[DNM] Adds DHCP daemon interface removal fix attempt on top of #169 #172
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Also make this overridable in env vars. Signed-off-by: Jingyuan Liang <[email protected]>
Bumps the golang group with 2 updates: [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) and [golang.org/x/sys](https://github.com/golang/sys). Updates `github.com/onsi/ginkgo/v2` from 2.13.1 to 2.13.2 - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.13.1...v2.13.2) Updates `golang.org/x/sys` from 0.14.0 to 0.15.0 - [Commits](golang/sys@v0.14.0...v0.15.0) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: golang - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang ... Signed-off-by: dependabot[bot] <[email protected]>
…s/golang-2d6cee5bad build(deps): bump the golang group with 2 updates
Bump to golang:1.21-alpine in release.sh
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps alpine from 3.18 to 3.19. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
…tions/actions/setup-go-5 build(deps): bump actions/setup-go from 4 to 5
The new `disableContainerInterface` parameter is added to the bridge plugin to enable setting the container interface state down. When the parameter is enabled, the container interface (veth peer that is placed at the container ns) remain down (i.e: disabled). The bridge and host peer interfaces state are not affected by the parameter. Since IPAM logic involve various configurations including waiting for addresses to be realized and setting the interface state UP, the new parameter cannot work with IPAM. In case both IPAM and DisableContainerInterface parameters are set, the bridge plugin will raise an error. Signed-off-by: Or Mergi <[email protected]>
bridge: Enable disabling bridge interface
This change introduces new github action to build cni plugin binaries for each platform at tagged new release. Signed-off-by: Tomofumi Hayashi <[email protected]>
Add github action to build binaries for each platform at release
currently the workflow will use latest version which is a moving target. newer versions may cause ci failures due to new checks added. Signed-off-by: adrianc <[email protected]>
Fix version of golangci-lint
Signed-off-by: Austin Vazquez <[email protected]>
Update to Go v1.22 in CI and release
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v3...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
…ctions/actions/setup-go-5 build(deps): bump actions/setup-go from 3 to 5
Bumps the golang group with 5 updates: | Package | From | To | | --- | --- | --- | | [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) | `0.11.4` | `0.12.0` | | [github.com/alexflint/go-filemutex](https://github.com/alexflint/go-filemutex) | `1.2.0` | `1.3.0` | | [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.13.2` | `2.16.0` | | [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.30.0` | `1.31.1` | | [golang.org/x/sys](https://github.com/golang/sys) | `0.15.0` | `0.17.0` | Updates `github.com/Microsoft/hcsshim` from 0.11.4 to 0.12.0 - [Release notes](https://github.com/Microsoft/hcsshim/releases) - [Commits](microsoft/hcsshim@v0.11.4...v0.12.0) Updates `github.com/alexflint/go-filemutex` from 1.2.0 to 1.3.0 - [Release notes](https://github.com/alexflint/go-filemutex/releases) - [Commits](alexflint/go-filemutex@v1.2.0...v1.3.0) Updates `github.com/onsi/ginkgo/v2` from 2.13.2 to 2.16.0 - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.13.2...v2.16.0) Updates `github.com/onsi/gomega` from 1.30.0 to 1.31.1 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.30.0...v1.31.1) Updates `golang.org/x/sys` from 0.15.0 to 0.17.0 - [Commits](golang/sys@v0.15.0...v0.17.0) --- updated-dependencies: - dependency-name: github.com/Microsoft/hcsshim dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: github.com/alexflint/go-filemutex dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang ... Signed-off-by: dependabot[bot] <[email protected]>
…es/golang-6a70725da1 build(deps): bump the golang group with 5 updates
Signed-off-by: Austin Vazquez <[email protected]>
This change updates golangci-lint-action package to v4 to resolve NodeJS 16 deprecation warnings. Signed-off-by: Austin Vazquez <[email protected]>
…on-package Update golangci-lint-action package to v4
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
…ctions/actions/checkout-4 build(deps): bump actions/checkout from 3 to 4
…action/alpine-3.19
…t-github/actions/retest-action/alpine-3.19 build(deps): bump alpine from 3.18 to 3.19 in /.github/actions/retest-action
Device plugins may allocate network device on a bus different than PCI. sriov-network-device-plugin supports the allocation of network devices over Auxiliary bus[1][2][3]. extend host-device CNI to support such devices if provided through runtime config. - Check if device provided by DeviceID runtime config is present on either PCI bus or Auxiliary bus - extend getLink method to support getting netdev link obj from auxiliary bus - add unit-test to cover the new flow [1] https://github.com/k8snetworkplumbingwg/sriov-network-device-plugin/tree/master?tab=readme-ov-file#auxiliary-network-devices-selectors [2] https://github.com/k8snetworkplumbingwg/sriov-network-device-plugin/tree/master/docs/subfunctions [3] https://docs.kernel.org/networking/devlink/devlink-port.html Signed-off-by: adrianc <[email protected]>
Today, it is not possible to use host-device CNI to move a host device to container namespace if a device already exists in that namespace. e.g when a delegate plugin (such as multus) is used to provide multiple networks to a container, CNI Add call will fail if the targeted host device name already exists in container network namespace. to overcome this, we use a temporary name for the interface before moving it in/out of container network namespace. Signed-off-by: adrianc <[email protected]>
Use temporary name for netdevice when moving in/out of NS
Using a temporary name / doing a fast rename causes some race conditions with udev and NetworkManager: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1599 Signed-off-by: Etienne Champetier <[email protected]>
Bumps the golang group with 1 update in the / directory: [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim). Updates `github.com/Microsoft/hcsshim` from 0.12.6 to 0.12.7 - [Release notes](https://github.com/Microsoft/hcsshim/releases) - [Commits](microsoft/hcsshim@v0.12.6...v0.12.7) Updates `golang.org/x/sys` from 0.24.0 to 0.25.0 - [Commits](golang/sys@v0.24.0...v0.25.0) --- updated-dependencies: - dependency-name: github.com/Microsoft/hcsshim dependency-type: direct:production update-type: version-update:semver-patch dependency-group: golang - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang ... Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: h0nIg <[email protected]>
…traffic_shapping2" This reverts commit ef076af, reversing changes made to 5974089. Signed-off-by: h0nIg <[email protected]>
Signed-off-by: h0nIg <[email protected]>
Signed-off-by: h0nIg <[email protected]>
Without waiting for the local/host routes to be added by the kernel after the IP address is being added to an interface. The routes requiring the local/host routes may failed. This caused flaky e2e tests, but could also happen during the execution of the VRF plugin when the IPv6 addresses were being re-added to the interface and when the route were being moved to the VRF table. Signed-off-by: Lionel Jouin <[email protected]>
Bumps the golang group with 1 update: [golang.org/x/sys](https://github.com/golang/sys). Updates `golang.org/x/sys` from 0.25.0 to 0.26.0 - [Commits](golang/sys@v0.25.0...v0.26.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang ... Signed-off-by: dependabot[bot] <[email protected]>
The dhcp server is systemd-networkd, and the dhcp plugin can request an ip but can not renew it. The systemd-networkd just ignore the renew request. ``` 2024/09/14 21:46:00 no DHCP packet received within 10s 2024/09/14 21:46:00 retrying in 31.529038 seconds 2024/09/14 21:46:42 no DHCP packet received within 10s 2024/09/14 21:46:42 retrying in 63.150490 seconds 2024/09/14 21:47:45 98184616c91f15419f5cacd012697f85afaa2daeb5d3233e28b0ec21589fb45a/iot/eth1: no more tries 2024/09/14 21:47:45 98184616c91f15419f5cacd012697f85afaa2daeb5d3233e28b0ec21589fb45a/iot/eth1: renewal time expired, rebinding 2024/09/14 21:47:45 Link "eth1" down. Attempting to set up 2024/09/14 21:47:45 98184616c91f15419f5cacd012697f85afaa2daeb5d3233e28b0ec21589fb45a/iot/eth1: lease rebound, expiration is 2024-09-14 22:47:45.309270751 +0800 CST m=+11730.048516519 ``` Follow the https://datatracker.ietf.org/doc/html/rfc2131#section-4.3.6, following options must not be sent in renew - Requested IP Address - Server Identifier Since the upstream code has been inactive for 6 years, we should switch to another dhcpv4 library. The new selected one is https://github.com/insomniacslk/dhcp. Signed-off-by: Songmin Li <[email protected]>
Signed-off-by: Songmin Li <[email protected]>
Signed-off-by: Lionel Jouin <[email protected]>
We can't use dnat from the input hook, depending on nftables (and kernel ?) version we get "Error: Could not process rule: Operation not supported" iptables backend also uses prerouting. Also 'ip6 protocol tcp' is invalid, so rework / simplify the rules Fixes 01a94e1 Signed-off-by: Etienne Champetier <[email protected]>
Rename SetupIPMasqForNetwork -> SetupIPMasqForNetworks TeardownIPMasqForNetwork -> TeardownIPMasqForNetworks and have them take []*net.IPNet instead of *net.IPNet. This allow the nftables backend to cleanup stale rules and recreate all needed rules in a single transaction, where previously the stale rules cleanup was breaking all but the last IPNet. Fixes 61d0786 Signed-off-by: Etienne Champetier <[email protected]>
Bumps the golang group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) | `0.12.7` | `0.12.9` | | [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.20.2` | `2.22.0` | | [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.34.2` | `1.36.0` | | [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) | `1.11.0` | `1.11.1` | | [github.com/safchain/ethtool](https://github.com/safchain/ethtool) | `0.4.1` | `0.5.9` | | [sigs.k8s.io/knftables](https://github.com/kubernetes-sigs/knftables) | `0.0.17` | `0.0.18` | Updates `github.com/Microsoft/hcsshim` from 0.12.7 to 0.12.9 - [Release notes](https://github.com/Microsoft/hcsshim/releases) - [Commits](microsoft/hcsshim@v0.12.7...v0.12.9) Updates `github.com/onsi/ginkgo/v2` from 2.20.2 to 2.22.0 - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.20.2...v2.22.0) Updates `github.com/onsi/gomega` from 1.34.2 to 1.36.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.34.2...v1.36.0) Updates `github.com/opencontainers/selinux` from 1.11.0 to 1.11.1 - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](opencontainers/selinux@v1.11.0...v1.11.1) Updates `github.com/safchain/ethtool` from 0.4.1 to 0.5.9 - [Release notes](https://github.com/safchain/ethtool/releases) - [Commits](safchain/ethtool@v0.4.1...v0.5.9) Updates `golang.org/x/sys` from 0.26.0 to 0.27.0 - [Commits](golang/sys@v0.26.0...v0.27.0) Updates `sigs.k8s.io/knftables` from 0.0.17 to 0.0.18 - [Changelog](https://github.com/kubernetes-sigs/knftables/blob/master/CHANGELOG.md) - [Commits](kubernetes-sigs/knftables@v0.0.17...v0.0.18) --- updated-dependencies: - dependency-name: github.com/Microsoft/hcsshim dependency-type: direct:production update-type: version-update:semver-patch dependency-group: golang - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: github.com/opencontainers/selinux dependency-type: direct:production update-type: version-update:semver-patch dependency-group: golang - dependency-name: github.com/safchain/ethtool dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: sigs.k8s.io/knftables dependency-type: direct:production update-type: version-update:semver-patch dependency-group: golang ... Signed-off-by: dependabot[bot] <[email protected]>
As show in the docs, iptables conditions can also start with '!' Fixes 01a94e1 Signed-off-by: Etienne Champetier <[email protected]>
Signed-off-by: Jingyuan Liang <[email protected]>
Signed-off-by: Benjamin Pickard <[email protected]>
Also bump microshift Dockerfile Signed-off-by: Benjamin Pickard <[email protected]>
Due to oberservations that threads can grow and the dhcp daemon uses an increasing amount of memory. This situation can happen organically when using say, bridge CNI, and the bridge has been removed outside of the bridge CNI lifecycle, and an interface no longer exists on a pod. Signed-off-by: dougbtv <[email protected]>
|
/hold |
openshift-ci
bot
added
the
do-not-merge/hold
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dougbtv The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
see also: containernetworking/plugins#1143 |
dougbtv
changed the title
…ger exists." This reverts commit 303a53d.
Due to oberservations that threads can grow and the dhcp daemon uses an increasing amount of memory. This situation can happen organically when using say, bridge CNI, and the bridge has been removed outside of the bridge CNI lifecycle, and an interface no longer exists on a pod. Does so on a retry loop using the `backoffRetry()` method. Signed-off-by: dougbtv <[email protected]>
|
@dougbtv: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.