Skip to content

Commit

Permalink
feat: add new none network
Browse files Browse the repository at this point in the history
Signed-off-by: Anthony Rusdi <anthony.rusdi@gmail.com>
  • Loading branch information
antrusd committed Apr 2, 2024
1 parent 2356582 commit 61de67e
Showing 2 changed files with 84 additions and 1 deletion.
25 changes: 24 additions & 1 deletion cmd/rootlesskit/main.go
Original file line number Diff line number Diff line change
@@ -21,6 +21,7 @@ import (
"github.com/rootless-containers/rootlesskit/v2/pkg/network/pasta"
"github.com/rootless-containers/rootlesskit/v2/pkg/network/slirp4netns"
"github.com/rootless-containers/rootlesskit/v2/pkg/network/vpnkit"
"github.com/rootless-containers/rootlesskit/v2/pkg/network/none"
"github.com/rootless-containers/rootlesskit/v2/pkg/parent"
"github.com/rootless-containers/rootlesskit/v2/pkg/port/builtin"
"github.com/rootless-containers/rootlesskit/v2/pkg/port/portutil"
@@ -83,7 +84,7 @@ See https://rootlesscontaine.rs/getting-started/common/ .
}, CategoryState),
Categorize(&cli.StringFlag{
Name: "net",
Usage: "network driver [host, pasta(experimental), slirp4netns, vpnkit, lxc-user-nic(experimental)]",
Usage: "network driver [host, none, pasta(experimental), slirp4netns, vpnkit, lxc-user-nic(experimental)]",
Value: "host",
}, CategoryNetwork),
Categorize(&cli.StringFlag{
@@ -388,6 +389,26 @@ func createParentOpt(clicontext *cli.Context, pipeFDEnvKey, stateDirEnvKey, pare
if ifname != "" {
return opt, errors.New("ifname cannot be specified for --net=host")
}
case "none":
if mtu != 0 {
logrus.Warnf("unsupported mtu for --net=none: %d", mtu)
}
if ipnet != nil {
return opt, errors.New("custom cidr is not supported for --net=none")
}
if ifname != "" {
return opt, errors.New("ifname cannot be specified for --net=none")
}
switch portDriver := clicontext.String("port-driver"); portDriver {
case "none":
// NOP
default:
return opt, errors.New("network \"none\" requires port driver \"none\"")
}
opt.NetworkDriver, err = none.NewParentDriver()
if err != nil {
return opt, err
}
case "pasta":
logrus.Warn("\"pasta\" network driver is experimental. Needs very recent version of pasta (see docs/network.md).")
binary := clicontext.String("pasta-binary")
@@ -582,6 +603,8 @@ func createChildOpt(clicontext *cli.Context, pipeFDEnvKey, stateDirEnvKey string
switch s := clicontext.String("net"); s {
case "host":
// NOP
case "none":
// NOP
case "pasta":
opt.NetworkDriver = pasta.NewChildDriver()
case "slirp4netns":
60 changes: 60 additions & 0 deletions pkg/network/none/none.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
package none

import (
"context"
"os"
"os/exec"
"strconv"
"syscall"

"github.com/rootless-containers/rootlesskit/v2/pkg/api"
"github.com/rootless-containers/rootlesskit/v2/pkg/common"
"github.com/rootless-containers/rootlesskit/v2/pkg/messages"
"github.com/rootless-containers/rootlesskit/v2/pkg/network"
)

func NewParentDriver() (network.ParentDriver, error) {
return &parentDriver{}, nil
}

type parentDriver struct {
}

const DriverName = "none"

func (d *parentDriver) MTU() int {
return 0
}

func (d *parentDriver) Info(ctx context.Context) (*api.NetworkDriverInfo, error) {
return &api.NetworkDriverInfo{
Driver: DriverName,
}, nil
}

func (d *parentDriver) ConfigureNetwork(childPID int, stateDir, detachedNetNSPath string) (*messages.ParentInitNetworkDriverCompleted, func() error, error) {
var cleanups []func() error

cmds := [][]string{
[]string{"nsenter", "-t", strconv.Itoa(childPID), "--no-fork", "-n", "-m", "-U", "--preserve-credentials", "ip", "address", "add", "127.0.0.1/8", "dev", "lo"},
[]string{"nsenter", "-t", strconv.Itoa(childPID), "--no-fork", "-n", "-m", "-U", "--preserve-credentials", "ip", "link", "set", "lo", "up"},
}
if err := common.Execs(os.Stderr, os.Environ(), cmds); err != nil {
return nil, nil, err
}

if detachedNetNSPath != "" {
cmd := exec.Command("nsenter", "-t", strconv.Itoa(childPID), "-n"+detachedNetNSPath, "--no-fork", "-m", "-U", "--preserve-credentials", "sleep", "infinity")
cmd.SysProcAttr = &syscall.SysProcAttr{
Pdeathsig: syscall.SIGKILL,
}
err := cmd.Start()
if err != nil {
return nil, nil, err
}
childPID = cmd.Process.Pid
}

netmsg := messages.ParentInitNetworkDriverCompleted{}
return &netmsg, common.Seq(cleanups), nil
}

0 comments on commit 61de67e

Please sign in to comment.