From f1b5cdb21dc163325536607bde5251229218a1cf Mon Sep 17 00:00:00 2001 From: AlexandreBrg Date: Tue, 25 Apr 2023 16:59:47 +0200 Subject: [PATCH] chore(riklet): deprecate config ifnet and ifnet_ip parameters * Remove usage of ifnet parameter * Remove usage of ifnet_ip parameter * Mark fields as deprecated in the CLI Signed-off-by: AlexandreBrg --- riklet/src/cli/function_config.rs | 6 +----- riklet/src/cli/mod.rs | 14 +++++++++----- riklet/src/core.rs | 8 ++++++++ riklet/src/runtime/network/function_network.rs | 13 +------------ 4 files changed, 19 insertions(+), 22 deletions(-) diff --git a/riklet/src/cli/function_config.rs b/riklet/src/cli/function_config.rs index 52b9cc4a..a756bcfa 100644 --- a/riklet/src/cli/function_config.rs +++ b/riklet/src/cli/function_config.rs @@ -1,4 +1,4 @@ -use std::{net::Ipv4Addr, path::PathBuf}; +use std::path::PathBuf; use super::CliConfiguration; use clap::Parser; @@ -7,8 +7,6 @@ use clap::Parser; pub struct FnConfiguration { pub firecracker_location: PathBuf, pub kernel_location: PathBuf, - pub ifnet: String, - pub ifnet_ip: Ipv4Addr, } impl From for FnConfiguration { @@ -16,8 +14,6 @@ impl From for FnConfiguration { FnConfiguration { firecracker_location: cli.firecracker_path, kernel_location: cli.kernel_path, - ifnet: cli.ifnet, - ifnet_ip: cli.ifnet_ip, } } } diff --git a/riklet/src/cli/mod.rs b/riklet/src/cli/mod.rs index bfd501dd..1c6fe6ea 100644 --- a/riklet/src/cli/mod.rs +++ b/riklet/src/cli/mod.rs @@ -20,7 +20,7 @@ pub struct CliConfiguration { /// If set and there is a config file, values defined by the CLI will override values of the configuration file. #[arg(long)] pub override_config: bool, - /// Path to the firecarcker binary. + /// Path to a firecracker binary on your system #[arg( long, value_name = "FIRECRACKER_LOCATION", @@ -36,15 +36,19 @@ pub struct CliConfiguration { default_value = "vmlinux.bin" )] pub kernel_path: PathBuf, - /// Network interface connected to internet. + /// DEPRECATED: Network interface that is used to connect to internet + /// + /// It was previously used to configure iptables, it is not the case anymore #[arg(long, value_name = "IFNET", env = "IFNET", default_value = "eth0")] - pub ifnet: String, - /// IP of the network interface + pub ifnet: Option, + /// DEPRECATED: IP of the network interface + /// + /// It was previously used to configure iptables, it is not the case anymore. #[arg( long, value_name = "IFNET_IP", env = "IFNET_IP", value_parser = value_parser!(Ipv4Addr) )] - pub ifnet_ip: Ipv4Addr, + pub ifnet_ip: Option, } diff --git a/riklet/src/core.rs b/riklet/src/core.rs index fc781967..6c2911ce 100644 --- a/riklet/src/core.rs +++ b/riklet/src/core.rs @@ -50,6 +50,13 @@ pub struct Riklet { // Can be pod or function runtimes // The key is the instance id runtimes: HashMap>, + /// Holds the global network configuration which includes basic iptables + /// rules and chains used by all workloads + /// + /// WARN: Even though it is not read by the system and it raises a warning, + /// it is necessary to keep ownership of this field so that the [Drop] trait + /// is not called too early, but only when [Riklet] is dropped + network: GlobalRuntimeNetwork, } impl Riklet { @@ -207,6 +214,7 @@ impl Riklet { stream, runtimes: HashMap::>::new(), config, + network: global_runtime_network, }) } } diff --git a/riklet/src/runtime/network/function_network.rs b/riklet/src/runtime/network/function_network.rs index 4ea973a8..d49f8119 100644 --- a/riklet/src/runtime/network/function_network.rs +++ b/riklet/src/runtime/network/function_network.rs @@ -6,7 +6,6 @@ use tracing::debug; use crate::constants::DEFAULT_FIRECRACKER_NETWORK_MASK; use crate::net_utils::{self, get_iptables_riklet_chain}; use crate::{ - cli::function_config::FnConfiguration, iptables::{rule::Rule, Iptables, MutateIptables, Table}, structs::WorkloadDefinition, }; @@ -23,7 +22,6 @@ pub struct FunctionRuntimeNetwork { pub guest_ip: Ipv4Addr, /// Host tap interface IP pub host_ip: Ipv4Addr, - pub function_config: FnConfiguration, /// A mapping of exposed port to internal port pub port_mapping: Vec<(u16, u16)>, /// A unique name for the tap interface @@ -66,7 +64,6 @@ impl FunctionRuntimeNetwork { Ok(FunctionRuntimeNetwork { mask_long: mask_long.to_string(), host_ip, - function_config: FnConfiguration::load(), guest_ip, identifier: workload.instance_id.clone(), port_mapping: workload_definition.get_port_mapping(), @@ -169,13 +166,12 @@ impl RuntimeNetwork for FunctionRuntimeNetwork { #[cfg(test)] mod tests { - use std::{net::Ipv4Addr, path::PathBuf, process::Command}; + use std::{net::Ipv4Addr, process::Command}; use serial_test::serial; use tracing::trace; use crate::{ - cli::function_config::FnConfiguration, iptables::{rule::Rule, Iptables, MutateIptables, Table}, net_utils::get_iptables_riklet_chain, runtime::network::{GlobalRuntimeNetwork, RuntimeNetwork}, @@ -223,18 +219,11 @@ mod tests { tap_name: &str, port_mapping: &Vec<(u16, u16)>, ) -> FunctionRuntimeNetwork { - let fn_config = FnConfiguration { - ifnet: tap_name.to_string(), - ifnet_ip: Ipv4Addr::new(10, 0, 0, 1), - firecracker_location: PathBuf::new(), - kernel_location: PathBuf::new(), - }; FunctionRuntimeNetwork { identifier: "test".to_string(), mask_long: "255.255.255.200".to_string(), host_ip: Ipv4Addr::new(10, 0, 0, 2), guest_ip: Ipv4Addr::new(10, 0, 0, 1), - function_config: fn_config, port_mapping: port_mapping.clone(), tap: Some(tap_name.to_string()), iptables: Iptables::new(true).unwrap(),