From 286af89f65fa18df62a2fc0d701abf8f17d9c88e Mon Sep 17 00:00:00 2001 From: Dan Winship Date: Tue, 24 Oct 2017 12:27:04 -0400 Subject: [PATCH] Fix up destination MAC of auto-egress-ip packets Also, one final OVS flow fix for egress IPs --- pkg/network/node/ovscontroller.go | 13 ++++++++++++- pkg/network/node/ovscontroller_test.go | 1 + 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/pkg/network/node/ovscontroller.go b/pkg/network/node/ovscontroller.go index ec72dc8d90f0..cacd7c80988c 100644 --- a/pkg/network/node/ovscontroller.go +++ b/pkg/network/node/ovscontroller.go @@ -18,6 +18,8 @@ import ( "k8s.io/apimachinery/pkg/util/sets" kapi "k8s.io/kubernetes/pkg/api" + + "github.com/vishvananda/netlink" ) type ovsController struct { @@ -25,6 +27,7 @@ type ovsController struct { pluginId int useConnTrack bool localIP string + tunMAC string } const ( @@ -83,6 +86,13 @@ func (oc *ovsController) SetupOVS(clusterNetworkCIDR []string, serviceNetworkCID if err != nil { return err } + if oc.tunMAC == "" { + link, err := netlink.LinkByName(Tun0) + if err != nil { + return err + } + oc.tunMAC = link.Attrs().HardwareAddr.String() + } otx := oc.ovs.NewTransaction() @@ -94,6 +104,7 @@ func (oc *ovsController) SetupOVS(clusterNetworkCIDR []string, serviceNetworkCID for _, clusterCIDR := range clusterNetworkCIDR { otx.AddFlow("table=0, priority=200, in_port=1, arp, nw_src=%s, nw_dst=%s, actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_REG0[],goto_table:10", clusterCIDR, localSubnetCIDR) otx.AddFlow("table=0, priority=200, in_port=1, ip, nw_src=%s, actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_REG0[],goto_table:10", clusterCIDR) + otx.AddFlow("table=0, priority=200, in_port=1, ip, nw_dst=%s, actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_REG0[],goto_table:10", clusterCIDR) } otx.AddFlow("table=0, priority=150, in_port=1, actions=drop") // tun0 @@ -693,7 +704,7 @@ func (oc *ovsController) UpdateNamespaceEgressRules(vnid uint32, nodeIP, egressH otx.AddFlow("table=100, priority=100, reg0=%d, actions=drop", vnid) } else if nodeIP == oc.localIP { // Local Egress IP - otx.AddFlow("table=100, priority=100, reg0=%d, ip, actions=set_field:%s->pkt_mark,output:2", vnid, egressHex) + otx.AddFlow("table=100, priority=100, reg0=%d, ip, actions=set_field:%s->eth_dst,set_field:%s->pkt_mark,output:2", vnid, oc.tunMAC, egressHex) } else { // Remote Egress IP; send via VXLAN otx.AddFlow("table=100, priority=100, reg0=%d, ip, actions=move:NXM_NX_REG0[]->NXM_NX_TUN_ID[0..31],set_field:%s->tun_dst,output:1", vnid, nodeIP) diff --git a/pkg/network/node/ovscontroller_test.go b/pkg/network/node/ovscontroller_test.go index ee2ae4625cf9..cb9b10b31fd0 100644 --- a/pkg/network/node/ovscontroller_test.go +++ b/pkg/network/node/ovscontroller_test.go @@ -19,6 +19,7 @@ import ( func setupOVSController(t *testing.T) (ovs.Interface, *ovsController, []string) { ovsif := ovs.NewFake(Br0) oc := NewOVSController(ovsif, 0, true, "172.17.0.4") + oc.tunMAC = "c6:ac:2c:13:48:4b" err := oc.SetupOVS([]string{"10.128.0.0/14"}, "172.30.0.0/16", "10.128.0.0/23", "10.128.0.1") if err != nil { t.Fatalf("Unexpected error setting up OVS: %v", err)