Allow assign-macvlan annotation to specify an interface

danwinship · cherrypicker · commit 4a9988641fcc · 2017-11-20T14:55:09.000Z
diff --git a/pkg/network/node/pod.go b/pkg/network/node/pod.go
@@ -377,8 +377,8 @@ func getVethInfo(netns, containerIfname string) (string, string, string, error)
 
 // Adds a macvlan interface to a container, if requested, for use with the egress router feature
 func maybeAddMacvlan(pod *kapi.Pod, netns string) error {
-	val, ok := pod.Annotations[networkapi.AssignMacvlanAnnotation]
-	if !ok || val != "true" {
+	annotation, ok := pod.Annotations[networkapi.AssignMacvlanAnnotation]
+	if !ok || annotation == "false" {
 		return nil
 	}
 
@@ -393,23 +393,31 @@ func maybeAddMacvlan(pod *kapi.Pod, netns string) error {
 		return fmt.Errorf("pod has %q annotation but is not privileged", networkapi.AssignMacvlanAnnotation)
 	}
 
-	// Find interface with the default route
-	var defIface netlink.Link
-	routes, err := netlink.RouteList(nil, netlink.FAMILY_V4)
-	if err != nil {
-		return fmt.Errorf("failed to read routes: %v", err)
-	}
+	var iface netlink.Link
+	var err error
+	if annotation == "true" {
+		// Find interface with the default route
+		routes, err := netlink.RouteList(nil, netlink.FAMILY_V4)
+		if err != nil {
+			return fmt.Errorf("failed to read routes: %v", err)
+		}
 
-	for _, r := range routes {
-		if r.Dst == nil {
-			defIface, err = netlink.LinkByIndex(r.LinkIndex)
-			if err != nil {
-				return fmt.Errorf("failed to get default route interface: %v", err)
+		for _, r := range routes {
+			if r.Dst == nil {
+				iface, err = netlink.LinkByIndex(r.LinkIndex)
+				if err != nil {
+					return fmt.Errorf("failed to get default route interface: %v", err)
+				}
 			}
 		}
-	}
-	if defIface == nil {
-		return fmt.Errorf("failed to find default route interface")
+		if iface == nil {
+			return fmt.Errorf("failed to find default route interface")
+		}
+	} else {
+		iface, err = netlink.LinkByName(annotation)
+		if err != nil {
+			return fmt.Errorf("pod annotation %q is neither 'true' nor the name of a local network interface", networkapi.AssignMacvlanAnnotation)
+		}
 	}
 
 	podNs, err := ns.GetNS(netns)
@@ -420,9 +428,9 @@ func maybeAddMacvlan(pod *kapi.Pod, netns string) error {
 
 	err = netlink.LinkAdd(&netlink.Macvlan{
 		LinkAttrs: netlink.LinkAttrs{
-			MTU:         defIface.Attrs().MTU,
+			MTU:         iface.Attrs().MTU,
 			Name:        "macvlan0",
-			ParentIndex: defIface.Attrs().Index,
+			ParentIndex: iface.Attrs().Index,
 			Namespace:   netlink.NsFd(podNs.Fd()),
 		},
 		Mode: netlink.MACVLAN_MODE_PRIVATE,
