Add Wireguard-based K8s pod networking
This adds a pod networking runnable based on Wireguard which watches all nodes
and adds their K8s IPAM allocations as routes into the kernel & WireGuard. It only depends
on K8s and only performs direct routing.
Test Plan: Manually tested by spinning up a two-node cluster and running two Alpine pods pinging eachother. Can be covered by E2E tests once we can do image preseeding for the test infra (T793).
Bug: T487
X-Origin-Diff: phab/D573
GitOrigin-RevId: ba3fc36f421fd75002f6cf8bea25ed6f1eb457b0
diff --git a/third_party/go/shelf.pb.text b/third_party/go/shelf.pb.text
index fbd8670..85372be 100644
--- a/third_party/go/shelf.pb.text
+++ b/third_party/go/shelf.pb.text
@@ -1504,11 +1504,18 @@
semver: "v0.0.0-20190606142754-0394541c37b7"
>
entry: <
+ import_path: "github.com/mdlayher/genetlink"
+ version: "v1.0.0"
+ bazel_name: "com_github_mdlayher_genetlink"
+ sum: "h1:OoHN1OdyEIkScEmRgxLEe2M9U8ClMytqA5niynLtfj0="
+ semver: "v1.0.0"
+>
+entry: <
import_path: "github.com/mdlayher/netlink"
- version: "v0.0.0-20191009155606-de872b0d824b"
+ version: "v1.1.0"
bazel_name: "com_github_mdlayher_netlink"
- sum: "h1:W3er9pI7mt2gOqOWzwvx20iJ8Akiqz1mUMTxU6wdvl8="
- semver: "v0.0.0-20191009155606-de872b0d824b"
+ sum: "h1:mpdLgm+brq10nI9zM1BpX1kpDbh3NLl3RSnVq6ZSkfg="
+ semver: "v1.1.0"
>
entry: <
import_path: "github.com/mdlayher/raw"
@@ -2393,6 +2400,13 @@
semver: "v0.0.0-20191204190536-9bdfabe68543"
>
entry: <
+ import_path: "golang.zx2c4.com/wireguard/wgctrl"
+ version: "ec7f26be9d9e47a32a2789f8c346031978485cbf"
+ bazel_name: "com_zx2c4_golang_wireguard_wgctrl"
+ sum: "h1:fqDhK9OlzaaiFjnyaAfR9Q1RPKCK7OCTLlHGP9f74Nk="
+ semver: "v0.0.0-20200515170644-ec7f26be9d9e"
+>
+entry: <
import_path: "gonum.org/v1/gonum"
version: "v0.6.2"
bazel_name: "org_gonum_v1_gonum"