bridget/bridget.sh

#!/bin/sh

CNI_CONFIG="${CNI_CONFIG:-/etc/cni/net.d/10-bridget.conf}"

usage() {
    cat <<EOF

  Available variables:
    - BRIDGE (example: cbr0)
    - VLAN (example: 100)
    - IFACE (example: eth0)
    - MTU (default: 1500)
    - CHECK_SLAVES (default: 1)
    - POD_NETWORK (default: 10.244.0.0/16)
    - DEBUG (default: 0)

Short workflow:

* If the bridge exists it will be used, otherwise it will be created

* If VLAN and IFACE are set, the following chain will be created:
    IFACE <-- VLAN <-- BRIDGE

* IP-address will be set automatically. This IP-address
  will be used as default gateway for containers
  to make kubernetes services work.

EOF
}

error() {
    >&2 echo -en "[$(date '+%Y-%m-%d %H:%M:%S')] ERROR:\t"
    >&2 echo "$1"
    >&2 usage
    exit 1
}

log() {
    echo -en "[$(date '+%Y-%m-%d %H:%M:%S')] INFO:\t"
    echo "$1"
}

debug() {
    if [ "${DEBUG:-0}" = 1 ]; then
        >&2 echo -en "[$(date '+%Y-%m-%d %H:%M:%S')] DEBUG:\t"
        >&2 echo "$1"
    fi
}

next_ip() {
    local IP_HEX=$(printf '%.2X%.2X%.2X%.2X\n' $(echo $1 | sed -e 's/\./ /g'))
    local NEXT_IP_HEX=$(printf %.8X $(echo $((0x$IP_HEX + 1))))
    local NEXT_IP=$(printf '%d.%d.%d.%d\n' $(echo $NEXT_IP_HEX | sed -r 's/(..)/0x\1 /g'))
    echo $NEXT_IP
}

prev_ip() {
    local IP_HEX=$(printf '%.2X%.2X%.2X%.2X\n' $(echo $1 | sed -e 's/\./ /g'))
    local PREV_IP_HEX=$(printf %.8X $(echo $((0x$IP_HEX - 1))))
    local PREV_IP=$(printf '%d.%d.%d.%d\n' $(echo $PREV_IP_HEX | sed -r 's/(..)/0x\1 /g'))
    echo $PREV_IP
}

getnodecidr() {
    CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
    TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
    NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
    curl -sS -m 5 --cacert $CA_CERT -H "Authorization: Bearer $TOKEN" "https://${KUBERNETES_PORT#*//}/api/v1/nodes/$1" | jq -r .spec.podCIDR
}

# ------------------------------------------------------------------------------------
# Configure bridge
# ------------------------------------------------------------------------------------

log "Starting bridge configuration"
[ -z "$BRIDGE" ] && error "BRIDGE variable is not defined"
[ -z "$NODE_NAME" ] && error "NODE_NAME variable is not defined"

# Check if bridge interface exist
if ! ip link show "$BRIDGE" 1>/dev/null 2>/dev/null; then

    log "Adding new bridge $BRIDGE"
    ip link add dev "$BRIDGE" type bridge
    export CHECK_SLAVES=1

else

    log "Bridge $BRIDGE already exist, use it"

fi

log "Setting bridge $BRIDGE up"
ip link set "$BRIDGE" up

# ------------------------------------------------------------------------------------
# Configure vlan
# ------------------------------------------------------------------------------------

if ([ ! -z "$VLAN" ] || [ ! -z "$IFACE" ]) && [ "${CHECK_SLAVES:-1}" = 1 ]; then

    log "Starting VLAN configuration"
    [ -z "$IFACE" ] && error "IFACE variable is not defined"

    if [ ! -z "$VLAN" ]; then
        # check if vlan interface exist
        if ip link show "$IFACE.$VLAN" 1>/dev/null 2>/dev/null; then
            log "VLAN interface $IFACE.$VLAN already exist"
        else
            log "Adding new VLAN interface $IFACE.$VLAN"
            ip link add link "$IFACE" name "$IFACE.$VLAN" mtu "${MTU}" type vlan id "$VLAN"
        fi
        log "Setting vlan $IFACE.$VLAN up"
        ip link set dev "$IFACE.$VLAN" up
    fi
fi

# ------------------------------------------------------------------------------------
# Configure slaves
# ------------------------------------------------------------------------------------

if ([ ! -z "$VLAN" ] || [ ! -z "$IFACE" ]) && [ "${CHECK_SLAVES:-1}" = 1 ]; then

    log "Starting configuring slave interfaces"

    if [ ! -z "$VLAN" ]; then
        SLAVEIF="$IFACE.$VLAN"
    else
        SLAVEIF="$IFACE"
    fi

    if ! ip link show "$SLAVEIF" 1>/dev/null 2>/dev/null; then
        error "$SLAVEIF does not exist"
    fi

    # check if slave interface contains right master
    MASTERIF="$(ip -o link show "$SLAVEIF" | grep -o -m1 'master [^ ]\+' | cut -d' ' -f2)"

    case "$MASTERIF" in
    "$BRIDGE") log "$SLAVEIF already member of $BRIDGE" ;;
    ""       ) log "Adding $SLAVEIF as member to $BRIDGE"
               ip link set "$SLAVEIF" master "$BRIDGE"  ;;
    *        ) error "interface $SLAVEIF have another master" ;;
    esac
fi

# ------------------------------------------------------------------------------------
# Retrive network parameters
# ------------------------------------------------------------------------------------

log "Starting retriving parameters"

POD_NETWORK="${POD_NETWORK:-10.244.0.0/16}"
NODE_NETWORK="$(getnodecidr "${NODE_NAME}")"
if [ -z "$NODE_NETWORK" ] || [ "$NODE_NETWORK" = "null" ]; then
    error "Failed to get node cidr"
fi

set -e

export "POD_$(ipcalc -b "$POD_NETWORK")"    # POD_BROADCAST
export "POD_$(ipcalc -p "$POD_NETWORK")"    # POD_PREFIX
export "POD_$(ipcalc -n "$POD_NETWORK")"    # POD_NETWORK
export "NODE_$(ipcalc -p "$NODE_NETWORK")"  # NODE_PREFIX
export "NODE_$(ipcalc -b "$NODE_NETWORK")"  # NODE_BROADCAST
export "NODE_$(ipcalc -n "$NODE_NETWORK")"  # NODE_NETWORK
export "NODE_IP=$(next_ip "$NODE_NETWORK")" # NODE_IP

set +e

debug "POD_BROADCAST=$POD_BROADCAST"
debug "POD_PREFIX=$POD_PREFIX"
debug "POD_NETWORK=$POD_NETWORK"
debug "NODE_PREFIX=$NODE_PREFIX"
debug "NODE_BROADCAST=$NODE_BROADCAST"
debug "NODE_NETWORK=$NODE_NETWORK"
debug "NODE_IP=$NODE_IP"

# ------------------------------------------------------------------------------------
# Configure IP-address
# ------------------------------------------------------------------------------------

log "Configuring $NODE_IP/$POD_PREFIX on $BRIDGE"
ip -o addr show "$BRIDGE" | grep -o 'inet [^ ]\+' | while read _ IP; do
    # Remove bridge addresses from the same subnet, don't touch other addresses
    if [ "$(ipcalc -b "$IP")" = "BROADCAST=${POD_BROADCAST}" ] && [ "$IP" != "$NODE_IP/$POD_PREFIX" ]; then
        ip addr del "$IP" dev "$BRIDGE"
    fi
done
ip addr change "$NODE_IP/$POD_PREFIX" dev "$BRIDGE"

# ------------------------------------------------------------------------------------
# Configure cni
# ------------------------------------------------------------------------------------

log "Starting generating CNI configuration"

set -e

GATEWAY="${NODE_IP}"
SUBNET="${POD_NETWORK}/${POD_PREFIX}"
FIRST_IP="$(next_ip "${NODE_IP}")"
LAST_IP="$(prev_ip "${NODE_BROADCAST}")"

set +e

debug "GATEWAY=$GATEWAY"
debug "SUBNET=$SUBNET"
debug "FIRST_IP=$FIRST_IP"
debug "LAST_IP=$LAST_IP"

log "Writing $CNI_CONFIG"

cat >$CNI_CONFIG <<EOT
{
        "name": "bridget",
        "cniVersion": "0.2.0",
        "type": "bridge",
        "bridge": "${BRIDGE}",
        "ipMasq": true,
        "mtu": ${MTU:-1500},
        "ipam": {
                "type": "host-local",
                "subnet": "${SUBNET}",
                "rangeStart": "${FIRST_IP}",
                "rangeEnd": "${LAST_IP}",
                "gateway": "${GATEWAY}",
                "routes": [
                        { "dst": "0.0.0.0/0" }
                ]
        }
}
EOT

# Display config
cat "$CNI_CONFIG"

# ------------------------------------------------------------------------------------
# Sleep gently
# ------------------------------------------------------------------------------------
exec tail -f /dev/null
add: start.sh 2017-12-20 18:56:40 +03:00			`#!/bin/sh`

upd: name and variables 2017-12-22 14:25:48 +03:00			`CNI_CONFIG="${CNI_CONFIG:-/etc/cni/net.d/10-bridget.conf}"`
fix: gateway 2017-12-21 14:34:10 +03:00
add: start.sh 2017-12-20 18:56:40 +03:00			`usage() {`
Some refactoring 2020-10-15 23:16:05 +03:00			`cat <<EOF`
add: start.sh 2017-12-20 18:56:40 +03:00
			`Available variables:`
fix: default values 2017-12-20 19:41:35 +03:00			`- BRIDGE (example: cbr0)`
add: start.sh 2017-12-20 18:56:40 +03:00			`- VLAN (example: 100)`
			`- IFACE (example: eth0)`
fix: default values 2017-12-20 19:41:35 +03:00			`- MTU (default: 1500)`
upd: CHECK_SLAVES enabled by default 2018-10-18 11:47:37 +03:00			`- CHECK_SLAVES (default: 1)`
upd: host-local 2017-12-21 03:45:27 +03:00			`- POD_NETWORK (default: 10.244.0.0/16)`
upd: CHECK_SLAVES enabled by default 2018-10-18 11:47:37 +03:00			`- DEBUG (default: 0)`
add: start.sh 2017-12-20 18:56:40 +03:00
			`Short workflow:`

Only replace matching bridge addresses This makes configurations without VLANs work 2020-10-15 18:00:48 +03:00			`* If the bridge exists it will be used, otherwise it will be created`
add: start.sh 2017-12-20 18:56:40 +03:00
Only replace matching bridge addresses This makes configurations without VLANs work 2020-10-15 18:00:48 +03:00			`* If VLAN and IFACE are set, the following chain will be created:`
add: start.sh 2017-12-20 18:56:40 +03:00			`IFACE <-- VLAN <-- BRIDGE`

Only replace matching bridge addresses This makes configurations without VLANs work 2020-10-15 18:00:48 +03:00			`* IP-address will be set automatically. This IP-address`
upd: use kubernetes native cidrs instead arp checks #1 2018-05-26 04:49:05 +03:00			`will be used as default gateway for containers`
Only replace matching bridge addresses This makes configurations without VLANs work 2020-10-15 18:00:48 +03:00			`to make kubernetes services work.`
add: start.sh 2017-12-20 18:56:40 +03:00
			`EOF`
			`}`

			`error() {`
upd: improve logging 2017-12-22 01:06:22 +03:00			`>&2 echo -en "[$(date '+%Y-%m-%d %H:%M:%S')] ERROR:\t"`
upd: improve logging 2017-12-22 00:56:24 +03:00			`>&2 echo "$1"`
add: start.sh 2017-12-20 18:56:40 +03:00			`>&2 usage`
			`exit 1`
			`}`

add: logging 2017-12-22 00:25:17 +03:00			`log() {`
upd: improve logging 2017-12-22 01:06:22 +03:00			`echo -en "[$(date '+%Y-%m-%d %H:%M:%S')] INFO:\t"`
upd: improve logging 2017-12-22 00:56:24 +03:00			`echo "$1"`
add: logging 2017-12-22 00:25:17 +03:00			`}`

			`debug() {`
upd: CHECK_SLAVES enabled by default 2018-10-18 11:47:37 +03:00			`if [ "${DEBUG:-0}" = 1 ]; then`
upd: more logs 2018-01-26 23:58:50 +03:00			`>&2 echo -en "[$(date '+%Y-%m-%d %H:%M:%S')] DEBUG:\t"`
			`>&2 echo "$1"`
upd: improve logging 2017-12-22 00:56:24 +03:00			`fi`
add: logging 2017-12-22 00:25:17 +03:00			`}`

upd: host-local 2017-12-21 03:45:27 +03:00			`next_ip() {`
Some refactoring 2020-10-15 23:16:05 +03:00			`local IP_HEX=$(printf '%.2X%.2X%.2X%.2X\n' $(echo $1 \| sed -e 's/\./ /g'))`
			`local NEXT_IP_HEX=$(printf %.8X $(echo $((0x$IP_HEX + 1))))`
			`local NEXT_IP=$(printf '%d.%d.%d.%d\n' $(echo $NEXT_IP_HEX \| sed -r 's/(..)/0x\1 /g'))`
upd: host-local 2017-12-21 03:45:27 +03:00			`echo $NEXT_IP`
			`}`

			`prev_ip() {`
Some refactoring 2020-10-15 23:16:05 +03:00			`local IP_HEX=$(printf '%.2X%.2X%.2X%.2X\n' $(echo $1 \| sed -e 's/\./ /g'))`
			`local PREV_IP_HEX=$(printf %.8X $(echo $((0x$IP_HEX - 1))))`
			`local PREV_IP=$(printf '%d.%d.%d.%d\n' $(echo $PREV_IP_HEX \| sed -r 's/(..)/0x\1 /g'))`
upd: host-local 2017-12-21 03:45:27 +03:00			`echo $PREV_IP`
			`}`

upd: use kubernetes native cidrs instead arp checks #1 2018-05-26 04:49:05 +03:00			`getnodecidr() {`
			`CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt`
			`TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)`
			`NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)`
upd: timeout for nodecidr check 2018-08-05 02:13:35 +03:00			`curl -sS -m 5 --cacert $CA_CERT -H "Authorization: Bearer $TOKEN" "https://${KUBERNETES_PORT#*//}/api/v1/nodes/$1" \| jq -r .spec.podCIDR`
upd: host-local 2017-12-21 03:45:27 +03:00			`}`

add: start.sh 2017-12-20 18:56:40 +03:00			`# ------------------------------------------------------------------------------------`
			`# Configure bridge`
			`# ------------------------------------------------------------------------------------`

add: logging 2017-12-22 00:25:17 +03:00			`log "Starting bridge configuration"`
add: start.sh 2017-12-20 18:56:40 +03:00			`[ -z "$BRIDGE" ] && error "BRIDGE variable is not defined"`
upd: use kubernetes native cidrs instead arp checks #1 2018-05-26 04:49:05 +03:00			`[ -z "$NODE_NAME" ] && error "NODE_NAME variable is not defined"`
add: start.sh 2017-12-20 18:56:40 +03:00
			`# Check if bridge interface exist`
Some refactoring 2020-10-15 23:16:05 +03:00			`if ! ip link show "$BRIDGE" 1>/dev/null 2>/dev/null; then`
add: logging 2017-12-22 00:25:17 +03:00
			`log "Adding new bridge $BRIDGE"`
add: start.sh 2017-12-20 18:56:40 +03:00			`ip link add dev "$BRIDGE" type bridge`
fix: CHECK_SLAVES 2017-12-22 14:38:09 +03:00			`export CHECK_SLAVES=1`
add: logging 2017-12-22 00:25:17 +03:00
			`else`

			`log "Bridge $BRIDGE already exist, use it"`

add: start.sh 2017-12-20 18:56:40 +03:00			`fi`

add: logging 2017-12-22 00:25:17 +03:00			`log "Setting bridge $BRIDGE up"`
add: start.sh 2017-12-20 18:56:40 +03:00			`ip link set "$BRIDGE" up`

			`# ------------------------------------------------------------------------------------`
			`# Configure vlan`
			`# ------------------------------------------------------------------------------------`
add: logging 2017-12-22 00:25:17 +03:00
upd: CHECK_SLAVES enabled by default 2018-10-18 11:47:37 +03:00			`if ([ ! -z "$VLAN" ] \|\| [ ! -z "$IFACE" ]) && [ "${CHECK_SLAVES:-1}" = 1 ]; then`
add: logging 2017-12-22 00:25:17 +03:00
			`log "Starting VLAN configuration"`
add: start.sh 2017-12-20 18:56:40 +03:00			`[ -z "$IFACE" ] && error "IFACE variable is not defined"`

upd: CONFIGURE_SLAVES 2017-12-22 04:34:52 +03:00			`if [ ! -z "$VLAN" ]; then`
			`# check if vlan interface exist`
Some refactoring 2020-10-15 23:16:05 +03:00			`if ip link show "$IFACE.$VLAN" 1>/dev/null 2>/dev/null; then`
upd: CONFIGURE_SLAVES 2017-12-22 04:34:52 +03:00			`log "VLAN interface $IFACE.$VLAN already exist"`
			`else`
			`log "Adding new VLAN interface $IFACE.$VLAN"`
upd: CHECK_SLAVES enabled by default 2018-10-18 11:47:37 +03:00			`ip link add link "$IFACE" name "$IFACE.$VLAN" mtu "${MTU}" type vlan id "$VLAN"`
upd: CONFIGURE_SLAVES 2017-12-22 04:34:52 +03:00			`fi`
			`log "Setting vlan $IFACE.$VLAN up"`
			`ip link set dev "$IFACE.$VLAN" up`
			`fi`
			`fi`
add: logging 2017-12-22 00:25:17 +03:00
upd: CONFIGURE_SLAVES 2017-12-22 04:34:52 +03:00			`# ------------------------------------------------------------------------------------`
			`# Configure slaves`
			`# ------------------------------------------------------------------------------------`
add: logging 2017-12-22 00:25:17 +03:00
upd: CHECK_SLAVES enabled by default 2018-10-18 11:47:37 +03:00			`if ([ ! -z "$VLAN" ] \|\| [ ! -z "$IFACE" ]) && [ "${CHECK_SLAVES:-1}" = 1 ]; then`
add: logging 2017-12-22 00:25:17 +03:00
upd: CONFIGURE_SLAVES 2017-12-22 04:34:52 +03:00			`log "Starting configuring slave interfaces"`
add: logging 2017-12-22 00:25:17 +03:00
upd: CONFIGURE_SLAVES 2017-12-22 04:34:52 +03:00			`if [ ! -z "$VLAN" ]; then`
			`SLAVEIF="$IFACE.$VLAN"`
fix: SLAVEIF check 2017-12-22 15:51:32 +03:00			`else`
upd: CONFIGURE_SLAVES 2017-12-22 04:34:52 +03:00			`SLAVEIF="$IFACE"`
add: start.sh 2017-12-20 18:56:40 +03:00			`fi`
add: logging 2017-12-22 00:25:17 +03:00
Some refactoring 2020-10-15 23:16:05 +03:00			`if ! ip link show "$SLAVEIF" 1>/dev/null 2>/dev/null; then`
fix: SLAVEIF check 2017-12-22 15:28:12 +03:00			`error "$SLAVEIF does not exist"`
			`fi`

upd: CONFIGURE_SLAVES 2017-12-22 04:34:52 +03:00			`# check if slave interface contains right master`
Some refactoring 2020-10-15 23:16:05 +03:00			`MASTERIF="$(ip -o link show "$SLAVEIF" \| grep -o -m1 'master [^ ]\+' \| cut -d' ' -f2)"`
upd: CONFIGURE_SLAVES 2017-12-22 04:34:52 +03:00
			`case "$MASTERIF" in`
Some refactoring 2020-10-15 23:16:05 +03:00			`"$BRIDGE") log "$SLAVEIF already member of $BRIDGE" ;;`
			`"" ) log "Adding $SLAVEIF as member to $BRIDGE"`
			`ip link set "$SLAVEIF" master "$BRIDGE" ;;`
			`* ) error "interface $SLAVEIF have another master" ;;`
upd: CONFIGURE_SLAVES 2017-12-22 04:34:52 +03:00			`esac`
add: start.sh 2017-12-20 18:56:40 +03:00			`fi`

upd: host-local 2017-12-21 03:45:27 +03:00			`# ------------------------------------------------------------------------------------`
			`# Retrive network parameters`
			`# ------------------------------------------------------------------------------------`

add: logging 2017-12-22 00:25:17 +03:00			`log "Starting retriving parameters"`

upd: host-local 2017-12-21 03:45:27 +03:00			`POD_NETWORK="${POD_NETWORK:-10.244.0.0/16}"`
upd: use kubernetes native cidrs instead arp checks #1 2018-05-26 04:49:05 +03:00			`NODE_NETWORK="$(getnodecidr "${NODE_NAME}")"`
upd: enhance getting node cidr check 2018-08-05 02:03:01 +03:00			`if [ -z "$NODE_NETWORK" ] \|\| [ "$NODE_NETWORK" = "null" ]; then`
Some refactoring 2020-10-15 23:16:05 +03:00			`error "Failed to get node cidr"`
upd: use kubernetes native cidrs instead arp checks #1 2018-05-26 04:49:05 +03:00			`fi`
add: logging 2017-12-22 00:25:17 +03:00
add: set -e sections 2017-12-22 00:43:49 +03:00			`set -e`

Some refactoring 2020-10-15 23:16:05 +03:00			`export "POD_$(ipcalc -b "$POD_NETWORK")" # POD_BROADCAST`
			`export "POD_$(ipcalc -p "$POD_NETWORK")" # POD_PREFIX`
			`export "POD_$(ipcalc -n "$POD_NETWORK")" # POD_NETWORK`
			`export "NODE_$(ipcalc -p "$NODE_NETWORK")" # NODE_PREFIX`
			`export "NODE_$(ipcalc -b "$NODE_NETWORK")" # NODE_BROADCAST`
			`export "NODE_$(ipcalc -n "$NODE_NETWORK")" # NODE_NETWORK`
upd: use kubernetes native cidrs instead arp checks #1 2018-05-26 04:49:05 +03:00			`export "NODE_IP=$(next_ip "$NODE_NETWORK")" # NODE_IP`
upd: host-local 2017-12-21 03:45:27 +03:00
add: set -e sections 2017-12-22 00:43:49 +03:00			`set +e`

Some refactoring 2020-10-15 23:16:05 +03:00			`debug "POD_BROADCAST=$POD_BROADCAST"`
add: logging 2017-12-22 00:25:17 +03:00			`debug "POD_PREFIX=$POD_PREFIX"`
			`debug "POD_NETWORK=$POD_NETWORK"`
upd: use kubernetes native cidrs instead arp checks #1 2018-05-26 04:49:05 +03:00			`debug "NODE_PREFIX=$NODE_PREFIX"`
			`debug "NODE_BROADCAST=$NODE_BROADCAST"`
			`debug "NODE_NETWORK=$NODE_NETWORK"`
			`debug "NODE_IP=$NODE_IP"`
upd: host-local 2017-12-21 03:45:27 +03:00
			`# ------------------------------------------------------------------------------------`
			`# Configure IP-address`
			`# ------------------------------------------------------------------------------------`

upd: use kubernetes native cidrs instead arp checks #1 2018-05-26 04:49:05 +03:00			`log "Configuring $NODE_IP/$POD_PREFIX on $BRIDGE"`
Only replace matching bridge addresses This makes configurations without VLANs work 2020-10-15 18:00:48 +03:00			`ip -o addr show "$BRIDGE" \| grep -o 'inet [^ ]\+' \| while read _ IP; do`
			`# Remove bridge addresses from the same subnet, don't touch other addresses`
fix IP address check 2020-10-16 10:51:11 +03:00			`if [ "$(ipcalc -b "$IP")" = "BROADCAST=${POD_BROADCAST}" ] && [ "$IP" != "$NODE_IP/$POD_PREFIX" ]; then`
Only replace matching bridge addresses This makes configurations without VLANs work 2020-10-15 18:00:48 +03:00			`ip addr del "$IP" dev "$BRIDGE"`
			`fi`
			`done`
upd: use kubernetes native cidrs instead arp checks #1 2018-05-26 04:49:05 +03:00			`ip addr change "$NODE_IP/$POD_PREFIX" dev "$BRIDGE"`
upd: host-local 2017-12-21 03:45:27 +03:00
add: start.sh 2017-12-20 18:56:40 +03:00			`# ------------------------------------------------------------------------------------`
			`# Configure cni`
			`# ------------------------------------------------------------------------------------`
upd: host-local 2017-12-21 03:45:27 +03:00
add: logging 2017-12-22 00:25:17 +03:00			`log "Starting generating CNI configuration"`

add: set -e sections 2017-12-22 00:43:49 +03:00			`set -e`

upd: use kubernetes native cidrs instead arp checks #1 2018-05-26 04:49:05 +03:00			`GATEWAY="${NODE_IP}"`
upd: host-local 2017-12-21 03:45:27 +03:00			`SUBNET="${POD_NETWORK}/${POD_PREFIX}"`
upd: use kubernetes native cidrs instead arp checks #1 2018-05-26 04:49:05 +03:00			`FIRST_IP="$(next_ip "${NODE_IP}")"`
			`LAST_IP="$(prev_ip "${NODE_BROADCAST}")"`
upd: host-local 2017-12-21 03:45:27 +03:00
add: set -e sections 2017-12-22 00:43:49 +03:00			`set +e`

add: logging 2017-12-22 00:25:17 +03:00			`debug "GATEWAY=$GATEWAY"`
			`debug "SUBNET=$SUBNET"`
			`debug "FIRST_IP=$FIRST_IP"`
			`debug "LAST_IP=$LAST_IP"`

			`log "Writing $CNI_CONFIG"`

Some refactoring 2020-10-15 23:16:05 +03:00			`cat >$CNI_CONFIG <<EOT`
add: start.sh 2017-12-20 18:56:40 +03:00			`{`
upd: name and variables 2017-12-22 14:25:48 +03:00			`"name": "bridget",`
add cniVersion fixes https://github.com/kubernetes/kubernetes/issues/83114 2019-09-25 22:09:04 +03:00			`"cniVersion": "0.2.0",`
add: start.sh 2017-12-20 18:56:40 +03:00			`"type": "bridge",`
			`"bridge": "${BRIDGE}",`
add: masquerade 2017-12-21 20:45:21 +03:00			`"ipMasq": true,`
fix: MTU and capabilities 2017-12-20 19:39:05 +03:00			`"mtu": ${MTU:-1500},`
add: start.sh 2017-12-20 18:56:40 +03:00			`"ipam": {`
upd: host-local 2017-12-21 03:45:27 +03:00			`"type": "host-local",`
			`"subnet": "${SUBNET}",`
			`"rangeStart": "${FIRST_IP}",`
			`"rangeEnd": "${LAST_IP}",`
fix: gateway 2017-12-21 14:34:10 +03:00			`"gateway": "${GATEWAY}",`
upd: host-local 2017-12-21 03:45:27 +03:00			`"routes": [`
			`{ "dst": "0.0.0.0/0" }`
			`]`
add: start.sh 2017-12-20 18:56:40 +03:00			`}`
			`}`
			`EOT`
upd: displaing config 2018-01-27 01:49:49 +03:00
			`# Display config`
			`cat "$CNI_CONFIG"`
add: start.sh 2017-12-20 18:56:40 +03:00
			`# ------------------------------------------------------------------------------------`
upd: some fixes 2017-12-21 15:26:07 +03:00			`# Sleep gently`
add: start.sh 2017-12-20 18:56:40 +03:00			`# ------------------------------------------------------------------------------------`
upd: more logs 2018-01-26 23:58:50 +03:00			`exec tail -f /dev/null`