8cadff2b79
* CNI: bump to 1.0.1 This commit bumps the declared version of CNI in the Kilo manifests to 1.0.1. This is possible with no changes to the configuration lists because our simple configuration is not affected by any of the deprecations, and there was effectively no change between 0.4.0 and 1.0.0, other than the declaration of a stable API. Similarly, this commit also bumps the version of the CNI library and the plugins package. Bumping to CNI 1.0.0 will help ensure that Kilo stays compatible with container runtimes in the future. Signed-off-by: Lucas Servén Marín <lserven@gmail.com> * vendor: revendor Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
82 lines
2.2 KiB
Go
82 lines
2.2 KiB
Go
// Package netns allows ultra-simple network namespace handling. NsHandles
|
|
// can be retrieved and set. Note that the current namespace is thread
|
|
// local so actions that set and reset namespaces should use LockOSThread
|
|
// to make sure the namespace doesn't change due to a goroutine switch.
|
|
// It is best to close NsHandles when you are done with them. This can be
|
|
// accomplished via a `defer ns.Close()` on the handle. Changing namespaces
|
|
// requires elevated privileges, so in most cases this code needs to be run
|
|
// as root.
|
|
package netns
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"golang.org/x/sys/unix"
|
|
)
|
|
|
|
// NsHandle is a handle to a network namespace. It can be cast directly
|
|
// to an int and used as a file descriptor.
|
|
type NsHandle int
|
|
|
|
// Equal determines if two network handles refer to the same network
|
|
// namespace. This is done by comparing the device and inode that the
|
|
// file descriptors point to.
|
|
func (ns NsHandle) Equal(other NsHandle) bool {
|
|
if ns == other {
|
|
return true
|
|
}
|
|
var s1, s2 unix.Stat_t
|
|
if err := unix.Fstat(int(ns), &s1); err != nil {
|
|
return false
|
|
}
|
|
if err := unix.Fstat(int(other), &s2); err != nil {
|
|
return false
|
|
}
|
|
return (s1.Dev == s2.Dev) && (s1.Ino == s2.Ino)
|
|
}
|
|
|
|
// String shows the file descriptor number and its dev and inode.
|
|
func (ns NsHandle) String() string {
|
|
if ns == -1 {
|
|
return "NS(None)"
|
|
}
|
|
var s unix.Stat_t
|
|
if err := unix.Fstat(int(ns), &s); err != nil {
|
|
return fmt.Sprintf("NS(%d: unknown)", ns)
|
|
}
|
|
return fmt.Sprintf("NS(%d: %d, %d)", ns, s.Dev, s.Ino)
|
|
}
|
|
|
|
// UniqueId returns a string which uniquely identifies the namespace
|
|
// associated with the network handle.
|
|
func (ns NsHandle) UniqueId() string {
|
|
if ns == -1 {
|
|
return "NS(none)"
|
|
}
|
|
var s unix.Stat_t
|
|
if err := unix.Fstat(int(ns), &s); err != nil {
|
|
return "NS(unknown)"
|
|
}
|
|
return fmt.Sprintf("NS(%d:%d)", s.Dev, s.Ino)
|
|
}
|
|
|
|
// IsOpen returns true if Close() has not been called.
|
|
func (ns NsHandle) IsOpen() bool {
|
|
return ns != -1
|
|
}
|
|
|
|
// Close closes the NsHandle and resets its file descriptor to -1.
|
|
// It is not safe to use an NsHandle after Close() is called.
|
|
func (ns *NsHandle) Close() error {
|
|
if err := unix.Close(int(*ns)); err != nil {
|
|
return err
|
|
}
|
|
(*ns) = -1
|
|
return nil
|
|
}
|
|
|
|
// None gets an empty (closed) NsHandle.
|
|
func None() NsHandle {
|
|
return NsHandle(-1)
|
|
}
|