summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--contrib/rootless-cni-infra/Containerfile2
-rwxr-xr-xcontrib/rootless-cni-infra/rootless-cni-infra18
2 files changed, 19 insertions, 1 deletions
diff --git a/contrib/rootless-cni-infra/Containerfile b/contrib/rootless-cni-infra/Containerfile
index 5be30ccc9..6bf70d644 100644
--- a/contrib/rootless-cni-infra/Containerfile
+++ b/contrib/rootless-cni-infra/Containerfile
@@ -34,4 +34,4 @@ COPY rootless-cni-infra /usr/local/bin
ENV CNI_PATH=/opt/cni/bin
CMD ["sleep", "infinity"]
-ENV ROOTLESS_CNI_INFRA_VERSION=1
+ENV ROOTLESS_CNI_INFRA_VERSION=2
diff --git a/contrib/rootless-cni-infra/rootless-cni-infra b/contrib/rootless-cni-infra/rootless-cni-infra
index f6622b23c..5cb43621d 100755
--- a/contrib/rootless-cni-infra/rootless-cni-infra
+++ b/contrib/rootless-cni-infra/rootless-cni-infra
@@ -4,6 +4,23 @@ set -eu
ARG0="$0"
BASE="/run/rootless-cni-infra"
+wait_unshare_net() {
+ pid="$1"
+ # NOTE: busybox shell doesn't support the `for ((i=0; i < $MAX; i++)); do foo; done` statement
+ i=0
+ while :; do
+ if [ "$(readlink /proc/self/ns/net)" != "$(readlink /proc/${pid}/ns/net)" ]; then
+ break
+ fi
+ sleep 0.1
+ if [ $i -ge 10 ]; then
+ echo >&2 "/proc/${pid}/ns/net cannot be unshared"
+ exit 1
+ fi
+ i=$((i + 1))
+ done
+}
+
# CLI subcommand: "alloc $CONTAINER_ID $NETWORK_NAME $POD_NAME"
cmd_entrypoint_alloc() {
if [ "$#" -ne 3 ]; then
@@ -24,6 +41,7 @@ cmd_entrypoint_alloc() {
else
unshare -n sleep infinity &
pid="$!"
+ wait_unshare_net "${pid}"
echo "${pid}" >"${dir}/pid"
nsenter -t "${pid}" -n ip link set lo up
fi