github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-29 08:47:56 +00:00
Code Issues Projects Releases Wiki Activity

network: Always bind back physical interfaces

Browse Source 
In case of physical network interfaces, we explicitly
pass through them to the VM. We need to bind them back to
the host driver when the sandbox is stopped, irrespective if
the network namespace has been created by virtcontainers or not.

Fixes #384

Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
This commit is contained in:
Archana Shinde 2018-06-11 12:46:08 -07:00
parent 1aff702a38
commit f2d9632bc0
5 changed files with 48 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
virtcontainers/cni.go
View File

@ -153,10 +153,10 @@ func (n *cni) add(sandbox *Sandbox, config NetworkConfig, netNsPath string, netN
return networkNS, nil return networkNS, nil
} }
// remove unbridges and deletes TAP interfaces. It also removes virtual network // remove network endpoints in the network namespace. It also deletes the network
// interfaces and deletes the network namespace for the CNI network. // namespace in case the namespace has been created by us.
func (n *cni) remove(sandbox *Sandbox, networkNS NetworkNamespace) error { func (n *cni) remove(sandbox *Sandbox, networkNS NetworkNamespace, netNsCreated bool) error {
if err := removeNetworkCommon(networkNS); err != nil { if err := removeNetworkCommon(networkNS, netNsCreated); err != nil {
return err return err
} }
@ -164,5 +164,9 @@ func (n *cni) remove(sandbox *Sandbox, networkNS NetworkNamespace) error {
return err return err
} }
return deleteNetNS(networkNS.NetNsPath, true) if netNsCreated {
return deleteNetNS(networkNS.NetNsPath, true)
}
return nil
} }

14
virtcontainers/cnm.go
View File

@ -47,12 +47,16 @@ func (n *cnm) add(sandbox *Sandbox, config NetworkConfig, netNsPath string, netN
return networkNS, nil return networkNS, nil
} }
// remove unbridges and deletes TAP interfaces. It also removes virtual network // remove network endpoints in the network namespace. It also deletes the network
// interfaces and deletes the network namespace for the CNM network. // namespace in case the namespace has been created by us.
func (n *cnm) remove(sandbox *Sandbox, networkNS NetworkNamespace) error { func (n *cnm) remove(sandbox *Sandbox, networkNS NetworkNamespace, netNsCreated bool) error {
if err := removeNetworkCommon(networkNS); err != nil { if err := removeNetworkCommon(networkNS, netNsCreated); err != nil {
return err return err
} }
return deleteNetNS(networkNS.NetNsPath, true) if netNsCreated {
return deleteNetNS(networkNS.NetNsPath, true)
}
return nil
} }

42
virtcontainers/network.go
View File

@ -153,7 +153,7 @@ type Endpoint interface {
SetProperties(NetworkInfo) SetProperties(NetworkInfo)
Attach(hypervisor) error Attach(hypervisor) error
Detach() error Detach(netNsCreated bool, netNsPath string) error
} }
// VirtualEndpoint gathers a network pair and its properties. // VirtualEndpoint gathers a network pair and its properties.
@ -230,9 +230,18 @@ func (endpoint *VirtualEndpoint) Attach(h hypervisor) error {
// Detach for the virtual endpoint tears down the tap and bridge // Detach for the virtual endpoint tears down the tap and bridge
// created for the veth interface. // created for the veth interface.
func (endpoint *VirtualEndpoint) Detach() error { func (endpoint *VirtualEndpoint) Detach(netNsCreated bool, netNsPath string) error {
// The network namespace would have been deleted at this point
// if it has not been created by virtcontainers.
if !netNsCreated {
return nil
}
networkLogger().Info("Detaching virtual endpoint") networkLogger().Info("Detaching virtual endpoint")
return xconnectVMNetwork(&(endpoint.NetPair), false)
return doNetNS(netNsPath, func(_ ns.NetNS) error {
return xconnectVMNetwork(&(endpoint.NetPair), false)
})
} }
// Properties returns the properties of the interface. // Properties returns the properties of the interface.
@ -281,7 +290,7 @@ func (endpoint *VhostUserEndpoint) Attach(h hypervisor) error {
} }
// Detach for vhostuser endpoint // Detach for vhostuser endpoint
func (endpoint *VhostUserEndpoint) Detach() error { func (endpoint *VhostUserEndpoint) Detach(netNsCreated bool, netNsPath string) error {
networkLogger().Info("Detaching vhostuser based endpoint") networkLogger().Info("Detaching vhostuser based endpoint")
return nil return nil
} }
@ -343,9 +352,14 @@ func (endpoint *PhysicalEndpoint) Attach(h hypervisor) error {
// Detach for physical endpoint unbinds the physical network interface from vfio-pci // Detach for physical endpoint unbinds the physical network interface from vfio-pci
// and binds it back to the saved host driver. // and binds it back to the saved host driver.
func (endpoint *PhysicalEndpoint) Detach() error { func (endpoint *PhysicalEndpoint) Detach(netNsCreated bool, netNsPath string) error {
// Bind back the physical network interface to host. // Bind back the physical network interface to host.
// We need to do this even if a new network namespace has not
// been created by virtcontainers.
networkLogger().Info("Detaching physical endpoint") networkLogger().Info("Detaching physical endpoint")
// We do not need to enter the network namespace to bind back the
// physical interface to host driver.
return bindNICToHost(endpoint) return bindNICToHost(endpoint)
} }
@ -606,16 +620,16 @@ func addNetworkCommon(sandbox *Sandbox, networkNS *NetworkNamespace) error {
return err return err
} }
func removeNetworkCommon(networkNS NetworkNamespace) error { func removeNetworkCommon(networkNS NetworkNamespace, netNsCreated bool) error {
return doNetNS(networkNS.NetNsPath, func(_ ns.NetNS) error { for _, endpoint := range networkNS.Endpoints {
for _, endpoint := range networkNS.Endpoints { // Detach for an endpoint should enter the network namespace
if err := endpoint.Detach(); err != nil { // if required.
return err if err := endpoint.Detach(netNsCreated, networkNS.NetNsPath); err != nil {
} return err
} }
}
return nil return nil
})
} }
func createLink(netHandle *netlink.Handle, name string, expectedLink netlink.Link) (netlink.Link, []*os.File, error) { func createLink(netHandle *netlink.Handle, name string, expectedLink netlink.Link) (netlink.Link, []*os.File, error) {
@ -1410,5 +1424,5 @@ type network interface {
// remove unbridges and deletes TAP interfaces. It also removes virtual network // remove unbridges and deletes TAP interfaces. It also removes virtual network
// interfaces and deletes the network namespace. // interfaces and deletes the network namespace.
remove(sandbox *Sandbox, networkNS NetworkNamespace) error remove(sandbox *Sandbox, networkNS NetworkNamespace, netNsCreated bool) error
} }

2
virtcontainers/noop_network.go
View File

@ -32,6 +32,6 @@ func (n *noopNetwork) add(sandbox *Sandbox, config NetworkConfig, netNsPath stri
// remove unbridges and deletes TAP interfaces. It also removes virtual network // remove unbridges and deletes TAP interfaces. It also removes virtual network
// interfaces and deletes the network namespace for the Noop network. // interfaces and deletes the network namespace for the Noop network.
// It does nothing. // It does nothing.
func (n *noopNetwork) remove(sandbox *Sandbox, networkNS NetworkNamespace) error { func (n *noopNetwork) remove(sandbox *Sandbox, networkNS NetworkNamespace, netNsCreated bool) error {
return nil return nil
} }

6
virtcontainers/sandbox.go
View File

@ -918,11 +918,7 @@ func (s *Sandbox) createNetwork() error {
} }
func (s *Sandbox) removeNetwork() error { func (s *Sandbox) removeNetwork() error {
if s.networkNS.NetNsCreated { return s.network.remove(s, s.networkNS, s.networkNS.NetNsCreated)
return s.network.remove(s, s.networkNS)
}
return nil
} }
// startVM starts the VM. // startVM starts the VM.