summaryrefslogtreecommitdiff
path: root/libpod/network/network.go
diff options
context:
space:
mode:
authorbaude <bbaude@redhat.com>2021-02-04 12:58:55 -0600
committerbaude <bbaude@redhat.com>2021-02-06 07:37:29 -0600
commit91ea3fabd625a891487cd0d9b130ac71366ecb74 (patch)
treec281268da8fd605a19006725d9ecda97d9bab988 /libpod/network/network.go
parentc421127dd7f700829a8e5265d8ddad102061bebc (diff)
downloadpodman-91ea3fabd625a891487cd0d9b130ac71366ecb74.tar.gz
podman-91ea3fabd625a891487cd0d9b130ac71366ecb74.tar.bz2
podman-91ea3fabd625a891487cd0d9b130ac71366ecb74.zip
add network prune
add the ability to prune unused cni networks. filters are not implemented but included both compat and podman api endpoints. Fixes :#8673 Signed-off-by: baude <bbaude@redhat.com>
Diffstat (limited to 'libpod/network/network.go')
-rw-r--r--libpod/network/network.go50
1 files changed, 42 insertions, 8 deletions
diff --git a/libpod/network/network.go b/libpod/network/network.go
index 0ff14c1f7..cdaef6c13 100644
--- a/libpod/network/network.go
+++ b/libpod/network/network.go
@@ -11,6 +11,7 @@ import (
"github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator"
"github.com/containers/common/pkg/config"
"github.com/containers/podman/v2/libpod/define"
+ "github.com/containers/podman/v2/pkg/domain/entities"
"github.com/containers/podman/v2/pkg/rootless"
"github.com/containers/podman/v2/pkg/util"
"github.com/pkg/errors"
@@ -174,14 +175,9 @@ func ValidateUserNetworkIsAvailable(config *config.Config, userNet *net.IPNet) e
return nil
}
-// RemoveNetwork removes a given network by name. If the network has container associated with it, that
-// must be handled outside the context of this.
-func RemoveNetwork(config *config.Config, name string) error {
- l, err := acquireCNILock(config)
- if err != nil {
- return err
- }
- defer l.releaseCNILock()
+// removeNetwork is removes a cni network without a lock and should only be called
+// when a lock was otherwise acquired.
+func removeNetwork(config *config.Config, name string) error {
cniPath, err := GetCNIConfigPathByNameOrID(config, name)
if err != nil {
return err
@@ -213,6 +209,17 @@ func RemoveNetwork(config *config.Config, name string) error {
return nil
}
+// RemoveNetwork removes a given network by name. If the network has container associated with it, that
+// must be handled outside the context of this.
+func RemoveNetwork(config *config.Config, name string) error {
+ l, err := acquireCNILock(config)
+ if err != nil {
+ return err
+ }
+ defer l.releaseCNILock()
+ return removeNetwork(config, name)
+}
+
// InspectNetwork reads a CNI config and returns its configuration
func InspectNetwork(config *config.Config, name string) (map[string]interface{}, error) {
b, err := ReadRawCNIConfByName(config, name)
@@ -243,3 +250,30 @@ func GetNetworkID(name string) string {
hash := sha256.Sum256([]byte(name))
return hex.EncodeToString(hash[:])
}
+
+// PruneNetworks removes networks that are not being used and that is not the default
+// network. To keep proper fencing for imports, you must provide the used networks
+// to this function as a map. the key is meaningful in the map, the book is a no-op
+func PruneNetworks(rtc *config.Config, usedNetworks map[string]bool) ([]*entities.NetworkPruneReport, error) {
+ var reports []*entities.NetworkPruneReport
+ lock, err := acquireCNILock(rtc)
+ if err != nil {
+ return nil, err
+ }
+ defer lock.releaseCNILock()
+ nets, err := GetNetworkNamesFromFileSystem(rtc)
+ if err != nil {
+ return nil, err
+ }
+ for _, n := range nets {
+ _, found := usedNetworks[n]
+ // Remove is not default network and not found in the used list
+ if n != rtc.Network.DefaultNetwork && !found {
+ reports = append(reports, &entities.NetworkPruneReport{
+ Name: n,
+ Error: removeNetwork(rtc, n),
+ })
+ }
+ }
+ return reports, nil
+}