Fix Network Namespace Bug For Ctr (microsoft#1270)

If you try and run a hypervisor isolated container through ctr (.\ctr.exe run --runtime io.containerd.runhcs.v1 --rm --isolated mcr.microsoft.com/windows/nanoserver:1809 xenon-test cmd /c "echo Hello World!") currently you'll get "ctr: failure while creating namespace for container: network namespace not found: unknown". The normal path through ctr is no network namespace is passed, so our shim will try and make one. The namespace was being created via `hns.CreateNamespace` which stores the ID of the namespace in all caps, however later on in the process when we go to add the namespace to the uvm we re-grab a namespace object via `hcn.GetNamespaceByID` which populates the Id field in all lowercase. When we originally store the namespace in our map of known namespaces we use the hns packages casing, and when we go to add any endpoints to the vm (there shouldn't be any anyways if we went through ctr and didn't provide --cni) then we'll fail to find the namespace due to a casing mismatch. We already create the namespace for cri interactions with the hcn package so this truthfully brings this fallback path in line. Signed-off-by: Daniel Canter <dcanter@microsoft.com>
princepereira · Feb 9, 2022 · c0e1991 · c0e1991
1 parent a314896
commit c0e1991
Showing 1 changed file with 7 additions and 7 deletions.
diff --git a/hcsoci/network.go b/hcsoci/network.go
@@ -3,7 +3,7 @@ package hcsoci
 import (
  "context"
 
- "github.com/Microsoft/hcsshim/internal/hns"
+ "github.com/Microsoft/hcsshim/hcn"
  "github.com/Microsoft/hcsshim/internal/log"
  "github.com/Microsoft/hcsshim/internal/logfields"
  "github.com/Microsoft/hcsshim/internal/resources"
@@ -19,31 +19,31 @@ func createNetworkNamespace(ctx context.Context, coi *createOptionsInternal, r *
  l.Debug(op + " - End")
  }()
 
- netID, err := hns.CreateNamespace()
+ ns, err := hcn.NewNamespace("").Create()
  if err != nil {
  return err
  }
 
  log.G(ctx).WithFields(logrus.Fields{
- "netID": netID,
+ "netID": ns.Id,
  logfields.ContainerID: coi.ID,
  }).Info("created network namespace for container")
 
- r.SetNetNS(netID)
+ r.SetNetNS(ns.Id)
  r.SetCreatedNetNS(true)
 
  endpoints := make([]string, 0)
  for _, endpointID := range coi.Spec.Windows.Network.EndpointList {
- err = hns.AddNamespaceEndpoint(netID, endpointID)
+ err = hcn.AddNamespaceEndpoint(ns.Id, endpointID)
  if err != nil {
  return err
  }
  log.G(ctx).WithFields(logrus.Fields{
- "netID": netID,
+ "netID": ns.Id,
  "endpointID": endpointID,
  }).Info("added network endpoint to namespace")
  endpoints = append(endpoints, endpointID)
  }
- r.Add(&uvm.NetworkEndpoints{EndpointIDs: endpoints, Namespace: netID})
+ r.Add(&uvm.NetworkEndpoints{EndpointIDs: endpoints, Namespace: ns.Id})
  return nil
 }