summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2018-11-28 07:58:55 -0800
committerGitHub <noreply@github.com>2018-11-28 07:58:55 -0800
commitade0b3084436f1b9325fd689529db03294a0d1f8 (patch)
treecd8adb010f9dac99862a528877ec7513c1fcd804
parent7ae37dcafced4da7fd1e65e6ec41a07220c06542 (diff)
parent870eed9378c025f3684aa8baf3db6de969da3c5d (diff)
downloadpodman-ade0b3084436f1b9325fd689529db03294a0d1f8.tar.gz
podman-ade0b3084436f1b9325fd689529db03294a0d1f8.tar.bz2
podman-ade0b3084436f1b9325fd689529db03294a0d1f8.zip
Merge pull request #1846 from cgwalters/netns-dns-localhost
Use host's resolv.conf if no network namespace enabled
-rw-r--r--libpod/container_internal_linux.go5
-rw-r--r--pkg/resolvconf/resolvconf.go12
2 files changed, 13 insertions, 4 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 99f8652df..6b21bc3d6 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -729,9 +729,10 @@ func (c *Container) generateResolvConf() (string, error) {
return "", errors.Wrapf(err, "unable to read %s", resolvPath)
}
- // Process the file to remove localhost nameservers
+ // Ensure that the container's /etc/resolv.conf is compatible with its
+ // network configuration.
// TODO: set ipv6 enable bool more sanely
- resolv, err := resolvconf.FilterResolvDNS(contents, true)
+ resolv, err := resolvconf.FilterResolvDNS(contents, true, c.config.CreateNetNS)
if err != nil {
return "", errors.Wrapf(err, "error parsing host resolv.conf")
}
diff --git a/pkg/resolvconf/resolvconf.go b/pkg/resolvconf/resolvconf.go
index fccd60093..e85bcb377 100644
--- a/pkg/resolvconf/resolvconf.go
+++ b/pkg/resolvconf/resolvconf.go
@@ -103,13 +103,21 @@ func GetLastModified() *File {
}
// FilterResolvDNS cleans up the config in resolvConf. It has two main jobs:
-// 1. It looks for localhost (127.*|::1) entries in the provided
+// 1. If a netns is enabled, it looks for localhost (127.*|::1) entries in the provided
// resolv.conf, removing local nameserver entries, and, if the resulting
// cleaned config has no defined nameservers left, adds default DNS entries
// 2. Given the caller provides the enable/disable state of IPv6, the filter
// code will remove all IPv6 nameservers if it is not enabled for containers
//
-func FilterResolvDNS(resolvConf []byte, ipv6Enabled bool) (*File, error) {
+func FilterResolvDNS(resolvConf []byte, ipv6Enabled bool, netnsEnabled bool) (*File, error) {
+ // If we're using the host netns, we have nothing to do besides hash the file.
+ if !netnsEnabled {
+ hash, err := ioutils.HashData(bytes.NewReader(resolvConf))
+ if err != nil {
+ return nil, err
+ }
+ return &File{Content: resolvConf, Hash: hash}, nil
+ }
cleanedResolvConf := localhostNSRegexp.ReplaceAll(resolvConf, []byte{})
// if IPv6 is not enabled, also clean out any IPv6 address nameserver
if !ipv6Enabled {