Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pass through the pod annotations when multus receives them #1204

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

pass through the pod annotations when multus receives them #1204

wants to merge 1 commit into from

Conversation

toelke
Copy link

@toelke toelke commented Jan 8, 2024
edited
Loading

See kubernetes/kubernetes#69882 (comment) and #1116

Passing the annotations seems not to be a standardized behaviour, but it is very useful nontheless.

@toelke
pass through the pod annotations when multus receives them
7ad9d7a 
See kubernetes/kubernetes#69882

Passing the annotations seems not to be a standardized behaviour, but it is very useful nontheless.

Signed-off-by: Philipp Riederer <[email protected]>
@s1061123
Copy link
Member

I'm not clear that io.kubernetes.cri.pod-annotations comes from and use-case yet. Could you please clarify that, including why the annotation, io.kubernetes.cri.pod-annotations, should be default (to all platform).

@toelke
Copy link
Author

toelke commented Jan 19, 2024

This comment is a good summary.

My use case is that a custom CNI plugin needs some extra information to configure the networking of a Pod that I would like to pass as an annotation on the Pod; containerd can already be configured to pass this annotation to CNI plugins, this patch enables multus to receive it.

@dougbtv
Copy link
Member

dougbtv commented Feb 1, 2024

Tomo's looking into the possibility of checking this out with capability args in the meanwhile, and we'll circle back to it to make sure it's necessary.

@aojea
Copy link
Contributor

aojea commented Feb 21, 2024
edited
Loading

Tomo's looking into the possibility of checking this out with capability args in the meanwhile, and we'll circle back to it to make sure it's necessary.

@dougbtv @s1061123 I think that this refers to the fact that you don't have to go to the apiserver to fetch the labels and the annotations of the pod if you set this option in containerd and crio kubernetes/kubernetes#69882 (comment), as those values will be available in the CNI ADD request
@MikeZappa87

Basically you can save this API call and get it from the capabilities

multus-cni/pkg/k8sclient/k8sclient.go

Lines 407 to 421 in 53a68c3

func GetPodNetwork(pod *v1.Pod) ([]*types.NetworkSelectionElement, error) {
logging.Debugf("GetPodNetwork: %v", pod)
netAnnot := pod.Annotations[networkAttachmentAnnot]
defaultNamespace := pod.ObjectMeta.Namespace
if len(netAnnot) == 0 {
return nil, &NoK8sNetworkError{"no kubernetes network found"}
}
networks, err := parsePodNetworkAnnotation(netAnnot, defaultNamespace)
if err != nil {
return nil, err
}
return networks, nil

@AJMansfield
Copy link

This would be a useful feature for my own use-case -- to pass node affinity/taint information concerning particular network attachments onto pods that use them.

@bgaussen
Copy link

Hi, this feature would help our CNI to get some pod annotations directly and avoid implementing token management for it to access api-server...

@bgaussen bgaussen mentioned this pull request Jul 8, 2024
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@toelke @s1061123 @dougbtv @aojea @AJMansfield @bgaussen