From 3e2b9a28da6df72f752ab88a24652f5477ecf624 Mon Sep 17 00:00:00 2001 From: Romain Geissler Date: Tue, 10 Jan 2023 23:21:22 +0000 Subject: [PATCH] [docker compat] Don't overwrite the NetworkMode if containers.conf overrides netns. Fixes #16915 (only the part about docker client). Signed-off-by: Romain Geissler --- pkg/api/handlers/compat/containers_create.go | 11 +++++++++-- test/apiv2/20-containers.at | 18 ++++++++++++++++++ test/apiv2/containers.host-netns.conf | 2 ++ 3 files changed, 29 insertions(+), 2 deletions(-) create mode 100644 test/apiv2/containers.host-netns.conf diff --git a/pkg/api/handlers/compat/containers_create.go b/pkg/api/handlers/compat/containers_create.go index 107070f2c0..8d12afd729 100644 --- a/pkg/api/handlers/compat/containers_create.go +++ b/pkg/api/handlers/compat/containers_create.go @@ -262,10 +262,17 @@ func cliOpts(cc handlers.CreateContainerConfig, rtc *config.Config) (*entities.C } // special case for NetworkMode, the podman default is slirp4netns for - // rootless but for better docker compat we want bridge. + // rootless but for better docker compat we want bridge. Do this only if + // the default config in containers.conf wasn't overridden to use another + // value than the default "private" one. netmode := string(cc.HostConfig.NetworkMode) + configDefaultNetNS := rtc.Containers.NetNS if netmode == "" || netmode == "default" { - netmode = "bridge" + if configDefaultNetNS == "" || configDefaultNetNS == string(specgen.Default) || configDefaultNetNS == string(specgen.Private) { + netmode = "bridge" + } else { + netmode = configDefaultNetNS + } } nsmode, networks, netOpts, err := specgen.ParseNetworkFlag([]string{netmode}, false) diff --git a/test/apiv2/20-containers.at b/test/apiv2/20-containers.at index d3a2a3a25a..57adb02ae1 100644 --- a/test/apiv2/20-containers.at +++ b/test/apiv2/20-containers.at @@ -417,6 +417,24 @@ t GET containers/$cid/json 200 \ t DELETE containers/$cid?v=true 204 +# test create with default netns="host" +stop_service +CONTAINERS_CONF=$TESTS_DIR/containers.host-netns.conf start_service + +# check that the default docker netns "default" is rewritten to "host" +# when the containers.conf explicitly uses "host" +t POST containers/create Image=$IMAGE HostConfig='{"NetworkMode":"default"}' 201 \ + .Id~[0-9a-f]\\{64\\} +cid=$(jq -r '.Id' <<<"$output") +t GET containers/$cid/json 200 \ + .HostConfig.NetworkMode="host" + +t DELETE containers/$cid?v=true 204 + +# Restart with the default containers.conf for next tests. +stop_service +start_service + # Test Compat Create with healthcheck, check default values t POST containers/create Image=$IMAGE Cmd='["top"]' Healthcheck='{"Test":["true"]}' 201 \ .Id~[0-9a-f]\\{64\\} diff --git a/test/apiv2/containers.host-netns.conf b/test/apiv2/containers.host-netns.conf new file mode 100644 index 0000000000..41199741a8 --- /dev/null +++ b/test/apiv2/containers.host-netns.conf @@ -0,0 +1,2 @@ +[containers] +netns="host"