multus client: add the multus-cni REST client pkg

Add a pkg to contact the multus RESTful API listening to a UNIX socket.

This multus client is not invoked; this will happen in follow-up commits.

Signed-off-by: Miguel Duarte Barroso <[email protected]>

Author: maiqueb

cmd/dynamic-networks-controller/networks-controller.go

@@ -25,6 +25,7 @@ import (
 	"github.com/maiqueb/multus-dynamic-networks-controller/pkg/cri"
 	"github.com/maiqueb/multus-dynamic-networks-controller/pkg/cri/containerd"
 	"github.com/maiqueb/multus-dynamic-networks-controller/pkg/logging"
+	"github.com/maiqueb/multus-dynamic-networks-controller/pkg/multuscni"
 )
 
 const (
@@ -96,11 +97,10 @@ func newController(stopChannel chan struct{}, configuration *config.Multus) (*co
 		nadInformerFactory,
 		eventBroadcaster,
 		newEventRecorder(eventBroadcaster),
-		configuration.MultusSocketPath,
 		k8sClient,
 		nadClientSet,
 		containerRuntime,
-	)
+		multuscni.NewClient(configuration.MultusSocketPath))
 	if err != nil {
 		return nil, fmt.Errorf("failed to create the pod networks controller: %v", err)
 	}

pkg/controller/pod.go

@@ -26,6 +26,7 @@ import (
 	"github.com/maiqueb/multus-dynamic-networks-controller/pkg/annotations"
 	"github.com/maiqueb/multus-dynamic-networks-controller/pkg/cri"
 	"github.com/maiqueb/multus-dynamic-networks-controller/pkg/logging"
+	"github.com/maiqueb/multus-dynamic-networks-controller/pkg/multuscni"
 )
 
 const (
@@ -65,9 +66,9 @@ type PodNetworksController struct {
 	broadcaster             record.EventBroadcaster
 	recorder                record.EventRecorder
 	workqueue               workqueue.RateLimitingInterface
-	multusSocketPath        string
 	nadClientSet            nadclient.Interface
 	containerRuntime        cri.ContainerRuntime
+	multusClient            multuscni.Client
 }
 
 // NewPodNetworksController returns new PodNetworksController instance
@@ -76,10 +77,10 @@ func NewPodNetworksController(
 	nadInformers nadinformers.SharedInformerFactory,
 	broadcaster record.EventBroadcaster,
 	recorder record.EventRecorder,
-	multusSocketPath string,
 	k8sClientSet kubernetes.Interface,
 	nadClientSet nadclient.Interface,
 	containerRuntime cri.ContainerRuntime,
+	multusClient multuscni.Client,
 ) (*PodNetworksController, error) {
 	podInformer := k8sCoreInformerFactory.Core().V1().Pods().Informer()
 	nadInformer := nadInformers.K8sCniCncfIo().V1().NetworkAttachmentDefinitions().Informer()
@@ -93,13 +94,13 @@ func NewPodNetworksController(
 		netAttachDefLister:      nadInformers.K8sCniCncfIo().V1().NetworkAttachmentDefinitions().Lister(),
 		recorder:                recorder,
 		broadcaster:             broadcaster,
-		multusSocketPath:        multusSocketPath,
 		workqueue: workqueue.NewNamedRateLimitingQueue(
 			workqueue.DefaultControllerRateLimiter(),
 			AdvertisedName),
 		k8sClientSet:     k8sClientSet,
 		nadClientSet:     nadClientSet,
 		containerRuntime: containerRuntime,
+		multusClient:     multusClient,
 	}
 
 	podInformer.AddEventHandler(cache.ResourceEventHandlerFuncs{

pkg/controller/pod_test.go

@@ -12,6 +12,8 @@ import (
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 
+	cni100 "github.com/containernetworking/cni/pkg/types/100"
+
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -25,9 +27,12 @@ import (
 	nadclient "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/client/clientset/versioned"
 	fakenadclient "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/client/clientset/versioned/fake"
 	nadinformers "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/client/informers/externalversions"
+	multusapi "gopkg.in/k8snetworkplumbingwg/multus-cni.v3/pkg/server/api"
 
 	"github.com/maiqueb/multus-dynamic-networks-controller/pkg/cri"
 	fakecri "github.com/maiqueb/multus-dynamic-networks-controller/pkg/cri/fake"
+	"github.com/maiqueb/multus-dynamic-networks-controller/pkg/multuscni"
+	fakemultusclient "github.com/maiqueb/multus-dynamic-networks-controller/pkg/multuscni/fake"
 )
 
 func TestController(t *testing.T) {
@@ -61,6 +66,7 @@ var _ = Describe("Dynamic Attachment controller", func() {
 		Context("with an existing running pod", func() {
 			const (
 				cniVersion  = "0.3.0"
+				macAddr     = "02:03:04:05:06:07"
 				namespace   = "default"
 				networkName = "tiny-net"
 				podName     = "tiny-winy-pod"
@@ -98,8 +104,10 @@ var _ = Describe("Dynamic Attachment controller", func() {
 						nadClient,
 						stopChannel,
 						eventRecorder,
-						"",
 						fakecri.NewFakeRuntime(*pod),
+						fakemultusclient.NewFakeClient(
+							networkConfig("ADD", "net1", networkName, macAddr),
+							networkConfig("DEL", "net0", "", "")),
 					)).NotTo(BeNil())
 				Expect(func() []nad.NetworkStatus {
 					updatedPod, err := k8sClient.CoreV1().Pods(namespace).Get(context.TODO(), podName, metav1.GetOptions{})
@@ -157,6 +165,21 @@ var _ = Describe("Dynamic Attachment controller", func() {
 	})
 })
 
+func networkConfig(cmd, ifaceName, networkName, mac string) fakemultusclient.NetworkConfig {
+	const cniVersion = "0.4.0"
+	return fakemultusclient.NetworkConfig{
+		Cmd:       cmd,
+		IfaceName: ifaceName,
+		Response: &multusapi.Response{
+			Result: &cni100.Result{
+				CNIVersion: cniVersion,
+				Interfaces: []*cni100.Interface{
+					{Name: networkName, Mac: mac},
+				},
+			}},
+	}
+}
+
 type dummyPodController struct {
 	*PodNetworksController
 	networkCache cache.Store
@@ -168,8 +191,8 @@ func newDummyPodController(
 	nadClient nadclient.Interface,
 	stopChannel chan struct{},
 	recorder record.EventRecorder,
-	cniConfigPath string,
-	containerRuntime cri.ContainerRuntime) (*dummyPodController, error) {
+	containerRuntime cri.ContainerRuntime,
+	multusClient multuscni.Client) (*dummyPodController, error) {
 	const noResyncPeriod = 0
 	netAttachDefInformerFactory := nadinformers.NewSharedInformerFactory(nadClient, noResyncPeriod)
 	podInformerFactory := v1coreinformerfactory.NewSharedInformerFactory(k8sClient, noResyncPeriod)
@@ -179,10 +202,10 @@ func newDummyPodController(
 		netAttachDefInformerFactory,
 		nil,
 		recorder,
-		cniConfigPath,
 		k8sClient,
 		nadClient,
-		containerRuntime)
+		containerRuntime,
+		multusClient)
 
 	alwaysReady := func() bool { return true }
 	podController.arePodsSynched = alwaysReady

pkg/multuscni/client.go

@@ -0,0 +1,98 @@
+package multuscni
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net"
+	"net/http"
+
+	"k8s.io/klog/v2"
+
+	multusapi "gopkg.in/k8snetworkplumbingwg/multus-cni.v3/pkg/server/api"
+)
+
+func MultusDelegateURL() string {
+	const delegateEndpoint = "/delegate"
+	return multusapi.GetAPIEndpoint(delegateEndpoint)
+}
+
+type Client interface {
+	InvokeDelegate(req *multusapi.Request) (*multusapi.Response, error)
+}
+
+type HTTPClient struct {
+	httpClient *http.Client
+	serverURL  string
+}
+
+func NewClient(socketPath string) *HTTPClient {
+	return &HTTPClient{
+		httpClient: &http.Client{
+			Transport: &http.Transport{
+				DialContext: func(ctx context.Context, network string, addr string) (net.Conn, error) {
+					return net.Dial("unix", socketPath)
+				},
+			},
+		},
+		serverURL: MultusDelegateURL(),
+	}
+}
+
+func (c *HTTPClient) InvokeDelegate(req *multusapi.Request) (*multusapi.Response, error) {
+	httpResp, err := c.DoCNI(req)
+	if err != nil {
+		return nil, err
+	}
+	response := &multusapi.Response{}
+	if len(httpResp) != 0 {
+		if err = json.Unmarshal(httpResp, response); err != nil {
+			return nil, fmt.Errorf("failed to unmarshal response '%s': %v", string(httpResp), err)
+		}
+	}
+	return response, nil
+}
+
+func (c *HTTPClient) DoCNI(req *multusapi.Request) ([]byte, error) {
+	data, err := json.Marshal(req)
+	if err != nil {
+		return nil, fmt.Errorf("failed to marshal CNI request %v: %v", req, err)
+	}
+
+	request, err := httpRequest(c.serverURL, data)
+	if err != nil {
+		return nil, err
+	}
+	resp, err := c.httpClient.Do(request)
+
+	if err != nil {
+		return nil, fmt.Errorf("failed to send CNI request: %v", err)
+	}
+	defer func() {
+		if err = resp.Body.Close(); err != nil {
+			klog.Errorf("failed closing the connection to the multus-server: %v", err)
+		}
+	}()
+
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read CNI result: %v", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("CNI request failed with status %v: '%s'", resp.StatusCode, string(body))
+	}
+
+	return body, nil
+}
+
+func httpRequest(serverURL string, payload []byte) (*http.Request, error) {
+	httpReq, err := http.NewRequestWithContext(context.Background(), http.MethodPost, serverURL, bytes.NewBuffer(payload))
+	if err != nil {
+		return nil, err
+	}
+	httpReq.Header.Set("Content-Type", "application/json")
+	return httpReq, nil
+}

pkg/multuscni/client_test.go

@@ -0,0 +1,108 @@
+package multuscni
+
+import (
+	"encoding/json"
+	"net"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+
+	cni100 "github.com/containernetworking/cni/pkg/types/100"
+
+	multusapi "gopkg.in/k8snetworkplumbingwg/multus-cni.v3/pkg/server/api"
+)
+
+func TestController(t *testing.T) {
+	RegisterFailHandler(Fail)
+	RunSpecs(t, "Dynamic network attachment controller suite")
+}
+
+var _ = Describe("multuscni REST client", func() {
+	const (
+		cniVersion  = "0.4.0"
+		networkName = "net1"
+		podIP       = "192.168.14.14/24"
+		podMAC      = "02:03:04:05:06:07"
+	)
+	It("errors when the server replies with anything other than 200 OK status", func() {
+		server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			w.WriteHeader(http.StatusBadRequest)
+			_, _ = w.Write([]byte(`kablewit`))
+		}))
+
+		defer server.Close()
+		_, err := newDummyClient(server.Client(), server.URL).InvokeDelegate(multusRequest())
+		Expect(err).To(MatchError("CNI request failed with status 400: 'kablewit'"))
+	})
+
+	It("errors when the service replies with anything other than a `multusapi.Response` structure", func() {
+		server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			w.WriteHeader(http.StatusOK)
+			_, _ = w.Write([]byte(`{asd:123}`))
+		}))
+
+		defer server.Close()
+		_, err := newDummyClient(server.Client(), server.URL).InvokeDelegate(multusRequest())
+		Expect(err).To(MatchError(ContainSubstring("failed to unmarshal response '{asd:123}':")))
+	})
+
+	DescribeTable("return the expected response", func(response *multusapi.Response) {
+		server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			w.WriteHeader(http.StatusOK)
+			serializedResponse, _ := json.Marshal(response)
+			_, _ = w.Write(serializedResponse)
+		}))
+
+		defer server.Close()
+		Expect(newDummyClient(server.Client(), server.URL).InvokeDelegate(multusRequest())).To(Equal(response))
+	},
+		Entry(
+			"when the server replies with a simple L2 CNI result",
+			&multusapi.Response{
+				Result: &cni100.Result{
+					CNIVersion: cniVersion,
+					Interfaces: []*cni100.Interface{
+						cniInterface(networkName, podMAC),
+					},
+				}},
+		),
+		Entry("when the server replies with a CNI result featuring IPs", &multusapi.Response{
+			Result: &cni100.Result{
+				CNIVersion: cniVersion,
+				Interfaces: []*cni100.Interface{
+					cniInterface(networkName, podMAC),
+				},
+				IPs: []*cni100.IPConfig{cniIPConfig(podIP)},
+			},
+		}),
+	)
+})
+
+func multusRequest() *multusapi.Request {
+	return &multusapi.Request{
+		Env:    map[string]string{},
+		Config: nil,
+	}
+}
+
+func newDummyClient(httpClient *http.Client, serverURL string) *HTTPClient {
+	return &HTTPClient{httpClient: httpClient, serverURL: serverURL}
+}
+
+func cniInterface(networkName, macAddress string) *cni100.Interface {
+	return &cni100.Interface{
+		Name: networkName,
+		Mac:  macAddress,
+	}
+}
+
+func cniIPConfig(ipStr string) *cni100.IPConfig {
+	ip, ipNet, _ := net.ParseCIDR(ipStr)
+	ipNet.IP = ip
+	return &cni100.IPConfig{
+		Address: *ipNet,
+	}
+}