common/pkg/config: remove CNI

Signed-off-by: Lokesh Mandvekar <[email protected]>

Author: lsm5

common/pkg/config/config.go

@@ -49,7 +49,7 @@ type Config struct {
 	Engine EngineConfig `toml:"engine"`
 	// Machine specifies configurations of podman machine VMs
 	Machine MachineConfig `toml:"machine"`
-	// Network section defines the configuration of CNI Plugins
+	// Network section defines the network configuration
 	Network NetworkConfig `toml:"network"`
 	// Secret section defines configurations for the secret management
 	Secrets SecretConfig `toml:"secrets"`
@@ -586,9 +586,6 @@ type NetworkConfig struct {
 	// networking.
 	NetworkBackend string `toml:"network_backend,omitempty"`
 
-	// CNIPluginDirs is where CNI plugin binaries are stored.
-	CNIPluginDirs attributedstring.Slice `toml:"cni_plugin_dirs,omitempty"`
-
 	// NetavarkPluginDirs is a list of directories which contain netavark plugins.
 	NetavarkPluginDirs attributedstring.Slice `toml:"netavark_plugin_dirs,omitempty"`
 

common/pkg/config/config_local_test.go

@@ -27,26 +27,6 @@ var _ = Describe("Config Local", func() {
 		file.Close()
 		defer os.Remove(tmpfile)
 		defConf.Network.NetworkConfigDir = tmpfile
-		defConf.Network.CNIPluginDirs.Set([]string{})
-
-		// When
-		err = defConf.Network.Validate()
-
-		// Then
-		gomega.Expect(err).ToNot(gomega.HaveOccurred())
-	})
-
-	It("should not fail on invalid CNIPluginDirs", func() {
-		defConf, err := defaultConfig()
-		gomega.Expect(err).ToNot(gomega.HaveOccurred())
-		gomega.Expect(defConf).NotTo(gomega.BeNil())
-
-		t := GinkgoT()
-		validDirPath := t.TempDir()
-
-		// Given
-		defConf.Network.NetworkConfigDir = validDirPath
-		defConf.Network.CNIPluginDirs.Set([]string{invalidPath})
 
 		// When
 		err = defConf.Network.Validate()
@@ -65,7 +45,6 @@ var _ = Describe("Config Local", func() {
 
 		// Given
 		defConf.Network.NetworkConfigDir = validDirPath
-		defConf.Network.CNIPluginDirs.Set([]string{validDirPath})
 
 		net, _ := types.ParseCIDR("10.0.0.0/24")
 		defConf.Network.DefaultSubnetPools = []SubnetPool{

common/pkg/config/config_remote_test.go

@@ -8,25 +8,6 @@ import (
 )
 
 var _ = Describe("Config Remote", func() {
-	It("should succeed on invalid CNIPluginDirs", func() {
-		t := GinkgoT()
-		validDirPath := t.TempDir()
-
-		// Given
-		defConf, err := defaultConfig()
-		gomega.Expect(err).To(gomega.BeNil())
-		gomega.Expect(defConf).NotTo(gomega.BeNil())
-
-		defConf.Network.NetworkConfigDir = validDirPath
-		defConf.Network.CNIPluginDirs.Set([]string{invalidPath})
-
-		// When
-		err = defConf.Network.Validate()
-
-		// Then
-		gomega.Expect(err).To(gomega.BeNil())
-	})
-
 	It("should succeed on invalid device mode", func() {
 		// Given
 		defConf, err := defaultConfig()
@@ -119,40 +100,4 @@ var _ = Describe("Config Remote", func() {
 		// Then
 		gomega.Expect(err).To(gomega.BeNil())
 	})
-
-	It("should succeed on invalid CNIPluginDirs", func() {
-		t := GinkgoT()
-		validDirPath := t.TempDir()
-
-		// Given
-		defConf, err := defaultConfig()
-		gomega.Expect(err).To(gomega.BeNil())
-		gomega.Expect(defConf).NotTo(gomega.BeNil())
-		defConf.Network.NetworkConfigDir = validDirPath
-		defConf.Network.CNIPluginDirs.Set([]string{invalidPath})
-
-		// When
-		err = defConf.Network.Validate()
-
-		// Then
-		gomega.Expect(err).To(gomega.BeNil())
-	})
-
-	It("should succeed in validating invalid PluginDir", func() {
-		t := GinkgoT()
-		validDirPath := t.TempDir()
-
-		// Given
-		defConf, err := defaultConfig()
-		gomega.Expect(err).To(gomega.BeNil())
-		gomega.Expect(defConf).NotTo(gomega.BeNil())
-		defConf.Network.NetworkConfigDir = validDirPath
-		defConf.Network.CNIPluginDirs.Set([]string{invalidPath})
-
-		// When
-		err = defConf.Network.Validate()
-
-		// Then
-		gomega.Expect(err).To(gomega.BeNil())
-	})
 })

common/pkg/config/config_test.go

@@ -289,11 +289,6 @@ image_copy_tmp_dir="storage"`
 				},
 			}
 
-			pluginDirs := []string{
-				"/usr/libexec/cni",
-				"/tmp",
-			}
-
 			envs := []string{
 				"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
 			}
@@ -322,7 +317,6 @@ image_copy_tmp_dir="storage"`
 			gomega.Expect(defaultConfig.Containers.Env.Get()).To(gomega.BeEquivalentTo(envs))
 			gomega.Expect(defaultConfig.Containers.Mounts.Get()).To(gomega.BeEquivalentTo(mounts))
 			gomega.Expect(defaultConfig.Containers.PidsLimit).To(gomega.BeEquivalentTo(2048))
-			gomega.Expect(defaultConfig.Network.CNIPluginDirs.Get()).To(gomega.Equal(pluginDirs))
 			gomega.Expect(defaultConfig.Network.NetavarkPluginDirs.Get()).To(gomega.Equal([]string{"/usr/netavark"}))
 			gomega.Expect(defaultConfig.Engine.NumLocks).To(gomega.BeEquivalentTo(2048))
 			gomega.Expect(defaultConfig.Engine.OCIRuntimes).To(gomega.Equal(OCIRuntimeMap))
@@ -452,7 +446,6 @@ image_copy_tmp_dir="storage"`
 			gomega.Expect(config.Containers.PidsLimit).To(gomega.BeEquivalentTo(2048))
 			gomega.Expect(config.Containers.Env.Get()).To(gomega.BeEquivalentTo(envs))
 			gomega.Expect(config.Containers.UserNS).To(gomega.BeEquivalentTo(""))
-			gomega.Expect(config.Network.CNIPluginDirs.Get()).To(gomega.Equal(DefaultCNIPluginDirs))
 			gomega.Expect(config.Network.NetavarkPluginDirs.Get()).To(gomega.Equal(DefaultNetavarkPluginDirs))
 			gomega.Expect(config.Engine.NumLocks).To(gomega.BeEquivalentTo(2048))
 			gomega.Expect(config.Engine.OCIRuntimes["runc"]).To(gomega.Equal(OCIRuntimeMap["runc"]))

common/pkg/config/containers.conf

@@ -354,25 +354,14 @@ default_sysctls = [
 [network]
 
 # Network backend determines what network driver will be used to set up and tear down container networks.
-# Valid values are "cni" and "netavark".
-# The default value is empty which means that it will automatically choose CNI or netavark. If there are
-# already containers/images or CNI networks preset it will choose CNI.
+# Valid values are "netavark".
+# The default value is empty which means that it will automatically choose netavark.
 #
 # Before changing this value all containers must be stopped otherwise it is likely that
 # iptables rules and network interfaces might leak on the host. A reboot will fix this.
 #
 #network_backend = ""
 
-# Path to directory where CNI plugin binaries are located.
-#
-#cni_plugin_dirs = [
-#  "/usr/local/libexec/cni",
-#  "/usr/libexec/cni",
-#  "/usr/local/lib/cni",
-#  "/usr/lib/cni",
-#  "/opt/cni/bin",
-#]
-
 # List of directories that will be searched for netavark plugins.
 #
 #netavark_plugin_dirs = [
@@ -425,14 +414,6 @@ default_sysctls = [
 #
 #default_rootless_network_cmd = "pasta"
 
-# Path to the directory where network configuration files are located.
-# For the CNI backend the default is "/etc/cni/net.d" as root
-# and "$HOME/.config/cni/net.d" as rootless.
-# For the netavark backend "/etc/containers/networks" is used as root
-# and "$graphroot/networks" as rootless.
-#
-#network_config_dir = "/etc/cni/net.d/"
-
 # Port to use for dns forwarding daemon with netavark in rootful bridge
 # mode and dns enabled.
 # Using an alternate port might be useful if other dns services should

common/pkg/config/containers.conf-freebsd

@@ -271,25 +271,14 @@ default_sysctls = [
 [network]
 
 # Network backend determines what network driver will be used to set up and tear down container networks.
-# Valid values are "cni" and "netavark".
-# The default value is empty which means that it will automatically choose CNI or netavark. If there are
-# already containers/images or CNI networks preset it will choose CNI.
+# Valid values are "netavark".
+# The default value is empty which means that it will automatically choose netavark.
 #
 # Before changing this value all containers must be stopped otherwise it is likely that
 # iptables rules and network interfaces might leak on the host. A reboot will fix this.
 #
 #network_backend = ""
 
-# Path to directory where CNI plugin binaries are located.
-#
-#cni_plugin_dirs = [
-#  "/usr/local/libexec/cni",
-#  "/usr/libexec/cni",
-#  "/usr/local/lib/cni",
-#  "/usr/lib/cni",
-#  "/opt/cni/bin",
-#]
-
 # List of directories that will be searched for netavark plugins.
 #
 #netavark_plugin_dirs = [
@@ -327,14 +316,6 @@ default_sysctls = [
 #  {"base" = "10.128.0.0/9", "size" = 24},
 #]
 
-# Path to the directory where network configuration files are located.
-# For the CNI backend the default is "/etc/cni/net.d" as root
-# and "$HOME/.config/cni/net.d" as rootless.
-# For the netavark backend "/etc/containers/networks" is used as root
-# and "$graphroot/networks" as rootless.
-#
-#network_config_dir = "/usr/local/etc/cni/net.d/"
-
 [engine]
 # Index to the active service
 #

common/pkg/config/default.go

@@ -117,14 +117,6 @@ var (
 		"CAP_SYS_CHROOT",
 	}
 
-	// Search these locations in which CNIPlugins can be installed.
-	DefaultCNIPluginDirs = []string{
-		"/usr/local/libexec/cni",
-		"/usr/libexec/cni",
-		"/usr/local/lib/cni",
-		"/usr/lib/cni",
-		"/opt/cni/bin",
-	}
 	DefaultNetavarkPluginDirs = []string{
 		"/usr/local/libexec/netavark",
 		"/usr/libexec/netavark",
@@ -271,7 +263,6 @@ func defaultConfig() (*Config, error) {
 			DefaultSubnetPools:        DefaultSubnetPools,
 			DefaultRootlessNetworkCmd: "pasta",
 			DNSBindPort:               0,
-			CNIPluginDirs:             attributedstring.NewSlice(DefaultCNIPluginDirs),
 			NetavarkPluginDirs:        attributedstring.NewSlice(DefaultNetavarkPluginDirs),
 		},
 		Engine:   *defaultEngineConfig,

common/pkg/config/testdata/containers_comment.conf

@@ -96,18 +96,6 @@
 # Pattern of interface name inside container.
 # interface_name = ""
 
-
-# The network table containers settings pertaining to the management of
-# CNI plugins.
-[network]
-
-# Path to the directory where CNI configuration files are located.
-# network_config_dir = "/etc/cni/net.d/"
-
-# Path to directory where CNI plugin binaries are located.
-# cni_plugin_dirs = "/usr/libexec/cni"
-
-
 [engine]
 
 # Cgroup management implementation used for the runtime.

common/pkg/config/testdata/containers_default.conf

@@ -111,19 +111,10 @@ umask="0002"
 # default network mode
 netns="bridge"
 
-# The network table containers settings pertaining to the management of
-# CNI plugins.
+# The network table contains settings pertaining to the management of
+# netavark and pasta.
 [network]
 
-# Path to directory where CNI plugin binaries are located.
-cni_plugin_dirs = [
-  "/usr/libexec/cni",
-  "/tmp",
-]
-
-# Path to the directory where CNI configuration files are located.
-network_config_dir = "/etc/cni/net.d/"
-
 default_subnet_pools = [{"base" = "10.89.0.0/16", "size" = 24}, {"base" = "10.90.0.0/15", "size" = 24}]
 
 # firewall driver to be used by default

common/pkg/config/testdata/containers_invalid.conf

@@ -83,16 +83,6 @@ shm_size = "-5536k"
 init = false
 
 
-# The network table containers settings pertaining to the management of
-# CNI plugins.
-[network]
-
-# Path to directory where CNI plugin binaries are located.
-cni_plugin_dirs = ["/usr/libexec/cni"]
-
-# Path to the directory where CNI configuration files are located.
-network_config_dir = "/etc/cni/net.d/"
-
 [engine]
 
 # Cgroup management implementation used for the runtime.