more rearranging

hashicorp · Aug 12, 2024 · 420bd98 · 420bd98
1 parent 6b5f6b9
commit 420bd98
Show file tree

Hide file tree

Showing 6 changed files with 129 additions and 78 deletions.
diff --git a/client/allocrunner/cni/bridge.go b/client/allocrunner/cni/bridge.go
@@ -0,0 +1,86 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package cni
+
+import "encoding/json"
+
+// Conflist is the .conflist format of CNI network config.
+type Conflist struct {
+	CniVersion string `json:"cniVersion"`
+	Name       string `json:"name"`
+	Plugins    []any  `json:"plugins"`
+}
+
+// Json produces indented json of the conflist.
+func (b Conflist) Json() ([]byte, error) {
+	return json.MarshalIndent(b, "", "\t")
+}
+
+// NomadBridgeConfig determines the contents of the Conflist.
+type NomadBridgeConfig struct {
+	BridgeName     string
+	AdminChainName string
+	IPv4Subnet     string
+	HairpinMode    bool
+	ConsulCNI      bool
+}
+
+// NewNomadBridgeConflist produces a full Conflist from the config.
+func NewNomadBridgeConflist(conf NomadBridgeConfig) Conflist {
+	// Update website/content/docs/networking/cni.mdx when the bridge config
+	// is modified. The json versions of the config can be found in
+	// client/allocrunner/test_fixtures/*.conflist.json
+	// If CNI plugins are added or versions need to be updated for new fields,
+	// add a new constraint to nomad/job_endpoint_hooks.go
+
+	ipRanges := [][]Range{
+		{{Subnet: conf.IPv4Subnet}},
+	}
+	ipRoutes := []Route{
+		{Dst: "0.0.0.0/0"},
+	}
+
+	plugins := []any{
+		Generic{
+			Type: "loopback",
+		},
+		Bridge{
+			Type:         "bridge",
+			Bridgename:   conf.BridgeName,
+			IpMasq:       true,
+			IsGateway:    true,
+			ForceAddress: true,
+			HairpinMode:  conf.HairpinMode,
+			Ipam: IPAM{
+				Type:   "host-local",
+				Ranges: ipRanges,
+				Routes: ipRoutes,
+			},
+		},
+		Firewall{
+			Type:           "firewall",
+			Backend:        "iptables",
+			AdminChainName: conf.AdminChainName,
+		},
+		Portmap{
+			Type: "portmap",
+			Capabilities: CapabilityArgs{
+				Portmappings: true,
+			},
+			Snat: true,
+		},
+	}
+	if conf.ConsulCNI {
+		plugins = append(plugins, ConsulCNI{
+			Type:     "consul-cni",
+			LogLevel: "debug",
+		})
+	}
+
+	return Conflist{
+		CniVersion: "0.4.0",
+		Name:       "nomad",
+		Plugins:    plugins,
+	}
+}
diff --git a/client/allocrunner/cni/bridge_test.go b/client/allocrunner/cni/bridge_test.go
@@ -0,0 +1,31 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package cni
+
+import (
+	"testing"
+
+	"github.com/shoenig/test/must"
+)
+
+func TestBridgeCNIConflist_Json(t *testing.T) {
+	conf := &Conflist{
+		CniVersion: "0.0.1",
+		Name:       "test-config",
+		Plugins: []any{
+			Generic{Type: "test-plugin"},
+		},
+	}
+	bts, err := conf.Json()
+	must.NoError(t, err)
+	must.Eq(t, `{
+	"cniVersion": "0.0.1",
+	"name": "test-config",
+	"plugins": [
+		{
+			"type": "test-plugin"
+		}
+	]
+}`, string(bts))
+}
diff --git a/client/allocrunner/cni/plugins.go b/client/allocrunner/cni/plugins.go
@@ -3,22 +3,6 @@
 
 package cni
 
-import "encoding/json"
-
-// BridgeCNIConflist is the .conflist format of CNI network config.
-type BridgeCNIConflist struct {
-	CniVersion string `json:"cniVersion"`
-	Name       string `json:"name"`
-	Plugins    []any  `json:"plugins"`
-}
-
-// Json produces indented json of the conflist.
-func (b BridgeCNIConflist) Json() ([]byte, error) {
-	return json.MarshalIndent(b, "", "\t")
-}
-
-/* plugins */
-
 // Generic has the one key that all plugins must have: "type"
 type Generic struct {
 	Type string `json:"type"`
@@ -50,9 +34,9 @@ type Route struct {
 // Firewall is the "firewall" plugin.
 // https://www.cni.dev/plugins/current/meta/firewall/
 type Firewall struct {
-	Type                   string `json:"type"`
-	Backend                string `json:"backend"`
-	IptablesAdminChainName string `json:"iptablesAdminChainName"`
+	Type           string `json:"type"`
+	Backend        string `json:"backend"`
+	AdminChainName string `json:"iptablesAdminChainName"`
 }
 
 // Portmap is the "portmap" plugin.

diff --git a/client/allocrunner/networking_bridge_linux.go b/client/allocrunner/networking_bridge_linux.go
@@ -9,7 +9,7 @@ import (
 
 	"github.com/coreos/go-iptables/iptables"
 	hclog "github.com/hashicorp/go-hclog"
-	cni "github.com/hashicorp/nomad/client/allocrunner/cni"
+	"github.com/hashicorp/nomad/client/allocrunner/cni"
 	"github.com/hashicorp/nomad/nomad/structs"
 	"github.com/hashicorp/nomad/plugins/drivers"
 )
@@ -166,60 +166,12 @@ func (b *bridgeNetworkConfigurator) Teardown(ctx context.Context, alloc *structs
 }
 
 func buildNomadBridgeNetConfig(b bridgeNetworkConfigurator, withConsulCNI bool) ([]byte, error) {
-	// Update website/content/docs/networking/cni.mdx when the bridge config
-	// is modified. The json versions of the config can be found in
-	// client/allocrunner/test_fixtures/*.conflist.json
-	// If CNI plugins are added or versions need to be updated for new fields,
-	// add a new constraint to nomad/job_endpoint_hooks.go
-
-	ipRanges := [][]cni.Range{
-		{{Subnet: b.allocSubnet}},
-	}
-	ipRoutes := []cni.Route{
-		{Dst: "0.0.0.0/0"},
-	}
-
-	plugins := []any{
-		cni.Generic{
-			Type: "loopback",
-		},
-		cni.Bridge{
-			Type:         "bridge",
-			Bridgename:   b.bridgeName,
-			IpMasq:       true,
-			IsGateway:    true,
-			ForceAddress: true,
-			HairpinMode:  b.hairpinMode,
-			Ipam: cni.IPAM{
-				Type:   "host-local",
-				Ranges: ipRanges,
-				Routes: ipRoutes,
-			},
-		},
-		cni.Firewall{
-			Type:                   "firewall",
-			Backend:                "iptables",
-			IptablesAdminChainName: cniAdminChainName,
-		},
-		cni.Portmap{
-			Type: "portmap",
-			Capabilities: cni.CapabilityArgs{
-				Portmappings: true,
-			},
-			Snat: true,
-		},
-	}
-	if withConsulCNI {
-		plugins = append(plugins, cni.ConsulCNI{
-			Type:     "consul-cni",
-			LogLevel: "debug",
-		})
-	}
-
-	conf := &cni.BridgeCNIConflist{
-		CniVersion: "0.4.0",
-		Name:       "nomad",
-		Plugins:    plugins,
-	}
+	conf := cni.NewNomadBridgeConflist(cni.NomadBridgeConfig{
+		BridgeName:     b.bridgeName,
+		AdminChainName: cniAdminChainName,
+		IPv4Subnet:     b.allocSubnet,
+		HairpinMode:    b.hairpinMode,
+		ConsulCNI:      withConsulCNI,
+	})
 	return conf.Json()
 }
diff --git a/client/allocrunner/networking_bridge_linux_test.go b/client/allocrunner/networking_bridge_linux_test.go
@@ -21,7 +21,7 @@ func Test_buildNomadBridgeNetConfig(t *testing.T) {
 		b             *bridgeNetworkConfigurator
 	}{
 		{
-			name: "empty",
+			name: "default",
 			b:    &bridgeNetworkConfigurator{},
 		},
 
@@ -53,8 +53,6 @@ func Test_buildNomadBridgeNetConfig(t *testing.T) {
 	}
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			tc := tc
-			ci.Parallel(t)
 			bCfg, err := buildNomadBridgeNetConfig(*tc.b, tc.withConsulCNI)
 			must.NoError(t, err)
 

diff --git a/...crunner/test_fixtures/empty.conflist.json → ...unner/test_fixtures/default.conflist.json b/...crunner/test_fixtures/empty.conflist.json → ...unner/test_fixtures/default.conflist.json