summaryrefslogtreecommitdiff
path: root/libpod/container_internal.go
diff options
context:
space:
mode:
authorPaul Holzinger <pholzing@redhat.com>2022-04-19 13:58:35 +0200
committerPaul Holzinger <pholzing@redhat.com>2022-04-22 12:59:49 +0200
commit696bcd2773cf6c255855db9cf2ef724547626438 (patch)
tree5e2256d4a006c152b12a14f1067b8949f250d656 /libpod/container_internal.go
parent1fcefc94f9e3e6d9dedeccc83fa3964461519b7f (diff)
downloadpodman-696bcd2773cf6c255855db9cf2ef724547626438.tar.gz
podman-696bcd2773cf6c255855db9cf2ef724547626438.tar.bz2
podman-696bcd2773cf6c255855db9cf2ef724547626438.zip
use etchosts package from c/common
Use the new logic from c/common to create the hosts file. This will help to better allign the hosts files between buildah and podman. Also this fixes several bugs: - remove host entries when container is stopped and has a netNsCtr - add entries for containers in a pod - do not duplicate entries in the hosts file - use the correct slirp ip when an userns is used Features: - configure host.containers.internal entry in containers.conf - configure base hosts file in containers.conf Fixes #12003 Fixes #13224 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Diffstat (limited to 'libpod/container_internal.go')
-rw-r--r--libpod/container_internal.go80
1 files changed, 29 insertions, 51 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index b051b7f2d..6c0d51df3 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -1,7 +1,6 @@
package libpod
import (
- "bufio"
"bytes"
"context"
"fmt"
@@ -17,8 +16,10 @@ import (
"github.com/containers/buildah/copier"
"github.com/containers/buildah/pkg/overlay"
butil "github.com/containers/buildah/util"
+ "github.com/containers/common/libnetwork/etchosts"
"github.com/containers/common/pkg/cgroups"
"github.com/containers/common/pkg/chown"
+ "github.com/containers/common/pkg/config"
"github.com/containers/podman/v4/libpod/define"
"github.com/containers/podman/v4/libpod/events"
"github.com/containers/podman/v4/pkg/ctime"
@@ -31,6 +32,7 @@ import (
"github.com/containers/storage"
"github.com/containers/storage/pkg/archive"
"github.com/containers/storage/pkg/idtools"
+ "github.com/containers/storage/pkg/lockfile"
"github.com/containers/storage/pkg/mount"
"github.com/coreos/go-systemd/v22/daemon"
securejoin "github.com/cyphar/filepath-securejoin"
@@ -1006,17 +1008,14 @@ func (c *Container) completeNetworkSetup() error {
}
}
// check if we have a bindmount for /etc/hosts
- if hostsBindMount, ok := state.BindMounts["/etc/hosts"]; ok && len(c.cniHosts()) > 0 {
- ctrHostPath := filepath.Join(c.state.RunDir, "hosts")
- if hostsBindMount == ctrHostPath {
- // read the existing hosts
- b, err := ioutil.ReadFile(hostsBindMount)
- if err != nil {
- return err
- }
- if err := ioutil.WriteFile(hostsBindMount, append(b, []byte(c.cniHosts())...), 0644); err != nil {
- return err
- }
+ if hostsBindMount, ok := state.BindMounts[config.DefaultHostsFile]; ok {
+ entries, err := c.getHostsEntries()
+ if err != nil {
+ return err
+ }
+ // add new container ips to the hosts file
+ if err := etchosts.Add(hostsBindMount, entries); err != nil {
+ return err
}
}
@@ -1041,18 +1040,6 @@ func (c *Container) completeNetworkSetup() error {
return ioutil.WriteFile(resolvBindMount, []byte(strings.Join(outResolvConf, "\n")), 0644)
}
-func (c *Container) cniHosts() string {
- var hosts string
- for _, status := range c.getNetworkStatus() {
- for _, netInt := range status.Interfaces {
- for _, netAddress := range netInt.Subnets {
- hosts += fmt.Sprintf("%s\t%s %s\n", netAddress.IPNet.IP.String(), c.Hostname(), c.config.Name)
- }
- }
- }
- return hosts
-}
-
// Initialize a container, creating it in the runtime
func (c *Container) init(ctx context.Context, retainRetries bool) error {
// Unconditionally remove conmon temporary files.
@@ -1894,6 +1881,24 @@ func (c *Container) cleanup(ctx context.Context) error {
lastError = errors.Wrapf(err, "error removing container %s network", c.ID())
}
+ // cleanup host entry if it is shared
+ if c.config.NetNsCtr != "" {
+ if hoststFile, ok := c.state.BindMounts[config.DefaultHostsFile]; ok {
+ if _, err := os.Stat(hoststFile); err == nil {
+ // we cannot use the dependency container lock due ABBA deadlocks
+ if lock, err := lockfile.GetLockfile(hoststFile); err == nil {
+ lock.Lock()
+ // make sure to ignore ENOENT error in case the netns container was cleanup before this one
+ if err := etchosts.Remove(hoststFile, getLocalhostHostEntry(c)); err != nil && !errors.Is(err, os.ErrNotExist) {
+ // this error is not fatal we still want to do proper cleanup
+ logrus.Errorf("failed to remove hosts entry from the netns containers /etc/hosts: %v", err)
+ }
+ lock.Unlock()
+ }
+ }
+ }
+ }
+
// Remove the container from the runtime, if necessary.
// Do this *before* unmounting storage - some runtimes (e.g. Kata)
// apparently object to having storage removed while the container still
@@ -2030,33 +2035,6 @@ func (c *Container) writeStringToStaticDir(filename, contents string) (string, e
return destFileName, nil
}
-// appendStringToRunDir appends the provided string to the runtimedir file
-func (c *Container) appendStringToRunDir(destFile, output string) (string, error) {
- destFileName := filepath.Join(c.state.RunDir, destFile)
-
- f, err := os.OpenFile(destFileName, os.O_APPEND|os.O_RDWR, 0600)
- if err != nil {
- return "", err
- }
- defer f.Close()
-
- compareStr := strings.TrimRight(output, "\n")
- scanner := bufio.NewScanner(f)
- scanner.Split(bufio.ScanLines)
-
- for scanner.Scan() {
- if strings.Compare(scanner.Text(), compareStr) == 0 {
- return filepath.Join(c.state.RunDir, destFile), nil
- }
- }
-
- if _, err := f.WriteString(output); err != nil {
- return "", errors.Wrapf(err, "unable to write %s", destFileName)
- }
-
- return filepath.Join(c.state.RunDir, destFile), nil
-}
-
// saveSpec saves the OCI spec to disk, replacing any existing specs for the container
func (c *Container) saveSpec(spec *spec.Spec) error {
// If the OCI spec already exists, we need to replace it