summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
Diffstat (limited to 'libpod')
-rw-r--r--libpod/options.go15
-rw-r--r--libpod/runtime.go15
2 files changed, 30 insertions, 0 deletions
diff --git a/libpod/options.go b/libpod/options.go
index 8a12c61e4..1fe472ccc 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -250,6 +250,21 @@ func WithNoPivotRoot(noPivot bool) RuntimeOption {
}
}
+// WithCNIDirs sets the CNI configuration and network plugin directories used by
+// the CNI network plugins
+func WithCNIDirs(cniConfigDir, cniPluginDir string) RuntimeOption {
+ return func(rt *Runtime) error {
+ if rt.valid {
+ return ErrRuntimeFinalized
+ }
+
+ rt.config.CNIConfigDir = cniConfigDir
+ rt.config.CNIPluginDir = cniPluginDir
+
+ return nil
+ }
+}
+
// Container Creation Options
// WithShmDir sets the directory that should be mounted on /dev/shm
diff --git a/libpod/runtime.go b/libpod/runtime.go
index b25d5f78c..9712b6dd3 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -8,6 +8,7 @@ import (
is "github.com/containers/image/storage"
"github.com/containers/image/types"
"github.com/containers/storage"
+ "github.com/cri-o/ocicni/pkg/ocicni"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/ulule/deepcopier"
@@ -26,6 +27,7 @@ type Runtime struct {
imageContext *types.SystemContext
ociRuntime *OCIRuntime
lockDir string
+ netPlugin ocicni.CNIPlugin
valid bool
lock sync.RWMutex
}
@@ -48,6 +50,8 @@ type RuntimeConfig struct {
PidsLimit int64
MaxLogSize int64
NoPivotRoot bool
+ CNIConfigDir string
+ CNIPluginDir string
}
var (
@@ -68,6 +72,8 @@ var (
PidsLimit: 1024,
MaxLogSize: -1,
NoPivotRoot: false,
+ CNIConfigDir: "/etc/cni/net.d/",
+ CNIPluginDir: "/opt/cni/bin/",
}
)
@@ -157,6 +163,15 @@ func NewRuntime(options ...RuntimeOption) (runtime *Runtime, err error) {
}
}
+ // Set up the CNI net plugin
+ netPlugin, err := ocicni.InitCNI(runtime.config.CNIConfigDir, runtime.config.CNIPluginDir)
+ if err != nil {
+ return nil, errors.Wrapf(err, "error configuring CNI network plugin")
+ }
+ runtime.netPlugin = netPlugin
+
+ // TODO: iptables/firewalld integration to ensure rules are in place for forwarding
+
// Set up the state
if runtime.config.InMemoryState {
state, err := NewInMemoryState()
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-10-06 16:19:32 +0000