github.com/zhyoulun/cilium@v1.6.12/daemon/config.go (about) 1 // Copyright 2016-2019 Authors of Cilium 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package main 16 17 import ( 18 "fmt" 19 20 "github.com/cilium/cilium/api/v1/models" 21 . "github.com/cilium/cilium/api/v1/server/restapi/daemon" 22 "github.com/cilium/cilium/pkg/api" 23 "github.com/cilium/cilium/pkg/k8s" 24 "github.com/cilium/cilium/pkg/logging/logfields" 25 "github.com/cilium/cilium/pkg/node" 26 "github.com/cilium/cilium/pkg/option" 27 "github.com/cilium/cilium/pkg/policy" 28 "github.com/go-openapi/runtime/middleware" 29 ) 30 31 type patchConfig struct { 32 daemon *Daemon 33 } 34 35 func NewPatchConfigHandler(d *Daemon) PatchConfigHandler { 36 return &patchConfig{daemon: d} 37 } 38 39 func (h *patchConfig) Handle(params PatchConfigParams) middleware.Responder { 40 log.WithField(logfields.Params, logfields.Repr(params)).Debug("PATCH /config request") 41 42 d := h.daemon 43 44 cfgSpec := params.Configuration 45 46 om, err := option.Config.Opts.Library.ValidateConfigurationMap(cfgSpec.Options) 47 if err != nil { 48 msg := fmt.Errorf("Invalid configuration option %s", err) 49 return api.Error(PatchConfigBadRequestCode, msg) 50 } 51 52 // Serialize configuration updates to the daemon. 53 option.Config.ConfigPatchMutex.Lock() 54 55 // Track changes to daemon's configuration 56 var changes int 57 58 // Only update if value provided for PolicyEnforcement. 59 if enforcement := cfgSpec.PolicyEnforcement; enforcement != "" { 60 switch enforcement { 61 case option.NeverEnforce, option.DefaultEnforcement, option.AlwaysEnforce: 62 // Update policy enforcement configuration if needed. 63 oldEnforcementValue := policy.GetPolicyEnabled() 64 65 // If the policy enforcement configuration has indeed changed, we have 66 // to regenerate endpoints and update daemon's configuration. 67 if enforcement != oldEnforcementValue { 68 log.Debug("configuration request to change PolicyEnforcement for daemon") 69 changes++ 70 policy.SetPolicyEnabled(enforcement) 71 } 72 73 default: 74 msg := fmt.Errorf("Invalid option for PolicyEnforcement %s", enforcement) 75 log.Warn(msg) 76 option.Config.ConfigPatchMutex.Unlock() 77 return api.Error(PatchConfigFailureCode, msg) 78 } 79 log.Debug("finished configuring PolicyEnforcement for daemon") 80 } 81 82 changes += option.Config.Opts.ApplyValidated(om, changedOption, d) 83 84 log.WithField("count", changes).Debug("Applied changes to daemon's configuration") 85 option.Config.ConfigPatchMutex.Unlock() 86 87 if changes > 0 { 88 // Only recompile if configuration has changed. 89 log.Debug("daemon configuration has changed; recompiling base programs") 90 if err := d.compileBase(); err != nil { 91 msg := fmt.Errorf("Unable to recompile base programs: %s", err) 92 return api.Error(PatchConfigFailureCode, msg) 93 } 94 d.TriggerPolicyUpdates(true, "agent configuration update") 95 } 96 97 return NewPatchConfigOK() 98 } 99 100 type getConfig struct { 101 daemon *Daemon 102 } 103 104 func NewGetConfigHandler(d *Daemon) GetConfigHandler { 105 return &getConfig{daemon: d} 106 } 107 108 func (h *getConfig) Handle(params GetConfigParams) middleware.Responder { 109 log.WithField(logfields.Params, logfields.Repr(params)).Debug("GET /config request") 110 111 d := h.daemon 112 113 spec := &models.DaemonConfigurationSpec{ 114 Options: *option.Config.Opts.GetMutableModel(), 115 PolicyEnforcement: policy.GetPolicyEnabled(), 116 } 117 118 status := &models.DaemonConfigurationStatus{ 119 Addressing: node.GetNodeAddressing(), 120 K8sConfiguration: k8s.GetKubeconfigPath(), 121 K8sEndpoint: k8s.GetAPIServer(), 122 NodeMonitor: d.monitorAgent.State(), 123 KvstoreConfiguration: &models.KVstoreConfiguration{ 124 Type: option.Config.KVStore, 125 Options: option.Config.KVStoreOpt, 126 }, 127 Realized: spec, 128 DeviceMTU: int64(d.mtuConfig.GetDeviceMTU()), 129 RouteMTU: int64(d.mtuConfig.GetRouteMTU()), 130 DatapathMode: models.DatapathMode(option.Config.DatapathMode), 131 IpvlanConfiguration: &models.IpvlanConfiguration{ 132 MasterDeviceIndex: int64(option.Config.Ipvlan.MasterDeviceIndex), 133 OperationMode: option.Config.Ipvlan.OperationMode, 134 }, 135 IPAMMode: option.Config.IPAM, 136 Masquerade: option.Config.Masquerade, 137 } 138 139 cfg := &models.DaemonConfiguration{ 140 Spec: spec, 141 Status: status, 142 } 143 144 return NewGetConfigOK().WithPayload(cfg) 145 }