Implement CNI v1.1 support#1021
Conversation
Signed-off-by: Casey Callendrello <[email protected]>
Signed-off-by: Casey Callendrello <[email protected]>
cni v1.1 adds new route fields: - MTU - AdvMSS - Priority - Table - Scope Signed-off-by: Casey Callendrello <[email protected]>
This adds a simple GC implementation for host-local IPAM. It walks the directory and removes any un-allocated files. Signed-off-by: Casey Callendrello <[email protected]>
- STATUS and GC implementation
Still outstanding is GCing iptables rules
- return interface MTU
- tests
Signed-off-by: Casey Callendrello <[email protected]>
- STATUS and GC implementations - MTU in result type - Tests & test fixes Signed-off-by: Casey Callendrello <[email protected]>
There are no resources to GC, so just pass through to delegated IPAM. Signed-off-by: Casey Callendrello <[email protected]>
- report MTU - delegate STATUS and GC to ipam (if configured) Signed-off-by: Casey Callendrello <[email protected]>
- STATUS and GC passthrough - MTU reporting Signed-off-by: Casey Callendrello <[email protected]>
It doesn't implement release, which we will need. It's also abandonware. Signed-off-by: Casey Callendrello <[email protected]>
Needed for GC tests. Signed-off-by: Casey Callendrello <[email protected]>
- STATUS checks to see that the daemon is running - GC clears stale leases Signed-off-by: Casey Callendrello <[email protected]>
- No need for STATUS or GC; the default impls are fine - return MTU Signed-off-by: Casey Callendrello <[email protected]>
- STATUS and GC are just passed through to ipam - MTU is reported Signed-off-by: Casey Callendrello <[email protected]>
- Pass through GC and STATUS to ipam - Report MTU Signed-off-by: Casey Callendrello <[email protected]>
- Pass through STATUS and GC to IPAM - return MTU Signed-off-by: Casey Callendrello <[email protected]>
This passes through STATUS and GC to ipam. It does not clean up any stale HNS endpoints, nor does it report MTU. These remain as TODO items. Signed-off-by: Casey Callendrello <[email protected]>
Signed-off-by: Casey Callendrello <[email protected]>
This adds a basic CNI v1.1 implementation to the meta plugins. For the plugins which do have state (firewall, bandwidth, portmap) this does *not* perform GC. That remains outstanding. Signed-off-by: Casey Callendrello <[email protected]>
| return err | ||
| } | ||
|
|
||
| l.IP = net.ParseIP(stringUnMarshal.IP) |
There was a problem hiding this comment.
Maybe check if the parse failed here.
There was a problem hiding this comment.
This whole file is just a copy-paste of an old dependency. It's silly code just for testing; I didn't want to fix it up.
| // Shrink the Pool By 1 | ||
| t.pool = t.pool[:(len(t.pool) - 1)] | ||
| //Place the Lease At the Begining (This saves us having some sort of counter...) | ||
| // Place the Lease At the Beginning (This saves us having some sort of counter...) |
There was a problem hiding this comment.
| // Place the Lease At the Beginning (This saves us having some sort of counter...) | |
| // Place the Lease at the beginning (This saves us having some sort of counter...) |
ultra-nit
s1061123
left a comment
s1061123
left a comment
There was a problem hiding this comment.
- GC for masquerade rules
- GC for portmap
- GC for bandwidth
- GC for windows
Suppose that we need to mention somewhere else (e.g. issue or TODO file, or each plugin's code comment) to keep track.
| var multicastNet string | ||
| var ip string // the ip and its full-length prefix | ||
|
|
||
| if isV6 { |
There was a problem hiding this comment.
isV6 seems to be used only here. So how about to replace it with ipn.IP.To4() == nil directly?
| @@ -0,0 +1,102 @@ | |||
| package leasepool | |||
There was a problem hiding this comment.
As far as I understand, this code comes from https://github.com/d2g/dhcp4server/, licensed as Mozilla Public License 2.0(MPL2.0) and it includes this code, not vendoring.
Can we copy this file without LICENSE notification? (I mean that dhcp4server is MPL2.0, not APL2.0). Should we add MPL2.0 in LICENSE file?
| return nil | ||
| } | ||
|
|
||
| func CheckIPMasq(ipn *net.IPNet, chain, comment string) error { |
There was a problem hiding this comment.
Missing comments for the function?
| return nil | ||
| } | ||
|
|
||
| func (d *DHCP) Ping(_ *skel.CmdArgs, _ *struct{}) error { |
There was a problem hiding this comment.
Ping could be implemented with DHCP discover message. How about to mention in comments as TODO?
| ValidAttachments []GCAttachment `json:"cni.dev/valid-attachments,omitempty"` | ||
| } | ||
|
|
||
| // GCAttachment is the parameters to a GC call -- namely, |
There was a problem hiding this comment.
Can we use github.com/containernetworking/cni/pkg/types.GCAttachment ?
| return nil | ||
| } | ||
|
|
||
| func cmdStatus(args *skel.CmdArgs) error { |
There was a problem hiding this comment.
We may check the host-device's existence for status. How about to do that (or add comments for TODO?)
| return nil | ||
| } | ||
|
|
||
| func cmdStatus(args *skel.CmdArgs) error { |
There was a problem hiding this comment.
How about to check whether master interface exists or not?
We must manually adapt the containernetworking IPAM invoking functions, since as of today, the PRs adding that support are not merged. Status is being added in [0], which was extracted from [1], where GC is added. [0] - containernetworking/plugins#1050 [1] - containernetworking/plugins#1021 Signed-off-by: Miguel Duarte Barroso <[email protected]>
3 participants
This implements CNI v1.1 for all plugins.
TODO (will probably shuffle to issues):