opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-08-06 03:19:52 +08:00
Code Issues Packages Projects Releases Wiki Activity

Implment network == none

Browse Source 
When network == none, the container should only have a
loopback interface and that's it.

Signed-off-by: baude <bbaude@redhat.com>

Closes: #176
Approved by: baude
This commit is contained in:
baude
2018-01-02 13:25:42 -06:00
committed by Atomic Bot
parent 7f6a141839
commit 2dfd048545
5 changed files with 98 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
Dockerfile.Fedora
View File

@ -1,7 +1,9 @@
FROM registry.fedoraproject.org/fedora:27 FROM registry.fedoraproject.org/fedora:27
RUN dnf -y install btrfs-progs-devel \ RUN dnf -y install btrfs-progs-devel \
atomic-registries \
bzip2 \ bzip2 \
conmon \
device-mapper-devel \ device-mapper-devel \
findutils \ findutils \
git \ git \
@ -19,9 +21,7 @@ RUN dnf -y install btrfs-progs-devel \
python \ python \
which\ which\
golang-github-cpuguy83-go-md2man \ golang-github-cpuguy83-go-md2man \
conmon \
procps-ng \ procps-ng \
atomic-registries \
iptables && dnf clean all iptables && dnf clean all
# install bats # install bats
@ -33,7 +33,7 @@ RUN cd /tmp \
&& rm -fr /tmp/bats && rm -fr /tmp/bats
# Install CNI plugins # Install CNI plugins
ENV CNI_COMMIT 7480240de9749f9a0a5c8614b17f1f03e0c06ab9 ENV CNI_COMMIT 412b6d31280682bb4fab4446f113c22ff1886554
RUN set -x \ RUN set -x \
&& export GOPATH="$(mktemp -d)" \ && export GOPATH="$(mktemp -d)" \
&& git clone https://github.com/containernetworking/plugins.git "$GOPATH/src/github.com/containernetworking/plugins" \ && git clone https://github.com/containernetworking/plugins.git "$GOPATH/src/github.com/containernetworking/plugins" \
@ -55,6 +55,19 @@ RUN set -x \
&& export GOPATH=/go \ && export GOPATH=/go \
&& go get github.com/onsi/gomega/... && go get github.com/onsi/gomega/...
# Install conmon
ENV CRIO_COMMIT 814c6ab0913d827543696b366048056a31d9529c
RUN set -x \
&& export GOPATH="$(mktemp -d)" \
&& git clone https://github.com/kubernetes-incubator/cri-o.git "$GOPATH/src/github.com/kubernetes-incubator/cri-o.git" \
&& cd "$GOPATH/src/github.com/kubernetes-incubator/cri-o.git" \
&& git fetch origin --tags \
&& git checkout -q "$CRIO_COMMIT" \
&& mkdir bin \
&& make conmon \
&& install -D -m 755 bin/conmon /usr/libexec/crio/conmon \
&& rm -rf "$GOPATH"
# Install cni config # Install cni config
#RUN make install.cni #RUN make install.cni
RUN mkdir -p /etc/cni/net.d/ RUN mkdir -p /etc/cni/net.d/

3
cmd/podman/spec.go
View File

@ -572,7 +572,8 @@ func (c *createConfig) GetContainerCreateOptions() ([]libpod.CtrCreateOption, er
return nil, errors.Wrapf(err, "container %q not found", c.NetMode.ConnectedContainer()) return nil, errors.Wrapf(err, "container %q not found", c.NetMode.ConnectedContainer())
} }
options = append(options, libpod.WithNetNSFrom(connectedCtr)) options = append(options, libpod.WithNetNSFrom(connectedCtr))
} else if !c.NetMode.IsHost() { } else if !c.NetMode.IsHost() && !c.NetMode.IsNone() {
options = append(options, libpod.WithNetNS([]ocicni.PortMapping{}))
options = append(options, libpod.WithNetNS(portBindings)) options = append(options, libpod.WithNetNS(portBindings))
} }

2
test/e2e/libpod_suite_test.go
View File

@ -158,7 +158,7 @@ func (p *PodmanTest) Podman(args []string) *PodmanSession {
func (p *PodmanTest) Cleanup() { func (p *PodmanTest) Cleanup() {
// Remove all containers // Remove all containers
session := p.Podman([]string{"rm", "-fa"}) session := p.Podman([]string{"rm", "-fa"})
session.Wait(60) session.Wait(90)
// Nuke tempdir // Nuke tempdir
if err := os.RemoveAll(p.TempDir); err != nil { if err := os.RemoveAll(p.TempDir); err != nil {
fmt.Printf("%q\n", err) fmt.Printf("%q\n", err)

79
test/e2e/run_networking_test.go Normal file
View File

@ -0,0 +1,79 @@
package integration
import (
"os"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
)
var _ = Describe("Podman rmi", func() {
var (
tempdir string
err error
podmanTest PodmanTest
)
BeforeEach(func() {
tempdir, err = CreateTempDirInTempDir()
if err != nil {
os.Exit(1)
}
podmanTest = PodmanCreate(tempdir)
podmanTest.RestoreAllArtifacts()
})
AfterEach(func() {
podmanTest.Cleanup()
})
It("podman run network connection with default bridge", func() {
session := podmanTest.Podman([]string{"run", "-dt", ALPINE, "wget", "www.projectatomic.io"})
session.Wait(90)
Expect(session.ExitCode()).To(Equal(0))
})
It("podman run network connection with host", func() {
session := podmanTest.Podman([]string{"run", "-dt", "--network", "host", ALPINE, "wget", "www.projectatomic.io"})
session.Wait(90)
Expect(session.ExitCode()).To(Equal(0))
})
It("podman run network connection with loopback", func() {
session := podmanTest.Podman([]string{"run", "-dt", "--network", "host", ALPINE, "wget", "www.projectatomic.io"})
session.Wait(90)
Expect(session.ExitCode()).To(Equal(0))
})
It("podman run network expose port 222", func() {
session := podmanTest.Podman([]string{"run", "-dt", "--expose", "222-223", ALPINE, "/bin/sh"})
session.Wait(30)
Expect(session.ExitCode()).To(Equal(0))
results := podmanTest.SystemExec("iptables", []string{"-t", "nat", "-L"})
results.Wait(30)
Expect(results.ExitCode()).To(Equal(0))
Expect(results.OutputToString()).To(ContainSubstring("222"))
Expect(results.OutputToString()).To(ContainSubstring("223"))
})
It("podman run network expose host port 80 to container port 8000", func() {
session := podmanTest.Podman([]string{"run", "-dt", "-p", "80:8000", ALPINE, "/bin/sh"})
session.Wait(30)
Expect(session.ExitCode()).To(Equal(0))
results := podmanTest.SystemExec("iptables", []string{"-t", "nat", "-L"})
results.Wait(30)
Expect(results.ExitCode()).To(Equal(0))
Expect(results.OutputToString()).To(ContainSubstring("8000"))
})
It("podman run network expose ports in image metadata", func() {
session := podmanTest.Podman([]string{"run", "-dt", "-P", "docker.io/library/nginx:latest"})
session.Wait(90)
Expect(session.ExitCode()).To(Equal(0))
results := podmanTest.Podman([]string{"inspect", "-l"})
results.Wait(30)
Expect(results.ExitCode()).To(Equal(0))
Expect(results.OutputToString()).To(ContainSubstring(": 80,"))
})
})

59
test/podman_networking.bats
View File

@ -1,59 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_test
}
function setup() {
copy_images
}
@test "test network connection with default bridge" {
run ${PODMAN_BINARY} ${PODMAN_OPTIONS} run -dt ${ALPINE} wget www.yahoo.com
echo "$output"
[ "$status" -eq 0 ]
run ${PODMAN_BINARY} ${PODMAN_OPTIONS} wait --latest
echo "$output"
[ "$status" -eq 0 ]
}
@test "test network connection with host" {
run ${PODMAN_BINARY} ${PODMAN_OPTIONS} run -dt --network host ${ALPINE} wget www.yahoo.com
echo "$output"
[ "$status" -eq 0 ]
run ${PODMAN_BINARY} ${PODMAN_OPTIONS} wait --latest
echo "$output"
[ "$status" -eq 0 ]
}
@test "expose port 222" {
run ${PODMAN_BINARY} ${PODMAN_OPTIONS} run -dt --expose 222-223 ${ALPINE} /bin/sh
echo "$output"
[ "$status" -eq 0 ]
run bash -c "iptables -t nat -L"
echo "$output"
[ "$status" -eq 0 ]
run bash -c "iptables -t nat -L | grep 223"
echo "$output"
[ "$status" -eq 0 ]
}
@test "expose host port 80 to container port 8000" {
run ${PODMAN_BINARY} ${PODMAN_OPTIONS} run -dt -p 80:8000 ${ALPINE} /bin/sh
echo "$output"
[ "$status" -eq 0 ]
run bash -c "iptables -t nat -L | grep 8000"
echo "$output"
[ "$status" -eq 0 ]
}
@test "expose ports in image" {
run ${PODMAN_BINARY} ${PODMAN_OPTIONS} run -dt -P docker.io/library/nginx:latest
echo "$output"
[ "$status" -eq 0 ]
run bash -c "${PODMAN_BINARY} ${PODMAN_OPTIONS} inspect -l | grep ': 80,'"
echo "$output"
[ "$status" -eq 0 ]
}