virtcontainers: Avoid conflict with network monitor

Because the network monitor will be listening to every event received through the netlink socket, it will be notified everytime a new link will be added/updated/modified in the network namespace it's running into. The goal being to detect new interface added by Docker such as a veth pair. The problem is that kata-runtime will add other internal interfaces when the network monitor will ask for the addition of the new veth pair. And we need a way to ignore those new interfaces being created as they relate to the veth pair that is being added. That's why, in order to prevent from running into an infinite loop, virtcontainers needs to tag the internal interfaces with the "kata" suffix so that the network monitor will be able to ignore them. Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2025-07-04 11:06:21 +00:00 · 2018-09-04 15:07:40 -07:00 · 2018-09-04 15:07:40 -07:00 · 29e2fa0fed
commit 29e2fa0fed
parent f6ce46541e
4 changed files with 13 additions and 13 deletions
--- a/virtcontainers/network.go
+++ b/virtcontainers/network.go
@ -257,7 +257,7 @@ func (endpoint *VirtualEndpoint) HotAttach(h hypervisor) error {
 		return err
 	}
-	if _, err := h.hotplugAddDevice(*endpoint, netDev); err != nil {
+	if _, err := h.hotplugAddDevice(endpoint, netDev); err != nil {
 		networkLogger().WithError(err).Error("Error attach virtual ep")
 		return err
 	}
@ -273,11 +273,10 @@ func (endpoint *VirtualEndpoint) HotDetach(h hypervisor, netNsCreated bool, netN
 	if err := doNetNS(netNsPath, func(_ ns.NetNS) error {
 		return xconnectVMNetwork(&(endpoint.NetPair), false, 0, h.hypervisorConfig().DisableVhostNet)
 	}); err != nil {
-		networkLogger().WithError(err).Error("Error abridging virtual ep")
+		networkLogger().WithError(err).Warn("Error un-bridging virtual ep")
 		return err
 	}
-	if _, err := h.hotplugRemoveDevice(*endpoint, netDev); err != nil {
+	if _, err := h.hotplugRemoveDevice(endpoint, netDev); err != nil {
 		networkLogger().WithError(err).Error("Error detach virtual ep")
 		return err
 	}
@ -1151,13 +1150,13 @@ func createVirtualNetworkEndpoint(idx int, ifName string, interworkingModel NetI
 		// at the time of hypervisor attach and not here
 		NetPair: NetworkInterfacePair{
 			ID:   uniqueID,
-			Name: fmt.Sprintf("br%d", idx),
+			Name: fmt.Sprintf("br%d_kata", idx),
 			VirtIface: NetworkInterface{
 				Name:     fmt.Sprintf("eth%d", idx),
 				HardAddr: hardAddr.String(),
 			},
 			TAPIface: NetworkInterface{
-				Name: fmt.Sprintf("tap%d", idx),
+				Name: fmt.Sprintf("tap%d_kata", idx),
 			},
 			NetInterworkingModel: interworkingModel,
 		},
--- a/virtcontainers/network_test.go
+++ b/virtcontainers/network_test.go
@ -209,13 +209,13 @@ func TestCreateVirtualNetworkEndpoint(t *testing.T) {
 	expected := &VirtualEndpoint{
 		NetPair: NetworkInterfacePair{
 			ID:   "uniqueTestID-4",
-			Name: "br4",
+			Name: "br4_kata",
 			VirtIface: NetworkInterface{
 				Name:     "eth4",
 				HardAddr: macAddr.String(),
 			},
 			TAPIface: NetworkInterface{
-				Name: "tap4",
+				Name: "tap4_kata",
 			},
 			NetInterworkingModel: DefaultNetInterworkingModel,
 		},
@ -241,13 +241,13 @@ func TestCreateVirtualNetworkEndpointChooseIfaceName(t *testing.T) {
 	expected := &VirtualEndpoint{
 		NetPair: NetworkInterfacePair{
 			ID:   "uniqueTestID-4",
-			Name: "br4",
+			Name: "br4_kata",
 			VirtIface: NetworkInterface{
 				Name:     "eth1",
 				HardAddr: macAddr.String(),
 			},
 			TAPIface: NetworkInterface{
-				Name: "tap4",
+				Name: "tap4_kata",
 			},
 			NetInterworkingModel: DefaultNetInterworkingModel,
 		},
--- a/virtcontainers/qemu.go
+++ b/virtcontainers/qemu.go
@ -821,7 +821,7 @@ func (q *qemu) hotplugVFIODevice(device *config.VFIODev, op operation) error {
 	return nil
 }
-func (q *qemu) hotplugMacvtap(drive VirtualEndpoint) error {
+func (q *qemu) hotplugMacvtap(drive *VirtualEndpoint) error {
 	var (
 		VMFdNames    []string
 		VhostFdNames []string
@ -845,7 +845,7 @@ func (q *qemu) hotplugMacvtap(drive VirtualEndpoint) error {
 	return q.qmpMonitorCh.qmp.ExecuteNetdevAddByFds(q.qmpMonitorCh.ctx, "tap", drive.NetPair.Name, VMFdNames, VhostFdNames)
 }
-func (q *qemu) hotplugNetDevice(drive VirtualEndpoint, op operation) error {
+func (q *qemu) hotplugNetDevice(drive *VirtualEndpoint, op operation) error {
 	err := q.qmpSetup()
 	if err != nil {
 		return err
@ -902,7 +902,7 @@ func (q *qemu) hotplugDevice(devInfo interface{}, devType deviceType, op operati
 		memdev := devInfo.(*memoryDevice)
 		return nil, q.hotplugMemory(memdev, op)
 	case netDev:
-		device := devInfo.(VirtualEndpoint)
+		device := devInfo.(*VirtualEndpoint)
 		return nil, q.hotplugNetDevice(device, op)
 	default:
 		return nil, fmt.Errorf("cannot hotplug device: unsupported device type '%v'", devType)
--- a/virtcontainers/sandbox.go
+++ b/virtcontainers/sandbox.go
@ -1056,6 +1056,7 @@ func (s *Sandbox) AddInterface(inf *grpc.Interface) (*grpc.Interface, error) {
 	}
 	// Add network for vm
 	inf.PciAddr = endpoint.PCIAddr
 	return s.agent.updateInterface(inf)
 }