Sanitize port parsing for pods in play kube

The logic used in parsing the ports to be utilized in a kubenetes api defined pod did not fully adhere to the kubenetes spec, nor did it map well to a podman context. This fix sanitizes the input of container ports to meet the following rules: - A defined containerPort with no defined hostPort does nothing in a podman context, or is informational. This is line with [usage in Kubernetes.](kubernetes/kubernetes#4332) - A defined hostPort with no defined containerPort acts like a publish [hostPort]:[hostPort] - A defined containerPort and defined hostPort works like it does in kubernetes, as in a publish [hostPort]:[containerPort] Addresses containers#5610 Signed-off-by: Tyler Ramer <[email protected]>
tylarb · Mar 27, 2020 · d704144 · d704144
1 parent ff0124a
commit d704144
Showing 1 changed file with 12 additions and 1 deletion.
diff --git a/pkg/adapter/pods.go b/pkg/adapter/pods.go
@@ -768,6 +768,12 @@ func getPodPorts(containers []v1.Container) []ocicni.PortMapping {
 	var infraPorts []ocicni.PortMapping
 	for _, container := range containers {
 		for _, p := range container.Ports {
+			if p.HostPort != 0 && p.ContainerPort == 0 {
+				p.ContainerPort = p.HostPort
+			}
+			if p.Protocol == "" {
+				p.Protocol = "tcp"
+			}
 			portBinding := ocicni.PortMapping{
 				HostPort:      p.HostPort,
 				ContainerPort: p.ContainerPort,
@@ -776,7 +782,12 @@ func getPodPorts(containers []v1.Container) []ocicni.PortMapping {
 			if p.HostIP != "" {
 				logrus.Debug("HostIP on port bindings is not supported")
 			}
-			infraPorts = append(infraPorts, portBinding)
+			// only hostPort is utilized in podman context, all container ports
+			// are accessible inside the shared network namespace
+			if p.HostPort != 0 {
+				infraPorts = append(infraPorts, portBinding)
+			}
+
 		}
 	}
 	return infraPorts