diff options
| author | Brent Baude <bbaude@redhat.com> | 2020-08-20 09:52:53 -0500 |
|---|---|---|
| committer | Matthew Heon <mheon@redhat.com> | 2020-08-24 11:31:37 -0400 |
| commit | 23251149aba5965e06bc35ddbd15717b2bb7b43b (patch) | |
| tree | 5513812de25908f450fd890226ca0d39574039a1 /pkg | |
| parent | c78c6b44ce63430218e141415a10b2010d42f883 (diff) | |
| download | podman-23251149aba5965e06bc35ddbd15717b2bb7b43b.tar.gz podman-23251149aba5965e06bc35ddbd15717b2bb7b43b.tar.bz2 podman-23251149aba5965e06bc35ddbd15717b2bb7b43b.zip | |
error when adding container to pod with network information
because a pod's network information is dictated by the infra container at creation, a container cannot be created with network attributes. this has been difficult for users to understand. we now return an error when a container is being created inside a pod and passes any of the following attributes:
* static IP (v4 and v6)
* static mac
* ports -p (i.e. -p 8080:80)
* exposed ports (i.e. 222-225)
* publish ports from image -P
Signed-off-by: Brent Baude <bbaude@redhat.com>
<MH: Fixed cherry pick conflicts and compile>
Signed-off-by: Matthew Heon <mheon@redhat.com>
Diffstat (limited to 'pkg')
| -rw-r--r-- | pkg/specgen/container_validate.go | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/pkg/specgen/container_validate.go b/pkg/specgen/container_validate.go index 4dd2ab0b3..c4449ba3a 100644 --- a/pkg/specgen/container_validate.go +++ b/pkg/specgen/container_validate.go @@ -3,6 +3,7 @@ package specgen import ( "strings" + "github.com/containers/libpod/v2/libpod/define" "github.com/containers/libpod/v2/pkg/rootless" "github.com/containers/libpod/v2/pkg/util" "github.com/pkg/errors" @@ -34,6 +35,23 @@ func (s *SpecGenerator) Validate() error { } } + // Containers being added to a pod cannot have certain network attributes + // associated with them because those should be on the infra container. + if len(s.Pod) > 0 && s.NetNS.NSMode == FromPod { + if s.StaticIP != nil || s.StaticIPv6 != nil { + return errors.Wrap(define.ErrNetworkOnPodContainer, "static ip addresses must be defined when the pod is created") + } + if s.StaticMAC != nil { + return errors.Wrap(define.ErrNetworkOnPodContainer, "MAC addresses must be defined when the pod is created") + } + if len(s.CNINetworks) > 0 { + return errors.Wrap(define.ErrNetworkOnPodContainer, "networks must be defined when the pod is created") + } + if len(s.PortMappings) > 0 || s.PublishExposedPorts { + return errors.Wrap(define.ErrNetworkOnPodContainer, "published or exposed ports must be defined when the pod is created") + } + } + // // ContainerBasicConfig // |