InfraContainer Rework

InfraContainer should go through the same creation process as regular containers. This change was from the cmd level down, involving new container CLI opts and specgen creating functions. What now happens is that both container and pod cli options are populated in cmd and used to create a podSpecgen and a containerSpecgen. The process then goes as follows FillOutSpecGen (infra) -> MapSpec (podOpts -> infraOpts) -> PodCreate -> MakePod -> createPodOptions -> NewPod -> CompleteSpec (infra) -> MakeContainer -> NewContainer -> newContainer -> AddInfra (to pod state) Signed-off-by: cdoern <cdoern@redhat.com>
author: cdoern <cdoern@redhat.com> 2021-07-14 16:30:28 -0400
committer: cdoern <cdoern@redhat.com> 2021-08-26 16:05:16 -0400
commit: d28e85741fedb89be48a03d4f05687e970eb71b9 (patch)
tree: 0b79a6757b0fc7ad3caa33ad94f721d8296d9c1a /pkg/specgen/generate
parent: 94c37d7d470871f9d63b32c97094f5faab1e8a08 (diff)
download: podman-d28e85741fedb89be48a03d4f05687e970eb71b9.tar.gz
podman-d28e85741fedb89be48a03d4f05687e970eb71b9.tar.bz2
podman-d28e85741fedb89be48a03d4f05687e970eb71b9.zip
5 files changed, 180 insertions, 134 deletions
diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go
index 5101a6ccb..f82b2a3c6 100644
--- a/pkg/specgen/generate/container_create.go
+++ b/pkg/specgen/generate/container_create.go
@@ -22,10 +22,10 @@ import (
 // MakeContainer creates a container based on the SpecGenerator.
 // Returns the created, container and any warnings resulting from creating the
 // container, or an error.
-func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGenerator) (*libpod.Container, error) {
+func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGenerator) (*spec.Spec, *specgen.SpecGenerator, []libpod.CtrCreateOption, error) {
 	rtc, err := rt.GetConfig()
 	if err != nil {
-		return nil, err
+		return nil, nil, nil, err
 	}
 
 	// If joining a pod, retrieve the pod for use.
@@ -33,7 +33,7 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
 	if s.Pod != "" {
 		pod, err = rt.LookupPod(s.Pod)
 		if err != nil {
-			return nil, errors.Wrapf(err, "error retrieving pod %s", s.Pod)
+			return nil, nil, nil, errors.Wrapf(err, "error retrieving pod %s", s.Pod)
 		}
 	}
 
@@ -41,47 +41,48 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
 	if s.PidNS.IsDefault() {
 		defaultNS, err := GetDefaultNamespaceMode("pid", rtc, pod)
 		if err != nil {
-			return nil, err
+			return nil, nil, nil, err
 		}
 		s.PidNS = defaultNS
 	}
 	if s.IpcNS.IsDefault() {
 		defaultNS, err := GetDefaultNamespaceMode("ipc", rtc, pod)
 		if err != nil {
-			return nil, err
+			return nil, nil, nil, err
 		}
 		s.IpcNS = defaultNS
 	}
 	if s.UtsNS.IsDefault() {
 		defaultNS, err := GetDefaultNamespaceMode("uts", rtc, pod)
 		if err != nil {
-			return nil, err
+			return nil, nil, nil, err
 		}
 		s.UtsNS = defaultNS
 	}
 	if s.UserNS.IsDefault() {
 		defaultNS, err := GetDefaultNamespaceMode("user", rtc, pod)
 		if err != nil {
-			return nil, err
+			return nil, nil, nil, err
 		}
 		s.UserNS = defaultNS
 	}
 	if s.NetNS.IsDefault() {
 		defaultNS, err := GetDefaultNamespaceMode("net", rtc, pod)
 		if err != nil {
-			return nil, err
+			return nil, nil, nil, err
 		}
 		s.NetNS = defaultNS
 	}
 	if s.CgroupNS.IsDefault() {
 		defaultNS, err := GetDefaultNamespaceMode("cgroup", rtc, pod)
 		if err != nil {
-			return nil, err
+			return nil, nil, nil, err
 		}
 		s.CgroupNS = defaultNS
 	}
 
 	options := []libpod.CtrCreateOption{}
+
 	if s.ContainerCreateCommand != nil {
 		options = append(options, libpod.WithCreateCommand(s.ContainerCreateCommand))
 	}
@@ -94,12 +95,11 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
 		var resolvedImageName string
 		newImage, resolvedImageName, err = rt.LibimageRuntime().LookupImage(s.Image, nil)
 		if err != nil {
-			return nil, err
+			return nil, nil, nil, err
 		}
-
 		imageData, err = newImage.Inspect(ctx, false)
 		if err != nil {
-			return nil, err
+			return nil, nil, nil, err
 		}
 		// If the input name changed, we could properly resolve the
 		// image. Otherwise, it must have been an ID where we're
@@ -115,29 +115,32 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
 		options = append(options, libpod.WithRootFSFromImage(newImage.ID(), resolvedImageName, s.RawImageName))
 	}
 	if err := s.Validate(); err != nil {
-		return nil, errors.Wrap(err, "invalid config provided")
+		return nil, nil, nil, errors.Wrap(err, "invalid config provided")
 	}
 
 	finalMounts, finalVolumes, finalOverlays, err := finalizeMounts(ctx, s, rt, rtc, newImage)
 	if err != nil {
-		return nil, err
+		return nil, nil, nil, err
 	}
 
 	command, err := makeCommand(ctx, s, imageData, rtc)
 	if err != nil {
-		return nil, err
+		return nil, nil, nil, err
 	}
 
 	opts, err := createContainerOptions(ctx, rt, s, pod, finalVolumes, finalOverlays, imageData, command)
 	if err != nil {
-		return nil, err
+		return nil, nil, nil, err
 	}
 	options = append(options, opts...)
 
-	exitCommandArgs, err := CreateExitCommandArgs(rt.StorageConfig(), rtc, logrus.IsLevelEnabled(logrus.DebugLevel), s.Remove, false)
+	var exitCommandArgs []string
+
+	exitCommandArgs, err = CreateExitCommandArgs(rt.StorageConfig(), rtc, logrus.IsLevelEnabled(logrus.DebugLevel), s.Remove, false)
 	if err != nil {
-		return nil, err
+		return nil, nil, nil, err
 	}
+
 	options = append(options, libpod.WithExitCommand(exitCommandArgs))
 
 	if len(s.Aliases) > 0 {
@@ -147,23 +150,26 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
 	if containerType := s.InitContainerType; len(containerType) > 0 {
 		options = append(options, libpod.WithInitCtrType(containerType))
 	}
-
+	if len(s.Name) > 0 {
+		logrus.Debugf("setting container name %s", s.Name)
+		options = append(options, libpod.WithName(s.Name))
+	}
 	if len(s.Devices) > 0 {
 		opts = extractCDIDevices(s)
 		options = append(options, opts...)
 	}
 	runtimeSpec, err := SpecGenToOCI(ctx, s, rt, rtc, newImage, finalMounts, pod, command)
 	if err != nil {
-		return nil, err
+		return nil, nil, nil, err
 	}
-
-	ctr, err := rt.NewContainer(ctx, runtimeSpec, options...)
+	return runtimeSpec, s, options, err
+}
+func ExecuteCreate(ctx context.Context, rt *libpod.Runtime, runtimeSpec *spec.Spec, s *specgen.SpecGenerator, infra bool, options ...libpod.CtrCreateOption) (*libpod.Container, error) {
+	ctr, err := rt.NewContainer(ctx, runtimeSpec, s, infra, options...)
 	if err != nil {
 		return ctr, err
 	}
 
-	// Copy the content from the underlying image into the newly created
-	// volume if configured to do so.
 	return ctr, rt.PrepareVolumeOnCreateContainer(ctx, ctr)
 }
 
@@ -256,11 +262,6 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.
 	if len(s.SdNotifyMode) > 0 {
 		options = append(options, libpod.WithSdNotifyMode(s.SdNotifyMode))
 	}
-
-	if len(s.Name) > 0 {
-		logrus.Debugf("setting container name %s", s.Name)
-		options = append(options, libpod.WithName(s.Name))
-	}
 	if pod != nil {
 		logrus.Debugf("adding container to pod %s", pod.Name())
 		options = append(options, rt.WithPod(pod))
@@ -379,11 +380,11 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.
 	options = append(options, libpod.WithPrivileged(s.Privileged))
 
 	// Get namespace related options
-	namespaceOptions, err := namespaceOptions(ctx, s, rt, pod, imageData)
+	namespaceOpts, err := namespaceOptions(ctx, s, rt, pod, imageData)
 	if err != nil {
 		return nil, err
 	}
-	options = append(options, namespaceOptions...)
+	options = append(options, namespaceOpts...)
 
 	if len(s.ConmonPidFile) > 0 {
 		options = append(options, libpod.WithConmonPidFile(s.ConmonPidFile))
diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go
index 04b4e5ab3..5188abc3a 100644
--- a/pkg/specgen/generate/kube/kube.go
+++ b/pkg/specgen/generate/kube/kube.go
@@ -14,6 +14,7 @@ import (
 	"github.com/containers/image/v5/manifest"
 	"github.com/containers/podman/v3/libpod/network/types"
 	ann "github.com/containers/podman/v3/pkg/annotations"
+	"github.com/containers/podman/v3/pkg/domain/entities"
 	"github.com/containers/podman/v3/pkg/specgen"
 	"github.com/containers/podman/v3/pkg/specgen/generate"
 	"github.com/containers/podman/v3/pkg/util"
@@ -23,25 +24,26 @@ import (
 	"k8s.io/apimachinery/pkg/api/resource"
 )
 
-func ToPodGen(ctx context.Context, podName string, podYAML *v1.PodTemplateSpec) (*specgen.PodSpecGenerator, error) {
-	p := specgen.NewPodSpecGenerator()
+func ToPodOpt(ctx context.Context, podName string, p entities.PodCreateOptions, podYAML *v1.PodTemplateSpec) (entities.PodCreateOptions, error) {
+	//	p := specgen.NewPodSpecGenerator()
+	p.Net = &entities.NetOptions{}
 	p.Name = podName
 	p.Labels = podYAML.ObjectMeta.Labels
 	// Kube pods must share {ipc, net, uts} by default
-	p.SharedNamespaces = append(p.SharedNamespaces, "ipc")
-	p.SharedNamespaces = append(p.SharedNamespaces, "net")
-	p.SharedNamespaces = append(p.SharedNamespaces, "uts")
+	p.Share = append(p.Share, "ipc")
+	p.Share = append(p.Share, "net")
+	p.Share = append(p.Share, "uts")
 	// TODO we only configure Process namespace. We also need to account for Host{IPC,Network,PID}
 	// which is not currently possible with pod create
 	if podYAML.Spec.ShareProcessNamespace != nil && *podYAML.Spec.ShareProcessNamespace {
-		p.SharedNamespaces = append(p.SharedNamespaces, "pid")
+		p.Share = append(p.Share, "pid")
 	}
 	p.Hostname = podYAML.Spec.Hostname
 	if p.Hostname == "" {
 		p.Hostname = podName
 	}
 	if podYAML.Spec.HostNetwork {
-		p.NetNS.NSMode = specgen.Host
+		p.Net.Network = specgen.Namespace{NSMode: "host"}
 	}
 	if podYAML.Spec.HostAliases != nil {
 		hosts := make([]string, 0, len(podYAML.Spec.HostAliases))
@@ -50,10 +52,10 @@ func ToPodGen(ctx context.Context, podName string, podYAML *v1.PodTemplateSpec)
 				hosts = append(hosts, host+":"+hostAlias.IP)
 			}
 		}
-		p.HostAdd = hosts
+		p.Net.AddHosts = hosts
 	}
 	podPorts := getPodPorts(podYAML.Spec.Containers)
-	p.PortMappings = podPorts
+	p.Net.PublishPorts = podPorts
 
 	if dnsConfig := podYAML.Spec.DNSConfig; dnsConfig != nil {
 		// name servers
@@ -62,11 +64,11 @@ func ToPodGen(ctx context.Context, podName string, podYAML *v1.PodTemplateSpec)
 			for _, server := range dnsServers {
 				servers = append(servers, net.ParseIP(server))
 			}
-			p.DNSServer = servers
+			p.Net.DNSServers = servers
 		}
 		// search domains
 		if domains := dnsConfig.Searches; len(domains) > 0 {
-			p.DNSSearch = domains
+			p.Net.DNSSearch = domains
 		}
 		// dns options
 		if options := dnsConfig.Options; len(options) > 0 {
@@ -110,6 +112,8 @@ type CtrSpecGenOptions struct {
 	LogDriver string
 	// Labels define key-value pairs of metadata
 	Labels map[string]string
+	//
+	IsInfra bool
 }
 
 func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGenerator, error) {
@@ -216,19 +220,19 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener
 		}
 	}
 	// If only the yaml.Command is specified, set it as the entrypoint and drop the image Cmd
-	if len(opts.Container.Command) != 0 {
+	if !opts.IsInfra && len(opts.Container.Command) != 0 {
 		s.Entrypoint = opts.Container.Command
 		s.Command = []string{}
 	}
 	// Only override the cmd field if yaml.Args is specified
 	// Keep the image entrypoint, or the yaml.command if specified
-	if len(opts.Container.Args) != 0 {
+	if !opts.IsInfra && len(opts.Container.Args) != 0 {
 		s.Command = opts.Container.Args
 	}
 
 	// FIXME,
 	// we are currently ignoring imageData.Config.ExposedPorts
-	if opts.Container.WorkingDir != "" {
+	if !opts.IsInfra && opts.Container.WorkingDir != "" {
 		s.WorkDir = opts.Container.WorkingDir
 	}
 
diff --git a/pkg/specgen/generate/namespaces.go b/pkg/specgen/generate/namespaces.go
index 80790dcc1..5349e224f 100644
--- a/pkg/specgen/generate/namespaces.go
+++ b/pkg/specgen/generate/namespaces.go
@@ -250,7 +250,7 @@ func namespaceOptions(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.
 		if s.NetNS.Value != "" {
 			val = fmt.Sprintf("slirp4netns:%s", s.NetNS.Value)
 		}
-		toReturn = append(toReturn, libpod.WithNetNS(portMappings, expose, postConfigureNetNS, val, nil))
+		toReturn = append(toReturn, libpod.WithNetNS(portMappings, expose, postConfigureNetNS, val, s.CNINetworks))
 	case specgen.Private:
 		fallthrough
 	case specgen.Bridge:
diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go
index 1f3f9e832..80c7f112f 100644
--- a/pkg/specgen/generate/oci.go
+++ b/pkg/specgen/generate/oci.go
@@ -201,7 +201,8 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
 			Options:     []string{"rprivate", "nosuid", "noexec", "nodev", "rw"},
 		}
 		g.AddMount(sysMnt)
-	} else if !canMountSys {
+	}
+	if !canMountSys {
 		addCgroup = false
 		g.RemoveMount("/sys")
 		r := "ro"
diff --git a/pkg/specgen/generate/pod_create.go b/pkg/specgen/generate/pod_create.go
index 426cf1b6d..e523aef42 100644
--- a/pkg/specgen/generate/pod_create.go
+++ b/pkg/specgen/generate/pod_create.go
@@ -2,53 +2,82 @@ package generate
 
 import (
 	"context"
+	"net"
 
+	"github.com/containers/common/pkg/config"
 	"github.com/containers/podman/v3/libpod"
+	"github.com/containers/podman/v3/libpod/define"
+	"github.com/containers/podman/v3/pkg/domain/entities"
 	"github.com/containers/podman/v3/pkg/rootless"
 	"github.com/containers/podman/v3/pkg/specgen"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 )
 
-func MakePod(p *specgen.PodSpecGenerator, rt *libpod.Runtime) (*libpod.Pod, error) {
-	if err := p.Validate(); err != nil {
+func MakePod(p *entities.PodSpec, rt *libpod.Runtime) (*libpod.Pod, error) {
+	if err := p.PodSpecGen.Validate(); err != nil {
 		return nil, err
 	}
-	options, err := createPodOptions(p, rt)
+	if !p.PodSpecGen.NoInfra && p.PodSpecGen.InfraContainerSpec != nil {
+		var err error
+		p.PodSpecGen.InfraContainerSpec, err = MapSpec(&p.PodSpecGen)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	options, err := createPodOptions(&p.PodSpecGen, rt, p.PodSpecGen.InfraContainerSpec)
 	if err != nil {
 		return nil, err
 	}
-	return rt.NewPod(context.Background(), options...)
+	pod, err := rt.NewPod(context.Background(), p.PodSpecGen, options...)
+	if err != nil {
+		return nil, err
+	}
+	if !p.PodSpecGen.NoInfra && p.PodSpecGen.InfraContainerSpec != nil {
+		p.PodSpecGen.InfraContainerSpec.ContainerCreateCommand = []string{} // we do NOT want os.Args as the command, will display the pod create cmd
+		if p.PodSpecGen.InfraContainerSpec.Name == "" {
+			p.PodSpecGen.InfraContainerSpec.Name = pod.ID()[:12] + "-infra"
+		}
+		_, err = CompleteSpec(context.Background(), rt, p.PodSpecGen.InfraContainerSpec)
+		if err != nil {
+			return nil, err
+		}
+		p.PodSpecGen.InfraContainerSpec.User = "" // infraSpec user will get incorrectly assigned via the container creation process, overwrite here
+		rtSpec, spec, opts, err := MakeContainer(context.Background(), rt, p.PodSpecGen.InfraContainerSpec)
+		if err != nil {
+			return nil, err
+		}
+		spec.Pod = pod.ID()
+		opts = append(opts, rt.WithPod(pod))
+		spec.CgroupParent = pod.CgroupParent()
+		infraCtr, err := ExecuteCreate(context.Background(), rt, rtSpec, spec, true, opts...)
+		if err != nil {
+			return nil, err
+		}
+		pod, err = rt.AddInfra(context.Background(), pod, infraCtr)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return pod, nil
 }
 
-func createPodOptions(p *specgen.PodSpecGenerator, rt *libpod.Runtime) ([]libpod.PodCreateOption, error) {
+func createPodOptions(p *specgen.PodSpecGenerator, rt *libpod.Runtime, infraSpec *specgen.SpecGenerator) ([]libpod.PodCreateOption, error) {
 	var (
 		options []libpod.PodCreateOption
 	)
-	if !p.NoInfra {
+	if !p.NoInfra { //&& infraSpec != nil {
 		options = append(options, libpod.WithInfraContainer())
-		nsOptions, err := GetNamespaceOptions(p.SharedNamespaces, p.NetNS.IsHost())
+		nsOptions, err := GetNamespaceOptions(p.SharedNamespaces, p.InfraContainerSpec.NetNS.IsHost())
 		if err != nil {
 			return nil, err
 		}
 		options = append(options, nsOptions...)
 		// Use pod user and infra userns only when --userns is not set to host
-		if !p.Userns.IsHost() {
+		if !p.InfraContainerSpec.UserNS.IsHost() && !p.InfraContainerSpec.UserNS.IsDefault() {
 			options = append(options, libpod.WithPodUser())
-			options = append(options, libpod.WithPodUserns(p.Userns))
 		}
-
-		// Make our exit command
-		storageConfig := rt.StorageConfig()
-		runtimeConfig, err := rt.GetConfig()
-		if err != nil {
-			return nil, err
-		}
-		exitCommand, err := CreateExitCommandArgs(storageConfig, runtimeConfig, logrus.IsLevelEnabled(logrus.DebugLevel), false, false)
-		if err != nil {
-			return nil, errors.Wrapf(err, "error creating infra container exit command")
-		}
-		options = append(options, libpod.WithPodInfraExitCommand(exitCommand))
 	}
 	if len(p.CgroupParent) > 0 {
 		options = append(options, libpod.WithPodCgroupParent(p.CgroupParent))
@@ -59,62 +88,27 @@ func createPodOptions(p *specgen.PodSpecGenerator, rt *libpod.Runtime) ([]libpod
 	if len(p.Name) > 0 {
 		options = append(options, libpod.WithPodName(p.Name))
 	}
-	if p.ResourceLimits != nil && p.ResourceLimits.CPU != nil && p.ResourceLimits.CPU.Period != nil && p.ResourceLimits.CPU.Quota != nil {
-		if *p.ResourceLimits.CPU.Period != 0 || *p.ResourceLimits.CPU.Quota != 0 {
-			options = append(options, libpod.WithPodCPUPAQ((*p.ResourceLimits.CPU.Period), (*p.ResourceLimits.CPU.Quota)))
-		}
-	}
-	if p.ResourceLimits != nil && p.ResourceLimits.CPU != nil && p.ResourceLimits.CPU.Cpus != "" {
-		options = append(options, libpod.WithPodCPUSetCPUs(p.ResourceLimits.CPU.Cpus))
+	if p.PodCreateCommand != nil {
+		options = append(options, libpod.WithPodCreateCommand(p.PodCreateCommand))
 	}
+
 	if len(p.Hostname) > 0 {
 		options = append(options, libpod.WithPodHostname(p.Hostname))
 	}
-	if len(p.HostAdd) > 0 {
-		options = append(options, libpod.WithPodHosts(p.HostAdd))
-	}
-	if len(p.DNSServer) > 0 {
-		var dnsServers []string
-		for _, d := range p.DNSServer {
-			dnsServers = append(dnsServers, d.String())
-		}
-		options = append(options, libpod.WithPodDNS(dnsServers))
-	}
-	if len(p.DNSOption) > 0 {
-		options = append(options, libpod.WithPodDNSOption(p.DNSOption))
-	}
-	if len(p.DNSSearch) > 0 {
-		options = append(options, libpod.WithPodDNSSearch(p.DNSSearch))
-	}
-	if p.StaticIP != nil {
-		options = append(options, libpod.WithPodStaticIP(*p.StaticIP))
-	}
-	if p.StaticMAC != nil {
-		options = append(options, libpod.WithPodStaticMAC(*p.StaticMAC))
-	}
-	if p.NoManageResolvConf {
-		options = append(options, libpod.WithPodUseImageResolvConf())
-	}
-	if len(p.CNINetworks) > 0 {
-		options = append(options, libpod.WithPodNetworks(p.CNINetworks))
-	}
-
-	if len(p.InfraImage) > 0 {
-		options = append(options, libpod.WithInfraImage(p.InfraImage))
-	}
 
-	if len(p.InfraName) > 0 {
-		options = append(options, libpod.WithInfraName(p.InfraName))
-	}
-
-	if len(p.InfraCommand) > 0 {
-		options = append(options, libpod.WithInfraCommand(p.InfraCommand))
-	}
+	return options, nil
+}
 
-	if !p.Pid.IsDefault() {
-		options = append(options, libpod.WithPodPidNS(p.Pid))
+// MapSpec modifies the already filled Infra specgenerator,
+// replacing necessary values with those specified in pod creation
+func MapSpec(p *specgen.PodSpecGenerator) (*specgen.SpecGenerator, error) {
+	if len(p.PortMappings) > 0 {
+		ports, _, _, err := ParsePortMapping(p.PortMappings)
+		if err != nil {
+			return nil, err
+		}
+		p.InfraContainerSpec.PortMappings = libpod.WithInfraContainerPorts(ports, p.InfraContainerSpec)
 	}
-
 	switch p.NetNS.NSMode {
 	case specgen.Default, "":
 		if p.NoInfra {
@@ -123,42 +117,88 @@ func createPodOptions(p *specgen.PodSpecGenerator, rt *libpod.Runtime) ([]libpod
 		}
 		if rootless.IsRootless() {
 			logrus.Debugf("Pod will use slirp4netns")
-			options = append(options, libpod.WithPodSlirp4netns(p.NetworkOptions))
+			if p.InfraContainerSpec.NetNS.NSMode != "host" {
+				p.InfraContainerSpec.NetworkOptions = p.NetworkOptions
+				p.InfraContainerSpec.NetNS.NSMode = specgen.NamespaceMode("slirp4netns")
+			}
 		} else {
 			logrus.Debugf("Pod using bridge network mode")
 		}
 	case specgen.Bridge:
+		p.InfraContainerSpec.NetNS.NSMode = specgen.Bridge
 		logrus.Debugf("Pod using bridge network mode")
 	case specgen.Host:
 		logrus.Debugf("Pod will use host networking")
-		options = append(options, libpod.WithPodHostNetwork())
+		if len(p.InfraContainerSpec.PortMappings) > 0 ||
+			p.InfraContainerSpec.StaticIP != nil ||
+			p.InfraContainerSpec.StaticMAC != nil ||
+			len(p.InfraContainerSpec.CNINetworks) > 0 ||
+			p.InfraContainerSpec.NetNS.NSMode == specgen.NoNetwork {
+			return nil, errors.Wrapf(define.ErrInvalidArg, "cannot set host network if network-related configuration is specified")
+		}
+		p.InfraContainerSpec.NetNS.NSMode = specgen.Host
 	case specgen.Slirp:
 		logrus.Debugf("Pod will use slirp4netns")
-		options = append(options, libpod.WithPodSlirp4netns(p.NetworkOptions))
+		if p.InfraContainerSpec.NetNS.NSMode != "host" {
+			p.InfraContainerSpec.NetworkOptions = p.NetworkOptions
+			p.InfraContainerSpec.NetNS.NSMode = specgen.NamespaceMode("slirp4netns")
+		}
 	case specgen.NoNetwork:
 		logrus.Debugf("Pod will not use networking")
-		options = append(options, libpod.WithPodNoNetwork())
+		if len(p.InfraContainerSpec.PortMappings) > 0 ||
+			p.InfraContainerSpec.StaticIP != nil ||
+			p.InfraContainerSpec.StaticMAC != nil ||
+			len(p.InfraContainerSpec.CNINetworks) > 0 ||
+			p.InfraContainerSpec.NetNS.NSMode == "host" {
+			return nil, errors.Wrapf(define.ErrInvalidArg, "cannot disable pod network if network-related configuration is specified")
+		}
+		p.InfraContainerSpec.NetNS.NSMode = specgen.NoNetwork
 	default:
 		return nil, errors.Errorf("pods presently do not support network mode %s", p.NetNS.NSMode)
 	}
 
-	if p.NoManageHosts {
-		options = append(options, libpod.WithPodUseImageHosts())
+	libpod.WithPodCgroups()
+	if len(p.InfraCommand) > 0 {
+		p.InfraContainerSpec.Entrypoint = p.InfraCommand
 	}
-	if len(p.PortMappings) > 0 {
-		ports, _, _, err := ParsePortMapping(p.PortMappings)
-		if err != nil {
-			return nil, err
-		}
-		options = append(options, libpod.WithInfraContainerPorts(ports))
+
+	if len(p.HostAdd) > 0 {
+		p.InfraContainerSpec.HostAdd = p.HostAdd
 	}
-	options = append(options, libpod.WithPodCgroups())
-	if p.PodCreateCommand != nil {
-		options = append(options, libpod.WithPodCreateCommand(p.PodCreateCommand))
+	if len(p.DNSServer) > 0 {
+		var dnsServers []net.IP
+		dnsServers = append(dnsServers, p.DNSServer...)
+
+		p.InfraContainerSpec.DNSServers = dnsServers
+	}
+	if len(p.DNSOption) > 0 {
+		p.InfraContainerSpec.DNSOptions = p.DNSOption
+	}
+	if len(p.DNSSearch) > 0 {
+		p.InfraContainerSpec.DNSSearch = p.DNSSearch
+	}
+	if p.StaticIP != nil {
+		p.InfraContainerSpec.StaticIP = p.StaticIP
+	}
+	if p.StaticMAC != nil {
+		p.InfraContainerSpec.StaticMAC = p.StaticMAC
+	}
+	if p.NoManageResolvConf {
+		p.InfraContainerSpec.UseImageResolvConf = true
+	}
+	if len(p.CNINetworks) > 0 {
+		p.InfraContainerSpec.CNINetworks = p.CNINetworks
+	}
+	if p.NoManageHosts {
+		p.InfraContainerSpec.UseImageHosts = p.NoManageHosts
 	}
+
 	if len(p.InfraConmonPidFile) > 0 {
-		options = append(options, libpod.WithInfraConmonPidFile(p.InfraConmonPidFile))
+		p.InfraContainerSpec.ConmonPidFile = p.InfraConmonPidFile
 	}
 
-	return options, nil
+	if p.InfraImage != config.DefaultInfraImage {
+		p.InfraContainerSpec.Image = p.InfraImage
+	}
+	return p.InfraContainerSpec, nil
 }
author	cdoern <cdoern@redhat.com>	2021-07-14 16:30:28 -0400
committer	cdoern <cdoern@redhat.com>	2021-08-26 16:05:16 -0400
commit	d28e85741fedb89be48a03d4f05687e970eb71b9 (patch)
tree	0b79a6757b0fc7ad3caa33ad94f721d8296d9c1a /pkg/specgen/generate
parent	94c37d7d470871f9d63b32c97094f5faab1e8a08 (diff)
download	podman-d28e85741fedb89be48a03d4f05687e970eb71b9.tar.gz podman-d28e85741fedb89be48a03d4f05687e970eb71b9.tar.bz2 podman-d28e85741fedb89be48a03d4f05687e970eb71b9.zip