6 files changed, 63 insertions, 7 deletions
diff --git a/libpod/boltdb_state_linux.go b/libpod/boltdb_state_linux.go
index fce3a1b1e..d91f311e5 100644
--- a/libpod/boltdb_state_linux.go
+++ b/libpod/boltdb_state_linux.go
@@ -25,7 +25,7 @@ func replaceNetNS(netNSPath string, ctr *Container, newState *containerState) er
 			if err == nil {
 				newState.NetNS = ns
 			} else {
-				logrus.Errorf("error joining network namespace for container %s", ctr.ID())
+				logrus.Errorf("error joining network namespace for container %s: %v", ctr.ID(), err)
 				ctr.valid = false
 			}
 		}
diff --git a/libpod/container.go b/libpod/container.go
index 55a0f3a2c..5997c0b66 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -269,9 +269,13 @@ type ContainerConfig struct {
 	// Network Config
 
 	// CreateNetNS indicates that libpod should create and configure a new
-	// network namespace for the container
-	// This cannot be set if NetNsCtr is also set
+	// network namespace for the container.
+	// This cannot be set if NetNsCtr is also set.
 	CreateNetNS bool `json:"createNetNS"`
+	// StaticIP is a static IP to request for the container.
+	// This cannot be set unless CreateNetNS is set.
+	// If not set, the container will be dynamically assigned an IP by CNI.
+	StaticIP net.IP `json:"staticIP"`
 	// PortMappings are the ports forwarded to the container's network
 	// namespace
 	// These are not used unless CreateNetNS is true
diff --git a/libpod/container_easyjson.go b/libpod/container_easyjson.go
index 916118aec..f78366065 100644
--- a/libpod/container_easyjson.go
+++ b/libpod/container_easyjson.go
@@ -1383,6 +1383,10 @@ func easyjson1dbef17bDecodeGithubComContainersLibpodLibpod2(in *jlexer.Lexer, ou
 			}
 		case "createNetNS":
 			out.CreateNetNS = bool(in.Bool())
+		case "staticIP":
+			if data := in.UnsafeBytes(); in.Ok() {
+				in.AddError((out.StaticIP).UnmarshalText(data))
+			}
 		case "portMappings":
 			if in.IsNull() {
 				in.Skip()
@@ -2005,6 +2009,16 @@ func easyjson1dbef17bEncodeGithubComContainersLibpodLibpod2(out *jwriter.Writer,
 		}
 		out.Bool(bool(in.CreateNetNS))
 	}
+	{
+		const prefix string = ",\"staticIP\":"
+		if first {
+			first = false
+			out.RawString(prefix[1:])
+		} else {
+			out.RawString(prefix)
+		}
+		out.RawText((in.StaticIP).MarshalText())
+	}
 	if len(in.PortMappings) != 0 {
 		const prefix string = ",\"portMappings\":"
 		if first {
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index 17e79aa62..acb4e2a90 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -5,6 +5,7 @@ package libpod
 import (
 	"crypto/rand"
 	"fmt"
+	"net"
 	"os"
 	"os/exec"
 	"path/filepath"
@@ -25,8 +26,8 @@ import (
 )
 
 // Get an OCICNI network config
-func getPodNetwork(id, name, nsPath string, networks []string, ports []ocicni.PortMapping) ocicni.PodNetwork {
-	return ocicni.PodNetwork{
+func (r *Runtime) getPodNetwork(id, name, nsPath string, networks []string, ports []ocicni.PortMapping, staticIP net.IP) ocicni.PodNetwork {
+	network := ocicni.PodNetwork{
 		Name:         name,
 		Namespace:    name, // TODO is there something else we should put here? We don't know about Kube namespaces
 		ID:           id,
@@ -34,11 +35,21 @@ func getPodNetwork(id, name, nsPath string, networks []string, ports []ocicni.Po
 		PortMappings: ports,
 		Networks:     networks,
 	}
+
+	if staticIP != nil {
+		defaultNetwork := r.netPlugin.GetDefaultNetworkName()
+
+		network.Networks = []string{defaultNetwork}
+		network.NetworkConfig = make(map[string]ocicni.NetworkConfig)
+		network.NetworkConfig[defaultNetwork] = ocicni.NetworkConfig{IP: staticIP.String()}
+	}
+
+	return network
 }
 
 // Create and configure a new network namespace for a container
 func (r *Runtime) configureNetNS(ctr *Container, ctrNS ns.NetNS) (err error) {
-	podNetwork := getPodNetwork(ctr.ID(), ctr.Name(), ctrNS.Path(), ctr.config.Networks, ctr.config.PortMappings)
+	podNetwork := r.getPodNetwork(ctr.ID(), ctr.Name(), ctrNS.Path(), ctr.config.Networks, ctr.config.PortMappings, ctr.config.StaticIP)
 
 	results, err := r.netPlugin.SetUpPod(podNetwork)
 	if err != nil {
@@ -216,7 +227,7 @@ func (r *Runtime) teardownNetNS(ctr *Container) error {
 
 	logrus.Debugf("Tearing down network namespace at %s for container %s", ctr.state.NetNS.Path(), ctr.ID())
 
-	podNetwork := getPodNetwork(ctr.ID(), ctr.Name(), ctr.state.NetNS.Path(), ctr.config.Networks, ctr.config.PortMappings)
+	podNetwork := r.getPodNetwork(ctr.ID(), ctr.Name(), ctr.state.NetNS.Path(), ctr.config.Networks, ctr.config.PortMappings, ctr.config.StaticIP)
 
 	// The network may have already been torn down, so don't fail here, just log
 	if err := r.netPlugin.TearDownPod(podNetwork); err != nil {
diff --git a/libpod/options.go b/libpod/options.go
index 977f3f4c2..9f966cead 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -828,6 +828,31 @@ func WithNetNS(portMappings []ocicni.PortMapping, postConfigureNetNS bool, netwo
 	}
 }
 
+// WithStaticIP indicates that the container should request a static IP from
+// the CNI plugins.
+// It cannot be set unless WithNetNS has already been passed.
+// Further, it cannot be set if additional CNI networks to join have been
+// specified.
+func WithStaticIP(ip net.IP) CtrCreateOption {
+	return func(ctr *Container) error {
+		if ctr.valid {
+			return ErrCtrFinalized
+		}
+
+		if !ctr.config.CreateNetNS {
+			return errors.Wrapf(ErrInvalidArg, "cannot set a static IP if the container is not creating a network namespace")
+		}
+
+		if len(ctr.config.Networks) != 0 {
+			return errors.Wrapf(ErrInvalidArg, "cannot set a static IP if joining additional CNI networks")
+		}
+
+		ctr.config.StaticIP = ip
+
+		return nil
+	}
+}
+
 // WithLogPath sets the path to the log file.
 func WithLogPath(path string) CtrCreateOption {
 	return func(ctr *Container) error {
diff --git a/libpod/pod_easyjson.go b/libpod/pod_easyjson.go
index 2891e51f2..6c1c939f3 100644
--- a/libpod/pod_easyjson.go
+++ b/libpod/pod_easyjson.go
@@ -1,3 +1,5 @@
+// +build  seccomp   ostree selinux  varlink exclude_graphdriver_devicemapper
+
 // Code generated by easyjson for marshaling/unmarshaling. DO NOT EDIT.
 
 package libpod