github.com/elfadel/cilium@v1.6.12/pkg/datapath/linux/datapath.go (about) 1 // Copyright 2019 Authors of Cilium 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package linux 16 17 import ( 18 "github.com/cilium/cilium/pkg/datapath" 19 "github.com/cilium/cilium/pkg/endpoint/connector" 20 "github.com/cilium/cilium/pkg/logging/logfields" 21 ) 22 23 // DatapathConfiguration is the static configuration of the datapath. The 24 // configuration cannot change throughout the lifetime of a datapath object. 25 type DatapathConfiguration struct { 26 // HostDevice is the name of the device to be used to access the host. 27 HostDevice string 28 // EncryptInterface is the name of the device to be used for direct ruoting encryption 29 EncryptInterface string 30 } 31 32 type rulesManager interface { 33 InstallProxyRules(proxyPort uint16, ingress bool, name string) error 34 RemoveProxyRules(proxyPort uint16, ingress bool, name string) error 35 SupportsOriginalSourceAddr() bool 36 } 37 38 type linuxDatapath struct { 39 node datapath.NodeHandler 40 nodeAddressing datapath.NodeAddressing 41 config DatapathConfiguration 42 ruleManager rulesManager 43 } 44 45 // NewDatapath creates a new Linux datapath 46 func NewDatapath(config DatapathConfiguration, ruleManager rulesManager) datapath.Datapath { 47 dp := &linuxDatapath{ 48 nodeAddressing: NewNodeAddressing(), 49 config: config, 50 ruleManager: ruleManager, 51 } 52 53 dp.node = NewNodeHandler(config, dp.nodeAddressing) 54 55 if config.EncryptInterface != "" { 56 if err := connector.DisableRpFilter(config.EncryptInterface); err != nil { 57 log.WithField(logfields.Interface, config.EncryptInterface).Warn("Rpfilter could not be disabled, node to node encryption may fail") 58 } 59 } 60 61 return dp 62 } 63 64 // Node returns the handler for node events 65 func (l *linuxDatapath) Node() datapath.NodeHandler { 66 return l.node 67 } 68 69 // LocalNodeAddressing returns the node addressing implementation of the local 70 // node 71 func (l *linuxDatapath) LocalNodeAddressing() datapath.NodeAddressing { 72 return l.nodeAddressing 73 } 74 75 func (l *linuxDatapath) InstallProxyRules(proxyPort uint16, ingress bool, name string) error { 76 return l.ruleManager.InstallProxyRules(proxyPort, ingress, name) 77 } 78 79 func (l *linuxDatapath) RemoveProxyRules(proxyPort uint16, ingress bool, name string) error { 80 return l.ruleManager.RemoveProxyRules(proxyPort, ingress, name) 81 } 82 83 func (l *linuxDatapath) SupportsOriginalSourceAddr() bool { 84 return l.ruleManager.SupportsOriginalSourceAddr() 85 }