github.com/baraj55/containernetworking-cni@v0.7.2-0.20200219164625-56ace59a9e7f/CONVENTIONS.md (about) 1 # Extension conventions 2 3 There are three ways of passing information to plugins using the Container Network Interface (CNI), none of which require the [spec](SPEC.md) to be updated. These are 4 - plugin specific fields in the JSON config 5 - `args` field in the JSON config 6 - `CNI_ARGS` environment variable 7 8 This document aims to provide guidance on which method should be used and to provide a convention for how common information should be passed. 9 Establishing these conventions allows plugins to work across multiple runtimes. This helps both plugins and the runtimes. 10 11 ## Plugins 12 * Plugin authors should aim to support these conventions where it makes sense for their plugin. This means they are more likely to "just work" with a wider range of runtimes. 13 * Plugins should accept arguments according to these conventions if they implement the same basic functionality as other plugins. If plugins have shared functionality that isn't coverered by these conventions then a PR should be opened against this document. 14 15 ## Runtimes 16 * Runtime authors should follow these conventions if they want to pass additional information to plugins. This will allow the extra information to be consumed by the widest range of plugins. 17 * These conventions serve as an abstraction for the runtime. For example, port forwarding is highly implementation specific, but users should be able to select the plugin of their choice without changing the runtime. 18 19 # Current conventions 20 Additional conventions can be created by creating PRs which modify this document. 21 22 ## Dynamic Plugin specific fields (Capabilities / Runtime Configuration) 23 [Plugin specific fields](https://github.com/containernetworking/cni/blob/master/SPEC.md#network-configuration) formed part of the original CNI spec and have been present since the initial release. 24 > Plugins may define additional fields that they accept and may generate an error if called with unknown fields. The exception to this is the args field may be used to pass arbitrary data which may be ignored by plugins. 25 26 A plugin can define any additional fields it needs to work properly. It should return an error if it can't act on fields that were expected or where the field values were malformed. 27 28 This method of passing information to a plugin is recommended when the following conditions hold: 29 * The configuration has specific meaning to the plugin (i.e. it's not just general meta data) 30 * the plugin is expected to act on the configuration or return an error if it can't 31 32 Dynamic information (i.e. data that a runtime fills out) should be placed in a `runtimeConfig` section. Plugins can request 33 that the runtime insert this dynamic configuration by explicitly listing their `capabilities` in the network configuration. 34 35 For example, the configuration for a port mapping plugin might look like this to an operator (it should be included as part of a [network configuration list](https://github.com/containernetworking/cni/blob/master/SPEC.md#network-configuration-lists). 36 ```json 37 { 38 "name" : "ExamplePlugin", 39 "type" : "port-mapper", 40 "capabilities": {"portMappings": true} 41 } 42 ``` 43 44 But the runtime would fill in the mappings so the plugin itself would receive something like this. 45 ```json 46 { 47 "name" : "ExamplePlugin", 48 "type" : "port-mapper", 49 "runtimeConfig": { 50 "portMappings": [ 51 {"hostPort": 8080, "containerPort": 80, "protocol": "tcp"} 52 ] 53 } 54 } 55 ``` 56 57 ### Well-known Capabilities 58 | Area | Purpose | Capability | Spec and Example | Runtime implementations | Plugin Implementations | 59 | ----- | ------- | -----------| ---------------- | ----------------------- | --------------------- | 60 | port mappings | Pass mapping from ports on the host to ports in the container network namespace. | `portMappings` | A list of portmapping entries.<br/> <pre>[<br/> { "hostPort": 8080, "containerPort": 80, "protocol": "tcp" },<br /> { "hostPort": 8000, "containerPort": 8001, "protocol": "udp" }<br /> ]<br /></pre> | kubernetes | CNI `portmap` plugin | 61 | ip ranges | Dynamically configure the IP range(s) for address allocation. Runtimes that manage IP pools, but not individual IP addresses, can pass these to plugins. | `ipRanges` | The same as the `ranges` key for `host-local` - a list of lists of subnets. The outer list is the number of IPs to allocate, and the inner list is a pool of subnets for each allocation. <br/><pre>[<br/> [<br/> { "subnet": "10.1.2.0/24", "rangeStart": "10.1.2.3", "rangeEnd": 10.1.2.99", "gateway": "10.1.2.254" } <br/> ]<br/>]</pre> | none | CNI `host-local` plugin | 62 | bandwidth limits | Dynamically configure interface bandwidth limits | `bandwidth` | Desired bandwidth limits. Rates are in bits per second, burst values are in bits. <pre> { "ingressRate": 2048, "ingressBurst": 1600, "egressRate": 4096, "egressBurst": 1600 } </pre> | none | CNI `bandwidth` plugin | 63 | dns | Dynamically configure dns according to runtime | `dns` | Dictionary containing a list of `servers` (string entries), a list of `searches` (string entries), a list of `options` (string entries). <pre>{ <br> "searches" : [ "internal.yoyodyne.net", "corp.tyrell.net" ] <br> "servers": [ "8.8.8.8", "10.0.0.10" ] <br />} </pre> | kubernetes | CNI `win-bridge` plugin, CNI `win-overlay` plugin | 64 | ips | Dynamically allocate IPs for container interface. Runtime which has the ability of address allocation can pass these to plugins. | `ips` | A list of `IP` (string entries). <pre> [ "10.10.0.1/24", "3ffe:ffff:0:01ff::1/64" ] </pre> | none | CNI `static` plugin | 65 | mac | Dynamically assign MAC. Runtime can pass this to plugins which need MAC as input. | `mac` | `MAC` (string entry). <pre> "c2:11:22:33:44:55" </pre> | none | CNI `tuning` plugin | 66 67 ## "args" in network config 68 `args` in [network config](https://github.com/containernetworking/cni/blob/master/SPEC.md#network-configuration) were introduced as an optional field into the `0.2.0` release of the CNI spec. The first CNI code release that it appeared in was `v0.4.0`. 69 > args (dictionary): Optional additional arguments provided by the container runtime. For example a dictionary of labels could be passed to CNI plugins by adding them to a labels field under args. 70 71 `args` provide a way of providing more structured data than the flat strings that CNI_ARGS can support. 72 73 `args` should be used for _optional_ meta-data. Runtimes can place additional data in `args` and plugins that don't understand that data should just ignore it. Runtimes should not require that a plugin understands or consumes that data provided, and so a runtime should not expect to receive an error if the data could not be acted on. 74 75 This method of passing information to a plugin is recommended when the information is optional and the plugin can choose to ignore it. It's often that case that such information is passed to all plugins by the runtime without regard for whether the plugin can understand it. 76 77 The conventions documented here are all namespaced under `cni` so they don't conflict with any existing `args`. 78 79 For example: 80 ```json 81 { 82 "cniVersion":"0.2.0", 83 "name":"net", 84 "args":{ 85 "cni":{ 86 "labels": [{"key": "app", "value": "myapp"}] 87 } 88 }, 89 <REST OF CNI CONFIG HERE> 90 "ipam":{ 91 <IPAM CONFIG HERE> 92 } 93 } 94 ``` 95 96 | Area | Purpose| Spec and Example | Runtime implementations | Plugin Implementations | 97 | ----- | ------ | ------------ | ----------------------- | ---------------------- | 98 | labels | Pass`key=value` labels to plugins | <pre>"labels" : [<br /> { "key" : "app", "value" : "myapp" },<br /> { "key" : "env", "value" : "prod" }<br />] </pre> | none | none | 99 | ips | Request static IPs | Spec:<pre>"ips": ["\<ip\>[/\<prefix\>]", ...]</pre>Examples:<pre>"ips": ["10.2.2.42/24", "2001:db8::5"]</pre>The plugin may require the IP address to include a prefix length. | none | host-local | 100 101 ## CNI_ARGS 102 CNI_ARGS formed part of the original CNI spec and have been present since the initial release. 103 > `CNI_ARGS`: Extra arguments passed in by the user at invocation time. Alphanumeric key-value pairs separated by semicolons; for example, "FOO=BAR;ABC=123" 104 105 The use of `CNI_ARGS` is deprecated and "args" should be used instead. If a runtime passes an equivalent key via `args` (eg the `ips` `args` Area and the `CNI_ARGS` `IP` Field) and the plugin understands `args`, the plugin must ignore the CNI_ARGS Field. 106 107 | Field | Purpose| Spec and Example | Runtime implementations | Plugin Implementations | 108 | ------ | ------ | ---------------- | ----------------------- | ---------------------- | 109 | IP | Request a specific IP from IPAM plugins | Spec:<pre>IP=\<ip\>[/\<prefix\>]</pre>Example: <pre>IP=192.168.10.4/24</pre>The plugin may require the IP addresses to include a prefix length. | *rkt* supports passing additional arguments to plugins and the [documentation](https://coreos.com/rkt/docs/latest/networking/overriding-defaults.html) suggests IP can be used. | host-local (since version v0.2.0) supports the field for IPv4 only - [documentation](https://github.com/containernetworking/plugins/tree/master/plugins/ipam/host-local#supported-arguments).| 110 111 ## Chained Plugins 112 If plugins are agnostic about the type of interface created, they SHOULD work in a chained mode and configure existing interfaces. Plugins MAY also create the desired interface when not run in a chain. 113 114 For example, the `bridge` plugin adds the host-side interface to a bridge. So, it should accept any previous result that includes a host-side interface, including `tap` devices. If not called as a chained plugin, it creates a `veth` pair first. 115 116 Plugins that meet this convention are usable by a larger set of runtimes and interfaces, including hypervisors and DPDK providers.