diff options
| author | Brent Baude <bbaude@redhat.com> | 2020-02-27 14:39:31 -0600 |
|---|---|---|
| committer | Brent Baude <bbaude@redhat.com> | 2020-02-27 14:39:31 -0600 |
| commit | 6c97e0d5c140d587e5477d478159e91b8adcfd15 (patch) | |
| tree | dea981c058a406275feeca97fe08cf8b84da55ef /pkg | |
| parent | cfd40608907b653a8b05f2e4f4243f8aa677b6e3 (diff) | |
| download | podman-6c97e0d5c140d587e5477d478159e91b8adcfd15.tar.gz podman-6c97e0d5c140d587e5477d478159e91b8adcfd15.tar.bz2 podman-6c97e0d5c140d587e5477d478159e91b8adcfd15.zip | |
network create should use firewall plugin
when creating a network, podman should add the firewall plugin to the config but not specify a backend. this will allow cni to determine whether it should use an iptables|firewalld backend.
Signed-off-by: Brent Baude <bbaude@redhat.com>
Diffstat (limited to 'pkg')
| -rw-r--r-- | pkg/adapter/network.go | 1 | ||||
| -rw-r--r-- | pkg/network/netconflist.go | 1 |
2 files changed, 1 insertions, 1 deletions
diff --git a/pkg/adapter/network.go b/pkg/adapter/network.go index c5bd91534..b25f54a13 100644 --- a/pkg/adapter/network.go +++ b/pkg/adapter/network.go @@ -209,6 +209,7 @@ func (r *LocalRuntime) NetworkCreateBridge(cli *cliconfig.NetworkCreateValues) ( bridge := network.NewHostLocalBridge(bridgeDeviceName, isGateway, false, ipMasq, ipamConfig) plugins = append(plugins, bridge) plugins = append(plugins, network.NewPortMapPlugin()) + plugins = append(plugins, network.NewFirewallPlugin()) // if we find the dnsname plugin, we add configuration for it if network.HasDNSNamePlugin(runtimeConfig.CNIPluginDir) && !cli.DisableDNS { // Note: in the future we might like to allow for dynamic domain names diff --git a/pkg/network/netconflist.go b/pkg/network/netconflist.go index a8217097a..34ff00024 100644 --- a/pkg/network/netconflist.go +++ b/pkg/network/netconflist.go @@ -110,7 +110,6 @@ func NewPortMapPlugin() PortMapConfig { func NewFirewallPlugin() FirewallConfig { return FirewallConfig{ PluginType: "firewall", - Backend: "iptables", } } |