fix(ctr): enable networking for Windows containers
Signed-off-by: Markus Lippert <lippertmarkus@gmx.de>
This commit is contained in:
Markus Lippert
parent
591d7097e7
commit
f39b3ac7ea
@ -123,6 +123,10 @@ var Command = cli.Command{
|
||||
Name: "platform",
|
||||
Usage: "run image for specific platform",
|
||||
},
|
||||
cli.BoolFlag{
|
||||
Name: "cni",
|
||||
Usage: "enable cni networking for the container",
|
||||
},
|
||||
}, append(platformRunFlags,
|
||||
append(append(commands.SnapshotterFlags, []cli.Flag{commands.SnapshotterLabels}...),
|
||||
commands.ContainerFlags...)...)...),
|
||||
@ -209,7 +213,12 @@ var Command = cli.Command{
|
||||
}
|
||||
}
|
||||
if enableCNI {
|
||||
if _, err := network.Setup(ctx, fullID(ctx, container), fmt.Sprintf("/proc/%d/ns/net", task.Pid())); err != nil {
|
||||
netNsPath, err := getNetNSPath(ctx, task)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if _, err := network.Setup(ctx, fullID(ctx, container), netNsPath); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
@ -79,10 +79,6 @@ var platformRunFlags = []cli.Flag{
|
||||
Usage: "set the cpu shares",
|
||||
Value: 1024,
|
||||
},
|
||||
cli.BoolFlag{
|
||||
Name: "cni",
|
||||
Usage: "enable cni networking for the container",
|
||||
},
|
||||
}
|
||||
|
||||
// NewContainer creates a new container
|
||||
@ -449,3 +445,7 @@ func validNamespace(ns string) bool {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
func getNetNSPath(_ gocontext.Context, task containerd.Task) (string, error) {
|
||||
return fmt.Sprintf("/proc/%d/ns/net", task.Pid()), nil
|
||||
}
|
||||
|
||||
@ -24,6 +24,7 @@ import (
|
||||
"github.com/containerd/containerd"
|
||||
"github.com/containerd/containerd/cmd/ctr/commands"
|
||||
"github.com/containerd/containerd/oci"
|
||||
"github.com/containerd/containerd/pkg/netns"
|
||||
specs "github.com/opencontainers/runtime-spec/specs-go"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/sirupsen/logrus"
|
||||
@ -116,6 +117,13 @@ func NewContainer(ctx gocontext.Context, client *containerd.Client, context *cli
|
||||
if context.Bool("net-host") {
|
||||
return nil, errors.New("Cannot use host mode networking with Windows containers")
|
||||
}
|
||||
if context.Bool("cni") {
|
||||
ns, err := netns.NewNetNS("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
opts = append(opts, oci.WithWindowsNetworkNamespace(ns.GetPath()))
|
||||
}
|
||||
if context.Bool("isolated") {
|
||||
opts = append(opts, oci.WithWindowsHyperV)
|
||||
}
|
||||
@ -149,3 +157,14 @@ func NewContainer(ctx gocontext.Context, client *containerd.Client, context *cli
|
||||
func getNewTaskOpts(_ *cli.Context) []containerd.NewTaskOpts {
|
||||
return nil
|
||||
}
|
||||
|
||||
func getNetNSPath(ctx gocontext.Context, t containerd.Task) (string, error) {
|
||||
s, err := t.Spec(ctx)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
if s.Windows == nil || s.Windows.Network == nil {
|
||||
return "", nil
|
||||
}
|
||||
return s.Windows.Network.NetworkNamespace, nil
|
||||
}
|
||||
|
||||
@ -75,3 +75,17 @@ func WithHostDevices(_ context.Context, _ Client, _ *containers.Container, s *Sp
|
||||
func deviceFromPath(path string) (*specs.LinuxDevice, error) {
|
||||
return nil, errors.New("device from path not supported on Windows")
|
||||
}
|
||||
|
||||
// WithWindowsNetworkNamespace sets the network namespace for a Windows container.
|
||||
func WithWindowsNetworkNamespace(ns string) SpecOpts {
|
||||
return func(_ context.Context, _ Client, _ *containers.Container, s *Spec) error {
|
||||
if s.Windows == nil {
|
||||
s.Windows = &specs.Windows{}
|
||||
}
|
||||
if s.Windows.Network == nil {
|
||||
s.Windows.Network = &specs.WindowsNetwork{}
|
||||
}
|
||||
s.Windows.Network.NetworkNamespace = ns
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user