Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade CNI spec from 0.4.0 to 1.0.0 #2632

Merged
merged 1 commit into from
Nov 1, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -206,6 +206,7 @@ multi-arch-cni-init-build-push:
# Run unit tests
unit-test: export AWS_VPC_K8S_CNI_LOG_FILE=stdout
unit-test: ## Run unit tests
go test -v $(VENDOR_OVERRIDE_FLAG) -coverprofile=coverage.txt -covermode=atomic ./cmd/...
go test -v $(VENDOR_OVERRIDE_FLAG) -coverprofile=coverage.txt -covermode=atomic ./pkg/...

# Run unit tests with race detection (can only be run natively)
Expand Down
8 changes: 5 additions & 3 deletions cmd/egress-cni-plugin/egressContext.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ import (
"time"

"github.com/containernetworking/cni/pkg/types"
"github.com/containernetworking/cni/pkg/types/current"
current "github.com/containernetworking/cni/pkg/types/100"
"github.com/containernetworking/plugins/pkg/ns"
"github.com/coreos/go-iptables/iptables"
"github.com/vishvananda/netlink"
Expand Down Expand Up @@ -116,7 +116,8 @@ func (ec *egressContext) setupContainerVethV4() (*current.Interface, *current.In
containerInterface := &current.Interface{}

err := ec.Ns.WithNetNSPath(ec.NsPath, func(hostNS ns.NetNS) error {
hostVeth, contVeth0, err := ec.Veth.Setup(ec.NetConf.IfName, ec.Mtu, hostNS)
// Empty veth MAC is passed
hostVeth, contVeth0, err := ec.Veth.Setup(ec.NetConf.IfName, ec.Mtu, "", hostNS)
if err != nil {
return err
}
Expand Down Expand Up @@ -481,7 +482,8 @@ func (ec *egressContext) setupContainerVethV6() (hostInterface, containerInterfa
var hostVeth net.Interface
var contVeth net.Interface

hostVeth, contVeth, err = ec.Veth.Setup(ec.NetConf.IfName, ec.Mtu, hostNS)
// Empty veth MAC is passed
hostVeth, contVeth, err = ec.Veth.Setup(ec.NetConf.IfName, ec.Mtu, "", hostNS)
if err != nil {
return err
}
Expand Down
2 changes: 1 addition & 1 deletion cmd/egress-cni-plugin/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ import (

"github.com/containernetworking/cni/pkg/skel"
"github.com/containernetworking/cni/pkg/types"
"github.com/containernetworking/cni/pkg/types/current"
current "github.com/containernetworking/cni/pkg/types/100"
cniversion "github.com/containernetworking/cni/pkg/version"
"github.com/containernetworking/plugins/pkg/utils"
)
Expand Down
28 changes: 14 additions & 14 deletions cmd/egress-cni-plugin/main_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ func TestCmdAddV4(t *testing.T) {
ContainerID: containerIDV4,
IfName: "eth0",
StdinData: []byte(`{
"cniVersion":"0.4.0",
"cniVersion":"1.0.0",
"mtu":"9001",
"name":"aws-cni",
"enabled":"true",
Expand All @@ -55,7 +55,7 @@ func TestCmdAddV4(t *testing.T) {
"podSGEnforcingMode":"strict",
"prevResult":
{
"cniVersion":"0.4.0",
"cniVersion":"1.0.0",
"interfaces":
[
{"name":"eni36e5b0ee702"},
Expand Down Expand Up @@ -94,13 +94,13 @@ func TestCmdAddV4(t *testing.T) {
fmt.Sprintf("nat POSTROUTING -s 169.254.172.10 -j %s -m comment --comment name: \"aws-cni\" id: \"%s\"", snatChainV4, containerIDV4)}
assert.EqualValues(t, expectIptablesRules, actualIptablesRules)

expectRouteDel := []string{"route del: {Ifindex: 2 Dst: 169.254.172.0/22 Src: <nil> Gw: <nil> Flags: [] Table: 0}"}
expectRouteDel := []string{"route del: {Ifindex: 2 Dst: 169.254.172.0/22 Src: <nil> Gw: <nil> Flags: [] Table: 0 Realm: 0}"}
assert.EqualValues(t, expectRouteDel, actualRouteDel)

expectRouteAdd := []string{
"route add: {Ifindex: 2 Dst: 169.254.172.1/32 Src: 169.254.172.10 Gw: <nil> Flags: [] Table: 0}",
"route add: {Ifindex: 2 Dst: 169.254.172.0/22 Src: 169.254.172.10 Gw: 169.254.172.1 Flags: [] Table: 0}",
"route add: {Ifindex: 100 Dst: 169.254.172.10/32 Src: <nil> Gw: <nil> Flags: [] Table: 0}"}
"route add: {Ifindex: 2 Dst: 169.254.172.1/32 Src: 169.254.172.10 Gw: <nil> Flags: [] Table: 0 Realm: 0}",
"route add: {Ifindex: 2 Dst: 169.254.172.0/22 Src: 169.254.172.10 Gw: 169.254.172.1 Flags: [] Table: 0 Realm: 0}",
"route add: {Ifindex: 100 Dst: 169.254.172.10/32 Src: <nil> Gw: <nil> Flags: [] Table: 0 Realm: 0}"}
assert.EqualValues(t, expectRouteAdd, actualRouteAdd)

// the unit test write some output string not ends with '\n' and this cause go runner unable to interpret that a test was run.
Expand All @@ -115,7 +115,7 @@ func TestCmdDelV4(t *testing.T) {
ContainerID: containerIDV4,
IfName: "eth0",
StdinData: []byte(`{
"cniVersion":"0.4.0",
"cniVersion":"1.0.0",
"mtu":"9001",
"name":"aws-cni",
"enabled":"true",
Expand All @@ -126,7 +126,7 @@ func TestCmdDelV4(t *testing.T) {
"podSGEnforcingMode":"strict",
"prevResult":
{
"cniVersion":"0.4.0",
"cniVersion":"1.0.0",
"interfaces":
[
{"name":"eni36e5b0ee702"},
Expand Down Expand Up @@ -170,7 +170,7 @@ func TestCmdAddV6(t *testing.T) {
ContainerID: containerIDV6,
IfName: "eth0",
StdinData: []byte(`{
"cniVersion":"0.4.0",
"cniVersion":"1.0.0",
"mtu":"9001",
"name":"aws-cni",
"enabled":"true",
Expand All @@ -181,7 +181,7 @@ func TestCmdAddV6(t *testing.T) {
"podSGEnforcingMode":"strict",
"prevResult":
{
"cniVersion":"0.4.0",
"cniVersion":"1.0.0",
"interfaces":
[
{"name":"eni36e5b0ee702"},
Expand Down Expand Up @@ -220,10 +220,10 @@ func TestCmdAddV6(t *testing.T) {
fmt.Sprintf("nat POSTROUTING -s fd00::10 -j %s -m comment --comment name: \"aws-cni\" id: \"%s\"", snatChainV6, containerIDV6)}
assert.EqualValues(t, expectIptablesRules, actualIptablesRules)

expectRouteAdd := []string{"{Ifindex: 100 Dst: fd00::10/128 Src: <nil> Gw: <nil> Flags: [] Table: 0}"}
expectRouteAdd := []string{"{Ifindex: 100 Dst: fd00::10/128 Src: <nil> Gw: <nil> Flags: [] Table: 0 Realm: 0}"}
assert.EqualValues(t, expectRouteAdd, actualRouteAdd)

expectRouteReplace := []string{"{Ifindex: 2 Dst: ::/0 Src: <nil> Gw: fe80::10 Flags: [] Table: 0}"}
expectRouteReplace := []string{"{Ifindex: 2 Dst: ::/0 Src: <nil> Gw: fe80::10 Flags: [] Table: 0 Realm: 0}"}
assert.EqualValues(t, expectRouteReplace, actualRouteReplace)

// the unit test write some output string not ends with '\n' and this cause go runner unable to interpret that a test was run.
Expand All @@ -238,7 +238,7 @@ func TestCmdDelV6(t *testing.T) {
ContainerID: containerIDV6,
IfName: "eth0",
StdinData: []byte(`{
"cniVersion":"0.4.0",
"cniVersion":"1.0.0",
"mtu":"9001",
"name":"aws-cni",
"enabled":"true",
Expand All @@ -249,7 +249,7 @@ func TestCmdDelV6(t *testing.T) {
"podSGEnforcingMode":"strict",
"prevResult":
{
"cniVersion":"0.4.0",
"cniVersion":"1.0.0",
"interfaces":
[
{"name":"eni36e5b0ee702"},
Expand Down
16 changes: 7 additions & 9 deletions cmd/egress-cni-plugin/test_utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ import (
"fmt"
"net"

"github.com/containernetworking/cni/pkg/types/current"
current "github.com/containernetworking/cni/pkg/types/100"
_ns "github.com/containernetworking/plugins/pkg/ns"
"github.com/golang/mock/gomock"
"github.com/vishvananda/netlink"
Expand All @@ -44,10 +44,9 @@ func SetupAddExpectV4(ec egressContext, chain string, actualIptablesRules, actua

ec.Ipam.(*mock_ipam.MockHostIpam).EXPECT().ExecAdd("host-local", gomock.Any()).Return(
&current.Result{
CNIVersion: "0.4.0",
CNIVersion: "1.0.0",
IPs: []*current.IPConfig{
&current.IPConfig{
Version: "4",
{
Address: net.IPNet{
IP: net.ParseIP("169.254.172.10"),
Mask: net.CIDRMask(22, 32),
Expand All @@ -66,7 +65,7 @@ func SetupAddExpectV4(ec egressContext, chain string, actualIptablesRules, actua
f(nsParent)
}).Return(nil)

ec.Veth.(*mock_veth.MockVeth).EXPECT().Setup(egressIPv4InterfaceName, 9001, gomock.Any()).Return(
ec.Veth.(*mock_veth.MockVeth).EXPECT().Setup(egressIPv4InterfaceName, 9001, "", gomock.Any()).Return(
net.Interface{
Name: HostIfName,
HardwareAddr: macHost[:],
Expand Down Expand Up @@ -188,10 +187,9 @@ func SetupAddExpectV6(c egressContext, chain string, actualIptablesRules, actual

c.Ipam.(*mock_ipam.MockHostIpam).EXPECT().ExecAdd("host-local", gomock.Any()).Return(
&current.Result{
CNIVersion: "0.4.0",
CNIVersion: "1.0.0",
IPs: []*current.IPConfig{
&current.IPConfig{
Version: "6",
{
Address: net.IPNet{
IP: net.ParseIP("fd00::10"),
Mask: net.CIDRMask(8, 128),
Expand All @@ -209,7 +207,7 @@ func SetupAddExpectV6(c egressContext, chain string, actualIptablesRules, actual
f(nsParent)
}).Return(nil).AnyTimes()

c.Veth.(*mock_veth.MockVeth).EXPECT().Setup(egressIPv6InterfaceName, 9001, gomock.Any()).Return(
c.Veth.(*mock_veth.MockVeth).EXPECT().Setup(egressIPv6InterfaceName, 9001, "", gomock.Any()).Return(
net.Interface{
Name: HostIfName,
HardwareAddr: macHost[:],
Expand Down
11 changes: 5 additions & 6 deletions cmd/routed-eni-cni-plugin/cni.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ import (

"github.com/containernetworking/cni/pkg/skel"
"github.com/containernetworking/cni/pkg/types"
"github.com/containernetworking/cni/pkg/types/current"
current "github.com/containernetworking/cni/pkg/types/100"
cniSpecVersion "github.com/containernetworking/cni/pkg/version"
"github.com/pkg/errors"
"golang.org/x/net/context"
Expand Down Expand Up @@ -187,24 +187,23 @@ func add(args *skel.CmdArgs, cniTypes typeswrapper.CNITYPES, grpcClient grpcwrap

// We will let the values in result struct guide us in terms of IP Address Family configured.
var v4Addr, v6Addr, addr *net.IPNet
var addrFamily string

// We don't support dual stack mode currently so it has to be either v4 or v6 mode.
if r.IPv4Addr != "" {
v4Addr = &net.IPNet{
IP: net.ParseIP(r.IPv4Addr),
Mask: net.CIDRMask(32, 32),
}
addrFamily = "4"
addr = v4Addr
} else if r.IPv6Addr != "" {
v6Addr = &net.IPNet{
IP: net.ParseIP(r.IPv6Addr),
Mask: net.CIDRMask(128, 128),
}
addrFamily = "6"
addr = v6Addr
}
// AddNetwork guarantees that Gateway string is a valid IPNet
gw := net.ParseIP(r.PodENISubnetGW)

var hostVethName string
var dummyInterface *current.Interface
Expand Down Expand Up @@ -257,9 +256,9 @@ func add(args *skel.CmdArgs, cniTypes typeswrapper.CNITYPES, grpcClient grpcwrap
containerInterfaceIndex := 1
ips := []*current.IPConfig{
{
Version: addrFamily,
Address: *addr,
Interface: &containerInterfaceIndex,
Address: *addr,
Gateway: gw,
},
}

Expand Down
20 changes: 4 additions & 16 deletions cmd/routed-eni-cni-plugin/cni_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ import (
"github.com/aws/amazon-vpc-cni-k8s/pkg/sgpp"
"github.com/aws/amazon-vpc-cni-k8s/pkg/utils/logger"
"github.com/aws/aws-sdk-go/aws"
"github.com/containernetworking/cni/pkg/types/current"
current "github.com/containernetworking/cni/pkg/types/100"

"github.com/containernetworking/cni/pkg/skel"
"github.com/containernetworking/cni/pkg/types"
Expand All @@ -42,7 +42,7 @@ const (
containerID = "test-container"
netNS = "/proc/ns/1234"
ifName = "eth0"
cniVersion = "1.0"
cniVersion = "1.1"
cniName = "aws-cni"
pluginLogLevel = "Debug"
pluginLogFile = "/var/log/aws-routed-eni/plugin.log"
Expand Down Expand Up @@ -233,8 +233,9 @@ func TestCmdDelErrDelNetwork(t *testing.T) {

mockC.EXPECT().DelNetwork(gomock.Any(), gomock.Any()).Return(delNetworkReply, errors.New("error on DelNetwork"))

// On DelNetwork fail, the CNI must not return an error to kubelet as deletes are best-effort.
err := del(cmdArgs, mocksTypes, mocksGRPC, mocksRPC, mocksNetwork)
assert.Error(t, err)
assert.Nil(t, err)
}

func TestCmdDelErrTeardown(t *testing.T) {
Expand Down Expand Up @@ -396,7 +397,6 @@ func Test_tryDelWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down Expand Up @@ -449,7 +449,6 @@ func Test_tryDelWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down Expand Up @@ -503,7 +502,6 @@ func Test_tryDelWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down Expand Up @@ -541,7 +539,6 @@ func Test_tryDelWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down Expand Up @@ -583,7 +580,6 @@ func Test_tryDelWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down Expand Up @@ -625,7 +621,6 @@ func Test_tryDelWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down Expand Up @@ -662,7 +657,6 @@ func Test_tryDelWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down Expand Up @@ -796,7 +790,6 @@ func Test_teardownPodNetworkWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down Expand Up @@ -849,7 +842,6 @@ func Test_teardownPodNetworkWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down Expand Up @@ -886,7 +878,6 @@ func Test_teardownPodNetworkWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down Expand Up @@ -928,7 +919,6 @@ func Test_teardownPodNetworkWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down Expand Up @@ -969,7 +959,6 @@ func Test_teardownPodNetworkWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down Expand Up @@ -1010,7 +999,6 @@ func Test_teardownPodNetworkWithPrevResult(t *testing.T) {
},
IPs: []*current.IPConfig{
{
Version: "4",
Address: net.IPNet{
IP: net.ParseIP("192.168.1.1"),
Mask: net.CIDRMask(32, 32),
Expand Down
Loading
Loading