summaryrefslogtreecommitdiff
path: root/pkg/specgen
diff options
context:
space:
mode:
authorBrent Baude <bbaude@redhat.com>2020-08-20 09:52:53 -0500
committerBrent Baude <bbaude@redhat.com>2020-08-21 09:21:15 -0500
commit7b21bcef5881db4f341090d255f6ef204a30dd1e (patch)
treea09d34eeb47a8a4c0df4b2d6105f8ebe34c3b9b6 /pkg/specgen
parent7ccd821397d03ed545635de2a0b70a68ab4d46db (diff)
downloadpodman-7b21bcef5881db4f341090d255f6ef204a30dd1e.tar.gz
podman-7b21bcef5881db4f341090d255f6ef204a30dd1e.tar.bz2
podman-7b21bcef5881db4f341090d255f6ef204a30dd1e.zip
error when adding container to pod with network information
because a pod's network information is dictated by the infra container at creation, a container cannot be created with network attributes. this has been difficult for users to understand. we now return an error when a container is being created inside a pod and passes any of the following attributes: * static IP (v4 and v6) * static mac * ports -p (i.e. -p 8080:80) * exposed ports (i.e. 222-225) * publish ports from image -P Signed-off-by: Brent Baude <bbaude@redhat.com>
Diffstat (limited to 'pkg/specgen')
-rw-r--r--pkg/specgen/container_validate.go17
1 files changed, 17 insertions, 0 deletions
diff --git a/pkg/specgen/container_validate.go b/pkg/specgen/container_validate.go
index 76961fa80..dc9e6b9d8 100644
--- a/pkg/specgen/container_validate.go
+++ b/pkg/specgen/container_validate.go
@@ -37,6 +37,23 @@ func (s *SpecGenerator) Validate() error {
}
}
+ // Containers being added to a pod cannot have certain network attributes
+ // associated with them because those should be on the infra container.
+ if len(s.Pod) > 0 && s.NetNS.NSMode == FromPod {
+ if s.StaticIP != nil || s.StaticIPv6 != nil {
+ return errors.Wrap(define.ErrNetworkOnPodContainer, "static ip addresses must be defined when the pod is created")
+ }
+ if s.StaticMAC != nil {
+ return errors.Wrap(define.ErrNetworkOnPodContainer, "MAC addresses must be defined when the pod is created")
+ }
+ if len(s.CNINetworks) > 0 {
+ return errors.Wrap(define.ErrNetworkOnPodContainer, "networks must be defined when the pod is created")
+ }
+ if len(s.PortMappings) > 0 || s.PublishExposedPorts {
+ return errors.Wrap(define.ErrNetworkOnPodContainer, "published or exposed ports must be defined when the pod is created")
+ }
+ }
+
//
// ContainerBasicConfig
//