From da752a7ed32f90a3f187eeb5f3f372889561a021 Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Thu, 23 Jul 2020 16:43:43 -0400 Subject: Binding the same container port to >1 host port is OK The initial version of the new port code mistakenly restricted this, so un-restrict it. We still need to maintain the map of container ports, unfortunately (need to verify if the port in question is a duplicate, for example). Fixes #7062 Signed-off-by: Matthew Heon --- pkg/specgen/generate/ports.go | 15 ++++++++------- test/e2e/run_networking_test.go | 16 ++++++++++++++++ 2 files changed, 24 insertions(+), 7 deletions(-) diff --git a/pkg/specgen/generate/ports.go b/pkg/specgen/generate/ports.go index c8d1c27c5..2125c6b9f 100644 --- a/pkg/specgen/generate/ports.go +++ b/pkg/specgen/generate/ports.go @@ -123,19 +123,20 @@ func parsePortMapping(portMappings []specgen.PortMapping) ([]ocicni.PortMapping, postAssignHostPort = true } } else { - testCPort := ctrPortMap[cPort] - if testCPort != 0 && testCPort != hPort { - // This is an attempt to redefine a port - return nil, nil, nil, errors.Errorf("conflicting port mappings for container port %d (protocol %s)", cPort, p) - } - ctrPortMap[cPort] = hPort - testHPort := hostPortMap[hPort] if testHPort != 0 && testHPort != cPort { return nil, nil, nil, errors.Errorf("conflicting port mappings for host port %d (protocol %s)", hPort, p) } hostPortMap[hPort] = cPort + // Mapping a container port to multiple + // host ports is allowed. + // We only store the latest of these in + // the container port map - we don't + // need to know all of them, just one. + testCPort := ctrPortMap[cPort] + ctrPortMap[cPort] = hPort + // If we have an exact duplicate, just continue if testCPort == hPort && testHPort == cPort { continue diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index 9357145ab..40cc9e1e6 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -222,6 +222,22 @@ var _ = Describe("Podman run networking", func() { Expect(inspectOut[0].NetworkSettings.Ports["8080/tcp"][0].HostIP).To(Equal("")) }) + It("podman run -p 8080:8080 -p 8081:8080", func() { + name := "testctr" + session := podmanTest.Podman([]string{"create", "-t", "-p", "4000:8080", "-p", "8000:8080", "--name", name, ALPINE, "/bin/sh"}) + session.WaitWithDefaultTimeout() + inspectOut := podmanTest.InspectContainer(name) + Expect(len(inspectOut)).To(Equal(1)) + Expect(len(inspectOut[0].NetworkSettings.Ports)).To(Equal(1)) + Expect(len(inspectOut[0].NetworkSettings.Ports["8080/tcp"])).To(Equal(2)) + + hp1 := inspectOut[0].NetworkSettings.Ports["8080/tcp"][0].HostPort + hp2 := inspectOut[0].NetworkSettings.Ports["8080/tcp"][1].HostPort + + // We can't guarantee order + Expect((hp1 == "4000" && hp2 == "8000") || (hp1 == "8000" && hp2 == "4000")).To(BeTrue()) + }) + It("podman run network expose host port 80 to container port 8000", func() { SkipIfRootless() session := podmanTest.Podman([]string{"run", "-dt", "-p", "80:8000", ALPINE, "/bin/sh"}) -- cgit v1.2.3-54-g00ecf