Installing the cni plugins.

2025-12-18 00:27:18 -05:00 · 2025-12-18 00:27:18 -05:00 · 1da6250301
commit 1da6250301
parent c61da527f2
4 changed files with 60 additions and 12 deletions
--- a/nix/kubernetes/roles/containerd/default.nix
+++ b/nix/kubernetes/roles/containerd/default.nix
@ -20,22 +20,23 @@
  config = lib.mkIf config.me.containerd.enable {
    virtualisation.containerd.enable = true;
    virtualisation.containerd.settings =
-      # let
+      let
-      #   my-cni-plugins = pkgs.buildEnv {
+        my-cni-plugins = pkgs.buildEnv {
-      #     name = "my-cni-plugins";
+          name = "my-cni-plugins";
-      #     paths = with pkgs; [
+          paths = with pkgs; [
-      #       cni-plugins
+            cni-plugins
-      #       cni-plugin-flannel
+            cni-plugin-flannel
-      #     ];
+          ];
-      #   };
+        };
-      # in
+      in
      {
        "plugins" = {
          "io.containerd.grpc.v1.cri" = {
            "cni" = {
-              "bin_dir" = "/opt/cni/bin";
+              # "bin_dir" = "/opt/cni/bin";
-              # "bin_dir" = "${my-cni-plugins}/bin";
+              "bin_dir" = "${my-cni-plugins}/bin";
-              "conf_dir" = "/etc/cni/net.d";
+              # "conf_dir" = "/etc/cni/net.d";
              "conf_dir" = "${pkgs.callPackage ./package/cni_conf/package.nix { }}";
            };
            "containerd" = {
              "default_runtime_name" = "runc";
--- a/nix/kubernetes/roles/containerd/package/cni_conf/files/10-bridge.conf
+++ b/nix/kubernetes/roles/containerd/package/cni_conf/files/10-bridge.conf
@ -0,0 +1,15 @@
 {
  "cniVersion": "1.0.0",
  "name": "bridge",
  "type": "bridge",
  "bridge": "cni0",
  "isGateway": true,
  "ipMasq": true,
  "ipam": {
    "type": "host-local",
    "ranges": [
      [{"subnet": "SUBNET"}]
    ],
    "routes": [{"dst": "0.0.0.0/0"}]
  }
 }
--- a/nix/kubernetes/roles/containerd/package/cni_conf/files/99-loopback.conf
+++ b/nix/kubernetes/roles/containerd/package/cni_conf/files/99-loopback.conf
@ -0,0 +1,5 @@
 {
  "cniVersion": "1.1.0",
  "name": "lo",
  "type": "loopback"
 }
--- a/nix/kubernetes/roles/containerd/package/cni_conf/package.nix
+++ b/nix/kubernetes/roles/containerd/package/cni_conf/package.nix
@ -0,0 +1,27 @@
 # unpackPhase
 # patchPhase
 # configurePhase
 # buildPhase
 # checkPhase
 # installPhase
 # fixupPhase
 # installCheckPhase
 # distPhase
 {
  stdenv,
  openssl,
  ...
 }:
 stdenv.mkDerivation (finalAttrs: {
  name = "cni-conf";
  nativeBuildInputs = [ openssl ];
  buildInputs = [ ];
  unpackPhase = "true";
  installPhase = ''
    mkdir -p "$out"
    cd "$out"
    install ${./files/10-bridge.conf} ${./files/99-loopback.conf} $out/
  '';
 })