virtcontainers: Avoid conflict with network monitor

Because the network monitor will be listening to every event received through the netlink socket, it will be notified everytime a new link will be added/updated/modified in the network namespace it's running into. The goal being to detect new interface added by Docker such as a veth pair. The problem is that kata-runtime will add other internal interfaces when the network monitor will ask for the addition of the new veth pair. And we need a way to ignore those new interfaces being created as they relate to the veth pair that is being added. That's why, in order to prevent from running into an infinite loop, virtcontainers needs to tag the internal interfaces with the "kata" suffix so that the network monitor will be able to ignore them. Signed-off-by: Sebastien Boeuf <[email protected]>
kata-containers · Sep 14, 2018 · 29e2fa0 · 29e2fa0
1 parent f6ce465
commit 29e2fa0
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 13 deletions.
diff --git a/virtcontainers/network.go b/virtcontainers/network.go
@@ -257,7 +257,7 @@ func (endpoint *VirtualEndpoint) HotAttach(h hypervisor) error {
 		return err
 	}
 
-	if _, err := h.hotplugAddDevice(*endpoint, netDev); err != nil {
+	if _, err := h.hotplugAddDevice(endpoint, netDev); err != nil {
 		networkLogger().WithError(err).Error("Error attach virtual ep")
 		return err
 	}
@@ -273,11 +273,10 @@ func (endpoint *VirtualEndpoint) HotDetach(h hypervisor, netNsCreated bool, netN
 	if err := doNetNS(netNsPath, func(_ ns.NetNS) error {
 		return xconnectVMNetwork(&(endpoint.NetPair), false, 0, h.hypervisorConfig().DisableVhostNet)
 	}); err != nil {
-		networkLogger().WithError(err).Error("Error abridging virtual ep")
-		return err
+		networkLogger().WithError(err).Warn("Error un-bridging virtual ep")
 	}
 
-	if _, err := h.hotplugRemoveDevice(*endpoint, netDev); err != nil {
+	if _, err := h.hotplugRemoveDevice(endpoint, netDev); err != nil {
 		networkLogger().WithError(err).Error("Error detach virtual ep")
 		return err
 	}
@@ -1151,13 +1150,13 @@ func createVirtualNetworkEndpoint(idx int, ifName string, interworkingModel NetI
 		// at the time of hypervisor attach and not here
 		NetPair: NetworkInterfacePair{
 			ID:   uniqueID,
-			Name: fmt.Sprintf("br%d", idx),
+			Name: fmt.Sprintf("br%d_kata", idx),
 			VirtIface: NetworkInterface{
 				Name:     fmt.Sprintf("eth%d", idx),
 				HardAddr: hardAddr.String(),
 			},
 			TAPIface: NetworkInterface{
-				Name: fmt.Sprintf("tap%d", idx),
+				Name: fmt.Sprintf("tap%d_kata", idx),
 			},
 			NetInterworkingModel: interworkingModel,
 		},

diff --git a/virtcontainers/network_test.go b/virtcontainers/network_test.go
@@ -209,13 +209,13 @@ func TestCreateVirtualNetworkEndpoint(t *testing.T) {
 	expected := &VirtualEndpoint{
 		NetPair: NetworkInterfacePair{
 			ID:   "uniqueTestID-4",
-			Name: "br4",
+			Name: "br4_kata",
 			VirtIface: NetworkInterface{
 				Name:     "eth4",
 				HardAddr: macAddr.String(),
 			},
 			TAPIface: NetworkInterface{
-				Name: "tap4",
+				Name: "tap4_kata",
 			},
 			NetInterworkingModel: DefaultNetInterworkingModel,
 		},
@@ -241,13 +241,13 @@ func TestCreateVirtualNetworkEndpointChooseIfaceName(t *testing.T) {
 	expected := &VirtualEndpoint{
 		NetPair: NetworkInterfacePair{
 			ID:   "uniqueTestID-4",
-			Name: "br4",
+			Name: "br4_kata",
 			VirtIface: NetworkInterface{
 				Name:     "eth1",
 				HardAddr: macAddr.String(),
 			},
 			TAPIface: NetworkInterface{
-				Name: "tap4",
+				Name: "tap4_kata",
 			},
 			NetInterworkingModel: DefaultNetInterworkingModel,
 		},

diff --git a/virtcontainers/qemu.go b/virtcontainers/qemu.go
@@ -821,7 +821,7 @@ func (q *qemu) hotplugVFIODevice(device *config.VFIODev, op operation) error {
 	return nil
 }
 
-func (q *qemu) hotplugMacvtap(drive VirtualEndpoint) error {
+func (q *qemu) hotplugMacvtap(drive *VirtualEndpoint) error {
 	var (
 		VMFdNames    []string
 		VhostFdNames []string
@@ -845,7 +845,7 @@ func (q *qemu) hotplugMacvtap(drive VirtualEndpoint) error {
 	return q.qmpMonitorCh.qmp.ExecuteNetdevAddByFds(q.qmpMonitorCh.ctx, "tap", drive.NetPair.Name, VMFdNames, VhostFdNames)
 }
 
-func (q *qemu) hotplugNetDevice(drive VirtualEndpoint, op operation) error {
+func (q *qemu) hotplugNetDevice(drive *VirtualEndpoint, op operation) error {
 	err := q.qmpSetup()
 	if err != nil {
 		return err
@@ -902,7 +902,7 @@ func (q *qemu) hotplugDevice(devInfo interface{}, devType deviceType, op operati
 		memdev := devInfo.(*memoryDevice)
 		return nil, q.hotplugMemory(memdev, op)
 	case netDev:
-		device := devInfo.(VirtualEndpoint)
+		device := devInfo.(*VirtualEndpoint)
 		return nil, q.hotplugNetDevice(device, op)
 	default:
 		return nil, fmt.Errorf("cannot hotplug device: unsupported device type '%v'", devType)

diff --git a/virtcontainers/sandbox.go b/virtcontainers/sandbox.go
@@ -1056,6 +1056,7 @@ func (s *Sandbox) AddInterface(inf *grpc.Interface) (*grpc.Interface, error) {
 	}
 
 	// Add network for vm
+	inf.PciAddr = endpoint.PCIAddr
 	return s.agent.updateInterface(inf)
 }
-Original file line number
+Diff line change
@@ Expand Up @@
     	}
     	// Add network for vm
+    	inf.PciAddr = endpoint.PCIAddr
     	return s.agent.updateInterface(inf)
     }
@@ Expand Down @@