Use the slrip4netns dns in the rootless cni ns

If a user only has a local dns server in the resolv.conf file the dns resolution will fail. Instead we create a new resolv.conf which will use the slirp4netns dns. Signed-off-by: Paul Holzinger <[email protected]>
containers · Apr 1, 2021 · 9738070 · 9738070
1 parent 6cd807e
commit 9738070
Showing 1 changed file with 31 additions and 2 deletions.
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
@@ -24,6 +24,7 @@ import (
 	"github.com/containers/podman/v3/libpod/network"
 	"github.com/containers/podman/v3/pkg/errorhandling"
 	"github.com/containers/podman/v3/pkg/netns"
+	"github.com/containers/podman/v3/pkg/resolvconf"
 	"github.com/containers/podman/v3/pkg/rootless"
 	"github.com/containers/podman/v3/pkg/util"
 	"github.com/containers/storage/pkg/lockfile"
@@ -134,9 +135,14 @@ func (r *rootlessCNI) Do(toRun func() error) error {
 			return errors.Wrap(err, "failed to mount netns directory for rootless cni")
 		}
 
+		// mount resolv.conf to make use of the host dns
+		err = unix.Mount(filepath.Join(r.dir, "resolv.conf"), "/etc/resolv.conf", "none", unix.MS_BIND, "")
+		if err != nil {
+			return errors.Wrap(err, "failed to mount resolv.conf for rootless cni")
+		}
+
 		// also keep /run/systemd if it exists
-		// many files are symlinked into this dir, for example systemd-resolved links
-		// /etc/resolv.conf but the dnsname plugin needs access to this file
+		// many files are symlinked into this dir, for example /dev/log
 		runSystemd := "/run/systemd"
 		_, err = os.Stat(runSystemd)
 		if err == nil {
@@ -348,6 +354,29 @@ func (r *Runtime) getRootlessCNINetNs(new bool) (*rootlessCNI, error) {
 					return nil, err
 				}
 
+				// build a new resolv.conf file which uses the slirp4netns dns server address
+				resolveIP := slirp4netnsDNS
+				if netOptions.cidr != "" {
+					_, cidr, err := net.ParseCIDR(netOptions.cidr)
+					if err != nil {
+						return nil, errors.Wrap(err, "failed to parse slirp4netns cidr")
+					}
+					// the slirp dns ip is always the third ip in the subnet
+					cidr.IP[len(cidr.IP)-1] = cidr.IP[len(cidr.IP)-1] + 3
+					resolveIP = cidr.IP.String()
+				}
+				conf, err := resolvconf.Get()
+				if err != nil {
+					return nil, err
+				}
+				searchDomains := resolvconf.GetSearchDomains(conf.Content)
+				dnsOptions := resolvconf.GetOptions(conf.Content)
+
+				_, err = resolvconf.Build(filepath.Join(cniDir, "resolv.conf"), []string{resolveIP}, searchDomains, dnsOptions)
+				if err != nil {
+					return nil, errors.Wrap(err, "failed to create rootless cni resolv.conf")
+				}
+
 				// create cni directories to store files
 				// they will be bind mounted to the correct location in a extra mount ns
 				err = os.MkdirAll(filepath.Join(cniDir, "var"), 0700)