Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

resolve network instance switch creation problem #593

Merged
merged 1 commit into from
Apr 30, 2021
Merged

resolve network instance switch creation problem #593

merged 1 commit into from
Apr 30, 2021

Conversation

giggsoff
Copy link
Collaborator

@giggsoff giggsoff commented Apr 21, 2021
edited
Loading

Resolving the problem of networkInstance switch creation #589. Removing the redundant code. Add 'none' uplink.

Signed-off-by: Petr Fedchenkov [email protected]

@giggsoff giggsoff force-pushed the fix-switch-network branch from 3077729 to 74c38fe Compare April 21, 2021 22:38
@sadov
Copy link
Contributor

sadov commented Apr 23, 2021
edited
Loading

Seems we still have problems:

$ eden network create --type switch -n direct
$ eden network create 10.11.12.0/24 -n indirect
$ eden pod deploy -v debug -n eclient docker://itmoeve/eclient:0.4 -p 2223:22 --networks=indirect --networks=direct --memory=512MB
$ eden pod ps
NAME    IMAGE                   UUID                                    INTERNAL                        EXTERNAL        MEMORY          STATE(ADAM)     LAST_STATE(EVE)
eclient itmoeve/eclient:0.4     45dcabbe-25b8-4409-9a38-987860cc1d75    192.168.0.12; 192.168.0.13      -               139 MB/961 MB   IN_CONFIG       RUNNING
$ eden pod modify eclient --networks indirect --networks=direct --acl='[]'
$ eden pod ps
NAME    IMAGE                   UUID                                    INTERNAL        EXTERNAL        MEMORY  STATE(ADAM)     LAST_STATE(EVE)
NAME    IMAGE                   UUID                                    INTERNAL                        EXTERNAL        MEMORY          STATE(ADAM)     LAST_STATE(EVE)
eclient itmoeve/eclient:0.4     45dcabbe-25b8-4409-9a38-987860cc1d75    192.168.0.12; 192.168.0.13      -               139 MB/961 MB   IN_CONFIG       RUNNING: [description:"updateACL: ACE with host not supported on switch network instance: {Matches:[{Type:host Value:[]}] Actions:[] Name: RuleID:1 Dir:0}\n\nupdateACL: ACE with host not supported on switch network instance: {Matches:[{Type:host Value:[]}] Actions:[] Name: RuleID:1 Dir:0}\n\n"  timestamp:{seconds:1619175739  nanos:816863745}]

@giggsoff
Copy link
Collaborator Author

giggsoff commented Apr 23, 2021
edited
Loading

Hi, @sadov.
I can see in ./eden pod modify --help

Flags:
      --acl strings           Allow access only to defined hosts/ips/subnets

So, what is your expected behavior in case of --acl='[]'?

@zed-sadov
Copy link
Contributor

zed-sadov commented Apr 23, 2021
edited
Loading

Hi @giggsoff,
It would actually be great to have some combination of arguments to convert from this application's interface configuration:

                {
                    "name": "direct",
                    "networkId": "72a14885-73c4-4fe7-a4b2-f919c05bf065",
                    "addr": "",
                    "hostname": "",
                    "cryptoEid": "",
                    "lispsignature": "",
                    "pemcert": null,
                    "pemprivatekey": null,
                    "macAddress": "",
                    "acls": [
                        {
                            "matches": [
                                {
                                    "type": "ip",
                                    "value": "0.0.0.0/0"
                                }
                            ],
                            "actions": [],
                            "name": "",
                            "id": 3,
                            "dir": "BOTH"
                        }
                    ]
                }

to config with empty acl array:

                {
                    "name": "direct",
                    "networkId": "72a14885-73c4-4fe7-a4b2-f919c05bf065",
                    "addr": "",
                    "hostname": "",
                    "cryptoEid": "",
                    "lispsignature": "",
                    "pemcert": null,
                    "pemprivatekey": null,
                    "macAddress": "",
                    "acls": []
                }

@giggsoff giggsoff changed the title resolve network instance switch creation problem [WIP] resolve network instance switch creation problem Apr 23, 2021
@giggsoff giggsoff force-pushed the fix-switch-network branch from 12f58da to e22daae Compare April 23, 2021 16:08
@giggsoff giggsoff force-pushed the fix-switch-network branch from e22daae to 4a08035 Compare April 28, 2021 13:45
@giggsoff giggsoff changed the title [WIP] resolve network instance switch creation problem resolve network instance switch creation problem Apr 28, 2021
@giggsoff giggsoff mentioned this pull request Apr 29, 2021
Merged
@mydatascience mydatascience merged commit 4d5e4a3 into lf-edge:master Apr 30, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@giggsoff @sadov @zed-sadov @mydatascience