sandbox: Setup networking namespace before sandbox creation

In order for hypervisor based container runtimes to be able to fully prepare their pod virtual machines networking interfaces, this patch sets the pod networking namespace before creating the sandbox container. Once the sandbox networking namespace is prepared, the runtime can scan the networking namespace interfaces and build the pod VM matching interfaces (typically TAP interfaces) at pod sandbox creation time. Not doing so means those runtimes would have to rely on all hypervisors to support networking interfaces hotplug. Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
cri-o · Dec 10, 2016 · 769d693 · 769d693
1 parent 9d99152
commit 769d693
Showing 1 changed file with 6 additions and 6 deletions.
diff --git a/server/sandbox_run.go b/server/sandbox_run.go
@@ -301,6 +301,12 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
 
 	sb.infraContainer = container
 
+	// setup the network
+	podNamespace := ""
+	if err = s.netPlugin.SetUpPod(netNsPath, podNamespace, id, containerName); err != nil {
+		return nil, fmt.Errorf("failed to create network for container %s in sandbox %s: %v", containerName, id, err)
+	}
+
 	if err = s.runtime.CreateContainer(container); err != nil {
 		return nil, err
 	}
@@ -309,12 +315,6 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
 		return nil, err
 	}
 
-	// setup the network
-	podNamespace := ""
-	if err = s.netPlugin.SetUpPod(netNsPath, podNamespace, id, containerName); err != nil {
-		return nil, fmt.Errorf("failed to create network for container %s in sandbox %s: %v", containerName, id, err)
-	}
-
 	if err = s.runtime.StartContainer(container); err != nil {
 		return nil, err
 	}