From 9fba9e85a4e379a94fa0418969e56587bc72f55d Mon Sep 17 00:00:00 2001 From: haozi007 Date: Sat, 31 Oct 2020 15:26:08 +0800 Subject: [PATCH 15/28] support variable extension cni args Signed-off-by: haozi007 --- src/daemon/entry/cri/cni_network_plugin.cc | 103 ++++++++++++++------- src/daemon/entry/cri/cri_helpers.cc | 1 + src/daemon/entry/cri/cri_helpers.h | 1 + 3 files changed, 72 insertions(+), 33 deletions(-) diff --git a/src/daemon/entry/cri/cni_network_plugin.cc b/src/daemon/entry/cri/cni_network_plugin.cc index 4676a97..f15eba3 100644 --- a/src/daemon/entry/cri/cni_network_plugin.cc +++ b/src/daemon/entry/cri/cni_network_plugin.cc @@ -579,68 +579,105 @@ void CniNetworkPlugin::DeleteFromNetwork(CNINetwork *network, const std::string free(serr); } +static bool CheckCNIArgValue(const std::string &val) +{ + if (val.find(';') != std::string::npos) { + return false; + } + if (std::count(val.begin(), val.end(), '=') != 1) { + return false; + } + return true; +} + +static void GetExtensionCNIArgs(const std::map &annotations, + std::map &args) +{ + // get cni multinetwork extension + auto iter = annotations.find(CRIHelpers::Constants::CNI_MUTL_NET_EXTENSION_KEY); + if (iter != annotations.end()) { + if (!CheckCNIArgValue(iter->second)) { + WARN("Ignore: invalid multinetwork cni args: %s", iter->second.c_str()); + } else { + args[CRIHelpers::Constants::CNI_MUTL_NET_EXTENSION_ARGS_KEY] = iter->second; + } + } + + for (const auto &work : annotations) { + if (work.first.find(CRIHelpers::Constants::CNI_ARGS_EXTENSION_PREFIX_KEY) != 0) { + continue; + } + if (!CheckCNIArgValue(work.second)) { + WARN("Ignore: invalid extension cni args: %s", work.second.c_str()); + continue; + } + auto strs = CXXUtils::Split(work.second, '='); + iter = annotations.find(work.first); + if (iter != annotations.end()) { + WARN("Ignore: Same key cni args: %s", work.first.c_str()); + continue; + } + args[strs[0]] = strs[1]; + } +} + static void PrepareRuntimeConf(const std::string &podName, const std::string &podNs, const std::string &interfaceName, const std::string &podSandboxID, const std::string &podNetnsPath, const std::map &annotations, const std::map &options, struct runtime_conf **cni_rc, Errors &err) { - size_t defaultLen = 5; + size_t workLen = 5; + std::map cniArgs; + if (cni_rc == nullptr) { err.Errorf("Invalid arguments"); ERROR("Invalid arguments"); return; } - auto iter = options.find("UID"); - std::string podUID; - if (iter != options.end()) { - podUID = iter->second; - } - std::string cniExtentionVal; - iter = annotations.find(CRIHelpers::Constants::CNI_MUTL_NET_EXTENSION_KEY); - if (iter != annotations.end()) { - cniExtentionVal = iter->second; - defaultLen++; - } - struct runtime_conf *rt = (struct runtime_conf *)util_common_calloc_s(sizeof(struct runtime_conf)); if (rt == nullptr) { ERROR("Out of memory"); err.SetError("Out of memory"); return; } - rt->container_id = util_strdup_s(podSandboxID.c_str()); rt->netns = util_strdup_s(podNetnsPath.c_str()); rt->ifname = util_strdup_s(interfaceName.c_str()); - rt->args = (char *(*)[2])util_common_calloc_s(sizeof(char *) * 2 * defaultLen); + auto iter = options.find("UID"); + std::string podUID; + if (iter != options.end()) { + podUID = iter->second; + } + + cniArgs["K8S_POD_UID"] = podUID; + cniArgs["IgnoreUnknown"] = "1"; + cniArgs["K8S_POD_NAMESPACE"] = podNs; + cniArgs["K8S_POD_NAME"] = podName; + cniArgs["K8S_POD_INFRA_CONTAINER_ID"] = podSandboxID; + + GetExtensionCNIArgs(annotations, cniArgs); + workLen = cniArgs.size(); + + rt->args = (char *(*)[2])util_common_calloc_s(sizeof(char *) * 2 * workLen); if (rt->args == nullptr) { ERROR("Out of memory"); err.SetError("Out of memory"); - goto free_out; + free_runtime_conf(rt); + return; } - rt->args_len = defaultLen; - rt->args[0][0] = util_strdup_s("IgnoreUnknown"); - rt->args[0][1] = util_strdup_s("1"); - rt->args[1][0] = util_strdup_s("K8S_POD_NAMESPACE"); - rt->args[1][1] = util_strdup_s(podNs.c_str()); - rt->args[2][0] = util_strdup_s("K8S_POD_NAME"); - rt->args[2][1] = util_strdup_s(podName.c_str()); - rt->args[3][0] = util_strdup_s("K8S_POD_INFRA_CONTAINER_ID"); - rt->args[3][1] = util_strdup_s(podSandboxID.c_str()); - rt->args[4][0] = util_strdup_s("K8S_POD_UID"); - rt->args[4][1] = util_strdup_s(podUID.c_str()); - if (defaultLen > 5) { - rt->args[5][0] = util_strdup_s(CRIHelpers::Constants::CNI_MUTL_NET_EXTENSION_ARGS_KEY.c_str()); - rt->args[5][1] = util_strdup_s(cniExtentionVal.c_str()); + rt->args_len = workLen; + + workLen = 0; + for (const auto &work : cniArgs) { + rt->args[workLen][0] = util_strdup_s(work.first.c_str()); + rt->args[workLen][1] = util_strdup_s(work.second.c_str()); + workLen++; } *cni_rc = rt; - return; -free_out: - free_runtime_conf(rt); } void CniNetworkPlugin::BuildCNIRuntimeConf(const std::string &podName, const std::string &podNs, diff --git a/src/daemon/entry/cri/cri_helpers.cc b/src/daemon/entry/cri/cri_helpers.cc index 4fb9feb..ee633b7 100644 --- a/src/daemon/entry/cri/cri_helpers.cc +++ b/src/daemon/entry/cri/cri_helpers.cc @@ -53,6 +53,7 @@ const std::string Constants::NET_PLUGIN_EVENT_POD_CIDR_CHANGE { "pod-cidr-change const std::string Constants::NET_PLUGIN_EVENT_POD_CIDR_CHANGE_DETAIL_CIDR { "pod-cidr" }; const std::string Constants::CNI_MUTL_NET_EXTENSION_KEY { "extension.network.kubernetes.io/cni" }; const std::string Constants::CNI_MUTL_NET_EXTENSION_ARGS_KEY { "CNI_MUTLINET_EXTENSION" }; +const std::string Constants::CNI_ARGS_EXTENSION_PREFIX_KEY { "extension.network.kubernetes.io/cniargs/" }; const char *InternalLabelKeys[] = { CRIHelpers::Constants::CONTAINER_TYPE_LABEL_KEY.c_str(), CRIHelpers::Constants::CONTAINER_LOGPATH_LABEL_KEY.c_str(), diff --git a/src/daemon/entry/cri/cri_helpers.h b/src/daemon/entry/cri/cri_helpers.h index 824d1a6..3ea9ba6 100644 --- a/src/daemon/entry/cri/cri_helpers.h +++ b/src/daemon/entry/cri/cri_helpers.h @@ -58,6 +58,7 @@ public: static const std::string NET_PLUGIN_EVENT_POD_CIDR_CHANGE_DETAIL_CIDR; static const std::string CNI_MUTL_NET_EXTENSION_KEY; static const std::string CNI_MUTL_NET_EXTENSION_ARGS_KEY; + static const std::string CNI_ARGS_EXTENSION_PREFIX_KEY; }; auto GetDefaultSandboxImage(Errors &err) -> std::string; -- 2.20.1