static ip addresses

[fansari]

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind feature

Description

I found two scenarios where I still don't know how to assign static IPs to a container:

• when the container belongs to a pod

• when the IP address is IPv6

Steps to reproduce the issue:

1. podman run -d --pod new:web --name nginx --ip=10.88.0.8 -p 443:443/tcp nginx

2. podman run -d --name nginx --ip6=fd65:9803:9d93:4f1e::18 -p 443:443/tcp nginx

Describe the results you received:

1. Error: cannot set static IP or MAC address if not creating a network namespace: invalid argument

2. Error: unknown flag: --ip6

Describe the results you expected:

I thinks it should be possible to assign static IP addresses to containers even when they belong to pods of when the address is IPv6.

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Version:            1.9.3
RemoteAPI Version:  1
Go Version:         go1.14.2
OS/Arch:            linux/amd64

Output of podman info --debug:

debug:
  compiler: gc
  gitCommit: ""
  goVersion: go1.14.2
  podmanVersion: 1.9.3
host:
  arch: amd64
  buildahVersion: 1.14.9
  cgroupVersion: v1
  conmon:
    package: conmon-2.0.18-1.fc32.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.18, commit: 6e8799f576f11f902cd8a8d8b45b2b2caf636a85'
  cpus: 2
  distribution:
    distribution: fedora
    version: "32"
  eventLogger: file
  hostname: j338438.servers.jiffybox.net
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 5.7.8-200.fc32.x86_64
  memFree: 2675507200
  memTotal: 4170272768
  ociRuntime:
    name: crun
    package: crun-0.14.1-1.fc32.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 0.14.1
      commit: 598ea5e192ca12d4f6378217d3ab1415efeddefa
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  rootless: false
  slirp4netns:
    executable: ""
    package: ""
    version: ""
  swapFree: 0
  swapTotal: 0
  uptime: 55m 32.85s
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - registry.centos.org
  - docker.io
store:
  configFile: /etc/containers/storage.conf
  containerStore:
    number: 9
    paused: 0
    running: 9
    stopped: 0
  graphDriverName: overlay
  graphOptions:
    overlay.mountopt: nodev,metacopy=on
  graphRoot: /var/lib/containers/storage
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "true"
  imageStore:
    number: 91
  runRoot: /var/run/containers/storage
  volumePath: /var/lib/containers/storage/volumes

Package info (e.g. output of rpm -q podman or apt list podman):

podman-1.9.3-1.fc32.x86_64

Additional environment details (AWS, VirtualBox, physical, etc.):
Fedora CoreOS 32, VM

[Luap99]

You should be able to create a pod with a static ip when you use podman pod create --ip ....

[mheon]

Static IPv6 addresses are not yet supported. It should be easy to get them working, just a matter of adding a flag and plumbing it through to CNI, but I haven't managed to find the time.

…

On Sun, Aug 9, 2020, 07:37 Luap99 ***@***.***> wrote: You should be able to create a pod with a static ip when you use podman pod create --ip .... — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#7265 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AB3AOCD7HJKS2ZCUGTHITODR72C7PANCNFSM4PZERGCQ> .

[fansari]

You should be able to create a pod with a static ip when you use podman pod create --ip ....

Yes - this is what I thought too. But together with pod I always end up with this error message (as mentioned above):

"Error: cannot set static IP or MAC address if not creating a network namespace: invalid argument"

Maybe there is a way to do it and I am doing it wrong. In this case I would like to learn the way it should work.

[fansari]

Static IPv6 addresses are not yet supported. It should be easy to get them working, just a matter of adding a flag and plumbing it through to CNI, but I haven't managed to find the time.

This means currently the way IPv6 is meant to be used in podman is with NAT (how else could I access a service if I don't know the IP it is using?). Working this way has some advantages: you can work with a single IP, you don't need to care about neighbor discovery,... Only thing which seems not "nice" to me working this way: normally IPv6 is not meant to be used with NAT.

[Luap99]

If you use a pod you cannot assign ip addresses to your containers since they all use the network namespace from the pod. The containers inside the pod all share the same interface and can talk via localhost to each other.

[fansari]

Yes I saw that they use the same address and the same hostname. But even if they share the same IP - why can't I specify which IP this is? I mean a static IP for the pod. Is this possible?

[Luap99]

You should be able to create a pod with a static ip when you use podman pod create --ip ....

As stated before. All containers insides this pod will be reachable with the pod ip.

[mheon]

This is possible, but you need to specify the static IP for the pod at time of creating the pod.

[fansari]

OK. This works. I just ran a test.

[zhangguanzhang]

@fansari If there are no other questions, please close the issue