diff options
| -rw-r--r-- | completions/bash/podman | 1 | ||||
| -rw-r--r-- | libpod/define/errors.go | 4 | ||||
| -rw-r--r-- | pkg/api/handlers/utils/pods.go | 2 | ||||
| -rw-r--r-- | pkg/specgen/container_validate.go | 17 | ||||
| -rw-r--r-- | test/apiv2/40-pods.at | 2 | ||||
| -rw-r--r-- | test/e2e/create_test.go | 62 |
6 files changed, 86 insertions, 2 deletions
diff --git a/completions/bash/podman b/completions/bash/podman index 379ba7fc8..8ed1e76e1 100644 --- a/completions/bash/podman +++ b/completions/bash/podman @@ -3671,6 +3671,7 @@ _podman_podman() { start stats stop + system tag top umount diff --git a/libpod/define/errors.go b/libpod/define/errors.go index 6e372eb5e..f80b1d6e3 100644 --- a/libpod/define/errors.go +++ b/libpod/define/errors.go @@ -157,4 +157,8 @@ var ( // ErrImageInUse indicates the requested operation failed because the image was in use ErrImageInUse = errors.New("image is being used") + + // ErrNetworkOnPodContainer indicates the user wishes to alter network attributes on a container + // in a pod. This cannot be done as the infra container has all the network information + ErrNetworkOnPodContainer = errors.New("network cannot be configured when it is shared with a pod") ) diff --git a/pkg/api/handlers/utils/pods.go b/pkg/api/handlers/utils/pods.go index 8276fb55e..54ebe2d29 100644 --- a/pkg/api/handlers/utils/pods.go +++ b/pkg/api/handlers/utils/pods.go @@ -45,7 +45,7 @@ func GetPods(w http.ResponseWriter, r *http.Request) ([]*entities.ListPodsReport } if len(pods) == 0 { - return nil, nil + return []*entities.ListPodsReport{}, nil } lps := make([]*entities.ListPodsReport, 0, len(pods)) diff --git a/pkg/specgen/container_validate.go b/pkg/specgen/container_validate.go index 76961fa80..dc9e6b9d8 100644 --- a/pkg/specgen/container_validate.go +++ b/pkg/specgen/container_validate.go @@ -37,6 +37,23 @@ func (s *SpecGenerator) Validate() error { } } + // Containers being added to a pod cannot have certain network attributes + // associated with them because those should be on the infra container. + if len(s.Pod) > 0 && s.NetNS.NSMode == FromPod { + if s.StaticIP != nil || s.StaticIPv6 != nil { + return errors.Wrap(define.ErrNetworkOnPodContainer, "static ip addresses must be defined when the pod is created") + } + if s.StaticMAC != nil { + return errors.Wrap(define.ErrNetworkOnPodContainer, "MAC addresses must be defined when the pod is created") + } + if len(s.CNINetworks) > 0 { + return errors.Wrap(define.ErrNetworkOnPodContainer, "networks must be defined when the pod is created") + } + if len(s.PortMappings) > 0 || s.PublishExposedPorts { + return errors.Wrap(define.ErrNetworkOnPodContainer, "published or exposed ports must be defined when the pod is created") + } + } + // // ContainerBasicConfig // diff --git a/test/apiv2/40-pods.at b/test/apiv2/40-pods.at index 9b8ff04f0..3df541de5 100644 --- a/test/apiv2/40-pods.at +++ b/test/apiv2/40-pods.at @@ -3,7 +3,7 @@ # test pod-related endpoints # -t GET "libpod/pods/json (clean slate at start)" 200 null +t GET "libpod/pods/json (clean slate at start)" 200 '[]' t POST libpod/pods/create name=foo 201 .Id~[0-9a-f]\\{64\\} pod_id=$(jq -r .Id <<<"$output") diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go index 72a3a7717..9cfed263a 100644 --- a/test/e2e/create_test.go +++ b/test/e2e/create_test.go @@ -542,4 +542,66 @@ var _ = Describe("Podman create", func() { Expect(session.ExitCode()).To(Not(Equal(0))) Expect(session.ErrorToString()).To(ContainSubstring("Invalid umask")) }) + + It("create container in pod with IP should fail", func() { + SkipIfRootless() + name := "createwithstaticip" + pod := podmanTest.RunTopContainerInPod("", "new:"+name) + pod.WaitWithDefaultTimeout() + Expect(pod.ExitCode()).To(BeZero()) + + session := podmanTest.Podman([]string{"create", "--pod", name, "--ip", "192.168.1.2", ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).ToNot(BeZero()) + }) + + It("create container in pod with mac should fail", func() { + SkipIfRootless() + name := "createwithstaticmac" + pod := podmanTest.RunTopContainerInPod("", "new:"+name) + pod.WaitWithDefaultTimeout() + Expect(pod.ExitCode()).To(BeZero()) + + session := podmanTest.Podman([]string{"create", "--pod", name, "--mac-address", "52:54:00:6d:2f:82", ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).ToNot(BeZero()) + }) + + It("create container in pod with network should fail", func() { + SkipIfRootless() + name := "createwithnetwork" + pod := podmanTest.RunTopContainerInPod("", "new:"+name) + pod.WaitWithDefaultTimeout() + Expect(pod.ExitCode()).To(BeZero()) + + session := podmanTest.Podman([]string{"create", "--pod", name, "--network", "foobar", ALPINE, "top"}) + session.WaitWithDefaultTimeout() + //Expect(session.ExitCode()).ToNot(BeZero()) + Expect(session.ExitCode()).To(BeZero()) + }) + + It("create container in pod with ports should fail", func() { + SkipIfRootless() + name := "createwithports" + pod := podmanTest.RunTopContainerInPod("", "new:"+name) + pod.WaitWithDefaultTimeout() + Expect(pod.ExitCode()).To(BeZero()) + + session := podmanTest.Podman([]string{"create", "--pod", name, "-p", "80:80", ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).ToNot(BeZero()) + }) + + It("create container in pod ppublish ports should fail", func() { + SkipIfRootless() + name := "createwithpublishports" + pod := podmanTest.RunTopContainerInPod("", "new:"+name) + pod.WaitWithDefaultTimeout() + Expect(pod.ExitCode()).To(BeZero()) + + session := podmanTest.Podman([]string{"create", "--pod", name, "-P", ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).ToNot(BeZero()) + }) + }) |