flannel-io / cni-plugin Goto Github PK
View Code? Open in Web Editor NEWLicense: Apache License 2.0
cni-plugin's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
manuelbuil rajatchopra vadorovsky jojimt queetinliu luthermonson olljanat 00pf00 changyuwang eoncn shenmeng1989 thomasferrandiz cmattos58 isabella232 qwjhq gyaozhou rbrtbnfgl loongson-cloud-community skmatti henry-wzh matttrach tk1ong yzewei zhouliang-eswin koluwagboun gunjid arthur-zhang projectcalico kamalyes mikezappa87 wolfi-chainguard-demo mickael-rogercni-plugin's Issues
Was v1.2.0 retracted?
https://github.com/flannel-io/cni-plugin/releases/download/v1.2.0/flannel-amd64 was downloadable on Nov 30, 2022 (rootless-containers/usernetes#271) but v1.2.0 seems no longer available in https://github.com/flannel-io/cni-plugin/releases
Was v1.2.0 retracted?
The binary released doesn't display the proper information
Binaries released in the CNI plugins repo uses the --version flag to print out the version
$ ./bandwidth --help
CNI bandwidth plugin v1.0.1but the binary released is not displaying that info
$ ./flannel --help
flannel version unknownsource IP not preserved when using hostPort
Expected Behavior
When configuring flannel with:
{
"type": "portmap",
"capabilities": {
"portMappings": true
},
"snat": false
}
I expect the source IP to be preserved. it is not.
Current Behavior
sourceIp is not preserved, which cause an open relay.
Possible Solution
Steps to Reproduce (for bugs)
- install a new k8s cluster with flannel
- create a daemonset with hostPort
- check the sourceIp of the request
Context
I am trying to install mailu (SMTP server...) and I tried using hostPort as they do in their helm chart (no load balancer here).
Your Environment
- Flannel version: v0.15.1
- Backend used (e.g. vxlan or udp): vxlan
- Etcd version: 3.5.0
- Kubernetes version (if used): 1.22.5
- Operating System and version: AlmaLinux 8.5
I tried debugging the issue as you can read here and here
And I am thinking that rule that is SNATing (or maybe masquerading) is created by kube-proxy, but since flannel adds all these rules for hostPort, I would have expected it to fix the sourceIP too.
AFAICT, this is a regression as I didn't have this issue before updating my cluster.
Release new version
how to use latest flannel-cni with kubelet'containerd
Request Windows builds
It was available in https://github.com/containernetworking/plugins
All release archives contains all architectures
If you look at these:
... it looks like both of them have the same contents? I would assume that the first one only have Linux amd64, and the second only have Linux 386.
Is this intended?
Riscv64 failed to build images
golang:alpine does not support riscv64
Don't see disturbances in kubelet / containerd / flanneld logs when I remove the flannel cni binary
Hi,
I have a kubernetes cluster on-prem using containerd as runtime. The current CNI version running on the cluster is v0.8.5 (when flannel-cni was packaged with the other base packages.)
In the process of upgrading the plugins (I am testing the flannel cni v1.1.0 now), I am doing a canary test with the new package.
To compare the logs between the hosts with the old flannel version and the new canary , I want to see what is changing. However, even when I remove the flannel binaries from the expected location and restart containerd, I am not seeing any disturbances. What is going wrong?
Should downstream packages be updated to 1.0 tag ?
Until few hours ago there used to be a v1.1 tag, which seems to be purged now, and replaced with v1.0. Should downstream packages be downgraded to 1.0 ?
Thanks!
Build and tag a release
Now that this is a Real Repository, it's time to tag a version (maybe v0.5? v1.0?) and build a package.
If you want some inspiration, you can use the cni-plugins release script, though it's not perfect.
Why flannel images only exists in docker.io instead of quay.io?
As many organization moving away from docker.io, why flannel images exists only docker.io instead of other repositories like quay.io etc.
Please have flannel and flannel plugins in other repositry .
failed to pull and unpack image "docker.io/rancher/flannel-cni-plugin:v1.2"
Hi there,
I am currently experiencing issues with pulling the flannel-cni-plugin image:
Failed to pull image "rancher/flannel-cni-plugin:v1.2": rpc error: code = Unknown desc = failed to pull and unpack image "docker.io/rancher/flannel-cni-plugin:v1.2": failed to resolve reference "docker.io/rancher/flannel-cni-plugin:v1.2": pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
kube-flannel.yml defiens:
- name: install-cni-plugin
image: rancher/flannel-cni-plugin:v1.2
when looking up this image does not exist on docker hub.
Either Docker Hub is not used the the kube-flannel.yml should define a repository or the image has been move and kube-flannel.yml has to be updated.
There is an image available on Docker Hub from a user named flannelcni joint October 11, 2021, is this official?
LICENSE file missing
Could you please add the LICENSE file?
Compilation issue: "open ./bin/flannel: permission denied"
Arch Linux user.
Came here because of containernetworking/plugins#633.
Compilation ends with the following error:
# valid values for ARCH are [amd64 arm arm64 ppc64le s390x]
docker run -e CGO_ENABLED=1 -e GOARCH=amd64 -e GOCACHE=/go -e GOOS=linux -e GOFLAGS=" -mod=vendor" \
-u 1000:1000 \
-v /home/ben/var/tmp/cni-plugin/dist/qemu-amd64-static:/usr/bin/qemu-amd64-static \
-v /home/ben/var/tmp/cni-plugin:/go/src/github.com/flannel-io/flannel:ro \
-v /home/ben/var/tmp/cni-plugin/bin:/go/src/github.com/flannel-io/flannel/bin \
-v /home/ben/var/tmp/cni-plugin/dist:/go/src/github.com/flannel-io/flannel/dist \
golang:1.15.5 /bin/bash -c '\
cd /go/src/github.com/flannel-io/flannel && \
go build -o "./bin/flannel" . && \
mv bin/flannel dist/flannel-amd64'
go build github.com/flannel-io/cni-plugin: copying /tmp/go-build878444177/b001/exe/a.out: open ./bin/flannel: permission denied
make[1]: *** [Makefile:43: dist/flannel-amd64] Error 1
make[1]: Leaving directory '/home/ben/var/tmp/cni-plugin'
make: *** [Makefile:21: release] Error 2
Here are the complete compilation logs :
[ben@ben-fix tmp]$ git clone https://github.com/flannel-io/cni-plugin
Cloning into 'cni-plugin'...
remote: Enumerating objects: 52, done.
remote: Counting objects: 100% (52/52), done.
remote: Compressing objects: 100% (30/30), done.
remote: Total 52 (delta 13), reused 44 (delta 10), pack-reused 0
Receiving objects: 100% (52/52), 24.24 KiB | 6.06 MiB/s, done.
Resolving deltas: 100% (13/13), done.
[ben@ben-fix tmp]$ cd cni-plugin/
[ben@ben-fix cni-plugin]$ go mod vendor
[ben@ben-fix cni-plugin]$ make
if [ "qemu-s390x-static" = "qemu-amd64-static" ]; then \
wget -O dist/qemu-amd64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-x86_64-static; \
elif [ "qemu-s390x-static" = "qemu-arm64-static" ]; then \
wget -O dist/qemu-arm64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-aarch64-static; \
else \
wget -O dist/qemu-s390x-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-s390x-static; \
fi
--2021-09-20 22:35:49-- https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-s390x-static
SSL_INIT
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving github.com (github.com)... 140.82.121.4
Connecting to github.com (github.com)|140.82.121.4|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://github-releases.githubusercontent.com/47342812/d01b6f80-cffb-11e8-847f-802840322e0b?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203550Z&X-Amz-Expires=300&X-Amz-Signature=96b6fc0976b5cb945889ead2ee63ddd07e6857312a5ad73499dd87b8d8efb3ea&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-s390x-static&response-content-type=application%2Foctet-stream [following]
--2021-09-20 22:35:50-- https://github-releases.githubusercontent.com/47342812/d01b6f80-cffb-11e8-847f-802840322e0b?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203550Z&X-Amz-Expires=300&X-Amz-Signature=96b6fc0976b5cb945889ead2ee63ddd07e6857312a5ad73499dd87b8d8efb3ea&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-s390x-static&response-content-type=application%2Foctet-stream
SSL_INIT
Resolving github-releases.githubusercontent.com (github-releases.githubusercontent.com)... 185.199.108.154, 185.199.110.154, 185.199.109.154, ...
Connecting to github-releases.githubusercontent.com (github-releases.githubusercontent.com)|185.199.108.154|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3648304 (3.5M) [application/octet-stream]
Saving to: ‘dist/qemu-s390x-static’
dist/qemu-s390x-static 100%[==============================================================================>] 3.48M 8.02MB/s in 0.4s
2021-09-20 22:35:50 (8.02 MB/s) - ‘dist/qemu-s390x-static’ saved [3648304/3648304]
if [ "qemu-ppc64le-static" = "qemu-amd64-static" ]; then \
wget -O dist/qemu-amd64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-x86_64-static; \
elif [ "qemu-ppc64le-static" = "qemu-arm64-static" ]; then \
wget -O dist/qemu-arm64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-aarch64-static; \
else \
wget -O dist/qemu-ppc64le-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-ppc64le-static; \
fi
--2021-09-20 22:35:50-- https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-ppc64le-static
SSL_INIT
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving github.com (github.com)... 140.82.121.4
Connecting to github.com (github.com)|140.82.121.4|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://github-releases.githubusercontent.com/47342812/cbef5200-cffb-11e8-9636-fa3e244e3810?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203551Z&X-Amz-Expires=300&X-Amz-Signature=b9011fa1810f79c58e68f5abf4fa0f5ad69f9114a0dee70778b68fab14542cfb&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-ppc64le-static&response-content-type=application%2Foctet-stream [following]
--2021-09-20 22:35:51-- https://github-releases.githubusercontent.com/47342812/cbef5200-cffb-11e8-9636-fa3e244e3810?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203551Z&X-Amz-Expires=300&X-Amz-Signature=b9011fa1810f79c58e68f5abf4fa0f5ad69f9114a0dee70778b68fab14542cfb&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-ppc64le-static&response-content-type=application%2Foctet-stream
SSL_INIT
Resolving github-releases.githubusercontent.com (github-releases.githubusercontent.com)... 185.199.111.154, 185.199.108.154, 185.199.110.154, ...
Connecting to github-releases.githubusercontent.com (github-releases.githubusercontent.com)|185.199.111.154|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 4609304 (4.4M) [application/octet-stream]
Saving to: ‘dist/qemu-ppc64le-static’
dist/qemu-ppc64le-static 100%[==============================================================================>] 4.40M 26.5MB/s in 0.2s
2021-09-20 22:35:51 (26.5 MB/s) - ‘dist/qemu-ppc64le-static’ saved [4609304/4609304]
if [ "qemu-aarch64-static" = "qemu-amd64-static" ]; then \
wget -O dist/qemu-amd64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-x86_64-static; \
elif [ "qemu-aarch64-static" = "qemu-arm64-static" ]; then \
wget -O dist/qemu-arm64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-aarch64-static; \
else \
wget -O dist/qemu-aarch64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-aarch64-static; \
fi
--2021-09-20 22:35:51-- https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-aarch64-static
SSL_INIT
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving github.com (github.com)... 140.82.121.4
Connecting to github.com (github.com)|140.82.121.4|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://github-releases.githubusercontent.com/47342812/bf6af980-cffb-11e8-90f4-add5b48949e1?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203551Z&X-Amz-Expires=300&X-Amz-Signature=ef6a5c253cc9c30cc20f20a51ac122233b04939c8bb96ccca0b005cb058c10c0&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-aarch64-static&response-content-type=application%2Foctet-stream [following]
--2021-09-20 22:35:51-- https://github-releases.githubusercontent.com/47342812/bf6af980-cffb-11e8-90f4-add5b48949e1?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203551Z&X-Amz-Expires=300&X-Amz-Signature=ef6a5c253cc9c30cc20f20a51ac122233b04939c8bb96ccca0b005cb058c10c0&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-aarch64-static&response-content-type=application%2Foctet-stream
SSL_INIT
Resolving github-releases.githubusercontent.com (github-releases.githubusercontent.com)... 185.199.109.154, 185.199.111.154, 185.199.108.154, ...
Connecting to github-releases.githubusercontent.com (github-releases.githubusercontent.com)|185.199.109.154|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 4428480 (4.2M) [application/octet-stream]
Saving to: ‘dist/qemu-aarch64-static’
dist/qemu-aarch64-static 100%[==============================================================================>] 4.22M 26.3MB/s in 0.2s
2021-09-20 22:35:52 (26.3 MB/s) - ‘dist/qemu-aarch64-static’ saved [4428480/4428480]
if [ "qemu-arm-static" = "qemu-amd64-static" ]; then \
wget -O dist/qemu-amd64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-x86_64-static; \
elif [ "qemu-arm-static" = "qemu-arm64-static" ]; then \
wget -O dist/qemu-arm64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-aarch64-static; \
240 2021-09-20 22:35:50 (8.02 MB/s) - ‘dist/qemu-s390x-static’ saved [3648304/3648304]
241
242 if [ "qemu-ppc64le-static" = "qemu-amd64-static" ]; then \
243 wget -O dist/qemu-amd64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-x86_64-static; \
244 elif [ "qemu-ppc64le-static" = "qemu-arm64-static" ]; then \
245 wget -O dist/qemu-arm64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-aarch64-static; \
246 else \
247 wget -O dist/qemu-ppc64le-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-ppc64le-static; \
248 fi
249 --2021-09-20 22:35:50-- https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-ppc64le-static
250 SSL_INIT
251 Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
252 Resolving github.com (github.com)... 140.82.121.4
253 Connecting to github.com (github.com)|140.82.121.4|:443... connected.
254 HTTP request sent, awaiting response... 302 Found
255 Location: https://github-releases.githubusercontent.com/47342812/cbef5200-cffb-11e8-9636-fa3e244e3810?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203551Z&X-Amz-Expires=300&X-Amz-Signature=b9011fa1810f79c58e68f5abf4fa0f5ad69f9 114a0dee70778b68fab14542cfb&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-ppc64le-static&response-content-type=application%2Foctet-stream [following]
256 --2021-09-20 22:35:51-- https://github-releases.githubusercontent.com/47342812/cbef5200-cffb-11e8-9636-fa3e244e3810?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203551Z&X-Amz-Expires=300&X-Amz-Signature=b9011fa1810f79c58e68f5 abf4fa0f5ad69f9114a0dee70778b68fab14542cfb&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-ppc64le-static&response-content-type=application%2Foctet-stream
257 SSL_INIT
258 Resolving github-releases.githubusercontent.com (github-releases.githubusercontent.com)... 185.199.111.154, 185.199.108.154, 185.199.110.154, ...
259 Connecting to github-releases.githubusercontent.com (github-releases.githubusercontent.com)|185.199.111.154|:443... connected.
260 HTTP request sent, awaiting response... 200 OK
261 Length: 4609304 (4.4M) [application/octet-stream]
262 Saving to: ‘dist/qemu-ppc64le-static’
263
264 dist/qemu-ppc64le-static 100%[==============================================================================>] 4.40M 26.5MB/s in 0.2s
265
266 2021-09-20 22:35:51 (26.5 MB/s) - ‘dist/qemu-ppc64le-static’ saved [4609304/4609304]
267
268 if [ "qemu-aarch64-static" = "qemu-amd64-static" ]; then \
269 wget -O dist/qemu-amd64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-x86_64-static; \
270 elif [ "qemu-aarch64-static" = "qemu-arm64-static" ]; then \
271 wget -O dist/qemu-arm64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-aarch64-static; \
272 else \
273 wget -O dist/qemu-aarch64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-aarch64-static; \
274 fi
275 --2021-09-20 22:35:51-- https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-aarch64-static
276 SSL_INIT
277 Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
278 Resolving github.com (github.com)... 140.82.121.4
279 Connecting to github.com (github.com)|140.82.121.4|:443... connected.
280 HTTP request sent, awaiting response... 302 Found
281 Location: https://github-releases.githubusercontent.com/47342812/bf6af980-cffb-11e8-90f4-add5b48949e1?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203551Z&X-Amz-Expires=300&X-Amz-Signature=ef6a5c253cc9c30cc20f20a51ac122233b049 39c8bb96ccca0b005cb058c10c0&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-aarch64-static&response-content-type=application%2Foctet-stream [following]
282 --2021-09-20 22:35:51-- https://github-releases.githubusercontent.com/47342812/bf6af980-cffb-11e8-90f4-add5b48949e1?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203551Z&X-Amz-Expires=300&X-Amz-Signature=ef6a5c253cc9c30cc20f20 a51ac122233b04939c8bb96ccca0b005cb058c10c0&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-aarch64-static&response-content-type=application%2Foctet-stream
283 SSL_INIT
284 Resolving github-releases.githubusercontent.com (github-releases.githubusercontent.com)... 185.199.109.154, 185.199.111.154, 185.199.108.154, ...
285 Connecting to github-releases.githubusercontent.com (github-releases.githubusercontent.com)|185.199.109.154|:443... connected.
286 HTTP request sent, awaiting response... 200 OK
287 Length: 4428480 (4.2M) [application/octet-stream] else \
wget -O dist/qemu-arm-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-arm-static; \
fi
--2021-09-20 22:35:52-- https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-arm-static
SSL_INIT
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving github.com (github.com)... 140.82.121.4
Connecting to github.com (github.com)|140.82.121.4|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://github-releases.githubusercontent.com/47342812/c134bd00-cffb-11e8-94de-7b3710c07515?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203552Z&X-Amz-Expires=300&X-Amz-Signature=96781be2ed6d7bf536cbe8a8350365ef3102a448a946d48646a116b9663e026f&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-arm-static&response-content-type=application%2Foctet-stream [following]
--2021-09-20 22:35:52-- https://github-releases.githubusercontent.com/47342812/c134bd00-cffb-11e8-94de-7b3710c07515?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203552Z&X-Amz-Expires=300&X-Amz-Signature=96781be2ed6d7bf536cbe8a8350365ef3102a448a946d48646a116b9663e026f&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-arm-static&response-content-type=application%2Foctet-stream
SSL_INIT
Resolving github-releases.githubusercontent.com (github-releases.githubusercontent.com)... 185.199.110.154, 185.199.109.154, 185.199.111.154, ...
Connecting to github-releases.githubusercontent.com (github-releases.githubusercontent.com)|185.199.110.154|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3873448 (3.7M) [application/octet-stream]
Saving to: ‘dist/qemu-arm-static’
dist/qemu-arm-static 100%[==============================================================================>] 3.69M 18.3MB/s in 0.2s
2021-09-20 22:35:53 (18.3 MB/s) - ‘dist/qemu-arm-static’ saved [3873448/3873448]
ARCH=amd64 make dist/flannel-31aeb1c-amd64.docker
make[1]: Entering directory '/home/ben/var/tmp/cni-plugin'
if [ "qemu-amd64-static" = "qemu-amd64-static" ]; then \
wget -O dist/qemu-amd64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-x86_64-static; \
elif [ "qemu-amd64-static" = "qemu-arm64-static" ]; then \
wget -O dist/qemu-arm64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-aarch64-static; \
else \
wget -O dist/qemu-amd64-static https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-amd64-static; \
fi
--2021-09-20 22:35:53-- https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-x86_64-static
SSL_INIT
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving github.com (github.com)... 140.82.121.4
Connecting to github.com (github.com)|140.82.121.4|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://github-releases.githubusercontent.com/47342812/d4478d00-cffb-11e8-8a74-22686fad33ae?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203553Z&X-Amz-Expires=300&X-Amz-Signature=63ea588cec3f477cbd9d27eef32ba4255169fdced790fe2da3370b5b13b69037&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-x86_64-static&response-content-type=application%2Foctet-stream [following]
--2021-09-20 22:35:53-- https://github-releases.githubusercontent.com/47342812/d4478d00-cffb-11e8-8a74-22686fad33ae?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210920%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210920T203553Z&X-Amz-Expires=300&X-Amz-Signature=63ea588cec3f477cbd9d27eef32ba4255169fdced790fe2da3370b5b13b69037&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47342812&response-content-disposition=attachment%3B%20filename%3Dqemu-x86_64-static&response-content-type=application%2Foctet-stream
SSL_INIT
Resolving github-releases.githubusercontent.com (github-releases.githubusercontent.com)... 185.199.108.154, 185.199.110.154, 185.199.109.154, ...
Connecting to github-releases.githubusercontent.com (github-releases.githubusercontent.com)|185.199.108.154|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 4443728 (4.2M) [application/octet-stream]
Saving to: ‘dist/qemu-amd64-static’
dist/qemu-amd64-static 100%[==============================================================================>] 4.24M 26.8MB/s in 0.2s
2021-09-20 22:35:53 (26.8 MB/s) - ‘dist/qemu-amd64-static’ saved [4443728/4443728]
# valid values for ARCH are [amd64 arm arm64 ppc64le s390x]
docker run -e CGO_ENABLED=1 -e GOARCH=amd64 -e GOCACHE=/go -e GOOS=linux -e GOFLAGS=" -mod=vendor" \
-u 1000:1000 \
-v /home/ben/var/tmp/cni-plugin/dist/qemu-amd64-static:/usr/bin/qemu-amd64-static \
-v /home/ben/var/tmp/cni-plugin:/go/src/github.com/flannel-io/flannel:ro \
-v /home/ben/var/tmp/cni-plugin/bin:/go/src/github.com/flannel-io/flannel/bin \
-v /home/ben/var/tmp/cni-plugin/dist:/go/src/github.com/flannel-io/flannel/dist \
golang:1.15.5 /bin/bash -c '\
cd /go/src/github.com/flannel-io/flannel && \
go build -o "./bin/flannel" . && \
mv bin/flannel dist/flannel-amd64'
go build github.com/flannel-io/cni-plugin: copying /tmp/go-build878444177/b001/exe/a.out: open ./bin/flannel: permission denied
make[1]: *** [Makefile:43: dist/flannel-amd64] Error 1
make[1]: Leaving directory '/home/ben/var/tmp/cni-plugin'
make: *** [Makefile:21: release] Error 2
The delegate file size is zero after restart VM
The flannel runs properly until the VM was restarted, the pod could not delete normally.
We checked the delegate file created by the flannel: /var/lib/cni/flannel/43bd9329948d3095ru40323009fd9s00erer0dd00s9edfad9edss0y9999se9de, found that the file size is 0.
Maybe we can add the sync function in saveScratchNetConf(containerID, dataDir string, netconf []byte), refer to the etcd's code ioutil.WriteAndSyncFile, thanks.
# ls -l /var/lib/cni/flannel
-rw------- 1 root root 238 Jun 8 22:11 f913be9f5cd806f8ac8801f6b6abf51865783be347b3d3f66b0010fc922a06c6
-rw------- 1 root root 0 Jun 12 16:12 43bd9329948d3095ru40323009fd9s00erer0dd00s9edfad9edss0y9999se9de
how to use the flannel in kubernetes clusters?
I deploy k8s with binary, I get cni plugin from https://github.com/containernetworking/cni/tags, I get yaml from https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
I have a question:
I found the flannel cni version which is not lastest, if I want to use latest , how should I do?
flannel/flannel-cni-plugin is pinned to old Alpine edge release
Suggestion: if flannel/flannel-cni-plugin is going to be built from an edge release of Alpine, use FROM alpine:edge instead of FROM alpine:<oldtaghere>
The old FROM tag is causing the plugin to accumulate CVE's:
Trivy output:
$ trivy image -d flannel/flannel-cni-plugin:v1.4.0-flannel1
flannel/flannel-cni-plugin:v1.4.0-flannel1 (alpine 3.19_alpha20230901)
Total: 10 (UNKNOWN: 0, LOW: 2, MEDIUM: 6, HIGH: 2, CRITICAL: 0)
Offending code:
https://github.com/flannel-io/cni-plugin/blob/main/Dockerfile.image#L19
FROM alpine:20230901
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.