CNI Plugins Should allow hairpin traffic

[caseydavenport]

Not 100% sure where this goes, but feels like CNI could be the right place to specify that plugins should support, but are not strictly required to support hairpin traffic (if/how each plugin does this will vary, so feels like it belongs in CNI rather than in the runtime).

Perhaps it should be an optional part of the spec, or a convention?

Context being this Kubernetes issue: kubernetes/kubernetes#45790

[cmluciano]

Do any current plugins support hairpin mode?

[caseydavenport]

@cmluciano at least the bridge plugin does: https://github.com/containernetworking/plugins/blob/master/plugins/main/bridge/bridge.go#L46

I think this issue is less strictly about "hairpin mode" than supporting traffic from a container that gets routed back to itself through whatever means that plugin deems appropriate.

[squeed]

We talked about this somewhat at the most recent meeting. It's clear that there are two aspects to this:

1. The spec (or one of the related documents, e.g. conventions) should mention hairpin support
2. The plugins should support hairpin traffic, especially as present in Kubernetes, Mesos, Rkt, etc.,

So there should be specific plugin issues + PRs as needed, and a spec change. In the context of this issue, we were thinking of adding a block to the conventions document that mentions hairpin mode and that plugins SHOULD support traffic being redirected back to the container.

Thoughts on specific wording?

[cmluciano]

That sounds good to me @squeed