Accepting request 612836 from devel:CaaSP:Head:ControllerNode

OBS-URL: https://build.opensuse.org/request/show/612836 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/flannel?expand=0&rev=10
2018-05-29 14:53:11 +00:00 · 2018-05-29 14:53:11 +00:00 · 09cd580ac1
commit 09cd580ac1
parent af2cba1885 00fb19121c
3 changed files with 46 additions and 0 deletions
--- a/flannel.changes
+++ b/flannel.changes
@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Tue May 29 11:11:34 UTC 2018 - rfernandezlopez@suse.com
+
+- Add use-32-prefix-udp-backend.patch: backend/udp: Use a /32 prefix for the flannel0 interface
+  This avoids the kernel's creation of broadcast routes, which prevent
+  communication from the host with the zeroth subnet to containers on any
+  other hosts.
+
+Fixes: bsc#1094364
+
 -------------------------------------------------------------------
 Thu Feb  1 16:58:22 CET 2018 - ro@suse.de

--- a/flannel.spec
+++ b/flannel.spec
@ -33,6 +33,7 @@ Source1:        flanneld.sysconf
 Source2:        flanneld.service
 Source3:        flannel-docker.conf
 Source4:        flannel-tmpfiles.conf
+Patch1:         use-32-prefix-udp-backend.patch
 BuildRequires:  golang-packaging
 BuildRequires:  systemd
 BuildRequires:  xz
@ -54,6 +55,7 @@ reduces the complexity of doing port mapping.

 %prep
 %setup -q
+%patch1 -p1

 %build
 gofmt -w -r "x -> \"%{version}\"" version/version.go
--- a/use-32-prefix-udp-backend.patch
+++ b/use-32-prefix-udp-backend.patch
@ -0,0 +1,34 @@
+From ed425bdd6fefacb0f06b35fa8f4caedf042dc84d Mon Sep 17 00:00:00 2001
+From: "Cel A. Skeggs" <cela@mit.edu>
+Date: Thu, 1 Feb 2018 17:49:12 -0500
+Subject: [PATCH] backend/udp: Use a /32 prefix for the flannel0 interface
+
+This avoids the kernel's creation of broadcast routes, which prevent
+communication from the host with the zeroth subnet to containers on any
+other hosts.
+---
+ backend/udp/udp_network.go | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/backend/udp/udp_network.go b/backend/udp/udp_network.go
+index 1f9752f8..242ebf49 100644
+--- a/backend/udp/udp_network.go
+++ b/backend/udp/udp_network.go
+@@ -153,9 +153,15 @@ func configureIface(ifname string, ipn ip.IP4Net, mtu int) error {
+ 		return fmt.Errorf("failed to lookup interface %v", ifname)
+ 	}
+ 
+-	err = netlink.AddrAdd(iface, &netlink.Addr{IPNet: ipn.ToIPNet(), Label: ""})
+	// Ensure that the device has a /32 address so that no broadcast routes are created.
+	// This IP is just used as a source address for host to workload traffic (so
+	// the return path for the traffic has an address on the flannel network to use as the destination)
+	ipnLocal := ipn
+	ipnLocal.PrefixLen = 32
+
+	err = netlink.AddrAdd(iface, &netlink.Addr{IPNet: ipnLocal.ToIPNet(), Label: ""})
+ 	if err != nil {
+-		return fmt.Errorf("failed to add IP address %v to %v: %v", ipn.String(), ifname, err)
+		return fmt.Errorf("failed to add IP address %v to %v: %v", ipnLocal.String(), ifname, err)
+ 	}
+ 
+ 	err = netlink.LinkSetMTU(iface, mtu)