summary |
shortlog | log |
commit |
commitdiff |
review |
tree
first ⋅ prev ⋅ next
chengli3 [Thu, 14 May 2020 03:18:36 +0000 (03:18 +0000)]
Extract common functions and implement mwan3rule
As we will have several crd/controllers, they have almost the same
reconcile logic. So we extract the common logic and make them as
functions. Controllers call these functions instead of code duplication.
This patch extracts common functions and implements the mwan3rule
crd/controller.
Signed-off-by: chengli3 <cheng1.li@intel.com>
Change-Id: Ie9fe7ddcac6700605dbcb48ed9d88f96981b898a
chengli3 [Wed, 22 Apr 2020 02:50:41 +0000 (02:50 +0000)]
Runable framework with Mwan3Policy implemented
We are going to implement many rule CRDs/controllers. They are
mwan3policy, mwan3rule, firewallzone, firewallrule, etc.
This patch is the first one which constructs the sdewan controller
framework with Mwan3Policy implemented.
The design is located on the wiki page[1]. The develop framework is
described in the README.md under platform/crd-ctrlr.
[1] https://wiki.akraino.org/display/AK/Sdewan+config+Agent
Signed-off-by: chengli3 <cheng1.li@intel.com>
Change-Id: I7cf3b34ece8756c80969c99d9ab8c7383c43ea53
chengli3 [Wed, 22 Apr 2020 02:37:53 +0000 (02:37 +0000)]
Remove old sdewan controller code
As we re-design/re-implemente the sdewan controller, new controller code
will be checkedin soon. I would like to remove the old controller code,
so that the reviewers can focus on the new implementation regardless of
the old version.
Signed-off-by: chengli3 <cheng1.li@intel.com>
Change-Id: If4915a57e568d6dd9c5fcf4b82a7c9867ae9c32e
Huifeng Le [Tue, 21 Apr 2020 02:26:08 +0000 (10:26 +0800)]
SDEWAN folder restructure
Restructure sdewan solution folders.
Signed-off-by: Huifeng Le <huifeng.le@intel.com>
Change-Id: I6ac8e1bfc8e92e1bdd36d523ffd048c6c77d4e89
Huifeng Le [Tue, 17 Mar 2020 06:21:46 +0000 (14:21 +0800)]
SDEWAN API update
update SDEWAN Rest API with plural format
Signed-off-by: Huifeng Le <huifeng.le@intel.com>
Change-Id: I83eb6ff24e4bb571162eb0a42df798da01ced7da
Huifeng Le [Tue, 10 Mar 2020 03:34:36 +0000 (03:34 +0000)]
Merge "SDEWAN CNF Rest API support"
Cheng Li [Fri, 6 Mar 2020 08:47:45 +0000 (08:47 +0000)]
Merge "Fix sdewan reconcile trigger"
chengli3 [Fri, 6 Mar 2020 08:38:06 +0000 (08:38 +0000)]
Fix sdewan reconcile trigger
When mwan3Conf changes, the mwan3Conf controller update the sdewan
instance status to trigger the sdewan reconcile. Before this patch, we
update only the status field `IsApplied=false`. It could happen that the
field `IsApplied` was already false, if this is the case sdewan
reconcile will not be triggered. Because the sdewan CR is not changed.
This patch is to add another field in sdewan status, to make sure sdewan
reconcile is triggered once the mwan3Conf changes.
Signed-off-by: chengli3 <cheng1.li@intel.com>
Change-Id: I8f01733c373326b9167342118fd166834a7a8c45
chengli3 [Fri, 6 Mar 2020 03:38:09 +0000 (11:38 +0800)]
Visit openwrt api with namespace suffix
openwrt api requests are sent from the sdewan controller pod. As
the controller namespace may be different with the openwrt pod.
We add the namespace suffix so that the controller can always resolv
the openwrt svc.
Signed-off-by: chengli3 <cheng1.li@intel.com>
Change-Id: I49c62ecda5d2a22e1feaaf717cfa411d4ba01b05
chengli3 [Tue, 3 Mar 2020 07:18:46 +0000 (15:18 +0800)]
Remove deploy directory
Deploy directory was added by mistake. This patch is to delete the
deploy directory.
Signed-off-by: chengli3 <cheng1.li@intel.com>
Change-Id: I1e5fddde37821eadb43f46f325a79346a5c11cd9
Huifeng Le [Thu, 27 Feb 2020 13:44:44 +0000 (21:44 +0800)]
SDEWAN CNF Rest API support
Add SDEWAN Rest API implementation for Service, Mwan3, Firewall and IPSec,
API design can be found at:
IPSec: https://wiki.akraino.org/display/AK/IPSec+Design#IPSecDesign
Service/Mwan3/Firewall: https://wiki.akraino.org/display/AK/SDEWAN+CNF
Signed-off-by: Huifeng Le <huifeng.le@intel.com>
Change-Id: I649305d27ab6f0de9f57ff4411a9f4b1267cf504
chengli3 [Wed, 19 Feb 2020 14:30:06 +0000 (22:30 +0800)]
Add Sdewan Mwan3Conf CRD and controller
The sdewan operator is developed under kubebuilder framework
We define two CRDs in this patch: Sdewan and Mwan3Conf
Sdewan defines the CNF base info, which node we should deploy the CNF
on, which network should the CNF use with multus CNI, etc.
The Mwan3Conf defines the mwan3 rules. In the next step, we are going to
develop the firewall and the ipsec functions. Mwan3Conf is validated by
k8s api admission webhook.
For each created Sdewan instance, the controller creates a pod, a
configmap and a service for the instance. The pod runs openswrt which
provides network services, i.e. sdwan, firewall, ipsec etc.
The configmap stores the network interface information and the
entrypoint.sh.
The network interface information has the following format:
```
[
{
"name": "ovn-priv-net",
"isProvider": false,
"interface": "net0",
"defaultGateway": false
}
]
```
The service created by the controller is used for openwrt api access.
We call this svc to apply rules, get openwrt info, restart openwrt
service.
After the openwrt pod ready, the Sdewan controller apply the configured
mwan3 rules.
mwan3 rule details are configured in Mwan3Conf CR, which is referenced
by Sdewan.Spec.Mwan3Conf
Every time the Mwan3Conf instance changes, the controller re-apply the
new rules by calling opwnrt
api. We can also change the rule refernce at the runtime.
Signed-off-by: chengli3 <cheng1.li@intel.com>
Change-Id: Ic6fa4e8c61da5a560d69f749cd40d8f3b9320e81
chengli3 [Tue, 11 Feb 2020 11:13:01 +0000 (19:13 +0800)]
Add .gitreview
Add .gitreview so that the developers can setup with `git review -s`
Change-Id: I9a9e44faecf5190518c5796b8b96e27c31ad6aa5
Code Review / icn / sdwan.git / log