2024-06-15 –, D105 (capacity 300)
CNI prides itself on doing just a few things right. It pretty much consists of a specification, and libraries for writing plugins to configure network interfaces in Linux containers. A lot of things are implementation specific - meaning, each plugin has a different understanding of what a configured interface should look like.
It does have some real short-comings; how do you know if the plugin is ready to actually configure an interface? How do you tear-down the interface’s allocated resources - when the container is deleted? IP Address management (IPAM) allocated resources are a good example – if you don’t do it properly you can leave an address stranded like Robinson Crusoe.
Up to now… That garbage collection would be up to the plugin. So your teeny tiny CNI plugin - which was thought of as something to run on a single binary on the host file-system - is now bloated to a daemon process to provide a reconcile cycle to teardown the resources depending on its use cases. Likewise when you need to know if the plugin is ready to do its thing.
Fear not, young grasshopper! The CNI maintainers have got your back and added two new verbs to the CNI spec (and libraries): STATUS - which signals if the plugin is ready - and GC - which helps to garbage collect the resources allocated by the plugin.
Join us in this talk where we showcase these two new verbs, providing a demo, and examples of plugin implementations of these new features.
Miguel is a Principal Software Engineer for OpenShift Virtualization, working at Red Hat since 2018.
His main interests are SDN / NFV, functional programming, containers and virtualization.
Miguel is a member of the Network Plumbing Working Group, a maintainer of several CNI plugins (whereabouts, macvtap), and a contributor to some others (ovn-kubernetes, multus).
Doug Smith is a Principal Software Engineer for OpenShift Engineering at Red Hat. Focusing on Network Function Virtualization and container technologies, Doug integrates new networking technologies with container systems like Kubernetes and OpenShift. He is a member of the Network Plumbing Working Group and a contributor to OpenShift, Multus, and NFV-related projects.