api,adaptation,generate: allow adjusting linux net devices.

Allow adding and removing container linux net devices.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>

Author: klihub

pkg/adaptation/adaptation_suite_test.go

@@ -514,6 +514,17 @@ var _ = Describe("Plugin container creation adjustments", func() {
 				},
 			)
 
+		case "linux net device":
+			if overwrite {
+				a.RemoveLinuxNetDevice("hostIf")
+			}
+			a.AddLinuxNetDevice(
+				"hostIf",
+				&api.LinuxNetDevice{
+					Name: "containerIf",
+				},
+			)
+
 		case "resources/cpu":
 			a.SetLinuxCPUShares(123)
 			a.SetLinuxCPUQuota(456)
@@ -700,6 +711,17 @@ var _ = Describe("Plugin container creation adjustments", func() {
 					},
 				},
 			),
+			Entry("adjust linux net devices", "linux net device",
+				&api.ContainerAdjustment{
+					Linux: &api.LinuxContainerAdjustment{
+						NetDevices: map[string]*api.LinuxNetDevice{
+							"hostIf": {
+								Name: "containerIf",
+							},
+						},
+					},
+				},
+			),
 			Entry("adjust CPU resources", "resources/cpu",
 				&api.ContainerAdjustment{
 					Linux: &api.LinuxContainerAdjustment{
@@ -921,6 +943,19 @@ var _ = Describe("Plugin container creation adjustments", func() {
 				},
 			),
 			Entry("adjust resources", "resources/classes", false, true, nil),
+			Entry("adjust linux net devices", "linux net device", true, false,
+				&api.ContainerAdjustment{
+					Linux: &api.LinuxContainerAdjustment{
+						NetDevices: map[string]*api.LinuxNetDevice{
+							"-hostIf": nil,
+							"hostIf": {
+								Name: "containerIf",
+							},
+						},
+					},
+				},
+			),
+			Entry("adjust linux net devices (conflicts)", "linux net device", false, true, nil),
 		)
 	})
 

pkg/adaptation/api.go

@@ -89,6 +89,7 @@ type (
 	LinuxMemory              = api.LinuxMemory
 	LinuxDevice              = api.LinuxDevice
 	LinuxDeviceCgroup        = api.LinuxDeviceCgroup
+	LinuxNetDevice           = api.LinuxNetDevice
 	CDIDevice                = api.CDIDevice
 	HugepageLimit            = api.HugepageLimit
 	Hooks                    = api.Hooks

pkg/adaptation/result.go

@@ -78,6 +78,9 @@ func collectCreateContainerResult(request *CreateContainerRequest) *result {
 	if request.Container.Linux.Resources.Unified == nil {
 		request.Container.Linux.Resources.Unified = map[string]string{}
 	}
+	if request.Container.Linux.NetDevices == nil {
+		request.Container.Linux.NetDevices = map[string]*LinuxNetDevice{}
+	}
 
 	return &result{
 		request: resultRequest{
@@ -99,6 +102,7 @@ func collectCreateContainerResult(request *CreateContainerRequest) *result {
 						HugepageLimits: []*HugepageLimit{},
 						Unified:        map[string]string{},
 					},
+					NetDevices: map[string]*LinuxNetDevice{},
 				},
 			},
 		},
@@ -221,6 +225,9 @@ func (r *result) adjust(rpl *ContainerAdjustment, plugin string) error {
 		if err := r.adjustOomScoreAdj(rpl.Linux.OomScoreAdj, plugin); err != nil {
 			return err
 		}
+		if err := r.adjustLinuxNetDevices(rpl.Linux.NetDevices, plugin); err != nil {
+			return err
+		}
 	}
 	if err := r.adjustRlimits(rpl.Rlimits, plugin); err != nil {
 		return err
@@ -786,6 +793,41 @@ func (r *result) adjustRlimits(rlimits []*POSIXRlimit, plugin string) error {
 	return nil
 }
 
+func (r *result) adjustLinuxNetDevices(devices map[string]*LinuxNetDevice, plugin string) error {
+	if len(devices) == 0 {
+		return nil
+	}
+
+	create, id := r.request.create, r.request.create.Container.Id
+	del := map[string]struct{}{}
+	for k := range devices {
+		if key, marked := IsMarkedForRemoval(k); marked {
+			del[key] = struct{}{}
+			delete(devices, k)
+		}
+	}
+
+	for k, v := range devices {
+		if _, ok := del[k]; ok {
+			r.owners.ClearLinuxNetDevice(id, k, plugin)
+			delete(create.Container.Linux.NetDevices, k)
+			r.reply.adjust.Linux.NetDevices[MarkForRemoval(k)] = nil
+		}
+		if err := r.owners.ClaimLinuxNetDevice(id, k, plugin); err != nil {
+			return err
+		}
+		create.Container.Linux.NetDevices[k] = v
+		r.reply.adjust.Linux.NetDevices[k] = v
+		delete(del, k)
+	}
+
+	for k := range del {
+		r.reply.adjust.Linux.NetDevices[MarkForRemoval(k)] = nil
+	}
+
+	return nil
+}
+
 func (r *result) updateResources(reply, u *ContainerUpdate, plugin string) error {
 	if u.Linux == nil || u.Linux.Resources == nil {
 		return nil

pkg/api/adjustment.go

@@ -147,6 +147,24 @@ func (a *ContainerAdjustment) AddCDIDevice(d *CDIDevice) {
 	a.CDIDevices = append(a.CDIDevices, d) // TODO: should we dup d here ?
 }
 
+// AddLinuxNetDevice records the addition of the given network device to a container.
+func (a *ContainerAdjustment) AddLinuxNetDevice(hostDev string, d *LinuxNetDevice) {
+	if d == nil {
+		return
+	}
+	a.initLinuxNetDevices()
+	a.Linux.NetDevices[hostDev] = d
+}
+
+// RemoveNetLinuxDevice records the removal of a network device from a container.
+// Normally it is an error for a plugin to try and alter a network device
+// touched by another container. However, this is not an error if
+// the plugin removes that device prior to touching it.
+func (a *ContainerAdjustment) RemoveLinuxNetDevice(hostDev string) {
+	a.initLinuxNetDevices()
+	a.Linux.NetDevices[MarkForRemoval(hostDev)] = nil
+}
+
 // SetLinuxMemoryLimit records setting the memory limit for a container.
 func (a *ContainerAdjustment) SetLinuxMemoryLimit(value int64) {
 	a.initLinuxResourcesMemory()
@@ -345,3 +363,10 @@ func (a *ContainerAdjustment) initLinuxResourcesUnified() {
 		a.Linux.Resources.Unified = make(map[string]string)
 	}
 }
+
+func (a *ContainerAdjustment) initLinuxNetDevices() {
+	a.initLinux()
+	if a.Linux.NetDevices == nil {
+		a.Linux.NetDevices = make(map[string]*LinuxNetDevice)
+	}
+}