mirror of
https://github.com/containers/podman.git
synced 2025-05-24 10:37:58 +08:00
enable dnsplugin for network create
when users create a new network and the dnsname plugin can be found by podman, we will enable container name resolution on the new network. there is an option to opt *out* as well. tests cannot be added until we solve the packaging portion of the dnsname plugin. Signed-off-by: baude <bbaude@redhat.com>
This commit is contained in:
baude
@ -267,6 +267,7 @@ type MountValues struct {
|
|||||||
type NetworkCreateValues struct {
|
type NetworkCreateValues struct {
|
||||||
PodmanCommand
|
PodmanCommand
|
||||||
Driver string
|
Driver string
|
||||||
|
DisableDNS bool
|
||||||
Gateway net.IP
|
Gateway net.IP
|
||||||
Internal bool
|
Internal bool
|
||||||
IPamDriver string
|
IPamDriver string
|
||||||
|
|||||||
@ -46,7 +46,7 @@ func init() {
|
|||||||
// TODO enable when IPv6 is working
|
// TODO enable when IPv6 is working
|
||||||
//flags.BoolVar(&networkCreateCommand.IPV6, "IPv6", false, "enable IPv6 networking")
|
//flags.BoolVar(&networkCreateCommand.IPV6, "IPv6", false, "enable IPv6 networking")
|
||||||
flags.IPNetVar(&networkCreateCommand.Network, "subnet", net.IPNet{}, "subnet in CIDR format")
|
flags.IPNetVar(&networkCreateCommand.Network, "subnet", net.IPNet{}, "subnet in CIDR format")
|
||||||
|
flags.BoolVar(&networkCreateCommand.DisableDNS, "disable-dns", false, "disable dns plugin")
|
||||||
}
|
}
|
||||||
|
|
||||||
func networkcreateCmd(c *cliconfig.NetworkCreateValues) error {
|
func networkcreateCmd(c *cliconfig.NetworkCreateValues) error {
|
||||||
|
|||||||
@ -982,6 +982,7 @@ _podman_network_create() {
|
|||||||
--subnet
|
--subnet
|
||||||
"
|
"
|
||||||
local boolean_options="
|
local boolean_options="
|
||||||
|
--disable-dns
|
||||||
--help
|
--help
|
||||||
-h
|
-h
|
||||||
--internal
|
--internal
|
||||||
|
|||||||
@ -15,6 +15,11 @@ If no options are provided, Podman will assign a free subnet and name for your n
|
|||||||
Upon completion of creating the network, Podman will display the path to the newly added network file.
|
Upon completion of creating the network, Podman will display the path to the newly added network file.
|
||||||
|
|
||||||
## OPTIONS
|
## OPTIONS
|
||||||
|
**--disable-dns**
|
||||||
|
|
||||||
|
Disables the DNS plugin for this network which if enabled, can perform container to container name
|
||||||
|
resolution.
|
||||||
|
|
||||||
**-d**, , **--driver**
|
**-d**, , **--driver**
|
||||||
|
|
||||||
Driver to manage the network (default "bridge"). Currently on `bridge` is supported.
|
Driver to manage the network (default "bridge"). Currently on `bridge` is supported.
|
||||||
|
|||||||
@ -155,15 +155,14 @@ func (r *LocalRuntime) removeNetwork(ctx context.Context, name string, container
|
|||||||
|
|
||||||
// NetworkCreate creates a CNI network
|
// NetworkCreate creates a CNI network
|
||||||
func (r *LocalRuntime) NetworkCreate(cli *cliconfig.NetworkCreateValues) (string, error) {
|
func (r *LocalRuntime) NetworkCreate(cli *cliconfig.NetworkCreateValues) (string, error) {
|
||||||
var (
|
|
||||||
err error
|
|
||||||
)
|
|
||||||
|
|
||||||
isGateway := true
|
isGateway := true
|
||||||
ipMasq := true
|
ipMasq := true
|
||||||
subnet := &cli.Network
|
subnet := &cli.Network
|
||||||
ipRange := cli.IPRange
|
ipRange := cli.IPRange
|
||||||
|
runtimeConfig, err := r.GetConfig()
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
// if range is provided, make sure it is "in" network
|
// if range is provided, make sure it is "in" network
|
||||||
if cli.IsSet("subnet") {
|
if cli.IsSet("subnet") {
|
||||||
// if network is provided, does it conflict with existing CNI or live networks
|
// if network is provided, does it conflict with existing CNI or live networks
|
||||||
@ -245,6 +244,11 @@ func (r *LocalRuntime) NetworkCreate(cli *cliconfig.NetworkCreateValues) (string
|
|||||||
plugins = append(plugins, bridge)
|
plugins = append(plugins, bridge)
|
||||||
plugins = append(plugins, network.NewPortMapPlugin())
|
plugins = append(plugins, network.NewPortMapPlugin())
|
||||||
plugins = append(plugins, network.NewFirewallPlugin())
|
plugins = append(plugins, network.NewFirewallPlugin())
|
||||||
|
// if we find the dnsname plugin, we add configuration for it
|
||||||
|
if network.HasDNSNamePlugin(runtimeConfig.CNIPluginDir) && !cli.DisableDNS {
|
||||||
|
// Note: in the future we might like to allow for dynamic domain names
|
||||||
|
plugins = append(plugins, network.NewDNSNamePlugin(network.DefaultPodmanDomainName))
|
||||||
|
}
|
||||||
ncList["plugins"] = plugins
|
ncList["plugins"] = plugins
|
||||||
b, err := json.MarshalIndent(ncList, "", " ")
|
b, err := json.MarshalIndent(ncList, "", " ")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
@ -14,6 +14,9 @@ const (
|
|||||||
// CNIDeviceName is the default network device name and in
|
// CNIDeviceName is the default network device name and in
|
||||||
// reality should have an int appended to it (cni-podman4)
|
// reality should have an int appended to it (cni-podman4)
|
||||||
CNIDeviceName = "cni-podman"
|
CNIDeviceName = "cni-podman"
|
||||||
|
// DefaultPodmanDomainName is used for the dnsname plugin to define
|
||||||
|
// a localized domain name for a created network
|
||||||
|
DefaultPodmanDomainName = "dns.podman"
|
||||||
)
|
)
|
||||||
|
|
||||||
// GetDefaultPodmanNetwork outputs the default network for podman
|
// GetDefaultPodmanNetwork outputs the default network for podman
|
||||||
@ -97,3 +100,14 @@ type FirewallConfig struct {
|
|||||||
func (f FirewallConfig) Bytes() ([]byte, error) {
|
func (f FirewallConfig) Bytes() ([]byte, error) {
|
||||||
return json.MarshalIndent(f, "", "\t")
|
return json.MarshalIndent(f, "", "\t")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// DNSNameConfig describes the dns container name resolution plugin config
|
||||||
|
type DNSNameConfig struct {
|
||||||
|
PluginType string `json:"type"`
|
||||||
|
DomainName string `json:"domainName"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Bytes outputs the configuration as []byte
|
||||||
|
func (d DNSNameConfig) Bytes() ([]byte, error) {
|
||||||
|
return json.MarshalIndent(d, "", "\t")
|
||||||
|
}
|
||||||
|
|||||||
@ -2,6 +2,8 @@ package network
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"net"
|
"net"
|
||||||
|
"os"
|
||||||
|
"path/filepath"
|
||||||
)
|
)
|
||||||
|
|
||||||
// NcList describes a generic map
|
// NcList describes a generic map
|
||||||
@ -111,3 +113,22 @@ func NewFirewallPlugin() FirewallConfig {
|
|||||||
Backend: "iptables",
|
Backend: "iptables",
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// NewDNSNamePlugin creates the dnsname config with a given
|
||||||
|
// domainname
|
||||||
|
func NewDNSNamePlugin(domainName string) DNSNameConfig {
|
||||||
|
return DNSNameConfig{
|
||||||
|
PluginType: "dnsname",
|
||||||
|
DomainName: domainName,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// HasDNSNamePlugin looks to see if the dnsname cni plugin is present
|
||||||
|
func HasDNSNamePlugin(paths []string) bool {
|
||||||
|
for _, p := range paths {
|
||||||
|
if _, err := os.Stat(filepath.Join(p, "dnsname")); err == nil {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user