Skip to content

Conversation

@klihub
Copy link
Contributor

@klihub klihub commented Apr 9, 2025

Note: This PR is stacked on #294.

This PR adds support for injecting Linux NetDevices to an OCI Spec. In particular, the PR

  • adds NetDevices to ContainerEdits in the CDI Spec
  • implements network device injection to the OCI Spec
  • bumps the CDI Spec version to 1.1.0
  • adds CDI Spec version validation to the cmd/cdi test/cli binary

@klihub klihub force-pushed the devel/linux-net-device branch 3 times, most recently from 658b35b to 9900940 Compare April 9, 2025 13:37
@klihub klihub force-pushed the devel/linux-net-device branch from 9900940 to e95cee0 Compare April 9, 2025 14:55
@klihub klihub requested a review from elezar April 10, 2025 05:03
@github-actions
Copy link

This PR is stale because it has been open 90 days with no activity. This PR will be closed in 30 days unless new comments are made or the stale label is removed. To skip these checks, apply the "lifecycle/frozen" label.

@elezar
Copy link
Contributor

elezar commented Aug 7, 2025

@klihub is there a version of the OCI runtime spec that includes these fields now? Could we update this PR so that we can look at pushing out a v1.1.0 of the spec together with the changes from #278 and #279?

@klihub
Copy link
Contributor Author

klihub commented Aug 7, 2025

@klihub is there a version of the OCI runtime spec that includes these fields now?

@elezar Not with a tagged version yet, unfortunately.

Could we update this PR so that we can look at pushing out a v1.1.0 of the spec together with the changes from #278 and #279?

I think we don't need to wait for this to get merged to tag a new version. We can tag a release without this right away, if everything else has been already merged. But we can't merge #279 yet, for the same reason. intelRdt.enableMonitoring is not available yet in a tagged version of the OCI Spec.

@elezar
Copy link
Contributor

elezar commented Nov 5, 2025

It seems as if the v1.3.0 spec has been tagged.

@klihub
Copy link
Contributor Author

klihub commented Nov 7, 2025

It seems as if the v1.3.0 spec has been tagged.

Yes, but I think we'll need for opencontainers/runtime-tools#795 (and opencontainers/runtime-tools#797) to get merged.

@klihub klihub force-pushed the devel/linux-net-device branch 2 times, most recently from 65cfa10 to 55029b7 Compare November 14, 2025 11:27
@klihub klihub marked this pull request as ready for review November 14, 2025 12:09
@klihub klihub requested review from bart0sh and kad November 14, 2025 12:09
@klihub klihub force-pushed the devel/linux-net-device branch from 55029b7 to fa0e7fd Compare November 14, 2025 13:36
@bart0sh
Copy link
Contributor

bart0sh commented Nov 17, 2025

@klihub lgtm. Do we need to update/add any tests for the new fields?

@klihub klihub force-pushed the devel/linux-net-device branch from fa0e7fd to 0ea4bfd Compare November 17, 2025 09:14
@klihub
Copy link
Contributor Author

klihub commented Nov 17, 2025

@klihub lgtm. Do we need to update/add any tests for the new fields?

@bart0sh Yes, I think we'd need those and they are missing now. I'll add them.

@klihub klihub force-pushed the devel/linux-net-device branch 2 times, most recently from 9701d09 to 219154a Compare November 17, 2025 09:49
@klihub
Copy link
Contributor Author

klihub commented Nov 17, 2025

@klihub lgtm. Do we need to update/add any tests for the new fields?

@bartosh Added test for injecting and validating net devices. Updated the schema to mark both host and container interface names as required for LinuxNetDevice. Updated ContainerEdit validation to require non-empty host and container net device names.

Copy link
Contributor

@bart0sh bart0sh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@klihub klihub force-pushed the devel/linux-net-device branch 4 times, most recently from 142705c to 998d504 Compare November 21, 2025 06:13
@klihub
Copy link
Contributor Author

klihub commented Nov 25, 2025

Ping @elezar, PTAL.

@klihub klihub force-pushed the devel/linux-net-device branch from 998d504 to a46466e Compare November 25, 2025 08:20

// LinuxNetDevice represents an OCI LinuxNetDevice to be added to the OCI Spec.
type LinuxNetDevice struct {
HostIf string `json:"hostIf" yaml:"hostIf"`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question: Since HostIf is the field that we define, is it descriptive enough? In the OCI runtime spec we have:

// NetDevices are key-value pairs, keyed by network device name on the host, moved to the container's network namespace.
NetDevices map[string]LinuxNetDevice `json:"netDevices,omitempty"`

Copy link
Contributor Author

@klihub klihub Nov 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I don't know what would be descriptive enough. I deliberately chose a struct with two fields instead of a map, in the hope of better descriptiveness, because now I have a name for both parameters compared to a string-keyed map.

So maybe a HostInterface and ContainerInterface would be better (would not like to call them devices, because of all the unices it is exactly linux which does not model network devices as unix devices) ? @elezar @bart0sh WDYT ?

Or HostInterface and Name. I only ended up with Name to have it be called the same as the corresponding OCI Spec data. Although now that you spelled this out, I'm not sure if it helps or hurts more...

I was also considering HostInterface/ContainerName and HostName/ContainerName, but I disliked both HostName and ContainerName as they can sound a misleading, at least when out of context.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@bart0sh @elezar Any thoughts ? Would HostInterface / ContainerInterface be descriptive enough ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think Name is fine since this is the corresponding OCI Spec field name. (we do the same for DeviceNode.Path)

What about HostInterfaceName and Name? (I would suggest HostName, but that could also be more confusing).

As a follow-up question: Do we want to allow HostIf == "" and use the value for Name in this case, or are these expected to always be different?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think Name is fine since this is the corresponding OCI Spec field name. (we do the same for DeviceNode.Path)

What about HostInterfaceName and Name? (I would suggest HostName, but that could also be more confusing).

Okay, I'll update it accordingly.

As a follow-up question: Do we want to allow HostIf == "" and use the value for Name in this case, or are these expected to always be different?

I don't think there is any expectation regarding those except that they are not empty. I'd probably would not allow HostInterfaceName to be empty. Allowing the other way around (the container interace) Name to be empty and set to the same as HostInterface) would sound intuitively more natural to me, but I would not allow that either.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On inferring information. Let's make them both required in the spec. This makes reasoning about the implementation quite a bit simpler.

@klihub klihub force-pushed the devel/linux-net-device branch 3 times, most recently from 2112626 to 7416131 Compare November 26, 2025 14:34
@klihub klihub requested a review from elezar November 26, 2025 14:35
Implement OCI Spec (Linux) NetDevice injection.

Signed-off-by: Krisztian Litkey <[email protected]>
Bump current version to 1.1.0, include net devices in minimum
required version check.

Signed-off-by: Krisztian Litkey <[email protected]>
@klihub klihub force-pushed the devel/linux-net-device branch from 7d96b13 to b297834 Compare November 26, 2025 14:39
const (
// CurrentVersion is the current version of the Spec.
CurrentVersion = "1.0.0"
CurrentVersion = "1.1.0"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we may have missed this for the new / updated RDT fields too, but we should probably have a SPEC.md change as well.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

EnableMonitoring bool `json:"enableMonitoring,omitempty" yaml:"enableMonitoring,omitempty"`
}

// LinuxNetDevice represents an OCI LinuxNetDevice to be added to the OCI Spec.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need to add a docstring that describes what the two fields are? (I'm ok to not do so if we feel these are self-explanatory).

ClosID string `json:"closID,omitempty" yaml:"closID,omitempty"`
L3CacheSchema string `json:"l3CacheSchema,omitempty" yaml:"l3CacheSchema,omitempty"`
MemBwSchema string `json:"memBwSchema,omitempty" yaml:"memBwSchema,omitempty"`
Schemata []string `json:"schemata,omitempty" yaml:"schemata,omitempty"`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missed the //added in v1.1.0 suffis to the new fields here: cc @marquiz

Copy link
Contributor

@elezar elezar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@klihub this looks good now.

Some minor questions regarding whether this should include edits to SPEC.md, but I am approving this provisionally.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants