Merge pull request #26 from metal-stack/smaller-interface

Smaller interfaces

go.sum

@@ -36,8 +36,6 @@ github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3Ee
 github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e h1:Wf6HqHfScWJN9/ZjdUKyjop4mf3Qdd+1TvvltAvM3m8=
 github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
-github.com/coreos/go-systemd/v22 v22.0.0 h1:XJIw/+VlJ+87J+doOxznsAWIdmWuViOVhkQamW5YV28=
-github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk=
 github.com/coreos/go-systemd/v22 v22.1.0 h1:kq/SbG2BCKLkDKkjQf5OWwKWUKj1lgs3lFI4PxnR5lg=
 github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk=
 github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
@@ -148,8 +146,6 @@ github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRW
 github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
 github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
-github.com/pelletier/go-toml v1.7.0 h1:7utD74fnzVc/cpcyy8sjrlFr5vYpypUixARcHIMIGuI=
-github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE=
 github.com/pelletier/go-toml v1.8.0 h1:Keo9qb7iRJs2voHvunFtuuYFsbWeOBh8/P9v/kVMFtw=
 github.com/pelletier/go-toml v1.8.0/go.mod h1:D6yutnOGMveHEPV7VQOuvI/gXY61bv+9bAOTRnLElKs=
 github.com/pkg/errors v0.8.0 h1:WdK/asTD0HN+q6hsWO3/vpuAkAr+tw6aNJNDFFf0+qw=
@@ -208,8 +204,6 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
-github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s=
@@ -223,22 +217,16 @@ go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
 go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
 go.uber.org/atomic v1.4.0 h1:cxzIVoETapQEqDhQu3QfnvXAV4AlzcvUCxkVUFw3+EU=
 go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
-go.uber.org/atomic v1.5.0 h1:OI5t8sDa1Or+q8AeE+yKeB/SDYioSHAgcVljj9JIETY=
-go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
 go.uber.org/atomic v1.6.0 h1:Ezj3JGmsOnG1MoRWQkPBsKLe9DwWD9QeXzTRzzldNVk=
 go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
 go.uber.org/multierr v1.1.0 h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI=
 go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
-go.uber.org/multierr v1.3.0 h1:sFPn2GLc3poCkfrpIXGhBD2X0CMIo4Q/zSULXrj/+uc=
-go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
 go.uber.org/multierr v1.5.0 h1:KCa4XfM8CWFCpxXRGok+Q0SS/0XBhMDbHHGABQLvD2A=
 go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU=
 go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee h1:0mgffUl7nfd+FpvXMVz4IDEaUSmT1ysygQC7qYo7sG4=
 go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA=
 go.uber.org/zap v1.10.0 h1:ORx85nbTijNz8ljznvCMR1ZBIPKFn3jQrag10X2AsuM=
 go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
-go.uber.org/zap v1.14.0 h1:/pduUoebOeeJzTDFuoMgC6nRkiasr1sBCIEorly7m4o=
-go.uber.org/zap v1.14.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
 go.uber.org/zap v1.15.0 h1:ZZCA22JRF2gQE5FoNmhmrf7jeJJ2uhqDUNRYKm8dvmM=
 go.uber.org/zap v1.15.0/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
@@ -371,13 +359,9 @@ gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
-gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20200506231410-2ff61e1afc86 h1:OfFoIUYv/me30yv7XlMy4F9RJw8DEm8WQ6QG1Ph4bH0=
-gopkg.in/yaml.v3 v3.0.0-20200506231410-2ff61e1afc86/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c h1:grhR+C34yXImVGp7EzNk+DTIk+323eIUWOmEevy6bDo=
 gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=

internal/netconf/configurator.go

@@ -132,7 +132,7 @@ func (configurator FirewallConfigurator) Configure() {
 		log.Warnf("failed to configure suricata defaults: %v", err)
 	}
 
-	applyAndCleanUp(applier, TplSuricataDefaults, src, "/etc/default/suricata", FileModeSixFourFour)
+	applyAndCleanUp(applier, tplSuricataDefaults, src, "/etc/default/suricata", FileModeSixFourFour)
 
 	src = mustTmpFile("suricata.yaml_")
 	applier, err = NewSuricataConfigApplier(kb, src)
@@ -147,40 +147,40 @@ func (configurator FirewallConfigurator) Configure() {
 func (configurator FirewallConfigurator) getUnits() []unitConfiguration {
 	return []unitConfiguration{
 		{
-			unit:         SystemdUnitDroptailer,
-			templateFile: TplDroptailer,
+			unit:         systemdUnitDroptailer,
+			templateFile: tplDroptailer,
 			constructApplier: func(kb KnowledgeBase, v ServiceValidator) (net.Applier, error) {
 				return NewDroptailerServiceApplier(kb, v)
 			},
 			enabled: false, // will be enabled in the case of k8s deployments with ignition on first boot
 		},
 		{
-			unit:         SystemdUnitFirewallController,
-			templateFile: TplFirewallController,
+			unit:         systemdUnitFirewallController,
+			templateFile: tplFirewallController,
 			constructApplier: func(kb KnowledgeBase, v ServiceValidator) (net.Applier, error) {
 				return NewFirewallControllerServiceApplier(kb, v)
 			},
 			enabled: false, // will be enabled in the case of k8s deployments with ignition on first boot
 		},
 		{
-			unit:         SystemdUnitNftablesExporter,
-			templateFile: TplNftablesExporter,
+			unit:         systemdUnitNftablesExporter,
+			templateFile: tplNftablesExporter,
 			constructApplier: func(kb KnowledgeBase, v ServiceValidator) (net.Applier, error) {
 				return NewNftablesExporterServiceApplier(kb, v)
 			},
 			enabled: true,
 		},
 		{
-			unit:         SystemdUnitNodeExporter,
-			templateFile: TplNodeExporter,
+			unit:         systemdUnitNodeExporter,
+			templateFile: tplNodeExporter,
 			constructApplier: func(kb KnowledgeBase, v ServiceValidator) (net.Applier, error) {
 				return NewNodeExporterServiceApplier(kb, v)
 			},
 			enabled: true,
 		},
 		{
-			unit:         SystemdUnitSuricataUpdate,
-			templateFile: TplSuricataUpdate,
+			unit:         systemdUnitSuricataUpdate,
+			templateFile: tplSuricataUpdate,
 			constructApplier: func(kb KnowledgeBase, v ServiceValidator) (net.Applier, error) {
 				return NewSuricataUpdateServiceApplier(kb, v)
 			},
@@ -224,13 +224,13 @@ func applyCommonConfiguration(kind BareMetalType, kb KnowledgeBase) {
 		src = mustTmpFile(prefix)
 		applier = NewSystemdLinkApplier(kind, kb.Machineuuid, i, nic, src)
 		dest := fmt.Sprintf("%s/%d0-lan%d.link", SystemdNetworkPath, i+offset, i)
-		applyAndCleanUp(applier, TplSystemdLink, src, dest, FileModeSystemd)
+		applyAndCleanUp(applier, tplSystemdLink, src, dest, FileModeSystemd)
 
 		prefix = fmt.Sprintf("lan%d_network_", i)
 		src = mustTmpFile(prefix)
 		applier = NewSystemdNetworkApplier(kb.Machineuuid, i, src)
 		dest = fmt.Sprintf("%s/%d0-lan%d.network", SystemdNetworkPath, i+offset, i)
-		applyAndCleanUp(applier, TplSystemdNetwork, src, dest, FileModeSystemd)
+		applyAndCleanUp(applier, tplSystemdNetwork, src, dest, FileModeSystemd)
 	}
 }
 

internal/netconf/droptailer.go

@@ -7,10 +7,10 @@ import (
 )
 
 // TplDroptailer is the name of the template for the droptailer service.
-const TplDroptailer = "droptailer.service.tpl"
+const tplDroptailer = "droptailer.service.tpl"
 
 // SystemdUnitDroptailer is the name of the systemd unit for the droptailer.
-const SystemdUnitDroptailer = "droptailer.service"
+const systemdUnitDroptailer = "droptailer.service"
 
 // DroptailerData contains the data to render the droptailer service template.
 type DroptailerData struct {

internal/netconf/firewall_controller.go

@@ -7,10 +7,10 @@ import (
 )
 
 // TplFirewallController is the name of the template for the firewall-policy-controller service.
-const TplFirewallController = "firewall_controller.service.tpl"
+const tplFirewallController = "firewall_controller.service.tpl"
 
 // SystemdUnitFirewallController is the name of the systemd unit for the firewall policy controller,
-const SystemdUnitFirewallController = "firewall-controller.service"
+const systemdUnitFirewallController = "firewall-controller.service"
 
 // FirewallControllerData contains the data to render the firewall-controller service template.
 type FirewallControllerData struct {

internal/netconf/nftables_exporter.go

@@ -5,10 +5,10 @@ import (
 )
 
 // TplNftablesExporter is the name of the template for the nftables_exporter service.
-const TplNftablesExporter = "nftables_exporter.service.tpl"
+const tplNftablesExporter = "nftables_exporter.service.tpl"
 
 // SystemdUnitNftablesExporter is the name of the systemd unit for the nftables_exporter.
-const SystemdUnitNftablesExporter = "nftables-exporter.service"
+const systemdUnitNftablesExporter = "nftables-exporter.service"
 
 // NftablesExporterData contains the data to render the nftables_exporter service template.
 type NftablesExporterData struct {

internal/netconf/node_exporter.go

@@ -4,11 +4,11 @@ import (
 	"github.com/metal-stack/metal-networker/pkg/net"
 )
 
-// TplNodeExporter is the name of the template for the node_exporter service.
-const TplNodeExporter = "node_exporter.service.tpl"
+// tplNodeExporter is the name of the template for the node_exporter service.
+const tplNodeExporter = "node_exporter.service.tpl"
 
-// SystemdUnitNodeExporter is the name of the systemd unit for the node_exporter.
-const SystemdUnitNodeExporter = "node-exporter.service"
+// systemdUnitNodeExporter is the name of the systemd unit for the node_exporter.
+const systemdUnitNodeExporter = "node-exporter.service"
 
 // NodeExporterData contains the data to render the node_exporter service template.
 type NodeExporterData struct {

internal/netconf/service_test.go

@@ -33,27 +33,27 @@ func TestServices(t *testing.T) {
 		{
 			applier:  dsApplier,
 			expected: "testdata/droptailer.service",
-			template: TplDroptailer,
+			template: tplDroptailer,
 		},
 		{
 			applier:  fcApplier,
 			expected: "testdata/firewall-controller.service",
-			template: TplFirewallController,
+			template: tplFirewallController,
 		},
 		{
 			applier:  nodeExporterApplier,
 			expected: "testdata/node-exporter.service",
-			template: TplNodeExporter,
+			template: tplNodeExporter,
 		},
 		{
 			applier:  nftablesExporterApplier,
 			expected: "testdata/nftables-exporter.service",
-			template: TplNftablesExporter,
+			template: tplNftablesExporter,
 		},
 		{
 			applier:  suApplier,
 			expected: "testdata/suricata-update.service",
-			template: TplSuricataUpdate,
+			template: tplSuricataUpdate,
 		},
 	}
 

internal/netconf/suricata_defaults.go

@@ -4,8 +4,8 @@ import (
 	"github.com/metal-stack/metal-networker/pkg/net"
 )
 
-// TplSuricataDefaults is the name of the template for the suricata defaults.
-const TplSuricataDefaults = "suricata_defaults.tpl"
+// tplSuricataDefaults is the name of the template for the suricata defaults.
+const tplSuricataDefaults = "suricata_defaults.tpl"
 
 // SuricataDefaultsData represents the information required to render suricata defaults.
 type SuricataDefaultsData struct {

internal/netconf/suricata_update.go

@@ -4,11 +4,11 @@ import (
 	"github.com/metal-stack/metal-networker/pkg/net"
 )
 
-// TplSuricataUpdate is the name of the template for the suricata-update service.
-const TplSuricataUpdate = "suricata_update.service.tpl"
+// tplSuricataUpdate is the name of the template for the suricata-update service.
+const tplSuricataUpdate = "suricata_update.service.tpl"
 
-// SystemdUnitSuricataUpdate is the name of the systemd unit for the suricata-update.
-const SystemdUnitSuricataUpdate = "suricata-update.service"
+// systemdUnitSuricataUpdate is the name of the systemd unit for the suricata-update.
+const systemdUnitSuricataUpdate = "suricata-update.service"
 
 // SuricataUpdateData contains the data to render the suricata-update service template.
 type SuricataUpdateData struct {

internal/netconf/systemd.go

@@ -5,14 +5,14 @@ import (
 )
 
 const (
-	// TplSystemdLink defines the name of the template to render system.link file.
-	TplSystemdLink = "systemd.link.tpl"
-	// TplSystemdNetwork defines the name of the template to render system.network file.
-	TplSystemdNetwork = "systemd.network.tpl"
-	// MTUFirewall defines the value for MTU specific to the needs of a firewall. VXLAN requires higher MTU.
-	MTUFirewall = 9216
-	// MTUMachine defines the value for MTU specific to the needs of a machine.
-	MTUMachine = 9000
+	// tplSystemdLink defines the name of the template to render system.link file.
+	tplSystemdLink = "systemd.link.tpl"
+	// tplSystemdNetwork defines the name of the template to render system.network file.
+	tplSystemdNetwork = "systemd.network.tpl"
+	// mtuFirewall defines the value for MTU specific to the needs of a firewall. VXLAN requires higher MTU.
+	mtuFirewall = 9216
+	// mtuMachine defines the value for MTU specific to the needs of a machine.
+	mtuMachine = 9000
 )
 
 type (
@@ -55,9 +55,9 @@ func NewSystemdLinkApplier(kind BareMetalType, machineUUID string, nicIndex int,
 
 	switch kind {
 	case Firewall:
-		mtu = MTUFirewall
+		mtu = mtuFirewall
 	case Machine:
-		mtu = MTUMachine
+		mtu = mtuMachine
 	default:
 		log.Fatalf("unknown configuratorType of configurator: %validator", kind)
 	}

internal/netconf/systemd_test.go

@@ -22,22 +22,22 @@ func TestNewSystemdLinkConfig(t *testing.T) {
 	}{
 		{expectedOutput: "testdata/lan0.machine.link",
 			configuratorType: Machine,
-			tpl:              TplSystemdLink,
+			tpl:              tplSystemdLink,
 			machineUUID:      "e0ab02d2-27cd-5a5e-8efc-080ba80cf258",
 			nicIndex:         0},
 		{expectedOutput: "testdata/lan1.machine.link",
 			configuratorType: Machine,
-			tpl:              TplSystemdLink,
+			tpl:              tplSystemdLink,
 			machineUUID:      "e0ab02d2-27cd-5a5e-8efc-080ba80cf258",
 			nicIndex:         1},
 		{expectedOutput: "testdata/lan0.firewall.link",
 			configuratorType: Firewall,
-			tpl:              TplSystemdLink,
+			tpl:              tplSystemdLink,
 			machineUUID:      "e0ab02d2-27cd-5a5e-8efc-080ba80cf258",
 			nicIndex:         0},
 		{expectedOutput: "testdata/lan1.firewall.link",
 			configuratorType: Firewall,
-			tpl:              TplSystemdLink,
+			tpl:              tplSystemdLink,
 			machineUUID:      "e0ab02d2-27cd-5a5e-8efc-080ba80cf258",
 			nicIndex:         1},
 	}
@@ -71,13 +71,13 @@ func TestNewSystemdNetworkConfig(t *testing.T) {
 	}{
 		{expectedOutput: "testdata/lan0.network",
 			configuratorType: Machine,
-			tpl:              TplSystemdNetwork,
+			tpl:              tplSystemdNetwork,
 			nicIndex:         0,
 			machineUUID:      "e0ab02d2-27cd-5a5e-8efc-080ba80cf258",
 			configFunc:       NewSystemdNetworkApplier},
 		{expectedOutput: "testdata/lan1.network",
 			configuratorType: Machine,
-			tpl:              TplSystemdNetwork,
+			tpl:              tplSystemdNetwork,
 			nicIndex:         1,
 			machineUUID:      "e0ab02d2-27cd-5a5e-8efc-080ba80cf258",
 			configFunc:       NewSystemdNetworkApplier},

internal/netconf/tpl/suricata_config.yaml.tpl

@@ -82,8 +82,8 @@ outputs:
   # Extensible Event Format (nicknamed EVE) event log in JSON format
   - eve-log:
       enabled: yes
-      filetype: unix_stream
-      filename: /tmp/suri.sock # default of fever
+      filetype: regular
+      filename: eve.json
       #prefix: "@cee: " # prefix to prepend to each log entry
       # the following are valid when type: syslog above
       #identity: "suricata"