Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow pods to use --net=none #9185

Merged
merged 1 commit into from
Feb 2, 2021
Merged

Allow pods to use --net=none #9185

merged 1 commit into from
Feb 2, 2021
+55 −12

Conversation

mheon
Copy link
Member

@mheon mheon commented Feb 1, 2021

We need an extra field in the pod infra container config. We may want to reevaluate that struct at some point, as storing network modes as bools will rapidly become unsustainable, but that's a discussion for another time. Otherwise, straightforward plumbing.

Fixes #9165

@openshift-ci-robot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mheon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 1, 2021
Luap99
Luap99 reviewed Feb 1, 2021
View reviewed changes
test/e2e/pod_create_test.go Outdated
Comment on lines 498 to 501
session := podmanTest.Podman([]string{"run", "--pod", podName, ALPINE, "wget", "www.podman.io"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(1))
Expect(session.ErrorToString()).To(ContainSubstring("wget: bad address 'www.podman.io'"))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would recommend changing this test to ip -o -4 addr This will print one network interface per line. In this case we should only have one, the loopback adapter. The current test could also fail because dns is not working.

@giuseppe
Copy link
Member

giuseppe commented Feb 2, 2021

would other namespaces have the same issue when shared with the host?

@mheon
Copy link
Member Author

mheon commented Feb 2, 2021

@giuseppe What issue, specifically? Requiring a bool in the configuration to tell us to set them to Host?

@giuseppe
Copy link
Member

giuseppe commented Feb 2, 2021

@giuseppe What issue, specifically? Requiring a bool in the configuration to tell us to set them to Host?

no nevermind, I thought the same issue could happen with other namespaces beside network, but that is not the case.

LGTM

@rhatdan
Copy link
Member

rhatdan commented Feb 2, 2021

/lgtm
/hold

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 2, 2021
@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Feb 2, 2021
@mheon
Allow pods to use --net=none
931ea93 
We need an extra field in the pod infra container config. We may
want to reevaluate that struct at some point, as storing network
modes as bools will rapidly become unsustainable, but that's a
discussion for another time. Otherwise, straightforward plumbing.

Fixes containers#9165

Signed-off-by: Matthew Heon <[email protected]>
@openshift-ci-robot openshift-ci-robot removed the lgtm Indicates that a PR is ready to be merged. label Feb 2, 2021
@rhatdan
Copy link
Member

rhatdan commented Feb 2, 2021

/hold cancel

@openshift-ci-robot openshift-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 2, 2021
@mheon
Copy link
Member Author

mheon commented Feb 2, 2021

Needs a fresh LGTM

@rhatdan
Copy link
Member

rhatdan commented Feb 2, 2021

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Feb 2, 2021
@openshift-merge-robot openshift-merge-robot merged commit aab8a93 into containers:master Feb 2, 2021
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 23, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@Luap99 Luap99 Luap99 left review comments

Assignees

@rhatdan rhatdan

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

It is not possible to start a container in a pod with --net=none
6 participants
@mheon @openshift-ci-robot @giuseppe @rhatdan @Luap99 @openshift-merge-robot