Skip to content

Commit

Permalink
Add ability to set system wide options for slirp4netns
Browse files Browse the repository at this point in the history 
Wire in containers.conf options for slirp

Signed-off-by: Ashley Cui <[email protected]>
  • Loading branch information
@ashley-cui
ashley-cui committed Dec 4, 2020
1 parent 90d4110 commit d6d3af9
Show file tree
Hide file tree
Showing 3 changed files with 71 additions and 59 deletions.
119 changes: 60 additions & 59 deletions libpod/networking_linux.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -245,7 +245,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error {
// setupSlirp4netns can be called in rootful as well as in rootless
func (r *Runtime) setupSlirp4netns(ctr *Container) error {
path := r.config.Engine.NetworkCmdPath

slirpOptions := r.config.Engine.NetworkCmdOptions
if path == "" {
var err error
path, err = exec.LookPath("slirp4netns")
Expand Down Expand Up @@ -273,68 +273,69 @@ func (r *Runtime) setupSlirp4netns(ctr *Container) error {
outboundAddr6 := ""

if ctr.config.NetworkOptions != nil {
slirpOptions := ctr.config.NetworkOptions["slirp4netns"]
for _, o := range slirpOptions {
parts := strings.SplitN(o, "=", 2)
if len(parts) < 2 {
return errors.Errorf("unknown option for slirp4netns: %q", o)
slirpOptions = append(slirpOptions, ctr.config.NetworkOptions["slirp4netns"]...)
}

for _, o := range slirpOptions {
parts := strings.SplitN(o, "=", 2)
if len(parts) < 2 {
return errors.Errorf("unknown option for slirp4netns: %q", o)
}
option, value := parts[0], parts[1]
switch option {
case "cidr":
ipv4, _, err := net.ParseCIDR(value)
if err != nil || ipv4.To4() == nil {
return errors.Errorf("invalid cidr %q", value)
}
option, value := parts[0], parts[1]
switch option {
case "cidr":
ipv4, _, err := net.ParseCIDR(value)
if err != nil || ipv4.To4() == nil {
return errors.Errorf("invalid cidr %q", value)
}
cidr = value
case "port_handler":
switch value {
case "slirp4netns":
isSlirpHostForward = true
case "rootlesskit":
isSlirpHostForward = false
default:
return errors.Errorf("unknown port_handler for slirp4netns: %q", value)
}
case "allow_host_loopback":
switch value {
case "true":
disableHostLoopback = false
case "false":
disableHostLoopback = true
default:
return errors.Errorf("invalid value of allow_host_loopback for slirp4netns: %q", value)
}
case "enable_ipv6":
switch value {
case "true":
enableIPv6 = true
case "false":
enableIPv6 = false
default:
return errors.Errorf("invalid value of enable_ipv6 for slirp4netns: %q", value)
}
case "outbound_addr":
ipv4 := net.ParseIP(value)
if ipv4 == nil || ipv4.To4() == nil {
_, err := net.InterfaceByName(value)
if err != nil {
return errors.Errorf("invalid outbound_addr %q", value)
}
cidr = value
case "port_handler":
switch value {
case "slirp4netns":
isSlirpHostForward = true
case "rootlesskit":
isSlirpHostForward = false
default:
return errors.Errorf("unknown port_handler for slirp4netns: %q", value)
}
case "allow_host_loopback":
switch value {
case "true":
disableHostLoopback = false
case "false":
disableHostLoopback = true
default:
return errors.Errorf("invalid value of allow_host_loopback for slirp4netns: %q", value)
}
case "enable_ipv6":
switch value {
case "true":
enableIPv6 = true
case "false":
enableIPv6 = false
default:
return errors.Errorf("invalid value of enable_ipv6 for slirp4netns: %q", value)
}
case "outbound_addr":
ipv4 := net.ParseIP(value)
if ipv4 == nil || ipv4.To4() == nil {
_, err := net.InterfaceByName(value)
if err != nil {
return errors.Errorf("invalid outbound_addr %q", value)
}
outboundAddr = value
case "outbound_addr6":
ipv6 := net.ParseIP(value)
if ipv6 == nil || ipv6.To4() != nil {
_, err := net.InterfaceByName(value)
if err != nil {
return errors.Errorf("invalid outbound_addr6: %q", value)
}
}
outboundAddr = value
case "outbound_addr6":
ipv6 := net.ParseIP(value)
if ipv6 == nil || ipv6.To4() != nil {
_, err := net.InterfaceByName(value)
if err != nil {
return errors.Errorf("invalid outbound_addr6: %q", value)
}
outboundAddr6 = value
default:
return errors.Errorf("unknown option for slirp4netns: %q", o)
}
outboundAddr6 = value
default:
return errors.Errorf("unknown option for slirp4netns: %q", o)
}
}

Expand Down
4 changes: 4 additions & 0 deletions test/e2e/config/containers.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,3 +52,7 @@ dns_options=[ "debug", ]
tz = "Pacific/Honolulu"

umask = "0002"

[engine]

network_cmd_options=["allow_host_loopback=true"]
7 changes: 7 additions & 0 deletions test/e2e/containers_conf_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -258,6 +258,12 @@ var _ = Describe("Podman run", func() {
Expect(session.OutputToString()).To(Equal("0002"))
})

It("podman set network cmd options slirp options to allow host loopback", func() {
session := podmanTest.Podman([]string{"run", "--network", "slirp4netns", ALPINE, "ping", "-c1", "10.0.2.2"})
session.Wait(30)
Expect(session.ExitCode()).To(Equal(0))
})

It("podman-remote test localcontainers.conf versus remote containers.conf", func() {
if !IsRemote() {
Skip("this test is only for remote")
Expand Down Expand Up @@ -311,4 +317,5 @@ var _ = Describe("Podman run", func() {
Expect(session.ExitCode()).To(Equal(0))
Expect(session.OutputToString()).To(Equal("0022"))
})

})

0 comments on commit d6d3af9

Please sign in to comment.