Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[v3.0.1-rhel] Fix RHBZ#1932083 #9552

Merged
merged 1 commit into from
Mar 1, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion contrib/rootless-cni-infra/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
# rootless-cni-infra

Infra container for CNI-in-slirp4netns.
Infra container for CNI-in-slirp4netns. This is required for rootless CNI networking.

To build the rootless CNI infra container image, please download both the Containerfile and `rootless-cni-infra` files to an otherwise empty directory.
Then, run `podman build -t rootless-cni-infra .` on that directory as the user who will be running rootless Podman.

Once the image has been built, Podman will automatically use it as required to create CNI networks.

## How it works

Expand Down
19 changes: 5 additions & 14 deletions libpod/rootless_cni_linux.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,11 @@ import (
"context"
"io"
"path/filepath"
"runtime"

cnitypes "github.com/containernetworking/cni/pkg/types/current"
"github.com/containernetworking/plugins/pkg/ns"
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/libpod/image"
"github.com/containers/podman/v3/pkg/env"
"github.com/containers/podman/v3/pkg/util"
"github.com/containers/storage/pkg/lockfile"
"github.com/hashicorp/go-multierror"
spec "github.com/opencontainers/runtime-spec/specs-go"
Expand All @@ -23,11 +20,6 @@ import (
"github.com/sirupsen/logrus"
)

// Built from ../contrib/rootless-cni-infra.
var rootlessCNIInfraImage = map[string]string{
"amd64": "quay.io/libpod/rootless-cni-infra@sha256:adf352454666f7ce9ca3e1098448b5ee18f89c4516471ec99447ec9ece917f36", // 5-amd64
}

const (
rootlessCNIInfraContainerNamespace = "podman-system"
rootlessCNIInfraContainerName = "rootless-cni-infra"
Expand Down Expand Up @@ -259,14 +251,13 @@ func ensureRootlessCNIInfraContainerRunning(ctx context.Context, r *Runtime) (*C
}

func startRootlessCNIInfraContainer(ctx context.Context, r *Runtime) (*Container, error) {
imageName, ok := rootlessCNIInfraImage[runtime.GOARCH]
if !ok {
return nil, errors.Errorf("cannot find rootless-podman-network-sandbox image for %s", runtime.GOARCH)
}
imageName := "rootless-cni-infra"
logrus.Debugf("rootless CNI: ensuring image %q to exist", imageName)
newImage, err := r.ImageRuntime().New(ctx, imageName, "", "", nil, nil,
image.SigningOptions{}, nil, util.PullImageMissing)
newImage, err := r.ImageRuntime().NewFromLocal(imageName)
if err != nil {
if errors.Cause(err) == define.ErrNoSuchImage {
return nil, errors.Errorf("rootless CNI infra image not present - please build image from https://github.com/containers/podman/blob/v3.0.1-rhel/contrib/rootless-cni-infra/ and tag as %q", imageName)
}
return nil, err
}
logrus.Debugf("rootless CNI: image %q is ready", imageName)
Expand Down
1 change: 1 addition & 0 deletions test/e2e/create_staticmac_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ var _ = Describe("Podman run with --mac-address flag", func() {
})

It("Podman run --mac-address with custom network", func() {
SkipIfRootless("rootless CNI is tech preview in RHEL 8.3.1")
net := "n1" + stringid.GenerateNonCryptoID()
session := podmanTest.Podman([]string{"network", "create", net})
session.WaitWithDefaultTimeout()
Expand Down
1 change: 1 addition & 0 deletions test/e2e/network_create_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,7 @@ var _ = Describe("Podman network create", func() {
)

BeforeEach(func() {
SkipIfRootless("rootless CNI is tech preview in RHEL 8.3.1")
tempdir, err = CreateTempDirInTempDir()
if err != nil {
os.Exit(1)
Expand Down
2 changes: 2 additions & 0 deletions test/e2e/network_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ var _ = Describe("Podman network", func() {
)

BeforeEach(func() {
SkipIfRootless("rootless CNI is tech preview in RHEL 8.3.1")

tempdir, err = CreateTempDirInTempDir()
if err != nil {
os.Exit(1)
Expand Down
3 changes: 3 additions & 0 deletions test/e2e/run_networking_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -628,6 +628,7 @@ var _ = Describe("Podman run networking", func() {
})

It("podman run in custom CNI network with --static-ip", func() {
SkipIfRootless("rootless CNI is tech preview in RHEL 8.3.1")
netName := stringid.GenerateNonCryptoID()
ipAddr := "10.25.30.128"
create := podmanTest.Podman([]string{"network", "create", "--subnet", "10.25.30.0/24", netName})
Expand Down Expand Up @@ -660,6 +661,7 @@ var _ = Describe("Podman run networking", func() {
})

It("podman run with new:pod and static-ip", func() {
SkipIfRootless("rootless CNI is tech preview in RHEL 8.3.1")
netName := stringid.GenerateNonCryptoID()
ipAddr := "10.25.40.128"
podname := "testpod"
Expand Down Expand Up @@ -733,6 +735,7 @@ var _ = Describe("Podman run networking", func() {
})

It("podman run check dnsname plugin", func() {
SkipIfRootless("rootless CNI is tech preview in RHEL 8.3.1")
pod := "testpod"
session := podmanTest.Podman([]string{"pod", "create", "--name", pod})
session.WaitWithDefaultTimeout()
Expand Down
1 change: 1 addition & 0 deletions test/system/500-networking.bats
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,7 @@ load helpers
# "network create" now works rootless, with the help of a special container
@test "podman network create" {
skip_if_remote "FIXME: pending #7808"
skip_if_rootless "Rootless CNI is tech preview in RHEL 8.2.1"

local mynetname=testnet-$(random_string 10)
local mysubnet=$(random_rfc1918_subnet)
Expand Down