This repo aims to integrate CNI with Dockerd.
There is, according to CNI repo, an approach to integrate by running a pause equivalent container ahead of the application container, but that's too pod-like for those who resent pod models.
Let's figure out yet another solution.
Make sure you have everything ready:
- CNI binaries in the right place: for example,
/opt/cni/bin/calico
and/opt/cni/bin/calico-ipam
binaries - CNI configures in the right place: for exmaple,
/etc/cni/net.d/10-calico.conf
- Other services needed: for example,
calico-node
container
Notes:
- Provided there are multiple CNI configures in the dir,
docker-cni
will only use the first config in alphabet order.
Download the latest binary from release.
mkdir -p /etc/docker/
cat <<! >/etc/docker/cni.yaml
oci_bin: /usr/bin/runc
cni_conf_dir: /etc/cni/net.d/
cni_bin_dir: /opt/cni/bin/
cni_ifname: eth0
cni_log: /var/log/cni.log
log_driver: file:///var/log/docker-cni.log
log_level: debug
!
You may revise the aforementioned configure with YOUR cni_conf_dir
and cni_bin_dir
.
Add the additional runtime
in docker daemon configure, which is usually located at /etc/docker/daemon.json
:
{
...
"runtimes": {
"cni": {
"path": "/usr/local/bin/docker-cni",
"runtimeArgs": [ "oci", "--config", "/etc/docker/cni.yaml", "--" ]
}
}
}
systemctl restart docker
docker run -td --runtime cni --net none bash bash
That's everything.