runtime-rs: remove network entities and netns

remove network entities and netns Fixes:#4693 Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
2025-04-29 04:04:45 +00:00 · 2023-04-09 21:57:58 +08:00 · 2023-04-09 21:57:58 +08:00 · 69ba2098f8
commit 69ba2098f8
parent b31f103d12
4 changed files with 32 additions and 3 deletions
--- a/src/runtime-rs/Cargo.lock
+++ b/src/runtime-rs/Cargo.lock
@ -2420,6 +2420,7 @@ dependencies = [
 "logging",
 "netlink-packet-route",
 "netlink-sys",
+ "netns-rs",
 "nix 0.24.3",
 "oci",
 "persist",
--- a/src/runtime-rs/crates/resource/Cargo.toml
+++ b/src/runtime-rs/crates/resource/Cargo.toml
@ -19,6 +19,7 @@ futures = "0.3.11"
 hex = "0.4.3"
 lazy_static = "1.4.0"
 libc = ">=0.2.39"
+netns-rs = "0.1.0"
 netlink-sys = "0.8.3"
 netlink-packet-route = "0.13.0"
 nix = "0.24.2"
--- a/src/runtime-rs/crates/resource/src/network/mod.rs
+++ b/src/runtime-rs/crates/resource/src/network/mod.rs
@ -38,6 +38,7 @@ pub trait Network: Send + Sync {
    async fn routes(&self) -> Result<Vec<agent::Route>>;
    async fn neighs(&self) -> Result<Vec<agent::ARPNeighbor>>;
    async fn save(&self) -> Option<Vec<EndpointState>>;
+    async fn remove(&self, h: &dyn Hypervisor) -> Result<()>;
 }

 pub async fn new(config: &NetworkConfig) -> Result<Arc<dyn Network>> {
--- a/src/runtime-rs/crates/resource/src/network/network_with_netns.rs
+++ b/src/runtime-rs/crates/resource/src/network/network_with_netns.rs
@ -4,9 +4,12 @@
 // SPDX-License-Identifier: Apache-2.0
 //

-use std::sync::{
-    atomic::{AtomicU32, Ordering},
-    Arc,
+use std::{
+    fs,
+    sync::{
+        atomic::{AtomicU32, Ordering},
+        Arc,
+    },
 };

 use super::endpoint::endpoint_persist::EndpointState;
@ -14,6 +17,7 @@ use anyhow::{anyhow, Context, Result};
 use async_trait::async_trait;
 use futures::stream::TryStreamExt;
 use hypervisor::Hypervisor;
+use netns_rs::get_from_path;
 use scopeguard::defer;
 use tokio::sync::RwLock;

@ -39,6 +43,7 @@ pub struct NetworkWithNetNsConfig {
 struct NetworkWithNetnsInner {
    netns_path: String,
    entity_list: Vec<NetworkEntity>,
+    network_created: bool,
 }

 impl NetworkWithNetnsInner {
@ -55,6 +60,7 @@ impl NetworkWithNetnsInner {
        Ok(Self {
            netns_path: config.netns_path.to_string(),
            entity_list,
+            network_created: config.network_created,
        })
    }
 }
@ -121,6 +127,26 @@ impl Network for NetworkWithNetns {
        }
        Some(endpoint)
    }
+
+    async fn remove(&self, h: &dyn Hypervisor) -> Result<()> {
+        let inner = self.inner.read().await;
+        // The network namespace would have been deleted at this point
+        // if it has not been created by virtcontainers.
+        if !inner.network_created {
+            return Ok(());
+        }
+        {
+            let _netns_guard =
+                netns::NetnsGuard::new(&inner.netns_path).context("net netns guard")?;
+            for e in &inner.entity_list {
+                e.endpoint.detach(h).await.context("detach")?;
+            }
+        }
+        let netns = get_from_path(inner.netns_path.clone())?;
+        netns.remove()?;
+        fs::remove_dir_all(inner.netns_path.clone()).context("failed to remove netns path")?;
+        Ok(())
+    }
 }

 async fn get_entity_from_netns(config: &NetworkWithNetNsConfig) -> Result<Vec<NetworkEntity>> {