summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
Diffstat (limited to 'libpod')
-rw-r--r--libpod/container_internal_linux.go2
-rw-r--r--libpod/network/cni/config.go6
-rw-r--r--libpod/network/cni/config_test.go21
-rw-r--r--libpod/network/cni/run.go3
-rw-r--r--libpod/network/cni/run_test.go41
-rw-r--r--libpod/network/types/network.go4
-rw-r--r--libpod/networking_linux.go55
-rw-r--r--libpod/runtime_ctr.go22
-rw-r--r--libpod/runtime_img.go21
9 files changed, 138 insertions, 37 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index dd6f3878a..867ecc2ad 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -1310,7 +1310,7 @@ func (c *Container) restore(ctx context.Context, options ContainerCheckpointOpti
if err == nil && options.Name == "" && (!options.IgnoreStaticIP || !options.IgnoreStaticMAC) {
// The file with the network.status does exist. Let's restore the
// container with the same networks settings as during checkpointing.
- aliases, err := c.runtime.state.GetAllNetworkAliases(c)
+ aliases, err := c.GetAllNetworkAliases()
if err != nil {
return err
}
diff --git a/libpod/network/cni/config.go b/libpod/network/cni/config.go
index 670ee0c65..3df155637 100644
--- a/libpod/network/cni/config.go
+++ b/libpod/network/cni/config.go
@@ -170,7 +170,11 @@ func (n *cniNetwork) NetworkRemove(nameOrID string) error {
file := network.filename
delete(n.networks, network.libpodNet.Name)
- return os.Remove(file)
+ // make sure to not error for ErrNotExist
+ if err := os.Remove(file); err != nil && !errors.Is(err, os.ErrNotExist) {
+ return err
+ }
+ return nil
}
// NetworkList will return all known Networks. Optionally you can
diff --git a/libpod/network/cni/config_test.go b/libpod/network/cni/config_test.go
index a0a0ea1af..288cf4626 100644
--- a/libpod/network/cni/config_test.go
+++ b/libpod/network/cni/config_test.go
@@ -1021,6 +1021,27 @@ var _ = Describe("Config", func() {
Expect(err.Error()).To(ContainSubstring("subnet 10.10.0.0/24 is already used on the host or by another config"))
})
+ It("remove network should not error when config file does not exists on disk", func() {
+ name := "mynet"
+ network := types.Network{Name: name}
+ _, err := libpodNet.NetworkCreate(network)
+ Expect(err).To(BeNil())
+
+ path := filepath.Join(cniConfDir, name+".conflist")
+ Expect(path).To(BeARegularFile())
+
+ err = os.Remove(path)
+ Expect(err).To(BeNil())
+ Expect(path).ToNot(BeARegularFile())
+
+ err = libpodNet.NetworkRemove(name)
+ Expect(err).To(BeNil())
+
+ nets, err := libpodNet.NetworkList()
+ Expect(err).To(BeNil())
+ Expect(nets).To(HaveLen(1))
+ Expect(nets).ToNot(ContainElement(HaveNetworkName(name)))
+ })
})
Context("network load valid existing ones", func() {
diff --git a/libpod/network/cni/run.go b/libpod/network/cni/run.go
index 0f91a407c..bd873f89b 100644
--- a/libpod/network/cni/run.go
+++ b/libpod/network/cni/run.go
@@ -186,9 +186,6 @@ outer:
}
return errors.Errorf("requested static ip %s not in any subnet on network %s", ip.String(), network.libpodNet.Name)
}
- if len(netOpts.Aliases) > 0 && !network.libpodNet.DNSEnabled {
- return errors.New("cannot set aliases on a network without dns enabled")
- }
return nil
}
diff --git a/libpod/network/cni/run_test.go b/libpod/network/cni/run_test.go
index 0a2c090e1..965203c2a 100644
--- a/libpod/network/cni/run_test.go
+++ b/libpod/network/cni/run_test.go
@@ -966,6 +966,26 @@ var _ = Describe("run CNI", func() {
})
})
+ It("setup with aliases but dns disabled should work", func() {
+ runTest(func() {
+ defNet := types.DefaultNetworkName
+ intName := "eth0"
+ setupOpts := types.SetupOptions{
+ NetworkOptions: types.NetworkOptions{
+ ContainerID: stringid.GenerateNonCryptoID(),
+ Networks: map[string]types.PerNetworkOptions{
+ defNet: {
+ InterfaceName: intName,
+ Aliases: []string{"somealias"},
+ },
+ },
+ },
+ }
+ _, err := libpodNet.Setup(netNSContainer.Path(), setupOpts)
+ Expect(err).ToNot(HaveOccurred())
+ })
+ })
+
})
Context("invalid network setup test", func() {
@@ -1052,27 +1072,6 @@ var _ = Describe("run CNI", func() {
})
})
- It("setup with aliases but dns disabled", func() {
- runTest(func() {
- defNet := types.DefaultNetworkName
- intName := "eth0"
- setupOpts := types.SetupOptions{
- NetworkOptions: types.NetworkOptions{
- ContainerID: stringid.GenerateNonCryptoID(),
- Networks: map[string]types.PerNetworkOptions{
- defNet: {
- InterfaceName: intName,
- Aliases: []string{"somealias"},
- },
- },
- },
- }
- _, err := libpodNet.Setup(netNSContainer.Path(), setupOpts)
- Expect(err).To(HaveOccurred())
- Expect(err.Error()).To(ContainSubstring("cannot set aliases on a network without dns enabled"))
- })
- })
-
It("setup without networks", func() {
runTest(func() {
setupOpts := types.SetupOptions{
diff --git a/libpod/network/types/network.go b/libpod/network/types/network.go
index 68a32d499..2fe4f3da2 100644
--- a/libpod/network/types/network.go
+++ b/libpod/network/types/network.go
@@ -151,7 +151,9 @@ type PerNetworkOptions struct {
// StaticIPv4 for this container. Optional.
StaticIPs []net.IP `json:"static_ips,omitempty"`
// Aliases contains a list of names which the dns server should resolve
- // to this container. Can only be set when DNSEnabled is true on the Network.
+ // to this container. Should only be set when DNSEnabled is true on the Network.
+ // If aliases are set but there is no dns support for this network the
+ // network interface implementation should ignore this and NOT error.
// Optional.
Aliases []string `json:"aliases,omitempty"`
// StaticMac for this container. Optional.
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index ec9d98b56..e792a410c 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -48,6 +48,41 @@ const (
persistentCNIDir = "/var/lib/cni"
)
+// GetAllNetworkAliases returns all configured aliases for this container.
+// It also adds the container short ID as alias to match docker.
+func (c *Container) GetAllNetworkAliases() (map[string][]string, error) {
+ allAliases, err := c.runtime.state.GetAllNetworkAliases(c)
+ if err != nil {
+ return nil, err
+ }
+
+ // get the all attached networks, we cannot use GetAllNetworkAliases()
+ // since it returns nil if there are no aliases
+ nets, _, err := c.networks()
+ if err != nil {
+ return nil, err
+ }
+
+ // add container short ID as alias to match docker
+ for _, net := range nets {
+ allAliases[net] = append(allAliases[net], c.config.ID[:12])
+ }
+ return allAliases, nil
+}
+
+// GetNetworkAliases returns configured aliases for this network.
+// It also adds the container short ID as alias to match docker.
+func (c *Container) GetNetworkAliases(netName string) ([]string, error) {
+ aliases, err := c.runtime.state.GetNetworkAliases(c, netName)
+ if err != nil {
+ return nil, err
+ }
+
+ // add container short ID as alias to match docker
+ aliases = append(aliases, c.config.ID[:12])
+ return aliases, nil
+}
+
func (c *Container) getNetworkOptions() (types.NetworkOptions, error) {
opts := types.NetworkOptions{
ContainerID: c.config.ID,
@@ -61,7 +96,7 @@ func (c *Container) getNetworkOptions() (types.NetworkOptions, error) {
if err != nil {
return opts, err
}
- aliases, err := c.runtime.state.GetAllNetworkAliases(c)
+ aliases, err := c.GetAllNetworkAliases()
if err != nil {
return opts, err
}
@@ -872,7 +907,7 @@ func (r *Runtime) reloadContainerNetwork(ctr *Container) (map[string]types.Statu
}
}
- aliases, err := ctr.runtime.state.GetAllNetworkAliases(ctr)
+ aliases, err := ctr.GetAllNetworkAliases()
if err != nil {
return nil, err
}
@@ -975,6 +1010,11 @@ func (c *Container) getContainerNetworkInfo() (*define.InspectNetworkSettings, e
for _, net := range networks {
cniNet := new(define.InspectAdditionalNetwork)
cniNet.NetworkID = net
+ aliases, err := c.GetNetworkAliases(net)
+ if err != nil {
+ return nil, err
+ }
+ cniNet.Aliases = aliases
settings.Networks[net] = cniNet
}
}
@@ -1009,7 +1049,7 @@ func (c *Container) getContainerNetworkInfo() (*define.InspectNetworkSettings, e
return nil, err
}
- aliases, err := c.runtime.state.GetNetworkAliases(c, name)
+ aliases, err := c.GetNetworkAliases(name)
if err != nil {
return nil, err
}
@@ -1222,6 +1262,14 @@ func (c *Container) NetworkConnect(nameOrID, netName string, aliases []string) e
// get network status before we connect
networkStatus := c.getNetworkStatus()
+ network, err := c.runtime.network.NetworkInspect(netName)
+ if err != nil {
+ return err
+ }
+ if !network.DNSEnabled && len(aliases) > 0 {
+ return errors.Wrapf(define.ErrInvalidArg, "cannot set network aliases for network %q because dns is disabled", netName)
+ }
+
if err := c.runtime.state.NetworkConnect(c, netName, aliases); err != nil {
return err
}
@@ -1253,6 +1301,7 @@ func (c *Container) NetworkConnect(nameOrID, netName string, aliases []string) e
if !exists {
return errors.Errorf("no network interface name for container %s on network %s", c.config.ID, netName)
}
+ aliases = append(aliases, c.config.ID[:12])
opts.Networks = map[string]types.PerNetworkOptions{
netName: {
Aliases: aliases,
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index 9a4dbf626..93bfdd54b 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -234,13 +234,6 @@ func (r *Runtime) newContainer(ctx context.Context, rSpec *spec.Spec, options ..
}
func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Container, retErr error) {
- // Validate the container
- if err := ctr.validate(); err != nil {
- return nil, err
- }
- if ctr.config.IsInfra {
- ctr.config.StopTimeout = 10
- }
// normalize the networks to names
// ocicni only knows about cni names so we have to make
// sure we do not use ids internally
@@ -265,11 +258,26 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai
if err != nil {
return nil, err
}
+ network, err := r.network.NetworkInspect(netName)
+ if err != nil {
+ return nil, err
+ }
+ if !network.DNSEnabled {
+ return nil, errors.Wrapf(define.ErrInvalidArg, "cannot set network aliases for network %q because dns is disabled", netName)
+ }
netAliases[netName] = aliases
}
ctr.config.NetworkAliases = netAliases
}
+ // Validate the container
+ if err := ctr.validate(); err != nil {
+ return nil, err
+ }
+ if ctr.config.IsInfra {
+ ctr.config.StopTimeout = 10
+ }
+
// Inhibit shutdown until creation succeeds
shutdown.Inhibit()
defer shutdown.Uninhibit()
diff --git a/libpod/runtime_img.go b/libpod/runtime_img.go
index 66cf7a4d5..1915a5c4d 100644
--- a/libpod/runtime_img.go
+++ b/libpod/runtime_img.go
@@ -48,6 +48,27 @@ func (r *Runtime) RemoveContainersForImageCallback(ctx context.Context) libimage
}
}
+// IsExternalContainerCallback returns a callback that be used in `libimage` to
+// figure out whether a given container is an external one. A container is
+// considered external if it is not present in libpod's database.
+func (r *Runtime) IsExternalContainerCallback(_ context.Context) libimage.IsExternalContainerFunc {
+ // NOTE: pruning external containers is subject to race conditions
+ // (e.g., when a container gets removed). To address this and similar
+ // races, pruning had to happen inside c/storage. Containers has to be
+ // labelled with "podman/libpod" along with callbacks similar to
+ // libimage.
+ return func(idOrName string) (bool, error) {
+ _, err := r.LookupContainer(idOrName)
+ if err == nil {
+ return false, nil
+ }
+ if errors.Is(err, define.ErrNoSuchCtr) {
+ return true, nil
+ }
+ return false, nil
+ }
+}
+
// newBuildEvent creates a new event based on completion of a built image
func (r *Runtime) newImageBuildCompleteEvent(idOrName string) {
e := events.NewEvent(events.Build)
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-01-29 16:09:28 +0000