-
Notifications
You must be signed in to change notification settings - Fork 797
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
host-device: use temp network namespace for rename #1073
Conversation
12cb704
to
e23a29e
Compare
9d0a6aa
to
49e807e
Compare
49e807e
to
a75d829
Compare
Rebased on main, removed go version bump |
5c6ae75
to
d97a084
Compare
Rebased on main |
Maybe @squeed you have some time to review this ? |
d97a084
to
0c69818
Compare
Rebased |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't have not so much time to review whole code, but I'm wondering that when temp network namespace is deleted, created by Unshare()?
tempNS.Close()
just closes the netns handle(i.e. inode) in process, not remove netns. (currently pkg/ns/ns_linux.go
is not designed to create/delete network ns, actually. Just manipulate 'already created' netns).
I would expect CNI plugins to execute on servers and not desktops. The auto-detection of new interfaces (i.e. detecting and managing them) is supposed to be disabled on servers that use NM. Can that be an alternative solution? |
I'm already using |
I think the basic is setting the The proposed solution you provided to overcome the problem is innovative, but at the same time feels a bit hacky. It attempts to overcome a problem of NM & udev, which a general CNI should not care about. If the workaround is accepted here, then at the minimum I would suggest to have an open bug on the NM project, asking to solve it there and ref in the code. I.e. making the current solution temporary. |
Agreed that NM should do better, but the bug is 3 weeks old and still waiting for triage.
My fix also leads to less udev events / rules execution, so I really don't see it as a workaround |
I see it as a workaround because it fixes a problem of a different component. I.e. the CNI needs to take into account the host OS configuration and components. The cost of changing this CNI and supporting the added logic is not easier (or faster) than fixing the root cause. |
0c69818
to
065d805
Compare
Depending on how you write your udev rules they might be impacted as well, for example if you do negative matches Fast rename is also problematic for udev alone, and race condition are always fun to debug
it's the same number of steps With temp name:
With temp namespace:
|
3761ba9
to
e530620
Compare
Honestly, this makes sense to me. I understand that NM changes can take far too long to roll out, especially when there is no appreciable workaround. Personally, I'm in favor of this PR. It's not like namespaces are so expensive. IIRC there have been other issues regarding "churn" as the host-network device is reconfigured, so this seems like a reasonable change. |
Using a temporary name / doing a fast rename causes some race conditions with udev and NetworkManager: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1599 Signed-off-by: Etienne Champetier <[email protected]>
e530620
to
63adc04
Compare
@squeed as it make sense to you, any chance you can review this PR ? |
Ok, this argument is convincing. |
This as been approved by @squeed for a week, ready for review for a good month, how can we move forward ? |
@champtar we’ll be cutting a release in a week or so, this will get in. |
Discussed in person, PR is Ok to merge.
Using a temporary name / doing a fast rename causes some race conditions with udev and NetworkManager: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1599
Fixes #1072