softwarecontainer  0.18.0-739e8d7 2017-05-04
Public Types | Public Member Functions | Static Public Attributes | Protected Member Functions | Protected Attributes
softwarecontainer::NetworkGateway Class Reference

Sets up and manages network access and routing to the container. More...

#include <networkgateway.h>

Inheritance diagram for softwarecontainer::NetworkGateway:
[legend]
Collaboration diagram for softwarecontainer::NetworkGateway:
[legend]

Public Types

enum  GatewayState : unsigned int { CREATED, CONFIGURED, ACTIVATED }
 

Public Member Functions

 NetworkGateway (const int32_t id, const std::string bridgeDevice, const std::string gateway, const uint8_t maskBits, std::shared_ptr< ContainerAbstractInterface > container)
 Creates a network gateway. More...
 
bool readConfigElement (const json_t *element) override
 Gateway specific parsing of config elements. More...
 
bool activateGateway () override
 Implements Gateway::activateGateway. More...
 
bool teardownGateway () override
 Implements Gateway::teardownGateway. More...
 
virtual std::string id () const
 Returns the ID of the gateway. More...
 
virtual bool setConfig (const json_t *config)
 Configure this gateway according to the supplied JSON configuration string. More...
 
virtual bool activate ()
 Applies any configuration set by setConfig() More...
 
virtual bool teardown ()
 Restore system to the state prior to launching of gateway. More...
 
virtual bool isConfigured ()
 Is the gateway configured or not? More...
 
virtual bool isActivated ()
 Is the gateway activated or not? More...
 

Static Public Attributes

static constexpr const char * ID
 
static const constexpr int FAILURE
 
static const constexpr int SUCCESS
 
static const constexpr int NO_LINK
 
static const constexpr int BAD_LINKUP
 
static const constexpr int BAD_LINKDOWN
 

Protected Member Functions

std::shared_ptr< ContainerAbstractInterfacegetContainer ()
 Get a handle to the associated container. More...
 
bool setEnvironmentVariable (const std::string &variable, const std::string &value)
 Set an environment variable in the associated container. More...
 

Protected Attributes

bool m_activatedOnce
 

Detailed Description

Sets up and manages network access and routing to the container.

The responsibility of NetworkGateway is to setup network connection as specified by given configuration. This configuration is described in detail in the user documentation, but a short summary of it is how to handle incoming and outgoing network packages using the three targets: ACCEPT, DROP and REJECT.

Definition at line 39 of file networkgateway.h.

Constructor & Destructor Documentation

softwarecontainer::NetworkGateway::NetworkGateway ( const int32_t  id,
const std::string  bridgeDevice,
const std::string  gateway,
const uint8_t  maskBits,
std::shared_ptr< ContainerAbstractInterface container 
)

Creates a network gateway.

Exceptions
SoftwareContainerErrorif there is an error during initialization.

Definition at line 29 of file networkgateway.cpp.

33  :
34  Gateway(ID, container),
35  m_netmask(maskBits),
36  m_gateway(gateway),
37  m_bridgeDevice(bridgeDevice),
38  m_interfaceInitialized(false),
39  m_containerID(id)
40 {
41 }
softwarecontainer::Gateway::Gateway
Gateway(const std::string &id, std::shared_ptr< ContainerAbstractInterface > container, bool isDynamic=false)
Constructor for inheriting classes to initilize.
Definition: gateway.cpp:25

Member Function Documentation

bool softwarecontainer::NetworkGateway::readConfigElement ( const json_t *  element)
overridevirtual

Gateway specific parsing of config elements.

All gateways implement this method in order to provide gateway specific parsing of the configuration content.

Parameters
elementA JSON configuration item.
Returns
false if an error was encountered while parsing, true otherwise.

Implements softwarecontainer::Gateway.

Definition at line 45 of file networkgateway.cpp.

References softwarecontainer::NetworkGatewayParser::parseNetworkGatewayConfiguration().

46 {
47  IPTableEntry e;
48  NetworkGatewayParser configParser;
49 
50  if (configParser.parseNetworkGatewayConfiguration(element, e)) {
51  m_entries.push_back(e);
52  return true;
53  } else {
54  return false;
55  }
56 }

Here is the call graph for this function:

bool softwarecontainer::NetworkGateway::activateGateway ( )
overridevirtual

Implements Gateway::activateGateway.

Implements softwarecontainer::Gateway.

Definition at line 58 of file networkgateway.cpp.

References softwarecontainer::NetworkGatewayFunctions::generateIP(), and softwarecontainer::Gateway::getContainer().

59 {
60  if (m_gateway.size() != 0) {
61  log_debug() << "Default gateway set to " << m_gateway;
62  } else {
63  log_warning() << "No gateway. Network access will be disabled";
64  return true;
65  }
66 
67  if (!isBridgeAvailable()) {
68  log_error() << "Bridge not available, expected gateway to be " << m_gateway;
69  return false;
70  }
71 
72  try {
73  m_ip.s_addr = m_functions.generateIP(m_netmask, m_gateway, m_containerID);
74  } catch (IPAllocationError &error) {
75  log_error() << error.what();
76  return false;
77  }
78 
79  bool returnValue = up();
80  if (!returnValue) {
81  log_error() << "Couldn't bring the network up";
82  return false;
83  }
84 
85  log_debug() << "Adding iptables entries";
86  for (auto entry : m_entries) {
87  FunctionJob job (getContainer(), [&] () {
88  return entry.applyRules() ? SUCCESS : FAILURE;
89  });
90  job.start();
91 
92  job.wait();
93  if (job.isError()) {
94  log_error() << "Failed to apply rules for entry: " << entry.toString();
95  return false;
96  }
97  }
98 
99  return true;
100 }
softwarecontainer::NetworkGatewayFunctions::generateIP
uint32_t generateIP(const uint32_t netmask, const std::string gatewayIP, const int32_t containerID)
Generate IP address for the container.
Definition: networkgatewayfunctions.cpp:28
softwarecontainer::Gateway::getContainer
std::shared_ptr< ContainerAbstractInterface > getContainer()
Get a handle to the associated container.
Definition: gateway.cpp:128

Here is the call graph for this function:

bool softwarecontainer::NetworkGateway::teardownGateway ( )
overridevirtual

Implements Gateway::teardownGateway.

Implements softwarecontainer::Gateway.

Definition at line 102 of file networkgateway.cpp.

References softwarecontainer::Netlink::findAddresses(), softwarecontainer::Netlink::findLink(), softwarecontainer::Gateway::getContainer(), softwarecontainer::Netlink::hasAddress(), softwarecontainer::Netlink::linkDown(), softwarecontainer::Netlink::linkUp(), softwarecontainer::Netlink::setDefaultGateway(), and softwarecontainer::Netlink::setIP().

103 {
104  return true;
105 }

Here is the call graph for this function:

std::string softwarecontainer::Gateway::id ( ) const
virtualinherited

Returns the ID of the gateway.

Returns
Returns the ID of the gateway as a string

Definition at line 36 of file gateway.cpp.

Referenced by softwarecontainer::Gateway::activate(), softwarecontainer::DBusGatewayInstance::DBusGatewayInstance(), softwarecontainer::Gateway::setConfig(), and softwarecontainer::Gateway::teardown().

37 {
38  return m_id;
39 }

Here is the caller graph for this function:

bool softwarecontainer::Gateway::setConfig ( const json_t *  config)
virtualinherited

Configure this gateway according to the supplied JSON configuration string.

Parameters
configJSON string containing gateway-specific JSON configuration
Returns
true if config was successfully parsed, false otherwise
Exceptions
GatewayErrorIf called on an already activated gateway.

Reimplemented in softwarecontainer::DBusGateway.

Definition at line 41 of file gateway.cpp.

References softwarecontainer::Gateway::id(), and softwarecontainer::Gateway::readConfigElement().

42 {
43  if (GatewayState::ACTIVATED == m_state && !m_isDynamic) {
44  std::string message = "Can not configure a gateway that is already activated "
45  "if the gateway does not support dynamic behavior. "
46  "Gateway ID: " + id();
47  log_error() << message;
48  throw GatewayError(message);
49  }
50 
51  if (!json_is_array(config)) {
52  log_error() << "Root JSON element is not an array";
53  return false;
54  }
55 
56  if (json_array_size(config) == 0) {
57  log_error() << "Root JSON array is empty";
58  return false;
59  }
60 
61  for(size_t i = 0; i < json_array_size(config); i++) {
62  json_t *element = json_array_get(config, i);
63  if (!json_is_object(element)) {
64  log_error() << "json configuration is not an object";
65  return false;
66  }
67 
68  if (!readConfigElement(element)) {
69  log_warning() << "Could not read config element";
70  return false;
71  }
72  }
73 
74  m_state = GatewayState::CONFIGURED;
75  return true;
76 }
softwarecontainer::Gateway::id
virtual std::string id() const
Returns the ID of the gateway.
Definition: gateway.cpp:36
softwarecontainer::Gateway::readConfigElement
virtual bool readConfigElement(const json_t *element)=0
Gateway specific parsing of config elements.

Here is the call graph for this function:

bool softwarecontainer::Gateway::activate ( )
virtualinherited

Applies any configuration set by setConfig()

Returns
true upon successful application of configuration, false otherwise
Exceptions
GatewayErrorIf called on an already activated gateway, or if the gateway has not been previously configured, or if there is not container instance set.

Reimplemented in softwarecontainer::DBusGateway.

Definition at line 78 of file gateway.cpp.

References softwarecontainer::Gateway::id().

78  {
79  if (GatewayState::ACTIVATED == m_state && !m_isDynamic) {
80  std::string message = "Can not activate a gateway that is already activated "
81  "if the gateway does not support dynamic behavior. "
82  "Gateway ID: " + id();
83  log_error() << message;
84  throw GatewayError(message);
85  }
86 
87  if (GatewayState::CONFIGURED != m_state) {
88  std::string message = "Activate was called on a gateway which is not in configured state. "
89  "Gateway ID: " + id();
90  log_error() << message;
91  throw GatewayError(message);
92  }
93 
94  if (!activateGateway()) {
95  log_error() << "Couldn't activate gateway: " << id();
96  return false;
97  }
98 
99  m_state = GatewayState::ACTIVATED;
100  return true;
101 }
softwarecontainer::Gateway::id
virtual std::string id() const
Returns the ID of the gateway.
Definition: gateway.cpp:36

Here is the call graph for this function:

bool softwarecontainer::Gateway::teardown ( )
virtualinherited

Restore system to the state prior to launching of gateway.

Any cleanup code (removal of files, virtual interfaces, etc) should be placed here.

Returns
true upon successful clean-up, false otherwise
Exceptions
GatewayErrorIf called on a non activated gateway.

Reimplemented in softwarecontainer::DBusGateway.

Definition at line 103 of file gateway.cpp.

References softwarecontainer::Gateway::id().

Referenced by softwarecontainer::DBusGatewayInstance::DBusGatewayInstance().

103  {
104  /* At this point, a gateway should either be in state ACTIVATED if it is non-dynamic, or
105  if it is dynamic it should have been activated at least once before.
106  */
107  if (GatewayState::ACTIVATED != m_state && !m_activatedOnce) {
108  std::string message = "Teardown called on non-activated gateway. Gateway ID: " + id();
109  log_error() << message;
110  throw GatewayError(message);
111  }
112 
113  if (!teardownGateway()) {
114  log_error() << "Could not tear down gateway: " << id();
115  return false;
116  }
117 
118  // Return to a state of nothingness
119  m_state = GatewayState::CREATED;
120 
121  /* Since we have been torn down, we should not be considered to have been
122  activated any more. */
123  m_activatedOnce = false;
124 
125  return true;
126 }
softwarecontainer::Gateway::id
virtual std::string id() const
Returns the ID of the gateway.
Definition: gateway.cpp:36

Here is the call graph for this function:

Here is the caller graph for this function:

bool softwarecontainer::Gateway::isConfigured ( )
virtualinherited

Is the gateway configured or not?

Reimplemented in softwarecontainer::DBusGateway.

Definition at line 134 of file gateway.cpp.

135 {
136  return m_state >= GatewayState::CONFIGURED;
137 }
bool softwarecontainer::Gateway::isActivated ( )
virtualinherited

Is the gateway activated or not?

Dynamic gateways will return true if they have been activated at least once. Non-dynamic gateways will return true if they are in state ACTIVATED

Reimplemented in softwarecontainer::DBusGateway.

Definition at line 139 of file gateway.cpp.

Referenced by softwarecontainer::DBusGatewayInstance::DBusGatewayInstance().

140 {
141  // For dynamic gateways it's only relevant to know if it has been activated
142  // at least once, the current state is not important
143  if (m_isDynamic) {
144  return m_activatedOnce;
145  }
146 
147  // For non-dynamic gateways, the current state is the only relevant info
148  return m_state >= GatewayState::ACTIVATED;
149 }

Here is the caller graph for this function:

std::shared_ptr< ContainerAbstractInterface > softwarecontainer::Gateway::getContainer ( )
protectedinherited

Get a handle to the associated container.

Exceptions
GatewayErrorIf called before setContainer() has been called.

Definition at line 128 of file gateway.cpp.

Referenced by activateGateway(), softwarecontainer::DBusGatewayInstance::activateGateway(), softwarecontainer::WaylandGateway::readConfigElement(), and teardownGateway().

129 {
130  std::shared_ptr<ContainerAbstractInterface> ptrCopy = m_container;
131  return ptrCopy;
132 }

Here is the caller graph for this function:

bool softwarecontainer::Gateway::setEnvironmentVariable ( const std::string &  variable,
const std::string &  value 
)
protectedinherited

Set an environment variable in the associated container.

The documentation for this class was generated from the following files: