Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Proposal] Add Networks Service Plugin #7751

Open
henry118 opened this issue Dec 2, 2022 · 1 comment
Open

[Proposal] Add Networks Service Plugin #7751

henry118 opened this issue Dec 2, 2022 · 1 comment
Labels
kind/feature

Comments

@henry118
Copy link
Member

henry118 commented Dec 2, 2022
edited

What is the problem you're trying to solve

Today container network resources created by CRI are not garbage-collected. They can be leaked due to various reasons like incomplete pod/sandbox setup or even process crashing. We have seen resource leaking issues in the past like #5438, #5569, #5904.

Describe the solution you'd like

We can add a Network Service Plugin that tracks all network resources created by CRI, and uses the GC framework in containerd to perform resource cleanup.

The service will work similarly to go-cni, where the actual networking setup/teardown is handled by libcni. Additionally the service will also persist the network definition and attachment parameters on disk, so that resources could be removed even after process restart.

All network resources have owners, either pause containers or sandboxes. We can create GC labels on those owner objects to reference network resources. The GC framework will clean up all network resources that do not have owners.

Detailed design is covered in this design proposal.

Additional context

PR: #7947
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@henry118 @zvonkok