diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2020-12-08 06:15:40 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-12-08 06:15:40 -0500 |
commit | 9b3a81a002e570b8a49e60c3dd3feb65d742f286 (patch) | |
tree | 78f983912e8efe3aa055b3d5db6abec0939f4fa3 /libpod/container_api.go | |
parent | e2f91207fc3e515c0a9f828433aaf80727f4b7c5 (diff) | |
parent | b0286d6b43ebec367c0d9ed87bc6566d76ece8f8 (diff) | |
download | podman-9b3a81a002e570b8a49e60c3dd3feb65d742f286.tar.gz podman-9b3a81a002e570b8a49e60c3dd3feb65d742f286.tar.bz2 podman-9b3a81a002e570b8a49e60c3dd3feb65d742f286.zip |
Merge pull request #8571 from Luap99/podman-network-reload
Implement pod-network-reload
Diffstat (limited to 'libpod/container_api.go')
-rw-r--r-- | libpod/container_api.go | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/libpod/container_api.go b/libpod/container_api.go index 6a7ddc421..1b33f16b4 100644 --- a/libpod/container_api.go +++ b/libpod/container_api.go @@ -639,6 +639,32 @@ func (c *Container) Sync() error { return nil } +// ReloadNetwork reconfigures the container's network. +// Technically speaking, it will tear down and then reconfigure the container's +// network namespace, which will result in all firewall rules being recreated. +// It is mostly intended to be used in cases where the system firewall has been +// reloaded, and existing rules have been wiped out. It is expected that some +// downtime will result, as the rules are destroyed as part of this process. +// At present, this only works on root containers; it may be expanded to restart +// slirp4netns in the future to work with rootless containers as well. +// Requires that the container must be running or created. +func (c *Container) ReloadNetwork() error { + if !c.batched { + c.lock.Lock() + defer c.lock.Unlock() + + if err := c.syncContainer(); err != nil { + return err + } + } + + if !c.ensureState(define.ContainerStateCreated, define.ContainerStateRunning) { + return errors.Wrapf(define.ErrCtrStateInvalid, "cannot reload network unless container network has been configured") + } + + return c.reloadNetwork() +} + // Refresh is DEPRECATED and REMOVED. func (c *Container) Refresh(ctx context.Context) error { // This has been deprecated for a long while, and is in the process of |