rancher/plugins
1
0
Fork 1
mirror of https://github.com/rancher/plugins.git synced 2025-08-25 06:14:09 +00:00
Code Issues Projects Releases Wiki Activity
k3s has removed some standard plugins, which we need. So fork and add it back.
1,258 Commits 17 Branches 66 Tags 23 MiB
Go 99.7%
Shell 0.3%
112288ecb2
Go to file
Ihar Hrachyshka 112288ecb2 Unlock OS thread after netns is restored 
The current ns package code is very careful about not leaving the calling
thread with the overridden namespace set, for example when origns.Set() fails.
This is achieved by starting a new green thread, locking its OS thread, and
never unlocking it. Which makes golang runtime to scrap the OS thread backing
the green thread after the go routine exits.

While this works, it's probably not as optimal: stopping and starting a new OS
thread is expensive and may be avoided if we unlock the thread after resetting
network namespace to the original. On the other hand, if resetting fails, it's
better to leave the thread locked and die.

While it won't work in all cases, we can still make an attempt to reuse the OS
thread when resetting the namespace succeeds. This can be achieved by unlocking
the thread conditionally to the namespace reset success.

Signed-off-by: Ihar Hrachyshka <ihrachys@redhat.com>
2020-02-20 17:24:36 -05:00
integration integration: fix ip address collision in integration tests 2019-11-11 13:36:21 +01:00
pkg Unlock OS thread after netns is restored 2020-02-20 17:24:36 -05:00
plugins Make host-device to work with virtio net device 2020-02-11 18:05:37 +01:00
scripts add support for mips64le 2020-01-06 15:51:47 +08:00
vendor bump go-iptables module to v0.4.5 2019-12-16 17:42:20 +01:00
.gitignore Update Vendor 2018-09-21 00:34:07 +08:00
.travis.yml add support for mips64le 2020-01-06 15:51:47 +08:00
build_linux.sh Move over to go mod from dep 2019-06-26 02:07:23 -07:00
build_windows.sh Move over to go mod from dep 2019-06-26 02:07:23 -07:00
CONTRIBUTING.md Merge pull request #396 from oshothebig/contributing-doc 2019-10-09 10:21:03 -05:00
DCO Add missing DCO 2018-10-11 16:15:24 +01:00
go.mod bump go-iptables module to v0.4.5 2019-12-16 17:42:20 +01:00
go.sum bump go-iptables module to v0.4.5 2019-12-16 17:42:20 +01:00
LICENSE Initial commit 2017-03-10 16:46:52 +01:00
OWNERS.md owners: updates for maintainer changes 2020-02-19 10:23:21 -06:00
README.md Add Check support to firewall meta plugin, test cases 2019-04-12 14:37:21 -04:00
RELEASING.md Add release process 2017-07-11 13:57:49 -07:00
test_linux.sh testutils: newNS() works in a rootless user namespace 2019-10-19 12:04:53 +02:00
test_windows.sh Move Windows tests to Travis 2018-12-10 14:43:32 -08:00
Vagrantfile update Go version in Vagrantfile 2019-07-09 16:51:00 -07:00

README.md

Build Status

plugins

Some CNI network plugins, maintained by the containernetworking team. For more information, see the individual READMEs.

Read CONTRIBUTING for build and test instructions.

Plugins supplied:

Main: interface-creating

  • bridge: Creates a bridge, adds the host and the container to it.
  • ipvlan: Adds an ipvlan interface in the container.
  • loopback: Set the state of loopback interface to up.
  • macvlan: Creates a new MAC address, forwards all traffic to that to the container.
  • ptp: Creates a veth pair.
  • vlan: Allocates a vlan device.
  • host-device: Move an already-existing device into a container.

Windows: windows specific

  • win-bridge: Creates a bridge, adds the host and the container to it.
  • win-overlay: Creates an overlay interface to the container.

IPAM: IP address allocation

  • dhcp: Runs a daemon on the host to make DHCP requests on behalf of the container
  • host-local: Maintains a local database of allocated IPs
  • static: Allocate a static IPv4/IPv6 addresses to container and it's useful in debugging purpose.

Meta: other plugins

  • flannel: Generates an interface corresponding to a flannel config file
  • tuning: Tweaks sysctl parameters of an existing interface
  • portmap: An iptables-based portmapping plugin. Maps ports from the host's address space to the container.
  • bandwidth: Allows bandwidth-limiting through use of traffic control tbf (ingress/egress).
  • sbr: A plugin that configures source based routing for an interface (from which it is chained).
  • firewall: A firewall plugin which uses iptables or firewalld to add rules to allow traffic to/from the container.

Sample

The sample plugin provides an example for building your own plugin.