From 28d84262ab8c1390ee15da6adb0f69aac5a61801 Mon Sep 17 00:00:00 2001 From: Periyasamy Palanisamy Date: Wed, 8 Sep 2021 11:28:17 +0200 Subject: [PATCH 1/2] use stored container netns id when mech netns id is invalid Signed-off-by: Periyasamy Palanisamy --- pkg/kernel/networkservice/inject/common.go | 13 +++++++++---- pkg/kernel/networkservice/vfconfig/metadata.go | 4 ++++ 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/pkg/kernel/networkservice/inject/common.go b/pkg/kernel/networkservice/inject/common.go index 7334a69a..c8df718c 100644 --- a/pkg/kernel/networkservice/inject/common.go +++ b/pkg/kernel/networkservice/inject/common.go @@ -75,6 +75,11 @@ func move(ctx context.Context, conn *networkservice.Connection, isClient, isMove return nil } + vfConfig, ok := vfconfig.Load(ctx, isClient) + if !ok { + return nil + } + hostNetNS, err := nshandle.Current() if err != nil { return err @@ -86,15 +91,15 @@ func move(ctx context.Context, conn *networkservice.Connection, isClient, isMove if err != nil { return err } + if !contNetNS.IsOpen() && isMoveBack { + contNetNS = vfConfig.ContNetNS + } defer func() { _ = contNetNS.Close() }() - vfConfig, ok := vfconfig.Load(ctx, isClient) - if !ok { - return nil - } ifName := mech.GetInterfaceName() if !isMoveBack { err = moveToContNetNS(vfConfig, ifName, hostNetNS, contNetNS) + vfConfig.ContNetNS = contNetNS } else { err = moveToHostNetNS(vfConfig, ifName, hostNetNS, contNetNS) } diff --git a/pkg/kernel/networkservice/vfconfig/metadata.go b/pkg/kernel/networkservice/vfconfig/metadata.go index ef08d9c0..27271968 100644 --- a/pkg/kernel/networkservice/vfconfig/metadata.go +++ b/pkg/kernel/networkservice/vfconfig/metadata.go @@ -22,6 +22,8 @@ package vfconfig import ( "context" + "github.com/vishvananda/netns" + "github.com/networkservicemesh/sdk/pkg/networkservice/utils/metadata" ) @@ -37,6 +39,8 @@ type VFConfig struct { VFPCIAddress string // VFNum is a VF num for the parent PF VFNum int + // ContNetNS is a container netns id on which VF is attached + ContNetNS netns.NsHandle } // Store sets the VFConfig stored in per Connection.Id metadata. From f981f520023adc743babfed41f8879e487ddab39 Mon Sep 17 00:00:00 2001 From: Periyasamy Palanisamy Date: Thu, 9 Sep 2021 09:26:18 +0200 Subject: [PATCH 2/2] keep nse container net ns open until close is done Signed-off-by: Periyasamy Palanisamy --- pkg/kernel/networkservice/inject/common.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/pkg/kernel/networkservice/inject/common.go b/pkg/kernel/networkservice/inject/common.go index c8df718c..9dcd8165 100644 --- a/pkg/kernel/networkservice/inject/common.go +++ b/pkg/kernel/networkservice/inject/common.go @@ -94,7 +94,13 @@ func move(ctx context.Context, conn *networkservice.Connection, isClient, isMove if !contNetNS.IsOpen() && isMoveBack { contNetNS = vfConfig.ContNetNS } - defer func() { _ = contNetNS.Close() }() + + // keep NSE container's net ns open until connection close is done,. + // this would properly move back VF into host net namespace even when + // container is accidentally deleted before close. + if !isClient || isMoveBack { + defer func() { _ = contNetNS.Close() }() + } ifName := mech.GetInterfaceName() if !isMoveBack {