network: add new NetInterworkingModel "none" and endpoint type TapEnd…

…point

This model is for not creating a new net ns for VM and directly
creating taps in the host net ns.

Signed-off-by: Ruidong Cao <[email protected]>

cli/config/configuration.toml.in

@@ -230,6 +230,10 @@ path = "@NETMONPATH@"
 #   - macvtap
 #     Used when the Container network interface can be bridged using
 #     macvtap.
+#
+#   - none
+#     Used when customize network. Only creates a tap device. No veth pair.
+#
 internetworking_model="@DEFNETWORKMODEL@"
 
 # If enabled, the runtime will create opentracing.io traces and spans.

virtcontainers/endpoint.go

@@ -44,6 +44,9 @@ const (
 
 	// MacvtapEndpointType is macvtap network interface.
 	MacvtapEndpointType EndpointType = "macvtap"
+
+	// TapEndpointType is tap network interface.
+	TapEndpointType EndpointType = "tap"
 )
 
 // Set sets an endpoint type based on the input string.
@@ -64,6 +67,9 @@ func (endpointType *EndpointType) Set(value string) error {
 	case "macvtap":
 		*endpointType = MacvtapEndpointType
 		return nil
+	case "tap":
+		*endpointType = TapEndpointType
+		return nil
 	default:
 		return fmt.Errorf("Unknown endpoint type %s", value)
 	}
@@ -82,6 +88,8 @@ func (endpointType *EndpointType) String() string {
 		return string(BridgedMacvlanEndpointType)
 	case MacvtapEndpointType:
 		return string(MacvtapEndpointType)
+	case TapEndpointType:
+		return string(TapEndpointType)
 	default:
 		return ""
 	}

virtcontainers/network.go

@@ -51,6 +51,9 @@ const (
 	// This will be used for vethtap, macvtap, ipvtap
 	NetXConnectEnlightenedModel
 
+	// NetXConnectNoneModel can be used when the VM is in the host network namespace
+	NetXConnectNoneModel
+
 	// NetXConnectInvalidModel is the last item to check valid values by IsValid()
 	NetXConnectInvalidModel
 )
@@ -75,6 +78,9 @@ func (n *NetInterworkingModel) SetModel(modelName string) error {
 	case "enlightened":
 		*n = NetXConnectEnlightenedModel
 		return nil
+	case "none":
+		*n = NetXConnectNoneModel
+		return nil
 	}
 	return fmt.Errorf("Unknown type %s", modelName)
 }
@@ -122,7 +128,7 @@ type NetworkInterface struct {
 	Addrs    []netlink.Addr
 }
 
-// TapInterface defines a tap nic.
+// TapInterface defines a tap interface
 type TapInterface struct {
 	ID       string
 	Name     string
@@ -199,27 +205,7 @@ func (n NetworkNamespace) MarshalJSON() ([]byte, error) {
 	return b, err
 }
 
-// UnmarshalJSON is the custom NetworkNamespace unmarshalling routine.
-// This is needed for unmarshalling the Endpoints interfaces array.
-func (n *NetworkNamespace) UnmarshalJSON(b []byte) error {
-	var s struct {
-		NetNsPath    string
-		NetNsCreated bool
-		Endpoints    json.RawMessage
-	}
-
-	if err := json.Unmarshal(b, &s); err != nil {
-		return err
-	}
-
-	(*n).NetNsPath = s.NetNsPath
-	(*n).NetNsCreated = s.NetNsCreated
-
-	var typedEndpoints []TypedJSONEndpoint
-	if err := json.Unmarshal([]byte(string(s.Endpoints)), &typedEndpoints); err != nil {
-		return err
-	}
-
+func generateEndpoints(typedEndpoints []TypedJSONEndpoint) ([]Endpoint, error) {
 	var endpoints []Endpoint
 
 	for _, e := range typedEndpoints {
@@ -228,7 +214,7 @@ func (n *NetworkNamespace) UnmarshalJSON(b []byte) error {
 			var endpoint PhysicalEndpoint
 			err := json.Unmarshal(e.Data, &endpoint)
 			if err != nil {
-				return err
+				return nil, err
 			}
 
 			endpoints = append(endpoints, &endpoint)
@@ -241,7 +227,7 @@ func (n *NetworkNamespace) UnmarshalJSON(b []byte) error {
 			var endpoint VethEndpoint
 			err := json.Unmarshal(e.Data, &endpoint)
 			if err != nil {
-				return err
+				return nil, err
 			}
 
 			endpoints = append(endpoints, &endpoint)
@@ -254,7 +240,7 @@ func (n *NetworkNamespace) UnmarshalJSON(b []byte) error {
 			var endpoint VhostUserEndpoint
 			err := json.Unmarshal(e.Data, &endpoint)
 			if err != nil {
-				return err
+				return nil, err
 			}
 
 			endpoints = append(endpoints, &endpoint)
@@ -267,7 +253,7 @@ func (n *NetworkNamespace) UnmarshalJSON(b []byte) error {
 			var endpoint BridgedMacvlanEndpoint
 			err := json.Unmarshal(e.Data, &endpoint)
 			if err != nil {
-				return err
+				return nil, err
 			}
 
 			networkLogger().WithFields(logrus.Fields{
@@ -279,18 +265,58 @@ func (n *NetworkNamespace) UnmarshalJSON(b []byte) error {
 			var endpoint MacvtapEndpoint
 			err := json.Unmarshal(e.Data, &endpoint)
 			if err != nil {
-				return err
+				return nil, err
 			}
 
 			networkLogger().WithFields(logrus.Fields{
 				"endpoint":      endpoint,
 				"endpoint-type": "macvtap",
 			}).Info("endpoint unmarshalled")
 
+		case TapEndpointType:
+			var endpoint TapEndpoint
+			err := json.Unmarshal(e.Data, &endpoint)
+			if err != nil {
+				return nil, err
+			}
+
+			endpoints = append(endpoints, &endpoint)
+			networkLogger().WithFields(logrus.Fields{
+				"endpoint":      endpoint,
+				"endpoint-type": "tap",
+			}).Info("endpoint unmarshalled")
+
 		default:
 			networkLogger().WithField("endpoint-type", e.Type).Error("Ignoring unknown endpoint type")
 		}
 	}
+	return endpoints, nil
+}
+
+// UnmarshalJSON is the custom NetworkNamespace unmarshalling routine.
+// This is needed for unmarshalling the Endpoints interfaces array.
+func (n *NetworkNamespace) UnmarshalJSON(b []byte) error {
+	var s struct {
+		NetNsPath    string
+		NetNsCreated bool
+		Endpoints    json.RawMessage
+	}
+
+	if err := json.Unmarshal(b, &s); err != nil {
+		return err
+	}
+
+	(*n).NetNsPath = s.NetNsPath
+	(*n).NetNsCreated = s.NetNsCreated
+
+	var typedEndpoints []TypedJSONEndpoint
+	if err := json.Unmarshal([]byte(string(s.Endpoints)), &typedEndpoints); err != nil {
+		return err
+	}
+	endpoints, err := generateEndpoints(typedEndpoints)
+	if err != nil {
+		return err
+	}
 
 	(*n).Endpoints = endpoints
 	return nil
@@ -828,6 +854,13 @@ func createNetNS() (string, error) {
 // into runtime.LockOSThread(), meaning it won't be executed in a
 // different thread than the one expected by the caller.
 func doNetNS(netNSPath string, cb func(ns.NetNS) error) error {
+	// if netNSPath is empty, the callback function will be run in the current network namespace.
+	// So skip the whole function, just call cb(). cb() needs a NetNS as arg but ignored, give it a fake one.
+	if netNSPath == "" {
+		var netNs ns.NetNS
+		return cb(netNs)
+	}
+
 	runtime.LockOSThread()
 	defer runtime.UnlockOSThread()
 
@@ -1123,6 +1156,9 @@ func createEndpoint(netInfo NetworkInfo, idx int, model NetInterworkingModel) (E
 		} else if netInfo.Iface.Type == "macvtap" {
 			networkLogger().Infof("macvtap interface found")
 			endpoint, err = createMacvtapNetworkEndpoint(netInfo)
+		} else if netInfo.Iface.Type == "tap" {
+			networkLogger().Info("tap interface found")
+			endpoint, err = createTapNetworkEndpoint(idx, netInfo.Iface.Name)
 		} else if netInfo.Iface.Type == "veth" {
 			endpoint, err = createVethNetworkEndpoint(idx, netInfo.Iface.Name, model)
 		} else {

virtcontainers/qemu.go

@@ -872,6 +872,9 @@ func (q *qemu) hotplugNetDevice(endpoint Endpoint, op operation) error {
 		case VethEndpointType:
 			drive := endpoint.(*VethEndpoint)
 			tap = drive.NetPair.TapInterface
+		case TapEndpointType:
+			drive := endpoint.(*TapEndpoint)
+			tap = drive.TapInterface
 		default:
 			return fmt.Errorf("this endpoint is not supported")
 		}
@@ -896,6 +899,9 @@ func (q *qemu) hotplugNetDevice(endpoint Endpoint, op operation) error {
 		case VethEndpointType:
 			drive := endpoint.(*VethEndpoint)
 			tap = drive.NetPair.TapInterface
+		case TapEndpointType:
+			drive := endpoint.(*TapEndpoint)
+			tap = drive.TapInterface
 		default:
 			return fmt.Errorf("this endpoint is not supported")
 		}

virtcontainers/sandbox.go

@@ -1089,14 +1089,21 @@ func (s *Sandbox) generateNetInfo(inf *grpc.Interface) (NetworkInfo, error) {
 		addrs = append(addrs, *netlinkAddr)
 	}
 
+	var ifaceType string
+	if s.config.NetworkConfig.InterworkingModel == NetXConnectNoneModel {
+		ifaceType = "tap"
+	} else {
+		ifaceType = "veth"
+	}
+
 	return NetworkInfo{
 		Iface: NetlinkIface{
 			LinkAttrs: netlink.LinkAttrs{
 				Name:         inf.Name,
 				HardwareAddr: hw,
 				MTU:          int(inf.Mtu),
 			},
-			Type: "",
+			Type: ifaceType,
 		},
 		Addrs: addrs,
 	}, nil