-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CNIConfigWriter writes .temp file that throws off containerd #42
Comments
The errors are harmless because the file will be replaced later to make an atomic write.
|
whew, ack. definitely good to get rid of the |
is this a new behavior in containerd @MikeZappa87 @mikebrown ? the go-cni library already skips the not known extensions Lines 175 to 180 in de6a072
|
This is because of the file watcher, any changes to the specified directory would cause this. We probably should downgrade the error to warn or filter on specific file extensions (.conflist, .json, .conf) since we could have legitimate errors loading. We could embed this logic into go-cni or a function inside the cni conf syncer file. Its rather simple to just add a check prior the Load. Let me know/open to ideas. Quick fix? |
@MikeZappa87 the quick fix looks good to me! |
@dims it probably makes sense to update the documentation in containerd to reflect that we only would watch these specific file types |
/close |
Thanks @MikeZappa87 ! |
I just need to test this PR (containerd/containerd#10497) |
My read of the go-cni code is we filter for the aforementioned extensions when loading all config from a directory... However there is no filtering by extension if loading by an explicit filename path. Thus creating a bit of a quandary, in so far as someone using https://github.com/containerd/go-cni/blob/1c1be5e9ea864c9bc1651909ae13e1e555b4098d/opts.go#L135 which calls https://github.com/containernetworking/cni/blob/main/libcni/conf.go#L280 won't care what the file name extensions are. |
In this case the directory watcher is in containerd and not go-cni though. When you say loading by an explicit filename path is that saying something other than .conflist, .conf or .json? |
fortunately it does look like we only load from the directory in cri.. and thus can filter the cri sync update process to extensions.. Just pointing out there does not seem to be a hard n fast extensions rule, more a convention. |
nod.. for the CRI plugin use cases we seem to be ok to filter to known extensions in the configured directory as we use the With dir approach vs With file path.. |
Does it make sense to have a function in go-cni that will return a slice of 'supported' extensions? That can be used in go-cni and then also from the cri side? This prevents the hardcoding of file extensions in two places. Possibly an over optimization at this point. |
We write a
conflist.temp
file here:https://github.com/aojea/kindnet/blob/main/cmd/kindnetd/cni.go#L175-L181
which causes errors in containerd like so:
because containerd/cri code does not filter them out:
https://github.com/containerd/containerd/blob/da3655678d4fd46b6dc6ca9721375da01b90b2f6/internal/cri/server/cni_conf_syncer.go#L100-L105
The text was updated successfully, but these errors were encountered: