summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaul Holzinger <paul.holzinger@web.de>2020-10-30 15:38:54 +0100
committerPaul Holzinger <paul.holzinger@web.de>2020-10-30 18:53:55 +0100
commit2704dfbb7a3fc079a74e9c8edf1acd7be24db035 (patch)
treedbe13f6e55f1e466850c4e25ddb8326cad04c40a
parent228396a99dc88fc828f23d4072a46ca8de90282f (diff)
downloadpodman-2704dfbb7a3fc079a74e9c8edf1acd7be24db035.tar.gz
podman-2704dfbb7a3fc079a74e9c8edf1acd7be24db035.tar.bz2
podman-2704dfbb7a3fc079a74e9c8edf1acd7be24db035.zip
Fix dnsname when joining a different network namespace in a pod
When creating a container in a pod the podname was always set as the dns entry. This is incorrect when the container is not part of the pods network namespace. This happend both rootful and rootless. To fix this check if we are part of the pods network namespace and if not use the container name as dns entry. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
-rw-r--r--libpod/networking_linux.go12
-rw-r--r--libpod/rootless_cni_linux.go16
-rw-r--r--test/e2e/run_networking_test.go35
3 files changed, 46 insertions, 17 deletions
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index 9ff6e40b7..28dca8dd8 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -102,17 +102,7 @@ func (r *Runtime) configureNetNS(ctr *Container, ctrNS ns.NetNS) ([]*cnitypes.Re
requestedMAC = ctr.config.StaticMAC
}
- // If we are in a pod use the pod name for the network, otherwise the container name
- var podName string
- if ctr.PodID() != "" {
- pod, err := r.GetPod(ctr.PodID())
- if err == nil {
- podName = pod.Name()
- }
- }
- if podName == "" {
- podName = ctr.Name()
- }
+ podName := getCNIPodName(ctr)
podNetwork := r.getPodNetwork(ctr.ID(), podName, ctrNS.Path(), ctr.config.Networks, ctr.config.PortMappings, requestedIP, requestedMAC)
diff --git a/libpod/rootless_cni_linux.go b/libpod/rootless_cni_linux.go
index 21e43ebd0..3d4ff6e86 100644
--- a/libpod/rootless_cni_linux.go
+++ b/libpod/rootless_cni_linux.go
@@ -53,7 +53,7 @@ func AllocRootlessCNI(ctx context.Context, c *Container) (ns.NetNS, []*cnitypes.
if err != nil {
return nil, nil, err
}
- k8sPodName := getPodOrContainerName(c) // passed to CNI as K8S_POD_NAME
+ k8sPodName := getCNIPodName(c) // passed to CNI as K8S_POD_NAME
cniResults := make([]*cnitypes.Result, len(c.config.Networks))
for i, nw := range c.config.Networks {
cniRes, err := rootlessCNIInfraCallAlloc(infra, c.ID(), nw, k8sPodName)
@@ -115,12 +115,16 @@ func getRootlessCNIInfraLock(r *Runtime) (lockfile.Locker, error) {
return lockfile.GetLockfile(fname)
}
-func getPodOrContainerName(c *Container) string {
- pod, err := c.runtime.GetPod(c.PodID())
- if err != nil || pod.config.Name == "" {
- return c.Name()
+// getCNIPodName return the pod name (hostname) used by CNI and the dnsname plugin.
+// If we are in the pod network namespace use the pod name otherwise the container name
+func getCNIPodName(c *Container) string {
+ if c.config.NetMode.IsPod() || c.IsInfra() {
+ pod, err := c.runtime.GetPod(c.PodID())
+ if err == nil {
+ return pod.Name()
+ }
}
- return pod.config.Name
+ return c.Name()
}
func rootlessCNIInfraCallAlloc(infra *Container, id, nw, k8sPodName string) (*cnitypes.Result, error) {
diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go
index 9f6fd8602..a3cc352b1 100644
--- a/test/e2e/run_networking_test.go
+++ b/test/e2e/run_networking_test.go
@@ -594,4 +594,39 @@ var _ = Describe("Podman run networking", func() {
Expect(run.ExitCode()).To(BeZero())
Expect(strings.Contains(run.OutputToString(), hostname)).To(BeTrue())
})
+
+ It("podman run check dnsname plugin", func() {
+ pod := "testpod"
+ session := podmanTest.Podman([]string{"pod", "create", "--name", pod})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(BeZero())
+
+ net := "dnsNetTest"
+ session = podmanTest.Podman([]string{"network", "create", net})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(BeZero())
+ defer podmanTest.removeCNINetwork(net)
+
+ pod2 := "testpod2"
+ session = podmanTest.Podman([]string{"pod", "create", "--network", net, "--name", pod2})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(BeZero())
+
+ session = podmanTest.Podman([]string{"run", "--name", "con1", "--network", net, ALPINE, "nslookup", "con1"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(BeZero())
+
+ session = podmanTest.Podman([]string{"run", "--name", "con2", "--pod", pod, "--network", net, ALPINE, "nslookup", "con2"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(BeZero())
+
+ session = podmanTest.Podman([]string{"run", "--name", "con3", "--pod", pod2, ALPINE, "nslookup", "con3"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(1))
+ Expect(session.ErrorToString()).To(ContainSubstring("can't resolve 'con3'"))
+
+ session = podmanTest.Podman([]string{"run", "--name", "con4", "--network", net, ALPINE, "nslookup", pod2})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(BeZero())
+ })
})