diff options
| author | Giuseppe Scrivano <gscrivan@redhat.com> | 2018-07-25 15:15:13 +0200 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-07-31 13:39:29 +0000 |
| commit | cfcd92847684fc65949350b7cdc4769ad1099d46 (patch) | |
| tree | afb9f946fb54fc990d83b9814b77e522b9bd4221 /libpod/oci.go | |
| parent | 5b9c60cc10f7dec6d0b030ad16646728f30a67e9 (diff) | |
| download | podman-cfcd92847684fc65949350b7cdc4769ad1099d46.tar.gz podman-cfcd92847684fc65949350b7cdc4769ad1099d46.tar.bz2 podman-cfcd92847684fc65949350b7cdc4769ad1099d46.zip | |
network: add support for rootless network with slirp4netns
slirp4netns is required to setup the network namespace:
https://github.com/rootless-containers/slirp4netns
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1156
Approved by: rhatdan
Diffstat (limited to 'libpod/oci.go')
| -rw-r--r-- | libpod/oci.go | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/libpod/oci.go b/libpod/oci.go index 0483c0d53..5ae3406ac 100644 --- a/libpod/oci.go +++ b/libpod/oci.go @@ -22,6 +22,7 @@ import ( "github.com/opencontainers/selinux/go-selinux/label" "github.com/pkg/errors" "github.com/projectatomic/libpod/pkg/ctime" + "github.com/projectatomic/libpod/pkg/rootless" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" kwait "k8s.io/apimachinery/pkg/util/wait" @@ -317,6 +318,15 @@ func (r *OCIRuntime) createOCIContainer(ctr *Container, cgroupParent string) (er // process cannot use them. cmd.ExtraFiles = append(cmd.ExtraFiles, ports...) + if rootless.IsRootless() { + ctr.rootlessSlirpSyncR, ctr.rootlessSlirpSyncW, err = os.Pipe() + if err != nil { + return errors.Wrapf(err, "failed to create rootless network sync pipe") + } + // Leak one end in conmon, the other one will be leaked into slirp4netns + cmd.ExtraFiles = append(cmd.ExtraFiles, ctr.rootlessSlirpSyncW) + } + if notify, ok := os.LookupEnv("NOTIFY_SOCKET"); ok { cmd.Env = append(cmd.Env, fmt.Sprintf("NOTIFY_SOCKET=%s", notify)) } |