opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-21 01:19:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9057 from baude/dnsnameinternal

Browse Source 
disable dnsname when --internal
This commit is contained in:
OpenShift Merge Robot
2021-01-25 17:35:52 +01:00
committed by GitHub
parent b4b78382cd 393a8f0261
commit cd62d372e5
3 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/source/markdown/podman-network-create.1.md
View File

@ -41,7 +41,8 @@ Define a gateway for the subnet. If you want to provide a gateway address, you m
#### **--internal** #### **--internal**
Restrict external access of this network Restrict external access of this network. Note when using this option, the dnsname plugin will be
automatically disabled.
#### **--ip-range** #### **--ip-range**

9
libpod/network/create.go
View File

@ -14,6 +14,7 @@ import (
"github.com/containers/podman/v2/pkg/rootless" "github.com/containers/podman/v2/pkg/rootless"
"github.com/containers/podman/v2/pkg/util" "github.com/containers/podman/v2/pkg/util"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/sirupsen/logrus"
) )
// Create the CNI network // Create the CNI network
@ -226,8 +227,12 @@ func createBridge(name string, options entities.NetworkCreateOptions, runtimeCon
// if we find the dnsname plugin or are rootless, we add configuration for it // if we find the dnsname plugin or are rootless, we add configuration for it
// the rootless-cni-infra container has the dnsname plugin always installed // the rootless-cni-infra container has the dnsname plugin always installed
if (HasDNSNamePlugin(runtimeConfig.Network.CNIPluginDirs) || rootless.IsRootless()) && !options.DisableDNS { if (HasDNSNamePlugin(runtimeConfig.Network.CNIPluginDirs) || rootless.IsRootless()) && !options.DisableDNS {
// Note: in the future we might like to allow for dynamic domain names if options.Internal {
plugins = append(plugins, NewDNSNamePlugin(DefaultPodmanDomainName)) logrus.Warnf("dnsname and --internal networks are incompatible. dnsname plugin not configured for network %s", name)
} else {
// Note: in the future we might like to allow for dynamic domain names
plugins = append(plugins, NewDNSNamePlugin(DefaultPodmanDomainName))
}
} }
ncList["plugins"] = plugins ncList["plugins"] = plugins
b, err := json.MarshalIndent(ncList, "", " ") b, err := json.MarshalIndent(ncList, "", " ")

17
test/e2e/network_create_test.go
View File

@ -375,4 +375,21 @@ var _ = Describe("Podman network create", func() {
Expect(nc).To(ExitWithError()) Expect(nc).To(ExitWithError())
}) })
It("podman network create with internal should not have dnsname", func() {
net := "internal-test" + stringid.GenerateNonCryptoID()
nc := podmanTest.Podman([]string{"network", "create", "--internal", net})
nc.WaitWithDefaultTimeout()
defer podmanTest.removeCNINetwork(net)
Expect(nc.ExitCode()).To(BeZero())
// Not performing this check on remote tests because it is a logrus error which does
// not come back via stderr on the remote client.
if !IsRemote() {
Expect(nc.ErrorToString()).To(ContainSubstring("dnsname and --internal networks are incompatible"))
}
nc = podmanTest.Podman([]string{"network", "inspect", net})
nc.WaitWithDefaultTimeout()
Expect(nc.ExitCode()).To(BeZero())
Expect(nc.OutputToString()).ToNot(ContainSubstring("dnsname"))
})
}) })