Document how to enable CNI network plugin

[afbjorklund]

It seems like currently the "noop" plugin is always used ?

ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --network-plugin=

level=info msg="Docker cri networking managed by network plugin kubernetes.io/no-op"

In order to use CNI, one needs to supply additional params:

--network-plugin=cni --cni-bin-dir=/opt/cni/bin --cni-cache-dir=/var/lib/cni/cache --cni-conf-dir=/etc/cni/net.d

level=info msg="Docker cri networking managed by network plugin cni"

---

The previous default values seem to be missing, compared to dockershim ?

BEFORE (1.23)

      --network-plugin string                                    The name of the network plugin to be invoked for various events in kubelet/pod lifecycle. This docker-specific flag only works when container-runtime is set to docker. (DEPRECATED: will be removed along with dockershim.)
      --network-plugin-mtu int32                                 The MTU to be passed to the network plugin, to override the default. Set to 0 to use the default 1460 MTU. This docker-specific flag only works when container-runtime is set to docker. (DEPRECATED: will be removed along with dockershim.)
      --cni-bin-dir string                                       A comma-separated list of full paths of directories in which to search for CNI plugin binaries. This docker-specific flag only works when container-runtime is set to docker. (default "/opt/cni/bin") (DEPRECATED: will be removed along with dockershim.)
      --cni-cache-dir string                                     The full path of the directory in which CNI should store cache files. This docker-specific flag only works when container-runtime is set to docker. (default "/var/lib/cni/cache") (DEPRECATED: will be removed along with dockershim.)
      --cni-conf-dir string                                      The full path of the directory in which to search for CNI config files. This docker-specific flag only works when container-runtime is set to docker. (default "/etc/cni/net.d") (DEPRECATED: will be removed along with dockershim.)

AFTER (1.24)

      --network-plugin string                   <Warning: Alpha feature> The name of the network plugin to be invoked for various events in kubelet/pod lifecycle.
      --network-plugin-mtu int32                <Warning: Alpha feature> The MTU to be passed to the network plugin, to override the default. Set to 0 to use the default 1460 MTU.
      --cni-bin-dir string                      <Warning: Alpha feature> A comma-separated list of full paths of directories in which to search for CNI plugin binaries.
      --cni-cache-dir string                    <Warning: Alpha feature> The full path of the directory in which CNI should store cache files.
      --cni-conf-dir string                     <Warning: Alpha feature> The full path of the directory in which to search for CNI config files

[afbjorklund]

Same issue:

• how to configure cri-dockerd with calico #42

[afbjorklund]

After restoring the defaults for the cni options, the network-plugin can be changed to cni with a systemd drop-in:

      --cni-bin-dir string                      <Warning: Alpha feature> A comma-separated list of full paths of directories in which to search for CNI plugin binaries. (default "/opt/cni/bin")
      --cni-cache-dir string                    <Warning: Alpha feature> The full path of the directory in which CNI should store cache files. (default "/var/lib/cni/cache")
      --cni-conf-dir string                     <Warning: Alpha feature> The full path of the directory in which to search for CNI config files (default "/etc/cni/net.d")

/etc/systemd/system/cri-docker.service.d/cni.conf

[Service]
ExecStart=
ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --network-plugin=cni

[afbjorklund]

We added all the parameters to minikube instead, as a workaround (since the fix won't make it to the release)