LTS

    Innovation Version

      Interconnection with the CNI Network

      Overview

      The container runtime interface (CRI) is provided to connect to the CNI network, including parsing the CNI network configuration file and adding or removing a pod to or from the CNI network. When a pod needs to support a network through a container network plug-in such as Canal, the CRI needs to be interconnected to Canal so as to provide the network capability for the pod.

      Common CNIs

      Common CNIs include CNI network configuration items in the CNI network configuration and pod configuration. These CNIs are visible to users.

      • CNI network configuration items in the CNI network configuration refer to those used to specify the path of the CNI network configuration file, path of the binary file of the CNI network plug-in, and network mode. For details, see Table 1.
      • CNI network configuration items in the pod configuration refer to those used to set the additional CNI network list to which the pod is added. By default, the pod is added only to the default CNI network plane. You can add the pod to multiple CNI network planes as required.

      Table 1 CNI network configuration items

      Function

      Command

      Configuration File

      Description

      Path of the binary file of the CNI network plug-in

      --cni-bin-dir

      "cni-bin-dir": "",

      The default value is /opt/cni/bin.

      Path of the CNI network configuration file

      --cni-conf-dir

      "cni-conf-dir": "",

      The system traverses all files with the extension .conf, .conflist, or .json in the directory. The default value is /etc/cni/net.d.

      Network mode

      --network-plugin

      "network-plugin": "",

      Specifies a network plug-in. The value is a null character by default, indicating that no network configuration is available and the created sandbox has only the loop NIC. The CNI and null characters are supported. Other invalid values will cause iSulad startup failure.

      Additional CNI network configuration mode:

      Add the network plane configuration item "network.alpha.kubernetes.io/network" to annotations in the pod configuration file.

      The network plane is configured in JSON format, including:

      • name: specifies the name of the CNI network plane.
      • interface: specifies the name of a network interface.

      The following is an example of the CNI network configuration method:

      "annotations" : {
              "network.alpha.kubernetes.io/network": "{\"name\": \"mynet\", \"interface\": \"eth1\"}"
       }
      

      CNI Network Configuration Description

      The CNI network configuration includes two types, both of which are in the .json file format.

      • Single-network plane configuration file with the file name extension .conf or .json. For details about the configuration items, see Table 1 in the appendix.
      • Multi-network plane configuration file with the file name extension .conflist. For details about the configuration items, see Table 3 in the appendix.

      Adding a Pod to the CNI Network List

      If --network-plugin=cni is configured for iSulad and the default network plane is configured, a pod is automatically added to the default network plane when the pod is started. If the additional network configuration is configured in the pod configuration, the pod is added to these additional network planes when the pod is started.

      port_mappings in the pod configuration is also a network configuration item, which is used to set the port mapping of the pod. To set port mapping, perform the following steps:

      "port_mappings":[
           { 
               "protocol": 1,
               "container_port": 80,
               "host_port": 8080
            }
      ]
      
      • protocol: protocol used for mapping. The value can be tcp (identified by 0) or udp (identified by 1).
      • container_port: port through which the container is mapped.
      • host_port: port mapped to the host.

      Removing a Pod from the CNI Network List

      When StopPodSandbox is called, the interface for removing a pod from the CNI network list will be called to clear network resources.

      NOTE:

      1. Before calling the RemovePodSandbox interface, you must call the StopPodSandbox interface at least once.
      2. If StopPodSandbox fails to call the CNI, residual network resources may exist.

      Usage Restrictions

      • Currently, only CNI 0.3.0 and CNI 0.3.1 are supported. In later versions, CNI 0.1.0 and CNI 0.2.0 may need to be supported. Therefore, when error logs are displayed, the information about CNI 0.1.0 and CNI 0.2.0 is reserved.
      • name: The value must contain lowercase letters, digits, hyphens (-), and periods (.) and cannot be started or ended with a hyphen or period. The value can contain a maximum of 200 characters.
      • The number of configuration files cannot exceed 200, and the size of a single configuration file cannot exceed 1 MB.
      • The extended parameters need to be configured based on the actual network requirements. Optional parameters do not need to be written into the netconf.json file.

      Bug Catching

      Buggy Content

      Bug Description

      Submit As Issue

      It's a little complicated....

      I'd like to ask someone.

      PR

      Just a small problem.

      I can fix it online!

      Bug Type
      Specifications and Common Mistakes

      ● Misspellings or punctuation mistakes;

      ● Incorrect links, empty cells, or wrong formats;

      ● Chinese characters in English context;

      ● Minor inconsistencies between the UI and descriptions;

      ● Low writing fluency that does not affect understanding;

      ● Incorrect version numbers, including software package names and version numbers on the UI.

      Usability

      ● Incorrect or missing key steps;

      ● Missing prerequisites or precautions;

      ● Ambiguous figures, tables, or texts;

      ● Unclear logic, such as missing classifications, items, and steps.

      Correctness

      ● Technical principles, function descriptions, or specifications inconsistent with those of the software;

      ● Incorrect schematic or architecture diagrams;

      ● Incorrect commands or command parameters;

      ● Incorrect code;

      ● Commands inconsistent with the functions;

      ● Wrong screenshots.

      Risk Warnings

      ● Lack of risk warnings for operations that may damage the system or important data.

      Content Compliance

      ● Contents that may violate applicable laws and regulations or geo-cultural context-sensitive words and expressions;

      ● Copyright infringement.

      How satisfied are you with this document

      Not satisfied at all
      Very satisfied
      Submit
      Click to create an issue. An issue template will be automatically generated based on your feedback.
      Bug Catching
      编组 3备份