Skip to content

metis: Implement CNI Mode for Metis and Add Conformance Tests#1046

Open
arvindbr8 wants to merge 6 commits intokubernetes:masterfrom
arvindbr8:metis_cni
Open

metis: Implement CNI Mode for Metis and Add Conformance Tests#1046
arvindbr8 wants to merge 6 commits intokubernetes:masterfrom
arvindbr8:metis_cni

Conversation

@arvindbr8
Copy link
Copy Markdown
Contributor

@arvindbr8 arvindbr8 commented Apr 9, 2026
edited
Loading

This PR implements the CNI (Container Network Interface) mode for the metis binary, enabling it to act as a gRPC client that communicates with the Metis daemon for dynamic pod IP allocation and deallocation over a Unix Domain Socket.

It also implements the CNI CHECK command properly by expanding the gRPC API to verify active locks against the SQLite backend.

Changes

  1. CNI Plugin Implementation (cmd/)
  • cmd/cni.go: Implemented cmdAdd, cmdDel, and cmdCheck utilizing the official skel package.
  • Integrated the plugin as the default execution block in cmd/main.go when no subcommands are supplied.
  1. Protocol Expansion for cmdCHECK
  • adaptiveipam.proto: Added CheckPodIP RPC endpoint to poll state.
  • daemon_server.go: Implemented the gRPC server handler for CheckPodIP.
  • store.go: Added CheckAllocation to run targeted SQLite queries checking whether an edge still maps perfectly to a living container ID.
  1. Tests
  • cmd/cni_test.go:
    • Added unit tests mocking the gRPC clients.
    • Added an integration test that spins up a real daemon in a goroutine and verifies full lifecycle communication on a dummy socket.
  • cmd/cni_conformance_test.go: Added a test suite utilizing the upstream CNI libcni package. This compiles our local CNI on-the-fly and acts exactly as containerd/kubelet would do, verifying full payload compliance.

Verification Results

Ran tests locally via isolated module workspace tags: GOWORK=off go test -v ./cmd

Output:

=== RUN   TestCmdAdd
--- PASS: TestCmdAdd (0.00s)
=== RUN   TestCmdDel
--- PASS: TestCmdDel (0.00s)
=== RUN   TestCmdCheck
--- PASS: TestCmdCheck (0.00s)
=== RUN   TestCniWithActualDaemon
--- PASS: TestCniWithActualDaemon (0.11s)
=== RUN   TestLibcniConformance
--- PASS: TestLibcniConformance (2.60s)
PASS
ok      k8s.io/metis/cmd        2.735s

All modules pass cleanly, and GitHub CI will automatically pick up these new test files upon pushing!

/hold for reviews from @YifeiZhuang @gnossen
/label tide/merge-method-squash

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Apr 9, 2026
@k8s-ci-robot k8s-ci-robot requested review from JoelSpeed and elmiko April 9, 2026 20:22
@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented Apr 9, 2026

This issue is currently awaiting triage.

If the repository mantainers determine this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented Apr 9, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: arvindbr8
Once this PR has been reviewed and has the lgtm label, please assign bowei for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Apr 9, 2026
@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented Apr 9, 2026

Hi @arvindbr8. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Tip

We noticed you've done this a few times! Consider joining the org to skip this step and gain /lgtm and other bot rights. We recommend asking approvers on your previous PRs to sponsor you.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@arvindbr8 arvindbr8 changed the title install protoc-gen-go metis: implement CNI Apr 9, 2026
@k8s-ci-robot k8s-ci-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Apr 9, 2026
@arvindbr8 arvindbr8 changed the title metis: implement CNI metis: Implement CNI Mode for Metis and Add Conformance Tests Apr 16, 2026
@arvindbr8 arvindbr8 marked this pull request as ready for review April 16, 2026 21:38
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Apr 16, 2026
@k8s-ci-robot k8s-ci-robot requested a review from cheftako April 16, 2026 21:38
@arvindbr8
Copy link
Copy Markdown
Contributor Author

arvindbr8 commented Apr 16, 2026

/hold for reviews from @YifeiZhuang @gnossen
/label tide/merge-method-squash

@k8s-ci-robot k8s-ci-robot added tide/merge-method-squash Denotes a PR that should be squashed by tide when it merges. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. labels Apr 16, 2026
@YifeiZhuang
Copy link
Copy Markdown
Contributor

YifeiZhuang commented Apr 16, 2026

/ok-to-test

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Apr 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@elmiko elmiko Awaiting requested review from elmiko

@JoelSpeed JoelSpeed Awaiting requested review from JoelSpeed

@cheftako cheftako Awaiting requested review from cheftako

Assignees

No one assigned

Labels

cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. tide/merge-method-squash Denotes a PR that should be squashed by tide when it merges.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@arvindbr8 @k8s-ci-robot @YifeiZhuang