pkg/{encapsulation,mesh}: abstract encapsulation

This commit abstracts away encapsulation to more easily allow for
different types of encapsulation or compatibility with other networking
solutions.

pkg/encapsulation/ipip.go

@@ -0,0 +1,107 @@
+// Copyright 2019 the Kilo authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package encapsulation
+
+import (
+	"fmt"
+	"net"
+
+	"github.com/squat/kilo/pkg/iproute"
+	"github.com/squat/kilo/pkg/iptables"
+)
+
+// Strategy identifies which packets within a location should
+// be encapsulated.
+type Strategy string
+
+const (
+	// Never indicates that no packets within a location
+	// should be encapsulated.
+	Never Strategy = "never"
+	// CrossSubnet indicates that only packets that
+	// traverse subnets within a location should be encapsulated.
+	CrossSubnet Strategy = "crosssubnet"
+	// Always indicates that all packets within a location
+	// should be encapsulated.
+	Always Strategy = "always"
+)
+
+// Interface can configure
+// the encapsulation interface, init itself,
+// get the encapsulation interface index,
+// set the interface IP address,
+// return the required IPTables rules,
+// return the encapsulation strategy,
+// and clean up any changes applied to the backend.
+type Interface interface {
+	CleanUp() error
+	Index() int
+	Init(int) error
+	Rules([]*net.IPNet) []iptables.Rule
+	Set(*net.IPNet) error
+	Strategy() Strategy
+}
+
+type ipip struct {
+	iface    int
+	strategy Strategy
+}
+
+// NewIPIP returns an encapsulation that uses IPIP.
+func NewIPIP(strategy Strategy) Interface {
+	return &ipip{strategy: strategy}
+}
+
+// CleanUp will remove any created IPIP devices.
+func (i *ipip) CleanUp() error {
+	if err := iproute.DeleteAddresses(i.iface); err != nil {
+		return nil
+	}
+	return iproute.RemoveInterface(i.iface)
+}
+
+// Index returns the index of the IPIP interface.
+func (i *ipip) Index() int {
+	return i.iface
+}
+
+// Init initializes the IPIP interface.
+func (i *ipip) Init(base int) error {
+	iface, err := iproute.NewIPIP(base)
+	if err != nil {
+		return fmt.Errorf("failed to create tunnel interface: %v", err)
+	}
+	if err := iproute.Set(iface, true); err != nil {
+		return fmt.Errorf("failed to set tunnel interface up: %v", err)
+	}
+	i.iface = iface
+	return nil
+}
+
+// Rules returns a set of iptables rules that are necessary
+// when traffic between nodes must be encapsulated.
+func (i *ipip) Rules(nodes []*net.IPNet) []iptables.Rule {
+	return iptables.IPIPRules(nodes)
+}
+
+// Set sets the IP address of the IPIP interface.
+func (i *ipip) Set(cidr *net.IPNet) error {
+	return iproute.SetAddress(i.iface, cidr)
+}
+
+// Strategy returns the configured strategy for encapsulation.
+func (i *ipip) Strategy() Strategy {
+	return i.strategy
+}