From 8fe803a84d860f24b7a281235feb7836405bee6a Mon Sep 17 00:00:00 2001 From: hc-github-team-nomad-core <82989552+hc-github-team-nomad-core@users.noreply.github.com> Date: Mon, 16 Dec 2024 14:58:58 +0000 Subject: [PATCH] Backport of CNI: use tmpfs location for ipam plugin into release/1.9.x (#24681) Co-authored-by: Tim Gross --- .changelog/24650.txt | 3 +++ client/allocrunner/cni/bridge.go | 7 ++++--- client/allocrunner/cni/plugins.go | 7 ++++--- client/allocrunner/test_fixtures/bad_input.conflist.json | 3 ++- client/allocrunner/test_fixtures/consul-cni.conflist.json | 3 ++- client/allocrunner/test_fixtures/empty.conflist.json | 3 ++- client/allocrunner/test_fixtures/hairpin.conflist.json | 3 ++- client/allocrunner/test_fixtures/ipv6.conflist.json | 3 ++- 8 files changed, 21 insertions(+), 11 deletions(-) create mode 100644 .changelog/24650.txt diff --git a/.changelog/24650.txt b/.changelog/24650.txt new file mode 100644 index 00000000000..5efb4f2330e --- /dev/null +++ b/.changelog/24650.txt @@ -0,0 +1,3 @@ +```release-note:bug +networking: use a tmpfs location for the state of CNI IPAM plugin used by bridge mode, to fix a bug where allocations would fail to restore after host reboot +``` diff --git a/client/allocrunner/cni/bridge.go b/client/allocrunner/cni/bridge.go index 91b438b8e59..5889c2f510d 100644 --- a/client/allocrunner/cni/bridge.go +++ b/client/allocrunner/cni/bridge.go @@ -58,9 +58,10 @@ func NewNomadBridgeConflist(conf NomadBridgeConfig) Conflist { ForceAddress: true, HairpinMode: conf.HairpinMode, Ipam: IPAM{ - Type: "host-local", - Ranges: ipRanges, - Routes: ipRoutes, + Type: "host-local", + Ranges: ipRanges, + Routes: ipRoutes, + DataDir: "/var/run/cni", }, }, Firewall{ diff --git a/client/allocrunner/cni/plugins.go b/client/allocrunner/cni/plugins.go index 091208ca3ba..f31ff9dd605 100644 --- a/client/allocrunner/cni/plugins.go +++ b/client/allocrunner/cni/plugins.go @@ -20,9 +20,10 @@ type Bridge struct { Ipam IPAM `json:"ipam"` } type IPAM struct { - Type string `json:"type"` - Ranges [][]Range `json:"ranges"` - Routes []Route `json:"routes"` + Type string `json:"type"` + Ranges [][]Range `json:"ranges"` + Routes []Route `json:"routes"` + DataDir string `json:"dataDir"` } type Range struct { Subnet string `json:"subnet"` diff --git a/client/allocrunner/test_fixtures/bad_input.conflist.json b/client/allocrunner/test_fixtures/bad_input.conflist.json index f9c9be906ce..9b2bb2fc990 100644 --- a/client/allocrunner/test_fixtures/bad_input.conflist.json +++ b/client/allocrunner/test_fixtures/bad_input.conflist.json @@ -25,7 +25,8 @@ { "dst": "0.0.0.0/0" } - ] + ], + "dataDir": "/var/run/cni" } }, { diff --git a/client/allocrunner/test_fixtures/consul-cni.conflist.json b/client/allocrunner/test_fixtures/consul-cni.conflist.json index 3fe7b270edb..95b7a9c0058 100644 --- a/client/allocrunner/test_fixtures/consul-cni.conflist.json +++ b/client/allocrunner/test_fixtures/consul-cni.conflist.json @@ -25,7 +25,8 @@ { "dst": "0.0.0.0/0" } - ] + ], + "dataDir": "/var/run/cni" } }, { diff --git a/client/allocrunner/test_fixtures/empty.conflist.json b/client/allocrunner/test_fixtures/empty.conflist.json index 484feb44674..7ac34cdf404 100644 --- a/client/allocrunner/test_fixtures/empty.conflist.json +++ b/client/allocrunner/test_fixtures/empty.conflist.json @@ -25,7 +25,8 @@ { "dst": "0.0.0.0/0" } - ] + ], + "dataDir": "/var/run/cni" } }, { diff --git a/client/allocrunner/test_fixtures/hairpin.conflist.json b/client/allocrunner/test_fixtures/hairpin.conflist.json index 1e584c6c115..ba6f276472c 100644 --- a/client/allocrunner/test_fixtures/hairpin.conflist.json +++ b/client/allocrunner/test_fixtures/hairpin.conflist.json @@ -25,7 +25,8 @@ { "dst": "0.0.0.0/0" } - ] + ], + "dataDir": "/var/run/cni" } }, { diff --git a/client/allocrunner/test_fixtures/ipv6.conflist.json b/client/allocrunner/test_fixtures/ipv6.conflist.json index e71afdbe5a7..eb15ada4b12 100644 --- a/client/allocrunner/test_fixtures/ipv6.conflist.json +++ b/client/allocrunner/test_fixtures/ipv6.conflist.json @@ -33,7 +33,8 @@ { "dst": "::/0" } - ] + ], + "dataDir": "/var/run/cni" } }, {