Avinash Sridharan [Wed, 24 Aug 2016 23:49:50 +0000 (23:49 +0000)]
pkg/ns: fixed the check for network namespace path.
The expectation on older kernels (< 3.19) was to have the network
namespace always be a directory. This is not true if the network
namespace is bind mounted to a file, and will make the plugin fail
erroneously in such cases. The fix is to remove this assumption
completely and just do a basic check on the file system types being
returned.
Fixes #288
Tom Denham [Thu, 2 Jun 2016 16:00:07 +0000 (09:00 -0700)]
Merge pull request #239 from steveeJ/master
MAINTAINERS: remove @zachgersh, add @dcbw
Michael Bridgen [Thu, 2 Jun 2016 15:51:57 +0000 (16:51 +0100)]
Merge pull request #218 from steveeJ/roadmap
Add ROADMAP document
Stefan Junker [Fri, 20 May 2016 11:07:35 +0000 (13:07 +0200)]
ROADMAP: initial version
Stefan Junker [Wed, 1 Jun 2016 23:15:24 +0000 (01:15 +0200)]
MAINTAINERS: remove @zachgersh, add @dcbw
Thank you Zach for all the great work done on CNI, farewell!
At the same time we are happy to welcome Dan amongst us who has already
contributed lots of valuable work!
Stefan Junker [Wed, 1 Jun 2016 14:03:17 +0000 (16:03 +0200)]
Merge pull request #219 from squaremo/more-contrib
docs: details on PR acceptance policy
Michael Bridgen [Fri, 20 May 2016 15:51:04 +0000 (16:51 +0100)]
docs: details on PR acceptance policy
Michael Bridgen [Mon, 30 May 2016 10:13:34 +0000 (11:13 +0100)]
Merge pull request #228 from jieyu/add_mesos
Added Mesos to CNI users.
Stefan Junker [Fri, 27 May 2016 13:57:40 +0000 (15:57 +0200)]
Merge pull request #231 from steveeJ/ns-verifiy-errors
pkg/ns: introduce error types to indicate NS verification
Stefan Junker [Fri, 27 May 2016 09:52:44 +0000 (11:52 +0200)]
pkg/ns: introduce error types indicate NS verification
Stefan Junker [Fri, 27 May 2016 11:49:05 +0000 (13:49 +0200)]
Merge pull request #230 from steveeJ/netns-optional-on-del
plugins: don't require CNI_NETNS for DEL command
Stefan Junker [Fri, 27 May 2016 10:26:42 +0000 (12:26 +0200)]
skel/test: add case for empty NETNS
Stefan Junker [Fri, 27 May 2016 08:57:39 +0000 (10:57 +0200)]
plugins: don't require CNI_NETNS for DEL command
This will allow to free up the IPAM allocations when the caller doesn't
have access to the network namespace anymore, e.g. due to a reboot.
Stefan Junker [Fri, 27 May 2016 08:56:24 +0000 (10:56 +0200)]
pkg/skel: allow arg requriements specified by CMD
Jie Yu [Wed, 25 May 2016 22:32:52 +0000 (15:32 -0700)]
README: add Mesos as CNI users
Stefan Junker [Thu, 26 May 2016 11:22:29 +0000 (13:22 +0200)]
Merge pull request #227 from steveeJ/ns-verify
pkg/ns: consider PROCFS during NS verification
Stefan Junker [Wed, 25 May 2016 21:49:25 +0000 (23:49 +0200)]
pkg/ns: consider PROCFS during NS verification
This is an attempt to bring compatibility with Kernel <3.19, where NSFS
where PROCFS was used for network namespaces.
Stefan Junker [Wed, 25 May 2016 06:54:10 +0000 (08:54 +0200)]
Merge pull request #222 from steveeJ/ns-check-path
pkg/ns: verify netns when initialized with GetNS
Stefan Junker [Tue, 24 May 2016 20:30:01 +0000 (22:30 +0200)]
pkg/ns: test IsNSFS()
Stefan Junker [Tue, 24 May 2016 20:21:57 +0000 (22:21 +0200)]
pkg/ns: test case for rejecting a non-ns nspath
Stefan Junker [Tue, 24 May 2016 16:16:34 +0000 (18:16 +0200)]
pkg/ns: verify netns when initialized with GetNS
Stefan Junker [Tue, 24 May 2016 20:16:09 +0000 (22:16 +0200)]
Merge pull request #223 from steveeJ/ns-respect-close
pkg/ns: don't allow operations after Close()
Stefan Junker [Tue, 24 May 2016 18:48:12 +0000 (20:48 +0200)]
pkg/ns: add tests cases for Close()'d NS
Stefan Junker [Tue, 24 May 2016 18:27:18 +0000 (20:27 +0200)]
pkg/ns: don't allow operations after Close()
Stefan Junker [Fri, 20 May 2016 23:55:57 +0000 (01:55 +0200)]
Merge pull request #217 from steveeJ/fix-go-tip
build: don't be verbose / test: fix bash variable escaping in sudo command
Stefan Junker [Fri, 20 May 2016 10:38:19 +0000 (12:38 +0200)]
build: remove -x bash flag
Stefan Junker [Fri, 20 May 2016 09:33:23 +0000 (11:33 +0200)]
test: fix bash variable escaping in sudo command
Stefan Junker [Fri, 20 May 2016 23:34:21 +0000 (01:34 +0200)]
Merge pull request #50 from steveeJ/gwfix
bridge: add isDefaultGateway field
Stefan Junker [Fri, 20 May 2016 23:05:21 +0000 (01:05 +0200)]
tests/bridge: ensure isDefaultGateway works
Stefan Junker [Fri, 4 Sep 2015 20:23:43 +0000 (22:23 +0200)]
bridge: add isDefaultGateway field
When isDefaultGateway is true it automatically sets isGateway to true.
The default route will be added via the (bridge's) gateway IP.
If a default gateway has been configured via IPAM in the same
configuration file, the plugin will error out.
Stefan Junker [Fri, 20 May 2016 22:17:45 +0000 (00:17 +0200)]
Merge pull request #211 from dcbw/e2e-testing
Fix namespace switch issues and add ipvlan, macvlan, and bridge e2e testing
Dan Williams [Wed, 30 Mar 2016 14:35:34 +0000 (09:35 -0500)]
bridge: add e2e testing
Dan Williams [Wed, 30 Mar 2016 14:27:08 +0000 (09:27 -0500)]
macvlan: add e2e testing
Dan Williams [Tue, 29 Mar 2016 22:49:58 +0000 (17:49 -0500)]
ipvlan: add e2e testing
Dan Williams [Tue, 29 Mar 2016 22:45:46 +0000 (17:45 -0500)]
testutils: add e2e testing helper code
Dan Williams [Tue, 5 Apr 2016 16:10:31 +0000 (11:10 -0500)]
ns: add interface, use it, and fix thread-related namespace switch issues
Add a namespace object interface for somewhat cleaner code when
creating and switching between network namespaces. All created
namespaces are now mounted in /var/run/netns to ensure they
have persistent inodes and paths that can be passed around
between plugin components without relying on the current namespace
being correct.
Also remove the thread-locking arguments from the ns package
per https://github.com/appc/cni/issues/183 by doing all the namespace
changes in a separate goroutine that locks/unlocks itself, instead of
the caller having to track OS thread locking.
Stefan Junker [Thu, 19 May 2016 21:05:08 +0000 (23:05 +0200)]
Merge pull request #199 from dcbw/fix-bridge-tx-queue-length
bridge: leave TX queue length as kernel default, not 0
Stefan Junker [Thu, 19 May 2016 16:38:57 +0000 (18:38 +0200)]
Merge pull request #212 from squaremo/more-contrib
docs: Mention license headers and doc contributions
Stefan Junker [Thu, 19 May 2016 13:45:07 +0000 (15:45 +0200)]
Merge pull request #214 from steveeJ/merge-v0.2
Merge v0.2
Stefan Junker [Fri, 6 May 2016 15:50:01 +0000 (17:50 +0200)]
release script: don't run the tests
For two reasons:
1. They're not functional within rkt
2. They rebuild the binaries dynamically
Stefan Junker [Thu, 28 Apr 2016 20:40:59 +0000 (22:40 +0200)]
build/release: link all release binaries statically
Stefan Junker [Fri, 22 Apr 2016 22:12:50 +0000 (00:12 +0200)]
scripts: build static releases and create an ACI
* use SHA1 instead of MD5
Stefan Junker [Fri, 22 Apr 2016 16:05:19 +0000 (18:05 +0200)]
scripts: add "release with rkt"
This script uses rkt and a fedora image to build release tarballs.
Michael Bridgen [Thu, 19 May 2016 12:40:37 +0000 (13:40 +0100)]
docs: Mention license headers and doc contributions
Closes #174.
Michael Bridgen [Thu, 19 May 2016 12:21:40 +0000 (13:21 +0100)]
Merge pull request #200 from squaremo/simplify-readme
Simplify README preamble
Michael Bridgen [Thu, 5 May 2016 15:18:45 +0000 (16:18 +0100)]
README: Simplify preamble
Stefan Junker [Thu, 19 May 2016 10:07:30 +0000 (12:07 +0200)]
Merge pull request #175.
Minhan Xia [Tue, 5 Apr 2016 17:50:28 +0000 (10:50 -0700)]
plugins/bridge: add support to set hairpin mode
Dan Williams [Thu, 28 Apr 2016 16:26:47 +0000 (11:26 -0500)]
macvlan: sysctl must be set in macvlan interface's namespace
The macvlan is initially created in a separate network namespace
and the sysctl must be set in that namespace too.
Angus Lees [Fri, 13 May 2016 07:32:40 +0000 (17:32 +1000)]
pkg/ns: evaluate syscall number at compile-time
Previously this code used a run-time map lookup keyed by
runtime.GOOS/GOARCH. This version uses conditional compilation to make
this choice at compile time, giving immediate feedback for unsupported
platforms.
Angus Lees [Fri, 13 May 2016 07:18:39 +0000 (17:18 +1000)]
pkg/ns: use correct syscall number on arm
Jonathan Boulle [Tue, 10 May 2016 10:12:05 +0000 (12:12 +0200)]
MAINTAINERS: add Tom Denham and Gabe Rosenhouse
Stefan Junker [Wed, 11 May 2016 16:50:25 +0000 (18:50 +0200)]
plugins/{ptp,bridge}: teardown first
This will allow the IPAM allocations to be cleared in case the
interfaces and iptables rules are non-existent.
Stefan Junker [Wed, 4 May 2016 14:06:05 +0000 (16:06 +0200)]
*: appc/cni -> containernetworking/cni
The project has been moved so internally we simply rename everything.
Consumers are recommended to update their vendored version of cni.
Brandon Philips [Fri, 6 May 2016 15:39:55 +0000 (08:39 -0700)]
README: fix badge links
Brandon Philips [Fri, 6 May 2016 15:39:21 +0000 (08:39 -0700)]
README: fix badges
Vipin Jain [Thu, 5 May 2016 03:29:13 +0000 (20:29 -0700)]
README: add contiv to cni supported networking
Iago López Galeiras [Tue, 3 May 2016 10:21:58 +0000 (12:21 +0200)]
plugins/bridge: clean masquerading rules
In the Add command we set up masquerading rules that didn't have a
corresponding clean-up code in Del.
Add the clean-up code.
Tom Denham [Fri, 22 Apr 2016 19:52:28 +0000 (12:52 -0700)]
Remove reference to policy on accepting PRs
There is to policy
Piotr Skamruk [Mon, 7 Mar 2016 15:41:04 +0000 (16:41 +0100)]
macvlan: set proxy_arp in time of creating interface
Resolves CNI part of https://github.com/coreos/rkt/issues/1765
Second part would be adding similar lines into kvm flavored macvlan
support (in time of creating macvtap device).
Piotr Skamruk [Mon, 7 Mar 2016 15:40:27 +0000 (16:40 +0100)]
pkg/utils: add functions to work with sysctl
Stefan Junker [Wed, 20 Apr 2016 15:54:12 +0000 (17:54 +0200)]
README: clarify what CNI is
The word "standard" does not represent what CNI is actually trying to
be.
Gabe Rosenhouse [Mon, 18 Apr 2016 03:27:02 +0000 (20:27 -0700)]
Document use of goroutine and lockosthread in test helpers
Dan Williams [Wed, 6 Apr 2016 16:03:31 +0000 (11:03 -0500)]
ns: fix reading net namespace in multi-threaded processes
/proc/self/ns/net gives the main thread's namespace, not necessarily
the namespace of the thread that's running the testcases. This causes
sporadic failures of the tests.
For example, with a testcase reading inodes after switching netns:
/proc/27686/task/27689/ns/net
4026532565
/proc/self/ns/net
4026531969
/proc/27686/task/27689/ns/net
4026532565
See also:
https://github.com/vishvananda/netns/commit/
008d17ae001344769b031375bdb38a86219154c6
Running Suite: pkg/ns Suite
===========================
Random Seed:
1459953577
Will run 6 of 6 specs
• Failure [0.028 seconds]
Linux namespace operations
/cni/gopath/src/github.com/appc/cni/pkg/ns/ns_test.go:167
WithNetNS
/cni/gopath/src/github.com/appc/cni/pkg/ns/ns_test.go:166
executes the callback within the target network namespace [It]
/cni/gopath/src/github.com/appc/cni/pkg/ns/ns_test.go:97
Expected
<uint64>:
4026531969
to equal
<uint64>:
4026532565
/cni/gopath/src/github.com/appc/cni/pkg/ns/ns_test.go:96
------------------------------
•••••
Summarizing 1 Failure:
[Fail] Linux namespace operations WithNetNS [It] executes the callback within the target network namespace
/cni/gopath/src/github.com/appc/cni/pkg/ns/ns_test.go:96
Ran 6 of 6 Specs in 0.564 seconds
FAIL! -- 5 Passed | 1 Failed | 0 Pending | 0 Skipped --- FAIL: TestNs (0.56s)
FAIL
Gabe Rosenhouse [Mon, 18 Apr 2016 02:44:00 +0000 (19:44 -0700)]
Fix issues with MakeNetworkNS test helper
Gabe Rosenhouse [Mon, 18 Apr 2016 01:48:50 +0000 (18:48 -0700)]
Add basic unit tests of testhelpers
Gabe Rosenhouse [Mon, 18 Apr 2016 01:35:49 +0000 (18:35 -0700)]
Extract inode inspection functions into testhelpers
Gabe Rosenhouse [Mon, 18 Apr 2016 01:28:10 +0000 (18:28 -0700)]
Extract testhelpers from loopback test suite
Brandon Philips [Mon, 11 Apr 2016 01:23:06 +0000 (18:23 -0700)]
README: add some material on what CNI isn't
We get some questions about this stuff from time to time and I want to
acknowledge we have thought about them but aren't currently tackling
them.
Brandon Philips [Mon, 11 Apr 2016 01:22:38 +0000 (18:22 -0700)]
README: add some more details on what CNI is
We needed a bit more intro material to scope what CNI does. Here is my
attempt.
Stefan Junker [Tue, 17 May 2016 19:11:21 +0000 (21:11 +0200)]
The macvlan is initially created in a separate network namespaceand the sysctl must be set in that namespace too.Fixes #208.
The macvlan is initially created in a separate network namespace
and the sysctl must be set in that namespace too.
Fixes #208.
Angus Lees [Tue, 17 May 2016 16:44:33 +0000 (02:44 +1000)]
pkg/ns: setns syscall number on arm and evaluate them at build time.
Dummy merge due to previous manual merge.
Stefan Junker [Tue, 17 May 2016 16:36:38 +0000 (18:36 +0200)]
Merge branch 'anguslees-master'
Angus Lees [Fri, 13 May 2016 07:32:40 +0000 (17:32 +1000)]
pkg/ns: evaluate syscall number at compile-time
Previously this code used a run-time map lookup keyed by
runtime.GOOS/GOARCH. This version uses conditional compilation to make
this choice at compile time, giving immediate feedback for unsupported
platforms.
Angus Lees [Fri, 13 May 2016 07:18:39 +0000 (17:18 +1000)]
pkg/ns: use correct syscall number on arm
Dan Williams [Wed, 4 May 2016 14:18:52 +0000 (09:18 -0500)]
bridge: leave TX queue length as kernel default, not 0
Not using NewLinkAttrs() or not initializing TxQLen leaves
the value as 0, which tells the kernel to set a zero-length
tx_queue_len. That messes up FIFO traffic shapers (like pfifo)
that use the device TX queue length as the default packet
limit. This leads to a default packet limit of 0, which drops
all packets.
Michael Bridgen [Thu, 12 May 2016 13:51:37 +0000 (14:51 +0100)]
Merge pull request #201 from jonboulle/master
MAINTAINERS: add Tom Denham and Gabe Rosenhouse
Jonathan Boulle [Thu, 12 May 2016 08:54:47 +0000 (10:54 +0200)]
Merge pull request #205 from steveeJ/teardown-fix
plugins/{ptp,bridge}: teardown first
Stefan Junker [Wed, 11 May 2016 16:50:25 +0000 (18:50 +0200)]
plugins/{ptp,bridge}: teardown first
This will allow the IPAM allocations to be cleared in case the
interfaces and iptables rules are non-existent.
Jonathan Boulle [Tue, 10 May 2016 10:12:05 +0000 (12:12 +0200)]
MAINTAINERS: add Tom Denham and Gabe Rosenhouse
Stefan Junker [Fri, 6 May 2016 15:58:44 +0000 (17:58 +0200)]
Merge pull request #198 from steveeJ/org-move
*: appc/cni -> containernetworking/cni
Brandon Philips [Fri, 6 May 2016 15:39:55 +0000 (08:39 -0700)]
README: fix badge links
Brandon Philips [Fri, 6 May 2016 15:39:21 +0000 (08:39 -0700)]
README: fix badges
Stefan Junker [Wed, 4 May 2016 14:06:05 +0000 (16:06 +0200)]
*: appc/cni -> containernetworking/cni
The project has been moved so internally we simply rename everything.
Consumers are recommended to update their vendored version of cni.
Michael Bridgen [Thu, 5 May 2016 08:15:15 +0000 (09:15 +0100)]
Merge pull request #197 from jainvipin/master
Add Contiv to CNI supported networking
Vipin Jain [Thu, 5 May 2016 03:29:13 +0000 (20:29 -0700)]
README: add contiv to cni supported networking
Michael Bridgen [Wed, 4 May 2016 12:50:09 +0000 (13:50 +0100)]
Merge branch 'pr195' (clean up masq rules)
Iago López Galeiras [Tue, 3 May 2016 10:21:58 +0000 (12:21 +0200)]
plugins/bridge: clean masquerading rules
In the Add command we set up masquerading rules that didn't have a
corresponding clean-up code in Del.
Add the clean-up code.
Dan Williams [Thu, 28 Apr 2016 16:26:47 +0000 (11:26 -0500)]
macvlan: sysctl must be set in macvlan interface's namespace
The macvlan is initially created in a separate network namespace
and the sysctl must be set in that namespace too.
Michael Bridgen [Wed, 27 Apr 2016 14:47:42 +0000 (15:47 +0100)]
Merge pull request #189 from tomdee/patch-2
Remove reference to policy on accepting PRs
Tom Denham [Fri, 22 Apr 2016 19:52:28 +0000 (12:52 -0700)]
Remove reference to policy on accepting PRs
There is to policy
Stefan Junker [Fri, 22 Apr 2016 17:25:54 +0000 (19:25 +0200)]
Merge pull request #187 from appc/v0.3.0
merge unneeded branch v0.3.0 into master
Michael Bridgen [Thu, 21 Apr 2016 10:54:52 +0000 (11:54 +0100)]
Merge pull request #186 from steveeJ/project-clarification
README: clarify what CNI is
Stefan Junker [Wed, 20 Apr 2016 15:54:12 +0000 (17:54 +0200)]
README: clarify what CNI is
The word "standard" does not represent what CNI is actually trying to
be.
Zach Gershman [Mon, 18 Apr 2016 17:45:46 +0000 (10:45 -0700)]
Merge pull request #182 from rosenhouse/document-lockosthread
Document use of goroutine and LockOSThread in test helpers
Zach Gershman [Mon, 18 Apr 2016 17:44:08 +0000 (10:44 -0700)]
Merge pull request #176 from dcbw/ns-test-fix
ns: fix reading net namespace in multi-threaded processes
Dan Williams [Wed, 6 Apr 2016 16:03:31 +0000 (11:03 -0500)]
ns: fix reading net namespace in multi-threaded processes
/proc/self/ns/net gives the main thread's namespace, not necessarily
the namespace of the thread that's running the testcases. This causes
sporadic failures of the tests.
For example, with a testcase reading inodes after switching netns:
/proc/27686/task/27689/ns/net
4026532565
/proc/self/ns/net
4026531969
/proc/27686/task/27689/ns/net
4026532565
See also:
https://github.com/vishvananda/netns/commit/
008d17ae001344769b031375bdb38a86219154c6
Running Suite: pkg/ns Suite
===========================
Random Seed:
1459953577
Will run 6 of 6 specs
• Failure [0.028 seconds]
Linux namespace operations
/cni/gopath/src/github.com/appc/cni/pkg/ns/ns_test.go:167
WithNetNS
/cni/gopath/src/github.com/appc/cni/pkg/ns/ns_test.go:166
executes the callback within the target network namespace [It]
/cni/gopath/src/github.com/appc/cni/pkg/ns/ns_test.go:97
Expected
<uint64>:
4026531969
to equal
<uint64>:
4026532565
/cni/gopath/src/github.com/appc/cni/pkg/ns/ns_test.go:96
------------------------------
•••••
Summarizing 1 Failure:
[Fail] Linux namespace operations WithNetNS [It] executes the callback within the target network namespace
/cni/gopath/src/github.com/appc/cni/pkg/ns/ns_test.go:96
Ran 6 of 6 Specs in 0.564 seconds
FAIL! -- 5 Passed | 1 Failed | 0 Pending | 0 Skipped --- FAIL: TestNs (0.56s)
FAIL
Gabe Rosenhouse [Mon, 18 Apr 2016 03:27:02 +0000 (20:27 -0700)]
Document use of goroutine and lockosthread in test helpers
Zach Gershman [Mon, 18 Apr 2016 03:20:43 +0000 (20:20 -0700)]
Merge pull request #181 from rosenhouse/testhelpers-extraction
Extract and improve test helpers
Gabe Rosenhouse [Mon, 18 Apr 2016 02:44:00 +0000 (19:44 -0700)]
Fix issues with MakeNetworkNS test helper
git://git.halfball.org / cni.git / log