From c3952b1173af31c968367d1e09b1ed3f8b255d84 Mon Sep 17 00:00:00 2001 From: Patrik Flykt Date: Fri, 22 Sep 2023 13:51:29 +0300 Subject: [PATCH] WIP: Add NRI network message description and figures Signed-off-by: Patrik Flykt --- README.md | 74 +++++++++++++++++++++++++++++++++++++++++ docs/nri-cni-conf.svg | 1 + docs/nri-cni-delete.svg | 1 + docs/nri-cni-setup.svg | 1 + 4 files changed, 77 insertions(+) create mode 100644 docs/nri-cni-conf.svg create mode 100644 docs/nri-cni-delete.svg create mode 100644 docs/nri-cni-setup.svg diff --git a/README.md b/README.md index fbb80964..7db04e93 100644 --- a/README.md +++ b/README.md @@ -204,6 +204,80 @@ The following pieces of container metadata are available to plugins in NRI: Apart from data identifying the container, these pieces of information represent the corresponding data in the container's OCI Spec. +## Pod Network Lifecycle Events + +NRI plugins can subscribe to the following pod network events: + + - Pod network configuration change + - Pod network pre-creation before CNI plugins are called + - Pod network post-creation after CNI plugins have been called + - Pod network removal + +### Pod Network Configuration Change + +
+NRI pod network configuration change event +

+ +

+
+ +A NetworkConfigurationChanged event is sent each time a change in CNI +configuration is detected. It is left as an implementation detail for the +runtime whether a NetworkConfigurationChanged evet contains one or more +changed CNI configurations should a simultaneous modification of more than +one configuration be detected at the same time. + +NRI is able to alter the CNI configuraion and return a modified version, which +will later used by the runtime when the pod network is created. + +### Pod Network Creation + +
+NRI pod network setup events +

+ +

+
+ +### PreSetupNetwork + +The PreSetupNetwork event is sent immediately before CNI is invoked to set +up the pod network in its namespace. In addition to the PodSandbox object, +arguments to PreSetupNetwork includes an array of strings containing all JSON +formatted CNI configuration files associated with the pod. + +The reply data consists of CNI capabilities and 'args' arguments. Any returned +capabilities and arguments will be added to the ones already set for the pod +network. + +### PostSetupNetwork + +The PostSetupNetwork event is sent immediately after a successful CNI +invocation. In addtion to the PodSandbox objedct, the message carries a +structure containing the output CNI Result Type data received from CNI, which +is equivalent of the output of the last CNI plugn processed. + +NRI is allowed to modify and return the modified contents of the Result Type. +NRI may reshuffle for example the order of the interface information thus +changing the default interface or otherwise keep track of CNI parameters +when implementing its policy. + +### Pod Network Deletion + +
+NRI pod network deletion event +

+ +

+
+ +A NetworkDeleted event is sent on pod network deletion. As an empty return +message is expected, NRI has time to undo any modifications while the network +namespace still exists. + +// WIP: Pre- and PostNetworkDeleted messages? + ### Container Adjustment During container creation plugins can request changes to the following diff --git a/docs/nri-cni-conf.svg b/docs/nri-cni-conf.svg new file mode 100644 index 00000000..08e7f800 --- /dev/null +++ b/docs/nri-cni-conf.svg @@ -0,0 +1 @@ +configconfigcontainerdcontainerdNRINRINRI pluginNRI pluginsyncer.netPlugin.Load()networkconfigurationupdatedsyncer.syncLoop()NetworkConfigurationChangedRequest{ string namestring networkConf} [ ]plugin.NetworkConfigurationChanged()apply policyNetworkConfigurationChangedResponse{ string namestring networkConf} [ ]update networkconfiguration inmemory \ No newline at end of file diff --git a/docs/nri-cni-delete.svg b/docs/nri-cni-delete.svg new file mode 100644 index 00000000..f602bca4 --- /dev/null +++ b/docs/nri-cni-delete.svg @@ -0,0 +1 @@ +containerdcontainerdNRINRINRI pluginNRI pluginCNICNINetworkDeletedRequest{ PodSandbox pod}update NRIplugin infoNetworkDeletedResponsedelete pod network \ No newline at end of file diff --git a/docs/nri-cni-setup.svg b/docs/nri-cni-setup.svg new file mode 100644 index 00000000..f5a89443 --- /dev/null +++ b/docs/nri-cni-setup.svg @@ -0,0 +1 @@ +containerdcontainerdNRINRINRI pluginNRI pluginCNICNIRunPodSandboxRequestcriService.RunPodSandbox()criService.setupPodNetwork()PreSetupNetworkRequest{ PodSandbox pod{name stringnetworkConf string} [ ]}plugin.AdjustPodSandboxNetwork()apply NRIplugin policyPreSetupNetworkResponse{ name stringcapabilities map<string,byte[ ] //json marshalled >args map<string,string>} [ ]criService.config.CniConfgi.NetworkPluginSetupSerially()PostSetupNetworkRequest{ PodSandbox podprevResult {name stringcniversion stringinterfaces {name stringmac stringsandbox string} [ ]ips {address stringgateway stringinterface string} [ ]routes {dst stringgw string} [ ]dns {nameservers string [ ]domain stringsearch string [ ]options string [ ]}} [ ]}plugin.PostAdjustPodSandboxNetwork()update NRIplugin infoPostSetupNetworkResponse{ prevResult {...//as above} [ ]}RunPodSandboxResponse \ No newline at end of file