From 28cd8bde4912cd39bcdfe4c8fb9383f2ce29ee8b Mon Sep 17 00:00:00 2001 From: Andrew Pilloud Date: Thu, 15 Jun 2017 13:56:17 -0700 Subject: [PATCH] server: Hookup kubelet hostport Signed-off-by: Andrew Pilloud --- server/sandbox.go | 2 ++ server/sandbox_run.go | 44 ++++++++++++++++++++++++++++++++++++++++++ server/sandbox_stop.go | 10 ++++++++++ server/server.go | 4 ++++ 4 files changed, 60 insertions(+) diff --git a/server/sandbox.go b/server/sandbox.go index c9dbfa37..0823fad1 100644 --- a/server/sandbox.go +++ b/server/sandbox.go @@ -16,6 +16,7 @@ import ( "golang.org/x/sys/unix" "k8s.io/apimachinery/pkg/fields" pb "k8s.io/kubernetes/pkg/kubelet/api/v1alpha1/runtime" + "k8s.io/kubernetes/pkg/kubelet/network/hostport" ) type sandboxNetNs struct { @@ -147,6 +148,7 @@ type sandbox struct { trusted bool resolvPath string hostname string + portMappings []*hostport.PortMapping } const ( diff --git a/server/sandbox_run.go b/server/sandbox_run.go index d4221e95..bcda3f1a 100644 --- a/server/sandbox_run.go +++ b/server/sandbox_run.go @@ -3,6 +3,7 @@ package server import ( "encoding/json" "fmt" + "net" "os" "path/filepath" "regexp" @@ -19,7 +20,9 @@ import ( "github.com/opencontainers/runtime-tools/generate" "github.com/opencontainers/selinux/go-selinux/label" "golang.org/x/net/context" + "k8s.io/kubernetes/pkg/api/v1" pb "k8s.io/kubernetes/pkg/kubelet/api/v1alpha1/runtime" + "k8s.io/kubernetes/pkg/kubelet/network/hostport" ) // privilegedSandbox returns true if the sandbox configuration @@ -317,6 +320,8 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest created := time.Now() g.AddAnnotation(annotations.Created, created.Format(time.RFC3339Nano)) + portMappings := convertPortMappings(req.GetConfig().GetPortMappings()) + sb := &sandbox{ id: id, namespace: namespace, @@ -334,6 +339,7 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest trusted: trusted, resolvPath: resolvPath, hostname: hostname, + portMappings: portMappings, } s.addSandbox(sb) @@ -469,6 +475,28 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest if err = s.netPlugin.SetUpPod(netNsPath, namespace, kubeName, id); err != nil { return nil, fmt.Errorf("failed to create network for container %s in sandbox %s: %v", containerName, id, err) } + + if len(portMappings) != 0 { + ip, err := s.netPlugin.GetContainerNetworkStatus(netNsPath, namespace, id, containerName) + if err != nil { + return nil, fmt.Errorf("failed to get network status for container %s in sandbox %s: %v", containerName, id, err) + } + + ip4 := net.ParseIP(ip).To4() + if ip4 == nil { + return nil, fmt.Errorf("failed to get valid ipv4 address for container %s in sandbox %s", containerName, id) + } + + if err = s.hostportManager.Add(id, &hostport.PodPortMapping{ + Name: name, + PortMappings: portMappings, + IP: ip4, + HostNetwork: false, + }, "lo"); err != nil { + return nil, fmt.Errorf("failed to add hostport mapping for container %s in sandbox %s: %v", containerName, id, err) + } + + } } if err = s.runContainer(container, sb.cgroupParent); err != nil { @@ -482,6 +510,22 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest return resp, nil } +func convertPortMappings(in []*pb.PortMapping) []*hostport.PortMapping { + if in == nil { + return nil + } + out := make([]*hostport.PortMapping, len(in)) + for i, v := range in { + out[i] = &hostport.PortMapping{ + HostPort: v.HostPort, + ContainerPort: v.ContainerPort, + Protocol: v1.Protocol(v.Protocol.String()), + HostIP: v.HostIp, + } + } + return out +} + func (s *Server) setPodSandboxMountLabel(id, mountLabel string) error { storageMetadata, err := s.storageRuntimeServer.GetContainerMetadata(id) if err != nil { diff --git a/server/sandbox_stop.go b/server/sandbox_stop.go index 55aa3d84..a5422274 100644 --- a/server/sandbox_stop.go +++ b/server/sandbox_stop.go @@ -13,6 +13,7 @@ import ( "golang.org/x/net/context" "golang.org/x/sys/unix" pb "k8s.io/kubernetes/pkg/kubelet/api/v1alpha1/runtime" + "k8s.io/kubernetes/pkg/kubelet/network/hostport" ) // StopPodSandbox stops the sandbox. If there are any running containers in the @@ -40,6 +41,15 @@ func (s *Server) StopPodSandbox(ctx context.Context, req *pb.StopPodSandboxReque return nil, err } if _, err := os.Stat(netnsPath); err == nil { + if err2 := s.hostportManager.Remove(sb.id, &hostport.PodPortMapping{ + Name: sb.name, + PortMappings: sb.portMappings, + HostNetwork: false, + }); err2 != nil { + logrus.Warnf("failed to remove hostport for container %s in sandbox %s: %v", + podInfraContainer.Name(), sb.id, err2) + } + if err2 := s.netPlugin.TearDownPod(netnsPath, sb.namespace, sb.kubeName, sb.id); err2 != nil { logrus.Warnf("failed to destroy network for container %s in sandbox %s: %v", podInfraContainer.Name(), sb.id, err2) diff --git a/server/server.go b/server/server.go index 7424bb59..8d6e5f43 100644 --- a/server/server.go +++ b/server/server.go @@ -26,6 +26,7 @@ import ( "github.com/opencontainers/selinux/go-selinux/label" knet "k8s.io/apimachinery/pkg/util/net" pb "k8s.io/kubernetes/pkg/kubelet/api/v1alpha1/runtime" + "k8s.io/kubernetes/pkg/kubelet/network/hostport" "k8s.io/kubernetes/pkg/kubelet/server/streaming" ) @@ -56,6 +57,7 @@ type Server struct { updateLock sync.RWMutex state *serverState netPlugin ocicni.CNIPlugin + hostportManager hostport.HostPortManager podNameIndex *registrar.Registrar podIDIndex *truncindex.TruncIndex ctrNameIndex *registrar.Registrar @@ -575,12 +577,14 @@ func New(config *Config) (*Server, error) { if err != nil { return nil, err } + hostportManager := hostport.NewHostportManager() s := &Server{ runtime: r, store: store, storageImageServer: imageService, storageRuntimeServer: storageRuntimeService, netPlugin: netPlugin, + hostportManager: hostportManager, config: *config, state: &serverState{ sandboxes: sandboxes,