opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-21 17:38:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9066 from giuseppe/set-source-to-net

Browse Source 
networking: lookup child IP in networks
This commit is contained in:
OpenShift Merge Robot
2021-01-24 16:16:10 +01:00
committed by GitHub
parent b6765c17e6 0ba1942f26
commit 479fc22604
2 changed files with 35 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
libpod/networking_linux.go
View File

@ -550,13 +550,25 @@ func (r *Runtime) setupRootlessPortMappingViaRLK(ctr *Container, netnsPath strin
} }
} }
childIP := slirp4netnsIP
outer:
for _, r := range ctr.state.NetworkStatus {
for _, i := range r.IPs {
ipv4 := i.Address.IP.To4()
if ipv4 != nil {
childIP = ipv4.String()
break outer
}
}
}
cfg := rootlessport.Config{ cfg := rootlessport.Config{
Mappings: ctr.config.PortMappings, Mappings: ctr.config.PortMappings,
NetNSPath: netnsPath, NetNSPath: netnsPath,
ExitFD: 3, ExitFD: 3,
ReadyFD: 4, ReadyFD: 4,
TmpDir: ctr.runtime.config.Engine.TmpDir, TmpDir: ctr.runtime.config.Engine.TmpDir,
ChildIP: slirp4netnsIP, ChildIP: childIP,
} }
cfgJSON, err := json.Marshal(cfg) cfgJSON, err := json.Marshal(cfg)
if err != nil { if err != nil {

22
test/system/500-networking.bats
View File

@ -98,6 +98,7 @@ load helpers
# "network create" now works rootless, with the help of a special container # "network create" now works rootless, with the help of a special container
@test "podman network create" { @test "podman network create" {
skip_if_remote "FIXME: pending #7808" skip_if_remote "FIXME: pending #7808"
myport=54322
local mynetname=testnet-$(random_string 10) local mynetname=testnet-$(random_string 10)
local mysubnet=$(random_rfc1918_subnet) local mysubnet=$(random_rfc1918_subnet)
@ -115,6 +116,27 @@ load helpers
is "$output" ".* inet ${mysubnet}\.2/24 brd ${mysubnet}\.255 " \ is "$output" ".* inet ${mysubnet}\.2/24 brd ${mysubnet}\.255 " \
"sdfsdf" "sdfsdf"
run_podman run --rm -d --network $mynetname -p 127.0.0.1:$myport:$myport \
$IMAGE nc -l -n -v -p $myport
cid="$output"
# emit random string, and check it
teststring=$(random_string 30)
echo "$teststring" | nc 127.0.0.1 $myport
run_podman logs $cid
# Sigh. We can't check line-by-line, because 'nc' output order is
# unreliable. We usually get the 'connect to' line before the random
# string, but sometimes we get it after. So, just do substring checks.
is "$output" ".*listening on \[::\]:$myport .*" "nc -v shows right port"
# This is the truly important check: make sure the remote IP is
# in the 172.X range, not 127.X.
is "$output" \
".*connect to \[::ffff:172\..*\]:$myport from \[::ffff:172\..*\]:.*" \
"nc -v shows remote IP address in 172.X space (not 127.0.0.1)"
is "$output" ".*${teststring}.*" "test string received on container"
# Cannot create network with the same name # Cannot create network with the same name
run_podman 125 network create $mynetname run_podman 125 network create $mynetname
is "$output" "Error: the network name $mynetname is already used" \ is "$output" "Error: the network name $mynetname is already used" \