Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix rootlesskit port forwarder with custom slirp cidr #9941

Merged
merged 1 commit into from
Apr 27, 2021
Merged

Fix rootlesskit port forwarder with custom slirp cidr #9941

merged 1 commit into from
Apr 27, 2021

Conversation

Luap99
Copy link
Member

@Luap99 Luap99 commented Apr 5, 2021

The source ip for the rootlesskit port forwarder was hardcoded to the
standard slirp4netns ip. This is incorrect since users can change the
subnet used by slirp4netns with --network slirp4netns:cidr=10.5.0.0/24.
The container interface ip is always the .100 in the subnet. Only when
the rootlesskit port forwarder child ip matches the container interface
ip the port forwarding will work.

Fixes #9828

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 5, 2021
@TomSweeneyRedHat
Copy link
Member

@Luap99 looks like some tests aren't happy with these changes.

@rhatdan
Copy link
Member

rhatdan commented Apr 12, 2021

LGTM
@mheon @giuseppe @AkihiroSuda PTAL

AkihiroSuda
AkihiroSuda reviewed Apr 12, 2021
View reviewed changes
libpod/networking_slirp4netns.go
@@ -391,6 +391,16 @@ func (r *Runtime) setupRootlessPortMappingViaRLK(ctr *Container, netnsPath strin
}

childIP := slirp4netnsIP
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we remove this const slirp4netnsIP = "10.0.2.100"?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the slirp cidr is omitted, we still need the default ip.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we have the default CIDR string (10.0.2.0/24), we no longer need the default IP string.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK but than we just changed the ip with a subnet.

@openshift-ci openshift-ci bot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Apr 22, 2021
Fix rootlesskit port forwarder with custom slirp cidr
f99b7a3 
The source ip for the rootlesskit port forwarder was hardcoded to the
standard slirp4netns ip. This is incorrect since users can change the
subnet used by slirp4netns with `--network slirp4netns:cidr=10.5.0.0/24`.
The container interface ip is always the .100 in the subnet. Only when
the rootlesskit port forwarder child ip matches the container interface
ip the port forwarding will work.

Fixes containers#9828

Signed-off-by: Paul Holzinger <[email protected]>
@openshift-ci openshift-ci bot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Apr 25, 2021
giuseppe
giuseppe approved these changes Apr 27, 2021
View reviewed changes
Copy link
Member

@giuseppe giuseppe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@openshift-ci-robot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: giuseppe, Luap99

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@rhatdan
Copy link
Member

rhatdan commented Apr 27, 2021

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Apr 27, 2021
@openshift-merge-robot openshift-merge-robot merged commit e6fc34b into containers:master Apr 27, 2021
@Luap99 Luap99 deleted the fix-9828 branch April 27, 2021 09:55
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 23, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@AkihiroSuda AkihiroSuda AkihiroSuda left review comments

@giuseppe giuseppe giuseppe approved these changes

Assignees

@rhatdan rhatdan

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

rootless kit port forwarder broken with custom slirp4netns cidr
7 participants
@Luap99 @TomSweeneyRedHat @rhatdan @openshift-ci-robot @giuseppe @AkihiroSuda @openshift-merge-robot