in plugins/vpc-branch-pat-eni/plugin/commands.go [270:379]
func (plugin *Plugin) setupPATNetworkNamespace(
patNetNSName string,
bridgeName string, bridgeIPAddress *net.IPNet,
branch *eni.Branch, branchIPAddress *net.IPNet, branchSubnet *vpc.Subnet) error {
// Create the bridge link.
la := netlink.NewLinkAttrs()
la.Name = bridgeName
la.MTU = vpc.JumboFrameMTU
bridgeLink := &netlink.Bridge{LinkAttrs: la}
log.Infof("Creating bridge link %+v in PAT netns %s.", bridgeLink, patNetNSName)
err := netlink.LinkAdd(bridgeLink)
if err != nil {
log.Errorf("Failed to create bridge link in PAT netns %s: %v.", patNetNSName, err)
return err
}
// Set bridge link MTU.
err = netlink.LinkSetMTU(bridgeLink, vpc.JumboFrameMTU)
if err != nil {
log.Errorf("Failed to set bridge link MTU in PAT netns %s: %v.", patNetNSName, err)
return err
}
// Create the dummy link.
la = netlink.NewLinkAttrs()
la.Name = fmt.Sprintf("%s-dummy", bridgeName)
la.MTU = vpc.JumboFrameMTU
la.MasterIndex = bridgeLink.Index
dummyLink := &netlink.Dummy{LinkAttrs: la}
log.Infof("Creating dummy link %+v in PAT netns %s.", dummyLink, patNetNSName)
err = netlink.LinkAdd(dummyLink)
if err != nil {
log.Errorf("Failed to create dummy link in PAT netns %s: %v.", patNetNSName, err)
return err
}
// Set dummy link MTU.
err = netlink.LinkSetMTU(dummyLink, vpc.JumboFrameMTU)
if err != nil {
log.Errorf("Failed to set dummy link MTU in PAT netns %s: %v.", patNetNSName, err)
return err
}
// Assign IP address to PAT bridge.
log.Infof("Assigning IP address %v to bridge link %s in PAT netns %s.",
bridgeIPAddress, bridgeName, patNetNSName)
address := &netlink.Addr{IPNet: bridgeIPAddress}
err = netlink.AddrAdd(bridgeLink, address)
if err != nil {
log.Errorf("Failed to assign IP address to bridge link in PAT netns %s: %v.",
patNetNSName, err)
return err
}
// Set bridge link operational state up.
log.Infof("Setting bridge link state up in PAT netns %s.", patNetNSName)
err = netlink.LinkSetUp(bridgeLink)
if err != nil {
log.Errorf("Failed to set bridge link state in PAT netns %s: %v.", patNetNSName, err)
return err
}
// TODO: brctl stp #{pat_bridge_interface_name} off
// Assign IP address to branch interface.
log.Infof("Assigning IP address %v to branch link in PAT netns %s.",
branchIPAddress, patNetNSName)
address = &netlink.Addr{IPNet: branchIPAddress}
la = netlink.NewLinkAttrs()
la.Index = branch.GetLinkIndex()
link := &netlink.Dummy{LinkAttrs: la}
err = netlink.AddrAdd(link, address)
if err != nil {
log.Errorf("Failed to assign IP address to branch link in PAT netns %s: %v.",
patNetNSName, err)
return err
}
// Set branch link operational state up.
log.Infof("Setting branch link state up in PAT netns %s.", patNetNSName)
err = branch.SetOpState(true)
if err != nil {
log.Errorf("Failed to set branch link state in PAT netns %s: %v.", patNetNSName, err)
return err
}
// Add default route to PAT branch gateway.
route := &netlink.Route{
Gw: branchSubnet.Gateways[0],
LinkIndex: branch.GetLinkIndex(),
}
log.Infof("Adding default route to %+v in PAT netns %s.", route, patNetNSName)
err = netlink.RouteAdd(route)
if err != nil {
log.Errorf("Failed to add IP route in PAT netns %s: %v.", patNetNSName, err)
return err
}
// Configure iptables rules.
log.Infof("Configuring iptables rules in PAT netns %s.", patNetNSName)
_, bridgeSubnet, _ := net.ParseCIDR(bridgeIPAddress.String())
err = plugin.setupIptablesRules(bridgeName, bridgeSubnet.String(), branch.GetLinkName())
if err != nil {
log.Errorf("Unable to setup iptables rules in PAT netns %s: %v.", patNetNSName, err)
return err
}
return nil
}