generate: add network related option

Signed-off-by: Ma Shimiao <[email protected]>

Author: Ma Shimiao

cmd/oci-runtime-tool/generate.go

@@ -42,6 +42,8 @@ var generateFlags = []cli.Flag{
 	cli.Uint64Flag{Name: "linux-mem-swap", Usage: "total memory limit (memory + swap) (in bytes)"},
 	cli.Uint64Flag{Name: "linux-mem-swappiness", Usage: "how aggressive the kernel will swap memory pages (Range from 0 to 100)"},
 	cli.StringFlag{Name: "linux-mems", Usage: "list of memory nodes in the cpuset (default is to use any available memory node)"},
+	cli.IntFlag{Name: "linux-network-classid", Usage: "specifies class identifier tagged by container's network packets"},
+	cli.StringSliceFlag{Name: "linux-network-priorities", Usage: "specifies priorities of network traffic"},
 	cli.Int64Flag{Name: "linux-pids-limit", Usage: "maximum number of PIDs"},
 	cli.Uint64Flag{Name: "linux-realtime-period", Usage: "CPU period to be used for realtime scheduling (in usecs)"},
 	cli.Uint64Flag{Name: "linux-realtime-runtime", Usage: "the time realtime scheduling may use (in usecs)"},
@@ -420,6 +422,25 @@ func setupSpec(g *generate.Generator, context *cli.Context) error {
 		g.SetLinuxResourcesMemorySwappiness(context.Uint64("linux-mem-swappiness"))
 	}
 
+	if context.IsSet("linux-network-classid") {
+		g.SetLinuxResourcesNetworkClassID(uint32(context.Int("linux-network-classid")))
+	}
+
+	if context.IsSet("linux-network-priorities") {
+		priorities := context.StringSlice("linux-network-priorities")
+		for _, p := range priorities {
+			name, priority, err := parseNetworkPriority(p)
+			if err != nil {
+				return err
+			}
+			if priority == -1 {
+				g.DropLinuxResourcesNetworkPriorities(name)
+			} else {
+				g.AddLinuxResourcesNetworkPriorities(name, uint32(priority))
+			}
+		}
+	}
+
 	err := addSeccomp(context, g)
 	return err
 }
@@ -472,6 +493,21 @@ func parseHook(s string) (string, []string) {
 	return path, args
 }
 
+func parseNetworkPriority(np string) (string, int32, error) {
+	var err error
+
+	parts := strings.Split(np, ":")
+	if len(parts) != 2 {
+		return "", 0, fmt.Errorf("invalid value %v for --linux-network-priorities", np)
+	}
+	priority, err := strconv.Atoi(parts[1])
+	if err != nil {
+		return "", 0, err
+	}
+
+	return parts[0], int32(priority), nil
+}
+
 func parseTmpfsMount(s string) (string, []string, error) {
 	var dest string
 	var options []string

completions/bash/oci-runtime-tool

@@ -286,6 +286,8 @@ _oci-runtime-tool_generate() {
 	      --help
 	      --ipc
 	      --label
+	      --linux-network-classid
+	      --linux-network-priorities
 	      --linux-pids-limit
 	      --masked-paths
 	      --mount

generate/generate.go

@@ -464,6 +464,38 @@ func (g *Generator) SetLinuxResourcesMemorySwappiness(swappiness uint64) {
 	g.spec.Linux.Resources.Memory.Swappiness = &swappiness
 }
 
+// SetLinuxResourcesNetworkClassID sets g.spec.Linux.Resources.Network.ClassID.
+func (g *Generator) SetLinuxResourcesNetworkClassID(classid uint32) {
+	g.initSpecLinuxResourcesNetwork()
+	g.spec.Linux.Resources.Network.ClassID = &classid
+}
+
+// AddLinuxResourcesNetworkPriorities adds or sets g.spec.Linux.Resources.Network.Priorities.
+func (g *Generator) AddLinuxResourcesNetworkPriorities(name string, prio uint32) {
+	g.initSpecLinuxResourcesNetwork()
+	for i, netPriority := range g.spec.Linux.Resources.Network.Priorities {
+		if netPriority.Name == name {
+			g.spec.Linux.Resources.Network.Priorities[i].Priority = prio
+			return
+		}
+	}
+	interfacePrio := new(rspec.InterfacePriority)
+	interfacePrio.Name = name
+	interfacePrio.Priority = prio
+	g.spec.Linux.Resources.Network.Priorities = append(g.spec.Linux.Resources.Network.Priorities, *interfacePrio)
+}
+
+// DropLinuxResourcesNetworkPriorities drops one item from g.spec.Linux.Resources.Network.Priorities.
+func (g *Generator) DropLinuxResourcesNetworkPriorities(name string) {
+	g.initSpecLinuxResourcesNetwork()
+	for i, netPriority := range g.spec.Linux.Resources.Network.Priorities {
+		if netPriority.Name == name {
+			g.spec.Linux.Resources.Network.Priorities = append(g.spec.Linux.Resources.Network.Priorities[:i], g.spec.Linux.Resources.Network.Priorities[i+1:]...)
+			return
+		}
+	}
+}
+
 // SetLinuxResourcesPidsLimit sets g.spec.Linux.Resources.Pids.Limit.
 func (g *Generator) SetLinuxResourcesPidsLimit(limit int64) {
 	g.initSpecLinuxResourcesPids()

generate/spec.go

@@ -59,6 +59,13 @@ func (g *Generator) initSpecLinuxResourcesMemory() {
 	}
 }
 
+func (g *Generator) initSpecLinuxResourcesNetwork() {
+	g.initSpecLinuxResources()
+	if g.spec.Linux.Resources.Network == nil {
+		g.spec.Linux.Resources.Network = &rspec.Network{}
+	}
+}
+
 func (g *Generator) initSpecLinuxResourcesPids() {
 	g.initSpecLinuxResources()
 	if g.spec.Linux.Resources.Pids == nil {

man/oci-runtime-tool-generate.1.md

@@ -123,6 +123,15 @@ read the configuration from `config.json`.
 **--linux-mems**=MEMS
   Sets the list of memory nodes in the cpuset (default is to use any available memory node).
 
+**--linux-network-classid**=CLASSID
+  Specifies network class identifier which will be tagged by container's network packets.
+
+**--linux-network-priorities**=[]
+  Specifies network priorities of network traffic, format is NAME:PRIORITY.
+  e.g. --linux-network-priorities=eth0:123
+  This option can be specified multiple times. If a interface name was specified more than once, the last PRIORITY makes sense.
+  The special *PRIORITY*  -1  removes existing setting for interface NAME.
+
 **--linux-pids-limit**=PIDSLIMIT
   Set maximum number of PIDs.