2019-06-14 03:05:57 +00:00
|
|
|
package allocrunner
|
|
|
|
|
|
|
|
import (
|
2019-09-04 20:33:25 +00:00
|
|
|
"context"
|
2021-02-03 04:24:57 +00:00
|
|
|
"sync"
|
2019-09-04 20:33:25 +00:00
|
|
|
|
2019-06-14 03:05:57 +00:00
|
|
|
"github.com/hashicorp/nomad/nomad/structs"
|
|
|
|
"github.com/hashicorp/nomad/plugins/drivers"
|
|
|
|
)
|
|
|
|
|
|
|
|
// NetworkConfigurator sets up and tears down the interfaces, routes, firewall
|
|
|
|
// rules, etc for the configured networking mode of the allocation.
|
|
|
|
type NetworkConfigurator interface {
|
2020-10-12 17:43:04 +00:00
|
|
|
Setup(context.Context, *structs.Allocation, *drivers.NetworkIsolationSpec) (*structs.AllocNetworkStatus, error)
|
2019-09-04 20:33:25 +00:00
|
|
|
Teardown(context.Context, *structs.Allocation, *drivers.NetworkIsolationSpec) error
|
2019-06-14 03:05:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// hostNetworkConfigurator is a noop implementation of a NetworkConfigurator for
|
|
|
|
// when the alloc join's a client host's network namespace and thus does not
|
|
|
|
// require further configuration
|
|
|
|
type hostNetworkConfigurator struct{}
|
|
|
|
|
2020-10-12 17:43:04 +00:00
|
|
|
func (h *hostNetworkConfigurator) Setup(context.Context, *structs.Allocation, *drivers.NetworkIsolationSpec) (*structs.AllocNetworkStatus, error) {
|
|
|
|
return nil, nil
|
2019-06-14 03:05:57 +00:00
|
|
|
}
|
2019-09-04 20:33:25 +00:00
|
|
|
func (h *hostNetworkConfigurator) Teardown(context.Context, *structs.Allocation, *drivers.NetworkIsolationSpec) error {
|
2019-06-14 03:05:57 +00:00
|
|
|
return nil
|
|
|
|
}
|
2021-02-03 04:24:57 +00:00
|
|
|
|
|
|
|
// networkingGlobalMutex is used by a synchronizedNetworkConfigurator to serialize
|
|
|
|
// network operations done by the client to prevent race conditions when manipulating
|
|
|
|
// iptables rules
|
|
|
|
var networkingGlobalMutex sync.Mutex
|
|
|
|
|
|
|
|
// synchronizedNetworkConfigurator wraps a NetworkConfigurator to provide serialized access to network
|
|
|
|
// operations performed by the client
|
|
|
|
type synchronizedNetworkConfigurator struct {
|
|
|
|
nc NetworkConfigurator
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *synchronizedNetworkConfigurator) Setup(ctx context.Context, allocation *structs.Allocation, spec *drivers.NetworkIsolationSpec) (*structs.AllocNetworkStatus, error) {
|
|
|
|
networkingGlobalMutex.Lock()
|
|
|
|
defer networkingGlobalMutex.Unlock()
|
|
|
|
return s.nc.Setup(ctx, allocation, spec)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *synchronizedNetworkConfigurator) Teardown(ctx context.Context, allocation *structs.Allocation, spec *drivers.NetworkIsolationSpec) error {
|
|
|
|
networkingGlobalMutex.Lock()
|
|
|
|
defer networkingGlobalMutex.Unlock()
|
|
|
|
return s.nc.Teardown(ctx, allocation, spec)
|
|
|
|
}
|