Package cni contains the libraries that drive the antrea-cni binary. antrea-cni is invoked by Kubelet and is responsible for requesting the antrea-agent to set up networking for Pods.
const AntreaCNISocketAddr = "/var/run/antrea/cni.sock"
AntreaCNISocketAddr is the UNIX socket used by the CNI Protobuf / gRPC service.
const AntreaCNIVersion = "1.0.0-beta.1"
AntreaCNIVersion is the full semantic version (https://semver.org/) of our CNI Protobuf / gRPC service.
We follow these best practices (https://cloud.google.com/apis/design/versioning) for the versioning of the CNI Protobuf / gRPC service. The major version number is encoded as the last component of the proto package name. For pre-GA releases, the last component also includes the pre-release version name (e.g. beta) and the pre-release version number. As the API evolves, the major version number (and therefore the proto package name) will change if and only if API backwards-compatibility is broken.
Here are some potential scenarios we need to accommodate:
major API refactor that breaks backwards-compatibility: in this case we would increase the major version number.
support for a new CNI version:
- introduction of a new RPC (e.g. when the CHECK command was added in version 0.4.0 of the CNI spec). In such a case we would increment the minor version number (backwards- compatibility is not broken). If antrea-cni does not support this new version, it will not list the new CNI spec version as supported and there will be no issue. If antrea-cni supports it but not the antrea-agent, the gRPC server will return an UNIMPLEMENTED error which we can propagate to the runtime. There is no way to handle this last case better with the current design unless we introduce a different RPC (e.g. Capabilities) early to query the server for the supported API version. This would also require an additional RPC for each CNI binary invocation.
- introduction of a new field to a proto message: highly unlikely because we just send the CNI input / output as bytes.
- no changes are needed if only the CNI parameters or CNI result format changed. In this case either antrea-cni or antrea-agent will reject the CNI request by validating the cniVersion against the list of supported versions. This is independent of which version of the gRPC service is used by either antrea-cni or antrea-agent.
The gRPC server will return UNIMPLEMENTED if the service is unknown (mismatch in package name, i.e. mismatch in major version number) or if the method is unknown. In both cases we return an INCOMPATIBLE_API_VERSION error to the container runtime.
To limit incompatibility cases, we can strive to support multiple releases (and in particular all pre-GA releases of a major version, along with that major version release itself) in the server. This is harder to do on the client side (need to fallback to a previous version when getting an UNIMPLEMENTED error).
This section is empty.
This section is empty.
type Action int