From 1dd0eb4679a0e24bca8e72257e8225b03afddb23 Mon Sep 17 00:00:00 2001 From: Doug Rabson Date: Fri, 9 Sep 2022 11:14:13 +0100 Subject: libpod: Move teardownNetwork and teardownCNI to networking_common.go [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson --- libpod/networking_common.go | 53 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) (limited to 'libpod/networking_common.go') diff --git a/libpod/networking_common.go b/libpod/networking_common.go index 8ff05b46a..5d0b64f10 100644 --- a/libpod/networking_common.go +++ b/libpod/networking_common.go @@ -4,8 +4,11 @@ package libpod import ( + "fmt" + "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/machine" + "github.com/sirupsen/logrus" ) // convertPortMappings will remove the HostIP part from the ports when running inside podman machine. @@ -75,3 +78,53 @@ func getCNIPodName(c *Container) string { } return c.Name() } + +// Tear down a container's network configuration and joins the +// rootless net ns as rootless user +func (r *Runtime) teardownNetwork(ns string, opts types.NetworkOptions) error { + rootlessNetNS, err := r.GetRootlessNetNs(false) + if err != nil { + return err + } + tearDownPod := func() error { + if err := r.network.Teardown(ns, types.TeardownOptions{NetworkOptions: opts}); err != nil { + return fmt.Errorf("tearing down network namespace configuration for container %s: %w", opts.ContainerID, err) + } + return nil + } + + // rootlessNetNS is nil if we are root + if rootlessNetNS != nil { + // execute the cni setup in the rootless net ns + err = rootlessNetNS.Do(tearDownPod) + if cerr := rootlessNetNS.Cleanup(r); cerr != nil { + logrus.WithError(err).Error("failed to clean up rootless netns") + } + rootlessNetNS.Lock.Unlock() + } else { + err = tearDownPod() + } + return err +} + +// Tear down a container's CNI network configuration, but do not tear down the +// namespace itself. +func (r *Runtime) teardownCNI(ctr *Container) error { + if ctr.state.NetNS == nil { + // The container has no network namespace, we're set + return nil + } + + logrus.Debugf("Tearing down network namespace at %s for container %s", ctr.state.NetNS.Path(), ctr.ID()) + + networks, err := ctr.networks() + if err != nil { + return err + } + + if !ctr.config.NetMode.IsSlirp4netns() && len(networks) > 0 { + netOpts := ctr.getNetworkOptions(networks) + return r.teardownNetwork(ctr.state.NetNS.Path(), netOpts) + } + return nil +} -- cgit v1.2.3-54-g00ecf