Merge pull request #12534 from Luap99/network-db

network db rewrite

11 files changed, 58 insertions, 50 deletions

diff --git a/pkg/domain/entities/network.go b/pkg/domain/entities/network.go
index d7389a699..34b89ae7d 100644
--- a/pkg/domain/entities/network.go
+++ b/pkg/domain/entities/network.go
@@ -2,6 +2,8 @@ package entities
 
 import (
 	"net"
+
+	"github.com/containers/podman/v3/libpod/network/types"
 )
 
 // NetworkListOptions describes options for listing networks in cli
@@ -67,8 +69,8 @@ type NetworkDisconnectOptions struct {
 // NetworkConnectOptions describes options for connecting
 // a container to a network
 type NetworkConnectOptions struct {
-	Aliases   []string
-	Container string
+	Container string `json:"container"`
+	types.PerNetworkOptions
 }
 
 // NetworkPruneReport containers the name of network and an error
diff --git a/pkg/domain/entities/play.go b/pkg/domain/entities/play.go
index ad35dfe25..39234caf8 100644
--- a/pkg/domain/entities/play.go
+++ b/pkg/domain/entities/play.go
@@ -26,8 +26,8 @@ type PlayKubeOptions struct {
 	Username string
 	// Password for authenticating against the registry.
 	Password string
-	// Network - name of the CNI network to connect to.
-	Network string
+	// Networks - name of the network to connect to.
+	Networks []string
 	// Quiet - suppress output when pulling images.
 	Quiet bool
 	// SignaturePolicy - path to a signature-policy file.
diff --git a/pkg/domain/entities/pods.go b/pkg/domain/entities/pods.go
index b255785c2..14127e468 100644
--- a/pkg/domain/entities/pods.go
+++ b/pkg/domain/entities/pods.go
@@ -7,7 +7,6 @@ import (
 
 	commonFlag "github.com/containers/common/pkg/flag"
 	"github.com/containers/podman/v3/libpod/define"
-	"github.com/containers/podman/v3/libpod/network/types"
 	"github.com/containers/podman/v3/pkg/specgen"
 	"github.com/containers/podman/v3/pkg/util"
 	"github.com/opencontainers/runtime-spec/specs-go"
@@ -329,11 +328,8 @@ func ToPodSpecGen(s specgen.PodSpecGenerator, p *PodCreateOptions) (*specgen.Pod
 
 	if p.Net != nil {
 		s.NetNS = p.Net.Network
-		s.StaticIP = p.Net.StaticIP
-		// type cast to types.HardwareAddr
-		s.StaticMAC = (*types.HardwareAddr)(p.Net.StaticMAC)
 		s.PortMappings = p.Net.PublishPorts
-		s.CNINetworks = p.Net.CNINetworks
+		s.Networks = p.Net.Networks
 		s.NetworkOptions = p.Net.NetworkOptions
 		if p.Net.UseImageResolvConf {
 			s.NoManageResolvConf = true
diff --git a/pkg/domain/entities/types.go b/pkg/domain/entities/types.go
index e062b9442..0348c0af5 100644
--- a/pkg/domain/entities/types.go
+++ b/pkg/domain/entities/types.go
@@ -45,18 +45,16 @@ type NetFlags struct {
 // NetOptions reflect the shared network options between
 // pods and containers
 type NetOptions struct {
-	AddHosts           []string            `json:"hostadd,omitempty"`
-	Aliases            []string            `json:"network_alias,omitempty"`
-	CNINetworks        []string            `json:"cni_networks,omitempty"`
-	UseImageResolvConf bool                `json:"no_manage_resolv_conf,omitempty"`
-	DNSOptions         []string            `json:"dns_option,omitempty"`
-	DNSSearch          []string            `json:"dns_search,omitempty"`
-	DNSServers         []net.IP            `json:"dns_server,omitempty"`
-	Network            specgen.Namespace   `json:"netns,omitempty"`
-	NoHosts            bool                `json:"no_manage_hosts,omitempty"`
-	PublishPorts       []types.PortMapping `json:"portmappings,omitempty"`
-	StaticIP           *net.IP             `json:"static_ip,omitempty"`
-	StaticMAC          *net.HardwareAddr   `json:"static_mac,omitempty"`
+	AddHosts           []string                           `json:"hostadd,omitempty"`
+	Aliases            []string                           `json:"network_alias,omitempty"`
+	Networks           map[string]types.PerNetworkOptions `json:"networks,omitempty"`
+	UseImageResolvConf bool                               `json:"no_manage_resolv_conf,omitempty"`
+	DNSOptions         []string                           `json:"dns_option,omitempty"`
+	DNSSearch          []string                           `json:"dns_search,omitempty"`
+	DNSServers         []net.IP                           `json:"dns_server,omitempty"`
+	Network            specgen.Namespace                  `json:"netns,omitempty"`
+	NoHosts            bool                               `json:"no_manage_hosts,omitempty"`
+	PublishPorts       []types.PortMapping                `json:"portmappings,omitempty"`
 	// NetworkOptions are additional options for each network
 	NetworkOptions map[string][]string `json:"network_options,omitempty"`
 }
diff --git a/pkg/domain/filters/containers.go b/pkg/domain/filters/containers.go
index a28167d3e..60a1efb22 100644
--- a/pkg/domain/filters/containers.go
+++ b/pkg/domain/filters/containers.go
@@ -249,7 +249,7 @@ func GenerateContainerFilterFuncs(filter string, filterValues []string, r *libpo
 				return false
 			}
 
-			networks, _, err := c.Networks()
+			networks, err := c.Networks()
 			// if err or no networks, quick out
 			if err != nil || len(networks) == 0 {
 				return false
diff --git a/pkg/domain/filters/pods.go b/pkg/domain/filters/pods.go
index ed7506bf3..8231dbc79 100644
--- a/pkg/domain/filters/pods.go
+++ b/pkg/domain/filters/pods.go
@@ -142,7 +142,7 @@ func GeneratePodFilterFunc(filter string, filterValues []string, r *libpod.Runti
 			if err != nil {
 				return false
 			}
-			networks, _, err := infra.Networks()
+			networks, err := infra.Networks()
 			// if err or no networks, quick out
 			if err != nil || len(networks) == 0 {
 				return false
diff --git a/pkg/domain/infra/abi/network.go b/pkg/domain/infra/abi/network.go
index ee7403ed5..c7b12663c 100644
--- a/pkg/domain/infra/abi/network.go
+++ b/pkg/domain/infra/abi/network.go
@@ -71,7 +71,7 @@ func (ic *ContainerEngine) NetworkRm(ctx context.Context, namesOrIds []string, o
 		}
 		// We need to iterate containers looking to see if they belong to the given network
 		for _, c := range containers {
-			networks, _, err := c.Networks()
+			networks, err := c.Networks()
 			// if container vanished or network does not exist, go to next container
 			if errors.Is(err, define.ErrNoSuchNetwork) || errors.Is(err, define.ErrNoSuchCtr) {
 				continue
@@ -124,7 +124,7 @@ func (ic *ContainerEngine) NetworkDisconnect(ctx context.Context, networkname st
 }
 
 func (ic *ContainerEngine) NetworkConnect(ctx context.Context, networkname string, options entities.NetworkConnectOptions) error {
-	return ic.Libpod.ConnectContainerToNetwork(options.Container, networkname, options.Aliases)
+	return ic.Libpod.ConnectContainerToNetwork(options.Container, networkname, options.PerNetworkOptions)
 }
 
 // NetworkExists checks if the given network exists
@@ -152,7 +152,7 @@ func (ic *ContainerEngine) NetworkPrune(ctx context.Context, options entities.Ne
 	// containers want
 	networksToKeep := make(map[string]bool)
 	for _, c := range cons {
-		nets, _, err := c.Networks()
+		nets, err := c.Networks()
 		if err != nil {
 			return nil, err
 		}
diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go
index 4c024a3d8..6b3b04a0b 100644
--- a/pkg/domain/infra/abi/play.go
+++ b/pkg/domain/infra/abi/play.go
@@ -6,7 +6,6 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
-	"net"
 	"os"
 	"path/filepath"
 	"strconv"
@@ -18,6 +17,7 @@ import (
 	"github.com/containers/image/v5/types"
 	"github.com/containers/podman/v3/libpod"
 	"github.com/containers/podman/v3/libpod/define"
+	nettypes "github.com/containers/podman/v3/libpod/network/types"
 	"github.com/containers/podman/v3/pkg/autoupdate"
 	"github.com/containers/podman/v3/pkg/domain/entities"
 	"github.com/containers/podman/v3/pkg/specgen"
@@ -190,39 +190,52 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY
 		}
 	}
 
-	podOpt := entities.PodCreateOptions{Infra: true, Net: &entities.NetOptions{StaticIP: &net.IP{}, StaticMAC: &net.HardwareAddr{}, NoHosts: options.NoHosts}}
+	podOpt := entities.PodCreateOptions{Infra: true, Net: &entities.NetOptions{NoHosts: options.NoHosts}}
 	podOpt, err = kube.ToPodOpt(ctx, podName, podOpt, podYAML)
 	if err != nil {
 		return nil, err
 	}
 
-	if options.Network != "" {
-		ns, cniNets, netOpts, err := specgen.ParseNetworkString(options.Network)
-		if err != nil {
-			return nil, err
-		}
-
-		if (ns.IsBridge() && len(cniNets) == 0) || ns.IsHost() {
-			return nil, errors.Errorf("invalid value passed to --network: bridge or host networking must be configured in YAML")
-		}
+	ns, networks, netOpts, err := specgen.ParseNetworkFlag(options.Networks)
+	if err != nil {
+		return nil, err
+	}
 
-		podOpt.Net.Network = ns
-		if len(cniNets) > 0 {
-			podOpt.Net.CNINetworks = append(podOpt.Net.CNINetworks, cniNets...)
-		}
-		if len(netOpts) > 0 {
-			podOpt.Net.NetworkOptions = netOpts
-		}
+	if (ns.IsBridge() && len(networks) == 0) || ns.IsHost() {
+		return nil, errors.Errorf("invalid value passed to --network: bridge or host networking must be configured in YAML")
 	}
 
+	podOpt.Net.Network = ns
+	podOpt.Net.Networks = networks
+	podOpt.Net.NetworkOptions = netOpts
+
+	// FIXME This is very hard to support properly with a good ux
 	if len(options.StaticIPs) > *ipIndex {
-		podOpt.Net.StaticIP = &options.StaticIPs[*ipIndex]
+		if !podOpt.Net.Network.IsBridge() {
+			errors.Wrap(define.ErrInvalidArg, "static ip addresses can only be set when the network mode is bridge")
+		}
+		if len(podOpt.Net.Networks) != 1 {
+			return nil, errors.Wrap(define.ErrInvalidArg, "cannot set static ip addresses for more than network, use netname:ip=<ip> syntax to specify ips for more than network")
+		}
+		for name, netOpts := range podOpt.Net.Networks {
+			netOpts.StaticIPs = append(netOpts.StaticIPs, options.StaticIPs[*ipIndex])
+			podOpt.Net.Networks[name] = netOpts
+		}
 	} else if len(options.StaticIPs) > 0 {
 		// only warn if the user has set at least one ip
 		logrus.Warn("No more static ips left using a random one")
 	}
 	if len(options.StaticMACs) > *ipIndex {
-		podOpt.Net.StaticMAC = &options.StaticMACs[*ipIndex]
+		if !podOpt.Net.Network.IsBridge() {
+			errors.Wrap(define.ErrInvalidArg, "static mac address can only be set when the network mode is bridge")
+		}
+		if len(podOpt.Net.Networks) != 1 {
+			return nil, errors.Wrap(define.ErrInvalidArg, "cannot set static mac address for more than network, use netname:mac=<mac> syntax to specify mac for more than network")
+		}
+		for name, netOpts := range podOpt.Net.Networks {
+			netOpts.StaticMAC = nettypes.HardwareAddr(options.StaticMACs[*ipIndex])
+			podOpt.Net.Networks[name] = netOpts
+		}
 	} else if len(options.StaticIPs) > 0 {
 		// only warn if the user has set at least one mac
 		logrus.Warn("No more static macs left using a random one")
diff --git a/pkg/domain/infra/abi/pods.go b/pkg/domain/infra/abi/pods.go
index fc0a2337c..7bda7e994 100644
--- a/pkg/domain/infra/abi/pods.go
+++ b/pkg/domain/infra/abi/pods.go
@@ -376,7 +376,7 @@ func (ic *ContainerEngine) PodPs(ctx context.Context, options entities.PodPSOpti
 			if err != nil {
 				return nil, err
 			}
-			networks, _, err = infra.Networks()
+			networks, err = infra.Networks()
 			if err != nil {
 				return nil, err
 			}
diff --git a/pkg/domain/infra/tunnel/network.go b/pkg/domain/infra/tunnel/network.go
index 069982d30..b5050345a 100644
--- a/pkg/domain/infra/tunnel/network.go
+++ b/pkg/domain/infra/tunnel/network.go
@@ -81,8 +81,7 @@ func (ic *ContainerEngine) NetworkDisconnect(ctx context.Context, networkname st
 
 // NetworkConnect removes a container from a given network
 func (ic *ContainerEngine) NetworkConnect(ctx context.Context, networkname string, opts entities.NetworkConnectOptions) error {
-	options := new(network.ConnectOptions).WithAliases(opts.Aliases)
-	return network.Connect(ic.ClientCtx, networkname, opts.Container, options)
+	return network.Connect(ic.ClientCtx, networkname, opts.Container, &opts.PerNetworkOptions)
 }
 
 // NetworkExists checks if the given network exists
diff --git a/pkg/domain/infra/tunnel/play.go b/pkg/domain/infra/tunnel/play.go
index 75952ce2c..103be0cf1 100644
--- a/pkg/domain/infra/tunnel/play.go
+++ b/pkg/domain/infra/tunnel/play.go
@@ -11,7 +11,7 @@ import (
 func (ic *ContainerEngine) PlayKube(ctx context.Context, path string, opts entities.PlayKubeOptions) (*entities.PlayKubeReport, error) {
 	options := new(play.KubeOptions).WithAuthfile(opts.Authfile).WithUsername(opts.Username).WithPassword(opts.Password)
 	options.WithCertDir(opts.CertDir).WithQuiet(opts.Quiet).WithSignaturePolicy(opts.SignaturePolicy).WithConfigMaps(opts.ConfigMaps)
-	options.WithLogDriver(opts.LogDriver).WithNetwork(opts.Network).WithSeccompProfileRoot(opts.SeccompProfileRoot)
+	options.WithLogDriver(opts.LogDriver).WithNetwork(opts.Networks).WithSeccompProfileRoot(opts.SeccompProfileRoot)
 	options.WithStaticIPs(opts.StaticIPs).WithStaticMACs(opts.StaticMACs)
 	if len(opts.LogOptions) > 0 {
 		options.WithLogOptions(opts.LogOptions)