From 3afeeda61252994106c35322e28bc8c2a47267d4 Mon Sep 17 00:00:00 2001
From: Bryan Boreham <bjboreham@gmail.com>
Date: Tue, 22 Nov 2016 15:37:34 +0000
Subject: [PATCH] Unify weave and launch.sh CNI setup

Test 830 has to run CNI plugin under sudo now
---
 prog/weave-kube/launch.sh   | 65 +++++++------------------------------
 test/830_cni_plugin_test.sh |  2 +-
 weave                       | 50 +++++++++++++++++-----------
 3 files changed, 43 insertions(+), 74 deletions(-)

diff --git a/prog/weave-kube/launch.sh b/prog/weave-kube/launch.sh
index 2438c3d55f..44bf6d3b40 100755
--- a/prog/weave-kube/launch.sh
+++ b/prog/weave-kube/launch.sh
@@ -18,51 +18,6 @@ fi
 
 echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables
 
-SOURCE_BINARY=/usr/bin/weaveutil
-VERSION=$(/home/weave/weaver $EXTRA_ARGS --version | sed -e 's/weave router //')
-PLUGIN="weave-plugin-$VERSION"
-
-install_cni_plugin() {
-    mkdir -p $1 || return 1
-    if [ ! -f "$1/$PLUGIN" ]; then
-        cp "$SOURCE_BINARY" "$1/$PLUGIN"
-    fi
-}
-
-upgrade_cni_plugin_symlink() {
-    # Remove potential temporary symlink from previous failed upgrade:
-    rm -f $1/$2.tmp
-    # Atomically create a symlink to the plugin:
-    ln -s "$1/$PLUGIN" $1/$2.tmp && mv -f $1/$2.tmp $1/$2
-}
-
-upgrade_cni_plugin() {
-    # Check if weave-net and weave-ipam are (legacy) copies of the plugin, and
-    # if so remove these so symlinks can be used instead from now onwards.
-    if [ -f $1/weave-net  -a ! -L $1/weave-net  ];  then rm $1/weave-net;   fi
-    if [ -f $1/weave-ipam -a ! -L $1/weave-ipam ];  then rm $1/weave-ipam;  fi
-
-    # Create two symlinks to the plugin, as it has a different 
-    # behaviour depending on its name:
-    if [ "$(readlink -f $1/weave-net)" != "$1/$PLUGIN" ]; then
-        upgrade_cni_plugin_symlink $1 weave-net
-    fi
-    if [ "$(readlink -f $1/weave-ipam)" != "$1/$PLUGIN" ]; then
-        upgrade_cni_plugin_symlink $1 weave-ipam
-    fi
-}
-
-# Install CNI plugin binary to typical CNI bin location
-# with fall-back to CNI directory used by kube-up on GCI OS.
-if install_cni_plugin /opt/cni/bin ; then
-    upgrade_cni_plugin /opt/cni/bin
-elif install_cni_plugin /host_home/kubernetes/bin ; then
-    upgrade_cni_plugin /host_home/kubernetes/bin
-else
-    echo "Failed to install the Weave CNI plugin" >&2
-    exit 1
-fi
-
 # Need to create bridge before running weaver so we can use the peer address
 # (because of https://github.com/weaveworks/weave/issues/2480)
 WEAVE_NPC_OPTS="--expect-npc"
@@ -141,15 +96,17 @@ done
     reclaim_ips "_" $IPS
 done
 
-# Create CNI config, if not already there
-if [ ! -f /etc/cni/net.d/10-weave.conf ] ; then
-    mkdir -p /etc/cni/net.d
-    cat > /etc/cni/net.d/10-weave.conf <<EOF
-{
-    "name": "weave",
-    "type": "weave-net"
-}
-EOF
+# Install CNI plugin binary to typical CNI bin location
+# with fall-back to CNI directory used by kube-up on GCI OS
+if mkdir -p /opt/cni/bin ; then
+    export WEAVE_CNI_PLUGIN_DIR=/opt/cni/bin
+elif mkdir -p /host_home/kubernetes/bin ; then
+    export WEAVE_CNI_PLUGIN_DIR=/host_home/kubernetes/bin
+else
+    echo "Failed to install the Weave CNI plugin" >&2
+    exit 1
 fi
+mkdir -p /etc/cni/net.d
+/home/weave/weave --local setup-cni
 
 wait $WEAVE_PID
diff --git a/test/830_cni_plugin_test.sh b/test/830_cni_plugin_test.sh
index 5058e6a254..f21365f78a 100755
--- a/test/830_cni_plugin_test.sh
+++ b/test/830_cni_plugin_test.sh
@@ -7,7 +7,7 @@ start_suite "Test CNI plugin"
 cni_connect() {
     pid=$(container_pid $1 $2)
     id=$(docker_on $1 inspect -f '{{.Id}}' $2)
-    run_on $1 CNI_VERSION=1 CNI_COMMAND=ADD CNI_CONTAINERID=$id CNI_IFNAME=eth0 \
+    run_on $1 sudo CNI_VERSION=1 CNI_COMMAND=ADD CNI_CONTAINERID=$id CNI_IFNAME=eth0 \
     CNI_NETNS=/proc/$pid/ns/net CNI_PATH=/opt/cni/bin /opt/cni/bin/weave-net 
 }
 
diff --git a/weave b/weave
index 094a3e45d9..8c6429e7fb 100755
--- a/weave
+++ b/weave
@@ -337,6 +337,8 @@ CONTAINER_NAME=${WEAVE_CONTAINER_NAME:-weave}
 BASE_PLUGIN_IMAGE=$DOCKERHUB_USER/plugin
 PLUGIN_IMAGE=$BASE_PLUGIN_IMAGE:$IMAGE_VERSION
 PLUGIN_CONTAINER_NAME=weaveplugin
+CNI_PLUGIN_NAME="weave-plugin-$IMAGE_VERSION"
+CNI_PLUGIN_DIR=${WEAVE_CNI_PLUGIN_DIR:$HOST_ROOT/opt/cni/bin}
 # Note VOLUMES_CONTAINER which is for weavewait should change when you upgrade Weave
 VOLUMES_CONTAINER_NAME=weavevolumes-$IMAGE_VERSION
 # DB files should remain when you upgrade, so version number not included in name
@@ -1031,23 +1033,34 @@ peer_args() {
 # CNI helpers
 ######################################################################
 
-create_cni_script() {
-    # If target file is a symlink, it's probably a remnant of a weave-kube
-    # installation - if the user has now switched back to `weave launch`,
-    # we need to remove the link before rewriting the contents:
-    [ -L "$1" ] && rm "$1" # fail if we can't remove the link
+install_cni_plugin() {
+    mkdir -p $1 || return 1
+    if [ ! -f "$1/$CNI_PLUGIN_NAME" ]; then
+        cp /usr/bin/weaveutil "$1/$CNI_PLUGIN_NAME"
+    fi
+}
 
-    cat >"$1" <<EOF
-#!/bin/sh
-[ -z "\$CNI_NETNS" -o \$(echo "\$CNI_NETNS" | grep "^/proc/") ] || \\
-    EXTRA_VOLUMES="-v \$(dirname \$CNI_NETNS):\$(dirname \$CNI_NETNS)"
-docker run --rm $(docker_run_options) --pid=host -i \\
- -e CNI_VERSION -e CNI_COMMAND -e CNI_CONTAINERID -e CNI_NETNS \\
- -e CNI_IFNAME -e CNI_ARGS -e CNI_PATH \\
- -v /etc/cni:/etc/cni -v /opt/cni:/opt/cni \$EXTRA_VOLUMES \\
---entrypoint=/usr/bin/weaveutil $EXEC_IMAGE $2
-EOF
-    chmod a+x "$1"
+upgrade_cni_plugin_symlink() {
+    # Remove potential temporary symlink from previous failed upgrade:
+    rm -f $1/$2.tmp
+    # Atomically create a symlink to the plugin:
+    ln -s "$CNI_PLUGIN_NAME" $1/$2.tmp && mv -f $1/$2.tmp $1/$2
+}
+
+upgrade_cni_plugin() {
+    # Check if weave-net and weave-ipam are (legacy) copies of the plugin, and
+    # if so remove these so symlinks can be used instead from now onwards.
+    if [ -f $1/weave-net  -a ! -L $1/weave-net  ];  then rm $1/weave-net;   fi
+    if [ -f $1/weave-ipam -a ! -L $1/weave-ipam ];  then rm $1/weave-ipam;  fi
+
+    # Create two symlinks to the plugin, as it has different
+    # behaviour depending on its name:
+    if [ "$(readlink -f $1/weave-net)" != "$CNI_PLUGIN_NAME" ]; then
+        upgrade_cni_plugin_symlink $1 weave-net
+    fi
+    if [ "$(readlink -f $1/weave-ipam)" != "$CNI_PLUGIN_NAME" ]; then
+        upgrade_cni_plugin_symlink $1 weave-ipam
+    fi
 }
 
 create_cni_config() {
@@ -1060,9 +1073,8 @@ EOF
 }
 
 setup_cni() {
-    if [ -d $HOST_ROOT/opt/cni/bin ] ; then
-        create_cni_script $HOST_ROOT/opt/cni/bin/weave-net  cni-net
-        create_cni_script $HOST_ROOT/opt/cni/bin/weave-ipam cni-ipam
+    if install_cni_plugin $CNI_PLUGIN_DIR ; then
+        upgrade_cni_plugin $CNI_PLUGIN_DIR
     fi
     if [ -d $HOST_ROOT/etc/cni/net.d -a ! -f $HOST_ROOT/etc/cni/net.d/10-weave.conf ] ; then
         create_cni_config $HOST_ROOT/etc/cni/net.d/10-weave.conf