fix: clear host-local IPAM plugins when installing

webmeshproj · Oct 2, 2023 · b264dab · b264dab
1 parent 95bea31
commit b264dab
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 1 deletion.
diff --git a/Makefile b/Makefile
@@ -149,10 +149,11 @@ load: docker ## Load the docker image into the test cluster.
 	$(K3D) image import $(IMG) --cluster $(CLUSTER_NAME)
 
 test-cluster-calico: ## Create a test cluster with Calico installed. This is used for testing the storage provider.
+	curl -JL -o $(LOCALBIN)/calico.yaml https://k3d.io/v5.3.0/usage/advanced/calico.yaml
 	$(K3D) cluster create $(CLUSTER_NAME) \
 		--k3s-arg '--flannel-backend=none@server:*' \
 		--k3s-arg "--disable-network-policy@server:*" \
-		--volume '$(CURDIR)/config/ref/calico.yaml:/var/lib/rancher/k3s/server/manifests/calico.yaml@server:*' \
+		--volume '$(LOCALBIN)/calico.yaml:/var/lib/rancher/k3s/server/manifests/calico.yaml@server:*' \
 
 remove-cluster: ## Remove the test cluster.
 	$(K3D) cluster delete $(CLUSTER_NAME)

diff --git a/deploy/cni/cni.yaml b/deploy/cni/cni.yaml
@@ -106,6 +106,8 @@ spec:
               name: cni-bin-dir
             - mountPath: /host/etc/cni/net.d
               name: cni-net-dir
+            - mountPath: /var/lib/cni/networks
+              name: host-local-net-dir
           securityContext:
             privileged: true
       containers:
@@ -146,3 +148,9 @@ spec:
         - name: cni-net-dir
           hostPath:
             path: /etc/cni/net.d
+        # Mount in the directory for host-local IPAM allocations. This is
+        # used when upgrading from host-local to calico-ipam, and can be removed
+        # if not using the upgrade-ipam init container.
+        - name: host-local-net-dir
+          hostPath:
+            path: /var/lib/cni/networks
diff --git a/internal/cmd/install/install.go b/internal/cmd/install/install.go
@@ -52,6 +52,8 @@ const (
 	APIEndpointReplaceStr = "__KUBERNETES_API_ENDPOINT__"
 	// KubeconfigFilepathReplaceStr is the string that will be replaced in the CNI configuration with the kubeconfig filepath.
 	KubeconfigFilepathReplaceStr = "__KUBECONFIG_FILEPATH__"
+	// HostLocalNetDir is the directory containing host-local CNI plugins. We remove these plugins from the CNI configuration.
+	HostLocalNetDir = "/var/lib/cni/networks"
 	// PluginBinaryName is the name of the plugin binary.
 	PluginBinaryName = "webmesh"
 )
@@ -71,6 +73,12 @@ func Main(version string) {
 		os.Exit(1)
 	}
 	log.Println("using source executable path:", exec)
+	// Clear any local host CNI plugins.
+	log.Println("clearing host-local CNI plugins from", HostLocalNetDir)
+	if err := clearHostLocalNetDir(); err != nil {
+		log.Println("error clearing host-local CNI plugins:", err)
+		os.Exit(1)
+	}
 	// Copy the binary to the destination directory.
 	pluginBin := filepath.Join(os.Getenv(BinaryDestBinEnvVar), PluginBinaryName)
 	log.Println("installing plugin binary to -> ", pluginBin)
@@ -132,6 +140,24 @@ func Main(version string) {
 	log.Println("webmesh-cni install complete")
 }
 
+// clearHostLocalNetDir removes any host-local CNI plugins from the CNI configuration.
+func clearHostLocalNetDir() error {
+	dir, err := os.ReadDir(HostLocalNetDir)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return nil
+		}
+		return fmt.Errorf("error reading host-local CNI directory: %w", err)
+	}
+	for _, file := range dir {
+		err = os.RemoveAll(filepath.Join(HostLocalNetDir, file.Name()))
+		if err != nil {
+			return fmt.Errorf("error removing host-local CNI plugin: %w", err)
+		}
+	}
+	return nil
+}
+
 // installPluginBinary copies the binary to the destination directory.
 func installPluginBinary(src, dest string) error {
 	f, err := os.Open(src)