summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAshley Cui <acui@redhat.com>2020-12-04 13:37:22 -0500
committerAshley Cui <acui@redhat.com>2020-12-04 13:37:22 -0500
commitd6d3af9e8ebda9229a5d92d71c66e416c3f99a91 (patch)
tree9c0fd8938404da7dd536481e5faedc21f378754f
parent90d41104d9ea9ae36f6680d1b7e62ca592a8a29c (diff)
downloadpodman-d6d3af9e8ebda9229a5d92d71c66e416c3f99a91.tar.gz
podman-d6d3af9e8ebda9229a5d92d71c66e416c3f99a91.tar.bz2
podman-d6d3af9e8ebda9229a5d92d71c66e416c3f99a91.zip
Add ability to set system wide options for slirp4netns
Wire in containers.conf options for slirp Signed-off-by: Ashley Cui <acui@redhat.com>
-rw-r--r--libpod/networking_linux.go119
-rw-r--r--test/e2e/config/containers.conf4
-rw-r--r--test/e2e/containers_conf_test.go7
3 files changed, 71 insertions, 59 deletions
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index 15e470c80..463378af7 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -245,7 +245,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error {
// setupSlirp4netns can be called in rootful as well as in rootless
func (r *Runtime) setupSlirp4netns(ctr *Container) error {
path := r.config.Engine.NetworkCmdPath
-
+ slirpOptions := r.config.Engine.NetworkCmdOptions
if path == "" {
var err error
path, err = exec.LookPath("slirp4netns")
@@ -273,68 +273,69 @@ func (r *Runtime) setupSlirp4netns(ctr *Container) error {
outboundAddr6 := ""
if ctr.config.NetworkOptions != nil {
- slirpOptions := ctr.config.NetworkOptions["slirp4netns"]
- for _, o := range slirpOptions {
- parts := strings.SplitN(o, "=", 2)
- if len(parts) < 2 {
- return errors.Errorf("unknown option for slirp4netns: %q", o)
+ slirpOptions = append(slirpOptions, ctr.config.NetworkOptions["slirp4netns"]...)
+ }
+
+ for _, o := range slirpOptions {
+ parts := strings.SplitN(o, "=", 2)
+ if len(parts) < 2 {
+ return errors.Errorf("unknown option for slirp4netns: %q", o)
+ }
+ option, value := parts[0], parts[1]
+ switch option {
+ case "cidr":
+ ipv4, _, err := net.ParseCIDR(value)
+ if err != nil || ipv4.To4() == nil {
+ return errors.Errorf("invalid cidr %q", value)
}
- option, value := parts[0], parts[1]
- switch option {
- case "cidr":
- ipv4, _, err := net.ParseCIDR(value)
- if err != nil || ipv4.To4() == nil {
- return errors.Errorf("invalid cidr %q", value)
- }
- cidr = value
- case "port_handler":
- switch value {
- case "slirp4netns":
- isSlirpHostForward = true
- case "rootlesskit":
- isSlirpHostForward = false
- default:
- return errors.Errorf("unknown port_handler for slirp4netns: %q", value)
- }
- case "allow_host_loopback":
- switch value {
- case "true":
- disableHostLoopback = false
- case "false":
- disableHostLoopback = true
- default:
- return errors.Errorf("invalid value of allow_host_loopback for slirp4netns: %q", value)
- }
- case "enable_ipv6":
- switch value {
- case "true":
- enableIPv6 = true
- case "false":
- enableIPv6 = false
- default:
- return errors.Errorf("invalid value of enable_ipv6 for slirp4netns: %q", value)
- }
- case "outbound_addr":
- ipv4 := net.ParseIP(value)
- if ipv4 == nil || ipv4.To4() == nil {
- _, err := net.InterfaceByName(value)
- if err != nil {
- return errors.Errorf("invalid outbound_addr %q", value)
- }
+ cidr = value
+ case "port_handler":
+ switch value {
+ case "slirp4netns":
+ isSlirpHostForward = true
+ case "rootlesskit":
+ isSlirpHostForward = false
+ default:
+ return errors.Errorf("unknown port_handler for slirp4netns: %q", value)
+ }
+ case "allow_host_loopback":
+ switch value {
+ case "true":
+ disableHostLoopback = false
+ case "false":
+ disableHostLoopback = true
+ default:
+ return errors.Errorf("invalid value of allow_host_loopback for slirp4netns: %q", value)
+ }
+ case "enable_ipv6":
+ switch value {
+ case "true":
+ enableIPv6 = true
+ case "false":
+ enableIPv6 = false
+ default:
+ return errors.Errorf("invalid value of enable_ipv6 for slirp4netns: %q", value)
+ }
+ case "outbound_addr":
+ ipv4 := net.ParseIP(value)
+ if ipv4 == nil || ipv4.To4() == nil {
+ _, err := net.InterfaceByName(value)
+ if err != nil {
+ return errors.Errorf("invalid outbound_addr %q", value)
}
- outboundAddr = value
- case "outbound_addr6":
- ipv6 := net.ParseIP(value)
- if ipv6 == nil || ipv6.To4() != nil {
- _, err := net.InterfaceByName(value)
- if err != nil {
- return errors.Errorf("invalid outbound_addr6: %q", value)
- }
+ }
+ outboundAddr = value
+ case "outbound_addr6":
+ ipv6 := net.ParseIP(value)
+ if ipv6 == nil || ipv6.To4() != nil {
+ _, err := net.InterfaceByName(value)
+ if err != nil {
+ return errors.Errorf("invalid outbound_addr6: %q", value)
}
- outboundAddr6 = value
- default:
- return errors.Errorf("unknown option for slirp4netns: %q", o)
}
+ outboundAddr6 = value
+ default:
+ return errors.Errorf("unknown option for slirp4netns: %q", o)
}
}
diff --git a/test/e2e/config/containers.conf b/test/e2e/config/containers.conf
index 5f852468d..35153ba05 100644
--- a/test/e2e/config/containers.conf
+++ b/test/e2e/config/containers.conf
@@ -52,3 +52,7 @@ dns_options=[ "debug", ]
tz = "Pacific/Honolulu"
umask = "0002"
+
+[engine]
+
+network_cmd_options=["allow_host_loopback=true"]
diff --git a/test/e2e/containers_conf_test.go b/test/e2e/containers_conf_test.go
index 866162f7f..28672cfc6 100644
--- a/test/e2e/containers_conf_test.go
+++ b/test/e2e/containers_conf_test.go
@@ -258,6 +258,12 @@ var _ = Describe("Podman run", func() {
Expect(session.OutputToString()).To(Equal("0002"))
})
+ It("podman set network cmd options slirp options to allow host loopback", func() {
+ session := podmanTest.Podman([]string{"run", "--network", "slirp4netns", ALPINE, "ping", "-c1", "10.0.2.2"})
+ session.Wait(30)
+ Expect(session.ExitCode()).To(Equal(0))
+ })
+
It("podman-remote test localcontainers.conf versus remote containers.conf", func() {
if !IsRemote() {
Skip("this test is only for remote")
@@ -311,4 +317,5 @@ var _ = Describe("Podman run", func() {
Expect(session.ExitCode()).To(Equal(0))
Expect(session.OutputToString()).To(Equal("0022"))
})
+
})