diff --git a/go.mod b/go.mod index 2d370f3f7..0f69d076f 100644 --- a/go.mod +++ b/go.mod @@ -18,7 +18,7 @@ require ( github.com/containerd/errdefs v1.0.0 github.com/containerd/errdefs/pkg v0.3.0 github.com/containerd/fifo v1.1.0 - github.com/containerd/go-cni v1.1.10 + github.com/containerd/go-cni v1.1.11 github.com/containerd/go-runc v1.1.0 github.com/containerd/imgcrypt/v2 v2.0.0-rc.1 github.com/containerd/log v0.1.0 diff --git a/go.sum b/go.sum index d7c3a5326..455584edf 100644 --- a/go.sum +++ b/go.sum @@ -679,8 +679,8 @@ github.com/containerd/errdefs/pkg v0.3.0 h1:9IKJ06FvyNlexW690DXuQNx2KA2cUJXx151X github.com/containerd/errdefs/pkg v0.3.0/go.mod h1:NJw6s9HwNuRhnjJhM7pylWwMyAkmCQvQ4GpJHEqRLVk= github.com/containerd/fifo v1.1.0 h1:4I2mbh5stb1u6ycIABlBw9zgtlK8viPI9QkQNRQEEmY= github.com/containerd/fifo v1.1.0/go.mod h1:bmC4NWMbXlt2EZ0Hc7Fx7QzTFxgPID13eH0Qu+MAb2o= -github.com/containerd/go-cni v1.1.10 h1:c2U73nld7spSWfiJwSh/8W9DK+/qQwYM2rngIhCyhyg= -github.com/containerd/go-cni v1.1.10/go.mod h1:/Y/sL8yqYQn1ZG1om1OncJB1W4zN3YmjfP/ShCzG/OY= +github.com/containerd/go-cni v1.1.11 h1:fWt1K15AmSLsEfa57N+qYw4NeGPiQKYq1pjNGJwV9mc= +github.com/containerd/go-cni v1.1.11/go.mod h1:/Y/sL8yqYQn1ZG1om1OncJB1W4zN3YmjfP/ShCzG/OY= github.com/containerd/go-runc v1.1.0 h1:OX4f+/i2y5sUT7LhmcJH7GYrjjhHa1QI4e8yO0gGleA= github.com/containerd/go-runc v1.1.0/go.mod h1:xJv2hFF7GvHtTJd9JqTS2UVxMkULUYw4JN5XAUZqH5U= github.com/containerd/imgcrypt/v2 v2.0.0-rc.1 h1:7OMu5otk5Z2GeQs24JBPOmYbTc50+q6jo02qWNJc0p8= diff --git a/vendor/github.com/containerd/go-cni/README.md b/vendor/github.com/containerd/go-cni/README.md index d028749f1..898dcb351 100644 --- a/vendor/github.com/containerd/go-cni/README.md +++ b/vendor/github.com/containerd/go-cni/README.md @@ -13,7 +13,7 @@ A generic CNI library to provide APIs for CNI plugin interactions. The library p - Query status of CNI network plugin initialization - Check verifies the network is still in desired state -go-cni aims to support plugins that implement [Container Network Interface](https://github.com/containernetworking/cni) +go-cni aims to support plugins that implement the [Container Network Interface](https://github.com/containernetworking/cni). ## Usage ```go diff --git a/vendor/github.com/containerd/go-cni/cni.go b/vendor/github.com/containerd/go-cni/cni.go index b10af47ab..003f30293 100644 --- a/vendor/github.com/containerd/go-cni/cni.go +++ b/vendor/github.com/containerd/go-cni/cni.go @@ -135,11 +135,20 @@ func (c *libcni) Load(opts ...Opt) error { // Status returns the status of CNI initialization. func (c *libcni) Status() error { + if err := c.ready(); err != nil { + return err + } c.RLock() defer c.RUnlock() - if len(c.networks) < c.networkCount { - return ErrCNINotInitialized + // STATUS is only called for CNI Version 1.1.0 or greater. It is ignored for previous versions. + for _, v := range c.networks { + err := c.cniConfig.GetStatusNetworkList(context.Background(), v.config) + + if err != nil { + return err + } } + return nil } @@ -153,9 +162,11 @@ func (c *libcni) Networks() []*Network { // Setup setups the network in the namespace and returns a Result func (c *libcni) Setup(ctx context.Context, id string, path string, opts ...NamespaceOpts) (*Result, error) { - if err := c.Status(); err != nil { + if err := c.ready(); err != nil { return nil, err } + c.RLock() + defer c.RUnlock() ns, err := newNamespace(id, path, opts...) if err != nil { return nil, err @@ -169,9 +180,11 @@ func (c *libcni) Setup(ctx context.Context, id string, path string, opts ...Name // SetupSerially setups the network in the namespace and returns a Result func (c *libcni) SetupSerially(ctx context.Context, id string, path string, opts ...NamespaceOpts) (*Result, error) { - if err := c.Status(); err != nil { + if err := c.ready(); err != nil { return nil, err } + c.RLock() + defer c.RUnlock() ns, err := newNamespace(id, path, opts...) if err != nil { return nil, err @@ -232,9 +245,11 @@ func (c *libcni) attachNetworks(ctx context.Context, ns *Namespace) ([]*types100 // Remove removes the network config from the namespace func (c *libcni) Remove(ctx context.Context, id string, path string, opts ...NamespaceOpts) error { - if err := c.Status(); err != nil { + if err := c.ready(); err != nil { return err } + c.RLock() + defer c.RUnlock() ns, err := newNamespace(id, path, opts...) if err != nil { return err @@ -260,9 +275,11 @@ func (c *libcni) Remove(ctx context.Context, id string, path string, opts ...Nam // Check checks if the network is still in desired state func (c *libcni) Check(ctx context.Context, id string, path string, opts ...NamespaceOpts) error { - if err := c.Status(); err != nil { + if err := c.ready(); err != nil { return err } + c.RLock() + defer c.RUnlock() ns, err := newNamespace(id, path, opts...) if err != nil { return err @@ -310,3 +327,13 @@ func (c *libcni) GetConfig() *ConfigResult { func (c *libcni) reset() { c.networks = nil } + +func (c *libcni) ready() error { + c.RLock() + defer c.RUnlock() + if len(c.networks) < c.networkCount { + return ErrCNINotInitialized + } + + return nil +} diff --git a/vendor/github.com/containerd/go-cni/testutils.go b/vendor/github.com/containerd/go-cni/testutils.go index 0807e2097..c27010039 100644 --- a/vendor/github.com/containerd/go-cni/testutils.go +++ b/vendor/github.com/containerd/go-cni/testutils.go @@ -75,3 +75,64 @@ func tearDownCNIConfig(t *testing.T, confDir string) { t.Fatalf("Failed to cleanup CNI configs: %v", err) } } + +func buildFakeConfig(t *testing.T) (string, string) { + conf := ` + { + "cniVersion": "1.1.0", + "name": "containerd-net", + "plugins": [ + { + "type": "bridge", + "bridge": "cni0", + "isGateway": true, + "ipMasq": true, + "promiscMode": true, + "ipam": { + "type": "host-ipam", + "ranges": [ + [{ + "subnet": "10.88.0.0/16" + }], + [{ + "subnet": "2001:4860:4860::/64" + }] + ], + "routes": [ + { "dst": "0.0.0.0/0" }, + { "dst": "::/0" } + ] + } + }, + { + "type": "portmap", + "capabilities": {"portMappings": true} + } + ] + }` + + cniDir, err := makeTmpDir("fakecni") + if err != nil { + t.Fatalf("Failed to create plugin config dir: %v", err) + } + + cniConfDir := path.Join(cniDir, "net.d") + err = os.MkdirAll(cniConfDir, 0777) + if err != nil { + t.Fatalf("Failed to create network config dir: %v", err) + } + + networkConfig1 := path.Join(cniConfDir, "mocknetwork1.conflist") + f1, err := os.Create(networkConfig1) + if err != nil { + t.Fatalf("Failed to create network config %v: %v", f1, err) + } + + _, err = f1.WriteString(conf) + if err != nil { + t.Fatalf("Failed to write network config file %v: %v", f1, err) + } + f1.Close() + + return cniDir, cniConfDir +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 2bc24db7a..16e1d9c92 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -154,7 +154,7 @@ github.com/containerd/errdefs/pkg/internal/types # github.com/containerd/fifo v1.1.0 ## explicit; go 1.18 github.com/containerd/fifo -# github.com/containerd/go-cni v1.1.10 +# github.com/containerd/go-cni v1.1.11 ## explicit; go 1.21 github.com/containerd/go-cni # github.com/containerd/go-runc v1.1.0