diff --git a/contrib/rootless-cni-infra/README.md b/contrib/rootless-cni-infra/README.md index c43b4cf491..fe4cf587dd 100644 --- a/contrib/rootless-cni-infra/README.md +++ b/contrib/rootless-cni-infra/README.md @@ -1,6 +1,11 @@ # rootless-cni-infra -Infra container for CNI-in-slirp4netns. +Infra container for CNI-in-slirp4netns. This is required for rootless CNI networking. + +To build the rootless CNI infra container image, please download both the Containerfile and `rootless-cni-infra` files to an otherwise empty directory. +Then, run `podman build -t rootless-cni-infra .` on that directory as the user who will be running rootless Podman. + +Once the image has been built, Podman will automatically use it as required to create CNI networks. ## How it works diff --git a/libpod/rootless_cni_linux.go b/libpod/rootless_cni_linux.go index e979851807..9554b82cca 100644 --- a/libpod/rootless_cni_linux.go +++ b/libpod/rootless_cni_linux.go @@ -7,14 +7,11 @@ import ( "context" "io" "path/filepath" - "runtime" cnitypes "github.com/containernetworking/cni/pkg/types/current" "github.com/containernetworking/plugins/pkg/ns" "github.com/containers/podman/v3/libpod/define" - "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/env" - "github.com/containers/podman/v3/pkg/util" "github.com/containers/storage/pkg/lockfile" "github.com/hashicorp/go-multierror" spec "github.com/opencontainers/runtime-spec/specs-go" @@ -23,11 +20,6 @@ import ( "github.com/sirupsen/logrus" ) -// Built from ../contrib/rootless-cni-infra. -var rootlessCNIInfraImage = map[string]string{ - "amd64": "quay.io/libpod/rootless-cni-infra@sha256:adf352454666f7ce9ca3e1098448b5ee18f89c4516471ec99447ec9ece917f36", // 5-amd64 -} - const ( rootlessCNIInfraContainerNamespace = "podman-system" rootlessCNIInfraContainerName = "rootless-cni-infra" @@ -259,14 +251,13 @@ func ensureRootlessCNIInfraContainerRunning(ctx context.Context, r *Runtime) (*C } func startRootlessCNIInfraContainer(ctx context.Context, r *Runtime) (*Container, error) { - imageName, ok := rootlessCNIInfraImage[runtime.GOARCH] - if !ok { - return nil, errors.Errorf("cannot find rootless-podman-network-sandbox image for %s", runtime.GOARCH) - } + imageName := "rootless-cni-infra" logrus.Debugf("rootless CNI: ensuring image %q to exist", imageName) - newImage, err := r.ImageRuntime().New(ctx, imageName, "", "", nil, nil, - image.SigningOptions{}, nil, util.PullImageMissing) + newImage, err := r.ImageRuntime().NewFromLocal(imageName) if err != nil { + if errors.Cause(err) == define.ErrNoSuchImage { + return nil, errors.Errorf("rootless CNI infra image not present - please build image from https://github.com/containers/podman/blob/v3.0.1-rhel/contrib/rootless-cni-infra/ and tag as %q", imageName) + } return nil, err } logrus.Debugf("rootless CNI: image %q is ready", imageName) diff --git a/test/e2e/create_staticmac_test.go b/test/e2e/create_staticmac_test.go index 1df93553de..aef3851423 100644 --- a/test/e2e/create_staticmac_test.go +++ b/test/e2e/create_staticmac_test.go @@ -48,6 +48,7 @@ var _ = Describe("Podman run with --mac-address flag", func() { }) It("Podman run --mac-address with custom network", func() { + SkipIfRootless("rootless CNI is tech preview in RHEL 8.3.1") net := "n1" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", net}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/network_create_test.go b/test/e2e/network_create_test.go index ef3be8e222..9a70b00273 100644 --- a/test/e2e/network_create_test.go +++ b/test/e2e/network_create_test.go @@ -69,6 +69,7 @@ var _ = Describe("Podman network create", func() { ) BeforeEach(func() { + SkipIfRootless("rootless CNI is tech preview in RHEL 8.3.1") tempdir, err = CreateTempDirInTempDir() if err != nil { os.Exit(1) diff --git a/test/e2e/network_test.go b/test/e2e/network_test.go index 68a0222c65..4458fb7fe5 100644 --- a/test/e2e/network_test.go +++ b/test/e2e/network_test.go @@ -21,6 +21,8 @@ var _ = Describe("Podman network", func() { ) BeforeEach(func() { + SkipIfRootless("rootless CNI is tech preview in RHEL 8.3.1") + tempdir, err = CreateTempDirInTempDir() if err != nil { os.Exit(1) diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index a6237a49aa..eebee46b21 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -628,6 +628,7 @@ var _ = Describe("Podman run networking", func() { }) It("podman run in custom CNI network with --static-ip", func() { + SkipIfRootless("rootless CNI is tech preview in RHEL 8.3.1") netName := stringid.GenerateNonCryptoID() ipAddr := "10.25.30.128" create := podmanTest.Podman([]string{"network", "create", "--subnet", "10.25.30.0/24", netName}) @@ -660,6 +661,7 @@ var _ = Describe("Podman run networking", func() { }) It("podman run with new:pod and static-ip", func() { + SkipIfRootless("rootless CNI is tech preview in RHEL 8.3.1") netName := stringid.GenerateNonCryptoID() ipAddr := "10.25.40.128" podname := "testpod" @@ -733,6 +735,7 @@ var _ = Describe("Podman run networking", func() { }) It("podman run check dnsname plugin", func() { + SkipIfRootless("rootless CNI is tech preview in RHEL 8.3.1") pod := "testpod" session := podmanTest.Podman([]string{"pod", "create", "--name", pod}) session.WaitWithDefaultTimeout() diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats index bcc6737b7a..5e2487d073 100644 --- a/test/system/500-networking.bats +++ b/test/system/500-networking.bats @@ -98,6 +98,7 @@ load helpers # "network create" now works rootless, with the help of a special container @test "podman network create" { skip_if_remote "FIXME: pending #7808" + skip_if_rootless "Rootless CNI is tech preview in RHEL 8.2.1" local mynetname=testnet-$(random_string 10) local mysubnet=$(random_rfc1918_subnet)