From 72f03f0c2587be4ff3ff9c83d28964cc7c1a135c Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Fri, 22 Mar 2019 14:39:09 -0400 Subject: Add support to disable creation of network config files Specifically, we want to be able to specify whether resolv.conf and /etc/hosts will be create and bind-mounted into the container. Signed-off-by: Matthew Heon --- libpod/container.go | 8 ++++ libpod/container_internal_linux.go | 85 ++++++++++++++++++++++---------------- libpod/options.go | 52 +++++++++++++++++++++++ 3 files changed, 109 insertions(+), 36 deletions(-) diff --git a/libpod/container.go b/libpod/container.go index ec4e31026..866cf5c58 100644 --- a/libpod/container.go +++ b/libpod/container.go @@ -293,6 +293,10 @@ type ContainerConfig struct { // namespace // These are not used unless CreateNetNS is true PortMappings []ocicni.PortMapping `json:"portMappings,omitempty"` + // NoCreateResolvConf indicates that resolv.conf should not be + // bind-mounted inside the container. + // Conflicts with DNSServer, DNSSearch, DNSOption. + NoCreateResolvConf bool // DNS servers to use in container resolv.conf // Will override servers in host resolv if set DNSServer []net.IP `json:"dnsServer,omitempty"` @@ -302,6 +306,10 @@ type ContainerConfig struct { // DNS options to be set in container resolv.conf // With override options in host resolv if set DNSOption []string `json:"dnsOption,omitempty"` + // NoCreateHosts indicates that /etc/hosts should not be + // bind-mounted inside the container. + // Conflicts with HostAdd. + NoCreateHosts bool // Hosts to add in container // Will be appended to host's host file HostAdd []string `json:"hostsAdd,omitempty"` diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index c6c9ceb0c..3bb8b23ec 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -703,10 +703,11 @@ func (c *Container) makeBindMounts() error { } } - if c.config.NetNsCtr != "" { - // We share a net namespace + if c.config.NetNsCtr != "" && (!c.config.NoCreateHosts || !c.config.NoCreateResolvConf) { + // We share a net namespace. // We want /etc/resolv.conf and /etc/hosts from the - // other container + // other container. Unless we're not creating both of + // them. depCtr, err := c.runtime.state.Container(c.config.NetNsCtr) if err != nil { return errors.Wrapf(err, "error fetching dependency %s of container %s", c.config.NetNsCtr, c.ID()) @@ -718,53 +719,65 @@ func (c *Container) makeBindMounts() error { return errors.Wrapf(err, "error fetching bind mounts from dependency %s of container %s", depCtr.ID(), c.ID()) } - // The other container may not have a resolv.conf or /etc/hosts - // If it doesn't, don't copy them - resolvPath, exists := bindMounts["/etc/resolv.conf"] - if exists { - c.state.BindMounts["/etc/resolv.conf"] = resolvPath + if !c.config.NoCreateResolvConf { + // The other container may not have a resolv.conf or /etc/hosts + // If it doesn't, don't copy them + resolvPath, exists := bindMounts["/etc/resolv.conf"] + if exists { + c.state.BindMounts["/etc/resolv.conf"] = resolvPath + } } - // check if dependency container has an /etc/hosts file - hostsPath, exists := bindMounts["/etc/hosts"] - if !exists { - return errors.Errorf("error finding hosts file of dependency container %s for container %s", depCtr.ID(), c.ID()) - } + if !c.config.NoCreateHosts { + // check if dependency container has an /etc/hosts file + hostsPath, exists := bindMounts["/etc/hosts"] + if !exists { + return errors.Errorf("error finding hosts file of dependency container %s for container %s", depCtr.ID(), c.ID()) + } - depCtr.lock.Lock() - // generate a hosts file for the dependency container, - // based on either its old hosts file, or the default, - // and add the relevant information from the new container (hosts and IP) - hostsPath, err = depCtr.appendHosts(hostsPath, c) + depCtr.lock.Lock() + // generate a hosts file for the dependency container, + // based on either its old hosts file, or the default, + // and add the relevant information from the new container (hosts and IP) + hostsPath, err = depCtr.appendHosts(hostsPath, c) - if err != nil { + if err != nil { + depCtr.lock.Unlock() + return errors.Wrapf(err, "error creating hosts file for container %s which depends on container %s", c.ID(), depCtr.ID()) + } depCtr.lock.Unlock() - return errors.Wrapf(err, "error creating hosts file for container %s which depends on container %s", c.ID(), depCtr.ID()) - } - depCtr.lock.Unlock() - // finally, save it in the new container - c.state.BindMounts["/etc/hosts"] = hostsPath + // finally, save it in the new container + c.state.BindMounts["/etc/hosts"] = hostsPath + } } else { - newResolv, err := c.generateResolvConf() - if err != nil { - return errors.Wrapf(err, "error creating resolv.conf for container %s", c.ID()) + if !c.config.NoCreateResolvConf { + newResolv, err := c.generateResolvConf() + if err != nil { + return errors.Wrapf(err, "error creating resolv.conf for container %s", c.ID()) + } + c.state.BindMounts["/etc/resolv.conf"] = newResolv } - c.state.BindMounts["/etc/resolv.conf"] = newResolv - newHosts, err := c.generateHosts("/etc/hosts") - if err != nil { - return errors.Wrapf(err, "error creating hosts file for container %s", c.ID()) + if !c.config.NoCreateHosts { + newHosts, err := c.generateHosts("/etc/hosts") + if err != nil { + return errors.Wrapf(err, "error creating hosts file for container %s", c.ID()) + } + c.state.BindMounts["/etc/hosts"] = newHosts } - c.state.BindMounts["/etc/hosts"] = newHosts } - if err := label.Relabel(c.state.BindMounts["/etc/hosts"], c.config.MountLabel, true); err != nil { - return err + if c.state.BindMounts["/etc/hosts"] != "" { + if err := label.Relabel(c.state.BindMounts["/etc/hosts"], c.config.MountLabel, true); err != nil { + return err + } } - if err := label.Relabel(c.state.BindMounts["/etc/resolv.conf"], c.config.MountLabel, true); err != nil { - return err + if c.state.BindMounts["/etc/resolv.conf"] != "" { + if err := label.Relabel(c.state.BindMounts["/etc/resolv.conf"], c.config.MountLabel, true); err != nil { + return err + } } } diff --git a/libpod/options.go b/libpod/options.go index 1bf3ff9e6..a36309ed7 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -997,6 +997,9 @@ func WithDNSSearch(searchDomains []string) CtrCreateOption { if ctr.valid { return ErrCtrFinalized } + if ctr.config.NoCreateResolvConf { + return errors.Wrapf(ErrInvalidArg, "cannot add DNS search domains if container will not create /etc/resolv.conf") + } ctr.config.DNSSearch = searchDomains return nil } @@ -1008,6 +1011,9 @@ func WithDNS(dnsServers []string) CtrCreateOption { if ctr.valid { return ErrCtrFinalized } + if ctr.config.NoCreateResolvConf { + return errors.Wrapf(ErrInvalidArg, "cannot add DNS servers if container will not create /etc/resolv.conf") + } var dns []net.IP for _, i := range dnsServers { result := net.ParseIP(i) @@ -1027,6 +1033,9 @@ func WithDNSOption(dnsOptions []string) CtrCreateOption { if ctr.valid { return ErrCtrFinalized } + if ctr.config.NoCreateResolvConf { + return errors.Wrapf(ErrInvalidArg, "cannot add DNS options if container will not create /etc/resolv.conf") + } ctr.config.DNSOption = dnsOptions return nil } @@ -1038,6 +1047,11 @@ func WithHosts(hosts []string) CtrCreateOption { if ctr.valid { return ErrCtrFinalized } + + if ctr.config.NoCreateHosts { + return errors.Wrapf(ErrInvalidArg, "cannot add hosts if container will not create /etc/hosts") + } + ctr.config.HostAdd = hosts return nil } @@ -1184,6 +1198,44 @@ func WithCtrNamespace(ns string) CtrCreateOption { } } +// WithNoCreateResolvConf tells the container not to bind-mount resolv.conf in. +// This conflicts with other DNS-related options. +func WithNoCreateResolvConf() CtrCreateOption { + return func(ctr *Container) error { + if ctr.valid { + return ErrCtrFinalized + } + + if len(ctr.config.DNSServer) != 0 || + len(ctr.config.DNSSearch) != 0 || + len(ctr.config.DNSOption) != 0 { + return errors.Wrapf(ErrInvalidArg, "not creating resolv.conf conflicts with DNS options") + } + + ctr.config.NoCreateResolvConf = true + + return nil + } +} + +// WithNoCreateHosts tells the container not to bind-mount /etc/hosts in. +// This conflicts with WithHosts(). +func WithNoCreateHosts() CtrCreateOption { + return func(ctr *Container) error { + if ctr.valid { + return ErrCtrFinalized + } + + if len(ctr.config.HostAdd) != 0 { + return errors.Wrapf(ErrInvalidArg, "not creating /etc/hosts conflicts with adding to the hosts file") + } + + ctr.config.NoCreateHosts = true + + return nil + } +} + // withIsInfra sets the container to be an infra container. This means the container will be sometimes hidden // and expected to be the first container in the pod. func withIsInfra() CtrCreateOption { -- cgit v1.2.3-54-g00ecf From 16a7c7ff82e53bb29d03d816ffa53ae4ae29e86f Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Fri, 22 Mar 2019 14:52:56 -0400 Subject: Add for --dns=none to disable creation of resolv.conf Support in libpod was added in the previous commit. Wire it into the frontend here. Signed-off-by: Matthew Heon --- pkg/spec/createconfig.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pkg/spec/createconfig.go b/pkg/spec/createconfig.go index 118fbad72..fba69d1ba 100644 --- a/pkg/spec/createconfig.go +++ b/pkg/spec/createconfig.go @@ -505,7 +505,11 @@ func (c *CreateConfig) GetContainerCreateOptions(runtime *libpod.Runtime, pod *l options = append(options, libpod.WithDNSSearch(c.DNSSearch)) } if len(c.DNSServers) > 0 { - options = append(options, libpod.WithDNS(c.DNSServers)) + if len(c.DNSServers) == 1 && c.DNSServers[0] == "none" { + options = append(options, libpod.WithNoCreateResolvConf()) + } else { + options = append(options, libpod.WithDNS(c.DNSServers)) + } } if len(c.DNSOpt) > 0 { options = append(options, libpod.WithDNSOption(c.DNSOpt)) -- cgit v1.2.3-54-g00ecf From 236300d02832b1c131e5d70f3510e5169857b69b Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Mon, 25 Mar 2019 12:12:18 -0400 Subject: Add --no-hosts flag to disable management of /etc/hosts Signed-off-by: Matthew Heon --- cmd/podman/common.go | 4 ++++ cmd/podman/shared/create.go | 7 +++++++ pkg/spec/createconfig.go | 6 +++++- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/cmd/podman/common.go b/cmd/podman/common.go index 771738302..167b3e845 100644 --- a/cmd/podman/common.go +++ b/cmd/podman/common.go @@ -388,6 +388,10 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { "network", getDefaultNetwork(), "Connect a container to a network", ) + createFlags.Bool( + "no-hosts", false, + "Do not create /etc/hosts within the container, instead use the version from the image", + ) createFlags.Bool( "oom-kill-disable", false, "Disable OOM Killer", diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go index 5ce0b8865..fc55e6f17 100644 --- a/cmd/podman/shared/create.go +++ b/cmd/podman/shared/create.go @@ -357,6 +357,12 @@ func ParseCreateOpts(ctx context.Context, c *cliconfig.PodmanCommand, runtime *l return nil, errors.Errorf("--cpu-quota and --cpus cannot be set together") } + if c.Flag("no-hosts").Changed && c.Flag("add-host").Changed { + if c.Bool("no-hosts") { + return nil, errors.Errorf("--no-hosts and --add-host cannot be set together") + } + } + // EXPOSED PORTS var portBindings map[nat.Port][]nat.PortBinding if data != nil { @@ -646,6 +652,7 @@ func ParseCreateOpts(ctx context.Context, c *cliconfig.PodmanCommand, runtime *l GroupAdd: c.StringSlice("group-add"), Hostname: c.String("hostname"), HostAdd: c.StringSlice("add-host"), + NoHosts: c.Bool("no-hosts"), IDMappings: idmappings, Image: imageName, ImageID: imageID, diff --git a/pkg/spec/createconfig.go b/pkg/spec/createconfig.go index fba69d1ba..15719beab 100644 --- a/pkg/spec/createconfig.go +++ b/pkg/spec/createconfig.go @@ -88,6 +88,7 @@ type CreateConfig struct { ExposedPorts map[nat.Port]struct{} GroupAdd []string // group-add HealthCheck *manifest.Schema2HealthConfig + NoHosts bool HostAdd []string //add-host Hostname string //hostname Image string @@ -514,7 +515,10 @@ func (c *CreateConfig) GetContainerCreateOptions(runtime *libpod.Runtime, pod *l if len(c.DNSOpt) > 0 { options = append(options, libpod.WithDNSOption(c.DNSOpt)) } - if len(c.HostAdd) > 0 { + if c.NoHosts { + options = append(options, libpod.WithNoCreateHosts()) + } + if len(c.HostAdd) > 0 && !c.NoHosts { options = append(options, libpod.WithHosts(c.HostAdd)) } logPath := getLoggingPath(c.LogDriverOpt) -- cgit v1.2.3-54-g00ecf From 323dc526ce8d8f236eca06b518dcf35f260d6379 Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Mon, 25 Mar 2019 12:24:46 -0400 Subject: Add manpages and completions for dns=none and no-hosts Signed-off-by: Matthew Heon --- completions/bash/podman | 1 + docs/podman-create.1.md | 10 ++++++++++ docs/podman-run.1.md | 10 ++++++++++ 3 files changed, 21 insertions(+) diff --git a/completions/bash/podman b/completions/bash/podman index dfa673481..798d49ceb 100644 --- a/completions/bash/podman +++ b/completions/bash/podman @@ -1727,6 +1727,7 @@ _podman_container_run() { --memory-reservation --name --network + --no-hosts --oom-score-adj --pid --pids-limit diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md index 2e176db76..289bb71a3 100644 --- a/docs/podman-create.1.md +++ b/docs/podman-create.1.md @@ -204,6 +204,9 @@ configuration passed to the container. Typically this is necessary when the host DNS configuration is invalid for the container (e.g., 127.0.0.1). When this is the case the **--dns** flags is necessary for every run. +The special sigil **none** can be specified to disable creation of **/etc/resolv.conf** in the container by Podman. +The **/etc/resolv.conf** file in the image will be used without changes. + **--dns-option**=[] Set custom DNS options @@ -457,6 +460,13 @@ Set the Network mode for the container Not implemented +**--no-hosts**=*true*|*false* + +Do not create /etc/hosts for the container. +By default, Podman will manage /etc/hosts, adding the container's own IP address and any hosts from **--add-host**. +**--no-hosts** disables this, and the image's **/etc/host** will be preserved unmodified. +This conflicts with **--add-host**. + **--oom-kill-disable**=*true*|*false* Whether to disable OOM Killer for the container or not. diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md index b8b3d51f0..e045d033c 100644 --- a/docs/podman-run.1.md +++ b/docs/podman-run.1.md @@ -210,6 +210,9 @@ configuration passed to the container. Typically this is necessary when the host DNS configuration is invalid for the container (e.g., 127.0.0.1). When this is the case the **--dns** flags is necessary for every run. +The special sigil **none** can be specified to disable creation of **/etc/resolv.conf** in the container by Podman. +The **/etc/resolv.conf** file in the image will be used without changes. + **--dns-option**=[] Set custom DNS options @@ -441,6 +444,13 @@ Set the Network mode for the container: Not implemented +**--no-hosts**=*true*|*false* + +Do not create /etc/hosts for the container. +By default, Podman will manage /etc/hosts, adding the container's own IP address and any hosts from **--add-host**. +**--no-hosts** disables this, and the image's **/etc/host** will be preserved unmodified. +This conflicts with **--add-host**. + **--oom-kill-disable**=*true*|*false* Whether to disable OOM Killer for the container or not. -- cgit v1.2.3-54-g00ecf From 86f03e0e526bbf39ea8a6cb18e3067a7e37bfd89 Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Mon, 25 Mar 2019 12:32:10 -0400 Subject: Add a test that --add-host conflicts with --no-hosts Signed-off-by: Matthew Heon --- test/e2e/run_test.go | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index b0dc66707..2daf2fe5b 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -749,13 +749,19 @@ USER mail` It("podman run with bad healthcheck timeout", func() { session := podmanTest.Podman([]string{"run", "-dt", "--healthcheck-cmd", "foo", "--healthcheck-timeout", "0s", ALPINE, "top"}) - session.Wait() + session.WaitWithDefaultTimeout() Expect(session.ExitCode()).ToNot(Equal(0)) }) It("podman run with bad healthcheck start-period", func() { session := podmanTest.Podman([]string{"run", "-dt", "--healthcheck-cmd", "foo", "--healthcheck-start-period", "-1s", ALPINE, "top"}) - session.Wait() + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).ToNot(Equal(0)) + }) + + It("podman run with --add-host and --no-hosts fails", func() { + session := podmanTest.Podman([]string{"run", "-dt", "--add-host", "test1:127.0.0.1", "--no-hosts", ALPINE, "top"}) + session.WaitWithDefaultTimeout() Expect(session.ExitCode()).ToNot(Equal(0)) }) }) -- cgit v1.2.3-54-g00ecf From 0cd92eae65b31cdbaa19e3cccb0e3234196a6d17 Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Tue, 26 Mar 2019 13:55:19 -0400 Subject: Resolve review comments Signed-off-by: Matthew Heon --- cmd/podman/shared/create.go | 6 ++---- docs/podman-create.1.md | 4 ++-- docs/podman-run.1.md | 4 ++-- libpod/container.go | 8 ++++---- libpod/container_internal_linux.go | 10 +++++----- libpod/options.go | 20 ++++++++++---------- pkg/spec/createconfig.go | 6 +++--- 7 files changed, 28 insertions(+), 30 deletions(-) diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go index fc55e6f17..5f7263cb6 100644 --- a/cmd/podman/shared/create.go +++ b/cmd/podman/shared/create.go @@ -357,10 +357,8 @@ func ParseCreateOpts(ctx context.Context, c *cliconfig.PodmanCommand, runtime *l return nil, errors.Errorf("--cpu-quota and --cpus cannot be set together") } - if c.Flag("no-hosts").Changed && c.Flag("add-host").Changed { - if c.Bool("no-hosts") { - return nil, errors.Errorf("--no-hosts and --add-host cannot be set together") - } + if c.Bool("no-hosts") && c.Flag("add-host").Changed { + return nil, errors.Errorf("--no-hosts and --add-host cannot be set together") } // EXPOSED PORTS diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md index 289bb71a3..f61deebd2 100644 --- a/docs/podman-create.1.md +++ b/docs/podman-create.1.md @@ -204,7 +204,7 @@ configuration passed to the container. Typically this is necessary when the host DNS configuration is invalid for the container (e.g., 127.0.0.1). When this is the case the **--dns** flags is necessary for every run. -The special sigil **none** can be specified to disable creation of **/etc/resolv.conf** in the container by Podman. +The special value **none** can be specified to disable creation of **/etc/resolv.conf** in the container by Podman. The **/etc/resolv.conf** file in the image will be used without changes. **--dns-option**=[] @@ -465,7 +465,7 @@ Not implemented Do not create /etc/hosts for the container. By default, Podman will manage /etc/hosts, adding the container's own IP address and any hosts from **--add-host**. **--no-hosts** disables this, and the image's **/etc/host** will be preserved unmodified. -This conflicts with **--add-host**. +This option conflicts with **--add-host**. **--oom-kill-disable**=*true*|*false* diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md index e045d033c..5a311980f 100644 --- a/docs/podman-run.1.md +++ b/docs/podman-run.1.md @@ -210,7 +210,7 @@ configuration passed to the container. Typically this is necessary when the host DNS configuration is invalid for the container (e.g., 127.0.0.1). When this is the case the **--dns** flags is necessary for every run. -The special sigil **none** can be specified to disable creation of **/etc/resolv.conf** in the container by Podman. +The special value **none** can be specified to disable creation of **/etc/resolv.conf** in the container by Podman. The **/etc/resolv.conf** file in the image will be used without changes. **--dns-option**=[] @@ -449,7 +449,7 @@ Not implemented Do not create /etc/hosts for the container. By default, Podman will manage /etc/hosts, adding the container's own IP address and any hosts from **--add-host**. **--no-hosts** disables this, and the image's **/etc/host** will be preserved unmodified. -This conflicts with **--add-host**. +This option conflicts with **--add-host**. **--oom-kill-disable**=*true*|*false* diff --git a/libpod/container.go b/libpod/container.go index 866cf5c58..806e75c63 100644 --- a/libpod/container.go +++ b/libpod/container.go @@ -293,10 +293,10 @@ type ContainerConfig struct { // namespace // These are not used unless CreateNetNS is true PortMappings []ocicni.PortMapping `json:"portMappings,omitempty"` - // NoCreateResolvConf indicates that resolv.conf should not be + // UseImageResolvConf indicates that resolv.conf should not be // bind-mounted inside the container. // Conflicts with DNSServer, DNSSearch, DNSOption. - NoCreateResolvConf bool + UseImageResolvConf bool // DNS servers to use in container resolv.conf // Will override servers in host resolv if set DNSServer []net.IP `json:"dnsServer,omitempty"` @@ -306,10 +306,10 @@ type ContainerConfig struct { // DNS options to be set in container resolv.conf // With override options in host resolv if set DNSOption []string `json:"dnsOption,omitempty"` - // NoCreateHosts indicates that /etc/hosts should not be + // UseImageHosts indicates that /etc/hosts should not be // bind-mounted inside the container. // Conflicts with HostAdd. - NoCreateHosts bool + UseImageHosts bool // Hosts to add in container // Will be appended to host's host file HostAdd []string `json:"hostsAdd,omitempty"` diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 3bb8b23ec..02f8d6aa4 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -703,7 +703,7 @@ func (c *Container) makeBindMounts() error { } } - if c.config.NetNsCtr != "" && (!c.config.NoCreateHosts || !c.config.NoCreateResolvConf) { + if c.config.NetNsCtr != "" && (!c.config.UseImageResolvConf || !c.config.UseImageHosts) { // We share a net namespace. // We want /etc/resolv.conf and /etc/hosts from the // other container. Unless we're not creating both of @@ -719,7 +719,7 @@ func (c *Container) makeBindMounts() error { return errors.Wrapf(err, "error fetching bind mounts from dependency %s of container %s", depCtr.ID(), c.ID()) } - if !c.config.NoCreateResolvConf { + if !c.config.UseImageResolvConf { // The other container may not have a resolv.conf or /etc/hosts // If it doesn't, don't copy them resolvPath, exists := bindMounts["/etc/resolv.conf"] @@ -728,7 +728,7 @@ func (c *Container) makeBindMounts() error { } } - if !c.config.NoCreateHosts { + if !c.config.UseImageHosts { // check if dependency container has an /etc/hosts file hostsPath, exists := bindMounts["/etc/hosts"] if !exists { @@ -751,7 +751,7 @@ func (c *Container) makeBindMounts() error { c.state.BindMounts["/etc/hosts"] = hostsPath } } else { - if !c.config.NoCreateResolvConf { + if !c.config.UseImageResolvConf { newResolv, err := c.generateResolvConf() if err != nil { return errors.Wrapf(err, "error creating resolv.conf for container %s", c.ID()) @@ -759,7 +759,7 @@ func (c *Container) makeBindMounts() error { c.state.BindMounts["/etc/resolv.conf"] = newResolv } - if !c.config.NoCreateHosts { + if !c.config.UseImageHosts { newHosts, err := c.generateHosts("/etc/hosts") if err != nil { return errors.Wrapf(err, "error creating hosts file for container %s", c.ID()) diff --git a/libpod/options.go b/libpod/options.go index a36309ed7..3ca80e96c 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -997,7 +997,7 @@ func WithDNSSearch(searchDomains []string) CtrCreateOption { if ctr.valid { return ErrCtrFinalized } - if ctr.config.NoCreateResolvConf { + if ctr.config.UseImageResolvConf { return errors.Wrapf(ErrInvalidArg, "cannot add DNS search domains if container will not create /etc/resolv.conf") } ctr.config.DNSSearch = searchDomains @@ -1011,7 +1011,7 @@ func WithDNS(dnsServers []string) CtrCreateOption { if ctr.valid { return ErrCtrFinalized } - if ctr.config.NoCreateResolvConf { + if ctr.config.UseImageResolvConf { return errors.Wrapf(ErrInvalidArg, "cannot add DNS servers if container will not create /etc/resolv.conf") } var dns []net.IP @@ -1033,7 +1033,7 @@ func WithDNSOption(dnsOptions []string) CtrCreateOption { if ctr.valid { return ErrCtrFinalized } - if ctr.config.NoCreateResolvConf { + if ctr.config.UseImageResolvConf { return errors.Wrapf(ErrInvalidArg, "cannot add DNS options if container will not create /etc/resolv.conf") } ctr.config.DNSOption = dnsOptions @@ -1048,7 +1048,7 @@ func WithHosts(hosts []string) CtrCreateOption { return ErrCtrFinalized } - if ctr.config.NoCreateHosts { + if ctr.config.UseImageHosts { return errors.Wrapf(ErrInvalidArg, "cannot add hosts if container will not create /etc/hosts") } @@ -1198,9 +1198,9 @@ func WithCtrNamespace(ns string) CtrCreateOption { } } -// WithNoCreateResolvConf tells the container not to bind-mount resolv.conf in. +// WithUseImageResolvConf tells the container not to bind-mount resolv.conf in. // This conflicts with other DNS-related options. -func WithNoCreateResolvConf() CtrCreateOption { +func WithUseImageResolvConf() CtrCreateOption { return func(ctr *Container) error { if ctr.valid { return ErrCtrFinalized @@ -1212,15 +1212,15 @@ func WithNoCreateResolvConf() CtrCreateOption { return errors.Wrapf(ErrInvalidArg, "not creating resolv.conf conflicts with DNS options") } - ctr.config.NoCreateResolvConf = true + ctr.config.UseImageResolvConf = true return nil } } -// WithNoCreateHosts tells the container not to bind-mount /etc/hosts in. +// WithUseImageHosts tells the container not to bind-mount /etc/hosts in. // This conflicts with WithHosts(). -func WithNoCreateHosts() CtrCreateOption { +func WithUseImageHosts() CtrCreateOption { return func(ctr *Container) error { if ctr.valid { return ErrCtrFinalized @@ -1230,7 +1230,7 @@ func WithNoCreateHosts() CtrCreateOption { return errors.Wrapf(ErrInvalidArg, "not creating /etc/hosts conflicts with adding to the hosts file") } - ctr.config.NoCreateHosts = true + ctr.config.UseImageHosts = true return nil } diff --git a/pkg/spec/createconfig.go b/pkg/spec/createconfig.go index 15719beab..79a318771 100644 --- a/pkg/spec/createconfig.go +++ b/pkg/spec/createconfig.go @@ -506,8 +506,8 @@ func (c *CreateConfig) GetContainerCreateOptions(runtime *libpod.Runtime, pod *l options = append(options, libpod.WithDNSSearch(c.DNSSearch)) } if len(c.DNSServers) > 0 { - if len(c.DNSServers) == 1 && c.DNSServers[0] == "none" { - options = append(options, libpod.WithNoCreateResolvConf()) + if len(c.DNSServers) == 1 && strings.ToLower(c.DNSServers[0]) == "none" { + options = append(options, libpod.WithUseImageResolvConf()) } else { options = append(options, libpod.WithDNS(c.DNSServers)) } @@ -516,7 +516,7 @@ func (c *CreateConfig) GetContainerCreateOptions(runtime *libpod.Runtime, pod *l options = append(options, libpod.WithDNSOption(c.DNSOpt)) } if c.NoHosts { - options = append(options, libpod.WithNoCreateHosts()) + options = append(options, libpod.WithUseImageHosts()) } if len(c.HostAdd) > 0 && !c.NoHosts { options = append(options, libpod.WithHosts(c.HostAdd)) -- cgit v1.2.3-54-g00ecf