-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
api: add support for NRI-native CDI injection #98
Conversation
/cc |
e8cec5a
to
9aadde9
Compare
This change would make containers/nri-plugins#327 redundant. Is there a way to detect that we're working with a runtime / plugin that supports CDI devices natively? |
cbfdea5
to
c304705
Compare
c304705
to
460b41a
Compare
I rolled this PR actually with that CDI injecting NRI plugin in mind (I mentioned this in the initial review of that plugin PR). The idea was to test/see how we could do native CDI injection through NRI. And, if we're happy enough with the result to merge it, to make the implementation of actual CDI device injection in that plugin much easier. There are both pros and cons with this approach. The pros are
The cons are maybe that it is a bit superficial, as currently the container mutation capabilities offered by NRI are a superset of what is needed for CDI injection.
Currently no other means than checking |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @klihub
This looks fine at a high level now. My last comments are effectively nits or notes on unit test coverage.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
some comments, cheers!
// apply additions to collected adjustments | ||
for _, d := range devices { | ||
if err := r.owners.claimCDIDevice(id, d.Name, plugin); err != nil { | ||
return err |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// TODO: consider support for a higher level management plugin having the cap to adjust, esp. outside k8s scenarios
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you mean to verbatim include that comment here... as a reminder to consider that in the future ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sort of.. suggesting the consideration of a TODO here, not that explicit text, or we can just open an issue though the way issues get removed when the bots are turned on :-)
plugins/device-injector/README.md
Outdated
Devices are annotated using the `cdi-devices.nri.io` annotation key prefix. | ||
The key `cdi-devices.nri.io/container.$CONTAINER_NAME` annotates CDI devices | ||
to be injected into `$CONTAINER_NAME`. The keys `cdi-devices.nri.io` and | ||
`cdi-devices.nri.io/pod` annotate CDI devices to be injected into all |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
reasoning for both with and without /pod?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We've used in some of our existing components a similar annotation syntax/precedence. There the reasoning was to try provide both regularly symmetric annotation syntax ($KEY/pod vs. $KEY/container.$CONTAINER_NAME) and 'convenience' ($KEY interpreted as a shorthand notation/alias for $KEY/pod).
4c99f6c
to
7d223a9
Compare
4f12658
to
7859c0d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @klihub.
I think I'm down to nits and organisational questions / comments for the most part. Thanks for the cleanups. (for some of them it may be clearer if we have the refactorings as seprate commits / PRs).
466a173
to
257d1ee
Compare
Add support for native CDI injection. With this in place, a plugin can now directly request injection of CDI devices by device name. This is much simpler than first performing CDI device resolution and injection, followed by a set of low- level NRI adjustments for devices, mounts, env. vars. and OCI hooks to effectively do the same. Signed-off-by: Krisztian Litkey <[email protected]>
Signed-off-by: Krisztian Litkey <[email protected]>
Signed-off-by: Krisztian Litkey <[email protected]>
257d1ee
to
7e6841a
Compare
Signed-off-by: Krisztian Litkey <[email protected]>
7e6841a
to
6598645
Compare
Add support for injecting annotated CDI devices using the new native NRI CDI injection API. Signed-off-by: Krisztian Litkey <[email protected]>
Co-authored-by: Mike Brown <[email protected]> Signed-off-by: Krisztian Litkey <[email protected]>
6598645
to
4eb7075
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @klihub.
This looks good from my side. (there is a minor comment string suggestion, but not a blocker at all).
Clarify order of preference for the possible annotations. Co-authored-by: Mike Brown <[email protected]> Signed-off-by: Krisztian Litkey <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Add support for native CDI injection through NRI. With this patch set in place, a plugin can now directly request injection of CDI devices by fully qualified CDI device names. This is considerably simpler than what is currently required from an NRI plugin to perform CDI injection: perform CDI device resolution, then injection to an (almost) empty OCI Spec, inspect the resulting OCI Spec and convert the differences to a set of low-level NRI adjustments for devices, mounts, env. vars. and OCI hooks to effectively do the same through the NRI protocol.
/cc @elezar