Merge pull request #133 from AkihiroSuda/dev

go.mod: gvisor.dev/gvisor v0.0.0-20221209004503-b665dfa85c0f
2025-12-24 13:17:54 +08:00 · 2022-12-09 14:13:51 +09:00
parent 0c296955e4 eaf15f6382
commit 651b1a9fb2
9 changed files with 910 additions and 128 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -9,13 +9,13 @@ jobs:
  main:
    strategy:
      matrix:
-        os: [ubuntu-20.04, macos-11]
+        os: [ubuntu-22.04, macos-12]
    runs-on: ${{ matrix.os }}
    timeout-minutes: 20
    steps:
    - uses: actions/setup-go@v3
      with:
-        go-version: 1.18.x
+        go-version: 1.19.x
    - uses: actions/checkout@v3
      with:
        path: go/src/github.com/norouter/norouter
@@ -25,27 +25,27 @@ jobs:
        go mod verify
        go test -covermode=atomic -race -v github.com/norouter/norouter/...
    - name: "Install dependencies for running integration tests"
-      if: matrix.os != 'macos-11'
+      if: matrix.os != 'macos-12'
      run: sudo apt-get install -y vde2
    - name: "Integration: test-agent.sh"
-      if: matrix.os != 'macos-11'
+      if: matrix.os != 'macos-12'
      working-directory:  go/src/github.com/norouter/norouter
      run: ./integration/test-agent.sh 
    - name: "Integration: test-integration.sh"
-      if: matrix.os != 'macos-11'
+      if: matrix.os != 'macos-12'
      working-directory:  go/src/github.com/norouter/norouter
      run: DEBUG=1 ./integration/test-integration.sh
    - name: "FYI: the maximum possible throughput of docker exec"
-      if: matrix.os != 'macos-11'
+      if: matrix.os != 'macos-12'
      working-directory:  go/src/github.com/norouter/norouter
      run: ./integration/show-docker-exec-max-throughput.sh
  cross:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    timeout-minutes: 20
    steps:
    - uses: actions/setup-go@v3
      with:
-        go-version: 1.18.x
+        go-version: 1.19.x
    - uses: actions/checkout@v3
      with:
        path: go/src/github.com/norouter/norouter
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -8,12 +8,12 @@ env:
  GO111MODULE: on
 jobs:
  release:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    timeout-minutes: 20
    steps:
    - uses: actions/setup-go@v3
      with:
-        go-version: 1.18.x
+        go-version: 1.19.x
    - uses: actions/checkout@v3
      with:
        path: go/src/github.com/norouter/norouter
--- a/cmd/norouter/manager.go
+++ b/cmd/norouter/manager.go
@@ -35,9 +35,9 @@ import (
 	"github.com/norouter/norouter/pkg/manager/manifest"
 	"github.com/norouter/norouter/pkg/manager/manifest/parsed"

+	"github.com/goccy/go-yaml"
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli/v2"
-	"gopkg.in/yaml.v2"
 )

 var managerCommand = &cli.Command{
@@ -208,7 +208,7 @@ func loadManifest(filePath string) (*parsed.ParsedManifest, error) {
 		return nil, err
 	}
 	var ignored manifest.Manifest
-	if err := yaml.UnmarshalStrict(b, &ignored); err != nil {
+	if err := yaml.UnmarshalWithOptions(b, &ignored, yaml.Strict()); err != nil {
 		logrus.WithError(err).Warn("The manifest seems to have unknown fields. Ignoring.")
 	}
 	return parsed.New(&raw)
--- a/cmd/norouter/show_ex_test.go
+++ b/cmd/norouter/show_ex_test.go
@@ -19,14 +19,14 @@ package main
 import (
 	"testing"

+	"github.com/goccy/go-yaml"
 	"github.com/norouter/norouter/pkg/manager/manifest"
 	"github.com/norouter/norouter/pkg/manager/manifest/parsed"
-	"gopkg.in/yaml.v2"
 )

 func TestExampleManifest(t *testing.T) {
 	var raw manifest.Manifest
-	if err := yaml.UnmarshalStrict([]byte(exampleManifest("")), &raw); err != nil {
+	if err := yaml.UnmarshalWithOptions([]byte(exampleManifest("")), &raw, yaml.Strict()); err != nil {
 		t.Fatal(err)
 	}
 	if _, err := parsed.New(&raw); err != nil {
--- a/go.mod
+++ b/go.mod
@@ -1,11 +1,12 @@
 module github.com/norouter/norouter

-go 1.18
+go 1.19

 require (
 	github.com/cybozu-go/usocksd v1.2.0
 	github.com/davecgh/go-spew v1.1.1
-	github.com/elazarl/goproxy v0.0.0-20220115173737-adb46da277ac
+	github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
+	github.com/goccy/go-yaml v1.9.7
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
 	github.com/hashicorp/go-multierror v1.1.1
@@ -14,39 +15,46 @@ require (
 	github.com/ryanuber/go-glob v1.0.0
 	github.com/sirupsen/logrus v1.9.0
 	github.com/urfave/cli/v2 v2.23.6
-	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
-	gopkg.in/yaml.v2 v2.4.0
+	golang.org/x/sync v0.1.0
 	gotest.tools/v3 v3.4.0
-	gvisor.dev/gvisor v0.0.0-20220715034956-0772aef20da7
+	gvisor.dev/gvisor v0.0.0-20221209004503-b665dfa85c0f
 )

 require (
 	github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
-	github.com/cybozu-go/log v1.6.0 // indirect
-	github.com/cybozu-go/netutil v1.2.0 // indirect
-	github.com/cybozu-go/well v1.10.0 // indirect
-	github.com/fsnotify/fsnotify v1.4.9 // indirect
-	github.com/google/btree v1.0.1 // indirect
-	github.com/google/go-cmp v0.5.6 // indirect
-	github.com/hashicorp/errwrap v1.0.0 // indirect
+	github.com/cybozu-go/log v1.6.1 // indirect
+	github.com/cybozu-go/netutil v1.4.3 // indirect
+	github.com/cybozu-go/well v1.11.1 // indirect
+	github.com/fatih/color v1.13.0 // indirect
+	github.com/fsnotify/fsnotify v1.6.0 // indirect
+	github.com/google/btree v1.1.2 // indirect
+	github.com/google/go-cmp v0.5.9 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
-	github.com/kr/pretty v0.2.1 // indirect
-	github.com/magiconair/properties v1.8.0 // indirect
-	github.com/mitchellh/mapstructure v1.1.2 // indirect
-	github.com/pelletier/go-toml v1.8.1 // indirect
-	github.com/pkg/errors v0.9.1 // indirect
+	github.com/magiconair/properties v1.8.7 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/onsi/gomega v1.24.1 // indirect
+	github.com/pelletier/go-toml v1.9.5 // indirect
+	github.com/pelletier/go-toml/v2 v2.0.6 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	github.com/spf13/afero v1.2.2 // indirect
-	github.com/spf13/cast v1.3.0 // indirect
-	github.com/spf13/jwalterweatherman v1.0.0 // indirect
+	github.com/spf13/afero v1.9.3 // indirect
+	github.com/spf13/cast v1.5.0 // indirect
+	github.com/spf13/jwalterweatherman v1.1.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	github.com/spf13/viper v1.4.0 // indirect
+	github.com/spf13/viper v1.14.0 // indirect
+	github.com/subosito/gotenv v1.4.1 // indirect
+	github.com/vishvananda/netlink v1.1.0 // indirect
+	github.com/vishvananda/netns v0.0.1 // indirect
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
-	golang.org/x/mod v0.5.1 // indirect
-	golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f // indirect
-	golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab // indirect
-	golang.org/x/text v0.3.7 // indirect
-	golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect
-	golang.org/x/tools v0.1.9 // indirect
-	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
+	golang.org/x/mod v0.7.0 // indirect
+	golang.org/x/net v0.4.0 // indirect
+	golang.org/x/sys v0.3.0 // indirect
+	golang.org/x/text v0.5.0 // indirect
+	golang.org/x/time v0.3.0 // indirect
+	golang.org/x/tools v0.4.0 // indirect
+	golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
+	gopkg.in/ini.v1 v1.67.0 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
--- a/integration/test-integration.sh
+++ b/integration/test-integration.sh
@@ -33,14 +33,14 @@ docker exec host1 apk add --no-cache iperf3
 docker exec host2 apk add --no-cache iperf3

 # dind to emulate remote network 192.168.95.0/24, which isn't accessible from host
-docker run -l $LABEL -d --name dind1 -v "$(pwd)/bin:/mnt:ro" --privileged -v dind1-vol:/var/lib/docker docker:19.03.13-dind
+docker run -l $LABEL -d --name dind1 -v "$(pwd)/bin:/mnt:ro" --privileged -v dind1-vol:/var/lib/docker docker:20.10.21-dind
 sleep 10; until docker exec dind1 docker info; do sleep 10; done
 docker exec dind1 docker network create dind1-subnet95 --subnet=192.168.95.0/24
 docker exec -t dind1 docker run --network dind1-subnet95 -d --name dind1-bastion -v "/mnt:/mnt:ro" alpine sleep infinity
 docker exec -t dind1 docker run --network dind1-subnet95 -d --name dind1-wordpress --hostname dind1-wordpress --ip=192.168.95.101 wordpress:5.5.3
 docker exec -t dind1 docker run --network dind1-subnet95 -d --name dind1-mediawiki --hostname dind1-mediawiki --ip=192.168.95.102 mediawiki:1.35.0

-docker run -l $LABEL -d --name dind2 -v "$(pwd)/bin:/mnt:ro" --privileged -v dind2-vol:/var/lib/docker docker:19.03.13-dind
+docker run -l $LABEL -d --name dind2 -v "$(pwd)/bin:/mnt:ro" --privileged -v dind2-vol:/var/lib/docker docker:20.10.21-dind
 sleep 10; until docker exec dind2 docker info; do sleep 10; done
 docker exec dind2 docker network create dind2-subnet96 --subnet=192.168.96.0/24
 docker exec -t dind2 docker run --network dind2-subnet96 -d --name dind2-bastion -v "/mnt:/mnt:ro" alpine sleep infinity
--- a/pkg/agent/agent.go
+++ b/pkg/agent/agent.go
@@ -44,7 +44,7 @@ import (
 	"github.com/norouter/norouter/pkg/version"

 	"github.com/sirupsen/logrus"
-	"gvisor.dev/gvisor/pkg/buffer"
+	"gvisor.dev/gvisor/pkg/bufferv2"
 	"gvisor.dev/gvisor/pkg/tcpip"
 	"gvisor.dev/gvisor/pkg/tcpip/adapters/gonet"
 	"gvisor.dev/gvisor/pkg/tcpip/header"
@@ -341,7 +341,7 @@ func (a *Agent) sendL3Routine() {
 		norouterPkt := &stream.Packet{
 			Type: stream.TypeL3,
 		}
-		for _, v := range pkt.Slices() {
+		for _, v := range pkt.AsSlices() {
 			norouterPkt.Payload = append(norouterPkt.Payload, v...)
 		}
 		if err := a.sender.Send(norouterPkt); err != nil {
@@ -430,15 +430,14 @@ func (a *Agent) onRecvL3(pkt *stream.Packet) error {
 	if dstIP == nil || dstIP.To4() == nil {
 		return fmt.Errorf("packet does not contain valid dst")
 	}
-	v := buffer.NewWithData(pkt.Payload)
 	pb := stack.NewPacketBuffer(stack.PacketBufferOptions{
-		Payload: v,
+		Payload: bufferv2.MakeWithData(pkt.Payload),
 	})
 	// Routing mode
 	if !dstIP.Equal(a.config.Me) {
 		// parse.IPv4 and parse.TCP consume PacketBuffer.Data, so we need to create yet another PacketBuffer with same View here :(
 		parsed := stack.NewPacketBuffer(stack.PacketBufferOptions{
-			Payload: v,
+			Payload: bufferv2.MakeWithData(pkt.Payload),
 		})
 		if !parse.IPv4(parsed) {
 			return errors.New("received non-IPv4 packet")
@@ -446,9 +445,9 @@ func (a *Agent) onRecvL3(pkt *stream.Packet) error {
 		if !parse.TCP(parsed) {
 			return errors.New("received non-TCP packet")
 		}
-		tcpHdr := header.TCP(parsed.TransportHeader().View())
+		tcpHdr := header.TCP(parsed.TransportHeader().Slice())
 		if tcpHdr.Flags()&header.TCPFlagSyn != 0 {
-			if err := a.prehookRouteOnSYN(parsed); err != nil {
+			if err := a.prehookRouteOnSYN(&parsed); err != nil {
 				logrus.WithError(err).Warn("failed to call hookRouteOnSYN")
 			}
 		}
@@ -461,9 +460,9 @@ type routeHook struct {
 	l net.Listener
 }

-func (a *Agent) prehookRouteOnSYN(parsed *stack.PacketBuffer) error {
-	ipv4Hdr := header.IPv4(parsed.NetworkHeader().View())
-	tcpHdr := header.TCP(parsed.TransportHeader().View())
+func (a *Agent) prehookRouteOnSYN(parsed *stack.PacketBufferPtr) error {
+	ipv4Hdr := header.IPv4(parsed.NetworkHeader().Slice())
+	tcpHdr := header.TCP(parsed.TransportHeader().Slice())
 	dstIP := net.IP(ipv4Hdr.DestinationAddress())
 	fullAddr := tcpip.FullAddress{
 		Addr: ipv4Hdr.DestinationAddress(),
--- a/pkg/manager/manifest/parsed/parsed_test.go
+++ b/pkg/manager/manifest/parsed/parsed_test.go
@@ -19,9 +19,9 @@ package parsed
 import (
 	"testing"

+	"github.com/goccy/go-yaml"
 	"github.com/norouter/norouter/pkg/manager/manifest"
 	"github.com/norouter/norouter/pkg/stream/jsonmsg"
-	"gopkg.in/yaml.v2"
 	"gotest.tools/v3/assert"
 )