diff --git a/pkg/os/os.go b/pkg/os/os.go index 30252cbc28d3..f77515a112a8 100644 --- a/pkg/os/os.go +++ b/pkg/os/os.go @@ -43,6 +43,7 @@ type OS interface { Mount(source string, target string, fstype string, flags uintptr, data string) error Unmount(target string) error LookupMount(path string) (mount.Info, error) + Hostname() (string, error) } // RealOS is used to dispatch the real system level operations. @@ -134,3 +135,8 @@ func Unmount(target string) error { return err } + +// Hostname will call os.Hostname to get the hostname of the host. +func (RealOS) Hostname() (string, error) { + return os.Hostname() +} diff --git a/pkg/os/testing/fake_os.go b/pkg/os/testing/fake_os.go index aaa29fa0dd89..7740e847bda4 100644 --- a/pkg/os/testing/fake_os.go +++ b/pkg/os/testing/fake_os.go @@ -51,6 +51,7 @@ type FakeOS struct { MountFn func(source string, target string, fstype string, flags uintptr, data string) error UnmountFn func(target string) error LookupMountFn func(path string) (containerdmount.Info, error) + HostnameFn func() (string, error) calls []CalledDetail errors map[string]error } @@ -254,3 +255,16 @@ func (f *FakeOS) LookupMount(path string) (containerdmount.Info, error) { } return containerdmount.Info{}, nil } + +// Hostname is a fake call that invokes HostnameFn or just return nil. +func (f *FakeOS) Hostname() (string, error) { + f.appendCalls("Hostname") + if err := f.getError("Hostname"); err != nil { + return "", err + } + + if f.HostnameFn != nil { + return f.HostnameFn() + } + return "", nil +} diff --git a/pkg/server/container_create.go b/pkg/server/container_create.go index e76b1c46053d..94560f83d8f4 100644 --- a/pkg/server/container_create.go +++ b/pkg/server/container_create.go @@ -334,6 +334,17 @@ func (c *criService) generateContainerSpec(id string, sandboxID string, sandboxP g.AddProcessEnv("TERM", "xterm") } + // Add HOSTNAME env. + hostname := sandboxConfig.GetHostname() + if sandboxConfig.GetLinux().GetSecurityContext().GetNamespaceOptions().GetNetwork() == runtime.NamespaceMode_NODE && + hostname == "" { + hostname, err = c.os.Hostname() + if err != nil { + return nil, err + } + } + g.AddProcessEnv(hostnameEnv, hostname) + // Apply envs from image config first, so that envs from container config // can override them. if err := addImageEnvs(&g, imageConfig.Env); err != nil { diff --git a/pkg/server/container_create_test.go b/pkg/server/container_create_test.go index 9f214cd122d6..29cdd09516a7 100644 --- a/pkg/server/container_create_test.go +++ b/pkg/server/container_create_test.go @@ -979,3 +979,45 @@ func TestMaskedAndReadonlyPaths(t *testing.T) { assert.Equal(t, test.expectedReadonly, spec.Linux.ReadonlyPaths) } } + +func TestHostname(t *testing.T) { + testID := "test-id" + testSandboxID := "sandbox-id" + testPid := uint32(1234) + config, sandboxConfig, imageConfig, specCheck := getCreateContainerTestData() + c := newTestCRIService() + c.os.(*ostesting.FakeOS).HostnameFn = func() (string, error) { + return "real-hostname", nil + } + for desc, test := range map[string]struct { + hostname string + networkNs runtime.NamespaceMode + expectedEnv string + }{ + "should add HOSTNAME=sandbox.Hostname for pod network namespace": { + hostname: "test-hostname", + networkNs: runtime.NamespaceMode_POD, + expectedEnv: "HOSTNAME=test-hostname", + }, + "should add HOSTNAME=sandbox.Hostname for host network namespace": { + hostname: "test-hostname", + networkNs: runtime.NamespaceMode_NODE, + expectedEnv: "HOSTNAME=test-hostname", + }, + "should add HOSTNAME=os.Hostname for host network namespace if sandbox.Hostname is not set": { + hostname: "", + networkNs: runtime.NamespaceMode_NODE, + expectedEnv: "HOSTNAME=real-hostname", + }, + } { + t.Logf("TestCase %q", desc) + sandboxConfig.Hostname = test.hostname + sandboxConfig.Linux.SecurityContext = &runtime.LinuxSandboxSecurityContext{ + NamespaceOptions: &runtime.NamespaceOption{Network: test.networkNs}, + } + spec, err := c.generateContainerSpec(testID, testSandboxID, testPid, config, sandboxConfig, imageConfig, nil) + require.NoError(t, err) + specCheck(t, testID, testSandboxID, testPid, spec) + assert.Contains(t, spec.Process.Env, test.expectedEnv) + } +} diff --git a/pkg/server/helpers.go b/pkg/server/helpers.go index f2f171a26d93..0951ad077fd3 100644 --- a/pkg/server/helpers.go +++ b/pkg/server/helpers.go @@ -97,6 +97,8 @@ const ( etcHosts = "/etc/hosts" // resolvConfPath is the abs path of resolv.conf on host or container. resolvConfPath = "/etc/resolv.conf" + // hostnameEnv is the key for HOSTNAME env. + hostnameEnv = "HOSTNAME" ) const (