diff options
| author | Matthew Heon <matthew.heon@gmail.com> | 2018-09-14 16:56:14 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-09-14 16:56:14 -0400 |
| commit | 77985bc25bde30bb8e4ed6abab02242bbb5c0612 (patch) | |
| tree | b9ea6bd1f024a3d4074acf1286f1b48003f9eac5 /libpod/oci.go | |
| parent | a7b6a0fd16e4b5f4a30a16e0ec1d5574925717ae (diff) | |
| parent | 95a374100b8127846d9f4f4a4cf8d9a5b2229912 (diff) | |
| download | podman-77985bc25bde30bb8e4ed6abab02242bbb5c0612.tar.gz podman-77985bc25bde30bb8e4ed6abab02242bbb5c0612.tar.bz2 podman-77985bc25bde30bb8e4ed6abab02242bbb5c0612.zip | |
Merge pull request #1464 from mheon/optionally_disable_port_reservation
Add a way to disable port reservation
Diffstat (limited to 'libpod/oci.go')
| -rw-r--r-- | libpod/oci.go | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/libpod/oci.go b/libpod/oci.go index e1c0d1261..3838394cb 100644 --- a/libpod/oci.go +++ b/libpod/oci.go @@ -66,6 +66,7 @@ type OCIRuntime struct { socketsDir string logSizeMax int64 noPivot bool + reservePorts bool } // syncInfo is used to return data from monitor process to daemon @@ -75,7 +76,7 @@ type syncInfo struct { } // Make a new OCI runtime with provided options -func newOCIRuntime(name string, path string, conmonPath string, conmonEnv []string, cgroupManager string, tmpDir string, logSizeMax int64, noPivotRoot bool) (*OCIRuntime, error) { +func newOCIRuntime(name string, path string, conmonPath string, conmonEnv []string, cgroupManager string, tmpDir string, logSizeMax int64, noPivotRoot bool, reservePorts bool) (*OCIRuntime, error) { runtime := new(OCIRuntime) runtime.name = name runtime.path = path @@ -85,6 +86,7 @@ func newOCIRuntime(name string, path string, conmonPath string, conmonEnv []stri runtime.tmpDir = tmpDir runtime.logSizeMax = logSizeMax runtime.noPivot = noPivotRoot + runtime.reservePorts = reservePorts runtime.exitsDir = filepath.Join(runtime.tmpDir, "exits") runtime.socketsDir = filepath.Join(runtime.tmpDir, "socket") @@ -311,15 +313,17 @@ func (r *OCIRuntime) createOCIContainer(ctr *Container, cgroupParent string) (er cmd.Env = append(cmd.Env, fmt.Sprintf("_OCI_STARTPIPE=%d", 4)) cmd.Env = append(cmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir)) - ports, err := bindPorts(ctr.config.PortMappings) - if err != nil { - return err - } + if r.reservePorts { + ports, err := bindPorts(ctr.config.PortMappings) + if err != nil { + return err + } - // Leak the port we bound in the conmon process. These fd's won't be used - // by the container and conmon will keep the ports busy so that another - // process cannot use them. - cmd.ExtraFiles = append(cmd.ExtraFiles, ports...) + // Leak the port we bound in the conmon process. These fd's won't be used + // by the container and conmon will keep the ports busy so that another + // process cannot use them. + cmd.ExtraFiles = append(cmd.ExtraFiles, ports...) + } if rootless.IsRootless() { ctr.rootlessSlirpSyncR, ctr.rootlessSlirpSyncW, err = os.Pipe() |