diff options
| author | eduartua <eduartua@gmail.com> | 2019-01-28 16:34:28 -0600 |
|---|---|---|
| committer | eduartua <eduartua@gmail.com> | 2019-01-28 16:34:28 -0600 |
| commit | 1fefac0cee3195b135c87fadfe7ebee0b8d02f0d (patch) | |
| tree | d48083e462687894b8a6e07d2629fb84e6eb065f /contributors/devel/sig-node | |
| parent | 74257bb0e9c7f764eac45d50abf609c25769e3f0 (diff) | |
file kubelet-cri-networking.md was moved to the new sig-node folder - URLs in k/community were updated
Diffstat (limited to 'contributors/devel/sig-node')
| -rw-r--r-- | contributors/devel/sig-node/container-runtime-interface.md | 2 | ||||
| -rw-r--r-- | contributors/devel/sig-node/kubelet-cri-networking.md | 56 |
2 files changed, 57 insertions, 1 deletions
diff --git a/contributors/devel/sig-node/container-runtime-interface.md b/contributors/devel/sig-node/container-runtime-interface.md index 01b9694c..4d9757d9 100644 --- a/contributors/devel/sig-node/container-runtime-interface.md +++ b/contributors/devel/sig-node/container-runtime-interface.md @@ -59,7 +59,7 @@ Below is a mixed list of CRI specifications/requirements, design docs and proposals. We are working on adding more documentation for the API. - [Original proposal](https://github.com/kubernetes/kubernetes/blob/release-1.5/docs/proposals/container-runtime-interface-v1.md) - - [Networking](/contributors/devel/kubelet-cri-networking.md) + - [Networking](kubelet-cri-networking.md) - [Container metrics](cri-container-stats.md) - [Exec/attach/port-forward streaming requests](https://docs.google.com/document/d/1OE_QoInPlVCK9rMAx9aybRmgFiVjHpJCHI9LrfdNM_s/edit?usp=sharing) - [Container stdout/stderr logs](https://github.com/kubernetes/kubernetes/blob/release-1.5/docs/proposals/kubelet-cri-logging.md) diff --git a/contributors/devel/sig-node/kubelet-cri-networking.md b/contributors/devel/sig-node/kubelet-cri-networking.md new file mode 100644 index 00000000..1446e6d3 --- /dev/null +++ b/contributors/devel/sig-node/kubelet-cri-networking.md @@ -0,0 +1,56 @@ +# Container Runtime Interface (CRI) Networking Specifications + +## Introduction +[Container Runtime Interface (CRI)](container-runtime-interface.md) is +an ongoing project to allow container +runtimes to integrate with kubernetes via a newly-defined API. This document +specifies the network requirements for container runtime +interface (CRI). CRI networking requirements expand upon kubernetes pod +networking requirements. This document does not specify requirements +from upper layers of kubernetes network stack, such as `Service`. More +background on k8s networking could be found +[here](http://kubernetes.io/docs/admin/networking/) + +## Requirements +1. Kubelet expects the runtime shim to manage pod's network life cycle. Pod +networking should be handled accordingly along with pod sandbox operations. + * `RunPodSandbox` must set up pod's network. This includes, but is not limited +to allocating a pod IP, configuring the pod's network interfaces and default +network route. Kubelet expects the pod sandbox to have an IP which is +routable within the k8s cluster, if `RunPodSandbox` returns successfully. +`RunPodSandbox` must return an error if it fails to set up the pod's network. +If the pod's network has already been set up, `RunPodSandbox` must skip +network setup and proceed. + * `StopPodSandbox` must tear down the pod's network. The runtime shim +must return error on network tear down failure. If pod's network has +already been torn down, `StopPodSandbox` must skip network tear down and proceed. + * `RemovePodSandbox` may tear down pod's network, if the networking has +not been torn down already. `RemovePodSandbox` must return error on +network tear down failure. + * Response from `PodSandboxStatus` must include pod sandbox network status. +The runtime shim must return an empty network status if it failed +to construct a network status. + +2. User supplied pod networking configurations, which are NOT directly +exposed by the kubernetes API, should be handled directly by runtime +shims. For instance, `hairpin-mode`, `cni-bin-dir`, `cni-conf-dir`, `network-plugin`, +`network-plugin-mtu` and `non-masquerade-cidr`. Kubelet will no longer handle +these configurations after the transition to CRI is complete. +3. Network configurations that are exposed through the kubernetes API +are communicated to the runtime shim through `UpdateRuntimeConfig` +interface, e.g. `podCIDR`. For each runtime and network implementation, +some configs may not be applicable. The runtime shim may handle or ignore +network configuration updates from `UpdateRuntimeConfig` interface. + +## Extensibility +* Kubelet is oblivious to how the runtime shim manages networking, i.e +runtime shim is free to use [CNI](https://github.com/containernetworking/cni), +[CNM](https://github.com/docker/libnetwork/blob/master/docs/design.md) or +any other implementation as long as the CRI networking requirements and +k8s networking requirements are satisfied. +* Runtime shims have full visibility into pod networking configurations. +* As more network feature arrives, CRI will evolve. + +## Related Issues +* Kubelet network plugin for client/server container runtimes [#28667](https://github.com/kubernetes/kubernetes/issues/28667) +* CRI networking umbrella issue [#37316](https://github.com/kubernetes/kubernetes/issues/37316) |