diff --git a/src/runtime-rs/Cargo.lock b/src/runtime-rs/Cargo.lock index db556e9a77..89ea2abf1b 100644 --- a/src/runtime-rs/Cargo.lock +++ b/src/runtime-rs/Cargo.lock @@ -2420,6 +2420,7 @@ dependencies = [ "logging", "netlink-packet-route", "netlink-sys", + "netns-rs", "nix 0.24.3", "oci", "persist", diff --git a/src/runtime-rs/crates/resource/Cargo.toml b/src/runtime-rs/crates/resource/Cargo.toml index c7acfb5845..baafd28b76 100644 --- a/src/runtime-rs/crates/resource/Cargo.toml +++ b/src/runtime-rs/crates/resource/Cargo.toml @@ -19,6 +19,7 @@ futures = "0.3.11" hex = "0.4.3" lazy_static = "1.4.0" libc = ">=0.2.39" +netns-rs = "0.1.0" netlink-sys = "0.8.3" netlink-packet-route = "0.13.0" nix = "0.24.2" diff --git a/src/runtime-rs/crates/resource/src/network/mod.rs b/src/runtime-rs/crates/resource/src/network/mod.rs index 6a83db8bb5..0fe3aa2940 100644 --- a/src/runtime-rs/crates/resource/src/network/mod.rs +++ b/src/runtime-rs/crates/resource/src/network/mod.rs @@ -38,6 +38,7 @@ pub trait Network: Send + Sync { async fn routes(&self) -> Result>; async fn neighs(&self) -> Result>; async fn save(&self) -> Option>; + async fn remove(&self, h: &dyn Hypervisor) -> Result<()>; } pub async fn new(config: &NetworkConfig) -> Result> { diff --git a/src/runtime-rs/crates/resource/src/network/network_with_netns.rs b/src/runtime-rs/crates/resource/src/network/network_with_netns.rs index 651c2497c4..bb5273ffcb 100644 --- a/src/runtime-rs/crates/resource/src/network/network_with_netns.rs +++ b/src/runtime-rs/crates/resource/src/network/network_with_netns.rs @@ -4,9 +4,12 @@ // SPDX-License-Identifier: Apache-2.0 // -use std::sync::{ - atomic::{AtomicU32, Ordering}, - Arc, +use std::{ + fs, + sync::{ + atomic::{AtomicU32, Ordering}, + Arc, + }, }; use super::endpoint::endpoint_persist::EndpointState; @@ -14,6 +17,7 @@ use anyhow::{anyhow, Context, Result}; use async_trait::async_trait; use futures::stream::TryStreamExt; use hypervisor::Hypervisor; +use netns_rs::get_from_path; use scopeguard::defer; use tokio::sync::RwLock; @@ -39,6 +43,7 @@ pub struct NetworkWithNetNsConfig { struct NetworkWithNetnsInner { netns_path: String, entity_list: Vec, + network_created: bool, } impl NetworkWithNetnsInner { @@ -55,6 +60,7 @@ impl NetworkWithNetnsInner { Ok(Self { netns_path: config.netns_path.to_string(), entity_list, + network_created: config.network_created, }) } } @@ -121,6 +127,26 @@ impl Network for NetworkWithNetns { } Some(endpoint) } + + async fn remove(&self, h: &dyn Hypervisor) -> Result<()> { + let inner = self.inner.read().await; + // The network namespace would have been deleted at this point + // if it has not been created by virtcontainers. + if !inner.network_created { + return Ok(()); + } + { + let _netns_guard = + netns::NetnsGuard::new(&inner.netns_path).context("net netns guard")?; + for e in &inner.entity_list { + e.endpoint.detach(h).await.context("detach")?; + } + } + let netns = get_from_path(inner.netns_path.clone())?; + netns.remove()?; + fs::remove_dir_all(inner.netns_path.clone()).context("failed to remove netns path")?; + Ok(()) + } } async fn get_entity_from_netns(config: &NetworkWithNetNsConfig) -> Result> {