github.com/cilium/cilium@v1.16.2/pkg/datapath/types/node.go (about)

     1  // SPDX-License-Identifier: Apache-2.0
     2  // Copyright Authors of Cilium
     3  
     4  package types
     5  
     6  import (
     7  	"context"
     8  	"net"
     9  
    10  	"github.com/cilium/cilium/api/v1/models"
    11  	"github.com/cilium/cilium/pkg/cidr"
    12  	"github.com/cilium/cilium/pkg/datapath/tables"
    13  	nodeTypes "github.com/cilium/cilium/pkg/node/types"
    14  )
    15  
    16  type MTUConfiguration interface {
    17  	GetDeviceMTU() int
    18  	GetRouteMTU() int
    19  	GetRoutePostEncryptMTU() int
    20  }
    21  
    22  // LocalNodeConfiguration represents the configuration of the local node
    23  //
    24  // This configuration struct is immutable even when passed by reference.
    25  // When the configuration is changed at runtime a new instance is allocated
    26  // and passed down.
    27  type LocalNodeConfiguration struct {
    28  	// NodeIPv4 is the primary IPv4 address of this node.
    29  	// Mutable at runtime.
    30  	NodeIPv4 net.IP
    31  
    32  	// NodeIPv6 is the primary IPv6 address of this node.
    33  	// Mutable at runtime.
    34  	NodeIPv6 net.IP
    35  
    36  	// CiliumInternalIPv4 is the internal IP address assigned to the cilium_host
    37  	// interface.
    38  	// Immutable at runtime.
    39  	CiliumInternalIPv4 net.IP
    40  
    41  	// CiliumInternalIPv6 is the internal IP address assigned to the cilium_host
    42  	// interface.
    43  	// Immutable at runtime.
    44  	CiliumInternalIPv6 net.IP
    45  
    46  	// AllocCIDRIPv4 is the IPv4 allocation CIDR from which IP addresses for
    47  	// endpoints are allocated from.
    48  	// Immutable at runtime.
    49  	AllocCIDRIPv4 *cidr.CIDR
    50  
    51  	// AllocCIDRIPv6 is the IPv6 allocation CIDR from which IP addresses for
    52  	// endpoints are allocated from.
    53  	// Immutable at runtime.
    54  	AllocCIDRIPv6 *cidr.CIDR
    55  
    56  	// LoopbackIPv4 is the IPv4 loopback address.
    57  	// Immutable at runtime.
    58  	LoopbackIPv4 net.IP
    59  
    60  	// Devices is the native network devices selected for datapath use.
    61  	// Mutable at runtime.
    62  	Devices []*tables.Device
    63  
    64  	// NodeAddresses are the IP addresses of the local node that are considered
    65  	// as this node's addresses. From this set we pick the addresses that are
    66  	// used as NodePort frontends and the addresses to use for BPF masquerading.
    67  	// Mutable at runtime.
    68  	NodeAddresses []tables.NodeAddress
    69  
    70  	// HostEndpointID is the endpoint ID assigned to the host endpoint.
    71  	// Immutable at runtime.
    72  	HostEndpointID uint64
    73  
    74  	// DeviceMTU is the MTU used on workload facing devices.
    75  	// This field is immutable at runtime. The value will not change in
    76  	// subsequent calls to NodeConfigurationChanged().
    77  	DeviceMTU int
    78  
    79  	// RouteMTU is the MTU used on the network.
    80  	// This field is immutable at runtime. The value will not change in
    81  	// subsequent calls to NodeConfigurationChanged().
    82  	RouteMTU int
    83  
    84  	// RoutePostEncryptMTU is the MTU without the encryption overhead
    85  	// included.
    86  	// This field is immutable at runtime. The value will not change in
    87  	// subsequent calls to NodeConfigurationChanged().
    88  	RoutePostEncryptMTU int
    89  
    90  	// AuxiliaryPrefixes is the list of auxiliary prefixes that should be
    91  	// configured in addition to the node PodCIDR
    92  	//
    93  	// This field is mutable. The implementation of
    94  	// NodeConfigurationChanged() must adjust the routes accordingly.
    95  	AuxiliaryPrefixes []*cidr.CIDR
    96  
    97  	// EnableIPv4 enables use of IPv4. Routing to the IPv4 allocation CIDR
    98  	// of other nodes must be enabled.
    99  	//
   100  	// This field is immutable at runtime. The value will not change in
   101  	// subsequent calls to NodeConfigurationChanged().
   102  	EnableIPv4 bool
   103  
   104  	// EnableIPv6 enables use of IPv6. Routing to the IPv6 allocation CIDR
   105  	// of other nodes must be enabled.
   106  	//
   107  	// This field is immutable at runtime. The value will not change in
   108  	// subsequent calls to NodeConfigurationChanged().
   109  	EnableIPv6 bool
   110  
   111  	// EnableEncapsulation enables use of encapsulation in communication
   112  	// between nodes.
   113  	//
   114  	// This field is immutable at runtime. The value will not change in
   115  	// subsequent calls to NodeConfigurationChanged().
   116  	EnableEncapsulation bool
   117  
   118  	// EnableAutoDirectRouting enables the use of direct routes for
   119  	// communication between nodes if two nodes have direct L2
   120  	// connectivity.
   121  	//
   122  	// EnableAutoDirectRouting must be compatible with EnableEncapsulation
   123  	// and must provide a fallback to use encapsulation if direct routing
   124  	// is not feasible and encapsulation is enabled.
   125  	//
   126  	// This field is immutable at runtime. The value will not change in
   127  	// subsequent calls to NodeConfigurationChanged().
   128  	EnableAutoDirectRouting bool
   129  
   130  	// DirectRoutingSkipUnreachable will skip any direct routes between
   131  	// nodes if they have different L2 connectivity, only adding L2 routes
   132  	// if the underlying L2 shares the same gateway.
   133  	//
   134  	// This field is immutable at runtime. The value will not change in
   135  	// subsequent calls to NodeConfigurationChanged().
   136  	DirectRoutingSkipUnreachable bool
   137  
   138  	// EnableLocalNodeRoute enables installation of the route which points
   139  	// the allocation prefix of the local node. Disabling this option is
   140  	// useful when another component is responsible for the routing of the
   141  	// allocation CIDR IPs into Cilium endpoints.
   142  	EnableLocalNodeRoute bool
   143  
   144  	// EnableIPSec enables IPSec routes
   145  	EnableIPSec bool
   146  
   147  	// EnableIPSecEncryptedOverlay enables IPSec routes for overlay traffic
   148  	EnableIPSecEncryptedOverlay bool
   149  
   150  	// EncryptNode enables encrypting NodeIP traffic requires EnableIPSec
   151  	EncryptNode bool
   152  
   153  	// IPv4PodSubnets is a list of IPv4 subnets that pod IPs are assigned from
   154  	// these are then used when encryption is enabled to configure the node
   155  	// for encryption over these subnets at node initialization.
   156  	IPv4PodSubnets []*net.IPNet
   157  
   158  	// IPv6PodSubnets is a list of IPv6 subnets that pod IPs are assigned from
   159  	// these are then used when encryption is enabled to configure the node
   160  	// for encryption over these subnets at node initialization.
   161  	IPv6PodSubnets []*net.IPNet
   162  }
   163  
   164  func (cfg *LocalNodeConfiguration) DeviceNames() []string {
   165  	return tables.DeviceNames(cfg.Devices)
   166  }
   167  
   168  // NodeHandler handles node related events such as addition, update or deletion
   169  // of nodes or changes to the local node configuration.
   170  //
   171  // Node events apply to the local node as well as to remote nodes. The
   172  // implementation can differ between the own local node and remote nodes by
   173  // calling node.IsLocal().
   174  type NodeHandler interface {
   175  	// Name identifies the handler, this is used in logging/reporting handler
   176  	// reconciliation errors.
   177  	Name() string
   178  
   179  	// NodeAdd is called when a node is discovered for the first time.
   180  	NodeAdd(newNode nodeTypes.Node) error
   181  
   182  	// NodeUpdate is called when a node definition changes. Both the old
   183  	// and new node definition is provided. NodeUpdate() is never called
   184  	// before NodeAdd() is called for a particular node.
   185  	NodeUpdate(oldNode, newNode nodeTypes.Node) error
   186  
   187  	// NodeDelete is called after a node has been deleted
   188  	NodeDelete(node nodeTypes.Node) error
   189  
   190  	// AllNodeValidateImplementation is called to validate the implementation
   191  	// of all nodes in the node cache.
   192  	AllNodeValidateImplementation()
   193  
   194  	// NodeValidateImplementation is called to validate the implementation of
   195  	// the node in the datapath. This function is intended to be run on an
   196  	// interval to ensure that the datapath is consistently converged.
   197  	NodeValidateImplementation(node nodeTypes.Node) error
   198  
   199  	// NodeConfigurationChanged is called when the local node configuration
   200  	// has changed
   201  	NodeConfigurationChanged(config LocalNodeConfiguration) error
   202  }
   203  
   204  type NodeNeighbors interface {
   205  	// NodeNeighDiscoveryEnabled returns whether node neighbor discovery is enabled
   206  	NodeNeighDiscoveryEnabled() bool
   207  
   208  	// NodeNeighborRefresh is called to refresh node neighbor table
   209  	NodeNeighborRefresh(ctx context.Context, node nodeTypes.Node, refresh bool) error
   210  
   211  	// NodeCleanNeighbors cleans all neighbor entries for the direct routing device
   212  	// and the encrypt interface.
   213  	NodeCleanNeighbors(migrateOnly bool)
   214  
   215  	// InsertMiscNeighbor inserts a neighbor entry for the address passed via newNode.
   216  	// This is needed for in-agent users where neighbors outside the cluster need to
   217  	// be added, for example, for external service backends.
   218  	InsertMiscNeighbor(newNode *nodeTypes.Node)
   219  
   220  	// DeleteMiscNeighbor delets a eighbor entry for the address passed via oldNode.
   221  	// This is needed to delete the entries which have been inserted at an earlier
   222  	// point in time through InsertMiscNeighbor.
   223  	DeleteMiscNeighbor(oldNode *nodeTypes.Node)
   224  }
   225  
   226  type NodeIDHandler interface {
   227  	// GetNodeIP returns the string node IP that was previously registered as the given node ID.
   228  	GetNodeIP(uint16) string
   229  
   230  	// GetNodeID gets the node ID for the given node IP. If none is found, exists is false.
   231  	GetNodeID(nodeIP net.IP) (nodeID uint16, exists bool)
   232  
   233  	// DumpNodeIDs returns all node IDs and their associated IP addresses.
   234  	DumpNodeIDs() []*models.NodeID
   235  
   236  	// RestoreNodeIDs restores node IDs and their associated IP addresses from the
   237  	// BPF map and into the node handler in-memory copy.
   238  	RestoreNodeIDs()
   239  }