Skip to content

Commit 44a47ef

Browse files
csweichelcsweichel
committed
[ws-manager] mknod /dev/net/tun
1 parent 1361c2f commit 44a47ef

18 files changed

+24
-168
lines changed

components/ws-daemon/nsinsider/main.go

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -207,6 +207,19 @@ func main() {
207207
return os.Chmod("/dev/fuse", os.FileMode(0666))
208208
},
209209
},
210+
{
211+
Name: "mknod-devnettun",
212+
Usage: "creates /dev/net/tun",
213+
Action: func(c *cli.Context) error {
214+
_ = os.MkdirAll("/dev/net", 0755)
215+
err := unix.Mknod("/dev/net/tun", 0666, int(unix.Mkdev(10, 200)))
216+
if err != nil {
217+
return err
218+
}
219+
220+
return os.Chmod("/dev/net/tun", os.FileMode(0666))
221+
},
222+
},
210223
},
211224
}
212225

components/ws-daemon/pkg/iws/iws.go

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -221,6 +221,13 @@ func (wbs *InWorkspaceServiceServer) PrepareForUserNS(ctx context.Context, req *
221221
log.WithError(err).WithFields(wbs.Session.OWI()).Error("PrepareForUserNS: cannot mknod fuse")
222222
return nil, status.Errorf(codes.Internal, "cannot prepare FUSE")
223223
}
224+
err = nsinsider(wbs.Session.InstanceID, int(containerPID), func(c *exec.Cmd) {
225+
c.Args = append(c.Args, "mknod-devnettun")
226+
})
227+
if err != nil {
228+
log.WithError(err).WithFields(wbs.Session.OWI()).Error("PrepareForUserNS: cannot create /dev/net/tun")
229+
return nil, status.Errorf(codes.Internal, "cannot create /dev/net/tun")
230+
}
224231

225232
_ = os.MkdirAll(filepath.Join(wbs.Session.ServiceLocDaemon, "mark"), 0755)
226233
mountpoint := filepath.Join(wbs.Session.ServiceLocNode, "mark")

components/ws-manager/go.sum

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -262,8 +262,11 @@ github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7
262262
github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
263263
github.com/evanphx/json-patch v4.9.0+incompatible h1:kLcOMZeuLAJvL2BPWLMIj5oaZQobrkAqrL+WFZwQses=
264264
github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
265+
github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc=
265266
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
266267
github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
268+
github.com/fatih/gomodifytags v1.13.0/go.mod h1:TbUyEjH1Zo0GkJd2Q52oVYqYcJ0eGNqG8bsiOb75P9c=
269+
github.com/fatih/structtag v1.2.0/go.mod h1:mBJUNpUnHmRKrKlQQlmCrh5PuhftFbNv8Ys4/aAZl94=
267270
github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k=
268271
github.com/form3tech-oss/jwt-go v3.2.2+incompatible h1:TcekIExNqud5crz4xD2pavyTgWiPvpYe4Xau31I0PRk=
269272
github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
@@ -1052,6 +1055,7 @@ golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba h1:O8mE0/t419eoIwhTFpKVkHiT
10521055
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
10531056
golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
10541057
golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
1058+
golang.org/x/tools v0.0.0-20180824175216-6c1c5e93cdc1/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
10551059
golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
10561060
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
10571061
golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

components/ws-manager/pkg/manager/create.go

Lines changed: 0 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -305,7 +305,6 @@ func (m *Manager) createDefiniteWorkspacePod(startContext *startWorkspaceContext
305305
// - the TAP driver documentation says so (see https://www.kernel.org/doc/Documentation/networking/tuntap.txt)
306306
// - systemd's nspawn does the same thing (if it's good enough for them, it's good enough for us)
307307
var (
308-
devType = corev1.HostPathFile
309308
hostPathOrCreate = corev1.HostPathDirectoryOrCreate
310309
daemonVolumeName = "daemon-mount"
311310
)
@@ -328,15 +327,6 @@ func (m *Manager) createDefiniteWorkspacePod(startContext *startWorkspaceContext
328327
RestartPolicy: corev1.RestartPolicyNever,
329328
Volumes: []corev1.Volume{
330329
workspaceVolume,
331-
{
332-
Name: "dev-net-tun",
333-
VolumeSource: corev1.VolumeSource{
334-
HostPath: &corev1.HostPathVolumeSource{
335-
Path: "/dev/net/tun",
336-
Type: &devType,
337-
},
338-
},
339-
},
340330
{
341331
Name: daemonVolumeName,
342332
VolumeSource: corev1.VolumeSource{
@@ -490,10 +480,6 @@ func (m *Manager) createWorkspaceContainer(startContext *startWorkspaceContext)
490480
ReadOnly: false,
491481
MountPropagation: &mountPropagation,
492482
},
493-
{
494-
MountPath: "/dev/net/tun",
495-
Name: "dev-net-tun",
496-
},
497483
{
498484
MountPath: "/.workspace",
499485
Name: "daemon-mount",

components/ws-manager/pkg/manager/testdata/cdwp_admission.golden

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -42,13 +42,6 @@
4242
"type": "DirectoryOrCreate"
4343
}
4444
},
45-
{
46-
"name": "dev-net-tun",
47-
"hostPath": {
48-
"path": "/dev/net/tun",
49-
"type": "File"
50-
}
51-
},
5245
{
5346
"name": "daemon-mount",
5447
"hostPath": {
@@ -157,10 +150,6 @@
157150
"mountPath": "/workspace",
158151
"mountPropagation": "HostToContainer"
159152
},
160-
{
161-
"name": "dev-net-tun",
162-
"mountPath": "/dev/net/tun"
163-
},
164153
{
165154
"name": "daemon-mount",
166155
"mountPath": "/.workspace",

components/ws-manager/pkg/manager/testdata/cdwp_empty_resource_req.golden

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -42,13 +42,6 @@
4242
"type": "DirectoryOrCreate"
4343
}
4444
},
45-
{
46-
"name": "dev-net-tun",
47-
"hostPath": {
48-
"path": "/dev/net/tun",
49-
"type": "File"
50-
}
51-
},
5245
{
5346
"name": "daemon-mount",
5447
"hostPath": {
@@ -151,10 +144,6 @@
151144
"mountPath": "/workspace",
152145
"mountPropagation": "HostToContainer"
153146
},
154-
{
155-
"name": "dev-net-tun",
156-
"mountPath": "/dev/net/tun"
157-
},
158147
{
159148
"name": "daemon-mount",
160149
"mountPath": "/.workspace",

components/ws-manager/pkg/manager/testdata/cdwp_fixedresources.golden

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -43,13 +43,6 @@
4343
"type": "DirectoryOrCreate"
4444
}
4545
},
46-
{
47-
"name": "dev-net-tun",
48-
"hostPath": {
49-
"path": "/dev/net/tun",
50-
"type": "File"
51-
}
52-
},
5346
{
5447
"name": "daemon-mount",
5548
"hostPath": {
@@ -154,10 +147,6 @@
154147
"mountPath": "/workspace",
155148
"mountPropagation": "HostToContainer"
156149
},
157-
{
158-
"name": "dev-net-tun",
159-
"mountPath": "/dev/net/tun"
160-
},
161150
{
162151
"name": "daemon-mount",
163152
"mountPath": "/.workspace",

components/ws-manager/pkg/manager/testdata/cdwp_fullworkspacebackup.golden

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -37,13 +37,6 @@
3737
},
3838
"spec": {
3939
"volumes": [
40-
{
41-
"name": "dev-net-tun",
42-
"hostPath": {
43-
"path": "/dev/net/tun",
44-
"type": "File"
45-
}
46-
},
4740
{
4841
"name": "daemon-mount",
4942
"hostPath": {
@@ -143,10 +136,6 @@
143136
}
144137
},
145138
"volumeMounts": [
146-
{
147-
"name": "dev-net-tun",
148-
"mountPath": "/dev/net/tun"
149-
},
150139
{
151140
"name": "daemon-mount",
152141
"mountPath": "/.workspace",

components/ws-manager/pkg/manager/testdata/cdwp_ghost.golden

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -42,13 +42,6 @@
4242
"type": "DirectoryOrCreate"
4343
}
4444
},
45-
{
46-
"name": "dev-net-tun",
47-
"hostPath": {
48-
"path": "/dev/net/tun",
49-
"type": "File"
50-
}
51-
},
5245
{
5346
"name": "daemon-mount",
5447
"hostPath": {
@@ -157,10 +150,6 @@
157150
"mountPath": "/workspace",
158151
"mountPropagation": "HostToContainer"
159152
},
160-
{
161-
"name": "dev-net-tun",
162-
"mountPath": "/dev/net/tun"
163-
},
164153
{
165154
"name": "daemon-mount",
166155
"mountPath": "/.workspace",

components/ws-manager/pkg/manager/testdata/cdwp_prebuild.golden

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -42,13 +42,6 @@
4242
"type": "DirectoryOrCreate"
4343
}
4444
},
45-
{
46-
"name": "dev-net-tun",
47-
"hostPath": {
48-
"path": "/dev/net/tun",
49-
"type": "File"
50-
}
51-
},
5245
{
5346
"name": "daemon-mount",
5447
"hostPath": {
@@ -157,10 +150,6 @@
157150
"mountPath": "/workspace",
158151
"mountPropagation": "HostToContainer"
159152
},
160-
{
161-
"name": "dev-net-tun",
162-
"mountPath": "/dev/net/tun"
163-
},
164153
{
165154
"name": "daemon-mount",
166155
"mountPath": "/.workspace",

components/ws-manager/pkg/manager/testdata/cdwp_prebuild_template.golden

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -42,13 +42,6 @@
4242
"type": "DirectoryOrCreate"
4343
}
4444
},
45-
{
46-
"name": "dev-net-tun",
47-
"hostPath": {
48-
"path": "/dev/net/tun",
49-
"type": "File"
50-
}
51-
},
5245
{
5346
"name": "daemon-mount",
5447
"hostPath": {
@@ -161,10 +154,6 @@
161154
"mountPath": "/workspace",
162155
"mountPropagation": "HostToContainer"
163156
},
164-
{
165-
"name": "dev-net-tun",
166-
"mountPath": "/dev/net/tun"
167-
},
168157
{
169158
"name": "daemon-mount",
170159
"mountPath": "/.workspace",

components/ws-manager/pkg/manager/testdata/cdwp_prebuild_template_override_resources.golden

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -42,13 +42,6 @@
4242
"type": "DirectoryOrCreate"
4343
}
4444
},
45-
{
46-
"name": "dev-net-tun",
47-
"hostPath": {
48-
"path": "/dev/net/tun",
49-
"type": "File"
50-
}
51-
},
5245
{
5346
"name": "daemon-mount",
5447
"hostPath": {
@@ -161,10 +154,6 @@
161154
"mountPath": "/workspace",
162155
"mountPropagation": "HostToContainer"
163156
},
164-
{
165-
"name": "dev-net-tun",
166-
"mountPath": "/dev/net/tun"
167-
},
168157
{
169158
"name": "daemon-mount",
170159
"mountPath": "/.workspace",

components/ws-manager/pkg/manager/testdata/cdwp_probe.golden

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -42,13 +42,6 @@
4242
"type": "DirectoryOrCreate"
4343
}
4444
},
45-
{
46-
"name": "dev-net-tun",
47-
"hostPath": {
48-
"path": "/dev/net/tun",
49-
"type": "File"
50-
}
51-
},
5245
{
5346
"name": "daemon-mount",
5447
"hostPath": {
@@ -157,10 +150,6 @@
157150
"mountPath": "/workspace",
158151
"mountPropagation": "HostToContainer"
159152
},
160-
{
161-
"name": "dev-net-tun",
162-
"mountPath": "/dev/net/tun"
163-
},
164153
{
165154
"name": "daemon-mount",
166155
"mountPath": "/.workspace",

components/ws-manager/pkg/manager/testdata/cdwp_readinessprobe.golden

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -42,13 +42,6 @@
4242
"type": "DirectoryOrCreate"
4343
}
4444
},
45-
{
46-
"name": "dev-net-tun",
47-
"hostPath": {
48-
"path": "/dev/net/tun",
49-
"type": "File"
50-
}
51-
},
5245
{
5346
"name": "daemon-mount",
5447
"hostPath": {
@@ -153,10 +146,6 @@
153146
"mountPath": "/workspace",
154147
"mountPropagation": "HostToContainer"
155148
},
156-
{
157-
"name": "dev-net-tun",
158-
"mountPath": "/dev/net/tun"
159-
},
160149
{
161150
"name": "daemon-mount",
162151
"mountPath": "/.workspace",

components/ws-manager/pkg/manager/testdata/cdwp_tasks.golden

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -42,13 +42,6 @@
4242
"type": "DirectoryOrCreate"
4343
}
4444
},
45-
{
46-
"name": "dev-net-tun",
47-
"hostPath": {
48-
"path": "/dev/net/tun",
49-
"type": "File"
50-
}
51-
},
5245
{
5346
"name": "daemon-mount",
5447
"hostPath": {
@@ -157,10 +150,6 @@
157150
"mountPath": "/workspace",
158151
"mountPropagation": "HostToContainer"
159152
},
160-
{
161-
"name": "dev-net-tun",
162-
"mountPath": "/dev/net/tun"
163-
},
164153
{
165154
"name": "daemon-mount",
166155
"mountPath": "/.workspace",

components/ws-manager/pkg/manager/testdata/cdwp_template.golden

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -42,13 +42,6 @@
4242
"type": "DirectoryOrCreate"
4343
}
4444
},
45-
{
46-
"name": "dev-net-tun",
47-
"hostPath": {
48-
"path": "/dev/net/tun",
49-
"type": "File"
50-
}
51-
},
5245
{
5346
"name": "daemon-mount",
5447
"hostPath": {
@@ -157,10 +150,6 @@
157150
"mountPath": "/workspace",
158151
"mountPropagation": "HostToContainer"
159152
},
160-
{
161-
"name": "dev-net-tun",
162-
"mountPath": "/dev/net/tun"
163-
},
164153
{
165154
"name": "daemon-mount",
166155
"mountPath": "/.workspace",

0 commit comments

Comments
 (0)