diff options
author | Paul Holzinger <paul.holzinger@web.de> | 2020-10-30 15:38:54 +0100 |
---|---|---|
committer | Paul Holzinger <paul.holzinger@web.de> | 2020-10-30 18:53:55 +0100 |
commit | 2704dfbb7a3fc079a74e9c8edf1acd7be24db035 (patch) | |
tree | dbe13f6e55f1e466850c4e25ddb8326cad04c40a | |
parent | 228396a99dc88fc828f23d4072a46ca8de90282f (diff) | |
download | podman-2704dfbb7a3fc079a74e9c8edf1acd7be24db035.tar.gz podman-2704dfbb7a3fc079a74e9c8edf1acd7be24db035.tar.bz2 podman-2704dfbb7a3fc079a74e9c8edf1acd7be24db035.zip |
Fix dnsname when joining a different network namespace in a pod
When creating a container in a pod the podname was always set as
the dns entry. This is incorrect when the container is not part
of the pods network namespace. This happend both rootful and
rootless. To fix this check if we are part of the pods network
namespace and if not use the container name as dns entry.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
-rw-r--r-- | libpod/networking_linux.go | 12 | ||||
-rw-r--r-- | libpod/rootless_cni_linux.go | 16 | ||||
-rw-r--r-- | test/e2e/run_networking_test.go | 35 |
3 files changed, 46 insertions, 17 deletions
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 9ff6e40b7..28dca8dd8 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -102,17 +102,7 @@ func (r *Runtime) configureNetNS(ctr *Container, ctrNS ns.NetNS) ([]*cnitypes.Re requestedMAC = ctr.config.StaticMAC } - // If we are in a pod use the pod name for the network, otherwise the container name - var podName string - if ctr.PodID() != "" { - pod, err := r.GetPod(ctr.PodID()) - if err == nil { - podName = pod.Name() - } - } - if podName == "" { - podName = ctr.Name() - } + podName := getCNIPodName(ctr) podNetwork := r.getPodNetwork(ctr.ID(), podName, ctrNS.Path(), ctr.config.Networks, ctr.config.PortMappings, requestedIP, requestedMAC) diff --git a/libpod/rootless_cni_linux.go b/libpod/rootless_cni_linux.go index 21e43ebd0..3d4ff6e86 100644 --- a/libpod/rootless_cni_linux.go +++ b/libpod/rootless_cni_linux.go @@ -53,7 +53,7 @@ func AllocRootlessCNI(ctx context.Context, c *Container) (ns.NetNS, []*cnitypes. if err != nil { return nil, nil, err } - k8sPodName := getPodOrContainerName(c) // passed to CNI as K8S_POD_NAME + k8sPodName := getCNIPodName(c) // passed to CNI as K8S_POD_NAME cniResults := make([]*cnitypes.Result, len(c.config.Networks)) for i, nw := range c.config.Networks { cniRes, err := rootlessCNIInfraCallAlloc(infra, c.ID(), nw, k8sPodName) @@ -115,12 +115,16 @@ func getRootlessCNIInfraLock(r *Runtime) (lockfile.Locker, error) { return lockfile.GetLockfile(fname) } -func getPodOrContainerName(c *Container) string { - pod, err := c.runtime.GetPod(c.PodID()) - if err != nil || pod.config.Name == "" { - return c.Name() +// getCNIPodName return the pod name (hostname) used by CNI and the dnsname plugin. +// If we are in the pod network namespace use the pod name otherwise the container name +func getCNIPodName(c *Container) string { + if c.config.NetMode.IsPod() || c.IsInfra() { + pod, err := c.runtime.GetPod(c.PodID()) + if err == nil { + return pod.Name() + } } - return pod.config.Name + return c.Name() } func rootlessCNIInfraCallAlloc(infra *Container, id, nw, k8sPodName string) (*cnitypes.Result, error) { diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index 9f6fd8602..a3cc352b1 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -594,4 +594,39 @@ var _ = Describe("Podman run networking", func() { Expect(run.ExitCode()).To(BeZero()) Expect(strings.Contains(run.OutputToString(), hostname)).To(BeTrue()) }) + + It("podman run check dnsname plugin", func() { + pod := "testpod" + session := podmanTest.Podman([]string{"pod", "create", "--name", pod}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + + net := "dnsNetTest" + session = podmanTest.Podman([]string{"network", "create", net}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + defer podmanTest.removeCNINetwork(net) + + pod2 := "testpod2" + session = podmanTest.Podman([]string{"pod", "create", "--network", net, "--name", pod2}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + + session = podmanTest.Podman([]string{"run", "--name", "con1", "--network", net, ALPINE, "nslookup", "con1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + + session = podmanTest.Podman([]string{"run", "--name", "con2", "--pod", pod, "--network", net, ALPINE, "nslookup", "con2"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + + session = podmanTest.Podman([]string{"run", "--name", "con3", "--pod", pod2, ALPINE, "nslookup", "con3"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(1)) + Expect(session.ErrorToString()).To(ContainSubstring("can't resolve 'con3'")) + + session = podmanTest.Podman([]string{"run", "--name", "con4", "--network", net, ALPINE, "nslookup", pod2}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + }) }) |