cni | host-local IP 地址管理插件

heidsoft

发布于 2022-04-18 19:26:58

1K0

发布于 2022-04-18 19:26:58

host-local IPAM allocates IPv4 and IPv6 addresses out of a specified address range. Optionally, it can include a DNS configuration from a resolv.conf file on the host.

主机本地 IPAM 分配指定地址范围之外的 IPv4 和 IPv6 地址。（可选）它可以包含主机上 resolv.conf 文件中的 DNS 配置。

specified

host-local IPAM plugin allocates ip addresses out of a set of address ranges. It stores the state locally on the host filesystem, therefore ensuring uniqueness of IP addresses on a single host.

host-local IPAM 插件从一组地址范围中分配 IP 地址。它将状态存储在主机本地文件系统上，从而确保单个主机上 IP 地址的唯一性。

The allocator can allocate multiple ranges, and supports sets of multiple (disjoint) subnets. The allocation strategy is loosely round-robin within each range set.

分配器可以分配多个范围，并支持多个（不相交）子网。分配策略在每个范围集中都是松散的循环。

配置：

{
  "ipam": {
    "type": "host-local",
    "ranges": [
      [
        {
          "subnet": "10.10.0.0/16",
          "rangeStart": "10.10.1.20",
          "rangeEnd": "10.10.3.50",
          "gateway": "10.10.0.254"
        },
        {
          "subnet": "172.16.5.0/24"
        }
      ],
      [
        {
          "subnet": "3ffe:ffff:0:01ff::/64",
          "rangeStart": "3ffe:ffff:0:01ff::0010",
          "rangeEnd": "3ffe:ffff:0:01ff::0020"
        }
      ]
    ],
    "routes": [
      { "dst": "0.0.0.0/0" },
      { "dst": "192.168.0.0/16", "gw": "10.10.5.1" },
      { "dst": "3ffe:ffff:0:01ff::1/64" }
    ],
    "dataDir": "/run/my-orchestrator/container-ipam-state"
  }
}

网络配置参数参考

type (string, required): “host-local”. 必须
routes (string, optional): list of routes to add to the container namespace. Each route is a dictionary with “dst” and optional “gw” fields. If “gw” is omitted, value of “gateway” will be used. 路由可选
resolvConf (string, optional): Path to a resolv.conf on the host to parse and return as the DNS configuration。dns解析配置，可选
dataDir (string, optional): Path to a directory to use for maintaining state, e.g. which IPs have been allocated to which containers。存储路径，可选
ranges, (array, required, nonempty) an array of arrays of range objects: 非空必须，数组
- subnet (string, required): CIDR block to allocate out of. 子网，必须
- rangeStart (string, optional): IP inside of “subnet” from which to start allocating addresses. Defaults to “.2” IP inside of the “subnet” block.
- rangeEnd (string, optional): IP inside of “subnet” with which to end allocating addresses. Defaults to “.254” IP inside of the “subnet” block for ipv4, “.255” for IPv6
- gateway (string, optional): IP inside of “subnet” to designate as the gateway. Defaults to “.1” IP inside of the “subnet” block.

func cmdAdd(args *skel.CmdArgs) error {
  ipamConf, confVersion, err := allocator.LoadIPAMConfig(args.StdinData, args.Args)
  if err != nil {
    return err
  }

  result := &current.Result{CNIVersion: current.ImplementedSpecVersion}

  if ipamConf.ResolvConf != "" {
    dns, err := parseResolvConf(ipamConf.ResolvConf)
    if err != nil {
      return err
    }
    result.DNS = *dns
  }

  store, err := disk.New(ipamConf.Name, ipamConf.DataDir)
  if err != nil {
    return err
  }
  defer store.Close()

  // Keep the allocators we used, so we can release all IPs if an error
  // occurs after we start allocating
  allocs := []*allocator.IPAllocator{}

  // Store all requested IPs in a map, so we can easily remove ones we use
  // and error if some remain
  requestedIPs := map[string]net.IP{} //net.IP cannot be a key

  for _, ip := range ipamConf.IPArgs {
    requestedIPs[ip.String()] = ip
  }

  for idx, rangeset := range ipamConf.Ranges {
    allocator := allocator.NewIPAllocator(&rangeset, store, idx)

    // Check to see if there are any custom IPs requested in this range.
    var requestedIP net.IP
    for k, ip := range requestedIPs {
      if rangeset.Contains(ip) {
        requestedIP = ip
        delete(requestedIPs, k)
        break
      }
    }

    ipConf, err := allocator.Get(args.ContainerID, args.IfName, requestedIP)
    if err != nil {
      // Deallocate all already allocated IPs
      for _, alloc := range allocs {
        _ = alloc.Release(args.ContainerID, args.IfName)
      }
      return fmt.Errorf("failed to allocate for range %d: %v", idx, err)
    }

    allocs = append(allocs, allocator)

    result.IPs = append(result.IPs, ipConf)
  }

  // If an IP was requested that wasn't fulfilled, fail
  if len(requestedIPs) != 0 {
    for _, alloc := range allocs {
      _ = alloc.Release(args.ContainerID, args.IfName)
    }
    errstr := "failed to allocate all requested IPs:"
    for _, ip := range requestedIPs {
      errstr = errstr + " " + ip.String()
    }
    return fmt.Errorf(errstr)
  }

  result.Routes = ipamConf.Routes

  return types.PrintResult(result, confVersion)
}

本文参与腾讯云自媒体分享计划，分享自微信公众号。

原始发表：2022-03-26，如有侵权请联系 cloudcommunity@tencent.com 删除

编程算法