runtime-rs: make NetnsGuard common for hypervisor and resource.

In order to better support non-builtin vmm usage of NetnsGuard and reduce code duplication, we need to move it to a common path that can be referenced by both hypervisor and resource manager. In this patch, it just do moving code from network/utils/netns.rs to kata-sys-utils/src/netns.rs Fixes: #8865 Signed-off-by: Alex Lyn <alex.lyn@antgroup.com>
2025-08-02 00:02:01 +00:00 · 2024-03-02 21:20:12 +08:00 · 2024-03-02 21:20:12 +08:00 · b1038704e0
commit b1038704e0
parent 54e5ce2464
11 changed files with 14 additions and 8 deletions
--- a/src/libs/Cargo.lock
+++ b/src/libs/Cargo.lock
@ -692,6 +692,7 @@ dependencies = [
 "chrono",
 "common-path",
 "fail",
+ "hex",
 "kata-types",
 "lazy_static",
 "libc",
@ -708,6 +709,7 @@ dependencies = [
 "slog-scope",
 "subprocess",
 "tempfile",
+ "test-utils",
 "thiserror",
 ]

--- a/src/libs/kata-sys-util/Cargo.toml
+++ b/src/libs/kata-sys-util/Cargo.toml
@ -28,6 +28,7 @@ slog-scope = "4.4.0"
 subprocess = "0.2.8"
 rand = "0.8.5"
 thiserror = "1.0.30"
+hex = "0.4.3"

 kata-types = { path = "../kata-types" }
 oci = { path = "../oci" }
@ -37,3 +38,4 @@ safe-path = { path = "../safe-path" }
 num_cpus = "1.13.1"
 serial_test = "0.5.1"
 tempfile = "3.2.0"
+test-utils = { path = "../test-utils" }
--- a/src/libs/kata-sys-util/src/lib.rs
+++ b/src/libs/kata-sys-util/src/lib.rs
@ -12,6 +12,7 @@ pub mod fs;
 pub mod hooks;
 pub mod k8s;
 pub mod mount;
+pub mod netns;
 pub mod numa;
 pub mod protection;
 pub mod rand;
--- a/src/runtime-rs/crates/resource/src/network/utils/netns.rs
+++ b/src/runtime-rs/crates/resource/src/network/utils/netns.rs
@ -11,6 +11,8 @@ use nix::sched::{setns, CloneFlags};
 use nix::unistd::{getpid, gettid};
 use rand::Rng;

+use kata_types::sl;
+
 pub struct NetnsGuard {
    old_netns: Option<File>,
 }
--- a/src/runtime-rs/Cargo.lock
+++ b/src/runtime-rs/Cargo.lock
@ -1796,6 +1796,7 @@ dependencies = [
 "chrono",
 "common-path",
 "fail",
+ "hex",
 "kata-types",
 "lazy_static",
 "libc",
@ -3211,7 +3212,6 @@ dependencies = [
 "byte-unit 4.0.19",
 "cgroups-rs",
 "futures 0.3.28",
- "hex",
 "hypervisor",
 "kata-sys-util",
 "kata-types",
--- a/src/runtime-rs/crates/resource/Cargo.toml
+++ b/src/runtime-rs/crates/resource/Cargo.toml
@ -17,7 +17,6 @@ bitflags = "1.2.1"
 byte-unit = "4.0.14"
 cgroups-rs = "0.3.2"
 futures = "0.3.11"
-hex = "0.4.3"
 lazy_static = "1.4.0"
 libc = ">=0.2.39"
 netns-rs = "0.1.0"
--- a/src/runtime-rs/crates/resource/src/network/dan.rs
+++ b/src/runtime-rs/crates/resource/src/network/dan.rs
@ -24,6 +24,7 @@ use anyhow::{anyhow, Context, Result};
 use async_trait::async_trait;
 use hypervisor::device::device_manager::DeviceManager;
 use hypervisor::Hypervisor;
+use kata_sys_util::netns::NetnsGuard;
 use kata_types::config::TomlConfig;
 use scopeguard::defer;
 use serde::{Deserialize, Serialize};
@ -32,7 +33,7 @@ use tokio::sync::RwLock;

 use super::network_entity::NetworkEntity;
 use super::utils::address::{ip_family_from_ip_addr, parse_ip_cidr};
-use super::{EndpointState, NetnsGuard, Network};
+use super::{EndpointState, Network};
 use crate::network::endpoint::{TapEndpoint, VhostUserEndpoint};
 use crate::network::network_info::network_info_from_dan::NetworkInfoFromDan;
 use crate::network::utils::generate_private_mac_addr;
--- a/src/runtime-rs/crates/resource/src/network/mod.rs
+++ b/src/runtime-rs/crates/resource/src/network/mod.rs
@ -22,8 +22,8 @@ use network_with_netns::NetworkWithNetns;
 mod network_pair;
 use network_pair::NetworkPair;
 mod utils;
+pub use kata_sys_util::netns::{generate_netns_name, NetnsGuard};
 use tokio::sync::RwLock;
-pub use utils::netns::{generate_netns_name, NetnsGuard};

 use anyhow::{Context, Result};
 use async_trait::async_trait;
--- a/src/runtime-rs/crates/resource/src/network/network_with_netns.rs
+++ b/src/runtime-rs/crates/resource/src/network/network_with_netns.rs
@ -17,6 +17,7 @@ use anyhow::{anyhow, Context, Result};
 use async_trait::async_trait;
 use futures::stream::TryStreamExt;
 use hypervisor::{device::device_manager::DeviceManager, Hypervisor};
+use kata_sys_util::netns;
 use netns_rs::get_from_path;
 use scopeguard::defer;
 use tokio::sync::RwLock;
@ -27,7 +28,7 @@ use super::{
    },
    network_entity::NetworkEntity,
    network_info::network_info_from_link::{handle_addresses, NetworkInfoFromLink},
-    utils::{link, netns},
+    utils::link,
    Network,
 };
 use crate::network::NetworkInfo;
--- a/src/runtime-rs/crates/resource/src/network/utils/mod.rs
+++ b/src/runtime-rs/crates/resource/src/network/utils/mod.rs
@ -6,7 +6,6 @@

 pub(crate) mod address;
 pub(crate) mod link;
-pub(crate) mod netns;

 use anyhow::{anyhow, Result};
 use rand::rngs::OsRng;
--- a/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/manager.rs
+++ b/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/manager.rs
@ -21,12 +21,11 @@ use common::{
 };
 use hypervisor::Hypervisor;
 use oci::Process as OCIProcess;
-use resource::network::NetnsGuard;
 use resource::ResourceManager;
 use tokio::sync::RwLock;
 use tracing::instrument;

-use kata_sys_util::hooks::HookStates;
+use kata_sys_util::{hooks::HookStates, netns::NetnsGuard};

 use super::{logger_with_process, Container};