github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-21 01:26:28 +00:00
Code Issues Projects Releases Wiki Activity

kubenet: remove code forcing bridge MAC address

Browse Source
This commit is contained in:
xiangpengzhao 2017-03-25 15:58:36 +08:00
parent 595998c43c
commit 8614da7bdc
No known key found for this signature in database
GPG Key ID: A9FD03A856417C5B
2 changed files with 7 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
pkg/kubelet/network/kubenet/kubenet_linux.go
View File

@ -23,7 +23,6 @@ import (
"io/ioutil" "io/ioutil"
"net" "net"
"path/filepath" "path/filepath"
"strconv"
"strings" "strings"
"sync" "sync"
"syscall" "syscall"
@ -58,12 +57,6 @@ const (
// fallbackMTU is used if an MTU is not specified, and we cannot determine the MTU // fallbackMTU is used if an MTU is not specified, and we cannot determine the MTU
fallbackMTU = 1460 fallbackMTU = 1460
// private mac prefix safe to use
// Universally administered and locally administered addresses are distinguished by setting the second-least-significant
// bit of the first octet of the address. If it is 1, the address is locally administered. For example, for address 0a:00:00:00:00:00,
// the first cotet is 0a(hex), the binary form of which is 00001010, where the second-least-significant bit is 1.
privateMACPrefix = "0a:58"
// ebtables Chain to store dedup rules // ebtables Chain to store dedup rules
dedupChain = utilebtables.Chain("KUBE-DEDUP") dedupChain = utilebtables.Chain("KUBE-DEDUP")
@ -326,22 +319,6 @@ func (plugin *kubenetNetworkPlugin) setup(namespace string, name string, id kube
return fmt.Errorf("CNI plugin reported an invalid IPv4 address for container %v: %+v.", id, res.IP4) return fmt.Errorf("CNI plugin reported an invalid IPv4 address for container %v: %+v.", id, res.IP4)
} }
// Explicitly assign mac address to cbr0. If bridge mac address is not explicitly set will adopt the lowest MAC address of the attached veths.
// TODO: Remove this once upstream cni bridge plugin handles this
link, err := netlink.LinkByName(BridgeName)
if err != nil {
return fmt.Errorf("failed to lookup %q: %v", BridgeName, err)
}
macAddr, err := generateHardwareAddr(plugin.gateway)
if err != nil {
return err
}
glog.V(3).Infof("Configure %q mac address to %v", BridgeName, macAddr)
err = netlink.LinkSetHardwareAddr(link, macAddr)
if err != nil {
return fmt.Errorf("Failed to configure %q mac address to %q: %v", BridgeName, macAddr, err)
}
// Put the container bridge into promiscuous mode to force it to accept hairpin packets. // Put the container bridge into promiscuous mode to force it to accept hairpin packets.
// TODO: Remove this once the kernel bug (#20096) is fixed. // TODO: Remove this once the kernel bug (#20096) is fixed.
// TODO: check and set promiscuous mode with netlink once vishvananda/netlink supports it // TODO: check and set promiscuous mode with netlink once vishvananda/netlink supports it
@ -353,8 +330,14 @@ func (plugin *kubenetNetworkPlugin) setup(namespace string, name string, id kube
return fmt.Errorf("Error setting promiscuous mode on %s: %v", BridgeName, err) return fmt.Errorf("Error setting promiscuous mode on %s: %v", BridgeName, err)
} }
} }
link, err := netlink.LinkByName(BridgeName)
if err != nil {
return fmt.Errorf("failed to lookup %q: %v", BridgeName, err)
}
// configure the ebtables rules to eliminate duplicate packets by best effort // configure the ebtables rules to eliminate duplicate packets by best effort
plugin.syncEbtablesDedupRules(macAddr) plugin.syncEbtablesDedupRules(link.Attrs().HardwareAddr)
} }
plugin.podIPs[id] = ip4.String() plugin.podIPs[id] = ip4.String()
@ -845,21 +828,3 @@ func (plugin *kubenetNetworkPlugin) syncEbtablesDedupRules(macAddr net.HardwareA
return return
} }
} }
// generateHardwareAddr generates 48 bit virtual mac addresses based on the IP input.
func generateHardwareAddr(ip net.IP) (net.HardwareAddr, error) {
if ip.To4() == nil {
return nil, fmt.Errorf("generateHardwareAddr only support valid ipv4 address as input")
}
mac := privateMACPrefix
sections := strings.Split(ip.String(), ".")
for _, s := range sections {
i, _ := strconv.Atoi(s)
mac = mac + ":" + fmt.Sprintf("%02x", i)
}
hwAddr, err := net.ParseMAC(mac)
if err != nil {
return nil, fmt.Errorf("Failed to parse mac address %s generated based on ip %s due to: %v", mac, ip, err)
}
return hwAddr, nil
}

31
pkg/kubelet/network/kubenet/kubenet_linux_test.go
View File

@ -18,7 +18,6 @@ package kubenet
import ( import (
"fmt" "fmt"
"net"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/mock" "github.com/stretchr/testify/mock"
@ -199,36 +198,6 @@ func TestInit_MTU(t *testing.T) {
assert.Equal(t, 1, sysctl.Settings["net/bridge/bridge-nf-call-iptables"], "net/bridge/bridge-nf-call-iptables sysctl should have been set") assert.Equal(t, 1, sysctl.Settings["net/bridge/bridge-nf-call-iptables"], "net/bridge/bridge-nf-call-iptables sysctl should have been set")
} }
func TestGenerateMacAddress(t *testing.T) {
testCases := []struct {
ip net.IP
expectedMAC string
}{
{
ip: net.ParseIP("10.0.0.2"),
expectedMAC: privateMACPrefix + ":0a:00:00:02",
},
{
ip: net.ParseIP("10.250.0.244"),
expectedMAC: privateMACPrefix + ":0a:fa:00:f4",
},
{
ip: net.ParseIP("172.17.0.2"),
expectedMAC: privateMACPrefix + ":ac:11:00:02",
},
}
for _, tc := range testCases {
mac, err := generateHardwareAddr(tc.ip)
if err != nil {
t.Errorf("Did not expect error: %v", err)
}
if mac.String() != tc.expectedMAC {
t.Errorf("generated mac: %q, expecting: %q", mac.String(), tc.expectedMAC)
}
}
}
// TestInvocationWithoutRuntime invokes the plugin without a runtime. // TestInvocationWithoutRuntime invokes the plugin without a runtime.
// This is how kubenet is invoked from the cri. // This is how kubenet is invoked from the cri.
func TestTearDownWithoutRuntime(t *testing.T) { func TestTearDownWithoutRuntime(t *testing.T) {