Skip to content

feature: Adding apipa nic support for swiftv2 windows #4012

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 7 commits into
base: master
Choose a base branch
from
+632 −57
Open

feature: Adding apipa nic support for swiftv2 windows #4012

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
d55e395
refactor: Update apipa nic as separate entry in podIPInfo
tamilmani1989 Sep 5, 2025
1efdde8
Introduced NetworkContainerID, AllowHostToNC, AllowNCToHost fields in…
tamilmani1989 Oct 15, 2025
3db8140
dummy create network for apipa nic as like backend nic
tamilmani1989 Oct 16, 2025
f052db3
Added DeleteEndpointState handler for removing endpoint state from CN…
tamilmani1989 Oct 24, 2025
0134df3
add config for disabling async delete
tamilmani1989 Oct 27, 2025
ac7f244
lint fixes and address comment
tamilmani1989 Oct 31, 2025
35edfc1
Address review comments
tamilmani1989 Nov 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions cni/network/invoker_cns.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,11 @@ func (invoker *CNSIPAMInvoker) Add(addConfig IPAMAddConfig) (IPAMAddResult, erro
if err := addBackendNICToResult(&info, &addResult, key); err != nil {
return IPAMAddResult{}, err
}
case cns.ApipaNIC:
if err := configureApipaAddResult(&info, &addResult, &response.PodIPInfo[i].PodIPConfig, key); err != nil {
return IPAMAddResult{}, err
}

case cns.InfraNIC, "":
// if we change from legacy cns, the nicType will be empty, so we assume it is infra nic
info.nicType = cns.InfraNIC
Expand Down Expand Up @@ -508,6 +513,29 @@ func configureSecondaryAddResult(info *IPResultInfo, addResult *IPAMAddResult, p
return nil
}

func configureApipaAddResult(info *IPResultInfo, addResult *IPAMAddResult, podIPConfig *cns.IPSubnet, key string) error {
ip, ipnet, err := podIPConfig.GetIPNet()
if ip == nil {
return errors.Wrap(err, "Unable to parse IP from response: "+info.podIPAddress+" with err %w")
}

addResult.interfaceInfo[key] = network.InterfaceInfo{
IPConfigs: []*network.IPConfig{
{
Address: net.IPNet{
IP: ip,
Mask: ipnet.Mask,
},
Gateway: net.ParseIP(info.ncGatewayIPAddress),
},
},
NICType: info.nicType,
SkipDefaultRoutes: true,
}

return nil
}

func addBackendNICToResult(info *IPResultInfo, addResult *IPAMAddResult, key string) error {
macAddress, err := net.ParseMAC(info.macAddress)
if err != nil {
Expand Down
7 changes: 7 additions & 0 deletions cns/NetworkContainerContract.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,9 @@ const (
NodeNetworkInterfaceFrontendNIC NICType = "FrontendNIC"
// NodeNetworkInterfaceBackendNIC is the new name for BackendNIC
NodeNetworkInterfaceBackendNIC NICType = "BackendNIC"

// ApipaNIC is used for internal communication between host and container
ApipaNIC NICType = "ApipaNIC"
)

// ChannelMode :- CNS channel modes
Expand Down Expand Up @@ -516,6 +519,10 @@ type PodIpInfo struct {
PnPID string
// Default Deny ACL's to configure on HNS endpoints for Swiftv2 window nodes
EndpointPolicies []policy.Policy
// This flag is in effect only if nic type is apipa. This allows connection originating from host to container via apipa nic and not other way.
AllowHostToNCCommunication bool
// This flag is in effect only if nic type is apipa. This allows connection originating from container to host via apipa nic and not other way.
AllowNCToHostCommunication bool
}

type HostIPInfo struct {
Expand Down
16 changes: 16 additions & 0 deletions cns/restserver/ipam.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,7 @@ func (service *HTTPRestService) requestIPConfigHandlerHelperStandalone(ctx conte

// assign NICType and MAC Address for SwiftV2. we assume that there won't be any SwiftV1 NCs here
podIPInfoList := make([]cns.PodIpInfo, 0, len(resp))
apipaIndex := -1
for i := range resp {
podIPInfo := cns.PodIpInfo{
PodIPConfig: resp[i].IPConfiguration.IPSubnet,
Expand All @@ -157,6 +158,21 @@ func (service *HTTPRestService) requestIPConfigHandlerHelperStandalone(ctx conte
NetworkContainerPrimaryIPConfig: resp[i].IPConfiguration,
}
podIPInfoList = append(podIPInfoList, podIPInfo)
if resp[i].AllowHostToNCCommunication || resp[i].AllowNCToHostCommunication {
apipaIndex = i
}
}

if apipaIndex != -1 {
apipaPodIPInfo := cns.PodIpInfo{
PodIPConfig: resp[apipaIndex].LocalIPConfiguration.IPSubnet,
NICType: cns.ApipaNIC,
NetworkContainerPrimaryIPConfig: resp[apipaIndex].LocalIPConfiguration,
SkipDefaultRoutes: true,
AllowHostToNCCommunication: resp[apipaIndex].AllowHostToNCCommunication,
AllowNCToHostCommunication: resp[apipaIndex].AllowNCToHostCommunication,
}
podIPInfoList = append(podIPInfoList, apipaPodIPInfo)
}

ipConfigsResp := &cns.IPConfigsResponse{
Expand Down
3 changes: 2 additions & 1 deletion network/network_windows.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -342,7 +342,8 @@ func (nm *networkManager) addIPv6DefaultRoute() error {
// newNetworkImplHnsV2 creates a new container network for HNSv2.
func (nm *networkManager) newNetworkImplHnsV2(nwInfo *EndpointInfo, extIf *externalInterface) (*network, error) {
// network creation is not required for IB
if nwInfo.NICType == cns.BackendNIC {
// For apipa nic, we create network as part of endpoint creation
if nwInfo.NICType == cns.BackendNIC || nwInfo.NICType == cns.ApipaNIC {
return &network{Endpoints: make(map[string]*endpoint)}, nil
}

Expand Down
Loading