Documentation
¶
Overview ¶
Package netconf groups functionality to configure networking related resources.
Index ¶
- Constants
- func NewDroptailerServiceApplier(kb KnowledgeBase, v net.Validator) (net.Applier, error)
- func NewFirewallPolicyControllerServiceApplier(kb KnowledgeBase, v net.Validator) (net.Applier, error)
- func NewFrrConfigApplier(kind BareMetalType, kb KnowledgeBase, tmpFile string) net.Applier
- func NewHostnameApplier(kb KnowledgeBase, tmpFile string) net.Applier
- func NewHostsApplier(kb KnowledgeBase, tmpFile string) net.Applier
- func NewIfacesConfigApplier(kind BareMetalType, kb KnowledgeBase, tmpFile string) net.Applier
- func NewNftablesConfigApplier(kb KnowledgeBase, validator net.Validator) net.Applier
- func NewNodeExporterServiceApplier(kb KnowledgeBase, v net.Validator) (net.Applier, error)
- func NewSuricataConfigApplier(kb KnowledgeBase, tmpFile string) (net.Applier, error)
- func NewSuricataDefaultsApplier(kb KnowledgeBase, tmpFile string) (net.Applier, error)
- func NewSuricataUpdateServiceApplier(kb KnowledgeBase, v net.Validator) (net.Applier, error)
- func NewSystemdLinkApplier(kind BareMetalType, machineUUID string, nicIndex int, nic NIC, tmpFile string) net.Applier
- func NewSystemdNetworkApplier(uuid string, nicIndex int, tmpFile string) net.Applier
- type AccessPolicy
- type BareMetalType
- type Bridge
- type ChronyServiceEnabler
- type CommonConfigurator
- type CommonFRRData
- type CommonIfacesData
- type Configurator
- type DroptailerData
- type EVPNIface
- type FRRValidator
- type FirewallConfigurator
- type FirewallControllerData
- type FirewallFRRData
- type FirewallIfacesData
- type HostnameData
- type HostnameValidator
- type HostsData
- type HostsValidator
- type IPPrefixList
- type Identity
- type IfacesValidator
- type KnowledgeBase
- type Loopback
- type MachineConfigurator
- type MachineFRRData
- type MachineIfacesData
- type NIC
- type Network
- type NetworkType
- type NftablesData
- type NftablesV4Validator
- type NftablesV6Validator
- type NftablesValidator
- type NodeExporterData
- type RouteMap
- type SNAT
- type SVI
- type ServiceValidator
- type SuricataConfigData
- type SuricataConfigValidator
- type SuricataDefaultsData
- type SuricataDefaultsValidator
- type SuricataUpdateData
- type SystemdCommonData
- type SystemdLinkData
- type SystemdNetworkData
- type SystemdNetworkdValidator
- type SystemdValidator
- type VRF
- type VXLAN
Constants ¶
const ( // FileModeSystemd represents a file mode that allows systemd to read e.g. /etc/systemd/network files. FileModeSystemd = 0644 // FileModeSixFourFour represents file mode 0644 FileModeSixFourFour = 0644 // FileModeDefault represents the default file mode sufficient e.g. to /etc/network/interfaces or /etc/frr.conf. FileModeDefault = 0600 // Firewall defines the bare metal server to function as firewall. Firewall BareMetalType = iota // Machine defines the bare metal server to function as machine. Machine // SystemdUnitPath is the path where systemd units will be generated. SystemdUnitPath = "/etc/systemd/system/" // SystemdNetworkPath is the path where systemd-networkd expects its configuration files. SystemdNetworkPath = "/etc/systemd/network" )
const ( // FRRVersion holds a string that is used in the frr.conf to define the FRR version. FRRVersion = "7.0" // TplFirewallFRR defines the name of the template to render FRR configuration to a 'firewall'. TplFirewallFRR = "frr.firewall.tpl" // TplMachineFRR defines the name of the template to render FRR configuration to a 'machine'. TplMachineFRR = "frr.machine.tpl" // IPPrefixListSeqSeed specifies the initial value for prefix lists sequence number. IPPrefixListSeqSeed = 100 // IPPrefixListNoExportSuffix defines the suffix to use for private IP ranges that must not be exported. IPPrefixListNoExportSuffix = "-no-export" // RouteMapOrderSeed defines the initial value for route-map order. RouteMapOrderSeed = 10 )
const ( // TplFirewallIfaces defines the name of the template to render interfaces configuration for firewalls. TplFirewallIfaces = "interfaces.firewall.tpl" // TplMachineIfaces defines the name of the template to render interfaces configuration for machines. TplMachineIfaces = "lo.network.machine.tpl" )
const ( TplNftablesV4 = "rules.v4.tpl" TplNftablesV6 = "rules.v6.tpl" )
TplNftablesV4 defines the name of the template to render nftables configuration.
const ( // TplSystemdLink defines the name of the template to render system.link file. TplSystemdLink = "systemd.link.tpl" // TplSystemdNetwork defines the name of the template to render system.network file. TplSystemdNetwork = "systemd.network.tpl" // MTUFirewall defines the value for MTU specific to the needs of a firewall. VXLAN requires higher MTU. MTUFirewall = 9216 // MTUMachine defines the value for MTU specific to the needs of a machine. MTUMachine = 9000 )
const SystemdUnitDroptailer = "droptailer.service"
SystemdUnitDroptailer is the name of the systemd unit for the droptailer.
const SystemdUnitFirewallPolicyController = "firewall-policy-controller.service"
SystemdUnitFirewallPolicyController is the name of the systemd unit for the firewall policy controller,
const SystemdUnitNodeExporter = "node-exporter.service"
SystemdUnitNodeExporter is the name of the systemd unit for the node_exporter.
const SystemdUnitSuricataUpdate = "suricata-update.service"
SystemdUnitSuricataUpdate is the name of the systemd unit for the suricata-update.
const TplDroptailer = "droptailer.service.tpl"
TplDroptailer is the name of the template for the droptailer service.
const TplFirewallPolicyController = "firewall_policy_controller.service.tpl"
TplFirewallPolicyController is the name of the template for the firewall-policy-controller service.
const TplHostname = "hostname.tpl"
TplHostname defines the name of the template to render /etc/hostname.
const TplHosts = "hosts.tpl"
TplHosts defines the name of the template to render hosts file.
const TplNodeExporter = "node_exporter.service.tpl"
TplNodeExporter is the name of the template for the node_exporter service.
const TplSuricataConfig = "suricata_config.yaml.tpl"
TplSuricataConfig is the name of the template for the suricata configuration.
const TplSuricataDefaults = "suricata_defaults.tpl"
TplSuricataDefaults is the name of the template for the suricata defaults.
const TplSuricataUpdate = "suricata_update.service.tpl"
TplSuricataUpdate is the name of the template for the suricata-update service.
Variables ¶
This section is empty.
Functions ¶
func NewDroptailerServiceApplier ¶
NewDroptailerServiceApplier constructs a new instance of this type.
func NewFirewallPolicyControllerServiceApplier ¶
func NewFirewallPolicyControllerServiceApplier(kb KnowledgeBase, v net.Validator) (net.Applier, error)
NewFirewallPolicyControllerServiceApplier constructs a new instance of this type.
func NewFrrConfigApplier ¶
func NewFrrConfigApplier(kind BareMetalType, kb KnowledgeBase, tmpFile string) net.Applier
NewFrrConfigApplier constructs a new Applier of the given type of Bare Metal.
func NewHostnameApplier ¶
func NewHostnameApplier(kb KnowledgeBase, tmpFile string) net.Applier
NewHostnameApplier creates a new Applier to render hostname.
func NewHostsApplier ¶
func NewHostsApplier(kb KnowledgeBase, tmpFile string) net.Applier
NewHostsApplier creates a new hosts applier.
func NewIfacesConfigApplier ¶
func NewIfacesConfigApplier(kind BareMetalType, kb KnowledgeBase, tmpFile string) net.Applier
NewIfacesConfigApplier constructs a new instance of this type.
func NewNftablesConfigApplier ¶
func NewNftablesConfigApplier(kb KnowledgeBase, validator net.Validator) net.Applier
NewNftablesConfigApplier constructs a new instance of this type.
func NewNodeExporterServiceApplier ¶
NewNodeExporterServiceApplier constructs a new instance of this type.
func NewSuricataConfigApplier ¶ added in v0.1.4
func NewSuricataConfigApplier(kb KnowledgeBase, tmpFile string) (net.Applier, error)
NewSuricataConfigApplier constructs a new instance of this type.
func NewSuricataDefaultsApplier ¶ added in v0.1.4
func NewSuricataDefaultsApplier(kb KnowledgeBase, tmpFile string) (net.Applier, error)
NewSuricataDefaultsApplier constructs a new instance of this type.
func NewSuricataUpdateServiceApplier ¶ added in v0.1.4
NewSuricataUpdateServiceApplier constructs a new instance of this type.
func NewSystemdLinkApplier ¶
func NewSystemdLinkApplier(kind BareMetalType, machineUUID string, nicIndex int, nic NIC, tmpFile string) net.Applier
NewSystemdLinkApplier creates a new Applier to configure systemd.link.
Types ¶
type AccessPolicy ¶
type AccessPolicy int
AccessPolicy is a type that represents a policy to manage access roles.
const ( // AllZerosCIDR represents a CIDR notation that matches all addresses in the IPv4 address space. AllZerosCIDR = "0.0.0.0/0" // Permit defines an access policy that allows access. Permit AccessPolicy = iota // Deny defines an access policy that forbids access. Deny )
func (AccessPolicy) String ¶
func (p AccessPolicy) String() string
type BareMetalType ¶
type BareMetalType int
BareMetalType defines the type of configuration to apply.
type ChronyServiceEnabler ¶
type ChronyServiceEnabler struct {
VRF string
}
ChronyServiceEnabler can enable chrony systemd service for the given VRF.
func NewChronyServiceEnabler ¶
func NewChronyServiceEnabler(kb KnowledgeBase) (ChronyServiceEnabler, error)
NewChronyServiceEnabler constructs a new instance of this type.
func (ChronyServiceEnabler) Enable ¶
func (c ChronyServiceEnabler) Enable() error
Enable enables chrony systemd service for the given VRF to be started after boot.
type CommonConfigurator ¶
type CommonConfigurator struct {
Kb KnowledgeBase
}
CommonConfigurator contains information that is common to all configurators.
type CommonFRRData ¶
type CommonFRRData struct {
ASN int64
Comment string
FRRVersion string
Hostname string
RouterID string
}
CommonFRRData contains attributes that are common to FRR configuration of all kind of bare metal servers.
type CommonIfacesData ¶
CommonIfacesData contains attributes required to render common network interfaces configuration of a bare metal server.
type Configurator ¶
type Configurator interface {
Configure()
}
Configurator is an interface to configure bare metal servers.
func NewConfigurator ¶
func NewConfigurator(kind BareMetalType, kb KnowledgeBase) Configurator
NewConfigurator creates a new configurator.
type DroptailerData ¶
DroptailerData contains the data to render the droptailer service template.
type EVPNIface ¶
EVPNIface represents the information required to render EVPN interfaces configuration.
type FRRValidator ¶
type FRRValidator struct {
// contains filtered or unexported fields
}
FRRValidator validates the frr.conf to apply.
func (FRRValidator) Validate ¶
func (v FRRValidator) Validate() error
Validate can be used to run validation on FRR configuration using vtysh.
type FirewallConfigurator ¶
type FirewallConfigurator struct {
CommonConfigurator
}
FirewallConfigurator is a configurator that configures a bare metal server as 'firewall'.
func (FirewallConfigurator) Configure ¶
func (configurator FirewallConfigurator) Configure()
Configure applies configuration to a bare metal server to function as 'firewall'.
type FirewallControllerData ¶ added in v0.1.8
FirewallControllerData contains the data to render the firewall-policy-controller service template.
type FirewallFRRData ¶
type FirewallFRRData struct {
CommonFRRData
VRFs []VRF
}
FirewallFRRData contains attributes required to render frr.conf of bare metal servers that function as 'firewall'.
type FirewallIfacesData ¶
type FirewallIfacesData struct {
CommonIfacesData
Bridge Bridge
EVPNInterfaces []EVPNIface
}
FirewallIfacesData contains attributes required to render network interfaces configuration of a bare metal server that functions as 'firewall'.
type HostnameData ¶
type HostnameData struct {
Comment, Hostname string
}
HostnameData contains attributes to render hostname file.
type HostnameValidator ¶
type HostnameValidator struct {
// contains filtered or unexported fields
}
HostnameValidator validates hostname changes.
func (HostnameValidator) Validate ¶
func (v HostnameValidator) Validate() error
Validate validates hostname rendering.
type HostsValidator ¶
type HostsValidator struct {
// contains filtered or unexported fields
}
HostsValidator validates hosts file.
func (HostsValidator) Validate ¶
func (v HostsValidator) Validate() error
Validate validates hosts file.
type IPPrefixList ¶
IPPrefixList represents 'ip prefix-list' filtering mechanism to be used in combination with route-maps.
type IfacesValidator ¶
type IfacesValidator struct {
// contains filtered or unexported fields
}
IfacesValidator defines the base type of an interfaces validator.
func (IfacesValidator) Validate ¶
func (v IfacesValidator) Validate() error
Validate network interfaces configuration. Assumes ifupdown2 is available.
type KnowledgeBase ¶
type KnowledgeBase struct {
Hostname string `yaml:"hostname"`
Ipaddress string `yaml:"ipaddress"`
Asn string `yaml:"asn"`
Networks []Network `yaml:"networks"`
Machineuuid string `yaml:"machineuuid"`
Sshpublickey string `yaml:"sshpublickey"`
Password string `yaml:"password"`
Devmode bool `yaml:"devmode"`
Console string `yaml:"console"`
Nics []NIC `yaml:"nics"`
}
KnowledgeBase was generated with: https://mengzhuo.github.io/yaml-to-go/. It represents the input yaml that is needed to render network configuration files.
func NewKnowledgeBase ¶
func NewKnowledgeBase(path string) KnowledgeBase
NewKnowledgeBase creates a new instance of this type.
func (KnowledgeBase) CollectIPs ¶
func (kb KnowledgeBase) CollectIPs(types ...NetworkType) []string
CollectIPs collects IPs of the given networks.
func (KnowledgeBase) GetNetworks ¶
func (kb KnowledgeBase) GetNetworks(types ...NetworkType) []Network
GetNetworks returns all networks present.
func (KnowledgeBase) Validate ¶
func (kb KnowledgeBase) Validate(kind BareMetalType) error
Validate validates the containing information depending on the demands of the bare metal type.
type MachineConfigurator ¶
type MachineConfigurator struct {
CommonConfigurator
}
MachineConfigurator is a configurator that configures a bare metal server as 'machine'.
func (MachineConfigurator) Configure ¶
func (configurator MachineConfigurator) Configure()
Configure applies configuration to a bare metal server to function as 'machine'.
type MachineFRRData ¶
type MachineFRRData struct {
CommonFRRData
}
MachineFRRData contains attributes required to render frr.conf of bare metal servers that function as 'machine'.
type MachineIfacesData ¶
type MachineIfacesData struct {
CommonIfacesData
}
MachineIfacesData contains attributes required to render network interfaces configuration of a bare metal server that functions as 'machine'.
type NIC ¶
type NIC struct {
Mac string `yaml:"mac"`
Name string `yaml:"name"`
Neighbors []struct {
Mac string `yaml:"mac"`
Name interface{} `yaml:"name"`
Neighbors []interface{} `yaml:"neighbors"`
} `yaml:"neighbors"`
}
NIC is a representation of network interfaces attributes.
type Network ¶
type Network struct {
Asn int64 `yaml:"asn"`
Destinationprefixes []string `yaml:"destinationprefixes"`
Ips []string `yaml:"ips"`
Nat bool `yaml:"nat"`
Networkid string `yaml:"networkid"`
Prefixes []string `yaml:"prefixes"`
Private bool `yaml:"private"`
Underlay bool `yaml:"underlay"`
Vrf int `yaml:"vrf"`
Vlan int `yaml:"vlan,omitempty"`
}
Network is a representation of a tenant network.
type NetworkType ¶
type NetworkType int
NetworkType represents the functional type of a network.
const ( // VLANOffset defines a number to start with when creating new VLAN IDs. VLANOffset = 1000 // Underlay represents the fabric network where infrastructure switches and routers are placed in. Underlay NetworkType = iota // Private represents the local machine network where all machines of a project are placed in. Private // Public represents an external network a machine has access to. Public )
type NftablesData ¶
NftablesData represents the information required to render nftables configuration.
type NftablesV4Validator ¶
type NftablesV4Validator struct {
NftablesValidator
}
NftablesV4Validator can validate configuration for ipv4 nftables rules.
func (NftablesV4Validator) Validate ¶
func (v NftablesV4Validator) Validate() error
Validate validates network interfaces configuration.
type NftablesV6Validator ¶
type NftablesV6Validator struct {
NftablesValidator
}
NftablesV6Validator can validate configuration for ipv6 nftables rules.
func (NftablesV6Validator) Validate ¶
func (v NftablesV6Validator) Validate() error
Validate validates network interfaces configuration.
type NftablesValidator ¶
type NftablesValidator struct {
// contains filtered or unexported fields
}
NftablesValidator can validate configuration for nftables rules.
type NodeExporterData ¶
NodeExporterData contains the data to render the node_exporter service template.
type ServiceValidator ¶
type ServiceValidator struct {
// contains filtered or unexported fields
}
ServiceValidator holds information for systemd service validation.
func (ServiceValidator) Validate ¶
func (v ServiceValidator) Validate() error
Validate validates the service file.
type SuricataConfigData ¶ added in v0.1.4
SuricataConfigData represents the information required to render suricata configuration.
type SuricataConfigValidator ¶ added in v0.1.4
type SuricataConfigValidator struct {
// contains filtered or unexported fields
}
SuricataConfigValidator can validate configuration for suricata.
func (SuricataConfigValidator) Validate ¶ added in v0.1.4
func (v SuricataConfigValidator) Validate() error
Validate validates suricata configuration.
type SuricataDefaultsData ¶ added in v0.1.4
SuricataDefaultsData represents the information required to render suricata defaults.
type SuricataDefaultsValidator ¶ added in v0.1.4
type SuricataDefaultsValidator struct {
// contains filtered or unexported fields
}
SuricataDefaultsValidator can validate defaults for suricata.
func (SuricataDefaultsValidator) Validate ¶ added in v0.1.4
func (v SuricataDefaultsValidator) Validate() error
Validate validates suricata defaults.
type SuricataUpdateData ¶ added in v0.1.4
SuricataUpdateData contains the data to render the suricata-update service template.
type SystemdCommonData ¶
SystemdCommonData contains attributes common to systemd.network and systemd.link files.
type SystemdLinkData ¶
type SystemdLinkData struct {
SystemdCommonData
MAC string
MTU int
}
SystemdLinkData contains attributes required to render systemd.link files.
type SystemdNetworkData ¶
type SystemdNetworkData struct {
SystemdCommonData
}
SystemdNetworkData contains attributes required to render systemd.network files.
type SystemdNetworkdValidator ¶ added in v0.1.10
type SystemdNetworkdValidator struct {
// contains filtered or unexported fields
}
SystemdNetworkdValidator defines the base type of an systemd-networkd validator.
func (SystemdNetworkdValidator) Validate ¶ added in v0.1.10
func (v SystemdNetworkdValidator) Validate() error
Validate network interfaces configuration done with systemd-networkd. Assumes systemd-networkd is installed.
type SystemdValidator ¶
type SystemdValidator struct {
// contains filtered or unexported fields
}
SystemdValidator validates systemd.network and system.link files.
func (SystemdValidator) Validate ¶
func (v SystemdValidator) Validate() error
Validate validates systemd.network and systemd.link files.
Source Files
Directories