summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2020-08-21 18:52:55 +0200
committerGitHub <noreply@github.com>2020-08-21 18:52:55 +0200
commit4828455055010a1376f1e83832bfa34787f3a1e7 (patch)
tree5e74cd1f2800552042901173923d3f35386882ca
parenta8619bbb832646a816a138e0656ca6abdc9ad04e (diff)
parent7b21bcef5881db4f341090d255f6ef204a30dd1e (diff)
downloadpodman-4828455055010a1376f1e83832bfa34787f3a1e7.tar.gz
podman-4828455055010a1376f1e83832bfa34787f3a1e7.tar.bz2
podman-4828455055010a1376f1e83832bfa34787f3a1e7.zip
Merge pull request #7390 from baude/podnet
error when adding container to pod with network information
-rw-r--r--libpod/define/errors.go4
-rw-r--r--pkg/specgen/container_validate.go17
-rw-r--r--test/e2e/create_test.go62
3 files changed, 83 insertions, 0 deletions
diff --git a/libpod/define/errors.go b/libpod/define/errors.go
index 6e372eb5e..f80b1d6e3 100644
--- a/libpod/define/errors.go
+++ b/libpod/define/errors.go
@@ -157,4 +157,8 @@ var (
// ErrImageInUse indicates the requested operation failed because the image was in use
ErrImageInUse = errors.New("image is being used")
+
+ // ErrNetworkOnPodContainer indicates the user wishes to alter network attributes on a container
+ // in a pod. This cannot be done as the infra container has all the network information
+ ErrNetworkOnPodContainer = errors.New("network cannot be configured when it is shared with a pod")
)
diff --git a/pkg/specgen/container_validate.go b/pkg/specgen/container_validate.go
index 76961fa80..dc9e6b9d8 100644
--- a/pkg/specgen/container_validate.go
+++ b/pkg/specgen/container_validate.go
@@ -37,6 +37,23 @@ func (s *SpecGenerator) Validate() error {
}
}
+ // Containers being added to a pod cannot have certain network attributes
+ // associated with them because those should be on the infra container.
+ if len(s.Pod) > 0 && s.NetNS.NSMode == FromPod {
+ if s.StaticIP != nil || s.StaticIPv6 != nil {
+ return errors.Wrap(define.ErrNetworkOnPodContainer, "static ip addresses must be defined when the pod is created")
+ }
+ if s.StaticMAC != nil {
+ return errors.Wrap(define.ErrNetworkOnPodContainer, "MAC addresses must be defined when the pod is created")
+ }
+ if len(s.CNINetworks) > 0 {
+ return errors.Wrap(define.ErrNetworkOnPodContainer, "networks must be defined when the pod is created")
+ }
+ if len(s.PortMappings) > 0 || s.PublishExposedPorts {
+ return errors.Wrap(define.ErrNetworkOnPodContainer, "published or exposed ports must be defined when the pod is created")
+ }
+ }
+
//
// ContainerBasicConfig
//
diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go
index 72a3a7717..9cfed263a 100644
--- a/test/e2e/create_test.go
+++ b/test/e2e/create_test.go
@@ -542,4 +542,66 @@ var _ = Describe("Podman create", func() {
Expect(session.ExitCode()).To(Not(Equal(0)))
Expect(session.ErrorToString()).To(ContainSubstring("Invalid umask"))
})
+
+ It("create container in pod with IP should fail", func() {
+ SkipIfRootless()
+ name := "createwithstaticip"
+ pod := podmanTest.RunTopContainerInPod("", "new:"+name)
+ pod.WaitWithDefaultTimeout()
+ Expect(pod.ExitCode()).To(BeZero())
+
+ session := podmanTest.Podman([]string{"create", "--pod", name, "--ip", "192.168.1.2", ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).ToNot(BeZero())
+ })
+
+ It("create container in pod with mac should fail", func() {
+ SkipIfRootless()
+ name := "createwithstaticmac"
+ pod := podmanTest.RunTopContainerInPod("", "new:"+name)
+ pod.WaitWithDefaultTimeout()
+ Expect(pod.ExitCode()).To(BeZero())
+
+ session := podmanTest.Podman([]string{"create", "--pod", name, "--mac-address", "52:54:00:6d:2f:82", ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).ToNot(BeZero())
+ })
+
+ It("create container in pod with network should fail", func() {
+ SkipIfRootless()
+ name := "createwithnetwork"
+ pod := podmanTest.RunTopContainerInPod("", "new:"+name)
+ pod.WaitWithDefaultTimeout()
+ Expect(pod.ExitCode()).To(BeZero())
+
+ session := podmanTest.Podman([]string{"create", "--pod", name, "--network", "foobar", ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ //Expect(session.ExitCode()).ToNot(BeZero())
+ Expect(session.ExitCode()).To(BeZero())
+ })
+
+ It("create container in pod with ports should fail", func() {
+ SkipIfRootless()
+ name := "createwithports"
+ pod := podmanTest.RunTopContainerInPod("", "new:"+name)
+ pod.WaitWithDefaultTimeout()
+ Expect(pod.ExitCode()).To(BeZero())
+
+ session := podmanTest.Podman([]string{"create", "--pod", name, "-p", "80:80", ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).ToNot(BeZero())
+ })
+
+ It("create container in pod ppublish ports should fail", func() {
+ SkipIfRootless()
+ name := "createwithpublishports"
+ pod := podmanTest.RunTopContainerInPod("", "new:"+name)
+ pod.WaitWithDefaultTimeout()
+ Expect(pod.ExitCode()).To(BeZero())
+
+ session := podmanTest.Podman([]string{"create", "--pod", name, "-P", ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).ToNot(BeZero())
+ })
+
})