summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--contrib/rootless-cni-infra/Containerfile2
-rw-r--r--contrib/rootless-cni-infra/README.md2
-rwxr-xr-xcontrib/rootless-cni-infra/rootless-cni-infra3
-rw-r--r--libpod/rootless_cni_linux.go26
4 files changed, 25 insertions, 8 deletions
diff --git a/contrib/rootless-cni-infra/Containerfile b/contrib/rootless-cni-infra/Containerfile
index c5d812a6e..5be30ccc9 100644
--- a/contrib/rootless-cni-infra/Containerfile
+++ b/contrib/rootless-cni-infra/Containerfile
@@ -33,3 +33,5 @@ COPY --from=dnsname /dnsname /opt/cni/bin
COPY rootless-cni-infra /usr/local/bin
ENV CNI_PATH=/opt/cni/bin
CMD ["sleep", "infinity"]
+
+ENV ROOTLESS_CNI_INFRA_VERSION=1
diff --git a/contrib/rootless-cni-infra/README.md b/contrib/rootless-cni-infra/README.md
index 937e057fb..5aa13374b 100644
--- a/contrib/rootless-cni-infra/README.md
+++ b/contrib/rootless-cni-infra/README.md
@@ -16,6 +16,8 @@ Podman then allocates a CNI netns in the infra container, by executing an equiva
The allocated netns is deallocated when the container is being removed, by executing an equivalent of:
`podman exec rootless-cni-infra rootless-cni-infra dealloc $CONTAINER_ID $NETWORK_NAME`.
+The container images live on `quay.io/libpod/rootless-cni-infra`. The tags have the format `$version-$architecture`. Please make sure to increase the version number in the Containerfile (i.e., `ROOTLESS_CNI_INFRA_VERSION`) when applying changes to this directory. After committing the changes, upload the image(s) with the corresponding tag.
+
## Directory layout
* `/run/rootless-cni-infra/${CONTAINER_ID}/pid`: PID of the `sleep infinity` process that corresponds to the allocated netns
diff --git a/contrib/rootless-cni-infra/rootless-cni-infra b/contrib/rootless-cni-infra/rootless-cni-infra
index 5a574d2eb..f6622b23c 100755
--- a/contrib/rootless-cni-infra/rootless-cni-infra
+++ b/contrib/rootless-cni-infra/rootless-cni-infra
@@ -2,7 +2,6 @@
set -eu
ARG0="$0"
-VERSION="0.1.0"
BASE="/run/rootless-cni-infra"
# CLI subcommand: "alloc $CONTAINER_ID $NETWORK_NAME $POD_NAME"
@@ -126,7 +125,7 @@ cmd_entrypoint_help() {
# CLI subcommand: "version"
cmd_entrypoint_version() {
- echo "{\"version\": \"${VERSION}\"}"
+ echo "{\"version\": \"${ROOTLESS_CNI_INFRA_VERSION}\"}"
}
# parse args
diff --git a/libpod/rootless_cni_linux.go b/libpod/rootless_cni_linux.go
index 76dbfdcae..31097dd16 100644
--- a/libpod/rootless_cni_linux.go
+++ b/libpod/rootless_cni_linux.go
@@ -13,6 +13,7 @@ import (
"github.com/containernetworking/plugins/pkg/ns"
"github.com/containers/podman/v2/libpod/define"
"github.com/containers/podman/v2/libpod/image"
+ "github.com/containers/podman/v2/pkg/env"
"github.com/containers/podman/v2/pkg/util"
"github.com/containers/storage/pkg/lockfile"
"github.com/hashicorp/go-multierror"
@@ -22,10 +23,9 @@ import (
"github.com/sirupsen/logrus"
)
+// Built from ../contrib/rootless-cni-infra.
var rootlessCNIInfraImage = map[string]string{
- // Built from ../contrib/rootless-cni-infra
- // TODO: move to Podman's official quay
- "amd64": "ghcr.io/akihirosuda/podman-rootless-cni-infra:gd34868a13-amd64",
+ "amd64": "quay.io/libpod/rootless-cni-infra@sha256:8aa681c4c08dee3ec5d46ff592fddd0259a35626717006d6b77ee786b1d02967", // 1-amd64
}
const (
@@ -258,9 +258,23 @@ func startRootlessCNIInfraContainer(ctx context.Context, r *Runtime) (*Container
Options: []string{"ro"},
}
g.AddMount(etcCNINetD)
- // FIXME: how to propagate ProcessArgs and Envs from Dockerfile?
- g.SetProcessArgs([]string{"sleep", "infinity"})
- g.AddProcessEnv("CNI_PATH", "/opt/cni/bin")
+
+ inspectData, err := newImage.Inspect(ctx)
+ if err != nil {
+ return nil, err
+ }
+ imageEnv, err := env.ParseSlice(inspectData.Config.Env)
+ if err != nil {
+ return nil, err
+ }
+ for k, v := range imageEnv {
+ g.AddProcessEnv(k, v)
+ }
+ if len(inspectData.Config.Cmd) == 0 {
+ return nil, errors.Errorf("rootless CNI infra image %q has no command specified", imageName)
+ }
+ g.SetProcessArgs(inspectData.Config.Cmd)
+
var options []CtrCreateOption
options = append(options, WithRootFSFromImage(newImage.ID(), imageName, imageName))
options = append(options, WithCtrNamespace(rootlessCNIInfraContainerNamespace))