Previously, the Allocate method of the daemon always created a new Lease
object. However, as both the CNI ADD and CHECK commands call Allocate,
and CHECK can be called multiple times, this resulted in multiple Lease
objects being created per pod.
Each of these leases was long lived with its own maintain() loop -
however the daemon only kept track of the most recent one, meaning any
old lease objects remained running forever (and held open their NetNS
files). After a long enough period, this resulted in the system crashing
out with "too many files" or a similar error limits-related error.
This commit updates the behaviour of Allocate() to first check if a
Lease already exists for the given clientID. If none is found, one is
created as before. If a Lease is found, a new Check() mechanism is
called, which simply wakes up the maintain() loop to cause it to check
the status of the lease.
This may fix #329.
Signed-off-by: Emily Shepherd <emily@redcoat.dev>
These were previously left intact, even when exiting gracefully. As the
daemon also fails if the socket already exists, it became the caller's
responsibilityto check for and cleanup old socket files when performing
graceful / deliberate restarts.
Signed-off-by: Emily Shepherd <emily@redcoat.dev>
The default lease acquisition timeout of 62 seconds is way too long when
running multiple testcases, overrunning the `go test` timeout of 10m. Let
testcases specify a shorter timeout.
Signed-off-by: Dan Williams <dcbw@redhat.com>
Eventually the timeout value will become a CLI argument
The default timeout was nestled all the way in the lease constructor
This commit is the first step in making the timeout configurable by
moving it to the DHCPLease constructor
Signed-off-by: toby lorne <toby@toby.codes>
interfaces using dhcp ipam.
Vendor latest dhcp4server, dhcp4client, dhcp4
Added additional tests for new functionality in dhcp2_test.go
Wrap d2g dhcp4client calls with our own which add clientID to packet.
Don't lock around the Stop() operation though, as that may take
a while and block other operations. That may mean we call Stop()
multiple times, but the Lease object should handle that correctly
itself.
This diff adds -hostprefix option in dhcp daemon. This option
could be used to run dhcp daemon as container because container
cannot touch host's netns directly. The diff changes dhcp daemon
to touch procfs mounted to another path, like '/hostfs/proc'.
There are at least two reasons why a lease is not present:
* The dhcp ipam daemon was restarted
* On add the IPAM plugin failed
Don't fail the IPAM invocation when the lease is not present, to allow
proper device cleanup on CNI delete invocations.
Updates the spec and plugins to return an array of interfaces and IP details
to the runtime including:
- interface names and MAC addresses configured by the plugin
- whether the interfaces are sandboxed (container/VM) or host (bridge, veth, etc)
- multiple IP addresses configured by IPAM and which interface they
have been assigned to
Returning interface details is useful for runtimes, as well as allowing
more flexible chaining of CNI plugins themselves. For example, some
meta plugins may need to know the host-side interface to be able to
apply firewall or traffic shaping rules to the container.
This takes some of the machinery from CNI and from the rkt networking
code, and turns it into a library that can be linked into go apps.
Included is an example command-line application that uses the library,
called `cnitool`.
Other headline changes:
* Plugin exec'ing is factored out
The motivation here is to factor out the protocol for invoking
plugins. To that end, a generalisation of the code from api.go and
pkg/plugin/ipam.go goes into pkg/invoke/exec.go.
* Move argument-handling and conf-loading into public API
The fact that the arguments get turned into an environment for the
plugin is incidental to the API; so, provide a way of supplying them
as a struct or saying "just use the same arguments as I got" (the
latter is for IPAM plugins).
Path rewriting causes too many problems when vendoring
vendored code. When CNI code is vendored into rkt,
godep has problems code already vendored by CNI.
The plugin binary actually functions in two modes. The first mode
is a regular CNI plugin. The second mode (when stared with "daemon" arg)
runs a DHCP client daemon. When executed as a CNI plugin, it issues
an RPC request to the daemon for actual processing. The daemon is
required since a DHCP lease needs to be maintained by periodically
renewing it. One instance of the daemon can server arbitrary number
of containers/leases.
