libpod: Move isBridgeNetMode and reloadContainerNetwork to networking_common.go

[NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
author: Doug Rabson <dfr@rabson.org> 2022-09-07 16:03:37 +0100
committer: Doug Rabson <dfr@rabson.org> 2022-09-12 16:28:47 +0100
commit: d014dca81f485f66eb66d426411e0faee7c8629b (patch)
tree: 95b6980706db383458b6c79b91577cd13c4120c3
parent: 1dd0eb4679a0e24bca8e72257e8225b03afddb23 (diff)
download: podman-d014dca81f485f66eb66d426411e0faee7c8629b.tar.gz
podman-d014dca81f485f66eb66d426411e0faee7c8629b.tar.bz2
podman-d014dca81f485f66eb66d426411e0faee7c8629b.zip
3 files changed, 69 insertions, 136 deletions
diff --git a/libpod/networking_common.go b/libpod/networking_common.go
index 5d0b64f10..d6e06152e 100644
--- a/libpod/networking_common.go
+++ b/libpod/networking_common.go
@@ -5,9 +5,12 @@ package libpod
 
 import (
 	"fmt"
+	"regexp"
 
 	"github.com/containers/common/libnetwork/types"
 	"github.com/containers/common/pkg/machine"
+	"github.com/containers/podman/v4/libpod/define"
+	"github.com/containers/podman/v4/pkg/namespaces"
 	"github.com/sirupsen/logrus"
 )
 
@@ -128,3 +131,69 @@ func (r *Runtime) teardownCNI(ctr *Container) error {
 	}
 	return nil
 }
+
+// isBridgeNetMode checks if the given network mode is bridge.
+// It returns nil when it is set to bridge and an error otherwise.
+func isBridgeNetMode(n namespaces.NetworkMode) error {
+	if !n.IsBridge() {
+		return fmt.Errorf("%q is not supported: %w", n, define.ErrNetworkModeInvalid)
+	}
+	return nil
+}
+
+// Reload only works with containers with a configured network.
+// It will tear down, and then reconfigure, the network of the container.
+// This is mainly used when a reload of firewall rules wipes out existing
+// firewall configuration.
+// Efforts will be made to preserve MAC and IP addresses, but this only works if
+// the container only joined a single CNI network, and was only assigned a
+// single MAC or IP.
+// Only works on root containers at present, though in the future we could
+// extend this to stop + restart slirp4netns
+func (r *Runtime) reloadContainerNetwork(ctr *Container) (map[string]types.StatusBlock, error) {
+	if ctr.state.NetNS == nil {
+		return nil, fmt.Errorf("container %s network is not configured, refusing to reload: %w", ctr.ID(), define.ErrCtrStateInvalid)
+	}
+	if err := isBridgeNetMode(ctr.config.NetMode); err != nil {
+		return nil, err
+	}
+	logrus.Infof("Going to reload container %s network", ctr.ID())
+
+	err := r.teardownCNI(ctr)
+	if err != nil {
+		// teardownCNI will error if the iptables rules do not exists and this is the case after
+		// a firewall reload. The purpose of network reload is to recreate the rules if they do
+		// not exists so we should not log this specific error as error. This would confuse users otherwise.
+		// iptables-legacy and iptables-nft will create different errors make sure to match both.
+		b, rerr := regexp.MatchString("Couldn't load target `CNI-[a-f0-9]{24}':No such file or directory|Chain 'CNI-[a-f0-9]{24}' does not exist", err.Error())
+		if rerr == nil && !b {
+			logrus.Error(err)
+		} else {
+			logrus.Info(err)
+		}
+	}
+
+	networkOpts, err := ctr.networks()
+	if err != nil {
+		return nil, err
+	}
+
+	// Set the same network settings as before..
+	netStatus := ctr.getNetworkStatus()
+	for network, perNetOpts := range networkOpts {
+		for name, netInt := range netStatus[network].Interfaces {
+			perNetOpts.InterfaceName = name
+			perNetOpts.StaticMAC = netInt.MacAddress
+			for _, netAddress := range netInt.Subnets {
+				perNetOpts.StaticIPs = append(perNetOpts.StaticIPs, netAddress.IPNet.IP)
+			}
+			// Normally interfaces have a length of 1, only for some special cni configs we could get more.
+			// For now just use the first interface to get the ips this should be good enough for most cases.
+			break
+		}
+		networkOpts[network] = perNetOpts
+	}
+	ctr.perNetworkOpts = networkOpts
+
+	return r.configureNetNS(ctr, ctr.state.NetNS)
+}
diff --git a/libpod/networking_freebsd.go b/libpod/networking_freebsd.go
index 3833154c5..7b6ea0d1e 100644
--- a/libpod/networking_freebsd.go
+++ b/libpod/networking_freebsd.go
@@ -11,14 +11,12 @@ import (
 	"net"
 	"os/exec"
 	"path/filepath"
-	"regexp"
 	"sort"
 
 	"github.com/containers/buildah/pkg/jail"
 	"github.com/containers/common/libnetwork/types"
 	"github.com/containers/podman/v4/libpod/define"
 	"github.com/containers/podman/v4/libpod/events"
-	"github.com/containers/podman/v4/pkg/namespaces"
 	"github.com/containers/podman/v4/pkg/util"
 	"github.com/containers/storage/pkg/lockfile"
 	"github.com/sirupsen/logrus"
@@ -213,72 +211,6 @@ func (r *Runtime) teardownNetNS(ctr *Container) error {
 	return nil
 }
 
-// isBridgeNetMode checks if the given network mode is bridge.
-// It returns nil when it is set to bridge and an error otherwise.
-func isBridgeNetMode(n namespaces.NetworkMode) error {
-	if !n.IsBridge() {
-		return fmt.Errorf("%q is not supported: %w", n, define.ErrNetworkModeInvalid)
-	}
-	return nil
-}
-
-// Reload only works with containers with a configured network.
-// It will tear down, and then reconfigure, the network of the container.
-// This is mainly used when a reload of firewall rules wipes out existing
-// firewall configuration.
-// Efforts will be made to preserve MAC and IP addresses, but this only works if
-// the container only joined a single CNI network, and was only assigned a
-// single MAC or IP.
-// Only works on root containers at present, though in the future we could
-// extend this to stop + restart slirp4netns
-func (r *Runtime) reloadContainerNetwork(ctr *Container) (map[string]types.StatusBlock, error) {
-	if ctr.state.NetNS == nil {
-		return nil, fmt.Errorf("container %s network is not configured, refusing to reload: %w", ctr.ID(), define.ErrCtrStateInvalid)
-	}
-	if err := isBridgeNetMode(ctr.config.NetMode); err != nil {
-		return nil, err
-	}
-	logrus.Infof("Going to reload container %s network", ctr.ID())
-
-	err := r.teardownCNI(ctr)
-	if err != nil {
-		// teardownCNI will error if the iptables rules do not exists and this is the case after
-		// a firewall reload. The purpose of network reload is to recreate the rules if they do
-		// not exists so we should not log this specific error as error. This would confuse users otherwise.
-		// iptables-legacy and iptables-nft will create different errors make sure to match both.
-		b, rerr := regexp.MatchString("Couldn't load target `CNI-[a-f0-9]{24}':No such file or directory|Chain 'CNI-[a-f0-9]{24}' does not exist", err.Error())
-		if rerr == nil && !b {
-			logrus.Error(err)
-		} else {
-			logrus.Info(err)
-		}
-	}
-
-	networkOpts, err := ctr.networks()
-	if err != nil {
-		return nil, err
-	}
-
-	// Set the same network settings as before..
-	netStatus := ctr.getNetworkStatus()
-	for network, perNetOpts := range networkOpts {
-		for name, netInt := range netStatus[network].Interfaces {
-			perNetOpts.InterfaceName = name
-			perNetOpts.StaticMAC = netInt.MacAddress
-			for _, netAddress := range netInt.Subnets {
-				perNetOpts.StaticIPs = append(perNetOpts.StaticIPs, netAddress.IPNet.IP)
-			}
-			// Normally interfaces have a length of 1, only for some special cni configs we could get more.
-			// For now just use the first interface to get the ips this should be good enough for most cases.
-			break
-		}
-		networkOpts[network] = perNetOpts
-	}
-	ctr.perNetworkOpts = networkOpts
-
-	return r.configureNetNS(ctr, ctr.state.NetNS)
-}
-
 func getContainerNetIO(ctr *Container) (*LinkStatistics64, error) {
 	if ctr.state.NetNS == nil {
 		// If NetNS is nil, it was set as none, and no netNS
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index fc9084c10..d442b3fe0 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -13,7 +13,6 @@ import (
 	"os"
 	"os/exec"
 	"path/filepath"
-	"regexp"
 	"sort"
 	"strconv"
 	"strings"
@@ -30,7 +29,6 @@ import (
 	"github.com/containers/podman/v4/libpod/define"
 	"github.com/containers/podman/v4/libpod/events"
 	"github.com/containers/podman/v4/pkg/errorhandling"
-	"github.com/containers/podman/v4/pkg/namespaces"
 	"github.com/containers/podman/v4/pkg/rootless"
 	"github.com/containers/podman/v4/utils"
 	"github.com/containers/storage/pkg/lockfile"
@@ -743,72 +741,6 @@ func getContainerNetNS(ctr *Container) (string, *Container, error) {
 	return "", nil, nil
 }
 
-// isBridgeNetMode checks if the given network mode is bridge.
-// It returns nil when it is set to bridge and an error otherwise.
-func isBridgeNetMode(n namespaces.NetworkMode) error {
-	if !n.IsBridge() {
-		return fmt.Errorf("%q is not supported: %w", n, define.ErrNetworkModeInvalid)
-	}
-	return nil
-}
-
-// Reload only works with containers with a configured network.
-// It will tear down, and then reconfigure, the network of the container.
-// This is mainly used when a reload of firewall rules wipes out existing
-// firewall configuration.
-// Efforts will be made to preserve MAC and IP addresses, but this only works if
-// the container only joined a single CNI network, and was only assigned a
-// single MAC or IP.
-// Only works on root containers at present, though in the future we could
-// extend this to stop + restart slirp4netns
-func (r *Runtime) reloadContainerNetwork(ctr *Container) (map[string]types.StatusBlock, error) {
-	if ctr.state.NetNS == nil {
-		return nil, fmt.Errorf("container %s network is not configured, refusing to reload: %w", ctr.ID(), define.ErrCtrStateInvalid)
-	}
-	if err := isBridgeNetMode(ctr.config.NetMode); err != nil {
-		return nil, err
-	}
-	logrus.Infof("Going to reload container %s network", ctr.ID())
-
-	err := r.teardownCNI(ctr)
-	if err != nil {
-		// teardownCNI will error if the iptables rules do not exists and this is the case after
-		// a firewall reload. The purpose of network reload is to recreate the rules if they do
-		// not exists so we should not log this specific error as error. This would confuse users otherwise.
-		// iptables-legacy and iptables-nft will create different errors make sure to match both.
-		b, rerr := regexp.MatchString("Couldn't load target `CNI-[a-f0-9]{24}':No such file or directory|Chain 'CNI-[a-f0-9]{24}' does not exist", err.Error())
-		if rerr == nil && !b {
-			logrus.Error(err)
-		} else {
-			logrus.Info(err)
-		}
-	}
-
-	networkOpts, err := ctr.networks()
-	if err != nil {
-		return nil, err
-	}
-
-	// Set the same network settings as before..
-	netStatus := ctr.getNetworkStatus()
-	for network, perNetOpts := range networkOpts {
-		for name, netInt := range netStatus[network].Interfaces {
-			perNetOpts.InterfaceName = name
-			perNetOpts.StaticMAC = netInt.MacAddress
-			for _, netAddress := range netInt.Subnets {
-				perNetOpts.StaticIPs = append(perNetOpts.StaticIPs, netAddress.IPNet.IP)
-			}
-			// Normally interfaces have a length of 1, only for some special cni configs we could get more.
-			// For now just use the first interface to get the ips this should be good enough for most cases.
-			break
-		}
-		networkOpts[network] = perNetOpts
-	}
-	ctr.perNetworkOpts = networkOpts
-
-	return r.configureNetNS(ctr, ctr.state.NetNS)
-}
-
 // TODO (5.0): return the statistics per network interface
 // This would allow better compat with docker.
 func getContainerNetIO(ctr *Container) (*netlink.LinkStatistics, error) {
author	Doug Rabson <dfr@rabson.org>	2022-09-07 16:03:37 +0100
committer	Doug Rabson <dfr@rabson.org>	2022-09-12 16:28:47 +0100
commit	d014dca81f485f66eb66d426411e0faee7c8629b (patch)
tree	95b6980706db383458b6c79b91577cd13c4120c3
parent	1dd0eb4679a0e24bca8e72257e8225b03afddb23 (diff)
download	podman-d014dca81f485f66eb66d426411e0faee7c8629b.tar.gz podman-d014dca81f485f66eb66d426411e0faee7c8629b.tar.bz2 podman-d014dca81f485f66eb66d426411e0faee7c8629b.zip