cni plugins: add IFNAME key support to the tuning plugin

This commit backports IFNAME key support from v1.1.1 of the
k8s containernetworking-plugins:

c16cff9805

IFNAME key support allows one to use the keyword
'IFNAME' in a network attachment definition using the
tuning plugin.  Without this, the actual interface name
(whether specified in the pod spec, or the default 'net<X>')
must be specified.

Example:

apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
  name: hd0
spec:
  config: '{
    "cniVersion": "0.3.1",
    "plugins": [
      {
        "name": "hd0",
        "type": "host-device",
        "device": "eth1000"
      },
      {
        "type": "tuning",
        "sysctl": {
          "net.ipv6.conf.IFNAME.accept_ra": "0"
        }
      }
    ]
  }'

The above example would disable the processing of
IPv6 router advertisements on the interface associated
with the network attachment definition, regardless of
what the interface has been named in the container.

Note: Currently, StarlingX supports v1.0.1 of the
containernetworking-plugins.  Once the plugins have been
up-revved to v1.1.1, this patch can be removed.

Testing:

- Ensure patch is applied and build successful
  on CentOS and Debian
- Perform a functional test of the tuning plugin using
  the IFNAME key on CentOS and Debian

Story: 2010114
Task: 45693

Signed-off-by: Steven Webster <steven.webster@windriver.com>
Change-Id: I4fc617390b25bcf74a2a319fcb4409a0633c4a31
This commit is contained in:
Steven Webster 2022-06-28 13:17:09 -04:00
parent 6d44075e11
commit 82b19f0a3c
5 changed files with 73 additions and 2 deletions

View File

@ -1,2 +1,2 @@
COPY_LIST="${CGCS_BASE}/downloads/containernetworking-plugins-v1.0.1.tar.gz" COPY_LIST="${CGCS_BASE}/downloads/containernetworking-plugins-v1.0.1.tar.gz ${FILES_BASE}/*"
TIS_PATCH_VER=PKG_GITREVCOUNT TIS_PATCH_VER=PKG_GITREVCOUNT

View File

@ -31,6 +31,8 @@ URL: https://%{provider_prefix}
Source0: %{project}-%{repo}-v%{version}.tar.gz Source0: %{project}-%{repo}-v%{version}.tar.gz
ExclusiveArch: aarch64 %{arm} ppc64le s390x x86_64 %{ix86} ExclusiveArch: aarch64 %{arm} ppc64le s390x x86_64 %{ix86}
Patch0001: 0001-Allow-setting-sysctls-on-a-particular-interface.patch
%if 0%{?fedora} %if 0%{?fedora}
BuildRequires: %{?go_compiler:compiler(go-compiler)}%{!?go_compiler:golang} BuildRequires: %{?go_compiler:compiler(go-compiler)}%{!?go_compiler:golang}
%else %else
@ -51,7 +53,8 @@ when the container is deleted.
%{?enable_gotoolset110} %{?enable_gotoolset110}
%prep %prep
%autosetup -n %{project}-%{repo}-v%{version} %setup -q -n %{project}-%{repo}-v%{version}
%patch0001 -p1
rm -rf plugins/main/windows rm -rf plugins/main/windows
%build %build
@ -123,6 +126,9 @@ install -p -m 0755 bin/* %{buildroot}/var/opt/cni/bin
/var/opt/cni/bin/* /var/opt/cni/bin/*
%changelog %changelog
* Mon Jun 27 2022 Steven Webster <steven.webster@windriver.com>
- tuning: Support for IFNAME key
* Mon Jun 06 2022 Dan Voiculeasa <dan.voiculeasa@windriver.com> * Mon Jun 06 2022 Dan Voiculeasa <dan.voiculeasa@windriver.com>
- Update install directory to /var/opt/cni/bin. - Update install directory to /var/opt/cni/bin.

View File

@ -0,0 +1,32 @@
From c16cff9805427c5db34b43de3155769b362f596e Mon Sep 17 00:00:00 2001
From: Piotr Skamruk <piotr.skamruk@gmail.com>
Date: Fri, 1 Oct 2021 18:07:50 +0200
Subject: [PATCH] Allow setting sysctls on a particular interface
Signed-off-by: Piotr Skamruk <piotr.skamruk@gmail.com>
[ commit c16cff9805427c5db34b43de3155769b362f596e
in upstream repo https://github.com/containernetworking/plugins ]
Signed-off-by: Steven Webster <steven.webster@windriver.com>
---
plugins/meta/tuning/tuning.go | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/plugins/meta/tuning/tuning.go b/plugins/meta/tuning/tuning.go
index 7b56944..d9eef83 100644
--- a/plugins/meta/tuning/tuning.go
+++ b/plugins/meta/tuning/tuning.go
@@ -325,6 +325,11 @@ func cmdAdd(args *skel.CmdArgs) error {
err = ns.WithNetNSPath(args.Netns, func(_ ns.NetNS) error {
for key, value := range tuningConf.SysCtl {
+ // If the key contains `IFNAME` - substitute it with args.IfName
+ // to allow setting sysctls on a particular interface, on which
+ // other operations (like mac/mtu setting) are performed
+ key = strings.Replace(key, "IFNAME", args.IfName, 1)
+
fileName := filepath.Join("/proc/sys", strings.Replace(key, ".", "/", -1))
fileName = filepath.Clean(fileName)
--
2.29.2

View File

@ -0,0 +1,32 @@
From c16cff9805427c5db34b43de3155769b362f596e Mon Sep 17 00:00:00 2001
From: Piotr Skamruk <piotr.skamruk@gmail.com>
Date: Fri, 1 Oct 2021 18:07:50 +0200
Subject: [PATCH] Allow setting sysctls on a particular interface
Signed-off-by: Piotr Skamruk <piotr.skamruk@gmail.com>
[ commit c16cff9805427c5db34b43de3155769b362f596e
in upstream repo https://github.com/containernetworking/plugins ]
Signed-off-by: Steven Webster <steven.webster@windriver.com>
---
plugins/meta/tuning/tuning.go | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/plugins/meta/tuning/tuning.go b/plugins/meta/tuning/tuning.go
index 7b56944..d9eef83 100644
--- a/plugins/meta/tuning/tuning.go
+++ b/plugins/meta/tuning/tuning.go
@@ -325,6 +325,11 @@ func cmdAdd(args *skel.CmdArgs) error {
err = ns.WithNetNSPath(args.Netns, func(_ ns.NetNS) error {
for key, value := range tuningConf.SysCtl {
+ // If the key contains `IFNAME` - substitute it with args.IfName
+ // to allow setting sysctls on a particular interface, on which
+ // other operations (like mac/mtu setting) are performed
+ key = strings.Replace(key, "IFNAME", args.IfName, 1)
+
fileName := filepath.Join("/proc/sys", strings.Replace(key, ".", "/", -1))
fileName = filepath.Clean(fileName)
--
2.29.2

View File

@ -0,0 +1 @@
0001-Allow-setting-sysctls-on-a-particular-interface.patch