always add short container id as net alias

This matches what docker does. Also make sure the net aliases are also
shown when the container is stopped.

docker-compose uses this special alias entry to check if it is already
correctly connected to the network. [1]
Because we do not support static ips on network connect at the moment
calling disconnect && connect will loose the static ip.

Fixes #11748

[1] https://github.com/docker/compose/blob/0bea52b18dda3de8c28fcfb0c80cc08b8950645e/compose/service.py#L663-L667

Signed-off-by: Paul Holzinger <pholzing@redhat.com>

6 files changed, 71 insertions, 9 deletions

diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index dd6f3878a..867ecc2ad 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -1310,7 +1310,7 @@ func (c *Container) restore(ctx context.Context, options ContainerCheckpointOpti
 	if err == nil && options.Name == "" && (!options.IgnoreStaticIP || !options.IgnoreStaticMAC) {
 		// The file with the network.status does exist. Let's restore the
 		// container with the same networks settings as during checkpointing.
-		aliases, err := c.runtime.state.GetAllNetworkAliases(c)
+		aliases, err := c.GetAllNetworkAliases()
 		if err != nil {
 			return err
 		}
diff --git a/libpod/network/types/network.go b/libpod/network/types/network.go
index 68a32d499..2fe4f3da2 100644
--- a/libpod/network/types/network.go
+++ b/libpod/network/types/network.go
@@ -151,7 +151,9 @@ type PerNetworkOptions struct {
 	// StaticIPv4 for this container. Optional.
 	StaticIPs []net.IP `json:"static_ips,omitempty"`
 	// Aliases contains a list of names which the dns server should resolve
-	// to this container. Can only be set when DNSEnabled is true on the Network.
+	// to this container. Should only be set when DNSEnabled is true on the Network.
+	// If aliases are set but there is no dns support for this network the
+	// network interface implementation should ignore this and NOT error.
 	// Optional.
 	Aliases []string `json:"aliases,omitempty"`
 	// StaticMac for this container. Optional.
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index ec9d98b56..e4fcfc271 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -48,6 +48,41 @@ const (
 	persistentCNIDir = "/var/lib/cni"
 )
 
+// GetAllNetworkAliases returns all configured aliases for this container.
+// It also adds the container short ID as alias to match docker.
+func (c *Container) GetAllNetworkAliases() (map[string][]string, error) {
+	allAliases, err := c.runtime.state.GetAllNetworkAliases(c)
+	if err != nil {
+		return nil, err
+	}
+
+	// get the all attached networks, we cannot use GetAllNetworkAliases()
+	// since it returns nil if there are no aliases
+	nets, _, err := c.networks()
+	if err != nil {
+		return nil, err
+	}
+
+	// add container short ID as alias to match docker
+	for _, net := range nets {
+		allAliases[net] = append(allAliases[net], c.config.ID[:12])
+	}
+	return allAliases, nil
+}
+
+// GetNetworkAliases returns configured aliases for this network.
+// It also adds the container short ID as alias to match docker.
+func (c *Container) GetNetworkAliases(netName string) ([]string, error) {
+	aliases, err := c.runtime.state.GetNetworkAliases(c, netName)
+	if err != nil {
+		return nil, err
+	}
+
+	// add container short ID as alias to match docker
+	aliases = append(aliases, c.config.ID[:12])
+	return aliases, nil
+}
+
 func (c *Container) getNetworkOptions() (types.NetworkOptions, error) {
 	opts := types.NetworkOptions{
 		ContainerID:   c.config.ID,
@@ -61,7 +96,7 @@ func (c *Container) getNetworkOptions() (types.NetworkOptions, error) {
 	if err != nil {
 		return opts, err
 	}
-	aliases, err := c.runtime.state.GetAllNetworkAliases(c)
+	aliases, err := c.GetAllNetworkAliases()
 	if err != nil {
 		return opts, err
 	}
@@ -872,7 +907,7 @@ func (r *Runtime) reloadContainerNetwork(ctr *Container) (map[string]types.Statu
 		}
 	}
 
-	aliases, err := ctr.runtime.state.GetAllNetworkAliases(ctr)
+	aliases, err := ctr.GetAllNetworkAliases()
 	if err != nil {
 		return nil, err
 	}
@@ -975,6 +1010,11 @@ func (c *Container) getContainerNetworkInfo() (*define.InspectNetworkSettings, e
 			for _, net := range networks {
 				cniNet := new(define.InspectAdditionalNetwork)
 				cniNet.NetworkID = net
+				aliases, err := c.GetNetworkAliases(net)
+				if err != nil {
+					return nil, err
+				}
+				cniNet.Aliases = aliases
 				settings.Networks[net] = cniNet
 			}
 		}
@@ -1009,7 +1049,7 @@ func (c *Container) getContainerNetworkInfo() (*define.InspectNetworkSettings, e
 				return nil, err
 			}
 
-			aliases, err := c.runtime.state.GetNetworkAliases(c, name)
+			aliases, err := c.GetNetworkAliases(name)
 			if err != nil {
 				return nil, err
 			}
@@ -1253,6 +1293,7 @@ func (c *Container) NetworkConnect(nameOrID, netName string, aliases []string) e
 	if !exists {
 		return errors.Errorf("no network interface name for container %s on network %s", c.config.ID, netName)
 	}
+	aliases = append(aliases, c.config.ID[:12])
 	opts.Networks = map[string]types.PerNetworkOptions{
 		netName: {
 			Aliases:       aliases,
diff --git a/test/compose/test-compose b/test/compose/test-compose
index 70db6dd55..beaf276fd 100755
--- a/test/compose/test-compose
+++ b/test/compose/test-compose
@@ -247,6 +247,7 @@ function podman() {
 	--storage-driver=vfs \
         --root    $WORKDIR/root    \
         --runroot $WORKDIR/runroot \
+        --cni-config-dir $WORKDIR/cni \
         "$@")
     echo -n "$output" >>$WORKDIR/output.log
 }
diff --git a/test/e2e/network_connect_disconnect_test.go b/test/e2e/network_connect_disconnect_test.go
index 217efdeec..5f7c55d3f 100644
--- a/test/e2e/network_connect_disconnect_test.go
+++ b/test/e2e/network_connect_disconnect_test.go
@@ -52,7 +52,6 @@ var _ = Describe("Podman network connect and disconnect", func() {
 	})
 
 	It("network disconnect with net mode slirp4netns should result in error", func() {
-		SkipIfRootless("network connect and disconnect are only rootful")
 		netName := "slirp" + stringid.GenerateNonCryptoID()
 		session := podmanTest.Podman([]string{"network", "create", netName})
 		session.WaitWithDefaultTimeout()
@@ -118,7 +117,6 @@ var _ = Describe("Podman network connect and disconnect", func() {
 	})
 
 	It("network connect with net mode slirp4netns should result in error", func() {
-		SkipIfRootless("network connect and disconnect are only rootful")
 		netName := "slirp" + stringid.GenerateNonCryptoID()
 		session := podmanTest.Podman([]string{"network", "create", netName})
 		session.WaitWithDefaultTimeout()
@@ -146,6 +144,13 @@ var _ = Describe("Podman network connect and disconnect", func() {
 		ctr := podmanTest.Podman([]string{"create", "--name", "test", "--network", netName, ALPINE, "top"})
 		ctr.WaitWithDefaultTimeout()
 		Expect(ctr).Should(Exit(0))
+		cid := ctr.OutputToString()
+
+		// network alias container short id is always added and shown in inspect
+		inspect := podmanTest.Podman([]string{"container", "inspect", "test", "--format", "{{(index .NetworkSettings.Networks \"" + netName + "\").Aliases}}"})
+		inspect.WaitWithDefaultTimeout()
+		Expect(inspect).Should(Exit(0))
+		Expect(inspect.OutputToString()).To(Equal("[" + cid[0:12] + "]"))
 
 		con := podmanTest.Podman([]string{"network", "connect", netName, "test"})
 		con.WaitWithDefaultTimeout()
@@ -153,7 +158,6 @@ var _ = Describe("Podman network connect and disconnect", func() {
 	})
 
 	It("podman network connect", func() {
-		SkipIfRemote("This requires a pending PR to be merged before it will work")
 		netName := "aliasTest" + stringid.GenerateNonCryptoID()
 		session := podmanTest.Podman([]string{"network", "create", netName})
 		session.WaitWithDefaultTimeout()
@@ -163,6 +167,7 @@ var _ = Describe("Podman network connect and disconnect", func() {
 		ctr := podmanTest.Podman([]string{"run", "-dt", "--name", "test", "--network", netName, ALPINE, "top"})
 		ctr.WaitWithDefaultTimeout()
 		Expect(ctr).Should(Exit(0))
+		cid := ctr.OutputToString()
 
 		exec := podmanTest.Podman([]string{"exec", "-it", "test", "ip", "addr", "show", "eth0"})
 		exec.WaitWithDefaultTimeout()
@@ -184,6 +189,12 @@ var _ = Describe("Podman network connect and disconnect", func() {
 		Expect(inspect).Should(Exit(0))
 		Expect(inspect.OutputToString()).To(Equal("2"))
 
+		// network alias container short id is always added and shown in inspect
+		inspect = podmanTest.Podman([]string{"container", "inspect", "test", "--format", "{{(index .NetworkSettings.Networks \"" + newNetName + "\").Aliases}}"})
+		inspect.WaitWithDefaultTimeout()
+		Expect(inspect).Should(Exit(0))
+		Expect(inspect.OutputToString()).To(Equal("[" + cid[0:12] + "]"))
+
 		exec = podmanTest.Podman([]string{"exec", "-it", "test", "ip", "addr", "show", "eth1"})
 		exec.WaitWithDefaultTimeout()
 		Expect(exec).Should(Exit(0))
@@ -193,7 +204,6 @@ var _ = Describe("Podman network connect and disconnect", func() {
 		rm.WaitWithDefaultTimeout()
 		Expect(rm).Should(Exit(0))
 		Expect(rm.ErrorToString()).To(Equal(""))
-
 	})
 
 	It("podman network connect when not running", func() {
diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats
index ef00d0366..548f2d764 100644
--- a/test/system/500-networking.bats
+++ b/test/system/500-networking.bats
@@ -415,6 +415,10 @@ load helpers
     run_podman inspect $cid --format "{{(index .NetworkSettings.Networks \"$netname\").MacAddress}}"
     mac="$output"
 
+    # check network alias for container short id
+    run_podman inspect $cid --format "{{(index .NetworkSettings.Networks \"$netname\").Aliases}}"
+    is "$output" "\[${cid:0:12}\]" "short container id in network aliases"
+
     run_podman network disconnect $netname $cid
 
     # check that we cannot curl (timeout after 3 sec)
@@ -443,6 +447,10 @@ load helpers
     # connect a second network
     run_podman network connect $netname2 $cid
 
+    # check network2 alias for container short id
+    run_podman inspect $cid --format "{{(index .NetworkSettings.Networks \"$netname2\").Aliases}}"
+    is "$output" "\[${cid:0:12}\]" "short container id in network aliases"
+
     # curl should work
     run curl --max-time 3 -s $SERVER/index.txt
     is "$output" "$random_1" "curl 127.0.0.1:/index.txt should work"