summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
authorbaude <bbaude@redhat.com>2018-11-19 13:20:56 -0600
committerbaude <bbaude@redhat.com>2018-11-20 09:49:34 -0600
commit690c52a113124efcedccb84e44198e7602f064ec (patch)
tree9a11d0ad045ae8f72354a80ede4068f0a9cbbeab /libpod
parent4eecc8cf70728d733aa8d1c948093d9ae4a334df (diff)
downloadpodman-690c52a113124efcedccb84e44198e7602f064ec.tar.gz
podman-690c52a113124efcedccb84e44198e7602f064ec.tar.bz2
podman-690c52a113124efcedccb84e44198e7602f064ec.zip
Allow users to expose ports from the pod to the host
we need to allow users to expose ports to the host for the purposes of networking, like a webserver. the port exposure must be done at the time the pod is created. strictly speaking, the port exposure occurs on the infra container. Signed-off-by: baude <bbaude@redhat.com>
Diffstat (limited to 'libpod')
-rw-r--r--libpod/options.go11
-rw-r--r--libpod/pod.go4
-rw-r--r--libpod/pod_easyjson.go128
-rw-r--r--libpod/runtime_pod_infra_linux.go4
4 files changed, 143 insertions, 4 deletions
diff --git a/libpod/options.go b/libpod/options.go
index 8d044313b..507847d65 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -1295,3 +1295,14 @@ func WithInfraContainer() PodCreateOption {
return nil
}
}
+
+// WithInfraContainerPorts tells the pod to add port bindings to the pause container
+func WithInfraContainerPorts(bindings []ocicni.PortMapping) PodCreateOption {
+ return func(pod *Pod) error {
+ if pod.valid {
+ return ErrPodFinalized
+ }
+ pod.config.InfraContainer.PortBindings = bindings
+ return nil
+ }
+}
diff --git a/libpod/pod.go b/libpod/pod.go
index 8ac976f6a..07f41f5c6 100644
--- a/libpod/pod.go
+++ b/libpod/pod.go
@@ -4,6 +4,7 @@ import (
"time"
"github.com/containers/storage"
+ "github.com/cri-o/ocicni/pkg/ocicni"
"github.com/pkg/errors"
)
@@ -96,7 +97,8 @@ type PodContainerInfo struct {
// InfraContainerConfig is the configuration for the pod's infra container
type InfraContainerConfig struct {
- HasInfraContainer bool `json:"makeInfraContainer"`
+ HasInfraContainer bool `json:"makeInfraContainer"`
+ PortBindings []ocicni.PortMapping `json:"infraPortBindings"`
}
// ID retrieves the pod's ID
diff --git a/libpod/pod_easyjson.go b/libpod/pod_easyjson.go
index 6c1c939f3..8ea9a5e72 100644
--- a/libpod/pod_easyjson.go
+++ b/libpod/pod_easyjson.go
@@ -6,6 +6,7 @@ package libpod
import (
json "encoding/json"
+ ocicni "github.com/cri-o/ocicni/pkg/ocicni"
easyjson "github.com/mailru/easyjson"
jlexer "github.com/mailru/easyjson/jlexer"
jwriter "github.com/mailru/easyjson/jwriter"
@@ -721,6 +722,29 @@ func easyjsonBe091417DecodeGithubComContainersLibpodLibpod5(in *jlexer.Lexer, ou
switch key {
case "makeInfraContainer":
out.HasInfraContainer = bool(in.Bool())
+ case "infraPortBindings":
+ if in.IsNull() {
+ in.Skip()
+ out.PortBindings = nil
+ } else {
+ in.Delim('[')
+ if out.PortBindings == nil {
+ if !in.IsDelim(']') {
+ out.PortBindings = make([]ocicni.PortMapping, 0, 1)
+ } else {
+ out.PortBindings = []ocicni.PortMapping{}
+ }
+ } else {
+ out.PortBindings = (out.PortBindings)[:0]
+ }
+ for !in.IsDelim(']') {
+ var v6 ocicni.PortMapping
+ easyjsonBe091417DecodeGithubComContainersLibpodVendorGithubComCriOOcicniPkgOcicni(in, &v6)
+ out.PortBindings = append(out.PortBindings, v6)
+ in.WantComma()
+ }
+ in.Delim(']')
+ }
default:
in.SkipRecursive()
}
@@ -745,5 +769,109 @@ func easyjsonBe091417EncodeGithubComContainersLibpodLibpod5(out *jwriter.Writer,
}
out.Bool(bool(in.HasInfraContainer))
}
+ {
+ const prefix string = ",\"infraPortBindings\":"
+ if first {
+ first = false
+ out.RawString(prefix[1:])
+ } else {
+ out.RawString(prefix)
+ }
+ if in.PortBindings == nil && (out.Flags&jwriter.NilSliceAsEmpty) == 0 {
+ out.RawString("null")
+ } else {
+ out.RawByte('[')
+ for v7, v8 := range in.PortBindings {
+ if v7 > 0 {
+ out.RawByte(',')
+ }
+ easyjsonBe091417EncodeGithubComContainersLibpodVendorGithubComCriOOcicniPkgOcicni(out, v8)
+ }
+ out.RawByte(']')
+ }
+ }
+ out.RawByte('}')
+}
+func easyjsonBe091417DecodeGithubComContainersLibpodVendorGithubComCriOOcicniPkgOcicni(in *jlexer.Lexer, out *ocicni.PortMapping) {
+ isTopLevel := in.IsStart()
+ if in.IsNull() {
+ if isTopLevel {
+ in.Consumed()
+ }
+ in.Skip()
+ return
+ }
+ in.Delim('{')
+ for !in.IsDelim('}') {
+ key := in.UnsafeString()
+ in.WantColon()
+ if in.IsNull() {
+ in.Skip()
+ in.WantComma()
+ continue
+ }
+ switch key {
+ case "hostPort":
+ out.HostPort = int32(in.Int32())
+ case "containerPort":
+ out.ContainerPort = int32(in.Int32())
+ case "protocol":
+ out.Protocol = string(in.String())
+ case "hostIP":
+ out.HostIP = string(in.String())
+ default:
+ in.SkipRecursive()
+ }
+ in.WantComma()
+ }
+ in.Delim('}')
+ if isTopLevel {
+ in.Consumed()
+ }
+}
+func easyjsonBe091417EncodeGithubComContainersLibpodVendorGithubComCriOOcicniPkgOcicni(out *jwriter.Writer, in ocicni.PortMapping) {
+ out.RawByte('{')
+ first := true
+ _ = first
+ {
+ const prefix string = ",\"hostPort\":"
+ if first {
+ first = false
+ out.RawString(prefix[1:])
+ } else {
+ out.RawString(prefix)
+ }
+ out.Int32(int32(in.HostPort))
+ }
+ {
+ const prefix string = ",\"containerPort\":"
+ if first {
+ first = false
+ out.RawString(prefix[1:])
+ } else {
+ out.RawString(prefix)
+ }
+ out.Int32(int32(in.ContainerPort))
+ }
+ {
+ const prefix string = ",\"protocol\":"
+ if first {
+ first = false
+ out.RawString(prefix[1:])
+ } else {
+ out.RawString(prefix)
+ }
+ out.String(string(in.Protocol))
+ }
+ {
+ const prefix string = ",\"hostIP\":"
+ if first {
+ first = false
+ out.RawString(prefix[1:])
+ } else {
+ out.RawString(prefix)
+ }
+ out.String(string(in.HostIP))
+ }
out.RawByte('}')
}
diff --git a/libpod/runtime_pod_infra_linux.go b/libpod/runtime_pod_infra_linux.go
index fea79e994..450a2fb32 100644
--- a/libpod/runtime_pod_infra_linux.go
+++ b/libpod/runtime_pod_infra_linux.go
@@ -7,7 +7,6 @@ import (
"github.com/containers/libpod/libpod/image"
"github.com/containers/libpod/pkg/rootless"
- "github.com/cri-o/ocicni/pkg/ocicni"
spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/runtime-tools/generate"
)
@@ -50,9 +49,8 @@ func (r *Runtime) makeInfraContainer(ctx context.Context, p *Pod, imgName, imgID
options = append(options, withIsInfra())
// Since user namespace sharing is not implemented, we only need to check if it's rootless
- portMappings := make([]ocicni.PortMapping, 0)
networks := make([]string, 0)
- options = append(options, WithNetNS(portMappings, isRootless, networks))
+ options = append(options, WithNetNS(p.config.InfraContainer.PortBindings, isRootless, networks))
return r.newContainer(ctx, g.Config, options...)
}