containernetworking / plugins Goto Github PK
View Code? Open in Web Editor NEWSome reference and example networking plugins, maintained by the CNI team.
License: Apache License 2.0
Some reference and example networking plugins, maintained by the CNI team.
License: Apache License 2.0
My /etc/cni/net.d/10-flannelnet.conf file looks like this :
{
"name": "flannelnet",
"type": "flannel",
"subnetFile": "/var/run/flannel/subnet.env",
"delegate":{ "isDefaultGateway": true},
"dns": {
"nameservers": [ "10.112.10.2" ]
}
}
I tried to create network endpoint using scripts avaliable at : https://github.com/containernetworking/cni/tree/master/scripts
Endpoint inside container gets created but there is no entry of dns server in /etc/resolv.conf inside container
Right now we create too many iptables rules for masquerade. We should stop doing that, and create one per netblock / interface instead.
As observed in kubernetes/kubernetes#59033, a quick teardown + spinup of portmappings can cause UDP "flows" to be lost, thanks to stale conntrack entries.
From the original issue:
- A server pod exposes UDP host port.
- A client sends packets to the server pod thru the host port. This creates a conntrack entry.
- The server pod's IP changs due to whatever reason, such as pod gets recreated.
- Due to the nature of UDP and conntrack, new request from the same client to the host port will keep hitting the stale conntrack entry.
- Client observes traffic black hole.
Enabling ipv6 forwarding has some interesting side-effects. According to the kernel docs:
If local forwarding is enabled, Router behaviour is assumed.
This means exactly the reverse from the above:
- IsRouter flag is set in Neighbour Advertisements.
- Router Solicitations are not sent unless accept_ra is 2.
- Router Advertisements are ignored unless accept_ra is 2.
- Redirects are ignored.
We almost certainly do not want to do this globally. As the kernel docs say,
It is recommended to have the same setting on all interfaces; mixed router/host scenarios are rather uncommon.
However, that's exactly the scenario we might find ourselves in.
So, if we want to support a host with a SLAAC uplink and, say, host-local masqueraded link, I think we'll be in trouble. I need to do some experimenting and test this out.
We set the bridge's mac address (a.k.a. bridge id) based on a deterministic permutation of the bridge's v4 address. When the bridge doesn't have a v4 address, there is no explicit mac set, so it chooses the lowest mac on the bridge. This changes as containers come and go.
We probably should just set the mac to itself in all cases and stop changing it.
Not knowing the exact plugin version makes debugging tricky, especially when it's not clear where the cni binaries come from.
The plugins should have some kind of a --version
argument or equivalent.
My test:
{
"name": "mynet",
"type": "ptp",
"ipMasq": true,
"ipam": {
"type": "host-local",
"subnet": "10.1.1.0/24",
"routes": [
{ "dst": "0.0.0.0/0" }
]
}
}
./docker-run.sh -it --rm docker.io/richarvey/nginx-php-fpm
Enter the running container and curl its IP + Port, it's reachable.
Enter the running container and curl a VIP(its real backend is the container itself) + Port, it's unreachable.
PS. I created an IPVS virtual server.
[root@SHA1000130405 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 1.2.3.4:80 rr
-> 10.1.1.16:80 Route 1 0 0
and bound the VIP(1.2.3.4) to a local dummy device.
551: kube-ipvs0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN
link/ether 5a:e7:c7:95:e0:82 brd ff:ff:ff:ff:ff:ff
inet 1.2.3.4/32 scope global kube-ipvs0
We want to be able to unmount the netns on purpose, and remove it when we know we properly unmounted it.
Refer to the discussion here: containernetworking/cni#342
Sometimes ipv6 is disabled (e.g. via kernel command line)
From the RFC:
If the DHCP server returns both a Classless Static Routes option and
a Router option, the DHCP client MUST ignore the Router option.
Similarly, if the DHCP server returns both a Classless Static Routes
option and a Static Routes option, the DHCP client MUST ignore the
Static Routes option.
We do neither: we ignore the Router option and merge the Classless and Static sections.
I spoke with @vishvananda and he's interested in finding a home + growing the contributor base for his netlink (https://github.com/vishvananda/netlink) library which CNI uses along with other networking related projects.
Is there any interest in the CNI maintainer-ship?
At the moment, I don't think CNI has a clear process on accepting new projects unless I'm mistaken, this could be an exercise in defining one.
Is there any difference between the two binaries? What's the reasoning for having the downloads named similarly?
When a container tries to talk to itself (over the portmapped "host" ip + port), it doesn't work. It should.
Creating a new issue to get feedback on whether it makes sense to add a Windows CNI in this repository vs a separate repo? Contrib guidelines ask for 3rd party plugins to live in their own repo - however one could possibly argue that a Windows plugin makes sense to round off CNI OS support? Looking for opinions.
WinCNI as it is implemented today is a single EXE that implements the CNI interface and uses the hcsshim GO wrapper to configure Windows HNS Networks and Endpoints (https://github.com/Microsoft/hcsshim).
The host-local (and maybe the DHCP) plugin should support range configuration via capability args.
Questions:
If the POD is terminated, IP address of the terminated POD doesn't get re-allocated to a new POD, deployed with a different docker image than the terminated POD. If the new POD is deployed with the same Docker image, IP address of the terminated POD is re-allocated.
Workaround of the problem - once the POD is terminated, delete the /var/lib/cni/networks/.
This issue is redirected from multus forum - https://github.com/Intel-Corp/multus-cni/issues/54.
To make it easier to supply bandwidth in a dynamic manner, the traffic shaping plugin should support a capability arg.
It would make consumption a little easier, and why not anyway?
We run our infrastructure with IPv6 fully disabled via the kernel command line with ipv6.disable=1
. When using a recent version of the CNI plugins, this causes the following failure for kubenet:
E1220 23:52:31.981780 7122 remote_runtime.go:91] RunPodSandbox from runtime service failed: rpc error: code = 2 desc = NetworkPlugin kubenet failed to set up pod "node-problem-detector-812sn_kube-system" netw
ork: Error adding container to network: open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory
Kubernetes is passing a body like:
{
"cniVersion": "0.1.0",
"name": "kubenet",
"type": "bridge",
"bridge": "cbr0",
"mtu": 1460,
"addIf": "eth0",
"isGateway": true,
"ipMasq": false,
"hairpinMode": false,
"ipam": {
"type": "host-local",
"subnet": "172.22.65.128/25",
"gateway": "172.22.65.129",
"routes": [
{ "dst": "0.0.0.0/0" }
]
}
}
I see in the code that the accept_dad setting is only touched if the IPAM code returns an IPV6 address here:
https://github.com/containernetworking/plugins/blob/master/plugins/main/bridge/bridge.go#L389-L396
I'm trying to figure out why the IPAM code is returning an IPv6 address at all when kubelet isn't asking for one. Is there a way to disable this?
some applications may need a fixed mac address or assign mac address by user.
it should be supported to assign mac address or generate mac address using ip like docker does https://github.com/docker/libnetwork/blob/master/netutils/utils.go#L97.
Many SDN solution supports attaching multiple network interfaces to instance which is running on cloud. (e.g. aws,google cloud and so on). And I think it is a good idea to utilize this capability to allocate nic for docker container.
In order to implement this feature, Following new plugins are needed.
a plugin which attaches a new network interface to instance and assign static ip stack for network interface.
I would like to implement this plugin. Any ideas are appreciated.
I like get the suggestion from CNI maintainers on the idea, modifying the vlan plugin to add vlan tagging if the master
interface is in the container network namespace.
eth0 Link encap:Ethernet HWaddr 0e:6b:9a:06:a5:a0
inet addr:192.168.116.3 Bcast:0.0.0.0 Mask:255.255.252.0
inet6 addr: fe80::c6b:9aff:fe06:a5a0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1450 Metric:1
RX packets:96 errors:0 dropped:0 overruns:0 frame:0
TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:10232 (10.2 KB) TX bytes:690 (690.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
net0 Link encap:Ethernet HWaddr d2:70:b0:fd:ce:5a
inet addr:10.56.217.131 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::d070:b0ff:fefd:ce5a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11484 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3927528 (3.9 MB) TX bytes:288 (288.0 B)
net0.33 Link encap:Ethernet HWaddr d2:70:b0:fd:ce:5a
inet addr:10.56.217.132 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::d070:b0ff:fefd:ce5a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:648 (648.0 B)
Let consider the net0 is the Physical interface or master
which is in container network namespace. net0.33 is Vlan tagging for it in the same container network namespace.
Lines 127 to 167 in 556e509
Hi team, I'm learning the NetNS code then get a small questions here.
L149 hostNS, err := GetCurrentNS()
I think GetCurrentNS()
just gives us current thread's namespace, how can we make sure it is host's namespace (considering ns.Do
may be possibly invoked in container namespace)?
Before this change, there was no safe way to change the namespace within a long lived multi-thread process.
We wrote a test for this to make sure the commit fixed the issue. It, correctly, eventually fails when run with golang 1.9. It passes with golang 1.10.
However, when we run the test with the untilItFails
flag in 1.10. It will eventually error where the test failed to get the network namespace, because the process task directory was missing.
Expected error:
<*os.PathError | 0xc42319b590>: {
Op: "open",
Path: "/proc/29002/task/29015/ns/net",
Err: 0x2,
}
open /proc/29002/task/29015/ns/net: no such file or directory
not to have occurred
/media/sf_dev_go/src/github.com/containernetworking/plugins/pkg/ns/ns_linux_test.go:112
untilItFails
with golang 1.10. It consistently took about 300 tries for us.We expected it to succeed indefinitely.
It eventually fails after running the test too many times.
We found by adding a runtime.UnlockOSThread()
to the Do
function prevents the test from failing (even when running with the untilItFails
).
We believe unlocking the os thread should be safe in 1.10 due to this fix.
However, this fix causes the test to slow down significantly over time, for reasons that we don't understand.
Some additional CNI network plugins, matinained by the containernetworking team
maintained?
Running CNI IPAM plugin (dhcp) on a network managed by libvirt (NATed)...
Everything looks good except for when I delete my services/pods, I see the following in the DHCP daemon output and it crashes.
Jan 04 22:19:17 sdp dhcp[14769]: panic: close of closed channel
Jan 04 22:19:17 sdp dhcp[14769]: goroutine 38 [running]:
Jan 04 22:19:17 sdp dhcp[14769]: main.(*DHCPLease).Stop(0xc4200bc7e0)
Jan 04 22:19:17 sdp dhcp[14769]: /opt/src/gopath/src/github.com/containernetworking/plugin
Jan 04 22:19:17 sdp dhcp[14769]: main.(*DHCP).Release(0xc42000f400, 0xc420194690, 0xa5c238, 0x0, 0
Jan 04 22:19:17 sdp dhcp[14769]: /opt/src/gopath/src/github.com/containernetworking/plugin
Jan 04 22:19:17 sdp dhcp[14769]: reflect.Value.call(0xc420046360, 0xc42000c140, 0x13, 0x8444a6, 0x
Jan 04 22:19:17 sdp dhcp[14769]: /usr/local/go/src/reflect/value.go:434 +0x91f
Jan 04 22:19:17 sdp dhcp[14769]: reflect.Value.Call(0xc420046360, 0xc42000c140, 0x13, 0xc42001e720
Jan 04 22:19:17 sdp dhcp[14769]: /usr/local/go/src/reflect/value.go:302 +0xa4
Jan 04 22:19:17 sdp dhcp[14769]: net/rpc.(*service).call(0xc42003b980, 0xc42003b8c0, 0xc4201825e0,
Jan 04 22:19:17 sdp dhcp[14769]: /usr/local/go/src/net/rpc/server.go:387 +0x144
Jan 04 22:19:17 sdp dhcp[14769]: created by net/rpc.(*Server).ServeCodec
Jan 04 22:19:17 sdp dhcp[14769]: /usr/local/go/src/net/rpc/server.go:481 +0x404
J
This PR containernetworking/cni#477 has changed the type of IPConfig.Interface
from int
to *int
.
If containernetworking/plugins
updates vendered pkg, it may cause https://github.com/containernetworking/plugins/blob/master/pkg/ipam/ipam.go#L56 not working.
The PR containernetworking/cni#477 is rational, but containernetworking/plugins
does not catch up with containernetworking/cni
. And if someone develops an ipam plugin and use vendoring in his project which will vendor containernetworking/cni
and containernetworking/plugins
, he may find that https://github.com/containernetworking/plugins/blob/master/pkg/ipam/ipam.go#L56 cause his ipam plugin couldn't be compiled.
So is it necessay to vendor containernetworking/cni
in containernetworking/plugins
, or is there a way to catch up with containernetworking/cni
?
wget https://github.com/containernetworking/cni/releases/download/v0.3.0/cni-v0.3.0.tgz
tar -zxvf cni-v0.3.0.tgz
There is no portmap
plugin.
I realised that the DHCP ipam plugin can only use the created device to contact the DHCP server. I am currently in a scenario, where the device itself can't reach the DHCP server. There is routing and traffic mirroring happening in-between.
I think that adding the option to talk to the DHCP server via a different device could be a nice addition, and it would fit the spec models separation between ipam and main pretty well.
What do you guys think?
Currently the release process for plugins includes manual steps.
I'd like to automate this more.
I'm looking to do automated rpm builds of master branch of this repo for the containernetworking-cni
rpm on Fedora rawhide. Part of it involves grabbing the latest version number. But, afaict, version number is recorded only in git tags which won't quite work for me since I'll be using master. So, I'm hoping you can have the string mentioned in the source somewhere.
/cc @fkluknav
A motivating example is the kubenet deprecation, but that certainly isn't the only use. It would be nice to have a chained plugin that allowed for some basic bandwidth limiting / traffic shaping.
This would be a new capability arg.
Hi.
I've been trying to install the plugins and the binaries seem to be created just okay, but when I run the test.sh
, I see a lot of error messages. I cannot figure out the reasons or any clue about those errors.
OS : Gentoo Linux
uname -a
: Linux ns2 4.9.34-gentoo #7 SMP Wed Jul 19 13:04:15 KST 2017 x86_64 Intel(R) Xeon(R) CPU X5680 @ 3.33GHz GenuineIntel GNU/Linux
The below is the entire log messages from test.sh
.
ns2 ~/plugins # ./test.sh
Building plugins
flannel
portmap
tuning
bridge
ipvlan
loopback
macvlan
ptp
vlan
dhcp
host-local
sample
Running tests
ok github.com/containernetworking/plugins/plugins/ipam/dhcp 0.009s
ok github.com/containernetworking/plugins/plugins/ipam/host-local 0.018s
ok github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator 0.016s
ok github.com/containernetworking/plugins/plugins/main/loopback 3.378s
Running Suite: ipvlan Suite
===========================
Random Seed: 1502093322
Will run 3 of 3 specs
• Failure [0.406 seconds]
ipvlan Operations
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/ipvlan/ipvlan_test.go:227
creates an ipvlan link in a non-default namespace [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/ipvlan/ipvlan_test.go:103
Expected error:
<*errors.errorString | 0xc420156830>: {
s: "failed to create ipvlan: operation not supported",
}
failed to create ipvlan: operation not supported
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/ipvlan/ipvlan_test.go:87
------------------------------
• Failure [0.483 seconds]
ipvlan Operations
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/ipvlan/ipvlan_test.go:227
configures and deconfigures an iplvan link with ADD/DEL [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/ipvlan/ipvlan_test.go:189
Expected error:
<*errors.errorString | 0xc420157a50>: {
s: "failed to create ipvlan: operation not supported",
}
failed to create ipvlan: operation not supported
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/ipvlan/ipvlan_test.go:137
------------------------------
•
Summarizing 2 Failures:
[Fail] ipvlan Operations [It] creates an ipvlan link in a non-default namespace
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/ipvlan/ipvlan_test.go:87
[Fail] ipvlan Operations [It] configures and deconfigures an iplvan link with ADD/DEL
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/ipvlan/ipvlan_test.go:137
Ran 3 of 3 Specs in 2.059 seconds
FAIL! -- 1 Passed | 2 Failed | 0 Pending | 0 Skipped --- FAIL: TestIpvlan (2.06s)
FAIL
FAIL github.com/containernetworking/plugins/plugins/main/ipvlan 2.069s
ok github.com/containernetworking/plugins/plugins/main/macvlan 2.036s
Running Suite: bridge Suite
===========================
Random Seed: 1502093322
Will run 8 of 8 specs
••
------------------------------
• Failure [3.583 seconds]
bridge Operations
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:895
configures and deconfigures a bridge and veth with default route with ADD/DEL for 0.3.0 config [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:666
Expected error:
<*os.PathError | 0xc4201e3920>: {
Op: "open",
Path: "/proc/sys/net/ipv6/conf/eth0/accept_dad",
Err: 0x2,
}
open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:253
------------------------------
• Failure [1.553 seconds]
bridge Operations
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:895
configures and deconfigures a bridge and veth with default route with ADD/DEL for 0.3.1 config [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:696
Expected error:
<*os.PathError | 0xc4204cb1a0>: {
Op: "open",
Path: "/proc/sys/net/ipv6/conf/eth0/accept_dad",
Err: 0x2,
}
open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:253
------------------------------
•
------------------------------
• Failure [1.183 seconds]
bridge Operations
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:895
configures and deconfigures a bridge and veth with default route with ADD/DEL for 0.1.0 config [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:744
Expected error:
<*os.PathError | 0xc420366360>: {
Op: "open",
Path: "/proc/sys/net/ipv6/conf/eth0/accept_dad",
Err: 0x2,
}
open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:425
------------------------------
• Failure [0.110 seconds]
bridge Operations
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:895
ensure bridge address [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:857
Expected error:
<*errors.errorString | 0xc4202e1930>: {
s: "could not add IP address to \"bridge0\": operation not supported",
}
could not add IP address to "bridge0": operation not supported
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:817
------------------------------
•
Summarizing 4 Failures:
[Fail] bridge Operations [It] configures and deconfigures a bridge and veth with default route with ADD/DEL for 0.3.0 config
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:253
[Fail] bridge Operations [It] configures and deconfigures a bridge and veth with default route with ADD/DEL for 0.3.1 config
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:253
[Fail] bridge Operations [It] configures and deconfigures a bridge and veth with default route with ADD/DEL for 0.1.0 config
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:425
[Fail] bridge Operations [It] ensure bridge address
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/bridge/bridge_test.go:817
Ran 8 of 8 Specs in 7.285 seconds
FAIL! -- 4 Passed | 4 Failed | 0 Pending | 0 Skipped --- FAIL: TestBridge (7.29s)
FAIL
FAIL github.com/containernetworking/plugins/plugins/main/bridge 7.292s
Running Suite: ptp Suite
========================
Random Seed: 1502093322
Will run 3 of 3 specs
•
------------------------------
• Failure [0.217 seconds]
ptp Operations
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/ptp/ptp_test.go:205
configures and deconfigures a dual-stack ptp link with ADD/DEL [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/ptp/ptp_test.go:165
Expected error:
<*errors.errorString | 0xc42025e1a0>: {
s: "Could not enable IP forwarding: open /proc/sys/net/ipv6/conf/all/forwarding: no such file or directory",
}
Could not enable IP forwarding: open /proc/sys/net/ipv6/conf/all/forwarding: no such file or directory
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/ptp/ptp_test.go:70
------------------------------
•
Summarizing 1 Failure:
[Fail] ptp Operations [It] configures and deconfigures a dual-stack ptp link with ADD/DEL
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/ptp/ptp_test.go:70
Ran 3 of 3 Specs in 2.038 seconds
FAIL! -- 2 Passed | 1 Failed | 0 Pending | 0 Skipped --- FAIL: TestPtp (2.04s)
FAIL
FAIL github.com/containernetworking/plugins/plugins/main/ptp 2.043s
Running Suite: Flannel Suite
============================
Random Seed: 1502093321
Will run 5 of 5 specs
STEP: calling ADD
• Failure [0.107 seconds]
Flannel
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/meta/flannel/flannel_test.go:216
CNI lifecycle
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/meta/flannel/flannel_test.go:160
uses dataDir for storing network configuration [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/meta/flannel/flannel_test.go:159
Expected error:
<*types.Error | 0xc42022ea50>: {
Code: 100,
Msg: "open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory",
Details: "",
}
open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/meta/flannel/flannel_test.go:109
------------------------------
••••
Summarizing 1 Failure:
[Fail] Flannel CNI lifecycle [It] uses dataDir for storing network configuration
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/meta/flannel/flannel_test.go:109
Ran 5 of 5 Specs in 1.730 seconds
FAIL! -- 4 Passed | 1 Failed | 0 Pending | 0 Skipped --- FAIL: TestFlannel (1.73s)
FAIL
FAIL github.com/containernetworking/plugins/plugins/meta/flannel 1.738s
Running Suite: vlan Suite
=========================
Random Seed: 1502093322
Will run 3 of 3 specs
• Failure [0.404 seconds]
vlan Operations
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/vlan/vlan_test.go:237
creates an vlan link in a non-default namespace with given MTU [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/vlan/vlan_test.go:106
Expected error:
<*errors.errorString | 0xc420158850>: {
s: "failed to create vlan: operation not supported",
}
failed to create vlan: operation not supported
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/vlan/vlan_test.go:89
------------------------------
• Failure [0.470 seconds]
vlan Operations
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/vlan/vlan_test.go:237
creates an vlan link in a non-default namespace with master's MTU [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/vlan/vlan_test.go:150
Expected error:
<*errors.errorString | 0xc4201598f0>: {
s: "failed to create vlan: operation not supported",
}
failed to create vlan: operation not supported
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/vlan/vlan_test.go:133
------------------------------
• Failure [1.183 seconds]
vlan Operations
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/vlan/vlan_test.go:237
configures and deconfigures an vlan link with ADD/DEL [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/vlan/vlan_test.go:236
Expected error:
<*errors.errorString | 0xc42021eb30>: {
s: "failed to create vlan: operation not supported",
}
failed to create vlan: operation not supported
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/vlan/vlan_test.go:184
------------------------------
Summarizing 3 Failures:
[Fail] vlan Operations [It] creates an vlan link in a non-default namespace with given MTU
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/vlan/vlan_test.go:89
[Fail] vlan Operations [It] creates an vlan link in a non-default namespace with master's MTU
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/vlan/vlan_test.go:133
[Fail] vlan Operations [It] configures and deconfigures an vlan link with ADD/DEL
/root/plugins/gopath/src/github.com/containernetworking/plugins/plugins/main/vlan/vlan_test.go:184
Ran 3 of 3 Specs in 2.058 seconds
FAIL! -- 0 Passed | 3 Failed | 0 Pending | 0 Skipped --- FAIL: TestVlan (2.06s)
FAIL
FAIL github.com/containernetworking/plugins/plugins/main/vlan 2.065s
ok github.com/containernetworking/plugins/plugins/sample 1.213s
ok github.com/containernetworking/plugins/pkg/ip 5.855s
Running Suite: Ipam Suite
=========================
Random Seed: 1502093322
Will run 8 of 8 specs
• Failure [0.359 seconds]
IPAM Operations
/root/plugins/gopath/src/github.com/containernetworking/plugins/pkg/ipam/ipam_test.go:299
configures a link with addresses and routes [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/pkg/ipam/ipam_test.go:187
Expected error:
<*errors.errorString | 0xc420158ce0>: {
s: "failed to add IP addr {Version:6 Interface:0xc420158b30 Address:{IP:abcd:1234:ffff::cdde Mask:ffffffffffffffff0000000000000000} Gateway:abcd:1234:ffff::1} to \"eth0\": operation not supported",
}
failed to add IP addr {Version:6 Interface:0xc420158b30 Address:{IP:abcd:1234:ffff::cdde Mask:ffffffffffffffff0000000000000000} Gateway:abcd:1234:ffff::1} to "eth0": operation not supported
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/pkg/ipam/ipam_test.go:139
------------------------------
• Failure [0.337 seconds]
IPAM Operations
/root/plugins/gopath/src/github.com/containernetworking/plugins/pkg/ipam/ipam_test.go:299
configures a link with routes using address gateways [It]
/root/plugins/gopath/src/github.com/containernetworking/plugins/pkg/ipam/ipam_test.go:226
Expected error:
<*errors.errorString | 0xc420159910>: {
s: "failed to add IP addr {Version:6 Interface:0xc420159790 Address:{IP:abcd:1234:ffff::cdde Mask:ffffffffffffffff0000000000000000} Gateway:abcd:1234:ffff::1} to \"eth0\": operation not supported",
}
failed to add IP addr {Version:6 Interface:0xc420159790 Address:{IP:abcd:1234:ffff::cdde Mask:ffffffffffffffff0000000000000000} Gateway:abcd:1234:ffff::1} to "eth0": operation not supported
not to have occurred
/root/plugins/gopath/src/github.com/containernetworking/plugins/pkg/ipam/ipam_test.go:196
------------------------------
••••••
Summarizing 2 Failures:
[Fail] IPAM Operations [It] configures a link with addresses and routes
/root/plugins/gopath/src/github.com/containernetworking/plugins/pkg/ipam/ipam_test.go:139
[Fail] IPAM Operations [It] configures a link with routes using address gateways
/root/plugins/gopath/src/github.com/containernetworking/plugins/pkg/ipam/ipam_test.go:196
Ran 8 of 8 Specs in 3.742 seconds
FAIL! -- 6 Passed | 2 Failed | 0 Pending | 0 Skipped --- FAIL: TestIpam (3.74s)
FAIL
FAIL github.com/containernetworking/plugins/pkg/ipam 3.748s
ok github.com/containernetworking/plugins/pkg/ns 6.037s
ok github.com/containernetworking/plugins/pkg/utils 0.006s
ok github.com/containernetworking/plugins/pkg/utils/hwaddr 0.005s
? github.com/containernetworking/plugins/pkg/utils/sysctl [no test files]
ok github.com/containernetworking/plugins/plugins/meta/portmap 2.952s
PTP plugin is built on top of a veth-pair. Specifically, in the container namespace, IPAM module would assign an IP address to a veth dev (e.g., 10.64.1.2) to it while in the host namespace, it is always assigned with gateway IP (e.g., 10.64.1.1) on the other end.
In container namespace, the route is configured as gateway is the only connected device. The implication is that when crafting outgoing packets, we only need gateway's MAC address to serve as the destination MAC.
Take a specific example, a container owns 10.64.1.2/24 IP address, and its routes would look like:
default via 10.64.1.1 dev eth0
10.64.1.0/24 via 10.64.1.1 dev eth0 src 10.64.1.4
10.64.1.1 dev eth0 src 10.64.2.4
If container namespace has the ARP entry for 10.64.1.1, it would have no problem to communicate with any other K8s pods and nodes.
However, when I use PTP plugin to bring up the K8s cluster by the following CNI spec template:
{
"name": "k8s-pod-network",
"cniVersion": "0.3.1",
"plugins": [
{
"type": "ptp",
"mtu": 1460,
"ipam": {
"type": "host-local",
"subnet": "10.64.1.0/24",
"routes": [
{"dst": "0.0.0.0/0"}
]
}
}
]
}
I observed:
I can see a couple of solutions:
As I tried, either the above approach would resolve ARP resolution on gateway IP in all container namespaces.
p.s. I tried both approaches and I think 2 is cleaner. However, it somehow could not pass ptp test suite. I will send a PR on 1 shortly.
We do not specify a gateway when calling ipam. We also want to use the .1
ip when the gateway is not specified. Currently, if we set rangeStart
to .1
, it still does not assign the .1
IP because it assumes the gateway is .1
.
It seems that in this code, a nil
Gateway is assigned to .1
, and then the .1
will never be assigned, even if rangeStart
is .1
.
cc / @adowns01
We traditionally put an example in each plugin's readme that includes a value for every option. We should also provide a "suggested" configuration.
This is a problem that I found when testing https://github.com/projectcalico/k8s-policy/issues/109 . The problem is that when I use hostport
mapping feature in calico, I was always need to specify pods hostPort
as following in ports
section.
root@k8s001:~/calico2.4# cat pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-host
spec:
containers:
- image: nginx
imagePullPolicy: IfNotPresent
name: nginx-host
ports:
- containerPort: 80
hostPort: 80
restartPolicy: Always
root@k8s001:~/calico2.4# kubectl create -f ./pod.yaml
pod "nginx-host" created
root@k8s001:~/calico2.4# kubectl get pods -owide
NAME READY STATUS RESTARTS AGE IP NODE
nginx-host 1/1 Running 0 9s 192.168.124.143 k8s004
The problem is that if one node start two such pods, only one pod can be started and another pod will be pending always as it cannot get the same port again.
Enable host port mapping
can generate the host port randomly so that end user will not need to specify the host port.
for example:
i have a three node k8s cluster using calico network, everything is fine:
$ kubectl get pod --all-namespaces -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE
kube-system calico-kube-controllers-578d98f678-rlwgj 1/1 Running 0 15h 192.168.1.43 192.168.1.43
kube-system calico-node-828ls 2/2 Running 0 15h 192.168.1.41 192.168.1.41
kube-system calico-node-kk4jq 2/2 Running 0 15h 192.168.1.42 192.168.1.42
kube-system calico-node-m5j5z 2/2 Running 0 15h 192.168.1.43 192.168.1.43
then i installed kube-dns
:
$ kubectl get pod --all-namespaces -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE
kube-system calico-kube-controllers-578d98f678-rlwgj 1/1 Running 0 15h 192.168.1.43 192.168.1.43
kube-system calico-node-828ls 2/2 Running 0 15h 192.168.1.41 192.168.1.41
kube-system calico-node-kk4jq 2/2 Running 0 15h 192.168.1.42 192.168.1.42
kube-system calico-node-m5j5z 2/2 Running 0 15h 192.168.1.43 192.168.1.43
kube-system kube-dns-566c7c77d8-lshlt 3/3 Running 0 15h 172.20.120.0 192.168.1.42
to notice pod kube-dns-566c7c77d8-lshlt
IP is 172.20.120.0
, which is a Network IP
, we usually treate this kind of IPs not availabled in network industry
, and it actually raised some problems, can we change this behavior?
See this issue flannel-io/flannel#772
My program use ns pkg to set other container route, and my program is run in container with privileged and mount host /var/run
dir.
But when my program run a period of time, my program will report error:
unknown FS magic on "/var/run/docker/netns/3b51597626b6": 1021994
so, how do I fix this?
other:
go version
go version go1.8.3 linux/amd64
report error code:
func IsNSorErr(nspath string) error {
stat := syscall.Statfs_t{}
if err := syscall.Statfs(nspath, &stat); err != nil {
if os.IsNotExist(err) {
err = NSPathNotExistErr{msg: fmt.Sprintf("failed to Statfs %q: %v", nspath, err)}
} else {
err = fmt.Errorf("failed to Statfs %q: %v", nspath, err)
}
return err
}
switch stat.Type {
case PROCFS_MAGIC, NSFS_MAGIC:
return nil
default:
return NSPathNotNSErr{msg: fmt.Sprintf("unknown FS magic on %q: %x", nspath, stat.Type)}
}
}
report error stat type
#define TMPFS_MAGIC 0x01021994
panic: interface conversion: error is *os.PathError, not *exec.ExitError
goroutine 1 [running]:
panic(0x544a40, 0xc4200cd080)
/home/travis/.gimme/versions/go1.7.5.linux.amd64/src/runtime/panic.go:500 +0x1a1
github.com/containernetworking/plugins/vendor/github.com/coreos/go-iptables/iptables.(*IPTables).runWithOutput(0xc420015dc0, 0xc4200ee1a0, 0xe, 0x1a, 0x0, 0x0, 0x0, 0x0)
/home/travis/gopath/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/vendor/github.com/coreos/go-iptables/iptables/iptables.go:257 +0x4ad
github.com/containernetworking/plugins/vendor/github.com/coreos/go-iptables/iptables.(*IPTables).run(0xc420015dc0, 0xc4200f6180, 0xc, 0xc, 0xc4200ce500, 0x8)
/home/travis/gopath/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/vendor/github.com/coreos/go-iptables/iptables/iptables.go:227 +0x5b
github.com/containernetworking/plugins/vendor/github.com/coreos/go-iptables/iptables.(*IPTables).Exists(0xc420015dc0, 0x56d519, 0x3, 0xc420010990, 0x1c, 0xc4200ce500, 0x8, 0x8, 0x0, 0x0, ...)
/home/travis/gopath/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/vendor/github.com/coreos/go-iptables/iptables/iptables.go:95 +0x1a6
main.prependUnique(0xc420015dc0, 0x56d519, 0x3, 0xc420010990, 0x1c, 0xc4200ce500, 0x8, 0x8, 0xc42000ce08, 0x1)
/home/travis/gopath/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/plugins/meta/portmap/chain.go:104 +0x84
main.(*chain).setup(0xc42005bbd0, 0xc420015dc0, 0xc4200c1f60, 0x1, 0x1, 0x10, 0xc4200c1f60)
/home/travis/gopath/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/plugins/meta/portmap/chain.go:47 +0x113
main.forwardPorts(0xc4200181e0, 0xc42000d220, 0x10, 0x10, 0x1, 0x0)
/home/travis/gopath/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/plugins/meta/portmap/portmap.go:84 +0x428
main.cmdAdd(0xc420026690, 0xc42000c930, 0x5)
/home/travis/gopath/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/plugins/meta/portmap/main.go:93 +0x1d8
github.com/containernetworking/plugins/vendor/github.com/containernetworking/cni/pkg/skel.(*dispatcher).checkVersionAndCall(0xc420016440, 0xc420026690, 0x815820, 0xc420012c30, 0x57f748, 0x0, 0x30)
/home/travis/gopath/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/vendor/github.com/containernetworking/cni/pkg/skel/skel.go:162 +0x175
github.com/containernetworking/plugins/vendor/github.com/containernetworking/cni/pkg/skel.(*dispatcher).pluginMain(0xc420016440, 0x57f748, 0x57f750, 0x815820, 0xc420012c30, 0x50)
/home/travis/gopath/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/vendor/github.com/containernetworking/cni/pkg/skel/skel.go:173 +0x372
github.com/containernetworking/plugins/vendor/github.com/containernetworking/cni/pkg/skel.PluginMainWithError(0x57f748, 0x57f750, 0x815820, 0xc420012c30, 0x489040)
/home/travis/gopath/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/vendor/github.com/containernetworking/cni/pkg/skel/skel.go:210 +0xf0
github.com/containernetworking/plugins/vendor/github.com/containernetworking/cni/pkg/skel.PluginMain(0x57f748, 0x57f750, 0x815820, 0xc420012c30)
/home/travis/gopath/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/vendor/github.com/containernetworking/cni/pkg/skel/skel.go:222 +0x63
main.main()
/home/travis/gopath/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/plugins/meta/portmap/main.go:125 +0xc8
@squeed I think we should fix it.
ref: coreos/go-iptables#35, coreos/go-iptables#37
a124fb3 seems to be the moment starting from which bridge plugin stopped reporting mac address of container interface, what was probably handled up to this change in a124fb3#diff-b4fc1e43896318cdf10ecd779954aeeaL390 line.
The flannel plugin doesn't return a populated result; this breaks plugin chaining.
When firewalld is used on the host which is using CNI, the new IP addresses (which are created for containers) are not registered, which means that the network traffic from and to the container is blocked.
There is an attempt to integrate firewalld and CNI, but it needs to be re-implemented as a chained plugin: containernetworking/cni#138
Related issue: rkt/rkt#2206
Last October Casey Callendrello updated cni to make the CNI_CONTAINERID envar required, but vendor here does not have that update and many tests fail if it is pulled in.
When bridge plugin is told that no more addresses are available, a veth isn't cleaned up.
This can be reproduced with a simple test using rangeStart/rangeEnd to simulate e.g. IPAM address exhaustion:
$ sudo ip netns add test0
$ sudo ip netns add test1
$ cat test.conf
{
"name": "test",
"cniVersion": "0.3.1",
"type": "bridge",
"bridge": "mynet",
"ipMasq": true,
"isGateway": true,
"ipam": {
"type": "host-local",
"subnet": "10.244.10.0/24",
"rangeStart": "10.244.10.2",
"rangeEnd": "10.244.10.2",
"routes": [
{ "dst": "0.0.0.0/0" }
]
}
}
$ ip addr show | grep veth
$ sudo cnitool add test /var/run/netns/test0
{
"interfaces": [
{
"name": "mynet",
"mac": "0a:58:0a:f4:0a:01"
},
{
"name": "vethcf0a0b90",
"mac": "42:80:89:85:27:d6"
},
{
"name": "eth0",
"mac": "0a:58:0a:f4:0a:02",
"sandbox": "/var/run/netns/test0"
}
],
"ips": [
{
"version": "4",
"interface": 2,
"address": "10.244.10.2/24",
"gateway": "10.244.10.1"
}
],
"routes": [
{
"dst": "0.0.0.0/0"
}
],
"dns": {}
}
$ ip addr show | grep veth
23: vethcf0a0b90@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master mynet state UP group default
$ sudo cnitool add test /var/run/netns/test1
no IP addresses available in network: test
$ ip addr show | grep veth
23: vethcf0a0b90@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master mynet state UP group default
24: veth2d72b1c3@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master mynet state UP group default
$ sudo cnitool del test /var/run/netns/test0
$ ip addr show | grep veth
24: veth2d72b1c3@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master mynet state UP group default
$
Is this a BUG REPORT or FEATURE REQUEST?:
/kind bug
What happened:
When specifying hostIP: $IP
for a pod, the resulting IP tables rule does not contain -d $IP
as expected.
What you expected to happen:
That the generated iptables rule has -d $IP
alongside --dport $PORT
How to reproduce it (as minimally and precisely as possible):
Create a deployment: kubectl run my-nginx --image=nginx --port=80
Use kubectl edit deployment my-nginx
to set
ports:
- containerPort: 80
hostIP: 192.168.1.101
hostPort: 18080
protocol: TCP
Check with iptables -t nat -S
and see:
-A CNI-DN-80ae20ae0de6904d5f4b4 -p tcp -m tcp --dport 18080 -j DNAT --to-destination 10.233.64.15:80
There is no -d 192.168.1.101
as I would expect.
Anything else we need to know?:
Environment:
kubectl version
): 1.9.5uname -a
): 4.4.0-116-genericTaken from kubernetes/kubernetes#62112 (comment)
Hi ,
I was testing the multiple ranges support for the IP and looks like it tries to get the IP from all the subnets at a time rather than one by one range.
Is this the expected behaviour ?
echo '{
"cniVersion": "0.3.1",
"name": "examplenet",
"ipam": {
"type": "host-local",
"ranges": [{
"subnet": "10.10.10.0/24",
"rangeStart": "10.10.10.20",
"rangeEnd": "10.10.10.22"
}, {
"subnet": "20.20.20.0/24",
"rangeStart": "20.20.20.20",
"rangeEnd": "20.20.20.21"
}],
"dataDir": "/tmp/cni-example"
}
}' | CNI_COMMAND=ADD CNI_CONTAINERID=example CNI_NETNS=/dev/null CNI_IFNAME=dummy0 CNI_PATH=. ./host-local
I am following the directions from containernetworking/cni to build the plugins, but I am hitting this build error:
gopath/src/github.com/containernetworking/plugins/plugins/meta/portmap/portmap.go:22:2: no buildable Go source files in /Users/daneyonhansen/code/go/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/pkg/utils/sysctl
@squeed I see the sysctl pkg was added as part of this PR. Do you have any troubleshooting suggestions?
The steps I followed are:
$ git clone https://github.com/containernetworking/plugins.git
Cloning into 'plugins'...
remote: Counting objects: 4381, done.
remote: Compressing objects: 100% (78/78), done.
remote: Total 4381 (delta 21), reused 56 (delta 9), pack-reused 4292
Receiving objects: 100% (4381/4381), 1.76 MiB | 1.33 MiB/s, done.
Resolving deltas: 100% (2073/2073), done.
Checking out files: 100% (501/501), done.
$ cat /etc/cni/net.d/10-mynet.conf
{
"cniVersion": "0.2.0",
"name": "mynet",
"type": "bridge",
"bridge": "cni0",
"isGateway": true,
"ipMasq": true,
"ipam": {
"type": "host-local",
"subnet": "10.22.0.0/16",
"routes": [
{ "dst": "0.0.0.0/0" }
]
}
}
$ cat /etc/cni/net.d/99-loopback.conf
{
"cniVersion": "0.2.0",
"type": "loopback"
}
$ cd plugins/
DANEHANS-M-C1KP:plugins daneyonhansen$ ./build.sh
Building plugins
flannel
portmap
gopath/src/github.com/containernetworking/plugins/plugins/meta/portmap/portmap.go:22:2: no buildable Go source files in /Users/daneyonhansen/code/go/src/github.com/containernetworking/plugins/gopath/src/github.com/containernetworking/plugins/pkg/utils/sysctl
My dev env details:
$ go version
go version go1.8.3 darwin/amd64
$ go env
GOARCH="amd64"
GOBIN=""
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="darwin"
GOOS="darwin"
GOPATH="/Users/daneyonhansen/code/go"
GORACE=""
GOROOT="/usr/local/go"
GOTOOLDIR="/usr/local/go/pkg/tool/darwin_amd64"
GCCGO="gccgo"
CC="clang"
GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/var/folders/cy/116yp7d9389fg2y_z8mkt8nh0000gn/T/go-build588320520=/tmp/go-build -gno-record-gcc-switches -fno-common"
CXX="clang++"
CGO_ENABLED="1"
PKG_CONFIG="pkg-config"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
/cc @leblancd
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.