Interconnection with the CNI Network
Overview
The container runtime interface (CRI) is provided to connect to the CNI network, including parsing the CNI network configuration file and adding or removing a pod to or from the CNI network. When a pod needs to support a network through a container network plug-in such as Canal, the CRI needs to be interconnected to Canal so as to provide the network capability for the pod.
Common CNIs
Common CNIs include CNI network configuration items in the CNI network configuration and pod configuration. These CNIs are visible to users.
- CNI network configuration items in the CNI network configuration refer to those used to specify the path of the CNI network configuration file, path of the binary file of the CNI network plug-in, and network mode. For details, see Table 1.
- CNI network configuration items in the pod configuration refer to those used to set the additional CNI network list to which the pod is added. By default, the pod is added only to the default CNI network plane. You can add the pod to multiple CNI network planes as required.
Table 1 CNI network configuration items
Additional CNI network configuration mode:
Add the network plane configuration item "network.alpha.kubernetes.io/network" to annotations in the pod configuration file.
The network plane is configured in JSON format, including:
- name: specifies the name of the CNI network plane.
- interface: specifies the name of a network interface.
The following is an example of the CNI network configuration method:
"annotations" : {
"network.alpha.kubernetes.io/network": "{\"name\": \"mynet\", \"interface\": \"eth1\"}"
}
CNI Network Configuration Description
The CNI network configuration includes two types, both of which are in the .json file format.
- Single-network plane configuration file with the file name extension .conf or .json. For details about the configuration items, see Table 1 in the appendix.
- Multi-network plane configuration file with the file name extension .conflist. For details about the configuration items, see Table 3 in the appendix.
Adding a Pod to the CNI Network List
If --network-plugin=cni is configured for iSulad and the default network plane is configured, a pod is automatically added to the default network plane when the pod is started. If the additional network configuration is configured in the pod configuration, the pod is added to these additional network planes when the pod is started.
port_mappings in the pod configuration is also a network configuration item, which is used to set the port mapping of the pod. To set port mapping, perform the following steps:
"port_mappings":[
{
"protocol": 1,
"container_port": 80,
"host_port": 8080
}
]
- protocol: protocol used for mapping. The value can be tcp (identified by 0) or udp (identified by 1).
- container_port: port through which the container is mapped.
- host_port: port mapped to the host.
Removing a Pod from the CNI Network List
When StopPodSandbox is called, the interface for removing a pod from the CNI network list will be called to clear network resources.
NOTE:
- Before calling the RemovePodSandbox interface, you must call the StopPodSandbox interface at least once.
- If StopPodSandbox fails to call the CNI, residual network resources may exist.
Usage Restrictions
- Currently, only CNI 0.3.0 and CNI 0.3.1 are supported. In later versions, CNI 0.1.0 and CNI 0.2.0 may need to be supported. Therefore, when error logs are displayed, the information about CNI 0.1.0 and CNI 0.2.0 is reserved.
- name: The value must contain lowercase letters, digits, hyphens (-), and periods (.) and cannot be started or ended with a hyphen or period. The value can contain a maximum of 200 characters.
- The number of configuration files cannot exceed 200, and the size of a single configuration file cannot exceed 1 MB.
- The extended parameters need to be configured based on the actual network requirements. Optional parameters do not need to be written into the netconf.json file.