github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Add CNI support to ctr run

Browse Source 
This adds linux cni support to `ctr run` via a `--cni` flag.  This uses the
default configuration for CNI on `ctr` to configure the network namespace for a
container.

Signed-off-by: Michael Crosby <michael@thepasture.io>
This commit is contained in:
Michael Crosby 2020-10-14 22:37:53 -04:00
parent 9b70de01d6
commit 21b6f68765
2 changed files with 42 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
cmd/ctr/commands/run/run.go
View File

@ -17,6 +17,7 @@
package run package run
import ( import (
"context"
gocontext "context" gocontext "context"
"encoding/csv" "encoding/csv"
"fmt" "fmt"
@ -28,7 +29,9 @@ import (
"github.com/containerd/containerd/cmd/ctr/commands" "github.com/containerd/containerd/cmd/ctr/commands"
"github.com/containerd/containerd/cmd/ctr/commands/tasks" "github.com/containerd/containerd/cmd/ctr/commands/tasks"
"github.com/containerd/containerd/containers" "github.com/containerd/containerd/containers"
"github.com/containerd/containerd/namespaces"
"github.com/containerd/containerd/oci" "github.com/containerd/containerd/oci"
gocni "github.com/containerd/go-cni"
specs "github.com/opencontainers/runtime-spec/specs-go" specs "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
@ -129,6 +132,7 @@ var Command = cli.Command{
tty = context.Bool("tty") tty = context.Bool("tty")
detach = context.Bool("detach") detach = context.Bool("detach")
config = context.IsSet("config") config = context.IsSet("config")
enableCNI = context.Bool("cni")
) )
if config { if config {
@ -167,15 +171,31 @@ var Command = cli.Command{
return err return err
} }
} }
var network gocni.CNI
if enableCNI {
if network, err = gocni.New(gocni.WithDefaultConf); err != nil {
return err
}
}
opts := getNewTaskOpts(context) opts := getNewTaskOpts(context)
ioOpts := []cio.Opt{cio.WithFIFODir(context.String("fifo-dir"))} ioOpts := []cio.Opt{cio.WithFIFODir(context.String("fifo-dir"))}
task, err := tasks.NewTask(ctx, client, container, context.String("checkpoint"), con, context.Bool("null-io"), context.String("log-uri"), ioOpts, opts...) task, err := tasks.NewTask(ctx, client, container, context.String("checkpoint"), con, context.Bool("null-io"), context.String("log-uri"), ioOpts, opts...)
if err != nil { if err != nil {
return err return err
} }
var statusC <-chan containerd.ExitStatus var statusC <-chan containerd.ExitStatus
if !detach { if !detach {
defer task.Delete(ctx) defer func() {
if enableCNI {
if err := network.Remove(ctx, fullID(ctx, container), ""); err != nil {
logrus.WithError(err).Error("network review")
}
}
task.Delete(ctx)
}()
if statusC, err = task.Wait(ctx); err != nil { if statusC, err = task.Wait(ctx); err != nil {
return err return err
} }
@ -185,6 +205,11 @@ var Command = cli.Command{
return err return err
} }
} }
if enableCNI {
if _, err := network.Setup(ctx, fullID(ctx, container), fmt.Sprintf("/proc/%d/ns/net", task.Pid())); err != nil {
return err
}
}
if err := task.Start(ctx); err != nil { if err := task.Start(ctx); err != nil {
return err return err
} }
@ -213,3 +238,12 @@ var Command = cli.Command{
return nil return nil
}, },
} }
func fullID(ctx context.Context, c containerd.Container) string {
id := c.ID()
ns, ok := namespaces.Namespace(ctx)
if !ok {
return id
}
return fmt.Sprintf("%s-%s", ns, id)
}

4
cmd/ctr/commands/run/run_unix.go
View File

@ -68,6 +68,10 @@ var platformRunFlags = []cli.Flag{
Usage: "set the CFS cpu quota", Usage: "set the CFS cpu quota",
Value: 0.0, Value: 0.0,
}, },
cli.BoolFlag{
Name: "cni",
Usage: "enable cni networking for the container",
},
} }
// NewContainer creates a new container // NewContainer creates a new container