podman play kube only binds ports when hostPort is specified.

[reavessm]

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

According to k8s documentation, specifying hostPort seems optional. If I specify only containerPort, I would expect this to use the same value for hostPort, or throw a validation error if it is really required. Instead, it looks successful, but doesn't bind the ports.

Steps to reproduce the issue:

1. Create test.yaml with the following config:

---
apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  containers:
    - name: server
      image: docker.io/library/nginx:alpine
      ports:
        - name: http
          containerPort: 8080

2. Run podman play kube test.yaml

3. Run `podman ps --format '{{ .Names }} - {{ .Ports }}' and observe the following:

nginx-server -

4. Create test-2.yaml with the following config:

---
apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  containers:
    - name: server
      image: docker.io/library/nginx:alpine
      ports:
        - name: http
          containerPort: 80
          hostPort: 8080

5. Run podman rm -af && podman play kube test-2.yaml

6. Run `podman ps --format '{{ .Names }} - {{ .Ports }}' and observe the following:

nginx-server - 0.0.0.0:8080->80/tcp

Describe the results you received:

No error, but no ports bound.

Describe the results you expected:

I would expect excluding hostPort to EITHER throw a validation error OR (preferably) copy the value from containerPort

Additional information you deem important (e.g. issue happens only occasionally):

K8s definition of hostPort, emphasis mine:

Number of port to expose on the host. If specified this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.

Also, I double checked my containers running on OpenShift and they only have containerPort specified and not hostPort.

Output of podman version:

Client:       Podman Engine
Version:      4.2.0
API Version:  4.2.0
Go Version:   go1.18.4
Built:        Thu Aug 11 10:42:17 2022
OS/Arch:      linux/amd64

Output of podman info:

host:
  arch: amd64
  buildahVersion: 1.27.0
  cgroupControllers:
  - cpu
  - io
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.4-2.fc36.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.4, commit: '
  cpuUtilization:
    idlePercent: 79.57
    systemPercent: 5.05
    userPercent: 15.38
  cpus: 8
  distribution:
    distribution: fedora
    variant: workstation
    version: "36"
  eventLogger: journald
  hostname: host.containers.internal
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.19.9-200.fc36.x86_64
  linkmode: dynamic
  logDriver: journald
  memFree: 1350864896
  memTotal: 33404751872
  networkBackend: netavark
  ociRuntime:
    name: crun
    package: crun-1.6-2.fc36.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.6
      commit: 18cf2efbb8feb2b2f20e316520e0fd0b6c41ef4d
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.0-0.2.beta.0.fc36.x86_64
    version: |-
      slirp4netns version 1.2.0-beta.0
      commit: 477db14a24ff1a3de3a705e51ca2c4c1fe3dda64
      libslirp: 4.6.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.3
  swapFree: 8356360192
  swapTotal: 8589930496
  uptime: 6h 51m 16.00s (Approximately 0.25 days)
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  volume:
  - local
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - docker.io
  - quay.io
store:
  configFile: /home/sreaves/.config/containers/storage.conf
  containerStore:
    number: 2
    paused: 0
    running: 2
    stopped: 0
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/sreaves/.local/share/containers/storage
  graphRootAllocated: 254339448832
  graphRootUsed: 129418711040
  graphStatus:
    Backing Filesystem: btrfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 20
  runRoot: /run/user/1000/containers
  volumePath: /home/sreaves/.local/share/containers/storage/volumes
version:
  APIVersion: 4.2.0
  Built: 1660228937
  BuiltTime: Thu Aug 11 10:42:17 2022
  GitCommit: ""
  GoVersion: go1.18.4
  Os: linux
  OsArch: linux/amd64
  Version: 4.2.0

Package info (e.g. output of rpm -q podman or apt list podman):

podman-4.2.0-2.fc36.x86_64

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

I have checked the troubleshooting guide, have not tested on latest.

Additional environment details (AWS, VirtualBox, physical, etc.):

Phyiscal Fedora 36 Workstation.