def cleanup_cni(self):
# We want to remove all CNI related configuration when k8s stops
# We will clean configuration done by kube-router now
# Below command will cleanup iptables rules and other ipvs bits changed by kube-router
cp = subprocess.Popen(['kube-router', '--cleanup-config'],
stdout=subprocess.DEVNULL,
stderr=subprocess.PIPE)
stderr = cp.communicate()[1]
if cp.returncode:
raise CallError(
f'Failed to cleanup kube-router configuration: {stderr.decode()}'
)
tables = netif.RoutingTable().routing_tables
for t_name in filter(lambda t: t in tables,
('kube-router', 'kube-router-dsr')):
table = tables[t_name]
table.flush_routes()
table.flush_rules()
interfaces = netif.list_interfaces()
for iface in map(
lambda n: interfaces[n],
filter(lambda n: n in interfaces,
('kube-bridge', 'kube-dummy-if'))):
self.middleware.call_sync('interface.unconfigure', iface, [], [])
def cleanup_cni(self):
# We want to remove all CNI related configuration when k8s stops
# We will clean configuration done by kube-router now
# Below command will cleanup iptables rules and other ipvs bits changed by kube-router
cp = subprocess.Popen(['kube-router', '--cleanup-config'],
stdout=subprocess.DEVNULL,
stderr=subprocess.PIPE)
stderr = cp.communicate()[1]
if cp.returncode:
# Let's log the error as to why kube-router was not able to clean up ipvs bits
# TODO: We should raise an exception but right now this is broken upstream and raising an exception
# here means we won't be cleaning/flushing the locally configured routes adding to the issue
self.logger.error(
'Failed to cleanup kube-router configuration: %r',
stderr.decode())
rule_table = netif.RuleTable()
if rule_table.rule_exists(KUBEROUTER_RULE_PRIORITY):
rule_table.delete_rule(KUBEROUTER_RULE_PRIORITY)
tables = netif.RoutingTable().routing_tables
for t_name in filter(lambda t: t in tables,
('kube-router', 'kube-router-dsr')):
table = tables[t_name]
table.flush_routes()
table.flush_rules()
interfaces = netif.list_interfaces()
for iface in map(
lambda n: interfaces[n],
filter(lambda n: n in interfaces,
('kube-bridge', 'kube-dummy-if'))):
self.middleware.call_sync('interface.unconfigure', iface, [], [])
def configure_nameservers(self, nameservers):
result = ''
if nameservers:
# means nameservers are configured explicitly so add them
for i in nameservers:
result += f'nameserver {i}\n'
else:
# means there aren't any nameservers configured so let's
# check to see if dhcp is running on any of the interfaces
# and if there are, then check dhclient leases file for
# nameservers that were handed to us via dhcp
interfaces = self.middleware.call_sync('datastore.query',
'network.interfaces')
if interfaces:
interfaces = [
i['int_interface'] for i in interfaces if i['int_dhcp']
]
else:
ignore = self.middleware.call_sync(
'interface.internal_interfaces')
ignore.extend(
self.middleware.call_sync('failover.internal_interfaces'))
ignore = tuple(ignore)
interfaces = list(
filter(lambda x: not x.startswith(ignore),
netif.list_interfaces().keys()))
dns_from_dhcp = set()
for iface in interfaces:
dhclient_running, dhclient_pid = self.middleware.call_sync(
'interface.dhclient_status', iface)
if dhclient_running:
leases = self.middleware.call_sync(
'interface.dhclient_leases', iface)
for dns_srvs in re.findall(
r'option domain-name-servers (.+)', leases or ''):
for dns in dns_srvs.split(';')[0].split(','):
dns_from_dhcp.add(f'nameserver {dns.strip()}\n')
for dns in dns_from_dhcp:
result += dns
return result
def setup_nic_attach(self):
nic_attach = self.data['attributes'].get('nic_attach')
interfaces = netif.list_interfaces()
if nic_attach and nic_attach not in interfaces:
raise CallError(f'{nic_attach} not found.')
else:
if not nic_attach:
try:
nic_attach = netif.RoutingTable().default_route_ipv4.interface
nic = netif.get_interface(nic_attach)
except Exception as e:
raise CallError(f'Unable to retrieve default interface: {e}')
else:
nic = netif.get_interface(nic_attach)
if netif.InterfaceFlags.UP not in nic.flags:
nic.up()
self.nic_attach = nic.name
def pre_start_vm_freebsd(self, *args, **kwargs):
self.setup_nic_attach()
interfaces = netif.list_interfaces()
bridge = None
if self.nic_attach.startswith('bridge'):
bridge = interfaces[self.nic_attach]
if not bridge:
for iface in filter(lambda v: v.startswith('bridge'), interfaces):
if self.nic_attach in interfaces[iface].members:
bridge = interfaces[iface]
break
else:
bridge = netif.get_interface(netif.create_interface('bridge'))
bridge.add_member(self.nic_attach)
self.bridge_created = True
if netif.InterfaceFlags.UP not in bridge.flags:
bridge.up()
self.bridge = bridge.name
def pre_start_vm_rollback_freebsd(self, *args, **kwargs):
if self.bridge_created and self.bridge in netif.list_interfaces():
netif.destroy_interface(self.bridge)
self.bridge = self.bridge_created = None
def is_available(self):
return self.identity() in netif.list_interfaces()
