Merge pull request #1951 from baude/podcontainernet

bind mount /etc/resolv.conf|hosts in pods
2025-06-22 18:08:11 +08:00 · 2018-12-06 12:50:18 -08:00
parent fb3ceeb385 39a036e24d
commit d37647ddf8
3 changed files with 36 additions and 7 deletions
--- a/libpod/container.go
+++ b/libpod/container.go
@ -1001,13 +1001,28 @@ func (c *Container) IsReadOnly() bool {
 }

 // NetworkDisabled returns whether the container is running with a disabled network
-func (c *Container) NetworkDisabled() bool {
+func (c *Container) NetworkDisabled() (bool, error) {
+	if c.config.NetNsCtr != "" {
+		container, err := c.runtime.LookupContainer(c.config.NetNsCtr)
+		if err != nil {
+			return false, err
+		}
+		return networkDisabled(container)
+	}
+	return networkDisabled(c)
+
+}
+
+func networkDisabled(c *Container) (bool, error) {
+	if c.config.CreateNetNS {
+		return false, nil
+	}
 	if !c.config.PostConfigureNetNS {
 		for _, ns := range c.config.Spec.Linux.Namespaces {
 			if ns.Type == spec.NetworkNamespace {
-				return ns.Path == ""
+				return ns.Path == "", nil
 			}
 		}
 	}
-	return false
+	return false, nil
 }
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@ -601,7 +601,11 @@ func (c *Container) checkDependenciesRunningLocked(depCtrs map[string]*Container
 }

 func (c *Container) completeNetworkSetup() error {
-	if !c.config.PostConfigureNetNS || c.NetworkDisabled() {
+	netDisabled, err := c.NetworkDisabled()
+	if err != nil {
+		return err
+	}
+	if !c.config.PostConfigureNetNS || netDisabled {
 		return nil
 	}
 	if err := c.syncContainer(); err != nil {
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@ -136,7 +136,14 @@ func (c *Container) prepare() (err error) {

 // cleanupNetwork unmounts and cleans up the container's network
 func (c *Container) cleanupNetwork() error {
-	if c.NetworkDisabled() {
+	if c.config.NetNsCtr != "" {
+		return nil
+	}
+	netDisabled, err := c.NetworkDisabled()
+	if err != nil {
+		return err
+	}
+	if netDisabled {
 		return nil
 	}
 	if c.state.NetNS == nil {
@ -180,7 +187,6 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
 	if err := c.makeBindMounts(); err != nil {
 		return nil, err
 	}
-
 	// Check if the spec file mounts contain the label Relabel flags z or Z.
 	// If they do, relabel the source directory and then remove the option.
 	for _, m := range g.Mounts() {
@ -633,8 +639,12 @@ func (c *Container) makeBindMounts() error {
 	if c.state.BindMounts == nil {
 		c.state.BindMounts = make(map[string]string)
 	}
+	netDisabled, err := c.NetworkDisabled()
+	if err != nil {
+		return err
+	}

-	if !c.NetworkDisabled() {
+	if !netDisabled {
 		// Make /etc/resolv.conf
 		if _, ok := c.state.BindMounts["/etc/resolv.conf"]; ok {
 			// If it already exists, delete so we can recreate