Linux Network Devices #4538
Open
Linux Network Devices #4538
+747
−6
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
aojea
force-pushed
the
netdevices
branch
2 times, most recently
from
bdb31c1 to
0b771ca
Compare
aojea
commented
Dec 2, 2024
aojea
force-pushed
the
netdevices
branch
2 times, most recently
from
07d3b0b to
3833056
Compare
kad
reviewed
Dec 10, 2024
lifubang
reviewed
Dec 10, 2024
aojea
force-pushed
the
netdevices
branch
2 times, most recently
from
67f12e0 to
d114afe
Compare
aojea
commented
Dec 17, 2024
aojea
force-pushed
the
netdevices
branch
2 times, most recently
from
ec90a02 to
f4f5d02
Compare
aojea
force-pushed
the
netdevices
branch
2 times, most recently
from
735f9d5 to
ce1f612
Compare
aojea
force-pushed
the
netdevices
branch
4 times, most recently
from
6262c5e to
c530772
Compare
kolyshkin
reviewed
Feb 7, 2025
kolyshkin
reviewed
Feb 7, 2025
kolyshkin
reviewed
Feb 7, 2025
kolyshkin
reviewed
Feb 7, 2025
kolyshkin
reviewed
Feb 8, 2025
aojea
force-pushed
the
netdevices
branch
5 times, most recently
from
4380e86 to
f53d263
Compare
|
@aojea friendly reminder that this should be ready soon, we are cutting 1.3.0-rc.1 soon (maybe this week). The spec part is still not sure when it will be merged? |
rata
reviewed
Mar 3, 2025
aojea
force-pushed
the
netdevices
branch
2 times, most recently
from
f74c032 to
17c7056
Compare
aojea
commented
Mar 3, 2025
aojea
force-pushed
the
netdevices
branch
2 times, most recently
from
9f4b286 to
20f65c5
Compare
aojea
commented
Mar 4, 2025
rata
reviewed
Mar 17, 2025
aojea
force-pushed
the
netdevices
branch
5 times, most recently
from
1193b12 to
0809631
Compare
aojea
commented
Mar 31, 2025
aojea
force-pushed
the
netdevices
branch
2 times, most recently
from
14a603d to
a92b31b
Compare
rata
reviewed
Apr 2, 2025
Comment on lines
+855
to
+858
| for name, netDevice := range p.config.Config.NetDevices { | ||
| err := devChangeNetNamespace(name, nsPath, *netDevice) | ||
| if err != nil { | ||
| return err |
There was a problem hiding this comment.
I wonder what we should do if moving some ifaces work but some fail. Shall we move back to the init netns the ones that we moved to the container?
To be clear, this is an honest question, I don't know what would be the right thing to do. Maybe keep them in the new netns is the right thing, as the kernel will move it back whenever the netns is destroyed and we the code here is quite simple. But if we decide to do that, I'd put a comment here.
Comment on lines
+845
to
+847
| // host network pods does not move network devices. | ||
| if !p.config.Config.Namespaces.Contains(configs.NEWNET) { | ||
| return nil |
There was a problem hiding this comment.
I think you already fail in the config validate if there is no netns.
This might be useful for libct users, but for runc this should never happen.
aojea
force-pushed
the
netdevices
branch
2 times, most recently
from
e67014a to
fa56aeb
Compare
Change-Id: I2f000a2d8440257d9d81192bf073cc5d971039cc Signed-off-by: Antonio Ojea <[email protected]>
Implement support for passing Linux Network Devices to the container network namespace. The network device is passed during the creation of the container, before the process is started. It implements the logic defined in the OCI runtime specification. Signed-off-by: Antonio Ojea <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Implementation of opencontainers/runtime-spec#1271
It implements the new proposal to the OCI spec to be able to specify Network Devices that get attached/detached from the containers