.Marshal(requestMessage)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return hnsCall("POST", "/endpoints/"+endpoint.Id+"/detach", string(jsonString), &response)
|
|
}
|