diff options
Diffstat (limited to 'libpod')
-rw-r--r-- | libpod/define/pod_inspect.go | 2 | ||||
-rw-r--r-- | libpod/image/utils.go | 2 | ||||
-rw-r--r-- | libpod/options.go | 20 | ||||
-rw-r--r-- | libpod/pod.go | 2 | ||||
-rw-r--r-- | libpod/pod_api.go | 2 | ||||
-rw-r--r-- | libpod/runtime_pod_infra_linux.go | 5 |
6 files changed, 30 insertions, 3 deletions
diff --git a/libpod/define/pod_inspect.go b/libpod/define/pod_inspect.go index 60e19fe05..a4115eb92 100644 --- a/libpod/define/pod_inspect.go +++ b/libpod/define/pod_inspect.go @@ -89,6 +89,8 @@ type InspectPodInfraConfig struct { HostAdd []string // Networks is a list of CNI networks the pod will join. Networks []string + // NetworkOptions are additional options for each network + NetworkOptions map[string][]string } // InspectPodContainerInfo contains information on a container in a pod. diff --git a/libpod/image/utils.go b/libpod/image/utils.go index 918314476..2538f429b 100644 --- a/libpod/image/utils.go +++ b/libpod/image/utils.go @@ -33,7 +33,7 @@ func findImageInRepotags(search imageParts, images []*Image) (*storage.Image, er continue } // account for registry:/somedir/image - if strings.HasSuffix(dName, searchName) && dSuspiciousTagValueForSearch == searchSuspiciousTagValueForSearch { + if strings.HasSuffix(dName, "/"+searchName) && dSuspiciousTagValueForSearch == searchSuspiciousTagValueForSearch { results = append(results, image.image) continue } diff --git a/libpod/options.go b/libpod/options.go index f7b3419e5..f7190d0e3 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -2203,3 +2203,23 @@ func WithPodInfraExitCommand(exitCmd []string) PodCreateOption { return nil } } + +// WithPodSlirp4netns tells the pod to use slirp4netns. +func WithPodSlirp4netns(networkOptions map[string][]string) PodCreateOption { + return func(pod *Pod) error { + if pod.valid { + return define.ErrPodFinalized + } + + if !pod.config.InfraContainer.HasInfraContainer { + return errors.Wrapf(define.ErrInvalidArg, "cannot configure pod networking as no infra container is being created") + } + if pod.config.InfraContainer.HostNetwork { + return errors.Wrapf(define.ErrInvalidArg, "cannot set both HostNetwork and Slirp4netns") + } + pod.config.InfraContainer.Slirp4netns = true + pod.config.InfraContainer.NetworkOptions = networkOptions + + return nil + } +} diff --git a/libpod/pod.go b/libpod/pod.go index 709184008..a5a0532be 100644 --- a/libpod/pod.go +++ b/libpod/pod.go @@ -107,6 +107,8 @@ type InfraContainerConfig struct { ExitCommand []string `json:"exitCommand,omitempty"` InfraImage string `json:"infraImage,omitempty"` InfraCommand []string `json:"infraCommand,omitempty"` + Slirp4netns bool `json:"slirp4netns,omitempty"` + NetworkOptions map[string][]string `json:"network_options,omitempty"` } // ID retrieves the pod's ID diff --git a/libpod/pod_api.go b/libpod/pod_api.go index ec4cc08f7..0ae180356 100644 --- a/libpod/pod_api.go +++ b/libpod/pod_api.go @@ -584,7 +584,7 @@ func (p *Pod) Inspect() (*define.InspectPodData, error) { infraConfig.Networks = make([]string, 0, len(p.config.InfraContainer.Networks)) infraConfig.Networks = append(infraConfig.Networks, p.config.InfraContainer.Networks...) } - + infraConfig.NetworkOptions = p.config.InfraContainer.NetworkOptions infraConfig.PortBindings = makeInspectPortBindings(p.config.InfraContainer.PortBindings) } diff --git a/libpod/runtime_pod_infra_linux.go b/libpod/runtime_pod_infra_linux.go index 570cdd38f..7f58e86d8 100644 --- a/libpod/runtime_pod_infra_linux.go +++ b/libpod/runtime_pod_infra_linux.go @@ -81,8 +81,11 @@ func (r *Runtime) makeInfraContainer(ctx context.Context, p *Pod, imgName, rawIm // Since user namespace sharing is not implemented, we only need to check if it's rootless if !p.config.InfraContainer.HostNetwork { netmode := "bridge" - if isRootless { + if isRootless || p.config.InfraContainer.Slirp4netns { netmode = "slirp4netns" + if len(p.config.InfraContainer.NetworkOptions) != 0 { + options = append(options, WithNetworkOptions(p.config.InfraContainer.NetworkOptions)) + } } // PostConfigureNetNS should not be set since user namespace sharing is not implemented // and rootless networking no longer supports post configuration setup |