aboutsummaryrefslogtreecommitdiff
path: root/libpod/networking_linux.go
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2018-07-25 15:15:13 +0200
committerAtomic Bot <atomic-devel@projectatomic.io>2018-07-31 13:39:29 +0000
commitcfcd92847684fc65949350b7cdc4769ad1099d46 (patch)
treeafb9f946fb54fc990d83b9814b77e522b9bd4221 /libpod/networking_linux.go
parent5b9c60cc10f7dec6d0b030ad16646728f30a67e9 (diff)
downloadpodman-cfcd92847684fc65949350b7cdc4769ad1099d46.tar.gz
podman-cfcd92847684fc65949350b7cdc4769ad1099d46.tar.bz2
podman-cfcd92847684fc65949350b7cdc4769ad1099d46.zip
network: add support for rootless network with slirp4netns
slirp4netns is required to setup the network namespace: https://github.com/rootless-containers/slirp4netns Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1156 Approved by: rhatdan
Diffstat (limited to 'libpod/networking_linux.go')
-rw-r--r--libpod/networking_linux.go38
1 files changed, 38 insertions, 0 deletions
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index dbc68e04b..2186b4ac9 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -6,9 +6,11 @@ import (
"crypto/rand"
"fmt"
"os"
+ "os/exec"
"path/filepath"
"strconv"
"strings"
+ "syscall"
cnitypes "github.com/containernetworking/cni/pkg/types/current"
"github.com/containernetworking/plugins/pkg/ns"
@@ -93,6 +95,42 @@ func (r *Runtime) createNetNS(ctr *Container) (err error) {
return r.configureNetNS(ctr, ctrNS)
}
+// Configure the network namespace for a rootless container
+func (r *Runtime) setupRootlessNetNS(ctr *Container) (err error) {
+ defer ctr.rootlessSlirpSyncR.Close()
+ defer ctr.rootlessSlirpSyncW.Close()
+
+ path, err := exec.LookPath("slirp4netns")
+ if err != nil {
+ logrus.Errorf("could not find slirp4netns, the network namespace won't be configured: %v", err)
+ return nil
+ }
+
+ syncR, syncW, err := os.Pipe()
+ if err != nil {
+ return errors.Wrapf(err, "failed to open pipe")
+ }
+ defer syncR.Close()
+ defer syncW.Close()
+
+ cmd := exec.Command(path, "-c", "-e", "3", "-r", "4", fmt.Sprintf("%d", ctr.state.PID), "tap0")
+
+ cmd.SysProcAttr = &syscall.SysProcAttr{
+ Setpgid: true,
+ }
+ cmd.ExtraFiles = append(cmd.ExtraFiles, ctr.rootlessSlirpSyncR, syncW)
+
+ if err := cmd.Start(); err != nil {
+ return errors.Wrapf(err, "failed to start process")
+ }
+
+ b := make([]byte, 16)
+ if _, err := syncR.Read(b); err != nil {
+ return errors.Wrapf(err, "failed to read from sync pipe")
+ }
+ return nil
+}
+
// Configure the network namespace using the container process
func (r *Runtime) setupNetNS(ctr *Container) (err error) {
nsProcess := fmt.Sprintf("/proc/%d/ns/net", ctr.state.PID)