Create new network namespaces when initializing containers

Also fix a few lingering lint issues

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

Closes: #109
Approved by: mheon

1 files changed, 18 insertions, 0 deletions

diff --git a/libpod/container.go b/libpod/container.go
index ada037531..15ad1f49a 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -551,6 +551,20 @@ func (c *Container) Init() (err error) {
 		return err
 	}
 
+	// Make a network namespace for the container
+	if c.config.CreateNetNS && c.state.NetNS == nil {
+		if err := c.runtime.createNetNS(c); err != nil {
+			return err
+		}
+	}
+	defer func() {
+		if err != nil {
+			if err2 := c.runtime.teardownNetNS(c); err2 != nil {
+				logrus.Errorf("Error tearing down network namespace for container %s: %v", c.ID(), err2)
+			}
+		}
+	}()
+
 	// If the OCI spec already exists, we need to replace it
 	// Cannot guarantee some things, e.g. network namespaces, have the same
 	// paths
@@ -580,6 +594,10 @@ func (c *Container) Init() (err error) {
 
 	// Save OCI spec to disk
 	g := generate.NewFromSpec(c.config.Spec)
+	// If network namespace was requested, add it now
+	if c.config.CreateNetNS {
+		g.AddOrReplaceLinuxNamespace(spec.NetworkNamespace, c.state.NetNS.Path())
+	}
 	// Mount ShmDir from host into container
 	g.AddBindMount(c.config.ShmDir, "/dev/shm", []string{"rw"})
 	// Bind mount resolv.conf