diff --git a/cilium-health/launch/endpoint.go b/cilium-health/launch/endpoint.go index 650d74d093ff5..d6b738c4d4ea6 100644 --- a/cilium-health/launch/endpoint.go +++ b/cilium-health/launch/endpoint.go @@ -33,6 +33,7 @@ import ( healthDefaults "github.com/cilium/cilium/pkg/health/defaults" "github.com/cilium/cilium/pkg/health/probe" "github.com/cilium/cilium/pkg/identity/cache" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/cilium/cilium/pkg/labels" "github.com/cilium/cilium/pkg/launcher" "github.com/cilium/cilium/pkg/logging/logfields" @@ -343,7 +344,7 @@ func LaunchAsEndpoint(baseCtx context.Context, return nil, fmt.Errorf("Error while configuring routes: %s", err) } - if option.Config.IPAM == option.IPAMENI { + if option.Config.IPAM == ipamOption.IPAMENI { if err := routingConfig.Configure(healthIP, mtuConfig.GetDeviceMTU(), option.Config.Masquerade); err != nil { diff --git a/daemon/cmd/daemon.go b/daemon/cmd/daemon.go index ec7ae9530e928..155d691579bf2 100644 --- a/daemon/cmd/daemon.go +++ b/daemon/cmd/daemon.go @@ -47,6 +47,7 @@ import ( "github.com/cilium/cilium/pkg/identity/identitymanager" identitymodel "github.com/cilium/cilium/pkg/identity/model" "github.com/cilium/cilium/pkg/ipam" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/cilium/cilium/pkg/ipcache" "github.com/cilium/cilium/pkg/k8s" "github.com/cilium/cilium/pkg/k8s/watchers" @@ -411,7 +412,7 @@ func NewDaemon(ctx context.Context, dp datapath.Datapath) (*Daemon, *endpointRes log.WithError(err).Fatal("Unable to register CRDs") } - if option.Config.IPAM == option.IPAMOperator { + if option.Config.IPAM == ipamOption.IPAMOperator { // Create the CiliumNode custom resource. This call will block until // the custom resource has been created d.nodeDiscovery.UpdateCiliumNodeResource() @@ -491,7 +492,7 @@ func NewDaemon(ctx context.Context, dp datapath.Datapath) (*Daemon, *endpointRes // Trigger refresh and update custom resource in the apiserver with all restored endpoints. // Trigger after nodeDiscovery.StartDiscovery to avoid custom resource update conflict. - if option.Config.IPAM == option.IPAMCRD || option.Config.IPAM == option.IPAMENI || option.Config.IPAM == option.IPAMAzure { + if option.Config.IPAM == ipamOption.IPAMCRD || option.Config.IPAM == ipamOption.IPAMENI || option.Config.IPAM == ipamOption.IPAMAzure { if option.Config.EnableIPv6 { d.ipam.IPv6Allocator.RestoreFinished() } diff --git a/daemon/cmd/daemon_main.go b/daemon/cmd/daemon_main.go index 791c367a869b6..3f386dc8ea0dc 100644 --- a/daemon/cmd/daemon_main.go +++ b/daemon/cmd/daemon_main.go @@ -45,6 +45,7 @@ import ( "github.com/cilium/cilium/pkg/envoy" "github.com/cilium/cilium/pkg/flowdebug" "github.com/cilium/cilium/pkg/identity" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/cilium/cilium/pkg/ipmasq" "github.com/cilium/cilium/pkg/k8s" "github.com/cilium/cilium/pkg/k8s/watchers" @@ -401,7 +402,7 @@ func init() { flags.String(option.IdentityAllocationMode, option.IdentityAllocationModeKVstore, "Method to use for identity allocation") option.BindEnv(option.IdentityAllocationMode) - flags.String(option.IPAM, option.IPAMHostScopeLegacy, "Backend to use for IPAM") + flags.String(option.IPAM, ipamOption.IPAMHostScopeLegacy, "Backend to use for IPAM") option.BindEnv(option.IPAM) flags.Int(option.IPv4ClusterCIDRMaskSize, 8, "Mask size for the cluster wide CIDR") diff --git a/daemon/cmd/ipam.go b/daemon/cmd/ipam.go index 63d5852bb2cee..08c5764dff6a7 100644 --- a/daemon/cmd/ipam.go +++ b/daemon/cmd/ipam.go @@ -28,6 +28,7 @@ import ( linuxrouting "github.com/cilium/cilium/pkg/datapath/linux/routing" "github.com/cilium/cilium/pkg/defaults" "github.com/cilium/cilium/pkg/ipam" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/cilium/cilium/pkg/logging/logfields" "github.com/cilium/cilium/pkg/node" nodeTypes "github.com/cilium/cilium/pkg/node/types" @@ -225,7 +226,7 @@ func (d *Daemon) allocateHealthIPs() error { // In ENI mode, we require the gateway, CIDRs, and the ENI MAC addr // in order to set up rules and routes on the local node to direct // endpoint traffic out of the ENIs. - if option.Config.IPAM == option.IPAMENI { + if option.Config.IPAM == ipamOption.IPAMENI { if err := d.parseHealthEndpointInfo(result); err != nil { log.WithError(err).Warn("Unable to allocate health information for ENI") } diff --git a/operator/flags.go b/operator/flags.go index b0460eb239970..b2b5b29ce3725 100644 --- a/operator/flags.go +++ b/operator/flags.go @@ -21,6 +21,7 @@ import ( operatorMetrics "github.com/cilium/cilium/operator/metrics" operatorOption "github.com/cilium/cilium/operator/option" "github.com/cilium/cilium/pkg/defaults" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/cilium/cilium/pkg/option" "github.com/spf13/cobra" @@ -137,7 +138,7 @@ func init() { flags.Bool(operatorOption.EnableMetrics, false, "Enable Prometheus metrics") option.BindEnv(operatorOption.EnableMetrics) - flags.String(option.IPAM, option.IPAMHostScopeLegacy, "Backend to use for IPAM") + flags.String(option.IPAM, ipamOption.IPAMHostScopeLegacy, "Backend to use for IPAM") option.BindEnv(option.IPAM) flags.Duration(operatorOption.IdentityHeartbeatTimeout, 2*defaults.KVstoreLeaseTTL, "Timeout after which identity expires on lack of heartbeat") @@ -148,13 +149,13 @@ func init() { flags.String(operatorOption.IPAMOperatorV4CIDR, "", fmt.Sprintf("IPv4 CIDR Range for Pods in cluster. Requires '%s=%s' and '%s=%s'", - option.IPAM, option.IPAMOperator, + option.IPAM, ipamOption.IPAMOperator, option.EnableIPv4Name, "true")) option.BindEnv(operatorOption.IPAMOperatorV4CIDR) flags.Int(operatorOption.NodeCIDRMaskSizeIPv4, 24, fmt.Sprintf("Mask size for each IPv4 podCIDR per node. Requires '%s=%s' and '%s=%s'", - option.IPAM, option.IPAMOperator, + option.IPAM, ipamOption.IPAMOperator, option.EnableIPv4Name, "true")) option.BindEnv(operatorOption.NodeCIDRMaskSizeIPv4) @@ -163,13 +164,13 @@ func init() { flags.String(operatorOption.IPAMOperatorV6CIDR, "", fmt.Sprintf("IPv6 CIDR Range for Pods in cluster. Requires '%s=%s' and '%s=%s'", - option.IPAM, option.IPAMOperator, + option.IPAM, ipamOption.IPAMOperator, option.EnableIPv6Name, "true")) option.BindEnv(operatorOption.IPAMOperatorV6CIDR) flags.Int(operatorOption.NodeCIDRMaskSizeIPv6, 112, fmt.Sprintf("Mask size for each IPv6 podCIDR per node. Requires '%s=%s' and '%s=%s'", - option.IPAM, option.IPAMOperator, + option.IPAM, ipamOption.IPAMOperator, option.EnableIPv6Name, "true")) option.BindEnv(operatorOption.NodeCIDRMaskSizeIPv6) diff --git a/operator/k8s_node.go b/operator/k8s_node.go index da03d97c4996a..defc32707d490 100644 --- a/operator/k8s_node.go +++ b/operator/k8s_node.go @@ -24,6 +24,7 @@ import ( operatorOption "github.com/cilium/cilium/operator/option" "github.com/cilium/cilium/pkg/controller" "github.com/cilium/cilium/pkg/ipam/allocator" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/cilium/cilium/pkg/k8s" cilium_v2 "github.com/cilium/cilium/pkg/k8s/apis/cilium.io/v2" v2 "github.com/cilium/cilium/pkg/k8s/client/clientset/versioned/typed/cilium.io/v2" @@ -103,7 +104,7 @@ func runNodeWatcher(nodeManager *allocator.NodeEventHandler) error { // present in the k8sNodeStore. switch option.Config.IPAM { - case option.IPAMENI, option.IPAMAzure: + case ipamOption.IPAMENI, ipamOption.IPAMAzure: nodes, err := ciliumK8sClient.CiliumV2().CiliumNodes().List(context.TODO(), meta_v1.ListOptions{}) if err != nil { log.WithError(err).Warning("Unable to list CiliumNodes. Won't clean up stale CiliumNodes") diff --git a/operator/main.go b/operator/main.go index f20bc2061b572..2982393366f9d 100644 --- a/operator/main.go +++ b/operator/main.go @@ -25,6 +25,7 @@ import ( operatorOption "github.com/cilium/cilium/operator/option" "github.com/cilium/cilium/pkg/components" "github.com/cilium/cilium/pkg/ipam/allocator" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/cilium/cilium/pkg/k8s" clientset "github.com/cilium/cilium/pkg/k8s/client/clientset/versioned" k8sversion "github.com/cilium/cilium/pkg/k8s/version" @@ -164,7 +165,7 @@ func runOperator(cmd *cobra.Command) { err error ) switch ipamMode := option.Config.IPAM; ipamMode { - case option.IPAMAzure, option.IPAMENI, option.IPAMOperator: + case ipamOption.IPAMAzure, ipamOption.IPAMENI, ipamOption.IPAMOperator: alloc, providerBuiltin := allocatorProviders[ipamMode] if !providerBuiltin { log.Fatalf("%s allocator is not supported by this version of cilium-operator", ipamMode) @@ -183,7 +184,7 @@ func runOperator(cmd *cobra.Command) { nodeManager = &nm switch ipamMode { - case option.IPAMOperator: + case ipamOption.IPAMOperator: // We will use CiliumNodes as the source of truth for the podCIDRs. // Once the CiliumNodes are synchronized with the operator we will // be able to watch for K8s Node events which they will be used diff --git a/operator/provider_aws.go b/operator/provider_aws.go index 13481c8ea8f94..909d157fd3c95 100644 --- a/operator/provider_aws.go +++ b/operator/provider_aws.go @@ -19,10 +19,10 @@ package main import ( // These dependencies should be included only when this file is included in the build. allocatorAWS "github.com/cilium/cilium/pkg/ipam/allocator/aws" // AWS allocator. - "github.com/cilium/cilium/pkg/option" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" _ "github.com/cilium/cilium/pkg/policy/groups/aws" // Register AWS policy group provider. ) func init() { - allocatorProviders[option.IPAMENI] = &allocatorAWS.AllocatorAWS{} + allocatorProviders[ipamOption.IPAMENI] = &allocatorAWS.AllocatorAWS{} } diff --git a/operator/provider_azure.go b/operator/provider_azure.go index c76ad9c5985d2..40f920411743c 100644 --- a/operator/provider_azure.go +++ b/operator/provider_azure.go @@ -19,9 +19,9 @@ package main import ( // These dependencies should be included only when this file is included in the build. allocatorAzure "github.com/cilium/cilium/pkg/ipam/allocator/azure" // Azure allocator task. - "github.com/cilium/cilium/pkg/option" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" ) func init() { - allocatorProviders[option.IPAMAzure] = &allocatorAzure.AllocatorAzure{} + allocatorProviders[ipamOption.IPAMAzure] = &allocatorAzure.AllocatorAzure{} } diff --git a/operator/provider_operator.go b/operator/provider_operator.go index a9880254c7155..eac87812d404b 100644 --- a/operator/provider_operator.go +++ b/operator/provider_operator.go @@ -19,9 +19,9 @@ package main import ( // These dependencies should be included only when this file is included in the build. allocatorOperator "github.com/cilium/cilium/pkg/ipam/allocator/operator" // Operator allocator. - "github.com/cilium/cilium/pkg/option" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" ) func init() { - allocatorProviders[option.IPAMOperator] = &allocatorOperator.AllocatorOperator{} + allocatorProviders[ipamOption.IPAMOperator] = &allocatorOperator.AllocatorOperator{} } diff --git a/pkg/datapath/iptables/iptables.go b/pkg/datapath/iptables/iptables.go index 87a15ab074bf3..59767fba0db9a 100644 --- a/pkg/datapath/iptables/iptables.go +++ b/pkg/datapath/iptables/iptables.go @@ -25,6 +25,7 @@ import ( "github.com/cilium/cilium/pkg/command/exec" "github.com/cilium/cilium/pkg/datapath/linux/linux_defaults" "github.com/cilium/cilium/pkg/defaults" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/cilium/cilium/pkg/logging/logfields" "github.com/cilium/cilium/pkg/modules" "github.com/cilium/cilium/pkg/node" @@ -689,7 +690,7 @@ func (m *IptablesManager) remoteSnatDstAddrExclusion() string { func getDeliveryInterface(ifName string) string { deliveryInterface := ifName - if option.Config.IPAM == option.IPAMENI || option.Config.EnableEndpointRoutes { + if option.Config.IPAM == ipamOption.IPAMENI || option.Config.EnableEndpointRoutes { deliveryInterface = "lxc+" } return deliveryInterface diff --git a/pkg/endpoint/endpoint.go b/pkg/endpoint/endpoint.go index bb5df5f478906..04579502126cc 100644 --- a/pkg/endpoint/endpoint.go +++ b/pkg/endpoint/endpoint.go @@ -41,6 +41,7 @@ import ( "github.com/cilium/cilium/pkg/identity" "github.com/cilium/cilium/pkg/identity/cache" "github.com/cilium/cilium/pkg/identity/identitymanager" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" ciliumio "github.com/cilium/cilium/pkg/k8s/apis/cilium.io" slim_corev1 "github.com/cilium/cilium/pkg/k8s/slim/k8s/apis/core/v1" "github.com/cilium/cilium/pkg/labels" @@ -2172,7 +2173,7 @@ func (e *Endpoint) Delete(monitor monitorOwner, ipam ipReleaser, manager endpoin } } - if option.Config.IPAM == option.IPAMENI || option.Config.IPAM == option.IPAMAzure { + if option.Config.IPAM == ipamOption.IPAMENI || option.Config.IPAM == ipamOption.IPAMAzure { e.getLogger().WithFields(logrus.Fields{ "ep": e.GetID(), "ipAddr": e.GetIPv4Address(), diff --git a/pkg/ipam/crd.go b/pkg/ipam/crd.go index c705d0fa51667..0037d213b71fa 100644 --- a/pkg/ipam/crd.go +++ b/pkg/ipam/crd.go @@ -27,6 +27,7 @@ import ( eniTypes "github.com/cilium/cilium/pkg/aws/eni/types" "github.com/cilium/cilium/pkg/cidr" "github.com/cilium/cilium/pkg/ip" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" ipamTypes "github.com/cilium/cilium/pkg/ipam/types" "github.com/cilium/cilium/pkg/k8s" ciliumv2 "github.com/cilium/cilium/pkg/k8s/apis/cilium.io/v2" @@ -246,7 +247,7 @@ func (n *nodeStore) hasMinimumIPsInPool() (minimumReached bool, required, numAva minimumReached = true } - if n.conf.IPAMMode() == option.IPAMENI { + if n.conf.IPAMMode() == ipamOption.IPAMENI { if vpcCIDR := deriveVpcCIDR(n.ownNode); vpcCIDR != nil { if nativeCIDR := n.conf.IPv4NativeRoutingCIDR(); nativeCIDR != nil { logFields := logrus.Fields{ @@ -481,7 +482,7 @@ func (a *crdAllocator) buildAllocationResult(ip net.IP, ipInfo *ipamTypes.Alloca // In ENI mode, the Resource points to the ENI so we can derive the // master interface and all CIDRs of the VPC - case option.IPAMENI: + case ipamOption.IPAMENI: for _, eni := range a.store.ownNode.Status.ENI.ENIs { if eni.ID == ipInfo.Resource { result.Master = eni.MAC @@ -504,7 +505,7 @@ func (a *crdAllocator) buildAllocationResult(ip net.IP, ipInfo *ipamTypes.Alloca // In Azure mode, the Resource points to the azure interface so we can // derive the master interface - case option.IPAMAzure: + case ipamOption.IPAMAzure: for _, iface := range a.store.ownNode.Status.Azure.Interfaces { if iface.ID == ipInfo.Resource { result.Master = iface.MAC diff --git a/pkg/ipam/ipam.go b/pkg/ipam/ipam.go index b27be5ffb7a4a..c423e1fe7dde0 100644 --- a/pkg/ipam/ipam.go +++ b/pkg/ipam/ipam.go @@ -19,9 +19,9 @@ import ( "github.com/cilium/cilium/pkg/cidr" "github.com/cilium/cilium/pkg/datapath" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/cilium/cilium/pkg/logging" "github.com/cilium/cilium/pkg/logging/logfields" - "github.com/cilium/cilium/pkg/option" "github.com/sirupsen/logrus" ) @@ -108,7 +108,7 @@ func NewIPAM(nodeAddressing datapath.NodeAddressing, c Configuration, owner Owne } switch c.IPAMMode() { - case option.IPAMHostScopeLegacy, option.IPAMKubernetes, option.IPAMOperator: + case ipamOption.IPAMHostScopeLegacy, ipamOption.IPAMKubernetes, ipamOption.IPAMOperator: log.WithFields(logrus.Fields{ logfields.V4Prefix: nodeAddressing.IPv4().AllocationCIDR(), logfields.V6Prefix: nodeAddressing.IPv6().AllocationCIDR(), @@ -121,7 +121,7 @@ func NewIPAM(nodeAddressing datapath.NodeAddressing, c Configuration, owner Owne if c.IPv4Enabled() { ipam.IPv4Allocator = newHostScopeAllocator(nodeAddressing.IPv4().AllocationCIDR().IPNet) } - case option.IPAMCRD, option.IPAMENI, option.IPAMAzure: + case ipamOption.IPAMCRD, ipamOption.IPAMENI, ipamOption.IPAMAzure: log.Info("Initializing CRD-based IPAM") if c.IPv6Enabled() { ipam.IPv6Allocator = newCRDAllocator(IPv6, c, owner, k8sEventReg) diff --git a/pkg/ipam/ipam_test.go b/pkg/ipam/ipam_test.go index 529766fb8b919..c8e94b026b2a4 100644 --- a/pkg/ipam/ipam_test.go +++ b/pkg/ipam/ipam_test.go @@ -25,7 +25,7 @@ import ( "github.com/cilium/cilium/pkg/cidr" "github.com/cilium/cilium/pkg/datapath" "github.com/cilium/cilium/pkg/datapath/fake" - "github.com/cilium/cilium/pkg/option" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" . "gopkg.in/check.v1" ) @@ -53,7 +53,7 @@ type testConfiguration struct{} func (t *testConfiguration) IPv4Enabled() bool { return true } func (t *testConfiguration) IPv6Enabled() bool { return true } func (t *testConfiguration) HealthCheckingEnabled() bool { return true } -func (t *testConfiguration) IPAMMode() string { return option.IPAMHostScopeLegacy } +func (t *testConfiguration) IPAMMode() string { return ipamOption.IPAMHostScopeLegacy } func (t *testConfiguration) BlacklistConflictingRoutesEnabled() bool { return false } func (t *testConfiguration) SetIPv4NativeRoutingCIDR(cidr *cidr.CIDR) {} func (t *testConfiguration) IPv4NativeRoutingCIDR() *cidr.CIDR { return nil } diff --git a/pkg/ipam/option/option.go b/pkg/ipam/option/option.go new file mode 100644 index 0000000000000..bb0ad45e65548 --- /dev/null +++ b/pkg/ipam/option/option.go @@ -0,0 +1,40 @@ +// Copyright 2020 Authors of Cilium +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package option + +const ( + // IPAMHostScopeLegacy is the value to select the legacy hostscope IPAM mode + // This option will disappear in Cilium v1.9 + IPAMHostScopeLegacy = "hostscope-legacy" + + // IPAMKubernetes is the value to select the Kubernetes PodCIDR based + // hostscope IPAM mode + IPAMKubernetes = "kubernetes" + + // IPAMCRD is the value to select the CRD-backed IPAM plugin for + // option.IPAM + IPAMCRD = "crd" + + // IPAMENI is the value to select the AWS ENI IPAM plugin for option.IPAM + IPAMENI = "eni" + + // IPAMAzure is the value to select the Azure IPAM plugin for + // option.IPAM + IPAMAzure = "azure" + + // IPAMOperator is the value to select the Operator IPAM mode for + // option.IPAM + IPAMOperator = "cluster-pool" +) diff --git a/pkg/k8s/init.go b/pkg/k8s/init.go index b529cca033cf0..06056c453adda 100644 --- a/pkg/k8s/init.go +++ b/pkg/k8s/init.go @@ -22,6 +22,7 @@ import ( "github.com/cilium/cilium/pkg/backoff" "github.com/cilium/cilium/pkg/controller" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" cilium_v2_client "github.com/cilium/cilium/pkg/k8s/apis/cilium.io/v2/client" k8sconfig "github.com/cilium/cilium/pkg/k8s/config" slim_corev1 "github.com/cilium/cilium/pkg/k8s/slim/k8s/apis/core/v1" @@ -67,7 +68,7 @@ func retrieveNodeInformation(nodeName string) (*nodeTypes.Node, error) { requireIPv6CIDR := option.Config.K8sRequireIPv6PodCIDR var n *nodeTypes.Node - if option.Config.IPAM == option.IPAMOperator { + if option.Config.IPAM == ipamOption.IPAMOperator { ciliumNode, err := CiliumClient().CiliumV2().CiliumNodes().Get(context.TODO(), nodeName, v1.GetOptions{}) if err != nil { // If no CIDR is required, retrieving the node information is diff --git a/pkg/nodediscovery/nodediscovery.go b/pkg/nodediscovery/nodediscovery.go index 7ab43afb735bd..c5dfe19b95f61 100644 --- a/pkg/nodediscovery/nodediscovery.go +++ b/pkg/nodediscovery/nodediscovery.go @@ -26,6 +26,7 @@ import ( "github.com/cilium/cilium/pkg/controller" "github.com/cilium/cilium/pkg/datapath" "github.com/cilium/cilium/pkg/defaults" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/cilium/cilium/pkg/k8s" ciliumv2 "github.com/cilium/cilium/pkg/k8s/apis/cilium.io/v2" k8sTypes "github.com/cilium/cilium/pkg/k8s/slim/k8s/apis/core/v1" @@ -64,7 +65,7 @@ type NodeDiscovery struct { } func enableLocalNodeRoute() bool { - return option.Config.EnableLocalNodeRoute && !option.Config.IsFlannelMasterDeviceSet() && option.Config.IPAM != option.IPAMENI + return option.Config.EnableLocalNodeRoute && !option.Config.IsFlannelMasterDeviceSet() && option.Config.IPAM != ipamOption.IPAMENI } func getInt(i int) *int { @@ -282,7 +283,7 @@ func (n *NodeDiscovery) UpdateCiliumNodeResource() { } switch option.Config.IPAM { - case option.IPAMOperator: + case ipamOption.IPAMOperator: // We want to keep the podCIDRs untouched in this IPAM mode because // the operator will verify if it can assign such podCIDRs. // If the user was running in non-IPAM Operator mode and then switched @@ -315,7 +316,7 @@ func (n *NodeDiscovery) UpdateCiliumNodeResource() { } switch option.Config.IPAM { - case option.IPAMENI: + case ipamOption.IPAMENI: // set ENI field in the node only when the ENI ipam is specified nodeResource.Spec.ENI = eniTypes.ENISpec{} instanceID, instanceType, availabilityZone, vpcID, err := metadata.GetInstanceMetadata() @@ -362,7 +363,7 @@ func (n *NodeDiscovery) UpdateCiliumNodeResource() { nodeResource.Spec.ENI.InstanceType = instanceType nodeResource.Spec.ENI.AvailabilityZone = availabilityZone - case option.IPAMAzure: + case ipamOption.IPAMAzure: if providerID == "" { log.WithError(err).Fatal("Spec.ProviderID in k8s node resource must be set for Azure IPAM") } diff --git a/pkg/option/config.go b/pkg/option/config.go index 95ab9c0b5d6d2..4d02730c89dcd 100644 --- a/pkg/option/config.go +++ b/pkg/option/config.go @@ -34,6 +34,7 @@ import ( "github.com/cilium/cilium/pkg/common" "github.com/cilium/cilium/pkg/defaults" "github.com/cilium/cilium/pkg/ip" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/cilium/cilium/pkg/lock" "github.com/cilium/cilium/pkg/logging" "github.com/cilium/cilium/pkg/logging/logfields" @@ -636,29 +637,6 @@ const ( // IPAM is the IPAM method to use IPAM = "ipam" - // IPAMHostScopeLegacy is the value to select the legacy hostscope IPAM mode - // This option will disappear in Cilium v1.9 - IPAMHostScopeLegacy = "hostscope-legacy" - - // IPAMKubernetes is the value to select the Kubernetes PodCIDR based - // hostscope IPAM mode - IPAMKubernetes = "kubernetes" - - // IPAMCRD is the value to select the CRD-backed IPAM plugin for - // option.IPAM - IPAMCRD = "crd" - - // IPAMENI is the value to select the AWS ENI IPAM plugin for option.IPAM - IPAMENI = "eni" - - // IPAMAzure is the value to select the Azure IPAM plugin for - // option.IPAM - IPAMAzure = "azure" - - // IPAMOperator is the value to select the Operator IPAM mode for - // option.IPAM - IPAMOperator = "cluster-pool" - // XDPModeNative for loading progs with XDPModeLinkDriver XDPModeNative = "native" @@ -1996,7 +1974,7 @@ func (c *DaemonConfig) Validate() error { return fmt.Errorf("MTU '%d' cannot be negative", c.MTU) } - if c.IPAM == IPAMENI && c.EnableIPv6 { + if c.IPAM == ipamOption.IPAMENI && c.EnableIPv6 { return fmt.Errorf("IPv6 cannot be enabled in ENI IPAM mode") } @@ -2431,7 +2409,7 @@ func (c *DaemonConfig) Populate() { } switch c.IPAM { - case IPAMKubernetes: + case ipamOption.IPAMKubernetes: if c.EnableIPv4 { c.K8sRequireIPv4PodCIDR = true } @@ -2576,7 +2554,7 @@ func (c *DaemonConfig) checkMapSizeLimits() error { } func (c *DaemonConfig) checkIPv4NativeRoutingCIDR() error { - if c.IPv4NativeRoutingCIDR() == nil && c.Masquerade && c.Tunnel == TunnelDisabled && c.IPAMMode() != IPAMENI { + if c.IPv4NativeRoutingCIDR() == nil && c.Masquerade && c.Tunnel == TunnelDisabled && c.IPAMMode() != ipamOption.IPAMENI { return fmt.Errorf("native routing cidr must be configured with option --%s in combination with --%s --%s=%s --%s=%s", IPv4NativeRoutingCIDR, Masquerade, TunnelName, c.Tunnel, IPAM, c.IPAMMode()) } diff --git a/pkg/option/config_test.go b/pkg/option/config_test.go index b0390bb66f93f..1b8b375dd6a86 100644 --- a/pkg/option/config_test.go +++ b/pkg/option/config_test.go @@ -27,6 +27,7 @@ import ( "github.com/cilium/cilium/pkg/cidr" "github.com/cilium/cilium/pkg/defaults" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/google/go-cmp/cmp" flag "github.com/spf13/pflag" "github.com/spf13/viper" @@ -236,8 +237,8 @@ func (s *OptionSuite) TestEnabledFunctions(c *C) { c.Assert(d.BlacklistConflictingRoutesEnabled(), Equals, true) d = &DaemonConfig{} c.Assert(d.IPAMMode(), Equals, "") - d = &DaemonConfig{IPAM: IPAMENI} - c.Assert(d.IPAMMode(), Equals, IPAMENI) + d = &DaemonConfig{IPAM: ipamOption.IPAMENI} + c.Assert(d.IPAMMode(), Equals, ipamOption.IPAMENI) } func (s *OptionSuite) TestLocalAddressExclusion(c *C) { @@ -479,7 +480,7 @@ func TestCheckIPv4NativeRoutingCIDR(t *testing.T) { d: &DaemonConfig{ Masquerade: true, Tunnel: TunnelDisabled, - IPAM: IPAMAzure, + IPAM: ipamOption.IPAMAzure, ipv4NativeRoutingCIDR: cidr.MustParseCIDR("10.127.64.0/18"), }, wantErr: false, @@ -489,7 +490,7 @@ func TestCheckIPv4NativeRoutingCIDR(t *testing.T) { d: &DaemonConfig{ Masquerade: false, Tunnel: TunnelDisabled, - IPAM: IPAMAzure, + IPAM: ipamOption.IPAMAzure, }, wantErr: false, }, @@ -498,7 +499,7 @@ func TestCheckIPv4NativeRoutingCIDR(t *testing.T) { d: &DaemonConfig{ Masquerade: true, Tunnel: TunnelVXLAN, - IPAM: IPAMAzure, + IPAM: ipamOption.IPAMAzure, }, wantErr: false, }, @@ -507,7 +508,7 @@ func TestCheckIPv4NativeRoutingCIDR(t *testing.T) { d: &DaemonConfig{ Masquerade: true, Tunnel: TunnelDisabled, - IPAM: IPAMENI, + IPAM: ipamOption.IPAMENI, }, wantErr: false, }, @@ -516,7 +517,7 @@ func TestCheckIPv4NativeRoutingCIDR(t *testing.T) { d: &DaemonConfig{ Masquerade: true, Tunnel: TunnelDisabled, - IPAM: IPAMAzure, + IPAM: ipamOption.IPAMAzure, }, wantErr: true, }, diff --git a/plugins/cilium-cni/cilium-cni.go b/plugins/cilium-cni/cilium-cni.go index a106342ecb30f..4749f45d0f6dc 100644 --- a/plugins/cilium-cni/cilium-cni.go +++ b/plugins/cilium-cni/cilium-cni.go @@ -29,6 +29,7 @@ import ( "github.com/cilium/cilium/pkg/datapath/linux/route" "github.com/cilium/cilium/pkg/defaults" endpointid "github.com/cilium/cilium/pkg/endpoint/id" + ipamOption "github.com/cilium/cilium/pkg/ipam/option" "github.com/cilium/cilium/pkg/labels" "github.com/cilium/cilium/pkg/logging" "github.com/cilium/cilium/pkg/logging/logfields" @@ -485,7 +486,8 @@ func cmdAdd(args *skel.CmdArgs) (err error) { res.Routes = append(res.Routes, routes...) } - if conf.IpamMode == option.IPAMENI || conf.IpamMode == option.IPAMAzure { + switch conf.IpamMode { + case ipamOption.IPAMENI, ipamOption.IPAMAzure: err = interfaceAdd(ipConfig, ipam.IPV4, conf) if err != nil { err = fmt.Errorf("unable to setup interface datapath: %s", err)