#!/bin/bash -ex function cleanup() { rm -f "/etc/cni/net.d/10-kuryr.conf" rm -f "/opt/cni/bin/kuryr-cni" } function deploy() { POD_NAMESPACE=$( /kuryr-cni << EOF #!/bin/bash -x finder=" import json import sys mode = 'docker' if len(sys.argv) == 1 else sys.argv[1] if mode == 'docker': label_key = 'Labels' id_key = 'Id' else: label_key = 'annotations' id_key = 'id' containers=json.load(sys.stdin) # Looping over all the containers until we find the right one. We print it. for container in containers: if (label_key in container and container[label_key].get('io.kubernetes.pod.name') == '${KURYR_CNI_POD_NAME}' and container[label_key].get('io.kubernetes.pod.namespace') == '${POD_NAMESPACE}' and container[label_key].get('io.kubernetes.container.name') == 'kuryr-cni'): print(container[id_key]) break " envs=(\$(env | grep ^CNI_)) if command -v runc > /dev/null; then # We have runc binary, let's see if that works. CONTAINERID=\`runc list -f json 2> /dev/null | python -c "\${finder}" runc\` if [[ ! -z \${CONTAINERID} ]]; then exec runc exec \${envs[@]/#/--env } "\${CONTAINERID}" kuryr-cni --config-file /etc/kuryr/kuryr.conf fi fi # Fall back to using Docker binary. # TODO(dulek): We might want to fetch socket path from config. CONTAINERID=\`curl --unix-socket /var/run/docker.sock http://v1.24/containers/json 2> /dev/null | python -c "\${finder}" docker\` docker exec \${envs[@]/#/--env } -i "\${CONTAINERID}" kuryr-cni --config-file /etc/kuryr/kuryr.conf EOF # Copy the script into the designated location cp /kuryr-cni "/opt/cni/bin/kuryr-cni" chmod +x /opt/cni/bin/kuryr-cni cp /etc/kuryr-cni/* /etc/cni/net.d } cleanup deploy # Start CNI daemon if required if [ "$CNI_DAEMON" == "True" ]; then exec kuryr-daemon --config-file /etc/kuryr/kuryr.conf else exec sleep infinity fi