netconf

package
v0.8.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 26, 2022 License: MIT Imports: 18 Imported by: 7

Documentation

Overview

Package netconf groups functionality to configure networking related resources.

Index

Constants

View Source 
const (
	// FileModeSystemd represents a file mode that allows systemd to read e.g. /etc/systemd/network files.
	FileModeSystemd = 0644
	// FileModeSixFourFour represents file mode 0644
	FileModeSixFourFour = 0644
	// FileModeDefault represents the default file mode sufficient e.g. to /etc/network/interfaces or /etc/frr.conf.
	FileModeDefault = 0600
	// Firewall defines the bare metal server to function as firewall.
	Firewall BareMetalType = iota
	// Machine defines the bare metal server to function as machine.
	Machine
	// SystemdUnitPath is the path where systemd units will be generated.
	SystemdUnitPath = "/etc/systemd/system/"
)
View Source 
const (
	// FRRVersion holds a string that is used in the frr.conf to define the FRR version.
	FRRVersion = "7.5"
	// TplFirewallFRR defines the name of the template to render FRR configuration to a 'firewall'.
	TplFirewallFRR = "frr.firewall.tpl"
	// TplMachineFRR defines the name of the template to render FRR configuration to a 'machine'.
	TplMachineFRR = "frr.machine.tpl"
	// IPPrefixListSeqSeed specifies the initial value for prefix lists sequence number.
	IPPrefixListSeqSeed = 100
	// IPPrefixListNoExportSuffix defines the suffix to use for private IP ranges that must not be exported.
	IPPrefixListNoExportSuffix = "-no-export"
	// RouteMapOrderSeed defines the initial value for route-map order.
	RouteMapOrderSeed = 10
	// AddressFamilyIPv4 is the name for this address family for the routing daemon.
	AddressFamilyIPv4 = "ip"
	// AddressFamilyIPv6 is the name for this address family for the routing daemon.
	AddressFamilyIPv6 = "ipv6"
)
View Source 
const (
	// IPv4ZeroCIDR is the CIDR block for the whole IPv4 address space
	IPv4ZeroCIDR = "0.0.0.0/0"

	// IPv6ZeroCIDR is the CIDR block for the whole IPv6 address space
	IPv6ZeroCIDR = "::/0"
	// Permit defines an access policy that allows access.
	Permit AccessPolicy = iota
	// Deny defines an access policy that forbids access.
	Deny
)
View Source 
const TplHostname = "hostname.tpl"

TplHostname defines the name of the template to render /etc/hostname.

View Source 
const TplHosts = "hosts.tpl"

TplHosts defines the name of the template to render hosts file.

View Source 
const (
	// TplNftables defines the name of the template to render nftables configuration.
	TplNftables = "nftrules.tpl"
)
View Source 
const TplSuricataConfig = "suricata_config.yaml.tpl"

TplSuricataConfig is the name of the template for the suricata configuration.

View Source 
const (
	// VLANOffset defines a number to start with when creating new VLAN IDs.
	VLANOffset = 1000
)

Variables

This section is empty.

Functions

func NewDroptailerServiceApplier 

func NewDroptailerServiceApplier(kb KnowledgeBase, v net.Validator) (net.Applier, error)

NewDroptailerServiceApplier constructs a new instance of this type.

func NewFirewallControllerServiceApplier 

func NewFirewallControllerServiceApplier(kb KnowledgeBase, v net.Validator) (net.Applier, error)

NewFirewallControllerServiceApplier constructs a new instance of this type.

func NewFrrConfigApplier 

func NewFrrConfigApplier(kind BareMetalType, kb KnowledgeBase, tmpFile string) net.Applier

NewFrrConfigApplier constructs a new Applier of the given type of Bare Metal.

func NewHostnameApplier 

func NewHostnameApplier(kb KnowledgeBase, tmpFile string) net.Applier

NewHostnameApplier creates a new Applier to render hostname.

func NewHostsApplier 

func NewHostsApplier(kb KnowledgeBase, tmpFile string) net.Applier

NewHostsApplier creates a new hosts applier.

func NewNftablesConfigApplier 

func NewNftablesConfigApplier(kb KnowledgeBase, validator net.Validator, enableDNSProxy bool) net.Applier

NewNftablesConfigApplier constructs a new instance of this type.

func NewNftablesExporterServiceApplier 

func NewNftablesExporterServiceApplier(kb KnowledgeBase, v net.Validator) (net.Applier, error)

NewNftablesExporterServiceApplier constructs a new instance of this type.

func NewNodeExporterServiceApplier 

func NewNodeExporterServiceApplier(kb KnowledgeBase, v net.Validator) (net.Applier, error)

NewNodeExporterServiceApplier constructs a new instance of this type.

func NewSuricataConfigApplier 

func NewSuricataConfigApplier(kb KnowledgeBase, tmpFile string) (net.Applier, error)

NewSuricataConfigApplier constructs a new instance of this type.

func NewSuricataDefaultsApplier 

func NewSuricataDefaultsApplier(kb KnowledgeBase, tmpFile string) (net.Applier, error)

NewSuricataDefaultsApplier constructs a new instance of this type.

func NewSuricataUpdateServiceApplier 

func NewSuricataUpdateServiceApplier(kb KnowledgeBase, v net.Validator) (net.Applier, error)

NewSuricataUpdateServiceApplier constructs a new instance of this type.

func NewSystemdLinkApplier 

func NewSystemdLinkApplier(kind BareMetalType, machineUUID string, nicIndex int, nic NIC,
	tmpFile string, evpnIfaces []EVPNIface) net.Applier

NewSystemdLinkApplier creates a new Applier to configure systemd.link.

func NewSystemdNetworkdApplier 

func NewSystemdNetworkdApplier(tmpFile string, data interface{}) net.Applier

NewSystemdNetworkdApplier creates a new Applier to configure systemd.network.

Types

type AccessPolicy 

type AccessPolicy int

AccessPolicy is a type that represents a policy to manage access roles.

func (AccessPolicy) String 

func (p AccessPolicy) String() string

type AddrSpec added in v0.7.0 

type AddrSpec struct {
	AddressFamily string
	Address       string
}

type AddressFamily 

type AddressFamily string

AddressFamily is the address family for the routing daemon.

type BareMetalType 

type BareMetalType int

BareMetalType defines the type of configuration to apply.

type Bridge 

type Bridge struct {
	Ports string
	Vids  string
}

Bridge represents a network bridge.

type ChronyServiceEnabler 

type ChronyServiceEnabler struct {
	VRF string
}

ChronyServiceEnabler can enable chrony systemd service for the given VRF.

func NewChronyServiceEnabler 

func NewChronyServiceEnabler(kb KnowledgeBase) (ChronyServiceEnabler, error)

NewChronyServiceEnabler constructs a new instance of this type.

func (ChronyServiceEnabler) Enable 

func (c ChronyServiceEnabler) Enable() error

Enable enables chrony systemd service for the given VRF to be started after boot.

type CommonConfigurator 

type CommonConfigurator struct {
	Kb KnowledgeBase
}

CommonConfigurator contains information that is common to all configurators.

type CommonFRRData 

type CommonFRRData struct {
	ASN        int64
	Comment    string
	FRRVersion string
	Hostname   string
	RouterID   string
}

CommonFRRData contains attributes that are common to FRR configuration of all kind of bare metal servers.

type Configurator 

type Configurator interface {
	Configure()
}

Configurator is an interface to configure bare metal servers.

func NewConfigurator 

func NewConfigurator(kind BareMetalType, kb KnowledgeBase) Configurator

NewConfigurator creates a new configurator.

type DNAT added in v0.7.0 

type DNAT struct {
	Comment      string
	InInterfaces []string
	Port         string
	DestSpec     AddrSpec
}

DNAT holds the information required to configure DNAT.

type DroptailerData 

type DroptailerData struct {
	Comment   string
	TenantVrf string
}

DroptailerData contains the data to render the droptailer service template.

type EVPNIface 

type EVPNIface struct {
	Comment string
	VRF     VRF
	SVI     SVI
	VXLAN   VXLAN
}

EVPNIface represents the information required to render EVPN interfaces configuration.

type FRRValidator 

type FRRValidator struct {
	// contains filtered or unexported fields
}

FRRValidator validates the frr.conf to apply.

func (FRRValidator) Validate 

func (v FRRValidator) Validate() error

Validate can be used to run validation on FRR configuration using vtysh.

type FirewallConfigurator 

type FirewallConfigurator struct {
	CommonConfigurator
	EnableDNSProxy bool
}

FirewallConfigurator is a configurator that configures a bare metal server as 'firewall'.

func (FirewallConfigurator) Configure 

func (configurator FirewallConfigurator) Configure()

Configure applies configuration to a bare metal server to function as 'firewall'.

func (FirewallConfigurator) ConfugureNftables added in v0.7.0 

func (configurator FirewallConfigurator) ConfugureNftables()

type FirewallControllerData 

type FirewallControllerData struct {
	Comment         string
	DefaultRouteVrf string
	ServiceIP       string
	PrivateVrfID    int64
}

FirewallControllerData contains the data to render the firewall-controller service template.

type FirewallFRRData 

type FirewallFRRData struct {
	CommonFRRData
	VRFs []VRF
}

FirewallFRRData contains attributes required to render frr.conf of bare metal servers that function as 'firewall'.

type HostnameData 

type HostnameData struct {
	Comment, Hostname string
}

HostnameData contains attributes to render hostname file.

type HostnameValidator 

type HostnameValidator struct {
	// contains filtered or unexported fields
}

HostnameValidator validates hostname changes.

func (HostnameValidator) Validate 

func (v HostnameValidator) Validate() error

Validate validates hostname rendering.

type HostsData 

type HostsData struct {
	Comment  string
	Hostname string
	IP       string
}

HostsData contains data to render hosts file.

type HostsValidator 

type HostsValidator struct {
	// contains filtered or unexported fields
}

HostsValidator validates hosts file.

func (HostsValidator) Validate 

func (v HostsValidator) Validate() error

Validate validates hosts file.

type IPPrefixList 

type IPPrefixList struct {
	Name          string
	Spec          string
	AddressFamily AddressFamily
	// SourceVRF specifies from which VRF the given prefix list should be imported
	SourceVRF string
}

IPPrefixList represents 'ip prefix-list' filtering mechanism to be used in combination with route-maps.

type Identity 

type Identity struct {
	Comment string
	ID      int
}

Identity represents an object's identity.

type IfacesApplier 

type IfacesApplier struct {
	// contains filtered or unexported fields
}

IfacesApplier applies interfaces configuration.

func NewIfacesApplier 

func NewIfacesApplier(kind BareMetalType, kb KnowledgeBase) IfacesApplier

NewIfacesApplier constructs a new instance of this type.

func (*IfacesApplier) Apply 

func (a *IfacesApplier) Apply()

Apply applies the interface configuration with systemd-networkd.

func (*IfacesApplier) Render 

func (a *IfacesApplier) Render(w io.Writer, tpl template.Template) error

Render renders the network interfaces to the given writer using the given template.

type IfacesData 

type IfacesData struct {
	Comment    string
	Loopback   Loopback
	EVPNIfaces []EVPNIface
}

IfacesData contains attributes required to render network interfaces configuration of a bare metal server.

type ImportSettings added in v0.7.1 

type ImportSettings struct {
	ImportPrefixes         []importPrefix
	ImportPrefixesNoExport []importPrefix
}

type KnowledgeBase 

type KnowledgeBase struct {
	Hostname     string                    `yaml:"hostname"`
	Ipaddress    string                    `yaml:"ipaddress"`
	Asn          string                    `yaml:"asn"`
	Networks     []models.V1MachineNetwork `yaml:"networks"`
	Machineuuid  string                    `yaml:"machineuuid"`
	Sshpublickey string                    `yaml:"sshpublickey"`
	Password     string                    `yaml:"password"`
	Devmode      bool                      `yaml:"devmode"`
	Console      string                    `yaml:"console"`
	Nics         []NIC                     `yaml:"nics"`
}

KnowledgeBase was generated with: https://mengzhuo.github.io/yaml-to-go/. It represents the input yaml that is needed to render network configuration files.

func NewKnowledgeBase 

func NewKnowledgeBase(path string) KnowledgeBase

NewKnowledgeBase creates a new instance of this type.

func (KnowledgeBase) CollectIPs 

func (kb KnowledgeBase) CollectIPs(types ...string) []string

CollectIPs collects IPs of the given networks.

func (KnowledgeBase) GetDefaultRouteNetwork added in v0.7.1 

func (kb KnowledgeBase) GetDefaultRouteNetwork() *models.V1MachineNetwork

func (KnowledgeBase) GetNetworks 

func (kb KnowledgeBase) GetNetworks(types ...string) []models.V1MachineNetwork

GetNetworks returns all networks present.

func (KnowledgeBase) Validate 

func (kb KnowledgeBase) Validate(kind BareMetalType) error

Validate validates the containing information depending on the demands of the bare metal type.

type Loopback 

type Loopback struct {
	Comment string
	IPs     []string
}

Loopback represents a loopback interface (lo).

type MachineConfigurator 

type MachineConfigurator struct {
	CommonConfigurator
}

MachineConfigurator is a configurator that configures a bare metal server as 'machine'.

func (MachineConfigurator) Configure 

func (configurator MachineConfigurator) Configure()

Configure applies configuration to a bare metal server to function as 'machine'.

type MachineFRRData 

type MachineFRRData struct {
	CommonFRRData
}

MachineFRRData contains attributes required to render frr.conf of bare metal servers that function as 'machine'.

type NIC 

type NIC struct {
	Mac       string `yaml:"mac"`
	Name      string `yaml:"name"`
	Neighbors []struct {
		Mac       string        `yaml:"mac"`
		Name      interface{}   `yaml:"name"`
		Neighbors []interface{} `yaml:"neighbors"`
	} `yaml:"neighbors"`
}

NIC is a representation of network interfaces attributes.

type NftablesData 

type NftablesData struct {
	Comment      string
	SNAT         []SNAT
	DNSProxyDNAT DNAT
}

NftablesData represents the information required to render nftables configuration.

type NftablesExporterData 

type NftablesExporterData struct {
	Comment   string
	TenantVrf string
}

NftablesExporterData contains the data to render the nftables_exporter service template.

type NftablesReloader added in v0.8.0 

type NftablesReloader struct{}

func (*NftablesReloader) Reload added in v0.8.0 

func (*NftablesReloader) Reload() error

type NftablesValidator 

type NftablesValidator struct {
	// contains filtered or unexported fields
}

NftablesValidator can validate configuration for nftables rules.

func (NftablesValidator) Validate 

func (v NftablesValidator) Validate() error

Validate validates network interfaces configuration.

type NodeExporterData 

type NodeExporterData struct {
	Comment   string
	TenantVrf string
}

NodeExporterData contains the data to render the node_exporter service template.

type RouteMap 

type RouteMap struct {
	Name    string
	Entries []string
	Policy  string
	Order   int
}

RouteMap represents a route-map to permit or deny routes.

type SNAT 

type SNAT struct {
	Comment      string
	OutInterface string
	OutIntSpec   AddrSpec
	SourceSpecs  []AddrSpec
}

SNAT holds the information required to configure Source NAT.

type SVI 

type SVI struct {
	VLANID    int
	Comment   string
	Addresses []string
}

SVI represents a switched virtual interface.

type ServiceValidator 

type ServiceValidator struct {
	// contains filtered or unexported fields
}

ServiceValidator holds information for systemd service validation.

func (ServiceValidator) Validate 

func (v ServiceValidator) Validate() error

Validate validates the service file.

type SuricataConfigData 

type SuricataConfigData struct {
	Comment         string
	DefaultRouteVrf string
	Interface       string
}

SuricataConfigData represents the information required to render suricata configuration.

type SuricataConfigValidator 

type SuricataConfigValidator struct {
	// contains filtered or unexported fields
}

SuricataConfigValidator can validate configuration for suricata.

func (SuricataConfigValidator) Validate 

func (v SuricataConfigValidator) Validate() error

Validate validates suricata configuration.

type SuricataDefaultsData 

type SuricataDefaultsData struct {
	Comment   string
	Interface string
}

SuricataDefaultsData represents the information required to render suricata defaults.

type SuricataDefaultsValidator 

type SuricataDefaultsValidator struct {
	// contains filtered or unexported fields
}

SuricataDefaultsValidator can validate defaults for suricata.

func (SuricataDefaultsValidator) Validate 

func (v SuricataDefaultsValidator) Validate() error

Validate validates suricata defaults.

type SuricataUpdateData 

type SuricataUpdateData struct {
	Comment         string
	DefaultRouteVrf string
}

SuricataUpdateData contains the data to render the suricata-update service template.

type SystemdCommonData 

type SystemdCommonData struct {
	Comment string
	Index   int
}

SystemdCommonData contains attributes common to systemd.network and systemd.link files.

type SystemdLinkData 

type SystemdLinkData struct {
	SystemdCommonData
	MAC        string
	MTU        int
	EVPNIfaces []EVPNIface
}

SystemdLinkData contains attributes required to render systemd.link files.

type SystemdNetworkdValidator 

type SystemdNetworkdValidator struct {
	// contains filtered or unexported fields
}

SystemdNetworkdValidator defines the base type of an systemd-networkd validator.

func (SystemdNetworkdValidator) Validate 

func (v SystemdNetworkdValidator) Validate() error

Validate network interfaces configuration done with systemd-networkd. Assumes systemd-networkd is installed.

type SystemdValidator 

type SystemdValidator struct {
	// contains filtered or unexported fields
}

SystemdValidator validates systemd.network and system.link files.

func (SystemdValidator) Validate 

func (v SystemdValidator) Validate() error

Validate validates systemd.network and systemd.link files.

type VRF 

type VRF struct {
	Identity
	Table          int
	VNI            int
	ImportVRFNames []string
	IPPrefixLists  []IPPrefixList
	RouteMaps      []RouteMap
}

VRF represents data required to render VRF information into frr.conf.

type VXLAN 

type VXLAN struct {
	Identity
	TunnelIP string
}

VXLAN represents a VXLAN interface.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.