Merge pull request #7841 from AkihiroSuda/fix-7789

rootless-cni-infra v3: fix cleaning up DNS entries
2020-09-30 12:41:57 +00:00 · 2020-09-30 12:41:57 +00:00 · 451f003ce9
parent 6fd0e9bb73 515b919438
commit 451f003ce9
4 changed files with 11 additions and 6 deletions
--- a/contrib/rootless-cni-infra/Containerfile
+++ b/contrib/rootless-cni-infra/Containerfile
@ -2,8 +2,7 @@ ARG GOLANG_VERSION=1.15
 ARG ALPINE_VERSION=3.12
 ARG CNI_VERSION=v0.8.0
 ARG CNI_PLUGINS_VERSION=v0.8.7
-# Aug 20, 2020
-ARG DNSNAME_VESION=78b4da7bbfc51c27366da630e1df1c4f2e8b1b5b
+ARG DNSNAME_VESION=v1.0.0

 FROM golang:${GOLANG_VERSION}-alpine${ALPINE_VERSION} AS golang-base
 RUN apk add --no-cache git
@ -34,4 +33,4 @@ COPY rootless-cni-infra /usr/local/bin
 ENV CNI_PATH=/opt/cni/bin
 CMD ["sleep", "infinity"]

-ENV ROOTLESS_CNI_INFRA_VERSION=2
+ENV ROOTLESS_CNI_INFRA_VERSION=3
--- a/contrib/rootless-cni-infra/README.md
+++ b/contrib/rootless-cni-infra/README.md
@ -22,3 +22,4 @@ The container images live on `quay.io/libpod/rootless-cni-infra`.  The tags have

 * `/run/rootless-cni-infra/${CONTAINER_ID}/pid`: PID of the `sleep infinity` process that corresponds to the allocated netns
 * `/run/rootless-cni-infra/${CONTAINER_ID}/attached/${NETWORK_NAME}`: CNI result
+* `/run/rootless-cni-infra/${CONTAINER_ID}/attached-args/${NETWORK_NAME}`: CNI args
--- a/contrib/rootless-cni-infra/rootless-cni-infra
+++ b/contrib/rootless-cni-infra/rootless-cni-infra
@ -33,7 +33,7 @@ cmd_entrypoint_alloc() {
 	K8S_POD_NAME="$3"

 	dir="${BASE}/${ID}"
-	mkdir -p "${dir}/attached"
+	mkdir -p "${dir}/attached" "${dir}/attached-args"

 	pid=""
 	if [ -f "${dir}/pid" ]; then
@ -50,6 +50,7 @@ cmd_entrypoint_alloc() {
 	CNI_IFNAME="eth${nwcount}"
 	export CNI_ARGS CNI_IFNAME
 	cnitool add "${NET}" "/proc/${pid}/ns/net" >"${dir}/attached/${NET}"
+	echo "${CNI_ARGS}" >"${dir}/attached-args/${NET}"

 	# return the result
 	ns="/proc/${pid}/ns/net"
@ -71,8 +72,12 @@ cmd_entrypoint_dealloc() {
 		exit 0
 	fi
 	pid=$(cat "${dir}/pid")
+	if [ -f "${dir}/attached-args/${NET}" ]; then
+		CNI_ARGS=$(cat "${dir}/attached-args/${NET}")
+		export CNI_ARGS
+	fi
 	cnitool del "${NET}" "/proc/${pid}/ns/net"
-	rm -f "${dir}/attached/${NET}"
+	rm -f "${dir}/attached/${NET}" "${dir}/attached-args/${NET}"

 	nwcount=$(find "${dir}/attached" -type f | wc -l)
 	if [ "${nwcount}" = 0 ]; then
--- a/libpod/rootless_cni_linux.go
+++ b/libpod/rootless_cni_linux.go
@ -25,7 +25,7 @@ import (

 // Built from ../contrib/rootless-cni-infra.
 var rootlessCNIInfraImage = map[string]string{
-	"amd64": "quay.io/libpod/rootless-cni-infra@sha256:e92c3a6367f8e554121b96d39af1f19f0f9ac5a32922b290112e13bc661d3a29", // 2-amd64
+	"amd64": "quay.io/libpod/rootless-cni-infra@sha256:304742d5d221211df4ec672807a5842ff11e3729c50bc424ea0cea858f69d7b7", // 3-amd64
 }

 const (