GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → ehazlett → circuit

ehazlett / circuit

Licence: MIT license
Container Network Management

Programming Languages

go
31211 projects - #10 most used programming language
Makefile
30231 projects

Labels

networkingcontainersgrpccnicontainerd

Projects that are alternatives of or similar to circuit

Go Cni
A generic CNI library to provide APIs for CNI plugin interactions
Stars: ✭ 82 (+90.7%)
Mutual labels:  cni
api-cni-cleanup
Kubernetes CNI cleanner
Stars: ✭ 29 (-32.56%)
Mutual labels:  cni
amazon-ecs-shim-loggers-for-containerd
Logger shim repository for streaming container logs when using Containerd
Stars: ✭ 35 (-18.6%)
Mutual labels:  containerd
Kubernetes Networking Links
Kubernetes Networking recommended reading list
Stars: ✭ 175 (+306.98%)
Mutual labels:  cni
missing-container-metrics
Prometheus exporter for container metrics cAdvisor won't give you
Stars: ✭ 143 (+232.56%)
Mutual labels:  containerd
ansible-role-containerd
Ansible Role - containerd.io
Stars: ✭ 45 (+4.65%)
Mutual labels:  containerd
Coil
CNI plugin for Kubernetes designed for scalability and extensibility
Stars: ✭ 81 (+88.37%)
Mutual labels:  cni
cni-plugins
CNI Plugins compatible with nftables
Stars: ✭ 29 (-32.56%)
Mutual labels:  cni
amazon-ecr-containerd-resolver-ARCHIVED
The Amazon ECR containerd resolver is an implementation of a containerd Resolver and Fetcher that can pull images from and push images to Amazon ECR using the Amazon ECR API instead of the Docker Registry API.
Stars: ✭ 10 (-76.74%)
Mutual labels:  containerd
fluentbit-containerd-cri-o-json-log
Parsing CRI JSON logs with Fluent Bit - applies to fluentbit, kubernetes, containerd and cri-o
Stars: ✭ 58 (+34.88%)
Mutual labels:  containerd
ovs-cni
Open vSwitch CNI plugin
Stars: ✭ 176 (+309.3%)
Mutual labels:  cni
linen-cni
A CNI plugin designed for overlay networks with Open vSwitch
Stars: ✭ 48 (+11.63%)
Mutual labels:  cni
macvtap-cni
A CNI + device plugin combo for virtualization workloads on Kubernetes.
Stars: ✭ 28 (-34.88%)
Mutual labels:  cni
Covscript
Covariant Script Interpreter
Stars: ✭ 169 (+293.02%)
Mutual labels:  cni
CKS-Exercises-Certified-Kubernetes-Security-Specialist
A set of curated exercises to help you prepare for the CKS exam
Stars: ✭ 124 (+188.37%)
Mutual labels:  containerd
Kubernetes The Ansible Way
Bootstrap Kubernetes the Ansible way on Everything (here: Vagrant). Inspired by Kelsey Hightower´s kubernetes-the-hard-way, but refactored to Infrastructure-as-Code.
Stars: ✭ 82 (+90.7%)
Mutual labels:  cni
flintlock
Lock, Stock, and Two Smoking MicroVMs. Create and manage the lifecycle of MicroVMs backed by containerd.
Stars: ✭ 78 (+81.4%)
Mutual labels:  cni
lima
Linux virtual machines, typically on macOS, for running containerd
Stars: ✭ 8,723 (+20186.05%)
Mutual labels:  containerd
konfigadm
konfigadm is a declarative configuration management tool and image builder focused on bootstrapping nodes for container-based environments.
Stars: ✭ 26 (-39.53%)
Mutual labels:  containerd
everoute
Everoute provide cloud-native networking and security solution
Stars: ✭ 26 (-39.53%)
Mutual labels:  cni
View All Similar Projects ➔ 
      _                _ _
     (_)              (_) |
  ___ _ _ __ ___ _   _ _| |_
 / __| | '__/ __| | | | | __|
| (__| | | | (__| |_| | | |_
 \___|_|_|  \___|\__,_|_|\__|

CI

Circuit

Circuit is a container management application for containerd.

It can be used imperitively to connect/disconnect containers to/from networks and also run as a daemon to listen for containerd events and connect/disconnect containers automatically.

Circuit can also provide basic restart capabilities for containers. By adding the io.circuit.restart label, the daemon will monitor containers and restart if they exit.

Circuit can be used with a CoreDNS Plugin to provide DNS responses for containers. This is most useful with the macvlan CNI plugin. Circuit uses Redis to provide basic clustering to enable container IP resolution across a fleet of Circuit nodes.

Usage

The daemon and cli is combined in a single binary.

Daemon

To run the daemon, use the server subcommand:

$> circuit server

This will start the GRPC server on port 8080 by default.

CLI

To use the CLI start the server and then use the various subcommands:

Circuit network definitions are simply CNI specs. To create a network for use with Circuit, use the create command.

As an example, you can create a bridge network using the following config as bridge.json:

{
    "cniVersion": "0.3.1",
    "name": "ctr0",
    "plugins": [
        {
            "type": "bridge",
            "bridge": "ctr0",
            "isDefaultGateway": true,
            "forceAddress": false,
            "ipMasq": true,
            "hairpinMode": true,
            "ipam": {
                "type": "host-local",
                "subnet": "10.255.0.0/16"
            }
        }
    ]
}

Create the network in Circuit:

$> circuit network create ctr0 bridge.json

You can then list networks:

$> circuit network ls
NAME      TYPE
ctr0      bridge

Run a container with no external networking:

$> ctr run -t docker.io/library/alpine:latest shell sh
/ # ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever

Now connect the shell container to the ctr0 network:

Note: make sure to have the CNI plugins installed to /opt/containerd/bin (can be changed with --cni-path).

$> circuit network connect shell ctr0
connected shell to ctr0 with ip=10.255.0.2

Confirm that the container has the interface:

/ # ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
3: eth0@if45: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
    link/ether 22:e0:21:33:ec:18 brd ff:ff:ff:ff:ff:ff
    inet 10.255.0.3/16 brd 10.255.255.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20e0:21ff:fe33:ec18/64 scope link
       valid_lft forever preferred_lft forever

You can also see all of the container IPs:

$> circuit network ips shell
NETWORK   IP              INTERFACE
ctr0      10.255.0.3      eth0

Automatic Networking

Circuit can run as a daemon and use containerd events to automatically connect and disconnect containers.

Note: currently automatic connection is limited to a single network.

To enable automatic connecting, use the io.circuit.network label when creating the container:

$> ctr run -t --label io.circuit.network=ctr0 docker.io/library/alpine:latest shell sh

There should already be an additional interface in the container:

/ # ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
3: eth0@if46: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
    link/ether de:6a:45:37:7a:5d brd ff:ff:ff:ff:ff:ff
    inet 10.255.0.4/16 brd 10.255.255.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::dc6a:45ff:fe37:7a5d/64 scope link tentative
       valid_lft forever preferred_lft forever

You should also see a log message for the connect event:

DEBU[0004] task start: container=shell pid=23217
INFO[0005] connected shell to ctr0 with ip 10.255.0.5

Clustering

Circuit can be configured to use Redis so that when querying for the container IP (i.e circuit network ips <name>) the Circuit nodes will query each other internally and return all known IPs of containers with that name. Note: you will need to setup a Redis host separately.

To form a Circuit cluster, simply configure the Circuit server to connect to Redis:

$> circuit server --redis-url redis://1.2.3.4:6379

You can then list all available nodes:

$> circuit cluster nodes
NAME
white-rabbit

You can then query for container IPs across all Circuit nodes:

$> circuit network ips shell
NETWORK   IP             INTERFACE
ctr0      10.10.214.28   eth0

This will query the Circuit cluster for all available IPs of containers with the name shell.

API

There is a GRPC API that the CLI uses for management. This can also be used in third party applications for more control over container network management.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].