[TOC] ### **目标** 弄清楚 cri -》 plugin -》 ipam 调用过程中，传参与返回值。ADD、CHECK、DELETE、VERSION四个操作。 ### **创建网络配置文件** ``` { "cniVersion": "1.0.0", "name": "mynet", "plugins": [ { "type": "myplugin", # required "myplugin-key1": "value", # myplugin所需要的参数 "capabilities": {}, # optional, dictionary "dns": {}, # optional "ipMasq": false, # optional, 当myplugin支持ipMasq时才需要设置 "ipam": { # optional，一般都需会设置 "type": "myipam", # required "myipam-key1": "value" # myipam所需要的参数 } } ] } ``` ### **ADD** ##### **CRI调plugin** 调用命令如下： ``` $ CNI_COMMAND="ADD" CNI_CONTAINERID="<containerid>" CNI_NETNS="<netns>" CNI_IFNAME="eth0" CNI_PATH="/opt/cni/bin" /opt/cni/bin/myplugin < myplugin.conf ``` myplugin.conf文件内容如下，在上面的myplugin配置的基础上，增加和删除了一些字段。增加的字段有`cniVersion`、`name`，删除的字段有`capabilities`，参考[此处](https://www.cni.dev/docs/spec/#deriving-execution-configuration-from-plugin-configuration)： ``` { "cniVersion": "1.0.0", "name": "mynet", "type": "myplugin", "myplugin-key1": "value", "dns": {}, "ipMasq": false, "ipam": { "type": "myipam", "myipam-key1": "value" } } ``` ##### **plugin调用ipam** plugin在调用ipam时，环境变量和配置文件是一模一样的（已使用shell脚本模拟ipam验证），如下： ``` $ CNI_COMMAND="ADD" CNI_CONTAINERID="<containerid>" CNI_NETNS="<netns>" CNI_IFNAME="eth0" CNI_PATH="/opt/cni/bin" /opt/cni/bin/myipam < myplugin.conf ``` 当ipam调用成功后，应该返回0，然后把结果输出到stdout中，json如下： ``` { "cniVersion": "1.0.0", "ips": [ { "address": "192.168.1.3/24", "gateway": "x.x.x.x" } ], "routes": [ { "dst": "x.x.x.x/xx", "gw": "x.x.x.x" } ], "dns": {} } ``` 接着plugin会设置容器的网络，然后返回0，并把结果输出到stdout中，json如下（相比ipam的输出，多了interfaces字段，以及ips当中的interface字段）： ``` { "cniVersion": "1.0.0", "interfaces": [ { "name": eth0 } ], "ips": [ { "address": "192.168.1.3/24", "gateway": "x.x.x.x" } ], "routes": [ { "dst": "x.x.x.x/xx", "gw": "x.x.x.x" } ], "dns": {} } ``` ### **CHECK** ### **DEL** ### **VERSION**