github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-11-04 11:50:15 +00:00
Code Issues Projects Releases Wiki Activity

runtime-rs: remove network entities and netns

Browse Source 
remove network entities and netns

Fixes:#4693
Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
This commit is contained in:
Zhongtao Hu
2023-04-09 21:57:58 +08:00
parent b31f103d12
commit 69ba2098f8
4 changed files with 32 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/runtime-rs/Cargo.lock generated
View File

@@ -2420,6 +2420,7 @@ dependencies = [
"logging", "logging",
"netlink-packet-route", "netlink-packet-route",
"netlink-sys", "netlink-sys",
"netns-rs",
"nix 0.24.3", "nix 0.24.3",
"oci", "oci",
"persist", "persist",

1
src/runtime-rs/crates/resource/Cargo.toml
View File

@@ -19,6 +19,7 @@ futures = "0.3.11"
hex = "0.4.3" hex = "0.4.3"
lazy_static = "1.4.0" lazy_static = "1.4.0"
libc = ">=0.2.39" libc = ">=0.2.39"
netns-rs = "0.1.0"
netlink-sys = "0.8.3" netlink-sys = "0.8.3"
netlink-packet-route = "0.13.0" netlink-packet-route = "0.13.0"
nix = "0.24.2" nix = "0.24.2"

1
src/runtime-rs/crates/resource/src/network/mod.rs
View File

@@ -38,6 +38,7 @@ pub trait Network: Send + Sync {
async fn routes(&self) -> Result<Vec<agent::Route>>; async fn routes(&self) -> Result<Vec<agent::Route>>;
async fn neighs(&self) -> Result<Vec<agent::ARPNeighbor>>; async fn neighs(&self) -> Result<Vec<agent::ARPNeighbor>>;
async fn save(&self) -> Option<Vec<EndpointState>>; async fn save(&self) -> Option<Vec<EndpointState>>;
async fn remove(&self, h: &dyn Hypervisor) -> Result<()>;
} }
pub async fn new(config: &NetworkConfig) -> Result<Arc<dyn Network>> { pub async fn new(config: &NetworkConfig) -> Result<Arc<dyn Network>> {

28
src/runtime-rs/crates/resource/src/network/network_with_netns.rs
View File

@@ -4,9 +4,12 @@
// SPDX-License-Identifier: Apache-2.0 // SPDX-License-Identifier: Apache-2.0
// //
use std::sync::{ use std::{
fs,
sync::{
atomic::{AtomicU32, Ordering}, atomic::{AtomicU32, Ordering},
Arc, Arc,
},
}; };
use super::endpoint::endpoint_persist::EndpointState; use super::endpoint::endpoint_persist::EndpointState;
@@ -14,6 +17,7 @@ use anyhow::{anyhow, Context, Result};
use async_trait::async_trait; use async_trait::async_trait;
use futures::stream::TryStreamExt; use futures::stream::TryStreamExt;
use hypervisor::Hypervisor; use hypervisor::Hypervisor;
use netns_rs::get_from_path;
use scopeguard::defer; use scopeguard::defer;
use tokio::sync::RwLock; use tokio::sync::RwLock;
@@ -39,6 +43,7 @@ pub struct NetworkWithNetNsConfig {
struct NetworkWithNetnsInner { struct NetworkWithNetnsInner {
netns_path: String, netns_path: String,
entity_list: Vec<NetworkEntity>, entity_list: Vec<NetworkEntity>,
network_created: bool,
} }
impl NetworkWithNetnsInner { impl NetworkWithNetnsInner {
@@ -55,6 +60,7 @@ impl NetworkWithNetnsInner {
Ok(Self { Ok(Self {
netns_path: config.netns_path.to_string(), netns_path: config.netns_path.to_string(),
entity_list, entity_list,
network_created: config.network_created,
}) })
} }
} }
@@ -121,6 +127,26 @@ impl Network for NetworkWithNetns {
} }
Some(endpoint) Some(endpoint)
} }
async fn remove(&self, h: &dyn Hypervisor) -> Result<()> {
let inner = self.inner.read().await;
// The network namespace would have been deleted at this point
// if it has not been created by virtcontainers.
if !inner.network_created {
return Ok(());
}
{
let _netns_guard =
netns::NetnsGuard::new(&inner.netns_path).context("net netns guard")?;
for e in &inner.entity_list {
e.endpoint.detach(h).await.context("detach")?;
}
}
let netns = get_from_path(inner.netns_path.clone())?;
netns.remove()?;
fs::remove_dir_all(inner.netns_path.clone()).context("failed to remove netns path")?;
Ok(())
}
} }
async fn get_entity_from_netns(config: &NetworkWithNetNsConfig) -> Result<Vec<NetworkEntity>> { async fn get_entity_from_netns(config: &NetworkWithNetNsConfig) -> Result<Vec<NetworkEntity>> {