diff options
| author | Paul Holzinger <pholzing@redhat.com> | 2021-10-20 15:55:22 +0200 |
|---|---|---|
| committer | Paul Holzinger <pholzing@redhat.com> | 2021-11-11 16:25:19 +0100 |
| commit | 4febe557692aeec8ca9d9b9cdc732772ba7d5876 (patch) | |
| tree | 0d8bd9c4d3809ca099315fb2437ece00690260be /libpod/network/netavark/run.go | |
| parent | eaae29462880aa0fb17e8d448cc79519e070e64f (diff) | |
| download | podman-4febe557692aeec8ca9d9b9cdc732772ba7d5876.tar.gz podman-4febe557692aeec8ca9d9b9cdc732772ba7d5876.tar.bz2 podman-4febe557692aeec8ca9d9b9cdc732772ba7d5876.zip | |
netavark IPAM assignment
Add a new boltdb to handle IPAM assignment.
The db structure is the following:
Each network has their own bucket with the network name as bucket key.
Inside the network bucket there is an ID bucket which maps the container ID (key)
to a json array of ip addresses (value).
The network bucket also has a bucket for each subnet, the subnet is used as key.
Inside the subnet bucket an ip is used as key and the container ID as value.
The db should be stored on a tmpfs to ensure we always have a clean
state after a reboot.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Diffstat (limited to 'libpod/network/netavark/run.go')
| -rw-r--r-- | libpod/network/netavark/run.go | 43 |
1 files changed, 36 insertions, 7 deletions
diff --git a/libpod/network/netavark/run.go b/libpod/network/netavark/run.go index bd26e957e..2f839151e 100644 --- a/libpod/network/netavark/run.go +++ b/libpod/network/netavark/run.go @@ -32,21 +32,29 @@ func (n *netavarkNetwork) Setup(namespacePath string, options types.SetupOptions return nil, err } - // TODO IP address assignment + // allocate IPs in the IPAM db + err = n.allocIPs(&options.NetworkOptions) + if err != nil { + return nil, err + } netavarkOpts, err := n.convertNetOpts(options.NetworkOptions) if err != nil { return nil, errors.Wrap(err, "failed to convert net opts") } - b, err := json.Marshal(&netavarkOpts) - if err != nil { - return nil, err + // trace output to get the json + if logrus.IsLevelEnabled(logrus.TraceLevel) { + b, err := json.Marshal(&netavarkOpts) + if err != nil { + return nil, err + } + // show the full netavark command so we can easily reproduce errors from the cli + logrus.Tracef("netavark command: printf '%s' | %s setup %s", string(b), n.netavarkBinary, namespacePath) } - fmt.Println(string(b)) result := map[string]types.StatusBlock{} - err = execNetavark(n.netavarkBinary, []string{"setup", namespacePath}, netavarkOpts, result) + err = execNetavark(n.netavarkBinary, []string{"setup", namespacePath}, netavarkOpts, &result) if len(result) != len(options.Networks) { logrus.Errorf("unexpected netavark result: %v", result) @@ -65,12 +73,33 @@ func (n *netavarkNetwork) Teardown(namespacePath string, options types.TeardownO return err } + // get IPs from the IPAM db + err = n.getAssignedIPs(&options.NetworkOptions) + if err != nil { + // when there is an error getting the ips we should still continue + // to call teardown for netavark to prevent leaking network interfaces + logrus.Error(err) + } + netavarkOpts, err := n.convertNetOpts(options.NetworkOptions) if err != nil { return errors.Wrap(err, "failed to convert net opts") } - return execNetavark(n.netavarkBinary, []string{"teardown", namespacePath}, netavarkOpts, nil) + retErr := execNetavark(n.netavarkBinary, []string{"teardown", namespacePath}, netavarkOpts, nil) + + // when netavark returned an error we still free the used ips + // otherwise we could end up in a state where block the ips forever + err = n.deallocIPs(&netavarkOpts.NetworkOptions) + if err != nil { + if retErr != nil { + logrus.Error(err) + } else { + retErr = err + } + } + + return retErr } func (n *netavarkNetwork) convertNetOpts(opts types.NetworkOptions) (*netavarkOptions, error) { |