device-injector: add network device injection.

Signed-off-by: Krisztian Litkey <[email protected]>

Author: klihub

plugins/device-injector/README.md

@@ -101,6 +101,33 @@ The annotation value syntax for mount injection is
     ...
 ```
 
+### Network Device Annotations
+
+Network devices are annotated in a similar manner to devices, but using the
+`network-devices.noderesource.dev` annotation key prefix. As with devices, the
+`network-devices.nri.io` annotation key prefix is also supported.
+
+The annotation value for network devices is the list of host network interfaces
+to inject, together with their container interface names
+
+For instance, the following annotation
+
+```
+metadata:
+  name: net-dev-test
+  annotations:
+    network-devices.noderesource.dev/container.c0: |
+      - hostIf: ens2.100
+        Name: netdev0
+    network-devices.noderesource.dev/container.c1: |
+      - hostIf: ens2.101
+        Name: netdev1
+```
+
+requests the injection of the host network interface `ens2.100` into container `c0`
+as the network interface `netdev0`, and the host network interface `ens2.101` into
+container `c1` as the network interface `netdev1`.
+
 ## Deployment
 
 The NRI repository contains minimal kustomize overlays for this plugin at

plugins/device-injector/device-injector.go

@@ -47,6 +47,10 @@ const (
 	ioPrioKey = "io-priority.noderesource.dev"
 	// Deprecated: Prefix of the key used for I/O priority adjustment.
 	oldIoPrioKey = "io-priority.nri.io"
+	// Prefix of the key used for network device injection.
+	netDeviceKey = "network-devices.noderesource.dev"
+	// Deprecated: Prefix of the key used for network device injection.
+	oldNetDeviceKey = "network-devices.nri.io"
 )
 
 var (
@@ -79,6 +83,12 @@ type ioPrio struct {
 	Priority int32  `json:"priority"`
 }
 
+// a network device to inject
+type netDevice struct {
+	HostIf string `json:"hostIf"`
+	Name   string `json:"name"`
+}
+
 // our injector plugin
 type plugin struct {
 	stub stub.Stub
@@ -108,6 +118,10 @@ func (p *plugin) CreateContainer(_ context.Context, pod *api.PodSandbox, ctr *ap
 		return nil, nil, err
 	}
 
+	if err := injectNetDevices(pod, ctr, adjust); err != nil {
+		return nil, nil, err
+	}
+
 	if verbose {
 		dump(containerName(pod, ctr), "ContainerAdjustment", adjust)
 	}
@@ -286,6 +300,51 @@ func parseIOPriority(ctr string, annotations map[string]string) (*ioPrio, error)
 	return priority, nil
 }
 
+func injectNetDevices(pod *api.PodSandbox, ctr *api.Container, a *api.ContainerAdjustment) error {
+	devices, err := parseNetDevices(ctr.Name, pod.Annotations)
+	if err != nil {
+		return err
+	}
+
+	if len(devices) == 0 {
+		log.Debugf("%s: no network devices annotated...", containerName(pod, ctr))
+		return nil
+	}
+
+	if verbose {
+		dump(containerName(pod, ctr), "annotated network devices", devices)
+	}
+
+	for _, d := range devices {
+		a.AddLinuxNetDevice(d.HostIf, &api.LinuxNetDevice{
+			Name: d.Name,
+		})
+		if !verbose {
+			log.Infof("%s: injected network device %q -> %q...", containerName(pod, ctr),
+				d.HostIf, d.Name)
+		}
+	}
+
+	return nil
+}
+
+func parseNetDevices(ctr string, annotations map[string]string) ([]*netDevice, error) {
+	var (
+		devices []*netDevice
+	)
+
+	annotation := getAnnotation(annotations, netDeviceKey, oldNetDeviceKey, ctr)
+	if annotation == nil {
+		return nil, nil
+	}
+
+	if err := yaml.Unmarshal(annotation, &devices); err != nil {
+		return nil, fmt.Errorf("invalid net device annotation %q: %w", string(annotation), err)
+	}
+
+	return devices, nil
+}
+
 func getAnnotation(annotations map[string]string, mainKey, oldKey, ctr string) []byte {
 	for _, key := range []string{
 		mainKey + "/container." + ctr,