Add preserve_network flag to node config

When false, CNI and associated veth devices are cleaned up upon starting the machine manager.
synadia-io · Feb 8, 2024 · 7fdc3e7 · 7fdc3e7
1 parent 78f2576
commit 7fdc3e7
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 7 deletions.
diff --git a/internal/node/config.go b/internal/node/config.go
@@ -24,21 +24,20 @@ var (
 // Node configuration is used to configure the node process as well
 // as the virtual machines it produces
 type NodeConfiguration struct {
-	DefaultResourceDir string `json:"default_resource_dir"`
-	KernelFilepath     string `json:"kernel_filepath"`
-	RootFsFilepath     string `json:"rootfs_filepath"`
-
 	CNI                 CNIDefinition     `json:"cni"`
-	ForensicMode        bool              `json:"-"`
+	DefaultResourceDir  string            `json:"default_resource_dir"`
 	ForceDepInstall     bool              `json:"-"`
 	InternalNodeHost    *string           `json:"internal_node_host,omitempty"`
 	InternalNodePort    *int              `json:"internal_node_port"`
+	KernelFilepath      string            `json:"kernel_filepath"`
 	MachinePoolSize     int               `json:"machine_pool_size"`
 	MachineTemplate     MachineTemplate   `json:"machine_template"`
 	OtelMetrics         bool              `json:"otel_metrics"`
 	OtelMetricsPort     int               `json:"otel_metrics_port"`
 	OtelMetricsExporter string            `json:"otel_metrics_exporter"`
+	PreserveNetwork     bool              `json:"preserve_network,omitempty"`
 	RateLimiters        *Limiters         `json:"rate_limiters,omitempty"`
+	RootFsFilepath      string            `json:"rootfs_filepath"`
 	Tags                map[string]string `json:"tags,omitempty"`
 	ValidIssuers        []string          `json:"valid_issuers,omitempty"`
 	WorkloadTypes       []string          `json:"workload_types,omitempty"`

diff --git a/internal/node/machine_mgr.go b/internal/node/machine_mgr.go
@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"log/slog"
 	"os"
+	"os/exec"
 	"path"
 	"strconv"
 	"strings"
@@ -116,6 +117,13 @@ func (m *MachineManager) Start() {
 		}
 	}()
 
+	if !m.config.PreserveNetwork {
+		err := m.resetCNI()
+		if err != nil {
+			m.log.Warn("Failed to reset network.", slog.Any("err", err))
+		}
+	}
+
 	for !m.stopping() {
 		select {
 		case <-m.ctx.Done():
@@ -338,8 +346,31 @@ func (m *MachineManager) awaitHandshake(vmid string) {
 	}
 }
 
-// TODO : look into also pre-removing /var/lib/cni/networks/fcnet/ during startup sequence
-// to ensure we get the full IP range
+func (m *MachineManager) resetCNI() error {
+	m.log.Info("Resetting network")
+
+	err := os.RemoveAll("/var/lib/cni")
+	if err != nil {
+		return err
+	}
+
+	err = os.Mkdir("/var/lib/cni", 0755)
+	if err != nil {
+		return err
+	}
+
+	cmd := exec.Command("bash", "-c", "for name in $(ifconfig -a | sed 's/[ \t].*//;/^\\(lo\\|\\)$/d' | grep veth); do ip link delete $name; done")
+	err = cmd.Start()
+	if err != nil {
+		return err
+	}
+	err = cmd.Wait()
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
 
 // Remove firecracker VM sockets created by this pid
 func (m *MachineManager) cleanSockets() {