mirror of
https://github.com/containers/podman.git
synced 2025-07-10 15:34:46 +08:00
rootless-cni-infra v3: fix cleaning up DNS entries
Fix "Old DNS entries are not cleaned up" by passing CNI_ARGS to `cnitool del`. Fix #7789 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
This commit is contained in:
contrib/rootless-cni-infra
@ -2,8 +2,7 @@ ARG GOLANG_VERSION=1.15
|
|||||||
ARG ALPINE_VERSION=3.12
|
ARG ALPINE_VERSION=3.12
|
||||||
ARG CNI_VERSION=v0.8.0
|
ARG CNI_VERSION=v0.8.0
|
||||||
ARG CNI_PLUGINS_VERSION=v0.8.7
|
ARG CNI_PLUGINS_VERSION=v0.8.7
|
||||||
# Aug 20, 2020
|
ARG DNSNAME_VESION=v1.0.0
|
||||||
ARG DNSNAME_VESION=78b4da7bbfc51c27366da630e1df1c4f2e8b1b5b
|
|
||||||
|
|
||||||
FROM golang:${GOLANG_VERSION}-alpine${ALPINE_VERSION} AS golang-base
|
FROM golang:${GOLANG_VERSION}-alpine${ALPINE_VERSION} AS golang-base
|
||||||
RUN apk add --no-cache git
|
RUN apk add --no-cache git
|
||||||
@ -34,4 +33,4 @@ COPY rootless-cni-infra /usr/local/bin
|
|||||||
ENV CNI_PATH=/opt/cni/bin
|
ENV CNI_PATH=/opt/cni/bin
|
||||||
CMD ["sleep", "infinity"]
|
CMD ["sleep", "infinity"]
|
||||||
|
|
||||||
ENV ROOTLESS_CNI_INFRA_VERSION=2
|
ENV ROOTLESS_CNI_INFRA_VERSION=3
|
||||||
|
@ -22,3 +22,4 @@ The container images live on `quay.io/libpod/rootless-cni-infra`. The tags have
|
|||||||
|
|
||||||
* `/run/rootless-cni-infra/${CONTAINER_ID}/pid`: PID of the `sleep infinity` process that corresponds to the allocated netns
|
* `/run/rootless-cni-infra/${CONTAINER_ID}/pid`: PID of the `sleep infinity` process that corresponds to the allocated netns
|
||||||
* `/run/rootless-cni-infra/${CONTAINER_ID}/attached/${NETWORK_NAME}`: CNI result
|
* `/run/rootless-cni-infra/${CONTAINER_ID}/attached/${NETWORK_NAME}`: CNI result
|
||||||
|
* `/run/rootless-cni-infra/${CONTAINER_ID}/attached-args/${NETWORK_NAME}`: CNI args
|
||||||
|
@ -33,7 +33,7 @@ cmd_entrypoint_alloc() {
|
|||||||
K8S_POD_NAME="$3"
|
K8S_POD_NAME="$3"
|
||||||
|
|
||||||
dir="${BASE}/${ID}"
|
dir="${BASE}/${ID}"
|
||||||
mkdir -p "${dir}/attached"
|
mkdir -p "${dir}/attached" "${dir}/attached-args"
|
||||||
|
|
||||||
pid=""
|
pid=""
|
||||||
if [ -f "${dir}/pid" ]; then
|
if [ -f "${dir}/pid" ]; then
|
||||||
@ -50,6 +50,7 @@ cmd_entrypoint_alloc() {
|
|||||||
CNI_IFNAME="eth${nwcount}"
|
CNI_IFNAME="eth${nwcount}"
|
||||||
export CNI_ARGS CNI_IFNAME
|
export CNI_ARGS CNI_IFNAME
|
||||||
cnitool add "${NET}" "/proc/${pid}/ns/net" >"${dir}/attached/${NET}"
|
cnitool add "${NET}" "/proc/${pid}/ns/net" >"${dir}/attached/${NET}"
|
||||||
|
echo "${CNI_ARGS}" >"${dir}/attached-args/${NET}"
|
||||||
|
|
||||||
# return the result
|
# return the result
|
||||||
ns="/proc/${pid}/ns/net"
|
ns="/proc/${pid}/ns/net"
|
||||||
@ -71,8 +72,12 @@ cmd_entrypoint_dealloc() {
|
|||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
pid=$(cat "${dir}/pid")
|
pid=$(cat "${dir}/pid")
|
||||||
|
if [ -f "${dir}/attached-args/${NET}" ]; then
|
||||||
|
CNI_ARGS=$(cat "${dir}/attached-args/${NET}")
|
||||||
|
export CNI_ARGS
|
||||||
|
fi
|
||||||
cnitool del "${NET}" "/proc/${pid}/ns/net"
|
cnitool del "${NET}" "/proc/${pid}/ns/net"
|
||||||
rm -f "${dir}/attached/${NET}"
|
rm -f "${dir}/attached/${NET}" "${dir}/attached-args/${NET}"
|
||||||
|
|
||||||
nwcount=$(find "${dir}/attached" -type f | wc -l)
|
nwcount=$(find "${dir}/attached" -type f | wc -l)
|
||||||
if [ "${nwcount}" = 0 ]; then
|
if [ "${nwcount}" = 0 ]; then
|
||||||
|
Reference in New Issue
Block a user