diff --git a/cmd/kubelet/app/BUILD b/cmd/kubelet/app/BUILD index cbfb90ff134..1eadc2c6e90 100644 --- a/cmd/kubelet/app/BUILD +++ b/cmd/kubelet/app/BUILD @@ -91,14 +91,14 @@ go_library( "//pkg/kubelet/config:go_default_library", "//pkg/kubelet/container:go_default_library", "//pkg/kubelet/dockershim:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", + "//pkg/kubelet/dockershim/network/cni:go_default_library", + "//pkg/kubelet/dockershim/network/kubenet:go_default_library", "//pkg/kubelet/dockershim/remote:go_default_library", "//pkg/kubelet/eviction:go_default_library", "//pkg/kubelet/eviction/api:go_default_library", "//pkg/kubelet/kubeletconfig:go_default_library", "//pkg/kubelet/kubeletconfig/configfiles:go_default_library", - "//pkg/kubelet/network:go_default_library", - "//pkg/kubelet/network/cni:go_default_library", - "//pkg/kubelet/network/kubenet:go_default_library", "//pkg/kubelet/server:go_default_library", "//pkg/kubelet/server/streaming:go_default_library", "//pkg/kubelet/types:go_default_library", diff --git a/cmd/kubelet/app/plugins.go b/cmd/kubelet/app/plugins.go index cbb20ba93ac..22700b051f1 100644 --- a/cmd/kubelet/app/plugins.go +++ b/cmd/kubelet/app/plugins.go @@ -24,9 +24,9 @@ import ( _ "k8s.io/kubernetes/pkg/credentialprovider/gcp" _ "k8s.io/kubernetes/pkg/credentialprovider/rancher" // Network plugins - "k8s.io/kubernetes/pkg/kubelet/network" - "k8s.io/kubernetes/pkg/kubelet/network/cni" - "k8s.io/kubernetes/pkg/kubelet/network/kubenet" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/kubenet" // Volume plugins "k8s.io/kubernetes/pkg/volume" "k8s.io/kubernetes/pkg/volume/aws_ebs" diff --git a/cmd/kubelet/app/server.go b/cmd/kubelet/app/server.go index 3337d3a1f47..6dd9382e40b 100644 --- a/cmd/kubelet/app/server.go +++ b/cmd/kubelet/app/server.go @@ -80,7 +80,6 @@ import ( evictionapi "k8s.io/kubernetes/pkg/kubelet/eviction/api" dynamickubeletconfig "k8s.io/kubernetes/pkg/kubelet/kubeletconfig" "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles" - "k8s.io/kubernetes/pkg/kubelet/network/cni" "k8s.io/kubernetes/pkg/kubelet/server" "k8s.io/kubernetes/pkg/kubelet/server/streaming" kubetypes "k8s.io/kubernetes/pkg/kubelet/types" @@ -359,7 +358,6 @@ func UnsecuredDependencies(s *options.KubeletServer) (*kubelet.Dependencies, err ExternalKubeClient: nil, EventClient: nil, Mounter: mounter, - NetworkPlugins: ProbeNetworkPlugins(s.CNIConfDir, cni.SplitDirs(s.CNIBinDir)), OOMAdjuster: oom.NewOOMAdjuster(), OSInterface: kubecontainer.RealOS{}, Writer: writer, @@ -1112,15 +1110,13 @@ func RunDockershim(f *options.KubeletFlags, c *kubeletconfiginternal.KubeletConf } // Initialize network plugin settings. - nh := &kubelet.NoOpLegacyHost{} pluginSettings := dockershim.NetworkPluginSettings{ - HairpinMode: kubeletconfiginternal.HairpinMode(c.HairpinMode), - NonMasqueradeCIDR: f.NonMasqueradeCIDR, - PluginName: r.NetworkPluginName, - PluginConfDir: r.CNIConfDir, - PluginBinDirs: cni.SplitDirs(r.CNIBinDir), - MTU: int(r.NetworkPluginMTU), - LegacyRuntimeHost: nh, + HairpinMode: kubeletconfiginternal.HairpinMode(c.HairpinMode), + NonMasqueradeCIDR: f.NonMasqueradeCIDR, + PluginName: r.NetworkPluginName, + PluginConfDir: r.CNIConfDir, + PluginBinDirString: r.CNIBinDir, + MTU: int(r.NetworkPluginMTU), } // Initialize streaming configuration. (Not using TLS now) diff --git a/hack/.golint_failures b/hack/.golint_failures index e07bb3cc98e..378a6e054fe 100644 --- a/hack/.golint_failures +++ b/hack/.golint_failures @@ -172,6 +172,14 @@ pkg/kubelet/custommetrics pkg/kubelet/dockershim pkg/kubelet/dockershim/cm pkg/kubelet/dockershim/libdocker +pkg/kubelet/dockershim/network +pkg/kubelet/dockershim/network/cni +pkg/kubelet/dockershim/network/cni/testing +pkg/kubelet/dockershim/network/hairpin +pkg/kubelet/dockershim/network/hostport +pkg/kubelet/dockershim/network/hostport/testing +pkg/kubelet/dockershim/network/kubenet +pkg/kubelet/dockershim/network/testing pkg/kubelet/dockershim/testing pkg/kubelet/events pkg/kubelet/images @@ -179,14 +187,6 @@ pkg/kubelet/kuberuntime pkg/kubelet/leaky pkg/kubelet/lifecycle pkg/kubelet/metrics -pkg/kubelet/network -pkg/kubelet/network/cni -pkg/kubelet/network/cni/testing -pkg/kubelet/network/hairpin -pkg/kubelet/network/hostport -pkg/kubelet/network/hostport/testing -pkg/kubelet/network/kubenet -pkg/kubelet/network/testing pkg/kubelet/pleg pkg/kubelet/pod pkg/kubelet/pod/testing diff --git a/pkg/kubelet/BUILD b/pkg/kubelet/BUILD index aebbbbd5343..891a61bdc05 100644 --- a/pkg/kubelet/BUILD +++ b/pkg/kubelet/BUILD @@ -63,8 +63,6 @@ go_library( "//pkg/kubelet/metrics:go_default_library", "//pkg/kubelet/metrics/collectors:go_default_library", "//pkg/kubelet/mountpod:go_default_library", - "//pkg/kubelet/network:go_default_library", - "//pkg/kubelet/network/cni:go_default_library", "//pkg/kubelet/network/dns:go_default_library", "//pkg/kubelet/pleg:go_default_library", "//pkg/kubelet/pod:go_default_library", @@ -169,7 +167,6 @@ go_test( "//pkg/cloudprovider/providers/fake:go_default_library", "//pkg/kubelet/apis:go_default_library", "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library", - "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/cadvisor/testing:go_default_library", "//pkg/kubelet/cm:go_default_library", "//pkg/kubelet/config:go_default_library", @@ -180,8 +177,6 @@ go_test( "//pkg/kubelet/images:go_default_library", "//pkg/kubelet/lifecycle:go_default_library", "//pkg/kubelet/logs:go_default_library", - "//pkg/kubelet/network:go_default_library", - "//pkg/kubelet/network/testing:go_default_library", "//pkg/kubelet/pleg:go_default_library", "//pkg/kubelet/pod:go_default_library", "//pkg/kubelet/pod/testing:go_default_library", diff --git a/pkg/kubelet/dockershim/BUILD b/pkg/kubelet/dockershim/BUILD index c401eb84176..ccdc7ece9ea 100644 --- a/pkg/kubelet/dockershim/BUILD +++ b/pkg/kubelet/dockershim/BUILD @@ -87,12 +87,12 @@ go_library( "//pkg/kubelet/dockershim/cm:go_default_library", "//pkg/kubelet/dockershim/libdocker:go_default_library", "//pkg/kubelet/dockershim/metrics:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", + "//pkg/kubelet/dockershim/network/cni:go_default_library", + "//pkg/kubelet/dockershim/network/hostport:go_default_library", + "//pkg/kubelet/dockershim/network/kubenet:go_default_library", "//pkg/kubelet/kuberuntime:go_default_library", "//pkg/kubelet/leaky:go_default_library", - "//pkg/kubelet/network:go_default_library", - "//pkg/kubelet/network/cni:go_default_library", - "//pkg/kubelet/network/hostport:go_default_library", - "//pkg/kubelet/network/kubenet:go_default_library", "//pkg/kubelet/qos:go_default_library", "//pkg/kubelet/server/streaming:go_default_library", "//pkg/kubelet/types:go_default_library", @@ -152,9 +152,9 @@ go_test( "//pkg/kubelet/container:go_default_library", "//pkg/kubelet/container/testing:go_default_library", "//pkg/kubelet/dockershim/libdocker:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", + "//pkg/kubelet/dockershim/network/testing:go_default_library", "//pkg/kubelet/dockershim/testing:go_default_library", - "//pkg/kubelet/network:go_default_library", - "//pkg/kubelet/network/testing:go_default_library", "//pkg/kubelet/types:go_default_library", "//pkg/kubelet/util/cache:go_default_library", "//pkg/security/apparmor:go_default_library", @@ -184,6 +184,7 @@ filegroup( "//pkg/kubelet/dockershim/cm:all-srcs", "//pkg/kubelet/dockershim/libdocker:all-srcs", "//pkg/kubelet/dockershim/metrics:all-srcs", + "//pkg/kubelet/dockershim/network:all-srcs", "//pkg/kubelet/dockershim/remote:all-srcs", "//pkg/kubelet/dockershim/testing:all-srcs", ], diff --git a/pkg/kubelet/dockershim/docker_sandbox_test.go b/pkg/kubelet/dockershim/docker_sandbox_test.go index 609acd00016..e7d3796a882 100644 --- a/pkg/kubelet/dockershim/docker_sandbox_test.go +++ b/pkg/kubelet/dockershim/docker_sandbox_test.go @@ -30,7 +30,7 @@ import ( runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" "k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker" - "k8s.io/kubernetes/pkg/kubelet/network" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" "k8s.io/kubernetes/pkg/kubelet/types" ) diff --git a/pkg/kubelet/dockershim/docker_service.go b/pkg/kubelet/dockershim/docker_service.go index 67c8af7b5a4..fe8e84d1240 100644 --- a/pkg/kubelet/dockershim/docker_service.go +++ b/pkg/kubelet/dockershim/docker_service.go @@ -33,10 +33,10 @@ import ( kubecm "k8s.io/kubernetes/pkg/kubelet/cm" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" "k8s.io/kubernetes/pkg/kubelet/dockershim/cm" - "k8s.io/kubernetes/pkg/kubelet/network" - "k8s.io/kubernetes/pkg/kubelet/network/cni" - "k8s.io/kubernetes/pkg/kubelet/network/hostport" - "k8s.io/kubernetes/pkg/kubelet/network/kubenet" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/kubenet" "k8s.io/kubernetes/pkg/kubelet/server/streaming" "k8s.io/kubernetes/pkg/kubelet/util/cache" utilstore "k8s.io/kubernetes/pkg/kubelet/util/store" @@ -110,6 +110,9 @@ type NetworkPluginSettings struct { NonMasqueradeCIDR string // PluginName is the name of the plugin, runtime shim probes for PluginName string + // PluginBinDirsString is a list of directiores delimited by commas, in + // which the binaries for the plugin with PluginName may be found. + PluginBinDirString string // PluginBinDirs is an array of directories in which the binaries for // the plugin with PluginName may be found. The admin is responsible for // provisioning these binaries before-hand. @@ -120,13 +123,6 @@ type NetworkPluginSettings struct { PluginConfDir string // MTU is the desired MTU for network devices created by the plugin. MTU int - - // RuntimeHost is an interface that serves as a trap-door from plugin back - // into the kubelet. - // TODO: This shouldn't be required, remove once we move host ports into CNI - // and figure out bandwidth shaping. See corresponding comments above - // network.Host interface. - LegacyRuntimeHost network.LegacyHost } // namespaceGetter is a wrapper around the dockerService that implements @@ -153,7 +149,6 @@ func (p *portMappingGetter) GetPodPortMappings(containerID string) ([]*hostport. // and dockerServices which implements the rest of the network host interfaces. // The legacy host methods are slated for deletion. type dockerNetworkHost struct { - network.LegacyHost *namespaceGetter *portMappingGetter } @@ -228,11 +223,20 @@ func NewDockerService(config *ClientConfig, podSandboxImage string, streamingCon return nil, err } } + + // Determine the hairpin mode. + if err := effectiveHairpinMode(pluginSettings); err != nil { + // This is a non-recoverable error. Returning it up the callstack will just + // lead to retries of the same failure, so just fail hard. + return nil, err + } + glog.Infof("Hairpin mode set to %q", pluginSettings.HairpinMode) + // dockershim currently only supports CNI plugins. + pluginSettings.PluginBinDirs = cni.SplitDirs(pluginSettings.PluginBinDirString) cniPlugins := cni.ProbeNetworkPlugins(pluginSettings.PluginConfDir, pluginSettings.PluginBinDirs) cniPlugins = append(cniPlugins, kubenet.NewPlugin(pluginSettings.PluginBinDirs)) netHost := &dockerNetworkHost{ - pluginSettings.LegacyRuntimeHost, &namespaceGetter{ds}, &portMappingGetter{ds}, } @@ -506,3 +510,28 @@ func toAPIProtocol(protocol Protocol) v1.Protocol { glog.Warningf("Unknown protocol %q: defaulting to TCP", protocol) return v1.ProtocolTCP } + +// effectiveHairpinMode determines the effective hairpin mode given the +// configured mode, and whether cbr0 should be configured. +func effectiveHairpinMode(s *NetworkPluginSettings) error { + // The hairpin mode setting doesn't matter if: + // - We're not using a bridge network. This is hard to check because we might + // be using a plugin. + // - It's set to hairpin-veth for a container runtime that doesn't know how + // to set the hairpin flag on the veth's of containers. Currently the + // docker runtime is the only one that understands this. + // - It's set to "none". + if s.HairpinMode == kubeletconfig.PromiscuousBridge || s.HairpinMode == kubeletconfig.HairpinVeth { + if s.HairpinMode == kubeletconfig.PromiscuousBridge && s.PluginName != "kubenet" { + // This is not a valid combination, since promiscuous-bridge only works on kubenet. Users might be using the + // default values (from before the hairpin-mode flag existed) and we + // should keep the old behavior. + glog.Warningf("Hairpin mode set to %q but kubenet is not enabled, falling back to %q", s.HairpinMode, kubeletconfig.HairpinVeth) + s.HairpinMode = kubeletconfig.HairpinVeth + return nil + } + } else if s.HairpinMode != kubeletconfig.HairpinNone { + return fmt.Errorf("unknown value: %q", s.HairpinMode) + } + return nil +} diff --git a/pkg/kubelet/dockershim/docker_service_test.go b/pkg/kubelet/dockershim/docker_service_test.go index 9bbf4cb8f65..0f9724e224d 100644 --- a/pkg/kubelet/dockershim/docker_service_test.go +++ b/pkg/kubelet/dockershim/docker_service_test.go @@ -32,8 +32,8 @@ import ( runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2" containertest "k8s.io/kubernetes/pkg/kubelet/container/testing" "k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker" - "k8s.io/kubernetes/pkg/kubelet/network" - nettest "k8s.io/kubernetes/pkg/kubelet/network/testing" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" + nettest "k8s.io/kubernetes/pkg/kubelet/dockershim/network/testing" "k8s.io/kubernetes/pkg/kubelet/util/cache" ) diff --git a/pkg/kubelet/dockershim/network/BUILD b/pkg/kubelet/dockershim/network/BUILD new file mode 100644 index 00000000000..b1760d099a4 --- /dev/null +++ b/pkg/kubelet/dockershim/network/BUILD @@ -0,0 +1,46 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "network.go", + "plugins.go", + ], + importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network", + visibility = ["//visibility:public"], + deps = [ + "//pkg/kubelet/apis/kubeletconfig:go_default_library", + "//pkg/kubelet/container:go_default_library", + "//pkg/kubelet/dockershim/network/hostport:go_default_library", + "//pkg/kubelet/dockershim/network/metrics:go_default_library", + "//pkg/util/sysctl:go_default_library", + "//vendor/github.com/golang/glog:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library", + "//vendor/k8s.io/utils/exec:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//pkg/kubelet/dockershim/network/cni:all-srcs", + "//pkg/kubelet/dockershim/network/hairpin:all-srcs", + "//pkg/kubelet/dockershim/network/hostport:all-srcs", + "//pkg/kubelet/dockershim/network/kubenet:all-srcs", + "//pkg/kubelet/dockershim/network/metrics:all-srcs", + "//pkg/kubelet/dockershim/network/testing:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/kubelet/dockershim/network/OWNERS b/pkg/kubelet/dockershim/network/OWNERS new file mode 100644 index 00000000000..cb71f3b3de9 --- /dev/null +++ b/pkg/kubelet/dockershim/network/OWNERS @@ -0,0 +1,8 @@ +approvers: +- thockin +- dchen1107 +- matchstick +- freehan +reviewers: +- sig-network-reviewers + diff --git a/pkg/kubelet/network/cni/BUILD b/pkg/kubelet/dockershim/network/cni/BUILD similarity index 86% rename from pkg/kubelet/network/cni/BUILD rename to pkg/kubelet/dockershim/network/cni/BUILD index b21f8bee146..7fd7e2d1668 100644 --- a/pkg/kubelet/network/cni/BUILD +++ b/pkg/kubelet/dockershim/network/cni/BUILD @@ -46,11 +46,11 @@ go_library( ], "//conditions:default": [], }), - importpath = "k8s.io/kubernetes/pkg/kubelet/network/cni", + importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni", deps = [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", "//vendor/github.com/containernetworking/cni/libcni:go_default_library", "//vendor/github.com/containernetworking/cni/pkg/types:go_default_library", "//vendor/github.com/golang/glog:go_default_library", @@ -77,10 +77,10 @@ go_test( "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", "//pkg/kubelet/container/testing:go_default_library", - "//pkg/kubelet/network:go_default_library", - "//pkg/kubelet/network/cni/testing:go_default_library", - "//pkg/kubelet/network/hostport:go_default_library", - "//pkg/kubelet/network/testing:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", + "//pkg/kubelet/dockershim/network/cni/testing:go_default_library", + "//pkg/kubelet/dockershim/network/hostport:go_default_library", + "//pkg/kubelet/dockershim/network/testing:go_default_library", "//vendor/github.com/containernetworking/cni/pkg/types/020:go_default_library", "//vendor/github.com/stretchr/testify/mock:go_default_library", "//vendor/k8s.io/api/core/v1:go_default_library", @@ -104,7 +104,7 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//pkg/kubelet/network/cni/testing:all-srcs", + "//pkg/kubelet/dockershim/network/cni/testing:all-srcs", ], tags = ["automanaged"], ) diff --git a/pkg/kubelet/network/cni/cni.go b/pkg/kubelet/dockershim/network/cni/cni.go similarity index 99% rename from pkg/kubelet/network/cni/cni.go rename to pkg/kubelet/dockershim/network/cni/cni.go index d9d5bc22e70..776f3eeda85 100644 --- a/pkg/kubelet/network/cni/cni.go +++ b/pkg/kubelet/dockershim/network/cni/cni.go @@ -28,7 +28,7 @@ import ( "github.com/golang/glog" "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" - "k8s.io/kubernetes/pkg/kubelet/network" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" utilexec "k8s.io/utils/exec" ) diff --git a/pkg/kubelet/network/cni/cni_others.go b/pkg/kubelet/dockershim/network/cni/cni_others.go similarity index 97% rename from pkg/kubelet/network/cni/cni_others.go rename to pkg/kubelet/dockershim/network/cni/cni_others.go index cdc0c1a11f0..56f75ca3a96 100644 --- a/pkg/kubelet/network/cni/cni_others.go +++ b/pkg/kubelet/dockershim/network/cni/cni_others.go @@ -23,7 +23,7 @@ import ( "github.com/containernetworking/cni/libcni" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" - "k8s.io/kubernetes/pkg/kubelet/network" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" ) func getLoNetwork(binDirs []string) *cniNetwork { diff --git a/pkg/kubelet/network/cni/cni_test.go b/pkg/kubelet/dockershim/network/cni/cni_test.go similarity index 97% rename from pkg/kubelet/network/cni/cni_test.go rename to pkg/kubelet/dockershim/network/cni/cni_test.go index f1701a22d4b..6e23c1cdea3 100644 --- a/pkg/kubelet/network/cni/cni_test.go +++ b/pkg/kubelet/dockershim/network/cni/cni_test.go @@ -39,10 +39,10 @@ import ( "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" containertest "k8s.io/kubernetes/pkg/kubelet/container/testing" - "k8s.io/kubernetes/pkg/kubelet/network" - "k8s.io/kubernetes/pkg/kubelet/network/cni/testing" - "k8s.io/kubernetes/pkg/kubelet/network/hostport" - networktest "k8s.io/kubernetes/pkg/kubelet/network/testing" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni/testing" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport" + networktest "k8s.io/kubernetes/pkg/kubelet/dockershim/network/testing" "k8s.io/utils/exec" fakeexec "k8s.io/utils/exec/testing" ) diff --git a/pkg/kubelet/network/cni/cni_windows.go b/pkg/kubelet/dockershim/network/cni/cni_windows.go similarity index 97% rename from pkg/kubelet/network/cni/cni_windows.go rename to pkg/kubelet/dockershim/network/cni/cni_windows.go index 81cc5ca1fe1..82324b9ac53 100644 --- a/pkg/kubelet/network/cni/cni_windows.go +++ b/pkg/kubelet/dockershim/network/cni/cni_windows.go @@ -24,7 +24,7 @@ import ( cniTypes020 "github.com/containernetworking/cni/pkg/types/020" "github.com/golang/glog" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" - "k8s.io/kubernetes/pkg/kubelet/network" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" ) func getLoNetwork(binDirs []string) *cniNetwork { diff --git a/pkg/kubelet/network/cni/testing/BUILD b/pkg/kubelet/dockershim/network/cni/testing/BUILD similarity index 89% rename from pkg/kubelet/network/cni/testing/BUILD rename to pkg/kubelet/dockershim/network/cni/testing/BUILD index 30c27c0e6f8..efcec7de097 100644 --- a/pkg/kubelet/network/cni/testing/BUILD +++ b/pkg/kubelet/dockershim/network/cni/testing/BUILD @@ -8,7 +8,7 @@ load( go_library( name = "go_default_library", srcs = ["mock_cni.go"], - importpath = "k8s.io/kubernetes/pkg/kubelet/network/cni/testing", + importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni/testing", deps = [ "//vendor/github.com/containernetworking/cni/libcni:go_default_library", "//vendor/github.com/containernetworking/cni/pkg/types:go_default_library", diff --git a/pkg/kubelet/network/cni/testing/mock_cni.go b/pkg/kubelet/dockershim/network/cni/testing/mock_cni.go similarity index 100% rename from pkg/kubelet/network/cni/testing/mock_cni.go rename to pkg/kubelet/dockershim/network/cni/testing/mock_cni.go diff --git a/pkg/kubelet/network/hairpin/BUILD b/pkg/kubelet/dockershim/network/hairpin/BUILD similarity index 91% rename from pkg/kubelet/network/hairpin/BUILD rename to pkg/kubelet/dockershim/network/hairpin/BUILD index 6081b12b29c..94401b46922 100644 --- a/pkg/kubelet/network/hairpin/BUILD +++ b/pkg/kubelet/dockershim/network/hairpin/BUILD @@ -9,7 +9,7 @@ load( go_library( name = "go_default_library", srcs = ["hairpin.go"], - importpath = "k8s.io/kubernetes/pkg/kubelet/network/hairpin", + importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hairpin", deps = [ "//vendor/github.com/golang/glog:go_default_library", "//vendor/k8s.io/utils/exec:go_default_library", diff --git a/pkg/kubelet/network/hairpin/hairpin.go b/pkg/kubelet/dockershim/network/hairpin/hairpin.go similarity index 100% rename from pkg/kubelet/network/hairpin/hairpin.go rename to pkg/kubelet/dockershim/network/hairpin/hairpin.go diff --git a/pkg/kubelet/network/hairpin/hairpin_test.go b/pkg/kubelet/dockershim/network/hairpin/hairpin_test.go similarity index 100% rename from pkg/kubelet/network/hairpin/hairpin_test.go rename to pkg/kubelet/dockershim/network/hairpin/hairpin_test.go diff --git a/pkg/kubelet/network/hostport/BUILD b/pkg/kubelet/dockershim/network/hostport/BUILD similarity index 91% rename from pkg/kubelet/network/hostport/BUILD rename to pkg/kubelet/dockershim/network/hostport/BUILD index 7cc35a9c27a..afd8c42920e 100644 --- a/pkg/kubelet/network/hostport/BUILD +++ b/pkg/kubelet/dockershim/network/hostport/BUILD @@ -14,7 +14,7 @@ go_library( "hostport_manager.go", "hostport_syncer.go", ], - importpath = "k8s.io/kubernetes/pkg/kubelet/network/hostport", + importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport", deps = [ "//pkg/proxy/iptables:go_default_library", "//pkg/util/conntrack:go_default_library", @@ -56,7 +56,7 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//pkg/kubelet/network/hostport/testing:all-srcs", + "//pkg/kubelet/dockershim/network/hostport/testing:all-srcs", ], tags = ["automanaged"], ) diff --git a/pkg/kubelet/network/hostport/fake_iptables.go b/pkg/kubelet/dockershim/network/hostport/fake_iptables.go similarity index 100% rename from pkg/kubelet/network/hostport/fake_iptables.go rename to pkg/kubelet/dockershim/network/hostport/fake_iptables.go diff --git a/pkg/kubelet/network/hostport/fake_iptables_test.go b/pkg/kubelet/dockershim/network/hostport/fake_iptables_test.go similarity index 100% rename from pkg/kubelet/network/hostport/fake_iptables_test.go rename to pkg/kubelet/dockershim/network/hostport/fake_iptables_test.go diff --git a/pkg/kubelet/network/hostport/hostport.go b/pkg/kubelet/dockershim/network/hostport/hostport.go similarity index 100% rename from pkg/kubelet/network/hostport/hostport.go rename to pkg/kubelet/dockershim/network/hostport/hostport.go diff --git a/pkg/kubelet/network/hostport/hostport_manager.go b/pkg/kubelet/dockershim/network/hostport/hostport_manager.go similarity index 100% rename from pkg/kubelet/network/hostport/hostport_manager.go rename to pkg/kubelet/dockershim/network/hostport/hostport_manager.go diff --git a/pkg/kubelet/network/hostport/hostport_manager_test.go b/pkg/kubelet/dockershim/network/hostport/hostport_manager_test.go similarity index 100% rename from pkg/kubelet/network/hostport/hostport_manager_test.go rename to pkg/kubelet/dockershim/network/hostport/hostport_manager_test.go diff --git a/pkg/kubelet/network/hostport/hostport_syncer.go b/pkg/kubelet/dockershim/network/hostport/hostport_syncer.go similarity index 100% rename from pkg/kubelet/network/hostport/hostport_syncer.go rename to pkg/kubelet/dockershim/network/hostport/hostport_syncer.go diff --git a/pkg/kubelet/network/hostport/hostport_syncer_test.go b/pkg/kubelet/dockershim/network/hostport/hostport_syncer_test.go similarity index 100% rename from pkg/kubelet/network/hostport/hostport_syncer_test.go rename to pkg/kubelet/dockershim/network/hostport/hostport_syncer_test.go diff --git a/pkg/kubelet/network/hostport/hostport_test.go b/pkg/kubelet/dockershim/network/hostport/hostport_test.go similarity index 100% rename from pkg/kubelet/network/hostport/hostport_test.go rename to pkg/kubelet/dockershim/network/hostport/hostport_test.go diff --git a/pkg/kubelet/network/hostport/testing/BUILD b/pkg/kubelet/dockershim/network/hostport/testing/BUILD similarity index 72% rename from pkg/kubelet/network/hostport/testing/BUILD rename to pkg/kubelet/dockershim/network/hostport/testing/BUILD index 9616cf9e35d..2df330347af 100644 --- a/pkg/kubelet/network/hostport/testing/BUILD +++ b/pkg/kubelet/dockershim/network/hostport/testing/BUILD @@ -8,8 +8,8 @@ load( go_library( name = "go_default_library", srcs = ["fake.go"], - importpath = "k8s.io/kubernetes/pkg/kubelet/network/hostport/testing", - deps = ["//pkg/kubelet/network/hostport:go_default_library"], + importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport/testing", + deps = ["//pkg/kubelet/dockershim/network/hostport:go_default_library"], ) filegroup( diff --git a/pkg/kubelet/network/hostport/testing/fake.go b/pkg/kubelet/dockershim/network/hostport/testing/fake.go similarity index 95% rename from pkg/kubelet/network/hostport/testing/fake.go rename to pkg/kubelet/dockershim/network/hostport/testing/fake.go index 1d0a78f0b52..1d14c02ed90 100644 --- a/pkg/kubelet/network/hostport/testing/fake.go +++ b/pkg/kubelet/dockershim/network/hostport/testing/fake.go @@ -19,7 +19,7 @@ package testing import ( "fmt" - "k8s.io/kubernetes/pkg/kubelet/network/hostport" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport" ) type fakeSyncer struct{} diff --git a/pkg/kubelet/network/kubenet/BUILD b/pkg/kubelet/dockershim/network/kubenet/BUILD similarity index 82% rename from pkg/kubelet/network/kubenet/BUILD rename to pkg/kubelet/dockershim/network/kubenet/BUILD index d13c20baf94..869f297b628 100644 --- a/pkg/kubelet/network/kubenet/BUILD +++ b/pkg/kubelet/dockershim/network/kubenet/BUILD @@ -46,33 +46,33 @@ go_library( ], "//conditions:default": [], }), - importpath = "k8s.io/kubernetes/pkg/kubelet/network/kubenet", + importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/kubenet", deps = select({ "@io_bazel_rules_go//go/platform:android": [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", ], "@io_bazel_rules_go//go/platform:darwin": [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", ], "@io_bazel_rules_go//go/platform:dragonfly": [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", ], "@io_bazel_rules_go//go/platform:freebsd": [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", ], "@io_bazel_rules_go//go/platform:linux": [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", - "//pkg/kubelet/network/hostport:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", + "//pkg/kubelet/dockershim/network/hostport:go_default_library", "//pkg/util/bandwidth:go_default_library", "//pkg/util/dbus:go_default_library", "//pkg/util/ebtables:go_default_library", @@ -84,7 +84,6 @@ go_library( "//vendor/github.com/golang/glog:go_default_library", "//vendor/github.com/vishvananda/netlink:go_default_library", "//vendor/golang.org/x/sys/unix:go_default_library", - "//vendor/k8s.io/api/core/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library", "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library", "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library", @@ -93,32 +92,32 @@ go_library( "@io_bazel_rules_go//go/platform:nacl": [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", ], "@io_bazel_rules_go//go/platform:netbsd": [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", ], "@io_bazel_rules_go//go/platform:openbsd": [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", ], "@io_bazel_rules_go//go/platform:plan9": [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", ], "@io_bazel_rules_go//go/platform:solaris": [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", ], "@io_bazel_rules_go//go/platform:windows": [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", ], "//conditions:default": [], }), @@ -137,10 +136,10 @@ go_test( "@io_bazel_rules_go//go/platform:linux": [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", - "//pkg/kubelet/network/cni/testing:go_default_library", - "//pkg/kubelet/network/hostport/testing:go_default_library", - "//pkg/kubelet/network/testing:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", + "//pkg/kubelet/dockershim/network/cni/testing:go_default_library", + "//pkg/kubelet/dockershim/network/hostport/testing:go_default_library", + "//pkg/kubelet/dockershim/network/testing:go_default_library", "//pkg/util/bandwidth:go_default_library", "//pkg/util/iptables/testing:go_default_library", "//pkg/util/sysctl/testing:go_default_library", diff --git a/pkg/kubelet/network/kubenet/kubenet.go b/pkg/kubelet/dockershim/network/kubenet/kubenet.go similarity index 100% rename from pkg/kubelet/network/kubenet/kubenet.go rename to pkg/kubelet/dockershim/network/kubenet/kubenet.go diff --git a/pkg/kubelet/network/kubenet/kubenet_linux.go b/pkg/kubelet/dockershim/network/kubenet/kubenet_linux.go similarity index 77% rename from pkg/kubelet/network/kubenet/kubenet_linux.go rename to pkg/kubelet/dockershim/network/kubenet/kubenet_linux.go index 8c8904034a2..cba59b40fdd 100644 --- a/pkg/kubelet/network/kubenet/kubenet_linux.go +++ b/pkg/kubelet/dockershim/network/kubenet/kubenet_linux.go @@ -22,7 +22,6 @@ import ( "fmt" "io/ioutil" "net" - "path/filepath" "strings" "sync" "time" @@ -33,14 +32,13 @@ import ( "github.com/golang/glog" "github.com/vishvananda/netlink" "golang.org/x/sys/unix" - "k8s.io/api/core/v1" utilerrors "k8s.io/apimachinery/pkg/util/errors" utilnet "k8s.io/apimachinery/pkg/util/net" utilsets "k8s.io/apimachinery/pkg/util/sets" "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" - "k8s.io/kubernetes/pkg/kubelet/network" - "k8s.io/kubernetes/pkg/kubelet/network/hostport" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport" "k8s.io/kubernetes/pkg/util/bandwidth" utildbus "k8s.io/kubernetes/pkg/util/dbus" utilebtables "k8s.io/kubernetes/pkg/util/ebtables" @@ -299,9 +297,7 @@ func (plugin *kubenetNetworkPlugin) Capabilities() utilsets.Int { } // setup sets up networking through CNI using the given ns/name and sandbox ID. -// TODO: Don't pass the pod to this method, it only needs it for bandwidth -// shaping and hostport management. -func (plugin *kubenetNetworkPlugin) setup(namespace string, name string, id kubecontainer.ContainerID, pod *v1.Pod, annotations map[string]string) error { +func (plugin *kubenetNetworkPlugin) setup(namespace string, name string, id kubecontainer.ContainerID, annotations map[string]string) error { // Disable DAD so we skip the kernel delay on bringing up new interfaces. if err := plugin.disableContainerDAD(id); err != nil { glog.V(3).Infof("Failed to disable DAD in container: %v", err) @@ -364,36 +360,21 @@ func (plugin *kubenetNetworkPlugin) setup(namespace string, name string, id kube } } - // The host can choose to not support "legacy" features. The remote - // shim doesn't support it (#35457), but the kubelet does. - if plugin.host.SupportsLegacyFeatures() { - // Open any hostport the pod's containers want - activePodPortMappings, err := plugin.getPodPortMappings() - if err != nil { + // TODO: replace with CNI port-forwarding plugin + portMappings, err := plugin.host.GetPodPortMappings(id.ID) + if err != nil { + return err + } + if portMappings != nil && len(portMappings) > 0 { + if err := plugin.hostportManager.Add(id.ID, &hostport.PodPortMapping{ + Namespace: namespace, + Name: name, + PortMappings: portMappings, + IP: ip4, + HostNetwork: false, + }, BridgeName); err != nil { return err } - - newPodPortMapping := hostport.ConstructPodPortMapping(pod, ip4) - if err := plugin.hostportSyncer.OpenPodHostportsAndSync(newPodPortMapping, BridgeName, activePodPortMappings); err != nil { - return err - } - } else { - // TODO: replace with CNI port-forwarding plugin - portMappings, err := plugin.host.GetPodPortMappings(id.ID) - if err != nil { - return err - } - if portMappings != nil && len(portMappings) > 0 { - if err := plugin.hostportManager.Add(id.ID, &hostport.PodPortMapping{ - Namespace: namespace, - Name: name, - PortMappings: portMappings, - IP: ip4, - HostNetwork: false, - }, BridgeName); err != nil { - return err - } - } } return nil } @@ -407,38 +388,17 @@ func (plugin *kubenetNetworkPlugin) SetUpPod(namespace string, name string, id k glog.V(4).Infof("SetUpPod took %v for %s/%s", time.Since(start), namespace, name) }() - // TODO: Entire pod object only required for bw shaping and hostport. - pod, ok := plugin.host.GetPodByName(namespace, name) - if !ok { - return fmt.Errorf("pod %q cannot be found", name) - } - if err := plugin.Status(); err != nil { return fmt.Errorf("Kubenet cannot SetUpPod: %v", err) } - if err := plugin.setup(namespace, name, id, pod, annotations); err != nil { + if err := plugin.setup(namespace, name, id, annotations); err != nil { // Make sure everything gets cleaned up on errors podIP, _ := plugin.podIPs[id] if err := plugin.teardown(namespace, name, id, podIP); err != nil { // Not a hard error or warning glog.V(4).Infof("Failed to clean up %s/%s after SetUpPod failure: %v", namespace, name, err) } - - // TODO(#34278): Figure out if we need IP GC through the cri. - // The cri should always send us teardown events for stale sandboxes, - // this obviates the need for GC in the common case, for kubenet. - if plugin.host.SupportsLegacyFeatures() { - - // TODO: Remove this hack once we've figured out how to retrieve the netns - // of an exited container. Currently, restarting docker will leak a bunch of - // ips. This will exhaust available ip space unless we cleanup old ips. At the - // same time we don't want to try GC'ing them periodically as that could lead - // to a performance regression in starting pods. So on each setup failure, try - // GC on the assumption that the kubelet is going to retry pod creation, and - // when it does, there will be ips. - plugin.ipamGarbageCollection() - } return err } @@ -475,30 +435,18 @@ func (plugin *kubenetNetworkPlugin) teardown(namespace string, name string, id k } } - // The host can choose to not support "legacy" features. The remote - // shim doesn't support it (#35457), but the kubelet does. - if plugin.host.SupportsLegacyFeatures() { - activePodPortMapping, err := plugin.getPodPortMappings() - if err == nil { - err = plugin.hostportSyncer.SyncHostports(BridgeName, activePodPortMapping) - } - if err != nil { + portMappings, err := plugin.host.GetPodPortMappings(id.ID) + if err != nil { + errList = append(errList, err) + } else if portMappings != nil && len(portMappings) > 0 { + if err = plugin.hostportManager.Remove(id.ID, &hostport.PodPortMapping{ + Namespace: namespace, + Name: name, + PortMappings: portMappings, + HostNetwork: false, + }); err != nil { errList = append(errList, err) } - } else { - portMappings, err := plugin.host.GetPodPortMappings(id.ID) - if err != nil { - errList = append(errList, err) - } else if portMappings != nil && len(portMappings) > 0 { - if err = plugin.hostportManager.Remove(id.ID, &hostport.PodPortMapping{ - Namespace: namespace, - Name: name, - PortMappings: portMappings, - HostNetwork: false, - }); err != nil { - errList = append(errList, err) - } - } } return utilerrors.NewAggregate(errList) } @@ -599,119 +547,6 @@ func (plugin *kubenetNetworkPlugin) checkRequiredCNIPluginsInOneDir(dir string) return true } -// getNonExitedPods returns a list of pods that have at least one running container. -func (plugin *kubenetNetworkPlugin) getNonExitedPods() ([]*kubecontainer.Pod, error) { - ret := []*kubecontainer.Pod{} - pods, err := plugin.host.GetRuntime().GetPods(true) - if err != nil { - return nil, fmt.Errorf("Failed to retrieve pods from runtime: %v", err) - } - for _, p := range pods { - if podIsExited(p) { - continue - } - ret = append(ret, p) - } - return ret, nil -} - -func (plugin *kubenetNetworkPlugin) getPodPortMappings() ([]*hostport.PodPortMapping, error) { - pods, err := plugin.getNonExitedPods() - if err != nil { - return nil, err - } - activePodPortMappings := make([]*hostport.PodPortMapping, 0) - for _, p := range pods { - containerID, err := plugin.host.GetRuntime().GetPodContainerID(p) - if err != nil { - continue - } - ipString, ok := plugin.podIPs[containerID] - if !ok { - continue - } - podIP := net.ParseIP(ipString) - if podIP == nil { - continue - } - if pod, ok := plugin.host.GetPodByName(p.Namespace, p.Name); ok { - activePodPortMappings = append(activePodPortMappings, hostport.ConstructPodPortMapping(pod, podIP)) - } - } - return activePodPortMappings, nil -} - -// ipamGarbageCollection will release unused IP. -// kubenet uses the CNI bridge plugin, which stores allocated ips on file. Each -// file created under defaultIPAMDir has the format: ip/container-hash. So this -// routine looks for hashes that are not reported by the currently running docker, -// and invokes DelNetwork on each one. Note that this will only work for the -// current CNI bridge plugin, because we have no way of finding the NetNs. -func (plugin *kubenetNetworkPlugin) ipamGarbageCollection() { - glog.V(2).Infof("Starting IP garbage collection") - - ipamDir := filepath.Join(defaultIPAMDir, KubenetPluginName) - files, err := ioutil.ReadDir(ipamDir) - if err != nil { - glog.Errorf("Failed to list files in %q: %v", ipamDir, err) - return - } - - // gather containerIDs for allocated ips - ipContainerIdMap := make(map[string]string) - for _, file := range files { - // skip non checkpoint file - if ip := net.ParseIP(file.Name()); ip == nil { - continue - } - - content, err := ioutil.ReadFile(filepath.Join(ipamDir, file.Name())) - if err != nil { - glog.Errorf("Failed to read file %v: %v", file, err) - } - ipContainerIdMap[file.Name()] = strings.TrimSpace(string(content)) - } - - // gather infra container IDs of current running Pods - runningContainerIDs := utilsets.String{} - pods, err := plugin.getNonExitedPods() - if err != nil { - glog.Errorf("Failed to get pods: %v", err) - return - } - for _, pod := range pods { - containerID, err := plugin.host.GetRuntime().GetPodContainerID(pod) - if err != nil { - glog.Warningf("Failed to get infra containerID of %q/%q: %v", pod.Namespace, pod.Name, err) - continue - } - - runningContainerIDs.Insert(strings.TrimSpace(containerID.ID)) - } - - // release leaked ips - for ip, containerID := range ipContainerIdMap { - // if the container is not running, release IP - if runningContainerIDs.Has(containerID) { - continue - } - // CNI requires all config to be presented, although only containerID is needed in this case - rt := &libcni.RuntimeConf{ - ContainerID: containerID, - IfName: network.DefaultInterfaceName, - // TODO: How do we find the NetNs of an exited container? docker inspect - // doesn't show us the pid, so we probably need to checkpoint - NetNS: "", - } - - glog.V(2).Infof("Releasing IP %q allocated to %q.", ip, containerID) - // CNI bridge plugin should try to release IP and then return - if err := plugin.cniConfig.DelNetwork(plugin.netConfig, rt); err != nil { - glog.Errorf("Error while releasing IP: %v", err) - } - } -} - // podIsExited returns true if the pod is exited (all containers inside are exited). func podIsExited(p *kubecontainer.Pod) bool { for _, c := range p.Containers { diff --git a/pkg/kubelet/network/kubenet/kubenet_linux_test.go b/pkg/kubelet/dockershim/network/kubenet/kubenet_linux_test.go similarity index 96% rename from pkg/kubelet/network/kubenet/kubenet_linux_test.go rename to pkg/kubelet/dockershim/network/kubenet/kubenet_linux_test.go index 01f6a04b331..f9fd4067fee 100644 --- a/pkg/kubelet/network/kubenet/kubenet_linux_test.go +++ b/pkg/kubelet/dockershim/network/kubenet/kubenet_linux_test.go @@ -26,10 +26,10 @@ import ( "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" - "k8s.io/kubernetes/pkg/kubelet/network" - "k8s.io/kubernetes/pkg/kubelet/network/cni/testing" - hostporttest "k8s.io/kubernetes/pkg/kubelet/network/hostport/testing" - nettest "k8s.io/kubernetes/pkg/kubelet/network/testing" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni/testing" + hostporttest "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport/testing" + nettest "k8s.io/kubernetes/pkg/kubelet/dockershim/network/testing" "k8s.io/kubernetes/pkg/util/bandwidth" ipttest "k8s.io/kubernetes/pkg/util/iptables/testing" sysctltest "k8s.io/kubernetes/pkg/util/sysctl/testing" diff --git a/pkg/kubelet/network/kubenet/kubenet_unsupported.go b/pkg/kubelet/dockershim/network/kubenet/kubenet_unsupported.go similarity index 97% rename from pkg/kubelet/network/kubenet/kubenet_unsupported.go rename to pkg/kubelet/dockershim/network/kubenet/kubenet_unsupported.go index ba2ee3f531c..3fb4f966e6e 100644 --- a/pkg/kubelet/network/kubenet/kubenet_unsupported.go +++ b/pkg/kubelet/dockershim/network/kubenet/kubenet_unsupported.go @@ -23,7 +23,7 @@ import ( "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" - "k8s.io/kubernetes/pkg/kubelet/network" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" ) type kubenetNetworkPlugin struct { diff --git a/pkg/kubelet/network/metrics/BUILD b/pkg/kubelet/dockershim/network/metrics/BUILD similarity index 87% rename from pkg/kubelet/network/metrics/BUILD rename to pkg/kubelet/dockershim/network/metrics/BUILD index 6e3f4c4e50b..a473e363aca 100644 --- a/pkg/kubelet/network/metrics/BUILD +++ b/pkg/kubelet/dockershim/network/metrics/BUILD @@ -3,7 +3,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = ["metrics.go"], - importpath = "k8s.io/kubernetes/pkg/kubelet/network/metrics", + importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/metrics", visibility = ["//visibility:public"], deps = ["//vendor/github.com/prometheus/client_golang/prometheus:go_default_library"], ) diff --git a/pkg/kubelet/network/metrics/metrics.go b/pkg/kubelet/dockershim/network/metrics/metrics.go similarity index 100% rename from pkg/kubelet/network/metrics/metrics.go rename to pkg/kubelet/dockershim/network/metrics/metrics.go diff --git a/pkg/kubelet/network/network.go b/pkg/kubelet/dockershim/network/network.go similarity index 100% rename from pkg/kubelet/network/network.go rename to pkg/kubelet/dockershim/network/network.go diff --git a/pkg/kubelet/network/plugins.go b/pkg/kubelet/dockershim/network/plugins.go similarity index 90% rename from pkg/kubelet/network/plugins.go rename to pkg/kubelet/dockershim/network/plugins.go index 24e358943e9..21111fa7563 100644 --- a/pkg/kubelet/network/plugins.go +++ b/pkg/kubelet/dockershim/network/plugins.go @@ -24,16 +24,14 @@ import ( "time" "github.com/golang/glog" - "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" utilerrors "k8s.io/apimachinery/pkg/util/errors" utilsets "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/validation" - clientset "k8s.io/client-go/kubernetes" "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" - "k8s.io/kubernetes/pkg/kubelet/network/hostport" - "k8s.io/kubernetes/pkg/kubelet/network/metrics" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/metrics" utilsysctl "k8s.io/kubernetes/pkg/util/sysctl" utilexec "k8s.io/utils/exec" ) @@ -91,29 +89,6 @@ type PodNetworkStatus struct { IP net.IP `json:"ip" description:"Primary IP address of the pod"` } -// LegacyHost implements the methods required by network plugins that -// were directly invoked by the kubelet. Implementations of this interface -// that do not wish to support these features can simply return false -// to SupportsLegacyFeatures. -type LegacyHost interface { - // Get the pod structure by its name, namespace - // Only used for hostport management and bw shaping - GetPodByName(namespace, name string) (*v1.Pod, bool) - - // GetKubeClient returns a client interface - // Only used in testing - GetKubeClient() clientset.Interface - - // GetContainerRuntime returns the container runtime that implements the containers (e.g. docker/rkt) - // Only used for hostport management - GetRuntime() kubecontainer.Runtime - - // SupportsLegacyFeatures returns true if the network host support GetPodByName, KubeClient interface and kubelet - // runtime interface. These interfaces will no longer be implemented by CRI shims. - // This function helps network plugins to choose their behavior based on runtime. - SupportsLegacyFeatures() bool -} - // Host is an interface that plugins can use to access the kubelet. // TODO(#35457): get rid of this backchannel to the kubelet. The scope of // the back channel is restricted to host-ports/testing, and restricted @@ -126,12 +101,6 @@ type Host interface { // PortMappingGetter is a getter for sandbox port mapping information. PortMappingGetter - - // LegacyHost contains methods that trap back into the Kubelet. Dependence - // *do not* add more dependencies in this interface. In a post-cri world, - // network plugins will be invoked by the runtime shim, and should only - // require GetNetNS and GetPodPortMappings. - LegacyHost } // NamespaceGetter is an interface to retrieve namespace information for a given diff --git a/pkg/kubelet/network/testing/BUILD b/pkg/kubelet/dockershim/network/testing/BUILD similarity index 84% rename from pkg/kubelet/network/testing/BUILD rename to pkg/kubelet/dockershim/network/testing/BUILD index 8759b84797d..07ccc89c0b2 100644 --- a/pkg/kubelet/network/testing/BUILD +++ b/pkg/kubelet/dockershim/network/testing/BUILD @@ -12,13 +12,13 @@ go_library( "fake_host.go", "mock_network_plugin.go", ], - importpath = "k8s.io/kubernetes/pkg/kubelet/network/testing", + importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/testing", deps = [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", "//pkg/kubelet/container/testing:go_default_library", - "//pkg/kubelet/network:go_default_library", - "//pkg/kubelet/network/hostport:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", + "//pkg/kubelet/dockershim/network/hostport:go_default_library", "//vendor/github.com/golang/mock/gomock:go_default_library", "//vendor/k8s.io/api/core/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library", @@ -33,7 +33,7 @@ go_test( deps = [ "//pkg/kubelet/apis/kubeletconfig:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network:go_default_library", + "//pkg/kubelet/dockershim/network:go_default_library", "//pkg/util/sysctl/testing:go_default_library", "//vendor/github.com/golang/mock/gomock:go_default_library", "//vendor/github.com/stretchr/testify/assert:go_default_library", diff --git a/pkg/kubelet/network/testing/fake_host.go b/pkg/kubelet/dockershim/network/testing/fake_host.go similarity index 96% rename from pkg/kubelet/network/testing/fake_host.go rename to pkg/kubelet/dockershim/network/testing/fake_host.go index ca9999ff230..71dbf1d072b 100644 --- a/pkg/kubelet/network/testing/fake_host.go +++ b/pkg/kubelet/dockershim/network/testing/fake_host.go @@ -24,7 +24,7 @@ import ( clientset "k8s.io/client-go/kubernetes" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" containertest "k8s.io/kubernetes/pkg/kubelet/container/testing" - "k8s.io/kubernetes/pkg/kubelet/network/hostport" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport" ) type fakeNetworkHost struct { diff --git a/pkg/kubelet/network/testing/mock_network_plugin.go b/pkg/kubelet/dockershim/network/testing/mock_network_plugin.go similarity index 98% rename from pkg/kubelet/network/testing/mock_network_plugin.go rename to pkg/kubelet/dockershim/network/testing/mock_network_plugin.go index a13712f2061..72fc56f8973 100644 --- a/pkg/kubelet/network/testing/mock_network_plugin.go +++ b/pkg/kubelet/dockershim/network/testing/mock_network_plugin.go @@ -25,7 +25,7 @@ import ( sets "k8s.io/apimachinery/pkg/util/sets" "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig" container "k8s.io/kubernetes/pkg/kubelet/container" - network "k8s.io/kubernetes/pkg/kubelet/network" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" ) // Mock of NetworkPlugin interface diff --git a/pkg/kubelet/network/testing/plugins_test.go b/pkg/kubelet/dockershim/network/testing/plugins_test.go similarity index 99% rename from pkg/kubelet/network/testing/plugins_test.go rename to pkg/kubelet/dockershim/network/testing/plugins_test.go index 6398948fa3c..59772e0518f 100644 --- a/pkg/kubelet/network/testing/plugins_test.go +++ b/pkg/kubelet/dockershim/network/testing/plugins_test.go @@ -25,7 +25,7 @@ import ( utilsets "k8s.io/apimachinery/pkg/util/sets" "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" - "k8s.io/kubernetes/pkg/kubelet/network" + "k8s.io/kubernetes/pkg/kubelet/dockershim/network" sysctltest "k8s.io/kubernetes/pkg/util/sysctl/testing" "github.com/golang/mock/gomock" diff --git a/pkg/kubelet/dockershim/security_context.go b/pkg/kubelet/dockershim/security_context.go index 28b420b678d..d060144cb59 100644 --- a/pkg/kubelet/dockershim/security_context.go +++ b/pkg/kubelet/dockershim/security_context.go @@ -25,7 +25,7 @@ import ( dockercontainer "github.com/docker/docker/api/types/container" runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2" - knetwork "k8s.io/kubernetes/pkg/kubelet/network" + knetwork "k8s.io/kubernetes/pkg/kubelet/dockershim/network" ) // applySandboxSecurityContext updates docker sandbox options according to security context. diff --git a/pkg/kubelet/kubelet.go b/pkg/kubelet/kubelet.go index 1f232a36828..9a1755ffe7f 100644 --- a/pkg/kubelet/kubelet.go +++ b/pkg/kubelet/kubelet.go @@ -76,8 +76,6 @@ import ( "k8s.io/kubernetes/pkg/kubelet/logs" "k8s.io/kubernetes/pkg/kubelet/metrics" "k8s.io/kubernetes/pkg/kubelet/metrics/collectors" - "k8s.io/kubernetes/pkg/kubelet/network" - "k8s.io/kubernetes/pkg/kubelet/network/cni" "k8s.io/kubernetes/pkg/kubelet/network/dns" "k8s.io/kubernetes/pkg/kubelet/pleg" kubepod "k8s.io/kubernetes/pkg/kubelet/pod" @@ -238,7 +236,6 @@ type Dependencies struct { KubeClient clientset.Interface ExternalKubeClient clientset.Interface Mounter mount.Interface - NetworkPlugins []network.NetworkPlugin OOMAdjuster *oom.OOMAdjuster OSInterface kubecontainer.OSInterface PodConfig *config.PodConfig @@ -545,19 +542,6 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, glog.Infof("Experimental host user namespace defaulting is enabled.") } - hairpinMode, err := effectiveHairpinMode(kubeletconfiginternal.HairpinMode(kubeCfg.HairpinMode), containerRuntime, crOptions.NetworkPluginName) - if err != nil { - // This is a non-recoverable error. Returning it up the callstack will just - // lead to retries of the same failure, so just fail hard. - glog.Fatalf("Invalid hairpin mode: %v", err) - } - glog.Infof("Hairpin mode set to %q", hairpinMode) - - plug, err := network.InitNetworkPlugin(kubeDeps.NetworkPlugins, crOptions.NetworkPluginName, &criNetworkHost{&networkHost{klet}, &network.NoopPortMappingGetter{}}, hairpinMode, nonMasqueradeCIDR, int(crOptions.NetworkPluginMTU)) - if err != nil { - return nil, err - } - klet.networkPlugin = plug machineInfo, err := klet.cadvisor.MachineInfo() if err != nil { return nil, err @@ -581,31 +565,20 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, // TODO: These need to become arguments to a standalone docker shim. pluginSettings := dockershim.NetworkPluginSettings{ - HairpinMode: hairpinMode, - NonMasqueradeCIDR: nonMasqueradeCIDR, - PluginName: crOptions.NetworkPluginName, - PluginConfDir: crOptions.CNIConfDir, - PluginBinDirs: cni.SplitDirs(crOptions.CNIBinDir), - MTU: int(crOptions.NetworkPluginMTU), + HairpinMode: kubeletconfiginternal.HairpinMode(kubeCfg.HairpinMode), + NonMasqueradeCIDR: nonMasqueradeCIDR, + PluginName: crOptions.NetworkPluginName, + PluginConfDir: crOptions.CNIConfDir, + PluginBinDirString: crOptions.CNIBinDir, + MTU: int(crOptions.NetworkPluginMTU), } klet.resourceAnalyzer = serverstats.NewResourceAnalyzer(klet, kubeCfg.VolumeStatsAggPeriod.Duration) - // Remote runtime shim just cannot talk back to kubelet, so it doesn't - // support bandwidth shaping or hostports till #35457. To enable legacy - // features, replace with networkHost. - var nl *NoOpLegacyHost - pluginSettings.LegacyRuntimeHost = nl - if containerRuntime == "rkt" { glog.Fatalln("rktnetes has been deprecated in favor of rktlet. Please see https://github.com/kubernetes-incubator/rktlet for more information.") } - // kubelet defers to the runtime shim to setup networking. Setting - // this to nil will prevent it from trying to invoke the plugin. - // It's easier to always probe and initialize plugins till cri - // becomes the default. - klet.networkPlugin = nil // if left at nil, that means it is unneeded var legacyLogProvider kuberuntime.LegacyLogProvider @@ -940,9 +913,6 @@ type Kubelet struct { // Volume plugins. volumePluginMgr *volume.VolumePluginMgr - // Network plugin. - networkPlugin network.NetworkPlugin - // Handles container probing. probeManager prober.Manager // Manages container health check results. @@ -1330,7 +1300,6 @@ func (kl *Kubelet) Run(updates <-chan kubetypes.PodUpdate) { // Start syncing node status immediately, this may set up things the runtime needs to run. go wait.Until(kl.syncNodeStatus, kl.nodeStatusUpdateFrequency, wait.NeverStop) } - go wait.Until(kl.syncNetworkStatus, 30*time.Second, wait.NeverStop) go wait.Until(kl.updateRuntimeUp, 5*time.Second, wait.NeverStop) // Start loop to sync iptables util rules diff --git a/pkg/kubelet/kubelet_network.go b/pkg/kubelet/kubelet_network.go index 8656a7f5bec..fd7a84e4846 100644 --- a/pkg/kubelet/kubelet_network.go +++ b/pkg/kubelet/kubelet_network.go @@ -21,12 +21,7 @@ import ( "github.com/golang/glog" "k8s.io/api/core/v1" - clientset "k8s.io/client-go/kubernetes" runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2" - "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig" - kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" - "k8s.io/kubernetes/pkg/kubelet/network" - kubetypes "k8s.io/kubernetes/pkg/kubelet/types" utiliptables "k8s.io/kubernetes/pkg/util/iptables" ) @@ -45,106 +40,6 @@ const ( KubeFirewallChain utiliptables.Chain = "KUBE-FIREWALL" ) -// This just exports required functions from kubelet proper, for use by network -// plugins. -// TODO(#35457): get rid of this backchannel to the kubelet. The scope of -// the back channel is restricted to host-ports/testing, and restricted -// to kubenet. No other network plugin wrapper needs it. Other plugins -// only require a way to access namespace information, which they can do -// directly through the methods implemented by criNetworkHost. -type networkHost struct { - kubelet *Kubelet -} - -func (nh *networkHost) GetPodByName(name, namespace string) (*v1.Pod, bool) { - return nh.kubelet.GetPodByName(name, namespace) -} - -func (nh *networkHost) GetKubeClient() clientset.Interface { - return nh.kubelet.kubeClient -} - -func (nh *networkHost) GetRuntime() kubecontainer.Runtime { - return nh.kubelet.getRuntime() -} - -func (nh *networkHost) SupportsLegacyFeatures() bool { - return true -} - -// criNetworkHost implements the part of network.Host required by the -// cri (NamespaceGetter). It leechs off networkHost for all other -// methods, because networkHost is slated for deletion. -type criNetworkHost struct { - *networkHost - // criNetworkHost currently support legacy features. Hence no need to support PortMappingGetter - *network.NoopPortMappingGetter -} - -// GetNetNS returns the network namespace of the given containerID. -// This method satisfies the network.NamespaceGetter interface for -// networkHost. It's only meant to be used from network plugins -// that are directly invoked by the kubelet (aka: legacy, pre-cri). -// Any network plugin invoked by a cri must implement NamespaceGetter -// to talk directly to the runtime instead. -func (c *criNetworkHost) GetNetNS(containerID string) (string, error) { - return c.kubelet.getRuntime().GetNetNS(kubecontainer.ContainerID{Type: "", ID: containerID}) -} - -// NoOpLegacyHost implements the network.LegacyHost interface for the remote -// runtime shim by just returning empties. It doesn't support legacy features -// like host port and bandwidth shaping. -type NoOpLegacyHost struct{} - -// GetPodByName always returns "nil, true" for 'NoOpLegacyHost' -func (n *NoOpLegacyHost) GetPodByName(namespace, name string) (*v1.Pod, bool) { - return nil, true -} - -// GetKubeClient always returns "nil" for 'NoOpLegacyHost' -func (n *NoOpLegacyHost) GetKubeClient() clientset.Interface { - return nil -} - -// getRuntime always returns "nil" for 'NoOpLegacyHost' -func (n *NoOpLegacyHost) GetRuntime() kubecontainer.Runtime { - return nil -} - -// SupportsLegacyFeatures always returns "false" for 'NoOpLegacyHost' -func (n *NoOpLegacyHost) SupportsLegacyFeatures() bool { - return false -} - -// effectiveHairpinMode determines the effective hairpin mode given the -// configured mode, container runtime, and whether cbr0 should be configured. -func effectiveHairpinMode(hairpinMode kubeletconfig.HairpinMode, containerRuntime string, networkPlugin string) (kubeletconfig.HairpinMode, error) { - // The hairpin mode setting doesn't matter if: - // - We're not using a bridge network. This is hard to check because we might - // be using a plugin. - // - It's set to hairpin-veth for a container runtime that doesn't know how - // to set the hairpin flag on the veth's of containers. Currently the - // docker runtime is the only one that understands this. - // - It's set to "none". - if hairpinMode == kubeletconfig.PromiscuousBridge || hairpinMode == kubeletconfig.HairpinVeth { - // Only on docker. - if containerRuntime != kubetypes.DockerContainerRuntime { - glog.Warningf("Hairpin mode set to %q but container runtime is %q, ignoring", hairpinMode, containerRuntime) - return kubeletconfig.HairpinNone, nil - } - if hairpinMode == kubeletconfig.PromiscuousBridge && networkPlugin != "kubenet" { - // This is not a valid combination, since promiscuous-bridge only works on kubenet. Users might be using the - // default values (from before the hairpin-mode flag existed) and we - // should keep the old behavior. - glog.Warningf("Hairpin mode set to %q but kubenet is not enabled, falling back to %q", hairpinMode, kubeletconfig.HairpinVeth) - return kubeletconfig.HairpinVeth, nil - } - } else if hairpinMode != kubeletconfig.HairpinNone { - return "", fmt.Errorf("unknown value: %q", hairpinMode) - } - return hairpinMode, nil -} - // providerRequiresNetworkingConfiguration returns whether the cloud provider // requires special networking configuration. func (kl *Kubelet) providerRequiresNetworkingConfiguration() bool { @@ -159,16 +54,6 @@ func (kl *Kubelet) providerRequiresNetworkingConfiguration() bool { return supported } -// syncNetworkStatus updates the network state -func (kl *Kubelet) syncNetworkStatus() { - // For cri integration, network state will be updated in updateRuntimeUp, - // we'll get runtime network status through cri directly. - // TODO: Remove this once we completely switch to cri integration. - if kl.networkPlugin != nil { - kl.runtimeState.setNetworkState(kl.networkPlugin.Status()) - } -} - // updatePodCIDR updates the pod CIDR in the runtime state if it is different // from the current CIDR. func (kl *Kubelet) updatePodCIDR(cidr string) { @@ -178,14 +63,6 @@ func (kl *Kubelet) updatePodCIDR(cidr string) { return } - // kubelet -> network plugin - // cri runtime shims are responsible for their own network plugins - if kl.networkPlugin != nil { - details := make(map[string]interface{}) - details[network.NET_PLUGIN_EVENT_POD_CIDR_CHANGE_DETAIL_CIDR] = cidr - kl.networkPlugin.Event(network.NET_PLUGIN_EVENT_POD_CIDR_CHANGE, details) - } - // kubelet -> generic runtime -> runtime shim -> network plugin // docker/non-cri implementations have a passthrough UpdatePodCIDR if err := kl.getRuntime().UpdatePodCIDR(cidr); err != nil { diff --git a/pkg/kubelet/kubelet_network_test.go b/pkg/kubelet/kubelet_network_test.go index d9c3453b1a8..7e611766c42 100644 --- a/pkg/kubelet/kubelet_network_test.go +++ b/pkg/kubelet/kubelet_network_test.go @@ -22,76 +22,6 @@ import ( "github.com/stretchr/testify/assert" ) -func TestNetworkHostGetsPodNotFound(t *testing.T) { - testKubelet := newTestKubelet(t, true) - defer testKubelet.Cleanup() - nh := networkHost{testKubelet.kubelet} - - actualPod, _ := nh.GetPodByName("", "") - if actualPod != nil { - t.Fatalf("Was expected nil, received %v instead", actualPod) - } -} - -func TestNetworkHostGetsKubeClient(t *testing.T) { - testKubelet := newTestKubelet(t, true) - defer testKubelet.Cleanup() - nh := networkHost{testKubelet.kubelet} - - if nh.GetKubeClient() != testKubelet.fakeKubeClient { - t.Fatalf("NetworkHost client does not match testKubelet's client") - } -} - -func TestNetworkHostGetsRuntime(t *testing.T) { - testKubelet := newTestKubelet(t, true) - defer testKubelet.Cleanup() - nh := networkHost{testKubelet.kubelet} - - if nh.GetRuntime() != testKubelet.fakeRuntime { - t.Fatalf("NetworkHost runtime does not match testKubelet's runtime") - } -} - -func TestNetworkHostSupportsLegacyFeatures(t *testing.T) { - testKubelet := newTestKubelet(t, true) - defer testKubelet.Cleanup() - nh := networkHost{testKubelet.kubelet} - - if nh.SupportsLegacyFeatures() == false { - t.Fatalf("SupportsLegacyFeatures should not be false") - } -} - -func TestNoOpHostGetsName(t *testing.T) { - nh := NoOpLegacyHost{} - pod, err := nh.GetPodByName("", "") - if pod != nil && err != true { - t.Fatalf("noOpLegacyHost getpodbyname expected to be nil and true") - } -} - -func TestNoOpHostGetsKubeClient(t *testing.T) { - nh := NoOpLegacyHost{} - if nh.GetKubeClient() != nil { - t.Fatalf("noOpLegacyHost client expected to be nil") - } -} - -func TestNoOpHostGetsRuntime(t *testing.T) { - nh := NoOpLegacyHost{} - if nh.GetRuntime() != nil { - t.Fatalf("noOpLegacyHost runtime expected to be nil") - } -} - -func TestNoOpHostSupportsLegacyFeatures(t *testing.T) { - nh := NoOpLegacyHost{} - if nh.SupportsLegacyFeatures() != false { - t.Fatalf("noOpLegacyHost legacy features expected to be false") - } -} - func TestGetIPTablesMark(t *testing.T) { tests := []struct { bit int diff --git a/pkg/kubelet/kubelet_test.go b/pkg/kubelet/kubelet_test.go index 0a3bad14c34..be074af61a4 100644 --- a/pkg/kubelet/kubelet_test.go +++ b/pkg/kubelet/kubelet_test.go @@ -41,7 +41,6 @@ import ( "k8s.io/client-go/tools/record" "k8s.io/client-go/util/flowcontrol" "k8s.io/kubernetes/pkg/capabilities" - "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig" cadvisortest "k8s.io/kubernetes/pkg/kubelet/cadvisor/testing" "k8s.io/kubernetes/pkg/kubelet/cm" "k8s.io/kubernetes/pkg/kubelet/config" @@ -52,8 +51,6 @@ import ( "k8s.io/kubernetes/pkg/kubelet/images" "k8s.io/kubernetes/pkg/kubelet/lifecycle" "k8s.io/kubernetes/pkg/kubelet/logs" - "k8s.io/kubernetes/pkg/kubelet/network" - nettest "k8s.io/kubernetes/pkg/kubelet/network/testing" "k8s.io/kubernetes/pkg/kubelet/pleg" kubepod "k8s.io/kubernetes/pkg/kubelet/pod" podtest "k8s.io/kubernetes/pkg/kubelet/pod/testing" @@ -168,7 +165,6 @@ func newTestKubeletWithImageList( kubelet.nodeName = types.NodeName(testKubeletHostname) kubelet.runtimeState = newRuntimeState(maxWaitForContainerRuntime) kubelet.runtimeState.setNetworkState(nil) - kubelet.networkPlugin, _ = network.InitNetworkPlugin([]network.NetworkPlugin{}, "", nettest.NewFakeHost(nil), kubeletconfig.HairpinNone, "", 1440) if tempDir, err := ioutil.TempDir("/tmp", "kubelet_test."); err != nil { t.Fatalf("can't make a temp rootdir: %v", err) } else { diff --git a/pkg/kubelet/network/BUILD b/pkg/kubelet/network/BUILD index 51b32deeb27..1f62350aae9 100644 --- a/pkg/kubelet/network/BUILD +++ b/pkg/kubelet/network/BUILD @@ -1,34 +1,5 @@ package(default_visibility = ["//visibility:public"]) -load( - "@io_bazel_rules_go//go:def.bzl", - "go_library", -) - -go_library( - name = "go_default_library", - srcs = [ - "network.go", - "plugins.go", - ], - importpath = "k8s.io/kubernetes/pkg/kubelet/network", - deps = [ - "//pkg/kubelet/apis/kubeletconfig:go_default_library", - "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/network/hostport:go_default_library", - "//pkg/kubelet/network/metrics:go_default_library", - "//pkg/util/sysctl:go_default_library", - "//vendor/github.com/golang/glog:go_default_library", - "//vendor/k8s.io/api/core/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library", - "//vendor/k8s.io/client-go/kubernetes:go_default_library", - "//vendor/k8s.io/utils/exec:go_default_library", - ], -) - filegroup( name = "package-srcs", srcs = glob(["**"]), @@ -40,13 +11,7 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//pkg/kubelet/network/cni:all-srcs", "//pkg/kubelet/network/dns:all-srcs", - "//pkg/kubelet/network/hairpin:all-srcs", - "//pkg/kubelet/network/hostport:all-srcs", - "//pkg/kubelet/network/kubenet:all-srcs", - "//pkg/kubelet/network/metrics:all-srcs", - "//pkg/kubelet/network/testing:all-srcs", ], tags = ["automanaged"], ) diff --git a/pkg/kubelet/runonce_test.go b/pkg/kubelet/runonce_test.go index c9f01a744a3..63b37ff2ab7 100644 --- a/pkg/kubelet/runonce_test.go +++ b/pkg/kubelet/runonce_test.go @@ -30,15 +30,12 @@ import ( "k8s.io/client-go/kubernetes/fake" "k8s.io/client-go/tools/record" utiltesting "k8s.io/client-go/util/testing" - "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig" cadvisortest "k8s.io/kubernetes/pkg/kubelet/cadvisor/testing" "k8s.io/kubernetes/pkg/kubelet/cm" "k8s.io/kubernetes/pkg/kubelet/configmap" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" containertest "k8s.io/kubernetes/pkg/kubelet/container/testing" "k8s.io/kubernetes/pkg/kubelet/eviction" - "k8s.io/kubernetes/pkg/kubelet/network" - nettest "k8s.io/kubernetes/pkg/kubelet/network/testing" kubepod "k8s.io/kubernetes/pkg/kubelet/pod" podtest "k8s.io/kubernetes/pkg/kubelet/pod/testing" "k8s.io/kubernetes/pkg/kubelet/secret" @@ -111,7 +108,6 @@ func TestRunOnce(t *testing.T) { false, /* experimentalCheckNodeCapabilitiesBeforeMount */ false /* keepTerminatedPodVolumes */) - kb.networkPlugin, _ = network.InitNetworkPlugin([]network.NetworkPlugin{}, "", nettest.NewFakeHost(nil), kubeletconfig.HairpinNone, "", network.UseDefaultMTU) // TODO: Factor out "StatsProvider" from Kubelet so we don't have a cyclic dependency volumeStatsAggPeriod := time.Second * 10 kb.resourceAnalyzer = stats.NewResourceAnalyzer(kb, volumeStatsAggPeriod) diff --git a/pkg/kubelet/stats/BUILD b/pkg/kubelet/stats/BUILD index bebda0263e2..8cee7f265b7 100644 --- a/pkg/kubelet/stats/BUILD +++ b/pkg/kubelet/stats/BUILD @@ -55,7 +55,6 @@ go_library( "//pkg/kubelet/container:go_default_library", "//pkg/kubelet/kuberuntime:go_default_library", "//pkg/kubelet/leaky:go_default_library", - "//pkg/kubelet/network:go_default_library", "//pkg/kubelet/pod:go_default_library", "//pkg/kubelet/server/stats:go_default_library", "//pkg/kubelet/types:go_default_library", diff --git a/pkg/kubelet/stats/helper.go b/pkg/kubelet/stats/helper.go index cee923722a7..77f3a6569e8 100644 --- a/pkg/kubelet/stats/helper.go +++ b/pkg/kubelet/stats/helper.go @@ -27,9 +27,13 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1" "k8s.io/kubernetes/pkg/kubelet/cadvisor" - "k8s.io/kubernetes/pkg/kubelet/network" ) +// defaultNetworkInterfaceName is used for collectng network stats. +// This logic relies on knowledge of the container runtime implementation and +// is not reliable. +const defaultNetworkInterfaceName = "eth0" + func cadvisorInfoToCPUandMemoryStats(info *cadvisorapiv2.ContainerInfo) (*statsapi.CPUStats, *statsapi.MemoryStats) { cstat, found := latestContainerStats(info) if !found { @@ -153,7 +157,7 @@ func cadvisorInfoToNetworkStats(name string, info *cadvisorapiv2.ContainerInfo) TxErrors: &inter.TxErrors, } - if inter.Name == network.DefaultInterfaceName { + if inter.Name == defaultNetworkInterfaceName { iStats.InterfaceStats = iStat }