libnetwork/netavark: pass plugin directories to nv

Netavark needs to get the actual list of directories from podman because
users can set them in contianers.conf.

Note that this change requires a netavark with
containers/netavark#509
To allow better backwards compat we only pass the new argument when we
need. Also added the missing ipvlan driver to the supported driver list.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>

libnetwork/netavark/exec.go

@@ -76,7 +76,7 @@ func getRustLogEnv() string {
 // used to marshal the netavark output into it. This can be nil.
 // All errors return by this function should be of the type netavarkError
 // to provide a helpful error message.
-func (n *netavarkNetwork) execNetavark(args []string, stdin, result interface{}) error {
+func (n *netavarkNetwork) execNetavark(args []string, needPlugin bool, stdin, result interface{}) error {
 	// set the netavark log level to the same as the podman
 	env := append(os.Environ(), getRustLogEnv())
 	// if we run with debug log level lets also set RUST_BACKTRACE=1 so we can get the full stack trace in case of panics
@@ -86,7 +86,7 @@ func (n *netavarkNetwork) execNetavark(args []string, stdin, result interface{})
 	if n.dnsBindPort != 0 {
 		env = append(env, "NETAVARK_DNS_PORT="+strconv.Itoa(int(n.dnsBindPort)))
 	}
-	return n.execBinary(n.netavarkBinary, append(n.getCommonNetavarkOptions(), args...), stdin, result, env)
+	return n.execBinary(n.netavarkBinary, append(n.getCommonNetavarkOptions(needPlugin), args...), stdin, result, env)
 }
 
 func (n *netavarkNetwork) execPlugin(path string, args []string, stdin, result interface{}) error {

libnetwork/netavark/network.go

@@ -157,11 +157,13 @@ func NewNetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) {
 	return n, nil
 }
 
+var builtinDrivers = []string{types.BridgeNetworkDriver, types.MacVLANNetworkDriver, types.IPVLANNetworkDriver}
+
 // Drivers will return the list of supported network drivers
 // for this interface.
 func (n *netavarkNetwork) Drivers() []string {
 	paths := getAllPlugins(n.pluginDirs)
-	return append([]string{types.BridgeNetworkDriver, types.MacVLANNetworkDriver}, paths...)
+	return append(builtinDrivers, paths...)
 }
 
 // DefaultNetworkName will return the default netavark network name.

libnetwork/netavark/run.go

@@ -11,6 +11,7 @@ import (
 
 	"github.com/containers/common/libnetwork/internal/util"
 	"github.com/containers/common/libnetwork/types"
+	pkgutil "github.com/containers/common/pkg/util"
 	"github.com/sirupsen/logrus"
 )
 
@@ -20,7 +21,7 @@ type netavarkOptions struct {
 }
 
 func (n *netavarkNetwork) execUpdate(networkName string, networkDNSServers []string) error {
-	retErr := n.execNetavark([]string{"update", networkName, "--network-dns-servers", strings.Join(networkDNSServers, ",")}, nil, nil)
+	retErr := n.execNetavark([]string{"update", networkName, "--network-dns-servers", strings.Join(networkDNSServers, ",")}, false, nil, nil)
 	return retErr
 }
 
@@ -45,7 +46,7 @@ func (n *netavarkNetwork) Setup(namespacePath string, options types.SetupOptions
 		return nil, err
 	}
 
-	netavarkOpts, err := n.convertNetOpts(options.NetworkOptions)
+	netavarkOpts, needPlugin, err := n.convertNetOpts(options.NetworkOptions)
 	if err != nil {
 		return nil, fmt.Errorf("failed to convert net opts: %w", err)
 	}
@@ -71,7 +72,7 @@ func (n *netavarkNetwork) Setup(namespacePath string, options types.SetupOptions
 	}
 
 	result := map[string]types.StatusBlock{}
-	err = n.execNetavark([]string{"setup", namespacePath}, netavarkOpts, &result)
+	err = n.execNetavark([]string{"setup", namespacePath}, needPlugin, netavarkOpts, &result)
 	if err != nil {
 		// lets dealloc ips to prevent leaking
 		if err := n.deallocIPs(&options.NetworkOptions); err != nil {
@@ -106,12 +107,12 @@ func (n *netavarkNetwork) Teardown(namespacePath string, options types.TeardownO
 		logrus.Error(err)
 	}
 
-	netavarkOpts, err := n.convertNetOpts(options.NetworkOptions)
+	netavarkOpts, needPlugin, err := n.convertNetOpts(options.NetworkOptions)
 	if err != nil {
 		return fmt.Errorf("failed to convert net opts: %w", err)
 	}
 
-	retErr := n.execNetavark([]string{"teardown", namespacePath}, netavarkOpts, nil)
+	retErr := n.execNetavark([]string{"teardown", namespacePath}, needPlugin, netavarkOpts, nil)
 
 	// when netavark returned an error we still free the used ips
 	// otherwise we could end up in a state where block the ips forever
@@ -127,22 +128,35 @@ func (n *netavarkNetwork) Teardown(namespacePath string, options types.TeardownO
 	return retErr
 }
 
-func (n *netavarkNetwork) getCommonNetavarkOptions() []string {
-	return []string{"--config", n.networkRunDir, "--rootless=" + strconv.FormatBool(n.networkRootless), "--aardvark-binary=" + n.aardvarkBinary}
+func (n *netavarkNetwork) getCommonNetavarkOptions(needPlugin bool) []string {
+	opts := []string{"--config", n.networkRunDir, "--rootless=" + strconv.FormatBool(n.networkRootless), "--aardvark-binary=" + n.aardvarkBinary}
+	// to allow better backwards compat we only add the new netavark option when really needed
+	if needPlugin {
+		// Note this will require a netavark with https://github.com/containers/netavark/pull/509
+		for _, dir := range n.pluginDirs {
+			opts = append(opts, "--plugin-directory", dir)
+		}
+	}
+	return opts
 }
 
-func (n *netavarkNetwork) convertNetOpts(opts types.NetworkOptions) (*netavarkOptions, error) {
+func (n *netavarkNetwork) convertNetOpts(opts types.NetworkOptions) (*netavarkOptions, bool, error) {
 	netavarkOptions := netavarkOptions{
 		NetworkOptions: opts,
 		Networks:       make(map[string]*types.Network, len(opts.Networks)),
 	}
 
+	needsPlugin := false
+
 	for network := range opts.Networks {
 		net, err := n.getNetwork(network)
 		if err != nil {
-			return nil, err
+			return nil, false, err
 		}
 		netavarkOptions.Networks[network] = net
+		if !pkgutil.StringInSlice(net.Driver, builtinDrivers) {
+			needsPlugin = true
+		}
 	}
-	return &netavarkOptions, nil
+	return &netavarkOptions, needsPlugin, nil
 }