hainesc / anchor Goto Github PK
View Code? Open in Web Editor NEWAnchor is a Layer-2 CNI plugin based MacVLAN with multiple interfaces support
License: MIT License
Anchor is a Layer-2 CNI plugin based MacVLAN with multiple interfaces support
License: MIT License
failed get ip from anchor with macvlan mode, use kubectl run test-anchor --image=nicolaka/netshoot --replicas=2
same run command
CNI_COMMAND=ADD PATH=/opt/cni/bin/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/dell/srvadmin/bin:/opt/dell/srvadmin/sbin:/opt/k8s/bin/ CNI_CONTAINERID=1347504a2ca2797c CNI_NETNS=/var/run/netns/1347504a2ca2797c CNI_COMMAND=ADD CNI_IFNAME=eth0 CNI_PATH=/opt/cni/bin CNI_ARGS="K8S_POD_NAMESPACE=default;K8S_POD_NAME=test-anchor-c4578fdcc-rrf89;K8S_POD_INFRA_CONTAINER_ID=1347504a2ca2797c" /opt/cni/bin/anchor < /etc/cni/net.d/10-anchor.conf
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x52f876]
goroutine 1 [running]:
net.networkNumberAndMask(0x0, 0x0, 0x1, 0xc00051a7c0, 0x1d, 0x20, 0x0)
/usr/local/go/src/net/ip.go:477 +0x26
net.(*IPNet).String(0x0, 0x0, 0x0)
/usr/local/go/src/net/ip.go:527 +0x40
github.com/hainesc/anchor/pkg/store/etcd.(*Etcd).RetrieveGateway(0xc0003e00a0, 0x0, 0xc0003e00a0, 0x16, 0x1d9cea0)
/Users/hainesc/workspace/go/src/github.com/hainesc/anchor/pkg/store/etcd/etcd.go:101 +0x4f
github.com/hainesc/anchor/pkg/allocator/anchor.NewAllocator(0x13effe0, 0xc0003e00a0, 0xc000402040, 0x1b, 0xc0003d8030, 0x7, 0xc00000fe30, 0x0, 0x0, 0x0)
/Users/hainesc/workspace/go/src/github.com/hainesc/anchor/pkg/allocator/anchor/anchor.go:68 +0x53c
github.com/hainesc/anchor/internal/app.newAllocator(0xc0002e5a40, 0xc0002bb680, 0x0, 0x0, 0x0)
/Users/hainesc/workspace/go/src/github.com/hainesc/anchor/internal/app/anchor.go:124 +0x5fa
github.com/hainesc/anchor/internal/app.CmdAdd(0xc0002e5a40, 0xc000045300, 0x5)
/Users/hainesc/workspace/go/src/github.com/hainesc/anchor/internal/app/anchor.go:32 +0xaf
github.com/containernetworking/cni/pkg/skel.(*dispatcher).checkVersionAndCall(0xc000163ec0, 0xc0002e5a40, 0x13cf3e0, 0xc0000e6510, 0x130af10, 0x0, 0x10)
/Users/hainesc/workspace/go/pkg/mod/github.com/containernetworking/[email protected]/pkg/skel/skel.go:162 +0x185
github.com/containernetworking/cni/pkg/skel.(*dispatcher).pluginMain(0xc000163ec0, 0x130af10, 0x130af18, 0x13cf3e0, 0xc0000e6510, 0xc00031c000)
/Users/hainesc/workspace/go/pkg/mod/github.com/containernetworking/[email protected]/pkg/skel/skel.go:173 +0x279
github.com/containernetworking/cni/pkg/skel.PluginMainWithError(0x130af10, 0x130af18, 0x13cf3e0, 0xc0000e6510, 0x1004001)
/Users/hainesc/workspace/go/pkg/mod/github.com/containernetworking/[email protected]/pkg/skel/skel.go:210 +0xdb
github.com/containernetworking/cni/pkg/skel.PluginMain(0x130af10, 0x130af18, 0x13cf3e0, 0xc0000e6510)
/Users/hainesc/workspace/go/pkg/mod/github.com/containernetworking/[email protected]/pkg/skel/skel.go:222 +0x4d
main.main()
/Users/hainesc/workspace/go/src/github.com/hainesc/anchor/cmd/anchor/anchor.go:17 +0x51
environment
etcd -version
etcd Version: 3.3.13
Git SHA: 98d3084
Go Version: go1.10.8
Go OS/Arch: linux/amd64
etcd server logs
2019-06-24 16:39:12.227685 D | etcdserver/api/v3rpc: start time = 2019-06-24 16:39:12.227455455 +0800 CST m=+525.806792286, time spent = 212.852µs, remote = 192.168.10.12:50104, response type = /etcdserverpb.Lease/LeaseGrant, request count = -1, request size = -1, response count = -1, response size = -1, request content =
2019-06-24 16:39:12.264187 D | etcdserver/api/v3rpc: start time = 2019-06-24 16:39:12.263766209 +0800 CST m=+525.843103043, time spent = 282.064µs, remote = 192.168.10.12:50104, response type = /etcdserverpb.KV/Txn, request count = 2, request size = 81, response count = 0, response size = 97, request content = compare:<target:CREATE key:"/anchor/lock/694d6b889b968208" create_revision:0 > success:<request_put:<key:"/anchor/lock/694d6b889b968208" value_size:0 lease:7587839181659210248 > request_range:<key:"/anchor/lock/" range_end:"/anchor/lock0" limit:1 sort_order:ASCEND sort_target:CREATE > > failure:<request_range:<key:"/anchor/lock/694d6b889b968208" > request_range:<key:"/anchor/lock/" range_end:"/anchor/lock0" limit:1 sort_order:ASCEND sort_target:CREATE > >
2019-06-24 16:39:12.264793 D | etcdserver/api/v3rpc: start time = 2019-06-24 16:39:12.264580567 +0800 CST m=+525.843917351, time spent = 176.245µs, remote = 192.168.10.12:50104, response type = /etcdserverpb.KV/DeleteRange, request count = 0, request size = 31, response count = 1, response size = 30, request content = key:"/anchor/lock/694d6b889b968208"
2019-06-24 16:39:12.268254 D | etcdserver/api/v3rpc: failed to receive lease keepalive request from gRPC stream ("rpc error: code = Canceled desc = context canceled")
cat /etc/cni/net.d/10-anchor.conf
{
"name": "anchor",
"cniVersion": "0.3.1",
"type": "macvlan",
"master": "br11",
"policy": {
"type": "k8s",
"k8s_api_root": "https://192.168.10.11:8443",
"k8s_auth_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhbmNob3ItdG9rZW4tcGRkNngiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiYW5jaG9yIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMTI5OTkzM2MtOTQyMi0xMWU5LThkZDQtMTQ5ZWNmZmU0OWE0Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmFuY2hvciJ9.aqwHiPlwMddw1lXS_HnaL3xr2puo2YRYwRsIhgHt4qGruZfrJNhoDN5wv-2p5iO7kYCIsZtZ-cwd4JzY5vuzDawk7mn-DikCJ5GdK5HBy5fbNDako81tvLbOpSMABtmaoahmnCTAPEdFdgc0Iu8NudoxCaO1ozmtycewZ6oI4wvMAtKwRE9Yp_C4hoXPLuLA91QqBh0xOLFPiBG362E7hSOaGuZLMxQnArtdhiy8iASpEZPJGOu1kLiaso77aVkt8o9sI3LokLtWdE2EK_Sbh7JR9kGTd3MNWdreSGHq5zbdUZoxhZ7coHbqzgc7HksTV-RIv2wRDGAH1hwt1ZRQNA"
},
"kubernetes": {
"kubeconfig": "/etc/cni/net.d/anchor-kubeconfig"
},
"ipam": {
"type": "anchor",
"etcd_endpoints": "http://192.168.10.11:22379",
"service_ipnet": "10.255.254.0/24",
"node_ips": [],
"policy": {
"type": "k8s",
"k8s_api_root": "https://192.168.10.11:8443",
"k8s_auth_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhbmNob3ItdG9rZW4tcGRkNngiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiYW5jaG9yIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMTI5OTkzM2MtOTQyMi0xMWU5LThkZDQtMTQ5ZWNmZmU0OWE0Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmFuY2hvciJ9.aqwHiPlwMddw1lXS_HnaL3xr2puo2YRYwRsIhgHt4qGruZfrJNhoDN5wv-2p5iO7kYCIsZtZ-cwd4JzY5vuzDawk7mn-DikCJ5GdK5HBy5fbNDako81tvLbOpSMABtmaoahmnCTAPEdFdgc0Iu8NudoxCaO1ozmtycewZ6oI4wvMAtKwRE9Yp_C4hoXPLuLA91QqBh0xOLFPiBG362E7hSOaGuZLMxQnArtdhiy8iASpEZPJGOu1kLiaso77aVkt8o9sI3LokLtWdE2EK_Sbh7JR9kGTd3MNWdreSGHq5zbdUZoxhZ7coHbqzgc7HksTV-RIv2wRDGAH1hwt1ZRQNA"
},
"kubernetes": {
"kubeconfig": "/etc/cni/net.d/anchor-kubeconfig"
}
}
}
kubernetes 1.14
The tourial not give some format with the value "/anchor/ns/default /anchor/gw/ " or some etdctl command example.
has docker image for monkey and ui
It's a bug, I will fix it ASAP.
Where are the binaries
Hi , I want to know is there any configuration with kubelet?
My kubelet ARGS as follows:
KUBELET_ARGS="--cluster-dns=172.1.0.200 --serialize-image-pulls=false --bootstrap-kubeconfig=/etc/kubernetes/bootstrap.kubeconfig --kubeconfig=/etc/kubernetes/kubelet.kubeconfig --cert-dir=/etc/kubernetes/kubernetesTLS --cluster-domain=cluster.local. --hairpin-mode promiscuous-bridge"
and I run kubectl create -f anchor.yaml
and get the logs:
root@ubuntu-1:/etc/kubernetes# docker logs -f 6c3a49284958
Installing any TLS assets from /anchor-secrets
Wrote Anchor CNI binaries to /host/opt/cni/bin
/host/secondary-bin-dir is non-writeable, skipping
"k8s_api_root": "https://__KUBERNETES_SERVICE_HOST__:__KUBERNETES_SERVICE_PORT__",
"k8s_api_root": "https://__KUBERNETES_SERVICE_HOST__:__KUBERNETES_SERVICE_PORT__",
"k8s_api_root": "https://172.1.0.1:__KUBERNETES_SERVICE_PORT__",
"k8s_api_root": "https://172.1.0.1:__KUBERNETES_SERVICE_PORT__",
CNI config: {
"name": "anchor",
"cniVersion": "0.3.1",
"type": "",
"master": "",
"octopus": {__OCTOPUS__},
"policy": {
"type": "k8s",
"k8s_api_root": "https://172.1.0.1:443",
"k8s_auth_token": "__SERVICEACCOUNT_TOKEN__"
},
"kubernetes": {
"kubeconfig": "/etc/cni/net.d/anchor-kubeconfig"
},
"ipam": {
"type": "anchor",
"etcd_endpoints": "https://100.64.0.128:2379,https://100.64.0.129:2379,https://100.64.0.130:2379",
"etcd_key_file": "/etc/etcd/etcdSSL/etcd-key.pem",
"etcd_cert_file": "/etc/etcd/etcdSSL/etcd.pem",
"etcd_ca_cert_file": "/etc/etcd/etcdSSL/ca.pem",
"service_ipnet": "172.1.0.0/24",
"node_ips": [],
"policy": {
"type": "k8s",
"k8s_api_root": "https://172.1.0.1:443",
"k8s_auth_token": "__SERVICEACCOUNT_TOKEN__"
},
"kubernetes": {
"kubeconfig": "/etc/cni/net.d/anchor-kubeconfig"
}
}
}
Created CNI config 10-anchor.conf
Done configuring CNI. Sleep=true
Then I create the anchor-2048.yaml
root@k8s-master:~/network# cat anchor-2048.yaml
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: anchor-2048
labels:
app: anchor-2048
spec:
template:
metadata:
name: anchor-2048
labels:
app: anchor-2048
annotations:
cni.anchor.org/subnet: 100.64.0.0/20
cni.anchor.org/gateway: 100.64.15.254
spec:
nodeSelector:
kubernetes.io/hostname: "100.64.15.228"
containers:
- name: anchor-2048
image: alexwhen/docker-2048
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: anchor-2048
spec:
type: NodePort
ports:
- port: 80
selector:
app: anchor-2048
root@k8s-master:~/network#
root@k8s-master:~/network# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE
anchor-2048-5989c879c6-qckg8 1/1 Running 0 8m 172.17.0.13 100.64.15.228
root@k8s-master:~/network#
And I found the pod's IP is " 172.17.0.13" not 100.64.0.0/20
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.