Merge pull request #8391 from baude/networkconnectdisconnect

add network connect|disconnect compat endpoints

cmd/podman/networks/connect.go

@@ -0,0 +1,47 @@
+package network
+
+import (
+	"github.com/containers/common/pkg/completion"
+	"github.com/containers/podman/v2/cmd/podman/common"
+	"github.com/containers/podman/v2/cmd/podman/registry"
+	"github.com/containers/podman/v2/pkg/domain/entities"
+	"github.com/spf13/cobra"
+)
+
+var (
+	networkConnectDescription = `Add container to a network`
+	networkConnectCommand     = &cobra.Command{
+		Use:               "connect [options] NETWORK CONTAINER",
+		Short:             "network connect",
+		Long:              networkConnectDescription,
+		RunE:              networkConnect,
+		Example:           `podman network connect web secondary`,
+		Args:              cobra.ExactArgs(2),
+		ValidArgsFunction: common.AutocompleteNetworks,
+	}
+)
+
+var (
+	networkConnectOptions entities.NetworkConnectOptions
+)
+
+func networkConnectFlags(cmd *cobra.Command) {
+	flags := cmd.Flags()
+	aliasFlagName := "alias"
+	flags.StringSliceVar(&networkConnectOptions.Aliases, aliasFlagName, []string{}, "network scoped alias for container")
+	_ = cmd.RegisterFlagCompletionFunc(aliasFlagName, completion.AutocompleteNone)
+}
+
+func init() {
+	registry.Commands = append(registry.Commands, registry.CliCommand{
+		Mode:    []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+		Command: networkConnectCommand,
+		Parent:  networkCmd,
+	})
+	networkConnectFlags(networkConnectCommand)
+}
+
+func networkConnect(cmd *cobra.Command, args []string) error {
+	networkConnectOptions.Container = args[1]
+	return registry.ContainerEngine().NetworkConnect(registry.Context(), args[0], networkConnectOptions)
+}

cmd/podman/networks/disconnect.go

@@ -0,0 +1,45 @@
+package network
+
+import (
+	"github.com/containers/podman/v2/cmd/podman/common"
+	"github.com/containers/podman/v2/cmd/podman/registry"
+	"github.com/containers/podman/v2/pkg/domain/entities"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+)
+
+var (
+	networkDisconnectDescription = `Remove container from a network`
+	networkDisconnectCommand     = &cobra.Command{
+		Use:               "disconnect [options] NETWORK CONTAINER",
+		Short:             "network rm",
+		Long:              networkDisconnectDescription,
+		RunE:              networkDisconnect,
+		Example:           `podman network disconnect web secondary`,
+		Args:              cobra.ExactArgs(2),
+		ValidArgsFunction: common.AutocompleteNetworks,
+	}
+)
+
+var (
+	networkDisconnectOptions entities.NetworkDisconnectOptions
+)
+
+func networkDisconnectFlags(flags *pflag.FlagSet) {
+	flags.BoolVarP(&networkDisconnectOptions.Force, "force", "f", false, "force removal of container from network")
+}
+
+func init() {
+	registry.Commands = append(registry.Commands, registry.CliCommand{
+		Mode:    []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+		Command: networkDisconnectCommand,
+		Parent:  networkCmd,
+	})
+	flags := networkDisconnectCommand.Flags()
+	networkDisconnectFlags(flags)
+}
+
+func networkDisconnect(cmd *cobra.Command, args []string) error {
+	networkDisconnectOptions.Container = args[1]
+	return registry.ContainerEngine().NetworkDisconnect(registry.Context(), args[0], networkDisconnectOptions)
+}

commands-demo.md

@@ -47,6 +47,8 @@
 | [podman-mount(1)](https://podman.readthedocs.io/en/latest/markdown/podman-mount.1.html)                               | Mount a working container's root filesystem                                |
 | [podman-network(1)](https://podman.readthedocs.io/en/latest/network.html)                                             | Manage Podman CNI networks                                                 |
 | [podman-network-create(1)](https://podman.readthedocs.io/en/latest/markdown/podman-network-create.1.html)             | Create a CNI network                                                       |
+| [podman-network-connect(1)](https://podman.readthedocs.io/en/latest/markdown/podman-network-connect.1.html)           | Connect a container to a CNI network                                       |
+| [podman-network-disconnect(1)](https://podman.readthedocs.io/en/latest/markdown/podman-network-dosconnect.1.html)             | Disconnect a container from a CNI network                                  |
 | [podman-network-inspect(1)](https://podman.readthedocs.io/en/latest/markdown/podman-network-inspect.1.html)           | Displays the raw CNI network configuration for one or more networks        |
 | [podman-network-ls(1)](https://podman.readthedocs.io/en/latest/markdown/podman-network-ls.1.html)                     | Display a summary of CNI networks                                          |
 | [podman-network-rm(1)](https://podman.readthedocs.io/en/latest/markdown/podman-network-rm.1.html)                     | Remove one or more CNI networks                                            |

docs/source/markdown/podman-network-connect.1.md

@@ -0,0 +1,34 @@
+% podman-network-connect(1)
+
+## NAME
+podman\-network\-connect - Connect a container to a network
+
+## SYNOPSIS
+**podman network connect** [*options*] network container
+
+## DESCRIPTION
+Connects a container to a network. A container can be connected to a network by name or by ID.
+Once connected, the container can communicate with other containers in the same network.
+
+## OPTIONS
+#### **--alias**
+Add network-scoped alias for the container.  If the network is using the `dnsname` CNI plugin, these aliases
+can be used for name resolution on the given network.  Multiple *--alias* options may be specificed as input.
+
+## EXAMPLE
+
+Connect a container named *web* to a network named *test*
+```
+podman network connect test web
+```
+
+Connect a container name *web* to a network named *test* with two aliases: web1 and web2
+```
+podman network connect --alias web1 --alias web2 test web
+```
+
+## SEE ALSO
+podman(1), podman-network(1), podman-network-disconnect(1), podman-network-inspect(1)
+
+## HISTORY
+November 2020, Originally compiled by Brent Baude <[email protected]>

docs/source/markdown/podman-network-disconnect.1.md

@@ -0,0 +1,29 @@
+% podman-network-disconnect(1)
+
+## NAME
+podman\-network\-disconnect - Disconnect a container from a network
+
+## SYNOPSIS
+**podman network disconnect** [*options*] network container
+
+## DESCRIPTION
+Disconnects a container from a network.
+
+## OPTIONS
+#### **--force**, **-f**
+
+Force the container to disconnect from a network
+
+## EXAMPLE
+Disconnect a container named *web* from a network called *test*.
+
+```
+podman network disconnect test web
+```
+
+
+## SEE ALSO
+podman(1), podman-network(1), podman-network-connect(1)
+
+## HISTORY
+November 2020, Originally compiled by Brent Baude <[email protected]>

docs/source/markdown/podman-network.1.md

@@ -13,7 +13,9 @@ The network command manages CNI networks for Podman. It is not supported for roo
 
 | Command  | Man Page                                            | Description                                                                  |
 | -------  | --------------------------------------------------- | ---------------------------------------------------------------------------- |
+| connect | [podman-network-connect(1)](podman-network-connect.1.md)| Connect a container to a network|
 | create | [podman-network-create(1)](podman-network-create.1.md)| Create a Podman CNI network|
+| disconnect | [podman-network-disconnect(1)](podman-network-disconnect.1.md)| Disconnect a container from a network|
 | inspect | [podman-network-inspect(1)](podman-network-inspect.1.md)| Displays the raw CNI network configuration for one or more networks|
 | ls | [podman-network-ls(1)](podman-network-ls.1.md)| Display a summary of CNI networks                        |
 | rm | [podman-network-rm(1)](podman-network-rm.1.md)| Remove one or more CNI networks                        |

docs/source/network.rst

@@ -1,8 +1,12 @@
 Network
 =======
 
+:doc:`connect <markdown/podman-network-connect.1>` network connect
+
 :doc:`create <markdown/podman-network-create.1>` network create
 
+:doc:`disconnect <markdown/podman-network-disconnect.1>` network disconnect
+
 :doc:`inspect <markdown/podman-network-inspect.1>` network inspect
 
 :doc:`ls <markdown/podman-network-ls.1>` network list

libpod/container.go

@@ -206,6 +206,10 @@ type ContainerState struct {
 	// and not delegated to the OCI runtime.
 	ExtensionStageHooks map[string][]spec.Hook `json:"extensionStageHooks,omitempty"`
 
+	// NetInterfaceDescriptions describe the relationship between a CNI
+	// network and an interface names
+	NetInterfaceDescriptions ContainerNetworkDescriptions `json:"networkDescriptions,omitempty"`
+
 	// containerPlatformState holds platform-specific container state.
 	containerPlatformState
 }
@@ -244,6 +248,10 @@ type ContainerImageVolume struct {
 	ReadWrite bool `json:"rw"`
 }
 
+// ContainerNetworkDescriptions describes the relationship between the CNI
+// network and the ethN where N is an integer
+type ContainerNetworkDescriptions map[string]int
+
 // Config accessors
 // Unlocked
 
@@ -1102,3 +1110,19 @@ func (c *Container) networksByNameIndex() (map[string]int, error) {
 	}
 	return networkNamesByIndex, nil
 }
+
+// add puts the new given CNI network name into the tracking map
+// and assigns it a new integer based on the map length
+func (d ContainerNetworkDescriptions) add(networkName string) {
+	d[networkName] = len(d)
+}
+
+// getInterfaceByName returns a formatted interface name for a given
+// network along with a bool as to whether the network existed
+func (d ContainerNetworkDescriptions) getInterfaceByName(networkName string) (string, bool) {
+	val, exists := d[networkName]
+	if !exists {
+		return "", exists
+	}
+	return fmt.Sprintf("eth%d", val), exists
+}

libpod/define/errors.go

@@ -178,4 +178,7 @@ var (
 	// ErrStoreNotInitialized indicates that the container storage was never
 	// initialized.
 	ErrStoreNotInitialized = errors.New("the container storage was never initialized")
+
+	// ErrNoNetwork indicates that a container has no net namespace, like network=none
+	ErrNoNetwork = errors.New("container has no network namespace")
 )

libpod/events.go

@@ -50,6 +50,18 @@ func (c *Container) newContainerExitedEvent(exitCode int32) {
 	}
 }
 
+// netNetworkEvent creates a new event based on a network connect/disconnect
+func (c *Container) newNetworkEvent(status events.Status, netName string) {
+	e := events.NewEvent(status)
+	e.ID = c.ID()
+	e.Name = c.Name()
+	e.Type = events.Network
+	e.Network = netName
+	if err := c.runtime.eventer.Write(e); err != nil {
+		logrus.Errorf("unable to write pod event: %q", err)
+	}
+}
+
 // newPodEvent creates a new event for a libpod pod
 func (p *Pod) newPodEvent(status events.Status) {
 	e := events.NewEvent(status)

libpod/events/config.go

@@ -30,6 +30,8 @@ type Event struct {
 	Image string `json:",omitempty"`
 	// Name where applicable
 	Name string `json:",omitempty"`
+	// Network is the network name in a network event
+	Network string `json:"network,omitempty"`
 	// Status describes the event that occurred
 	Status Status
 	// Time the event occurred
@@ -101,6 +103,8 @@ const (
 	Container Type = "container"
 	// Image - event is related to images
 	Image Type = "image"
+	// Network - event is related to networks
+	Network Type = "network"
 	// Pod - event is related to pods
 	Pod Type = "pod"
 	// System - event is related to Podman whole and not to any specific
@@ -141,6 +145,10 @@ const (
 	LoadFromArchive Status = "loadfromarchive"
 	// Mount ...
 	Mount Status = "mount"
+	// NetworkConnect
+	NetworkConnect Status = "connect"
+	// NetworkDisconnect
+	NetworkDisconnect Status = "disconnect"
 	// Pause ...
 	Pause Status = "pause"
 	// Prune ...

libpod/events/events.go

@@ -77,6 +77,8 @@ func (e *Event) ToHumanReadable() string {
 			}
 		}
 		humanFormat += ")"
+	case Network:
+		humanFormat = fmt.Sprintf("%s %s %s %s (container=%s, name=%s)", e.Time, e.Type, e.Status, e.ID, e.ID, e.Network)
 	case Image:
 		humanFormat = fmt.Sprintf("%s %s %s %s %s", e.Time, e.Type, e.Status, e.ID, e.Name)
 	case System:
@@ -115,6 +117,8 @@ func StringToType(name string) (Type, error) {
 		return Container, nil
 	case Image.String():
 		return Image, nil
+	case Network.String():
+		return Network, nil
 	case Pod.String():
 		return Pod, nil
 	case System.String():
@@ -162,6 +166,10 @@ func StringToStatus(name string) (Status, error) {
 		return LoadFromArchive, nil
 	case Mount.String():
 		return Mount, nil
+	case NetworkConnect.String():
+		return NetworkConnect, nil
+	case NetworkDisconnect.String():
+		return NetworkDisconnect, nil
 	case Pause.String():
 		return Pause, nil
 	case Prune.String():

libpod/events/journal_linux.go

@@ -56,6 +56,9 @@ func (e EventJournalD) Write(ee Event) error {
 			}
 			m["PODMAN_LABELS"] = string(b)
 		}
+	case Network:
+		m["PODMAN_ID"] = ee.ID
+		m["PODMAN_NETWORK_NAME"] = ee.Network
 	case Volume:
 		m["PODMAN_NAME"] = ee.Name
 	}
@@ -197,6 +200,9 @@ func newEventFromJournalEntry(entry *sdjournal.JournalEntry) (*Event, error) { /
 				newEvent.Details = Details{Attributes: labels}
 			}
 		}
+	case Network:
+		newEvent.ID = entry.Fields["PODMAN_ID"]
+		newEvent.Network = entry.Fields["PODMAN_NETWORK_NAME"]
 	case Image:
 		newEvent.ID = entry.Fields["PODMAN_ID"]
 	}

libpod/events/logfile.go

@@ -76,7 +76,7 @@ func (e EventLogFile) Read(ctx context.Context, options ReadOptions) error {
 			return err
 		}
 		switch event.Type {
-		case Image, Volume, Pod, System, Container:
+		case Image, Volume, Pod, System, Container, Network:
 		//	no-op
 		default:
 			return errors.Errorf("event type %s is not valid in %s", event.Type.String(), e.options.LogFilePath)