Comments (10)
from network-resources-injector.
NB: For Mellanox VF PCI devices, the identification problem can be solved as these are always bound to their kernel driver and visible as network devices in the pod namespace, even when used as DPDK interfaces. A simple call to "ethtool -i" reveals the PCI address:
testpmd0:~ # ethtool -i net1
driver: mlx5_core
version: 4.7-3.2.9
firmware-version: 16.26.4012 (MT_0000000012)
expansion-rom-version:
bus-info: 0000:18:00.2
But Intel SRIOV VFs configured for DPDK use are bound to vfio_pci or similar driver and not visible as netdevs. Today containers must rely on the environment variables provided by the device plugin to identify the assigned PCI devices.
from network-resources-injector.
I don't know if there is any easy way for Multus to update env var for container/pod.
Another approach might be to have Multus update the mapping between NAD and DeviceID in pod network-status annotation and use downward API volume to map pod annotation to container/pod as file or env variable. Application can parse the mapped file or env variable to get the right info.
from network-resources-injector.
@zshi-redhat: Could Multus still add pod annotations when executing? Through the kubeclient? And yes, would such updated pod annotations be visible to the containers through the downward API volume?
from network-resources-injector.
@zshi-redhat: Could Multus still add pod annotations when executing? Through the kubeclient? And yes, would such updated pod annotations be visible to the containers through the downward API volume?
Yes, that's how Multus publishes network-status to pod annotation, through kubeclient.
If downward API volume is injected using network-resources-injecotr, then pod annotation will be continuously updated to container via downward API.
from network-resources-injector.
@zshi-redhat: Could Multus still add pod annotations when executing? Through the kubeclient? And yes, would such updated pod annotations be visible to the containers through the downward API volume?
Yes, that's how Multus publishes network-status to pod annotation, through kubeclient.
If downward API volume is injected using network-resources-injecotr, then pod annotation will be continuously updated to container via downward API.
@zshi-redhat Thanks! Let's propose a PR in multus-cni updating pod annotations for network name to device id(s).
from network-resources-injector.
We looked at the existing network-status annotation. The cleanest way would in our opinion be to add an optional device_id field to the JSON map that Multus could populate if a net-attachment is associated with a PCI device. Is that possible?
We suspect that the network status struct may be governed by the K8sNWPGs type definition (https://github.com/k8snetworkplumbingwg/network-attachment-definition-client/blob/0ee521d560613bfe2d2c775159f93c2413a39db2/pkg/apis/k8s.cni.cncf.io/v1/types.go#L43) and it may be difficult to add a field there. Is that the case?
from network-resources-injector.
Would this patch only update the network status with DeviceID only when explicitly asked for it from NAD?
Because in case of fail over the PCI address would change. So wondering if i have a NAD for SRIOV/DPDK and dont specify the DeviceID can i use these patches to gather the DeviceID to network name mapping
from network-resources-injector.
The spec proposal for adding device id into network status pod annotation is underway in this document . The implementation will follow across components like network-attachment-definition-client, sriov-network-device-plugin, multus-cni and plugins.
once that's available, pod container can see device id assigned to a network through DownwardAPI mount point on network status annotation (/etc/podnetinfo/annotations
directory). NRI already does it.
@JanScheurich can we close this issue ?
from network-resources-injector.
@pperiyasamy Yes, I agree to close this bug with reference to systemized solution agreed in NWPWG.
from network-resources-injector.
Related Issues (20)
- resource not injected in a large K8s cluster HOT 7
- Certificates v1beta1 will no longer be support on k8s release 1.22 HOT 4
- Add stable tag for network resource injector container
- Release network-resources-injector v1.3 HOT 5
- Create a Deployment yaml for network-resource-injector
- Add Helm Chart
- NRI pod restart not handled HOT 3
- Health check for webhook server
- Release of Network resources injector HOT 3
- Too wide permissions given to service accounts
- CI lane is not able to finish the kind deployment HOT 2
- Help understanding webhook client certificates
- New release ? HOT 4
- 'User defined injections' feature does not react on ConfigMap remove HOT 1
- 'User defined injections' feature removes defined network annotations HOT 2
- create new release HOT 4
- User Defined Injections - does not take into account json path operation HOT 2
- User Defined Injections - injects only one property
- Can Network-Resources-Injector(NRI) to be deployed as a deployment HOT 2
- Resources limit and requests are added only to first container inside POD HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from network-resources-injector.