Merge pull request #270 from l1b0k/main

bump felix to 3.20 support networkpolicy in ipv6 dual stack

Dockerfile

@@ -22,20 +22,19 @@ RUN cd cmd/terway && CGO_ENABLED=0 GOOS=linux go build \
 RUN cd plugin/terway && CGO_ENABLED=0 GOOS=linux go build -o terway .
 RUN cd cmd/terway-cli && CGO_ENABLED=0 GOOS=linux go build -o terway-cli .
 
-FROM calico/go-build:v0.20 as felix-builder
+FROM calico/go-build:v0.57 as felix-builder
 ARG GOPROXY
 ENV GOPROXY $GOPROXY
-RUN apk --no-cache add ip6tables tini ipset iputils iproute2 conntrack-tools file git
-ENV GIT_BRANCH=v3.5.8
-ENV GIT_COMMIT=7e12e362499ed281e5f5ca2747a0ba4e76e896b6
+ENV GIT_BRANCH=v3.20.2
+ENV GIT_COMMIT=ab06c3940caa8ac201f85c1313b2d72d724409d2
 
 RUN mkdir -p /go/src/github.com/projectcalico/ && cd /go/src/github.com/projectcalico/ && \
     git clone -b ${GIT_BRANCH} --depth 1 https://github.com/projectcalico/felix.git && \
     cd felix && [ "`git rev-parse HEAD`" = "${GIT_COMMIT}" ]
 COPY policy/felix /terway_patch
-RUN cd /go/src/github.com/projectcalico/felix && git apply /terway_patch/*.patch && glide up --strip-vendor || glide install --strip-vendor
+RUN cd /go/src/github.com/projectcalico/felix && git apply /terway_patch/*.patch
 RUN cd /go/src/github.com/projectcalico/felix && \
-    go build -v -i -o bin/calico-felix -v -ldflags \
+    go build -v -o bin/calico-felix -v -ldflags \
     "-X github.com/projectcalico/felix/buildinfo.GitVersion=${GIT_BRANCH} \
     -X github.com/projectcalico/felix/buildinfo.BuildDate=$(date -u +'%FT%T%z') \
     -X github.com/projectcalico/felix/buildinfo.GitRevision=${GIT_COMMIT} \

Dockerfile.controlplane

@@ -1,7 +1,6 @@
 FROM golang:1.17.0 as builder
 ARG GOPROXY
 ENV GOPROXY $GOPROXY
-ENV GOPROXY https://goproxy.io,direct
 WORKDIR /go/src/github.com/AliyunContainerService/terway/
 COPY go.sum go.sum
 COPY go.mod go.mod

init.sh

@@ -20,50 +20,6 @@ init_node_bpf() {
   echo "Node initialization complete"
 }'
 }
-
-setup_networkmanager() {
-  nsenter -t 1 -m -- tee /tmp/setup_network.sh<<EOF
-set -x
-
-config_network_manager() {
-  echo "setup rh NetworkManager"
-  if [ -f "/usr/lib/NetworkManager/conf.d/eni.conf" ]; then
-    return
-  fi
-  tee /usr/lib/NetworkManager/conf.d/eni.conf<<EOF2
-[main]
-plugins = ifcfg-rh,keyfile
-
-[keyfile]
-unmanaged-devices=interface-name:eth*, except:interface-name:eth0
-
-[logging]
-
-EOF2
-  systemctl reload NetworkManager
-}
-
-if [[ "\$(systemctl is-active NetworkManager)" == "active" ]]; then
-  mkdir -p "/usr/lib/NetworkManager/conf.d/"
-  OS_ID=\$(awk -F= '\$1=="ID" { print \$2 ;}' /etc/os-release)
-  VERSION_ID=\$(awk -F= '\$1=="VERSION_ID" { print \$2 ;}' /etc/os-release)
-
-  echo "detect os \${OS_ID} version \${VERSION_ID}"
-  if [[ "\$OS_ID" == *alinux* && "\$VERSION_ID" == "\"3\"" ]]; then
-    config_network_manager
-  fi
-
-  if [[ "\$OS_ID" == *centos* && "\$VERSION_ID" == "\"8\"" ]]; then
-    config_network_manager
-  fi
-fi
-
-EOF
-  nsenter -t 1 -m -- chmod +x /tmp/setup_network.sh
-  nsenter -t 1 -m -- bash -c /tmp/setup_network.sh
-}
-
-
 set -o errexit
 set -o nounset
 
@@ -108,6 +64,4 @@ fi
 
 sysctl -w net.ipv4.conf.eth0.rp_filter=0
 modprobe sch_htb || true
-chroot /host sh -c "systemctl disable eni.service; rm -f /etc/udev/rules.d/75-persistent-net-generator.rules /lib/udev/rules.d/60-net.rules /lib/udev/rules.d/61-eni.rules /lib/udev/write_net_rules && udevadm control --reload-rules && udevadm trigger"
-
-setup_networkmanager
+chroot /host sh -c "systemctl disable eni.service; rm -f /etc/udev/rules.d/75-persistent-net-generator.rules /lib/udev/rules.d/60-net.rules /lib/udev/rules.d/61-eni.rules /lib/udev/write_net_rules && udevadm control --reload-rules && udevadm trigger"