flock M1 scaffold: CNI plugin + agent + NodeConfig CRD
Build flock Image / build (push) Has been cancelled
Build flock Image / build (push) Has been cancelled
- cmd/flock + cmd/flock-agent: build cleanly; CNI ADD/DEL/CHECK return ErrInternal stubs until M2; agent boots, opens unix socket, logs JSON. - pkg/agent/state.go: durable allocations.json (atomic write + fsync + parent fsync); pending/committed lifecycle. Tests cover round-trip, replace-by-cid, version mismatch, no-leak-on-tmp. - pkg/embed/suffix.go: ip-algo IID embedding. Tests cover the /48-/96 nibble distribution table from the design doc, determinism, prefix preservation, N-nibble isolation, digest-vs-fallback divergence. - pkg/api/v1alpha1: minimal NodeConfig types (no controller-runtime yet). - deploy/: NodeConfig CRD, empty ServiceAccount/ClusterRole, DaemonSet pinned to flock.fritzlab.net/agent="" label so it only runs on opted-in nodes. - .gitea/workflows/main.yaml + Dockerfile: build + push to code.fritzlab.net/fritzlab/flock; runs go test in CI. Design doc: dfritzlab/k8s-manager/dfritz-cni.md. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Donavan Fritz
@@ -0,0 +1,50 @@
|
||||
// Command flock-agent is the per-node DaemonSet binary. It owns IPAM, netns
|
||||
// programming, BIRD config, and nftables. M1 boots only the state store and a
|
||||
// placeholder unix listener.
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"flag"
|
||||
"log/slog"
|
||||
"os"
|
||||
"os/signal"
|
||||
"syscall"
|
||||
|
||||
"code.fritzlab.net/fritzlab/flock/pkg/agent"
|
||||
)
|
||||
|
||||
func main() {
|
||||
var (
|
||||
node = flag.String("node", os.Getenv("NODE_NAME"), "node name (defaults to $NODE_NAME)")
|
||||
statePath = flag.String("state", "/var/lib/flock/allocations.json", "path to allocations.json")
|
||||
socket = flag.String("socket", agent.SocketPath, "unix socket for CNI RPC")
|
||||
)
|
||||
flag.Parse()
|
||||
|
||||
logger := slog.New(slog.NewJSONHandler(os.Stderr, &slog.HandlerOptions{Level: slog.LevelInfo}))
|
||||
|
||||
if *node == "" {
|
||||
logger.Error("--node or $NODE_NAME is required")
|
||||
os.Exit(2)
|
||||
}
|
||||
|
||||
srv, err := agent.NewServer(agent.Config{
|
||||
Node: *node,
|
||||
StatePath: *statePath,
|
||||
Socket: *socket,
|
||||
Logger: logger,
|
||||
})
|
||||
if err != nil {
|
||||
logger.Error("init server", "err", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
ctx, cancel := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM)
|
||||
defer cancel()
|
||||
|
||||
if err := srv.Run(ctx); err != nil {
|
||||
logger.Error("run", "err", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,19 @@
|
||||
// Command flock is the kubelet-invoked CNI plugin binary. It is short-lived:
|
||||
// kubelet execs it for ADD/DEL/CHECK, the binary forwards to flock-agent over
|
||||
// a unix socket, and exits.
|
||||
package main
|
||||
|
||||
import (
|
||||
"github.com/containernetworking/cni/pkg/skel"
|
||||
"github.com/containernetworking/cni/pkg/version"
|
||||
|
||||
"code.fritzlab.net/fritzlab/flock/pkg/cni"
|
||||
)
|
||||
|
||||
func main() {
|
||||
skel.PluginMainFuncs(skel.CNIFuncs{
|
||||
Add: cni.CmdAdd,
|
||||
Del: cni.CmdDel,
|
||||
Check: cni.CmdCheck,
|
||||
}, version.All, "flock")
|
||||
}
|
||||
Reference in New Issue
Block a user