diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2021-11-12 19:37:46 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-11-12 19:37:46 +0100 |
| commit | 4808a63e5f1ad72d754c61c005c2c7c29ce48014 (patch) | |
| tree | 3cfdd9e9f89024798a1bcd26dd56d4c7140d923d /libpod/networking_slirp4netns.go | |
| parent | fd010adfdcb6f578623b77281f2ae012bcd1ac85 (diff) | |
| parent | 7c98d542b4c5ab0495f66a9179ae886e86cad273 (diff) | |
| download | podman-4808a63e5f1ad72d754c61c005c2c7c29ce48014.tar.gz podman-4808a63e5f1ad72d754c61c005c2c7c29ce48014.tar.bz2 podman-4808a63e5f1ad72d754c61c005c2c7c29ce48014.zip | |
Merge pull request #12274 from mheon/bump_342
Bump to v3.4.2
Diffstat (limited to 'libpod/networking_slirp4netns.go')
| -rw-r--r-- | libpod/networking_slirp4netns.go | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/libpod/networking_slirp4netns.go b/libpod/networking_slirp4netns.go index c06d215e1..e24b54032 100644 --- a/libpod/networking_slirp4netns.go +++ b/libpod/networking_slirp4netns.go @@ -16,6 +16,7 @@ import ( "syscall" "time" + "github.com/containernetworking/plugins/pkg/ns" "github.com/containers/podman/v3/pkg/errorhandling" "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/podman/v3/pkg/rootlessport" @@ -58,6 +59,8 @@ type slirp4netnsNetworkOptions struct { outboundAddr6 string } +const ipv6ConfDefaultAcceptDadSysctl = "/proc/sys/net/ipv6/conf/default/accept_dad" + func checkSlirpFlags(path string) (*slirpFeatures, error) { cmd := exec.Command(path, "--help") out, err := cmd.CombinedOutput() @@ -297,6 +300,39 @@ func (r *Runtime) setupSlirp4netns(ctr *Container) error { } cmd.Stdout = logFile cmd.Stderr = logFile + + var slirpReadyChan (chan struct{}) + + if netOptions.enableIPv6 { + slirpReadyChan = make(chan struct{}) + defer close(slirpReadyChan) + go func() { + err := ns.WithNetNSPath(netnsPath, func(_ ns.NetNS) error { + // Duplicate Address Detection slows the ipv6 setup down for 1-2 seconds. + // Since slirp4netns is run it is own namespace and not directly routed + // we can skip this to make the ipv6 address immediately available. + // We change the default to make sure the slirp tap interface gets the + // correct value assigned so DAD is disabled for it + // Also make sure to change this value back to the original after slirp4netns + // is ready in case users rely on this sysctl. + orgValue, err := ioutil.ReadFile(ipv6ConfDefaultAcceptDadSysctl) + if err != nil { + return err + } + err = ioutil.WriteFile(ipv6ConfDefaultAcceptDadSysctl, []byte("0"), 0644) + if err != nil { + return err + } + // wait for slirp to finish setup + <-slirpReadyChan + return ioutil.WriteFile(ipv6ConfDefaultAcceptDadSysctl, orgValue, 0644) + }) + if err != nil { + logrus.Warnf("failed to set net.ipv6.conf.default.accept_dad sysctl: %v", err) + } + }() + } + if err := cmd.Start(); err != nil { return errors.Wrapf(err, "failed to start slirp4netns process") } @@ -310,6 +346,9 @@ func (r *Runtime) setupSlirp4netns(ctr *Container) error { if err := waitForSync(syncR, cmd, logFile, 1*time.Second); err != nil { return err } + if slirpReadyChan != nil { + slirpReadyChan <- struct{}{} + } // Set a default slirp subnet. Parsing a string with the net helper is easier than building the struct myself _, ctr.slirp4netnsSubnet, _ = net.ParseCIDR(defaultSlirp4netnsSubnet) |