Add support for multiple CNI networks in podman inspect

When inspecting containers, info on CNI networks added to the container by name (e.g. --net=name1) should be displayed separately from the configuration of the default network, in a separate map called Networks. This patch adds this separation, improving our Docker compatibility and also adding the ability to see if a container has more than one IPv4 and IPv6 address and more than one MAC address. Fixes #4907 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
author: Matthew Heon <matthew.heon@pm.me> 2020-02-20 13:34:51 -0500
committer: Matthew Heon <matthew.heon@pm.me> 2020-02-25 13:20:25 -0500
commit: f9fc9a7b7b0e5633cf279273b614a5d3e4c68906 (patch)
tree: 3e089830787caf5276424aec748326b7fe569c3e /libpod/container_inspect.go
parent: 3d37dc639d87e4469a6457cf4592ff5b773d0777 (diff)
download: podman-f9fc9a7b7b0e5633cf279273b614a5d3e4c68906.tar.gz
podman-f9fc9a7b7b0e5633cf279273b614a5d3e4c68906.tar.bz2
podman-f9fc9a7b7b0e5633cf279273b614a5d3e4c68906.zip
1 files changed, 63 insertions, 37 deletions
diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go
index 641bc8a91..a543a19c0 100644
--- a/libpod/container_inspect.go
+++ b/libpod/container_inspect.go
@@ -606,11 +606,45 @@ type InspectContainerState struct {
 	Healthcheck HealthCheckResults `json:"Healthcheck,omitempty"`
 }
 
+// InspectBasicNetworkConfig holds basic configuration information (e.g. IP
+// addresses, MAC address, subnet masks, etc) that are common for all networks
+// (both additional and main).
+type InspectBasicNetworkConfig struct {
+	// EndpointID is unused, maintained exclusively for compatibility.
+	EndpointID string `json:"EndpointID"`
+	// Gateway is the IP address of the gateway this network will use.
+	Gateway string `json:"Gateway"`
+	// IPAddress is the IP address for this network.
+	IPAddress string `json:"IPAddress"`
+	// IPPrefixLen is the length of the subnet mask of this network.
+	IPPrefixLen int `json:"IPPrefixLen"`
+	// SecondaryIPAddresses is a list of extra IP Addresses that the
+	// container has been assigned in this network.
+	SecondaryIPAddresses []string `json:"SecondaryIPAddresses,omitempty"`
+	// IPv6Gateway is the IPv6 gateway this network will use.
+	IPv6Gateway string `json:"IPv6Gateway"`
+	// GlobalIPv6Address is the global-scope IPv6 Address for this network.
+	GlobalIPv6Address string `json:"GlobalIPv6Address"`
+	// GlobalIPv6PrefixLen is the length of the subnet mask of this network.
+	GlobalIPv6PrefixLen int `json:"GlobalIPv6PrefixLen"`
+	// SecondaryIPv6Addresses is a list of extra IPv6 Addresses that the
+	// container has been assigned in this networ.
+	SecondaryIPv6Addresses []string `json:"SecondaryIPv6Addresses,omitempty"`
+	// MacAddress is the MAC address for the interface in this network.
+	MacAddress string `json:"MacAddress"`
+	// AdditionalMacAddresses is a set of additional MAC Addresses beyond
+	// the first. CNI may configure more than one interface for a single
+	// network, which can cause this.
+	AdditionalMacAddresses []string `json:"AdditionalMACAddresses,omitempty"`
+}
+
 // InspectNetworkSettings holds information about the network settings of the
 // container.
 // Many fields are maintained only for compatibility with `docker inspect` and
 // are unused within Libpod.
 type InspectNetworkSettings struct {
+	InspectBasicNetworkConfig
+
 	Bridge                 string               `json:"Bridge"`
 	SandboxID              string               `json:"SandboxID"`
 	HairpinMode            bool                 `json:"HairpinMode"`
@@ -618,16 +652,30 @@ type InspectNetworkSettings struct {
 	LinkLocalIPv6PrefixLen int                  `json:"LinkLocalIPv6PrefixLen"`
 	Ports                  []ocicni.PortMapping `json:"Ports"`
 	SandboxKey             string               `json:"SandboxKey"`
-	SecondaryIPAddresses   []string             `json:"SecondaryIPAddresses"`
-	SecondaryIPv6Addresses []string             `json:"SecondaryIPv6Addresses"`
-	EndpointID             string               `json:"EndpointID"`
-	Gateway                string               `json:"Gateway"`
-	GlobalIPv6Address      string               `json:"GlobalIPv6Address"`
-	GlobalIPv6PrefixLen    int                  `json:"GlobalIPv6PrefixLen"`
-	IPAddress              string               `json:"IPAddress"`
-	IPPrefixLen            int                  `json:"IPPrefixLen"`
-	IPv6Gateway            string               `json:"IPv6Gateway"`
-	MacAddress             string               `json:"MacAddress"`
+	// Networks contains information on non-default CNI networks this
+	// container has joined.
+	// It is a map of network name to network information.
+	Networks map[string]*InspectAdditionalNetwork `json:"Networks,omitempty"`
+}
+
+// InspectAdditionalNetwork holds information about non-default CNI networks the
+// container has been connected to.
+// As with InspectNetworkSettings, many fields are unused and maintained only
+// for compatibility with Docker.
+type InspectAdditionalNetwork struct {
+	InspectBasicNetworkConfig
+
+	// Name of the network we're connecting to.
+	NetworkID string `json:"NetworkID,omitempty"`
+	// DriverOpts is presently unused and maintained exclusively for
+	// compatibility.
+	DriverOpts map[string]string `json:"DriverOpts"`
+	// IPAMConfig is presently unused and maintained exlusively for
+	// compabitility.
+	IPAMConfig map[string]string `json:"IPAMConfig"`
+	// Links is presently unused and maintained exclusively for
+	// compatibility.
+	Links []string `json:"Links"`
 }
 
 // inspectLocked inspects a container for low-level information.
@@ -754,27 +802,7 @@ func (c *Container) getContainerInspectData(size bool, driverData *driver.Data)
 		GraphDriver:     driverData,
 		Mounts:          inspectMounts,
 		Dependencies:    c.Dependencies(),
-		NetworkSettings: &InspectNetworkSettings{
-			Bridge:                 "",    // TODO
-			SandboxID:              "",    // TODO - is this even relevant?
-			HairpinMode:            false, // TODO
-			LinkLocalIPv6Address:   "",    // TODO - do we even support IPv6?
-			LinkLocalIPv6PrefixLen: 0,     // TODO - do we even support IPv6?
-
-			Ports:                  []ocicni.PortMapping{}, // TODO - maybe worth it to put this in Docker format?
-			SandboxKey:             "",                     // Network namespace path
-			SecondaryIPAddresses:   nil,                    // TODO - do we support this?
-			SecondaryIPv6Addresses: nil,                    // TODO - do we support this?
-			EndpointID:             "",                     // TODO - is this even relevant?
-			Gateway:                "",                     // TODO
-			GlobalIPv6Address:      "",
-			GlobalIPv6PrefixLen:    0,
-			IPAddress:              "",
-			IPPrefixLen:            0,
-			IPv6Gateway:            "",
-			MacAddress:             "", // TODO
-		},
-		IsInfra: c.IsInfra(),
+		IsInfra:         c.IsInfra(),
 	}
 
 	if c.state.ConfigPath != "" {
@@ -792,13 +820,11 @@ func (c *Container) getContainerInspectData(size bool, driverData *driver.Data)
 		}
 	}
 
-	// Copy port mappings into network settings
-	if config.PortMappings != nil {
-		data.NetworkSettings.Ports = config.PortMappings
+	networkConfig, err := c.getContainerNetworkInfo()
+	if err != nil {
+		return nil, err
 	}
-
-	// Get information on the container's network namespace (if present)
-	data = c.getContainerNetworkInfo(data)
+	data.NetworkSettings = networkConfig
 
 	inspectConfig, err := c.generateInspectContainerConfig(ctrSpec)
 	if err != nil {
author	Matthew Heon <matthew.heon@pm.me>	2020-02-20 13:34:51 -0500
committer	Matthew Heon <matthew.heon@pm.me>	2020-02-25 13:20:25 -0500
commit	f9fc9a7b7b0e5633cf279273b614a5d3e4c68906 (patch)
tree	3e089830787caf5276424aec748326b7fe569c3e /libpod/container_inspect.go
parent	3d37dc639d87e4469a6457cf4592ff5b773d0777 (diff)
download	podman-f9fc9a7b7b0e5633cf279273b614a5d3e4c68906.tar.gz podman-f9fc9a7b7b0e5633cf279273b614a5d3e4c68906.tar.bz2 podman-f9fc9a7b7b0e5633cf279273b614a5d3e4c68906.zip