* Fix duplicate endpoint creation. Fix leaking of endpoints when cont…

…ainers are killed. Fix DNS & Suffix plumging. Add a sample cni conf. Modify the AdditionalParam structure from Type to Name
rakelkar · Mar 5, 2018 · 9484738 · 9484738
1 parent 6909a68
commit 9484738
Show file tree

Hide file tree

Showing 8 changed files with 126 additions and 26 deletions.
diff --git a/pkg/hns/endpoint_windows.go b/pkg/hns/endpoint_windows.go
@@ -62,13 +62,13 @@ func DeprovisionEndpoint(epName string, netns string, containerID string) error
 	err = hcsshim.HotDetachEndpoint(containerID, hnsEndpoint.Id)
 	if err != nil {
 		log.Printf("[win-cni] Failed to detach endpoint %v, err:%v", epName, err)
-		return nil
+		// Do not consider this as failure, else this would leak endpoints
 	}
 
 	_, err = hnsEndpoint.Delete()
 	if err != nil {
 		log.Printf("[win-cni] Failed to delete endpoint %v, err:%v", epName, err)
-		return nil
+		// Do not return error
 	}
 
 	return nil
@@ -83,7 +83,7 @@ func ProvisionEndpoint(epName string, expectedNetworkId string, containerID stri
 	// check if endpoint already exists
 	createEndpoint := true
 	hnsEndpoint, err := hcsshim.GetHNSEndpointByName(epName)
-	if hnsEndpoint != nil && hnsEndpoint.VirtualNetwork != expectedNetworkId {
+	if hnsEndpoint != nil && hnsEndpoint.VirtualNetwork == expectedNetworkId {
 		log.Printf("[win-cni] Found existing endpoint %v", epName)
 		createEndpoint = false
 	}

diff --git a/pkg/hns/netconf.go b/pkg/hns/netconf.go
@@ -17,6 +17,7 @@ package hns
 import (
 	"encoding/json"
 	"github.com/containernetworking/cni/pkg/types"
+	"log"
 	"strings"
 )
 
@@ -27,7 +28,7 @@ type NetConf struct {
 }
 
 type policyArgument struct {
-	Type  string
+	Name  string
 	Value map[string]interface{}
 }
 
@@ -40,7 +41,8 @@ func (n *NetConf) MarshalPolicies() []json.RawMessage {
 
 	var result []json.RawMessage
 	for _, policyArg := range n.AdditionalArgs {
-		if !strings.EqualFold(policyArg.Type, "EndpointPolicy") {
+		log.Printf("PolicyArgs[%v]", policyArg)
+		if !strings.EqualFold(policyArg.Name, "EndpointPolicy") {
 			continue
 		}
 		if data, err := json.Marshal(policyArg.Value); err == nil {
@@ -51,7 +53,6 @@ func (n *NetConf) MarshalPolicies() []json.RawMessage {
 	return result
 }
 
-
 // ApplyOutboundNatPolicy applies NAT Policy in VFP using HNS
 // Simultaneously an exception is added for the network that has to be Nat'd
 func (n *NetConf) ApplyOutboundNatPolicy(nwToNat string) {
@@ -60,7 +61,7 @@ func (n *NetConf) ApplyOutboundNatPolicy(nwToNat string) {
 	}
 
 	for _, policy := range n.AdditionalArgs {
-		if !strings.EqualFold(policy.Type, "EndpointPolicy") {
+		if !strings.EqualFold(policy.Name, "EndpointPolicy") {
 			continue
 		}
 
@@ -94,7 +95,7 @@ func (n *NetConf) ApplyOutboundNatPolicy(nwToNat string) {
 
 	// didn't find the policy, add it
 	natEntry := policyArgument{
-		Type: "EndpointPolicy",
+		Name: "EndpointPolicy",
 		Value: map[string]interface{}{
 			"Type": "OutBoundNAT",
 			"ExceptionList": []interface{}{
@@ -114,7 +115,7 @@ func (n *NetConf) ApplyDefaultPAPolicy(paAddress string) {
 
 	// if its already present, leave untouched
 	for _, policy := range n.AdditionalArgs {
-		if policy.Type == "EndpointPolicy" {
+		if policy.Name == "EndpointPolicy" {
 			if hasKey(policy.Value, "PA") {
 				// found it, don't override
 				return
@@ -128,7 +129,7 @@ func (n *NetConf) ApplyDefaultPAPolicy(paAddress string) {
 		"PA":   paAddress,
 	}
 	paPolicy := &policyArgument{
-		Type:  "EndpointPolicy",
+		Name:  "EndpointPolicy",
 		Value: paPolicyData,
 	}
 

diff --git a/pkg/hns/netconf_test.go b/pkg/hns/netconf_test.go
@@ -32,7 +32,7 @@ var _ = Describe("HNS NetConf", func() {
 				Expect(addlArgs).Should(HaveLen(1))
 
 				policy := addlArgs[0]
-				Expect(policy.Type).Should(Equal("EndpointPolicy"))
+				Expect(policy.Name).Should(Equal("EndpointPolicy"))
 
 				value := policy.Value
 				Expect(value).Should(HaveKey("Type"))
@@ -59,7 +59,7 @@ var _ = Describe("HNS NetConf", func() {
 				Expect(addlArgs).Should(HaveLen(1))
 
 				policy := addlArgs[0]
-				Expect(policy.Type).Should(Equal("EndpointPolicy"))
+				Expect(policy.Name).Should(Equal("EndpointPolicy"))
 
 				value := policy.Value
 				Expect(value).Should(HaveKey("Type"))
@@ -85,7 +85,7 @@ var _ = Describe("HNS NetConf", func() {
 				Expect(addlArgs).Should(HaveLen(1))
 
 				policy := addlArgs[0]
-				Expect(policy.Type).Should(Equal("EndpointPolicy"))
+				Expect(policy.Name).Should(Equal("EndpointPolicy"))
 
 				value := policy.Value
 				Expect(value).Should(HaveKey("Type"))
@@ -106,7 +106,7 @@ var _ = Describe("HNS NetConf", func() {
 				Expect(addlArgs).Should(HaveLen(1))
 
 				policy := addlArgs[0]
-				Expect(policy.Type).Should(Equal("EndpointPolicy"))
+				Expect(policy.Name).Should(Equal("EndpointPolicy"))
 
 				value := policy.Value
 				Expect(value).Should(HaveKey("Type"))
@@ -126,13 +126,13 @@ var _ = Describe("HNS NetConf", func() {
 				n := NetConf{
 					AdditionalArgs: []policyArgument{
 						{
-							Type: "EndpointPolicy",
+							Name: "EndpointPolicy",
 							Value: map[string]interface{}{
 								"someKey": "someValue",
 							},
 						},
 						{
-							Type: "someOtherType",
+							Name: "someOtherType",
 							Value: map[string]interface{}{
 								"someOtherKey": "someOtherValue",
 							},
@@ -165,7 +165,7 @@ var _ = Describe("HNS NetConf", func() {
 				Expect(addlArgs).Should(HaveLen(1))
 
 				policy := addlArgs[0]
-				Expect(policy.Type).Should(Equal("EndpointPolicy"))
+				Expect(policy.Name).Should(Equal("EndpointPolicy"))
 
 				value := policy.Value
 				Expect(value).Should(HaveKey("Type"))

diff --git a/plugins/main/windows/build.sh b/plugins/main/windows/build.sh
@@ -14,7 +14,7 @@ for d in $PLUGINS; do
 		then
 			GOBIN=${OUTDIR} go install -pkgdir $GOPATH/pkg "$@" $REPO_PATH/$d
 		else
-			go build -o "${OUTDIR}/$plugin.exe" -pkgdir "$GOPATH/pkg" "$@" "$REPO_PATH/$d"
+			go build -o "${OUTDIR}/$plugin.exe" -pkgdir "$GOPATH/pkg" "$@" "$REPO_PATH/$d" 
 		fi
 	fi
 done
diff --git a/plugins/main/windows/l2bridge/Makefile b/plugins/main/windows/l2bridge/Makefile
@@ -0,0 +1,7 @@
+
+
+all: $(shell find . -type f -name '*.go')
+	GOOS=windows go build -o l2bridge.exe
+clean:
+	rm -rf l2bridge.exe
+
diff --git a/plugins/main/windows/l2bridge/l2bridge_windows.go b/plugins/main/windows/l2bridge/l2bridge_windows.go
@@ -20,6 +20,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"log"
 	"net"
 	"runtime"
 
@@ -36,8 +37,14 @@ import (
 type NetConf struct {
 	hns.NetConf
 
-	IPMasq               bool
-	clusterNetworkPrefix net.IPNet
+	IPMasq               bool      `json:"ipmasq,omitempty"`
+	clusterNetworkPrefix net.IPNet `json:"clusterprefix,omitempty"`
+}
+type K8sCniEnvArgs struct {
+	types.CommonArgs
+	K8S_POD_NAMESPACE          types.UnmarshallableString `json:"K8S_POD_NAMESPACE,omitempty"`
+	K8S_POD_NAME               types.UnmarshallableString `json:"K8S_POD_NAME,omitempty"`
+	K8S_POD_INFRA_CONTAINER_ID types.UnmarshallableString `json:"K8S_POD_INFRA_CONTAINER_ID,omitempty"`
 }
 
 func init() {
@@ -47,20 +54,36 @@ func init() {
 	runtime.LockOSThread()
 }
 
+func parseCniArgs(args string) (*K8sCniEnvArgs, error) {
+	podConfig := K8sCniEnvArgs{}
+	err := types.LoadArgs(args, &podConfig)
+	if err != nil {
+		return nil, err
+	}
+	return &podConfig, nil
+}
+
 func loadNetConf(bytes []byte) (*NetConf, string, error) {
 	n := &NetConf{}
 	if err := json.Unmarshal(bytes, n); err != nil {
 		return nil, "", fmt.Errorf("failed to load netconf: %v", err)
 	}
+	log.Printf("Loaded NetConf %v", n)
 	return n, n.CNIVersion, nil
 }
 
 func cmdAdd(args *skel.CmdArgs) error {
+	log.Printf("[cni-net] Processing ADD command with args {ContainerID:%v Netns:%v IfName:%v Args:%v Path:%v}.",
+		args.ContainerID, args.Netns, args.IfName, args.Args, args.Path)
 	n, cniVersion, err := loadNetConf(args.StdinData)
 	if err != nil {
 		return err
 	}
-
+	cniargs, err := parseCniArgs(args.Args)
+	k8sNamespace := "default"
+	if err == nil {
+		k8sNamespace = string(cniargs.K8S_POD_NAMESPACE)
+	}
 	networkName := n.Name
 	hnsNetwork, err := hcsshim.GetHNSNetworkByName(networkName)
 	if err != nil {
@@ -71,7 +94,7 @@ func cmdAdd(args *skel.CmdArgs) error {
 		return fmt.Errorf("network %v not found", networkName)
 	}
 
-	if !strings.EqualFold(hnsNetwork.Type,"L2Bridge") {
+	if !strings.EqualFold(hnsNetwork.Type, "L2Bridge") {
 		return fmt.Errorf("network %v is of an unexpected type: %v", networkName, hnsNetwork.Type)
 	}
 
@@ -99,20 +122,34 @@ func cmdAdd(args *skel.CmdArgs) error {
 		gw[len(gw)-1] += 2
 
 		// NAT based on the the configured cluster network
-		if n.IPMasq {
-			n.ApplyOutboundNatPolicy(n.clusterNetworkPrefix.String())
+		// if n.IPMasq {
+		//	n.ApplyOutboundNatPolicy(n.clusterNetworkPrefix.String())
+		// }
+		nameservers := strings.Join(n.DNS.Nameservers, ",")
+		if result.DNS.Nameservers != nil {
+			nameservers = strings.Join(result.DNS.Nameservers, ",")
 		}
 
+		dnsSuffix := ""
+		if len(n.DNS.Search) > 0 {
+			dnsSuffix = k8sNamespace + "." + n.DNS.Search[0]
+		}
+
+		//		if len(result.DNS.Domain) != 0 {
+		//			dnsSuffix = result.DNS.Domain
+		//		}
+
 		hnsEndpoint := &hcsshim.HNSEndpoint{
 			Name:           epName,
 			VirtualNetwork: hnsNetwork.Id,
-			DNSServerList:  strings.Join(result.DNS.Nameservers, ","),
-			DNSSuffix:      result.DNS.Domain,
+			DNSServerList:  nameservers,
+			DNSSuffix:      dnsSuffix,
 			GatewayAddress: gw.String(),
 			IPAddress:      result.IPs[0].Address.IP,
 			Policies:       n.MarshalPolicies(),
 		}
 
+		log.Printf("Added Hns Endpoint %v", hnsEndpoint)
 		return hnsEndpoint, nil
 	})
 
@@ -129,6 +166,8 @@ func cmdAdd(args *skel.CmdArgs) error {
 }
 
 func cmdDel(args *skel.CmdArgs) error {
+	log.Printf("[cni-net] Processing ADD command with args {ContainerID:%v Netns:%v IfName:%v Args:%v Path:%v}.",
+		args.ContainerID, args.Netns, args.IfName, args.Args, args.Path)
 	n, _, err := loadNetConf(args.StdinData)
 	if err != nil {
 		return err

diff --git a/plugins/main/windows/l2bridge/sample.conf b/plugins/main/windows/l2bridge/sample.conf
@@ -0,0 +1,46 @@
+{
+   "name": "cbr0",
+   "type": "flannel",
+   "delegate": {
+	"type": "win-l2bridge",
+        "ipmasq" : true,
+        "clusterprefix" : "11.0.0.0/8",
+        "dns":  {
+                "Nameservers":  [
+                                    "11.0.0.10"
+                                ],
+		"Domain": [
+			   "svc.cluster.local"
+		 ]
+          },
+        "AdditionalArgs":  [
+                           {
+                               "Name":  "EndpointPolicy",
+                               "Value":  {
+                                             "Type":  "OutBoundNAT",
+                                             "ExceptionList":  [
+                                                                   "192.168.0.0/16",
+                                                                   "11.0.0.0/8",
+                                                                   "10.137.196.0/23"
+                                                               ]
+                                         }
+                           },
+                           {
+                               "Name":  "EndpointPolicy",
+                               "Value":  {
+                                             "Type":  "ROUTE",
+                                             "DestinationPrefix":  "11.0.0.0/8",
+                                             "NeedEncap":  true
+                                         }
+                           },
+                           {
+                               "Name":  "EndpointPolicy",
+                               "Value":  {
+                                             "Type":  "ROUTE",
+                                             "DestinationPrefix":  "10.137.198.27/32",
+                                             "NeedEncap":  true
+                                         }
+                           }
+                       ]
+    }
+}
diff --git a/plugins/main/windows/overlay/Makefile b/plugins/main/windows/overlay/Makefile
@@ -0,0 +1,7 @@
+
+
+all: $(shell find . -type f -name '*.go')
+	GOOS=windows go build -o overlay.exe
+clean:
+	rm -rf overlay.exe
+