Respond to feedback

calico.py

@@ -458,7 +458,7 @@ def _call_ipam_plugin(self, env):
                     print_cni_error(ERR_CODE_GENERIC, "Invalid network config",
                             "Must be running under Kubernetes to use \
                                     'subnet: usePodCidr'")
-                _log.info("Using Kubernetes pod cidr")
+                _log.info("Using Kubernetes podCIDR for node: %s", self.k8s_node_name)
                 pod_cidr = self._get_kubernetes_pod_cidr()
                 self.network_config["ipam"]["subnet"] = str(pod_cidr)
 
@@ -480,53 +480,37 @@ def _get_kubernetes_pod_cidr(self):
         First check if we've written it to disk.  If so, use that value.  If
         not, then query the Kubernetes API for it.
         """
-        local_store_path = os.path.abspath("podCidr.cache")
-        if os.path.exists(local_store_path):
-            _log.info("Loading podCidr from disk: %s", local_store_path)
-            with open(local_store_path, "r") as f:
-                pod_cidr = f.read().strip()
-                _log.debug("Loaded podCidr from disk: %s", pod_cidr)
-        else:
-            _log.info("Getting node.spec.podCidr from API, kubeconfig: %s",
-                      self.kubeconfig_path)
-            if not self.kubeconfig_path:
-                # Fow now, kubeconfig is the only supported auth method.
-                print_cni_error(ERR_CODE_GENERIC, "Missing kubeconfig",
-                        "usePodCidr requires specification of kubeconfig file")
-                sys.exit(ERR_CODE_GENERIC)
+        _log.info("Getting node.spec.podCidr from API, kubeconfig: %s",
+                  self.kubeconfig_path)
+        if not self.kubeconfig_path:
+            # For now, kubeconfig is the only supported auth method.
+            print_cni_error(ERR_CODE_GENERIC, "Missing kubeconfig",
+                    "usePodCidr requires specification of kubeconfig file")
+            sys.exit(ERR_CODE_GENERIC)
 
-            # Query the API for this node.  Default node name to the hostname.
-            try:
-                api = HTTPClient(KubeConfig.from_file(self.kubeconfig_path))
-                node = None
-                for n in Node.objects(api):
-                    if n.obj["metadata"]["name"] == self.k8s_node_name:
-                        _log.debug("Checking node: %s", n.obj["metadata"]["name"])
-                        node = n
-                        break
-                if not node:
-                    raise KeyError("Unable to find node in API: %s", self.k8s_node_name)
-                _log.debug("Found node %s: %s: ", node.obj["metadata"]["name"],
-                           node.obj["spec"])
-            except Exception:
-                print_cni_error(ERR_CODE_GENERIC, "Error querying Kubernetes API",
-                        "Failed to get podCidr from Kubernetes API")
+        # Query the API for this node.  Default node name to the hostname.
+        try:
+            api = HTTPClient(KubeConfig.from_file(self.kubeconfig_path))
+            node = None
+            for n in Node.objects(api):
+                if n.obj["metadata"]["name"] == self.k8s_node_name:
+                    _log.debug("Checking node: %s", n.obj["metadata"]["name"])
+                    node = n
+                    break
+            if not node:
+                raise KeyError("Unable to find node in API: %s", self.k8s_node_name)
+            _log.debug("Found node %s: %s: ", node.obj["metadata"]["name"],
+                       node.obj["spec"])
+        except Exception:
+            print_cni_error(ERR_CODE_GENERIC, "Error querying Kubernetes API",
+                    "Failed to get podCidr from Kubernetes API")
+            sys.exit(ERR_CODE_GENERIC)
+        else:
+            pod_cidr = node.obj["spec"].get("podCIDR")
+            if not pod_cidr:
+                print_cni_error(ERR_CODE_GENERIC, "Missing podCidr",
+                        "No podCidr for node %s" % self.k8s_node_name)
                 sys.exit(ERR_CODE_GENERIC)
-            else:
-                pod_cidr = node.obj["spec"].get("podCIDR")
-                if not pod_cidr:
-                    print_cni_error(ERR_CODE_GENERIC, "Missing podCidr",
-                            "No podCidr for node %s" % self.k8s_node_name)
-                    sys.exit(ERR_CODE_GENERIC)
-                else:
-                    # Success - write to disk so we don't have to
-                    # always query the API for this.
-                    with open(local_store_path, "w") as f:
-                        _log.info("Caching podCidr on disk: %s", local_store_path)
-                        try:
-                            f.write(pod_cidr)
-                        except Exception:
-                            _log.warning("Failed to write %s", local_store_path)
         _log.debug("Using podCidr: %s", pod_cidr)
         return pod_cidr
 

configuration.md

@@ -44,6 +44,8 @@ When using Calico IPAM, the following flags determine what IP addresses should b
 
 A specific IP address can be chosen by using [`CNI_ARGS`](https://github.com/appc/cni/blob/master/SPEC.md#parameters) and setting `IP` to the desired value.
 
+When using the CNI `host-local` IPAM plugin, a special value `usePodCidr` is allowed for the subnet field.  This tells the plugin to determine the subnet to use from the Kubernetes API based on the Node.podCIDR field.  This is currently only supported when using `kubeconfig` for accessing the API. 
+
 ## Kubernetes specific
 
 When using the Calico CNI plugin with Kubernetes, an additional config block can be specified to control how network policy is configured. The required config block is `policy`. See the [Calico Kubernetes documentation](https://github.com/projectcalico/calico-containers/tree/master/docs/cni/kubernetes) for more information.
@@ -63,6 +65,7 @@ The CNI plugin may need to authenticate with the Kubernetes API server. The foll
 * `k8s_client_key`
 * `k8s_certificate_authority`
 	* Verifying the API certificate against a CA only works if connecting to the API server using a hostname.
+* `kubeconfig`
 
 
 [![Analytics](https://calico-ga-beacon.appspot.com/UA-52125893-3/calico-cni/configuration.md?pixel)](https://github.com/igrigorik/ga-beacon)