Found 15 possible answers.
|User||Answered At||Possible Answer|
...and wait for the admin to approve before continuing with the next node. I would like to add a kops cli option, for example named --interactive, that would pause after each instance gets updated. It should print out a prompt such as:
- When reading it I'm assuming that references to "SRIOV-CNI" are referring to the hustcat implementation, not the Intel DPDK one. Am I right?
- @lmdaly I have a basic question:> CNI-Shim gets allocated SRIOV device information from SRIOV device plugin this corresponds to the the red box on figure 1.4, right? is it the only way to pass this information to the CNI plugin? couldn't you annotate the pod somehow to avoid involving the device plugin in later stages?
- I would love to take a look but not sure where to find it. Do you have a link? Overall I think it's workable. I'll need a little while to digest the details though. How would you like feedback? Here? To the mailing list? Comments in the doc? Postcards from somewhere sunny? Don't worry - found it!
- Are you talking about this, https://github.com/vikaschoudhary16/sfc-device-plugin/blob/master/cont-sfc-nic-move.sh#L24 ? Implementation of Allocate is in the plugin, which is a daemonset. I am doing ssh to access host filesystem. Even if daemonset is privileged, i am not sure host system can be accessed directly without ssh. Not sure if i answered your question or not? [May 9th, 2018 1:39 AM] jmcdowall: @renaud thanks that worked does hostIPC allows you to avoid ssh?
- @vikasc getting clearer, still working through my understanding of GO and gRPC. Am I understanding it correctly that the Allocate method is running in the Node (Host) address space through a gRPC server. I see in your code you are doing a ssh into the host namespace, if the daemonSet was privileged would it be able to access the host process space directly - or am I completely missing something?
- it would be great to list down as much use-cases as we can. [May 7th, 2018 11:46 PM] jmcdowall: is the network interface (eth0) of the pod allocated? Please let me know if something still not clear. its upto the plugin that what is actually being allocated. it could be a physical interface, sdn(virtual) interface, depending on plugin implementation. DPAPI `Allocate` should be used by plugin to mark the interface as being allocated, while actual passing of the device into pod sandbox will happen at CNI ADD. https://github.com/opencontainers/runtime-spec/blob/master/runtime.md#lifecycle [May 7th, 2018 11:45 PM] flx42: for instance, in terms of OCI runtime, are we before 1.? after 1.? before 1. [May 7th, 2018 9:46 PM] jmcdowall: @vikasc +1 anything I can do to help move this forward? Will apreciate your thoughts on this thread: https://groups.google.com/forum/#!topic/kubernetes-sig-node/UypdZGt4Vf4 [May 7th, 2018 9:45 PM] jmcdowall: @lmdaly looking forward to it - do you need more use cases?
- thanks @renaud! is this explicitly specified in the current device plugin document?
- is the network interface (eth0) of the pod allocated?
- hm ok, but do we make any guarantee on what the container status is at this point? https://github.com/opencontainers/runtime-spec/blob/master/runtime.md#lifecycle for instance, in terms of OCI runtime, are we before 1.? after 1.?
- yes, I did it on GKE with running nsenter with the appropriate mount and network namespaces -hopefully I can do the same in Allocate?
- ok, did you see the discussion here: https://github.com/kubernetes/kubernetes/pull/61775 ? so, inside the `Allocate` you want to exec a binary? around the middle we start discussing the possible ways of enabling that