The docs were rather vague about the deprecation of CNI, make it clear
that we are going to remove it with 5.0 as we decided to do that in our
planning.
Also while looking at the podman network create docs I noticed
--ipam-driver dhcp was still documented as not supported with netavark
so I fixed that as well.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Where the terms CNI and cni are used in documentation like man pages,
readme's, and tutorials, we have begun to add deprecation notices where
applicable. In cases where netavark cannot do what CNI can, those have
been left alone.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
in order for the fall back mechanisms to work in containernetworking-plugins, the firewall plugin must still be called via the cni configuration file. however, no backend will be specified as we will rely on cni to do the right thing.
Signed-off-by: Brent Baude <bbaude@redhat.com>
it turns out that when the firewall plugin is not provided as part of the configuration, then the firewall cni plugin will dynamically figure out if it should use firewalld or iptables.
also removing this from the default configuration file
Signed-off-by: Brent Baude <bbaude@redhat.com>
Both Podman and CRI-O set up CNI bridges with the name 'cni0'. If
both our CNI conflist and the CRI-O conflist are installed,
whoever runs first will win - that is, they will configure the
bridge, and everyone will use it. Problem: the CRI-O CNI config
conflicts with ours and results in containers with no networking.
Solution: rename our bridge so we don't conflict with CRI-O.
At the same time, hit our IPAM configuration. The current version
was an older format in danger of deprecation. The new format is
documented at [1].
Finally, fix indentation for the entire file.
[1] https://github.com/containernetworking/plugins/tree/master/plugins/ipam/host-local#example-configurations
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Update the CNI configuration instructions to line up with
the changes introduced in #3868. Also do a bit less documentation
of the configuration and point to the GitHub project so we won't
get out of sync in the future.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
drop the pkg/firewall module and start using the firewall CNI plugin.
It requires an updated package for CNI plugins.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This change updates the install.md documentation to reference the new
cni directory location. This change also restores the previously
deleted README.md with updated instructions.
Signed-off-by: Tristan Cacqueray <tdecacqu@redhat.com>
Closes: #761
Approved by: baude
Set up nbetworking ports for the following use cases:
* bind the same port between host and container
* bind a specific host port to a different container port
* bind a random host port to a specific container port
Signed-off-by: baude <bbaude@redhat.com>
Closes: #214
Approved by: baude
podman needs a pair of configuration files to set up its default
network configuration: a bridge and loopback file.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #161
Approved by: baude
