support fixed-ip in anchor-cni

Author: DuodenumL

app/cnicmd.go

@@ -9,11 +9,12 @@ import (
 
 	"github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/pkg/errors"
+	log "github.com/sirupsen/logrus"
+	"github.com/urfave/cli/v2"
+
 	"github.com/projecteru2/docker-cni/cni"
 	"github.com/projecteru2/docker-cni/config"
 	"github.com/projecteru2/docker-cni/handler"
-	log "github.com/sirupsen/logrus"
-	"github.com/urfave/cli/v2"
 )
 
 func runCNI(handler handler.Handler) func(*cli.Context) error {
@@ -59,14 +60,15 @@ func runCNI(handler handler.Handler) func(*cli.Context) error {
 		}
 
 		cniToolConfig := cni.CNIToolConfig{
-			CNIPath:     conf.CNIBinDir,
-			NetConfPath: conf.CNIConfDir,
-			NetNS:       netns,
-			Args:        os.Getenv("CNI_ARGS"),
-			IfName:      conf.CNIIfname,
-			Cmd:         c.String("command"),
-			ContainerID: state.ID,
-			Handler:     handler.HandleCNIConfig,
+			CNIPath:        conf.CNIBinDir,
+			NetConfPath:    conf.CNIConfDir,
+			NetNS:          netns,
+			Args:           os.Getenv("CNI_ARGS"),
+			CapabilityArgs: os.Getenv("CAP_ARGS"),
+			IfName:         conf.CNIIfname,
+			Cmd:            c.String("command"),
+			ContainerID:    state.ID,
+			Handler:        handler.HandleCNIConfig,
 		}
 
 		log.Infof("[hook] docker-cni running: %+v", cniToolConfig)

cni/cniitool.go cni/cnitool.gocni/cniitool.go renamed to cni/cnitool.go

@@ -3,6 +3,7 @@ package cni
 
 import (
 	"context"
+	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"path/filepath"
@@ -21,14 +22,15 @@ const (
 
 // CNIToolConfig .
 type CNIToolConfig struct {
-	CNIPath     string `json:"cni_path"`
-	NetConfPath string `json:"net_conf_path"`
-	NetNS       string `json:"net_ns"`
-	Args        string `json:"args"`
-	IfName      string `json:"if_name"`
-	Cmd         string `json:"cmd"`
-	ContainerID string `json:"container_id"`
-	Handler     func([]byte) ([]byte, error)
+	CNIPath        string `json:"cni_path"`
+	NetConfPath    string `json:"net_conf_path"`
+	NetNS          string `json:"net_ns"`
+	Args           string `json:"args"`
+	CapabilityArgs string `json:"capability_args"`
+	IfName         string `json:"if_name"`
+	Cmd            string `json:"cmd"`
+	ContainerID    string `json:"container_id"`
+	Handler        func([]byte) ([]byte, error)
 }
 
 func parseArgs(args string) ([][2]string, error) {
@@ -144,13 +146,21 @@ func Run(config CNIToolConfig) error {
 		}
 	}
 
+	var capabilityArgs map[string]interface{}
+	if len(config.CapabilityArgs) > 0 {
+		if err = json.Unmarshal([]byte(config.CapabilityArgs), &capabilityArgs); err != nil {
+			return err
+		}
+	}
+
 	cninet := libcni.NewCNIConfig(filepath.SplitList(config.CNIPath), nil)
 
 	rt := &libcni.RuntimeConf{
-		ContainerID: config.ContainerID,
-		NetNS:       config.NetNS,
-		IfName:      config.IfName,
-		Args:        cniArgs,
+		ContainerID:    config.ContainerID,
+		NetNS:          config.NetNS,
+		IfName:         config.IfName,
+		Args:           cniArgs,
+		CapabilityArgs: capabilityArgs,
 	}
 
 	switch config.Cmd {

handler/cni/create.go

@@ -1,6 +1,8 @@
 package cni
 
 import (
+	"encoding/json"
+	"fmt"
 	"strings"
 
 	"github.com/projecteru2/docker-cni/config"
@@ -19,16 +21,29 @@ func (h *CNIHandler) HandleCreate(conf config.Config, containerMeta *oci.Contain
 
 func (h *CNIHandler) AddCNIStartHook(conf config.Config, containerMeta *oci.ContainerMeta) (err error) {
 	env := []string{}
-	cniArgs := []string{"IgnoreUnknown=true"}
+	cniArgs := []string{
+		"IgnoreUnknown=true",
+		"K8S_POD_NAMESPACE=default",
+		fmt.Sprintf("K8S_POD_NAME=%s", containerMeta.ID),
+	}
 	if containerMeta.RequiresSpecificIPPool() {
 		cniArgs = append(cniArgs, "IPPOOL="+containerMeta.SpecificIPPool())
 	}
 	if containerMeta.RequiresSpecificIP() {
 		cniArgs = append(cniArgs, "IP="+containerMeta.SpecificIP())
 	}
-	if len(cniArgs) != 0 {
-		env = append(env, "CNI_ARGS="+strings.Join(cniArgs, ";"))
+	env = append(env, "CNI_ARGS="+strings.Join(cniArgs, ";"))
+
+	if containerMeta.RequiresFixedIP() {
+		capArgs := map[string]map[string]string{
+			"io.kubernetes.cri.pod-annotations": {
+				"shopee.com/cni.ip-mod": "static",
+			},
+		}
+		capArgsJson, _ := json.Marshal(capArgs)
+		env = append(env, "CAP_ARGS="+string(capArgsJson))
 	}
+
 	containerMeta.AppendHook("prestart",
 		conf.BinPathname,
 		[]string{conf.BinPathname, "cni", "--config", conf.Filename, "--command", "add"}, // args

oci/container.go

@@ -34,7 +34,7 @@ func (c *ContainerMeta) Save() (err error) {
 	return errors.WithStack(ioutil.WriteFile(c.BundlePath, data, 0644))
 }
 
-func (c ContainerMeta) SpecificIP() string {
+func (c *ContainerMeta) SpecificIP() string {
 	for _, env := range c.Process.Env {
 		parts := strings.Split(env, "=")
 		if len(parts) == 2 && parts[0] == "IPV4" && parts[1] != "" {
@@ -44,11 +44,11 @@ func (c ContainerMeta) SpecificIP() string {
 	return ""
 }
 
-func (c ContainerMeta) RequiresSpecificIP() bool {
+func (c *ContainerMeta) RequiresSpecificIP() bool {
 	return c.SpecificIP() != ""
 }
 
-func (c ContainerMeta) SpecificIPPool() string {
+func (c *ContainerMeta) SpecificIPPool() string {
 	for _, env := range c.Process.Env {
 		parts := strings.Split(env, "=")
 		if len(parts) == 2 && parts[0] == "IPPOOL" && parts[1] != "" {
@@ -58,6 +58,16 @@ func (c ContainerMeta) SpecificIPPool() string {
 	return ""
 }
 
-func (c ContainerMeta) RequiresSpecificIPPool() bool {
+func (c *ContainerMeta) RequiresSpecificIPPool() bool {
 	return c.SpecificIPPool() != ""
 }
+
+func (c *ContainerMeta) RequiresFixedIP() bool {
+	for _, env := range c.Process.Env {
+		parts := strings.Split(env, "=")
+		if len(parts) == 2 && parts[0] == "FIXED_IP" && parts[1] != "0" {
+			return true
+		}
+	}
+	return false
+}