github.com/fafucoder/cilium@v1.6.11/daemon/config.go (about)

     1  // Copyright 2016-2019 Authors of Cilium
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package main
    16  
    17  import (
    18  	"fmt"
    19  
    20  	"github.com/cilium/cilium/api/v1/models"
    21  	. "github.com/cilium/cilium/api/v1/server/restapi/daemon"
    22  	"github.com/cilium/cilium/pkg/api"
    23  	"github.com/cilium/cilium/pkg/k8s"
    24  	"github.com/cilium/cilium/pkg/logging/logfields"
    25  	"github.com/cilium/cilium/pkg/node"
    26  	"github.com/cilium/cilium/pkg/option"
    27  	"github.com/cilium/cilium/pkg/policy"
    28  	"github.com/go-openapi/runtime/middleware"
    29  )
    30  
    31  type patchConfig struct {
    32  	daemon *Daemon
    33  }
    34  
    35  func NewPatchConfigHandler(d *Daemon) PatchConfigHandler {
    36  	return &patchConfig{daemon: d}
    37  }
    38  
    39  func (h *patchConfig) Handle(params PatchConfigParams) middleware.Responder {
    40  	log.WithField(logfields.Params, logfields.Repr(params)).Debug("PATCH /config request")
    41  
    42  	d := h.daemon
    43  
    44  	cfgSpec := params.Configuration
    45  
    46  	om, err := option.Config.Opts.Library.ValidateConfigurationMap(cfgSpec.Options)
    47  	if err != nil {
    48  		msg := fmt.Errorf("Invalid configuration option %s", err)
    49  		return api.Error(PatchConfigBadRequestCode, msg)
    50  	}
    51  
    52  	// Serialize configuration updates to the daemon.
    53  	option.Config.ConfigPatchMutex.Lock()
    54  
    55  	// Track changes to daemon's configuration
    56  	var changes int
    57  
    58  	// Only update if value provided for PolicyEnforcement.
    59  	if enforcement := cfgSpec.PolicyEnforcement; enforcement != "" {
    60  		switch enforcement {
    61  		case option.NeverEnforce, option.DefaultEnforcement, option.AlwaysEnforce:
    62  			// Update policy enforcement configuration if needed.
    63  			oldEnforcementValue := policy.GetPolicyEnabled()
    64  
    65  			// If the policy enforcement configuration has indeed changed, we have
    66  			// to regenerate endpoints and update daemon's configuration.
    67  			if enforcement != oldEnforcementValue {
    68  				log.Debug("configuration request to change PolicyEnforcement for daemon")
    69  				changes++
    70  				policy.SetPolicyEnabled(enforcement)
    71  			}
    72  
    73  		default:
    74  			msg := fmt.Errorf("Invalid option for PolicyEnforcement %s", enforcement)
    75  			log.Warn(msg)
    76  			option.Config.ConfigPatchMutex.Unlock()
    77  			return api.Error(PatchConfigFailureCode, msg)
    78  		}
    79  		log.Debug("finished configuring PolicyEnforcement for daemon")
    80  	}
    81  
    82  	changes += option.Config.Opts.ApplyValidated(om, changedOption, d)
    83  
    84  	log.WithField("count", changes).Debug("Applied changes to daemon's configuration")
    85  	option.Config.ConfigPatchMutex.Unlock()
    86  
    87  	if changes > 0 {
    88  		// Only recompile if configuration has changed.
    89  		log.Debug("daemon configuration has changed; recompiling base programs")
    90  		if err := d.compileBase(); err != nil {
    91  			msg := fmt.Errorf("Unable to recompile base programs: %s", err)
    92  			return api.Error(PatchConfigFailureCode, msg)
    93  		}
    94  		d.TriggerPolicyUpdates(true, "agent configuration update")
    95  	}
    96  
    97  	return NewPatchConfigOK()
    98  }
    99  
   100  type getConfig struct {
   101  	daemon *Daemon
   102  }
   103  
   104  func NewGetConfigHandler(d *Daemon) GetConfigHandler {
   105  	return &getConfig{daemon: d}
   106  }
   107  
   108  func (h *getConfig) Handle(params GetConfigParams) middleware.Responder {
   109  	log.WithField(logfields.Params, logfields.Repr(params)).Debug("GET /config request")
   110  
   111  	d := h.daemon
   112  
   113  	spec := &models.DaemonConfigurationSpec{
   114  		Options:           *option.Config.Opts.GetMutableModel(),
   115  		PolicyEnforcement: policy.GetPolicyEnabled(),
   116  	}
   117  
   118  	status := &models.DaemonConfigurationStatus{
   119  		Addressing:       node.GetNodeAddressing(),
   120  		K8sConfiguration: k8s.GetKubeconfigPath(),
   121  		K8sEndpoint:      k8s.GetAPIServer(),
   122  		NodeMonitor:      d.monitorAgent.State(),
   123  		KvstoreConfiguration: &models.KVstoreConfiguration{
   124  			Type:    option.Config.KVStore,
   125  			Options: option.Config.KVStoreOpt,
   126  		},
   127  		Realized:     spec,
   128  		DeviceMTU:    int64(d.mtuConfig.GetDeviceMTU()),
   129  		RouteMTU:     int64(d.mtuConfig.GetRouteMTU()),
   130  		DatapathMode: models.DatapathMode(option.Config.DatapathMode),
   131  		IpvlanConfiguration: &models.IpvlanConfiguration{
   132  			MasterDeviceIndex: int64(option.Config.Ipvlan.MasterDeviceIndex),
   133  			OperationMode:     option.Config.Ipvlan.OperationMode,
   134  		},
   135  		IPAMMode:   option.Config.IPAM,
   136  		Masquerade: option.Config.Masquerade,
   137  	}
   138  
   139  	cfg := &models.DaemonConfiguration{
   140  		Spec:   spec,
   141  		Status: status,
   142  	}
   143  
   144  	return NewGetConfigOK().WithPayload(cfg)
   145  }