From 05614ee139b9d5ce6d2daed50d9f0b3ed6d4e9a1 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Mon, 27 Sep 2021 09:50:07 +0200 Subject: always add short container id as net alias This matches what docker does. Also make sure the net aliases are also shown when the container is stopped. docker-compose uses this special alias entry to check if it is already correctly connected to the network. [1] Because we do not support static ips on network connect at the moment calling disconnect && connect will loose the static ip. Fixes #11748 [1] https://github.com/docker/compose/blob/0bea52b18dda3de8c28fcfb0c80cc08b8950645e/compose/service.py#L663-L667 Signed-off-by: Paul Holzinger --- libpod/container_internal_linux.go | 2 +- libpod/network/types/network.go | 4 ++- libpod/networking_linux.go | 47 +++++++++++++++++++++++++++-- test/compose/test-compose | 1 + test/e2e/network_connect_disconnect_test.go | 18 ++++++++--- test/system/500-networking.bats | 8 +++++ 6 files changed, 71 insertions(+), 9 deletions(-) diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index dd6f3878a..867ecc2ad 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -1310,7 +1310,7 @@ func (c *Container) restore(ctx context.Context, options ContainerCheckpointOpti if err == nil && options.Name == "" && (!options.IgnoreStaticIP || !options.IgnoreStaticMAC) { // The file with the network.status does exist. Let's restore the // container with the same networks settings as during checkpointing. - aliases, err := c.runtime.state.GetAllNetworkAliases(c) + aliases, err := c.GetAllNetworkAliases() if err != nil { return err } diff --git a/libpod/network/types/network.go b/libpod/network/types/network.go index 68a32d499..2fe4f3da2 100644 --- a/libpod/network/types/network.go +++ b/libpod/network/types/network.go @@ -151,7 +151,9 @@ type PerNetworkOptions struct { // StaticIPv4 for this container. Optional. StaticIPs []net.IP `json:"static_ips,omitempty"` // Aliases contains a list of names which the dns server should resolve - // to this container. Can only be set when DNSEnabled is true on the Network. + // to this container. Should only be set when DNSEnabled is true on the Network. + // If aliases are set but there is no dns support for this network the + // network interface implementation should ignore this and NOT error. // Optional. Aliases []string `json:"aliases,omitempty"` // StaticMac for this container. Optional. diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index ec9d98b56..e4fcfc271 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -48,6 +48,41 @@ const ( persistentCNIDir = "/var/lib/cni" ) +// GetAllNetworkAliases returns all configured aliases for this container. +// It also adds the container short ID as alias to match docker. +func (c *Container) GetAllNetworkAliases() (map[string][]string, error) { + allAliases, err := c.runtime.state.GetAllNetworkAliases(c) + if err != nil { + return nil, err + } + + // get the all attached networks, we cannot use GetAllNetworkAliases() + // since it returns nil if there are no aliases + nets, _, err := c.networks() + if err != nil { + return nil, err + } + + // add container short ID as alias to match docker + for _, net := range nets { + allAliases[net] = append(allAliases[net], c.config.ID[:12]) + } + return allAliases, nil +} + +// GetNetworkAliases returns configured aliases for this network. +// It also adds the container short ID as alias to match docker. +func (c *Container) GetNetworkAliases(netName string) ([]string, error) { + aliases, err := c.runtime.state.GetNetworkAliases(c, netName) + if err != nil { + return nil, err + } + + // add container short ID as alias to match docker + aliases = append(aliases, c.config.ID[:12]) + return aliases, nil +} + func (c *Container) getNetworkOptions() (types.NetworkOptions, error) { opts := types.NetworkOptions{ ContainerID: c.config.ID, @@ -61,7 +96,7 @@ func (c *Container) getNetworkOptions() (types.NetworkOptions, error) { if err != nil { return opts, err } - aliases, err := c.runtime.state.GetAllNetworkAliases(c) + aliases, err := c.GetAllNetworkAliases() if err != nil { return opts, err } @@ -872,7 +907,7 @@ func (r *Runtime) reloadContainerNetwork(ctr *Container) (map[string]types.Statu } } - aliases, err := ctr.runtime.state.GetAllNetworkAliases(ctr) + aliases, err := ctr.GetAllNetworkAliases() if err != nil { return nil, err } @@ -975,6 +1010,11 @@ func (c *Container) getContainerNetworkInfo() (*define.InspectNetworkSettings, e for _, net := range networks { cniNet := new(define.InspectAdditionalNetwork) cniNet.NetworkID = net + aliases, err := c.GetNetworkAliases(net) + if err != nil { + return nil, err + } + cniNet.Aliases = aliases settings.Networks[net] = cniNet } } @@ -1009,7 +1049,7 @@ func (c *Container) getContainerNetworkInfo() (*define.InspectNetworkSettings, e return nil, err } - aliases, err := c.runtime.state.GetNetworkAliases(c, name) + aliases, err := c.GetNetworkAliases(name) if err != nil { return nil, err } @@ -1253,6 +1293,7 @@ func (c *Container) NetworkConnect(nameOrID, netName string, aliases []string) e if !exists { return errors.Errorf("no network interface name for container %s on network %s", c.config.ID, netName) } + aliases = append(aliases, c.config.ID[:12]) opts.Networks = map[string]types.PerNetworkOptions{ netName: { Aliases: aliases, diff --git a/test/compose/test-compose b/test/compose/test-compose index 70db6dd55..beaf276fd 100755 --- a/test/compose/test-compose +++ b/test/compose/test-compose @@ -247,6 +247,7 @@ function podman() { --storage-driver=vfs \ --root $WORKDIR/root \ --runroot $WORKDIR/runroot \ + --cni-config-dir $WORKDIR/cni \ "$@") echo -n "$output" >>$WORKDIR/output.log } diff --git a/test/e2e/network_connect_disconnect_test.go b/test/e2e/network_connect_disconnect_test.go index 217efdeec..5f7c55d3f 100644 --- a/test/e2e/network_connect_disconnect_test.go +++ b/test/e2e/network_connect_disconnect_test.go @@ -52,7 +52,6 @@ var _ = Describe("Podman network connect and disconnect", func() { }) It("network disconnect with net mode slirp4netns should result in error", func() { - SkipIfRootless("network connect and disconnect are only rootful") netName := "slirp" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() @@ -118,7 +117,6 @@ var _ = Describe("Podman network connect and disconnect", func() { }) It("network connect with net mode slirp4netns should result in error", func() { - SkipIfRootless("network connect and disconnect are only rootful") netName := "slirp" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() @@ -146,6 +144,13 @@ var _ = Describe("Podman network connect and disconnect", func() { ctr := podmanTest.Podman([]string{"create", "--name", "test", "--network", netName, ALPINE, "top"}) ctr.WaitWithDefaultTimeout() Expect(ctr).Should(Exit(0)) + cid := ctr.OutputToString() + + // network alias container short id is always added and shown in inspect + inspect := podmanTest.Podman([]string{"container", "inspect", "test", "--format", "{{(index .NetworkSettings.Networks \"" + netName + "\").Aliases}}"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(Equal("[" + cid[0:12] + "]")) con := podmanTest.Podman([]string{"network", "connect", netName, "test"}) con.WaitWithDefaultTimeout() @@ -153,7 +158,6 @@ var _ = Describe("Podman network connect and disconnect", func() { }) It("podman network connect", func() { - SkipIfRemote("This requires a pending PR to be merged before it will work") netName := "aliasTest" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() @@ -163,6 +167,7 @@ var _ = Describe("Podman network connect and disconnect", func() { ctr := podmanTest.Podman([]string{"run", "-dt", "--name", "test", "--network", netName, ALPINE, "top"}) ctr.WaitWithDefaultTimeout() Expect(ctr).Should(Exit(0)) + cid := ctr.OutputToString() exec := podmanTest.Podman([]string{"exec", "-it", "test", "ip", "addr", "show", "eth0"}) exec.WaitWithDefaultTimeout() @@ -184,6 +189,12 @@ var _ = Describe("Podman network connect and disconnect", func() { Expect(inspect).Should(Exit(0)) Expect(inspect.OutputToString()).To(Equal("2")) + // network alias container short id is always added and shown in inspect + inspect = podmanTest.Podman([]string{"container", "inspect", "test", "--format", "{{(index .NetworkSettings.Networks \"" + newNetName + "\").Aliases}}"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(Equal("[" + cid[0:12] + "]")) + exec = podmanTest.Podman([]string{"exec", "-it", "test", "ip", "addr", "show", "eth1"}) exec.WaitWithDefaultTimeout() Expect(exec).Should(Exit(0)) @@ -193,7 +204,6 @@ var _ = Describe("Podman network connect and disconnect", func() { rm.WaitWithDefaultTimeout() Expect(rm).Should(Exit(0)) Expect(rm.ErrorToString()).To(Equal("")) - }) It("podman network connect when not running", func() { diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats index ef00d0366..548f2d764 100644 --- a/test/system/500-networking.bats +++ b/test/system/500-networking.bats @@ -415,6 +415,10 @@ load helpers run_podman inspect $cid --format "{{(index .NetworkSettings.Networks \"$netname\").MacAddress}}" mac="$output" + # check network alias for container short id + run_podman inspect $cid --format "{{(index .NetworkSettings.Networks \"$netname\").Aliases}}" + is "$output" "\[${cid:0:12}\]" "short container id in network aliases" + run_podman network disconnect $netname $cid # check that we cannot curl (timeout after 3 sec) @@ -443,6 +447,10 @@ load helpers # connect a second network run_podman network connect $netname2 $cid + # check network2 alias for container short id + run_podman inspect $cid --format "{{(index .NetworkSettings.Networks \"$netname2\").Aliases}}" + is "$output" "\[${cid:0:12}\]" "short container id in network aliases" + # curl should work run curl --max-time 3 -s $SERVER/index.txt is "$output" "$random_1" "curl 127.0.0.1:/index.txt should work" -- cgit v1.2.3-54-g00ecf