From 57eab64b7209a3a274dc3f2c95e55a12167f5c4c Mon Sep 17 00:00:00 2001 From: Euan Kemp Date: Wed, 11 Dec 2019 12:28:49 -0800 Subject: [PATCH] Add support for a 'no manage' tag (#726) * Add support for a 'no manage' tag This tag results in an ENI being unmanaged by the ipamd plugin. This allows someone to create an ENI, associate it with an instance, and then use eks per normal while also using that ENI for whatever. * Update tests for new changes * Remove 'unmanaged eni' metric * Update readme with docs about CLUSTER_NAME and no_manage * Correctly indent tag sub-headers * Remove trailing '.' * Account for unmanaged ENIs in allocation check --- README.md | 49 +++++++- ipamd/ipamd.go | 58 ++++++--- ipamd/ipamd_test.go | 16 +-- pkg/awsutils/awsutils.go | 38 ++++-- pkg/awsutils/awsutils_test.go | 111 +++++++++++++----- pkg/awsutils/mocks/awsutils_mocks.go | 9 +- pkg/ec2wrapper/mocks/ec2wrapper_mocks.go | 4 +- pkg/netlinkwrapper/mock_netlink/link_mocks.go | 2 +- .../mocks/netlinkwrapper_mocks.go | 26 ++-- pkg/networkutils/mocks/network_mocks.go | 26 ++-- pkg/utils/ttime/mocks/time_mocks.go | 2 +- rpc/mocks/rpc_mocks.go | 4 +- 12 files changed, 242 insertions(+), 103 deletions(-) diff --git a/README.md b/README.md index 20f32e2a97..e40c4bb014 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ The default manifest expects `--cni-conf-dir=/etc/cni/net.d` and `--cni-bin-dir= L-IPAM requires following [IAM policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html): -``` +``` { "Effect": "Allow", "Action": [ @@ -375,10 +375,53 @@ Default: `{}` Example values: `{"tag_key": "tag_val"}` -Metadata applied to ENI help you categorize and organize your resources for billing or other purposes. Each tag consists of a custom-defined key and an optional value. Tag keys can have a maximum character length of 128 characters. Tag values can have a maximum length of 256 characters. These tags will be added to all ENIs on the host. +Metadata applied to ENI help you categorize and organize your resources for billing or other purposes. Each tag consists of a custom-defined key and an optional value. Tag keys can have a maximum character length of 128 characters. Tag values can have a maximum length of 256 characters. These tags will be added to all ENIs on the host. Important: Custom tags should not contain `k8s.amazonaws.com` prefix as it is reserved. If the tag has `k8s.amazonaws.com` string, tag addition will ignored. +--- + +`CLUSTER_NAME` + +Type: String + +Default: `""` + +Specifies the cluster name to tag allocated ENIs with. See the "Cluster Name tag" section below. + +### ENI tags related to Allocation + +This plugin interacts with the following tags on ENIs: + +* `cluster.k8s.amazonaws.com/name` +* `node.k8s.amazonaws.com/instance_id` +* `node.k8s.amazonaws.com/no_manage` + +#### Cluster Name tag + +The tag `cluster.k8s.amazonaws.com/name` will be set to the cluster name of the +aws-node daemonset which created the ENI. + +#### Instance ID tag + +The tag `node.k8s.amazonaws.com/instance_id` will be set to the instance ID of +the aws-node instance that allocated this ENI. + +#### No Manage tag + +The tag `node.k8s.amazonaws.com/no_manage` is read by the aws-node daemonset to +determine whether an ENI attached to the machine should not be configured or +used for private IPs. + +This tag is not set by the cni plugin itself, but rather may be set by a user +to indicate that an ENI is intended for host networking pods, or for some other +process unrelated to Kubernetes. + +*Note*: Attaching an ENI with the `no_manage` tag will result in an incorrect +value for the Kubelet's `--max-pods` configuration option. Consider also +updating the `MAX_ENI` and `--max-pods` configuration options on this plugin +and the kubelet respectively if you are making use of this tag. + ### Notes `L-IPAMD`(aws-node daemonSet) running on every worker node requires access to kubernetes API server. If it can **not** reach @@ -405,4 +448,4 @@ instructions [here](https://aws.amazon.com/security/vulnerability-reporting/) or ## Contributing -[See CONTRIBUTING.md](./CONTRIBUTING.md) \ No newline at end of file +[See CONTRIBUTING.md](./CONTRIBUTING.md) diff --git a/ipamd/ipamd.go b/ipamd/ipamd.go index 68b6be8805..37b97adaea 100644 --- a/ipamd/ipamd.go +++ b/ipamd/ipamd.go @@ -107,6 +107,10 @@ const ( // This environment is used to specify whether Pods need to use a security group and subnet defined in an ENIConfig CRD. // When it is NOT set or set to false, ipamd will use primary interface security group and subnet for Pod network. envCustomNetworkCfg = "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" + + // eniNoManageTagKey is the tag that may be set on an ENI to indicate ipamd + // should not manage it in any form. + eniNoManageTagKey = "node.k8s.amazonaws.com/no_manage" ) var ( @@ -127,7 +131,7 @@ var ( enisMax = prometheus.NewGauge( prometheus.GaugeOpts{ Name: "awscni_eni_max", - Help: "The maximum number of ENIs that can be attached to the instance", + Help: "The maximum number of ENIs that can be attached to the instance, accounting for unmanaged ENIs", }, ) ipMax = prometheus.NewGauge( @@ -170,6 +174,7 @@ type IPAMContext struct { networkClient networkutils.NetworkAPIs maxIPsPerENI int maxENI int + unmanagedENI int warmENITarget int warmIPTarget int minimumIPTarget int @@ -271,25 +276,25 @@ func (c *IPAMContext) nodeInit() error { log.Debugf("Start node init") - c.maxENI, err = c.getMaxENI() + allENIs, err := c.awsClient.GetAttachedENIs() + if err != nil { + log.Error("Failed to retrieve ENI info") + return errors.New("ipamd init: failed to retrieve attached ENIs info") + } + enis, numUnmanaged := filterUnmanagedENIs(allENIs) + nodeMaxENI, err := c.getMaxENI() if err != nil { log.Error("Failed to get ENI limit") return err } - enisMax.Set(float64(c.maxENI)) - + c.maxENI = nodeMaxENI + c.unmanagedENI = numUnmanaged c.maxIPsPerENI, err = c.awsClient.GetENIipLimit() if err != nil { log.Error("Failed to get IPs per ENI limit") return err } - ipMax.Set(float64(c.maxIPsPerENI * c.maxENI)) - - enis, err := c.awsClient.GetAttachedENIs() - if err != nil { - log.Error("Failed to retrieve ENI info") - return errors.New("ipamd init: failed to retrieve attached ENIs info") - } + c.updateIPStats(numUnmanaged) _, vpcCIDR, err := net.ParseCIDR(c.awsClient.GetVPCIPv4CIDR()) if err != nil { @@ -392,6 +397,11 @@ func (c *IPAMContext) nodeInit() error { return err } +func (c *IPAMContext) updateIPStats(unmanaged int) { + ipMax.Set(float64(c.maxIPsPerENI * (c.maxENI - unmanaged))) + enisMax.Set(float64(c.maxENI - unmanaged)) +} + func (c *IPAMContext) getLocalPodsWithRetry() ([]*k8sapi.K8SPodInfo, error) { var pods []*k8sapi.K8SPodInfo var err error @@ -628,12 +638,12 @@ func (c *IPAMContext) increaseIPPool() { c.updateLastNodeIPPoolAction() } else { // If we did not add an IP, try to add an ENI instead. - if c.dataStore.GetENIs() < c.maxENI { + if c.dataStore.GetENIs() < (c.maxENI - c.unmanagedENI) { if err = c.tryAllocateENI(); err == nil { c.updateLastNodeIPPoolAction() } } else { - log.Debugf("Skipping ENI allocation as the instance's max ENI limit of %d is already reached", c.maxENI) + log.Debugf("Skipping ENI allocation as the instance's max ENI limit of %d is already reached (accounting for %d unmanaged ENIs)", c.maxENI, c.unmanagedENI) } } } @@ -786,7 +796,7 @@ func (c *IPAMContext) addENIaddressesToDataStore(ec2Addrs []*ec2.NetworkInterfac // returns all addresses on ENI, the primary address on ENI, error func (c *IPAMContext) getENIaddresses(eni string) ([]*ec2.NetworkInterfacePrivateIpAddress, string, error) { - ec2Addrs, _, err := c.awsClient.DescribeENI(eni) + ec2Addrs, _, _, err := c.awsClient.DescribeENI(eni) if err != nil { return nil, "", errors.Wrapf(err, "failed to find ENI addresses for ENI %s", eni) } @@ -941,13 +951,15 @@ func (c *IPAMContext) nodeIPPoolReconcile(interval time.Duration) { } log.Debug("Reconciling ENI/IP pool info...") - attachedENIs, err := c.awsClient.GetAttachedENIs() - + allENIs, err := c.awsClient.GetAttachedENIs() if err != nil { log.Errorf("IP pool reconcile: Failed to get attached ENI info: %v", err.Error()) ipamdErrInc("reconcileFailedGetENIs") return } + attachedENIs, numUnmanaged := filterUnmanagedENIs(allENIs) + c.updateIPStats(numUnmanaged) + c.unmanagedENI = numUnmanaged curENIs := c.dataStore.GetENIInfos() @@ -1106,6 +1118,20 @@ func getMinimumIPTarget() int { return noMinimumIPTarget } +func filterUnmanagedENIs(enis []awsutils.ENIMetadata) ([]awsutils.ENIMetadata, int) { + numFiltered := 0 + ret := make([]awsutils.ENIMetadata, 0, len(enis)) + for _, eni := range enis { + if eni.Tags[eniNoManageTagKey] == "true" { + log.Debugf("skipping ENI %s: tagged with %s", eni.ENIID, eniNoManageTagKey) + numFiltered++ + continue + } + ret = append(ret, eni) + } + return ret, numFiltered +} + // ipTargetState determines the number of IPs `short` or `over` our WARM_IP_TARGET, // accounting for the MINIMUM_IP_TARGET func (c *IPAMContext) ipTargetState() (short int, over int, enabled bool) { diff --git a/ipamd/ipamd_test.go b/ipamd/ipamd_test.go index 1eca7bbe4c..ea9cb7e593 100644 --- a/ipamd/ipamd_test.go +++ b/ipamd/ipamd_test.go @@ -127,7 +127,7 @@ func TestNodeInit(t *testing.T) { { PrivateIpAddress: &testAddr2, Primary: ¬Primary}} mockAWS.EXPECT().GetPrimaryENI().Return(primaryENIid) - mockAWS.EXPECT().DescribeENI(primaryENIid).Return(eniResp, &attachmentID, nil) + mockAWS.EXPECT().DescribeENI(primaryENIid).Return(eniResp, map[string]string{}, &attachmentID, nil) //secENIid mockAWS.EXPECT().GetPrimaryENI().Return(primaryENIid) @@ -140,7 +140,7 @@ func TestNodeInit(t *testing.T) { { PrivateIpAddress: &testAddr12, Primary: ¬Primary}} mockAWS.EXPECT().GetPrimaryENI().Return(primaryENIid) - mockAWS.EXPECT().DescribeENI(secENIid).Return(eniResp, &attachmentID, nil) + mockAWS.EXPECT().DescribeENI(secENIid).Return(eniResp, map[string]string{}, &attachmentID, nil) mockNetwork.EXPECT().SetupENINetwork(gomock.Any(), secMAC, secDevice, secSubnet) mockAWS.EXPECT().GetLocalIPv4().Return(ipaddr01) @@ -161,7 +161,7 @@ func TestNodeInit(t *testing.T) { mockNetwork.EXPECT().UpdateRuleListBySrc(gomock.Any(), gomock.Any(), gomock.Any(), true) // Add IPs mockAWS.EXPECT().AllocIPAddresses(gomock.Any(), gomock.Any()) - mockAWS.EXPECT().DescribeENI(gomock.Any()).Return(eniResp, &attachmentID, nil) + mockAWS.EXPECT().DescribeENI(gomock.Any()).Return(eniResp, map[string]string{}, &attachmentID, nil) err := mockContext.nodeInit() assert.NoError(t, err) @@ -248,7 +248,8 @@ func testIncreaseIPPool(t *testing.T, useENIConfig bool) { {PrivateIpAddress: &testAddr12, Primary: ¬Primary}, {PrivateIpAddress: &testAddr12, Primary: ¬Primary}, }, - &attachmentID, nil) + map[string]string{}, &attachmentID, nil, + ) mockContext.increaseIPPool() } @@ -313,8 +314,7 @@ func TestTryAddIPToENI(t *testing.T) { {PrivateIpAddress: &testAddr11, Primary: &primary}, {PrivateIpAddress: &testAddr12, Primary: ¬Primary}, {PrivateIpAddress: &testAddr12, Primary: ¬Primary}, - }, - &attachmentID, nil) + }, map[string]string{}, &attachmentID, nil) mockContext.increaseIPPool() } @@ -356,7 +356,9 @@ func TestNodeIPPoolReconcile(t *testing.T) { { PrivateIpAddress: &testAddr1, Primary: &primary}, { - PrivateIpAddress: &testAddr2, Primary: ¬Primary}}, &attachmentID, nil) + PrivateIpAddress: &testAddr2, Primary: ¬Primary, + }, + }, map[string]string{}, &attachmentID, nil) mockAWS.EXPECT().GetPrimaryENI().Return(primaryENIid) mockContext.nodeIPPoolReconcile(0) diff --git a/pkg/awsutils/awsutils.go b/pkg/awsutils/awsutils.go index 0c32578f45..1a3dc59d17 100644 --- a/pkg/awsutils/awsutils.go +++ b/pkg/awsutils/awsutils.go @@ -111,8 +111,8 @@ type APIs interface { // GetAttachedENIs retrieves eni information from instance metadata service GetAttachedENIs() (eniList []ENIMetadata, err error) - // DescribeENI returns the IPv4 addresses of ENI interface and ENI attachment ID - DescribeENI(eniID string) (addrList []*ec2.NetworkInterfacePrivateIpAddress, attachemdID *string, err error) + // DescribeENI returns the IPv4 addresses of ENI interface, tags, and the ENI attachment ID + DescribeENI(eniID string) (addrList []*ec2.NetworkInterfacePrivateIpAddress, tags map[string]string, attachemdID *string, err error) // AllocIPAddress allocates an IP address for an ENI AllocIPAddress(eniID string) error @@ -185,6 +185,9 @@ type ENIMetadata struct { // The ip addresses allocated for the network interface LocalIPv4s []string + + // Tags are the tags associated with this ENI in AWS + Tags map[string]string } // msSince returns milliseconds since start. @@ -443,12 +446,18 @@ func (cache *EC2InstanceMetadataCache) getENIMetadata(macStr string) (ENIMetadat if err != nil { return ENIMetadata{}, errors.Wrapf(err, "get ENI metadata: failed to retrieve IPs and CIDR for ENI: %s", eniMAC) } + _, tags, _, err := cache.DescribeENI(eni) + if err != nil { + return ENIMetadata{}, errors.Wrapf(err, "get ENI metadata: failed to describe ENI: %s, %v", eniMAC, err) + } return ENIMetadata{ ENIID: eni, MAC: eniMAC, DeviceNumber: deviceNum, SubnetIPv4CIDR: cidr, - LocalIPv4s: localIPv4s}, nil + LocalIPv4s: localIPv4s, + Tags: tags, + }, nil } // getIPsAndCIDR return list of IPs, CIDR, error @@ -777,7 +786,7 @@ func (cache *EC2InstanceMetadataCache) freeENI(eniName string, maxBackoffDelay t log.Infof("Trying to free ENI: %s", eniName) // Find out attachment - _, attachID, err := cache.DescribeENI(eniName) + _, _, attachID, err := cache.DescribeENI(eniName) if err != nil { if err == ErrENINotFound { log.Infof("ENI %s not found. It seems to be already freed", eniName) @@ -852,9 +861,9 @@ func (cache *EC2InstanceMetadataCache) deleteENI(eniName string, maxBackoffDelay return err } -// DescribeENI returns the IPv4 addresses of interface and the attachment id -// return: private IP address, attachment id, error -func (cache *EC2InstanceMetadataCache) DescribeENI(eniID string) ([]*ec2.NetworkInterfacePrivateIpAddress, *string, error) { +// DescribeENI returns the IPv4 addresses, tags, and attachment id of the given ENI +// return: private IP address, tags, attachment id, error +func (cache *EC2InstanceMetadataCache) DescribeENI(eniID string) ([]*ec2.NetworkInterfacePrivateIpAddress, map[string]string, *string, error) { eniIds := make([]*string, 0) eniIds = append(eniIds, aws.String(eniID)) input := &ec2.DescribeNetworkInterfacesInput{NetworkInterfaceIds: eniIds} @@ -865,14 +874,23 @@ func (cache *EC2InstanceMetadataCache) DescribeENI(eniID string) ([]*ec2.Network if err != nil { if aerr, ok := err.(awserr.Error); ok { if aerr.Code() == "InvalidNetworkInterfaceID.NotFound" { - return nil, nil, ErrENINotFound + return nil, nil, nil, ErrENINotFound } } awsAPIErrInc("DescribeNetworkInterfaces", err) log.Errorf("Failed to get ENI %s information from EC2 control plane %v", eniID, err) - return nil, nil, errors.Wrap(err, "failed to describe network interface") + return nil, nil, nil, errors.Wrap(err, "failed to describe network interface") } - return result.NetworkInterfaces[0].PrivateIpAddresses, result.NetworkInterfaces[0].Attachment.AttachmentId, nil + tags := make(map[string]string, len(result.NetworkInterfaces[0].TagSet)) + for _, tag := range result.NetworkInterfaces[0].TagSet { + if tag.Key == nil || tag.Value == nil { + log.Errorf("nil tag on ENI: %v", eniID) + continue + } + tags[*tag.Key] = *tag.Value + } + + return result.NetworkInterfaces[0].PrivateIpAddresses, tags, result.NetworkInterfaces[0].Attachment.AttachmentId, nil } // AllocIPAddress allocates an IP address for an ENI diff --git a/pkg/awsutils/awsutils_test.go b/pkg/awsutils/awsutils_test.go index 4f0086ac1f..ab0fd98c18 100644 --- a/pkg/awsutils/awsutils_test.go +++ b/pkg/awsutils/awsutils_test.go @@ -32,25 +32,29 @@ import ( ) const ( - az = "us-east-1a" - localIP = "10.0.0.10" - instanceID = "i-0e1f3b9eb950e4980" - instanceType = "c1.medium" - primaryMAC = "12:ef:2a:98:e5:5a" - eni2MAC = "12:ef:2a:98:e5:5b" - sg1 = "sg-2e080f50" - sg2 = "sg-2e080f51" - sgs = sg1 + " " + sg2 - subnetID = "subnet-6b245523" - vpcCIDR = "10.0.0.0/16" - subnetCIDR = "10.0.1.0/24" - accountID = "694065802095" - primaryeniID = "eni-00000000" - eniID = "eni-5731da78" - eniAttachID = "eni-attach-beb21856" - eni1Device = "0" - eni2Device = "2" - ownerID = "i-0946d8a24922d2852" + az = "us-east-1a" + localIP = "10.0.0.10" + instanceID = "i-0e1f3b9eb950e4980" + instanceType = "c1.medium" + primaryMAC = "12:ef:2a:98:e5:5a" + eni2MAC = "12:ef:2a:98:e5:5b" + sg1 = "sg-2e080f50" + sg2 = "sg-2e080f51" + sgs = sg1 + " " + sg2 + subnetID = "subnet-6b245523" + vpcCIDR = "10.0.0.0/16" + subnetCIDR = "10.0.1.0/24" + accountID = "694065802095" + primaryeniID = "eni-00000000" + eniID = "eni-5731da78" + eniAttachID = "eni-attach-beb21856" + eni1Device = "0" + eni1PrivateIP = "10.0.0.1" + eni2Device = "2" + eni2PrivateIP = "10.0.0.2" + eni2AttachID = "eni-attach-fafdfafd" + eni2ID = "eni-12341234" + ownerID = "i-0946d8a24922d2852" ) func setup(t *testing.T) (*gomock.Controller, @@ -242,23 +246,60 @@ func TestSetPrimaryENs(t *testing.T) { } func TestGetAttachedENIs(t *testing.T) { - ctrl, mockMetadata, _ := setup(t) + ctrl, mockMetadata, mockEC2 := setup(t) defer ctrl.Finish() mockMetadata.EXPECT().GetMetadata(metadataMACPath).Return(primaryMAC+" "+eni2MAC, nil) + mockEC2.EXPECT().DescribeNetworkInterfaces(gomock.Any()). + DoAndReturn(func(input *ec2.DescribeNetworkInterfacesInput) (*ec2.DescribeNetworkInterfacesOutput, error) { + output := []*ec2.NetworkInterface{} + for _, in := range input.NetworkInterfaceIds { + ip := "" + attachID := "" + switch *in { + case eniID: + ip, attachID = eni1PrivateIP, eniAttachID + case eni2ID: + ip, attachID = eni2PrivateIP, eni2AttachID + default: + panic("no such id " + *in) + } + + output = append(output, &ec2.NetworkInterface{ + PrivateIpAddresses: []*ec2.NetworkInterfacePrivateIpAddress{ + { + PrivateIpAddress: &ip, + }, + }, + Attachment: &ec2.NetworkInterfaceAttachment{ + AttachmentId: &attachID, + }, + TagSet: []*ec2.Tag{ + { + Key: aws.String("foo"), + Value: aws.String("foo-value"), + }, + }, + }) + } + return &ec2.DescribeNetworkInterfacesOutput{ + NetworkInterfaces: output, + }, nil + }).Times(2) + gomock.InOrder( mockMetadata.EXPECT().GetMetadata(metadataMACPath+primaryMAC+metadataDeviceNum).Return(eni1Device, nil), - mockMetadata.EXPECT().GetMetadata(metadataMACPath+primaryMAC+metadataInterface).Return(primaryMAC, nil), + mockMetadata.EXPECT().GetMetadata(metadataMACPath+primaryMAC+metadataInterface).Return(eniID, nil), mockMetadata.EXPECT().GetMetadata(metadataMACPath+primaryMAC+metadataSubnetCIDR).Return(subnetCIDR, nil), mockMetadata.EXPECT().GetMetadata(metadataMACPath+primaryMAC+metadataIPv4s).Return("", nil), mockMetadata.EXPECT().GetMetadata(metadataMACPath+eni2MAC+metadataDeviceNum).Return(eni2Device, nil), - mockMetadata.EXPECT().GetMetadata(metadataMACPath+eni2MAC+metadataInterface).Return(eni2MAC, nil), + mockMetadata.EXPECT().GetMetadata(metadataMACPath+eni2MAC+metadataInterface).Return(eni2ID, nil), mockMetadata.EXPECT().GetMetadata(metadataMACPath+eni2MAC+metadataSubnetCIDR).Return(subnetCIDR, nil), mockMetadata.EXPECT().GetMetadata(metadataMACPath+eni2MAC+metadataIPv4s).Return("", nil), ) - ins := &EC2InstanceMetadataCache{ec2Metadata: mockMetadata} + ins := &EC2InstanceMetadataCache{ec2Metadata: mockMetadata, ec2SVC: mockEC2} ens, err := ins.GetAttachedENIs() assert.NoError(t, err) assert.Equal(t, len(ens), 2) @@ -308,25 +349,33 @@ func TestDescribeENI(t *testing.T) { attachmentID := eniAttachID attachment := &ec2.NetworkInterfaceAttachment{AttachmentId: &attachmentID} result := &ec2.DescribeNetworkInterfacesOutput{ - NetworkInterfaces: []*ec2.NetworkInterface{{Attachment: attachment}}} + NetworkInterfaces: []*ec2.NetworkInterface{{ + Attachment: attachment, + TagSet: []*ec2.Tag{ + {Key: aws.String("foo"), Value: aws.String("foo-value")}, + }, + }}, + } testCases := []struct { - name string - expID *string - awsErr error - expErr error + name string + expID *string + exptags map[string]string + awsErr error + expErr error }{ - {"success DescribeENI", &attachmentID, nil, nil}, - {"not found error", nil, awserr.New("InvalidNetworkInterfaceID.NotFound", "", nil), ErrENINotFound}, + {"success DescribeENI", &attachmentID, map[string]string{"foo": "foo-value"}, nil, nil}, + {"not found error", nil, nil, awserr.New("InvalidNetworkInterfaceID.NotFound", "", nil), ErrENINotFound}, } for _, tc := range testCases { mockEC2.EXPECT().DescribeNetworkInterfaces(gomock.Any()).Return(result, tc.awsErr) ins := &EC2InstanceMetadataCache{ec2SVC: mockEC2} - _, id, err := ins.DescribeENI("test-eni") + _, tags, id, err := ins.DescribeENI("test-eni") assert.Equal(t, tc.expErr, err, tc.name) assert.Equal(t, tc.expID, id, tc.name) + assert.Equal(t, tc.exptags, tags, tc.name) } } diff --git a/pkg/awsutils/mocks/awsutils_mocks.go b/pkg/awsutils/mocks/awsutils_mocks.go index 607425f88a..1d49981290 100644 --- a/pkg/awsutils/mocks/awsutils_mocks.go +++ b/pkg/awsutils/mocks/awsutils_mocks.go @@ -98,12 +98,13 @@ func (mr *MockAPIsMockRecorder) DeallocIPAddresses(arg0, arg1 interface{}) *gomo } // DescribeENI mocks base method -func (m *MockAPIs) DescribeENI(arg0 string) ([]*ec2.NetworkInterfacePrivateIpAddress, *string, error) { +func (m *MockAPIs) DescribeENI(arg0 string) ([]*ec2.NetworkInterfacePrivateIpAddress, map[string]string, *string, error) { ret := m.ctrl.Call(m, "DescribeENI", arg0) ret0, _ := ret[0].([]*ec2.NetworkInterfacePrivateIpAddress) - ret1, _ := ret[1].(*string) - ret2, _ := ret[2].(error) - return ret0, ret1, ret2 + ret1, _ := ret[1].(map[string]string) + ret2, _ := ret[2].(*string) + ret3, _ := ret[3].(error) + return ret0, ret1, ret2, ret3 } // DescribeENI indicates an expected call of DescribeENI diff --git a/pkg/ec2wrapper/mocks/ec2wrapper_mocks.go b/pkg/ec2wrapper/mocks/ec2wrapper_mocks.go index 0d62a76356..3dda62862a 100644 --- a/pkg/ec2wrapper/mocks/ec2wrapper_mocks.go +++ b/pkg/ec2wrapper/mocks/ec2wrapper_mocks.go @@ -18,9 +18,9 @@ package mock_ec2wrapper import ( + context "context" reflect "reflect" - aws "github.com/aws/aws-sdk-go/aws" request "github.com/aws/aws-sdk-go/aws/request" ec2 "github.com/aws/aws-sdk-go/service/ec2" gomock "github.com/golang/mock/gomock" @@ -167,7 +167,7 @@ func (mr *MockEC2MockRecorder) ModifyNetworkInterfaceAttribute(arg0 interface{}) } // UnassignPrivateIpAddressesWithContext mocks base method -func (m *MockEC2) UnassignPrivateIpAddressesWithContext(arg0 aws.Context, arg1 *ec2.UnassignPrivateIpAddressesInput, arg2 ...request.Option) (*ec2.UnassignPrivateIpAddressesOutput, error) { +func (m *MockEC2) UnassignPrivateIpAddressesWithContext(arg0 context.Context, arg1 *ec2.UnassignPrivateIpAddressesInput, arg2 ...request.Option) (*ec2.UnassignPrivateIpAddressesOutput, error) { varargs := []interface{}{arg0, arg1} for _, a := range arg2 { varargs = append(varargs, a) diff --git a/pkg/netlinkwrapper/mock_netlink/link_mocks.go b/pkg/netlinkwrapper/mock_netlink/link_mocks.go index 22b52cd24a..5327eb88ba 100644 --- a/pkg/netlinkwrapper/mock_netlink/link_mocks.go +++ b/pkg/netlinkwrapper/mock_netlink/link_mocks.go @@ -1,4 +1,4 @@ -// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. +// Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. // // Licensed under the Apache License, Version 2.0 (the "License"). You may // not use this file except in compliance with the License. A copy of the diff --git a/pkg/netlinkwrapper/mocks/netlinkwrapper_mocks.go b/pkg/netlinkwrapper/mocks/netlinkwrapper_mocks.go index 900e88b0c3..6c4f02ed68 100644 --- a/pkg/netlinkwrapper/mocks/netlinkwrapper_mocks.go +++ b/pkg/netlinkwrapper/mocks/netlinkwrapper_mocks.go @@ -1,4 +1,4 @@ -// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. +// Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. // // Licensed under the Apache License, Version 2.0 (the "License"). You may // not use this file except in compliance with the License. A copy of the @@ -231,18 +231,6 @@ func (mr *MockNetLinkMockRecorder) RouteAdd(arg0 interface{}) *gomock.Call { return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RouteAdd", reflect.TypeOf((*MockNetLink)(nil).RouteAdd), arg0) } -// RouteReplace mocks base method -func (m *MockNetLink) RouteReplace(arg0 *netlink.Route) error { - ret := m.ctrl.Call(m, "RouteReplace", arg0) - ret0, _ := ret[0].(error) - return ret0 -} - -// RouteReplace indicates an expected call of RouteReplace -func (mr *MockNetLinkMockRecorder) RouteReplace(arg0 interface{}) *gomock.Call { - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RouteReplace", reflect.TypeOf((*MockNetLink)(nil).RouteReplace), arg0) -} - // RouteDel mocks base method func (m *MockNetLink) RouteDel(arg0 *netlink.Route) error { ret := m.ctrl.Call(m, "RouteDel", arg0) @@ -268,6 +256,18 @@ func (mr *MockNetLinkMockRecorder) RouteList(arg0, arg1 interface{}) *gomock.Cal return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RouteList", reflect.TypeOf((*MockNetLink)(nil).RouteList), arg0, arg1) } +// RouteReplace mocks base method +func (m *MockNetLink) RouteReplace(arg0 *netlink.Route) error { + ret := m.ctrl.Call(m, "RouteReplace", arg0) + ret0, _ := ret[0].(error) + return ret0 +} + +// RouteReplace indicates an expected call of RouteReplace +func (mr *MockNetLinkMockRecorder) RouteReplace(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RouteReplace", reflect.TypeOf((*MockNetLink)(nil).RouteReplace), arg0) +} + // RuleAdd mocks base method func (m *MockNetLink) RuleAdd(arg0 *netlink.Rule) error { ret := m.ctrl.Call(m, "RuleAdd", arg0) diff --git a/pkg/networkutils/mocks/network_mocks.go b/pkg/networkutils/mocks/network_mocks.go index 7c019ec6cc..bb491a02a9 100644 --- a/pkg/networkutils/mocks/network_mocks.go +++ b/pkg/networkutils/mocks/network_mocks.go @@ -1,4 +1,4 @@ -// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. +// Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. // // Licensed under the Apache License, Version 2.0 (the "License"). You may // not use this file except in compliance with the License. A copy of the @@ -60,6 +60,18 @@ func (mr *MockNetworkAPIsMockRecorder) DeleteRuleListBySrc(arg0 interface{}) *go return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteRuleListBySrc", reflect.TypeOf((*MockNetworkAPIs)(nil).DeleteRuleListBySrc), arg0) } +// GetExcludeSNATCIDRs mocks base method +func (m *MockNetworkAPIs) GetExcludeSNATCIDRs() []string { + ret := m.ctrl.Call(m, "GetExcludeSNATCIDRs") + ret0, _ := ret[0].([]string) + return ret0 +} + +// GetExcludeSNATCIDRs indicates an expected call of GetExcludeSNATCIDRs +func (mr *MockNetworkAPIsMockRecorder) GetExcludeSNATCIDRs() *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetExcludeSNATCIDRs", reflect.TypeOf((*MockNetworkAPIs)(nil).GetExcludeSNATCIDRs)) +} + // GetRuleList mocks base method func (m *MockNetworkAPIs) GetRuleList() ([]netlink.Rule, error) { ret := m.ctrl.Call(m, "GetRuleList") @@ -133,15 +145,3 @@ func (m *MockNetworkAPIs) UseExternalSNAT() bool { func (mr *MockNetworkAPIsMockRecorder) UseExternalSNAT() *gomock.Call { return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UseExternalSNAT", reflect.TypeOf((*MockNetworkAPIs)(nil).UseExternalSNAT)) } - -// GetExcludeSNATCIDRs mocks base method -func (m *MockNetworkAPIs) GetExcludeSNATCIDRs() []string { - ret := m.ctrl.Call(m, "GetExcludeSNATCIDRs") - ret0, _ := ret[0].([]string) - return ret0 -} - -// GetExcludeSNATCIDRs indicates an expected call of GetExcludeSNATCIDRs -func (mr *MockNetworkAPIsMockRecorder) GetExcludeSNATCIDRs() *gomock.Call { - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetExcludeSNATCIDRs", reflect.TypeOf((*MockNetworkAPIs)(nil).GetExcludeSNATCIDRs)) -} diff --git a/pkg/utils/ttime/mocks/time_mocks.go b/pkg/utils/ttime/mocks/time_mocks.go index d8d19f11bb..fa8f7c087d 100644 --- a/pkg/utils/ttime/mocks/time_mocks.go +++ b/pkg/utils/ttime/mocks/time_mocks.go @@ -1,4 +1,4 @@ -// Copyright 2017 Amazon.com, Inc. or its affiliates. All Rights Reserved. +// Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. // // Licensed under the Apache License, Version 2.0 (the "License"). You may // not use this file except in compliance with the License. A copy of the diff --git a/rpc/mocks/rpc_mocks.go b/rpc/mocks/rpc_mocks.go index 51d7eaae9c..51413fa4e4 100644 --- a/rpc/mocks/rpc_mocks.go +++ b/rpc/mocks/rpc_mocks.go @@ -1,4 +1,4 @@ -// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. +// Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. // // Licensed under the Apache License, Version 2.0 (the "License"). You may // not use this file except in compliance with the License. A copy of the @@ -18,11 +18,11 @@ package mock_rpc import ( + context "context" reflect "reflect" rpc "github.com/aws/amazon-vpc-cni-k8s/rpc" gomock "github.com/golang/mock/gomock" - context "golang.org/x/net/context" grpc "google.golang.org/grpc" )