Merge pull request #8792 from bziemons/patch-host-network-spec-8790

Set NetNS mode instead of value

pkg/domain/infra/abi/play.go

@@ -226,7 +226,7 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY
 			return nil, err
 		}
 
-		specGen, err := kube.ToSpecGen(ctx, container, container.Image, newImage, volumes, pod.ID(), podName, podInfraID, configMaps, seccompPaths, ctrRestartPolicy)
+		specGen, err := kube.ToSpecGen(ctx, container, container.Image, newImage, volumes, pod.ID(), podName, podInfraID, configMaps, seccompPaths, ctrRestartPolicy, p.NetNS.IsHost())
 		if err != nil {
 			return nil, err
 		}

pkg/specgen/generate/kube/kube.go

@@ -30,7 +30,7 @@ func ToPodGen(ctx context.Context, podName string, podYAML *v1.PodTemplateSpec)
 		p.Hostname = podName
 	}
 	if podYAML.Spec.HostNetwork {
-		p.NetNS.Value = "host"
+		p.NetNS.NSMode = specgen.Host
 	}
 	if podYAML.Spec.HostAliases != nil {
 		hosts := make([]string, 0, len(podYAML.Spec.HostAliases))
@@ -47,7 +47,7 @@ func ToPodGen(ctx context.Context, podName string, podYAML *v1.PodTemplateSpec)
 	return p, nil
 }
 
-func ToSpecGen(ctx context.Context, containerYAML v1.Container, iid string, newImage *image.Image, volumes map[string]*KubeVolume, podID, podName, infraID string, configMaps []v1.ConfigMap, seccompPaths *KubeSeccompPaths, restartPolicy string) (*specgen.SpecGenerator, error) {
+func ToSpecGen(ctx context.Context, containerYAML v1.Container, iid string, newImage *image.Image, volumes map[string]*KubeVolume, podID, podName, infraID string, configMaps []v1.ConfigMap, seccompPaths *KubeSeccompPaths, restartPolicy string, hostNet bool) (*specgen.SpecGenerator, error) {
 	s := specgen.NewSpecGenerator(iid, false)
 
 	// podName should be non-empty for Deployment objects to be able to create
@@ -214,6 +214,10 @@ func ToSpecGen(ctx context.Context, containerYAML v1.Container, iid string, newI
 
 	s.RestartPolicy = restartPolicy
 
+	if hostNet {
+		s.NetNS.NSMode = specgen.Host
+	}
+
 	return s, nil
 }
 

test/e2e/play_kube_test.go

@@ -62,6 +62,7 @@ metadata:
 spec:
   restartPolicy: {{ .RestartPolicy }}
   hostname: {{ .Hostname }}
+  hostNetwork: {{ .HostNetwork }}
   hostAliases:
 {{ range .HostAliases }}
   - hostnames:
@@ -220,6 +221,7 @@ spec:
     spec:
       restartPolicy: {{ .RestartPolicy }}
       hostname: {{ .Hostname }}
+      hostNetwork: {{ .HostNetwork }}
       containers:
     {{ with .Ctrs }}
       {{ range . }}
@@ -376,6 +378,7 @@ type Pod struct {
 	Name          string
 	RestartPolicy string
 	Hostname      string
+	HostNetwork   bool
 	HostAliases   []HostAlias
 	Ctrs          []*Ctr
 	Volumes       []*Volume
@@ -396,6 +399,7 @@ func getPod(options ...podOption) *Pod {
 		Name:          defaultPodName,
 		RestartPolicy: "Never",
 		Hostname:      "",
+		HostNetwork:   false,
 		HostAliases:   nil,
 		Ctrs:          make([]*Ctr, 0),
 		Volumes:       make([]*Volume, 0),
@@ -464,6 +468,12 @@ func withVolume(v *Volume) podOption {
 	}
 }
 
+func withHostNetwork() podOption {
+	return func(pod *Pod) {
+		pod.HostNetwork = true
+	}
+}
+
 // Deployment describes the options a kube yaml can be configured at deployment level
 type Deployment struct {
 	Name        string
@@ -1587,4 +1597,23 @@ MemoryReservation: {{ .HostConfig.MemoryReservation }}`})
 		Expect(inspect.ExitCode()).To(Equal(0))
 		Expect(inspect.OutputToString()).To(Equal("false"))
 	})
+
+	It("podman play kube test with HostNetwork", func() {
+		if !strings.Contains(podmanTest.OCIRuntime, "crun") {
+			Skip("Test only works on crun")
+		}
+
+		pod := getPod(withHostNetwork())
+		err := generateKubeYaml("pod", pod, kubeYaml)
+		Expect(err).To(BeNil())
+
+		kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+		kube.WaitWithDefaultTimeout()
+		Expect(kube.ExitCode()).To(Equal(0))
+
+		inspect := podmanTest.Podman([]string{"inspect", pod.Name, "--format", "{{ .InfraConfig.HostNetwork }}"})
+		inspect.WaitWithDefaultTimeout()
+		Expect(inspect.ExitCode()).To(Equal(0))
+		Expect(inspect.OutputToString()).To(Equal("true"))
+	})
 })