Skip to content
This repository has been archived by the owner on Mar 9, 2022. It is now read-only.

Fix portforward for host network. #739

Merged
merged 2 commits into from
Apr 18, 2018
Merged

Fix portforward for host network. #739

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5cb4744
Fix portforward for host network.
Random-Liu Apr 17, 2018
d970636
Update CRI validation test to include hostnet portforward test.
Random-Liu Apr 18, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion hack/utils.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"/..

# Not from vendor.conf.
CRITOOL_VERSION=f6ed14e642ed2d514501afea7b5ac3d07f3a4150
CRITOOL_VERSION=db53d78569a8116fff1f60366a8de3130e767eeb
CRITOOL_PKG=github.com/kubernetes-incubator/cri-tools
CRITOOL_REPO=github.com/kubernetes-incubator/cri-tools

Expand Down
27 changes: 21 additions & 6 deletions pkg/server/sandbox_portforward.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,8 +53,23 @@ func (c *criService) portForward(id string, port int32, stream io.ReadWriteClose
if err != nil {
return errors.Wrapf(err, "failed to find sandbox %q in store", id)
}
if s.NetNS == nil || s.NetNS.Closed() {
return errors.Errorf("network namespace for sandbox %q is closed", id)
var netNSDo func(func(ns.NetNS) error) error
// netNSPath is the network namespace path for logging.
var netNSPath string
securityContext := s.Config.GetLinux().GetSecurityContext()
hostNet := securityContext.GetNamespaceOptions().GetNetwork() == runtime.NamespaceMode_NODE
if !hostNet {
if s.NetNS == nil || s.NetNS.Closed() {
return errors.Errorf("network namespace for sandbox %q is closed", id)
}
netNSDo = s.NetNS.GetNs().Do
netNSPath = s.NetNS.GetPath()
} else {
// Run the function directly for host network.
netNSDo = func(do func(_ ns.NetNS) error) error {
return do(nil)
}
netNSPath = "host"
}

socat, err := exec.LookPath("socat")
Expand All @@ -65,8 +80,8 @@ func (c *criService) portForward(id string, port int32, stream io.ReadWriteClose
// Check https://linux.die.net/man/1/socat for meaning of the options.
args := []string{socat, "-", fmt.Sprintf("TCP4:localhost:%d", port)}

logrus.Infof("Executing port forwarding command %q in network namespace %q", strings.Join(args, " "), s.NetNS.GetPath())
err = s.NetNS.GetNs().Do(func(_ ns.NetNS) error {
logrus.Infof("Executing port forwarding command %q in network namespace %q", strings.Join(args, " "), netNSPath)
err = netNSDo(func(_ ns.NetNS) error {
cmd := exec.Command(args[0], args[1:]...)
cmd.Stdout = stream

Expand Down Expand Up @@ -95,12 +110,12 @@ func (c *criService) portForward(id string, port int32, stream io.ReadWriteClose
}()

if err := cmd.Run(); err != nil {
return errors.Errorf("nsenter command returns error: %v, stderr: %q", err, stderr.String())
return errors.Errorf("socat command returns error: %v, stderr: %q", err, stderr.String())
}
return nil
})
if err != nil {
return errors.Wrapf(err, "failed to execute portforward in network namespace %s", s.NetNS.GetPath())
return errors.Wrapf(err, "failed to execute portforward in network namespace %q", netNSPath)
}
logrus.Infof("Finish port forwarding for %q port %d", id, port)

Expand Down