podman network create

initial implementation of network create. we only support bridging networks with this first pass. Signed-off-by: baude <bbaude@redhat.com>
containers · Sep 9, 2019 · ee432cf · ee432cf
1 parent 30cbb00
commit ee432cf
Show file tree

Hide file tree

Showing 47 changed files with 4,677 additions and 55 deletions.
diff --git a/cmd/podman/cliconfig/config.go b/cmd/podman/cliconfig/config.go
@@ -1,6 +1,8 @@
 package cliconfig
 
 import (
+	"net"
+
 	"github.com/spf13/cobra"
 )
 
@@ -259,6 +261,17 @@ type MountValues struct {
 	Latest  bool
 }
 
+type NetworkCreateValues struct {
+	PodmanCommand
+	Driver     string
+	Gateway    net.IP
+	Internal   bool
+	IPamDriver string
+	IPRange    net.IPNet
+	IPV6       bool
+	Network    net.IPNet
+}
+
 type NetworkListValues struct {
 	PodmanCommand
 	Filter []string

diff --git a/cmd/podman/network.go b/cmd/podman/network.go
@@ -17,8 +17,8 @@ var networkcheckCommand = cliconfig.PodmanCommand{
 	},
 }
 
-// Commands that are universally implemented
 var networkcheckCommands = []*cobra.Command{
+	_networkCreateCommand,
 	_networkinspectCommand,
 	_networklistCommand,
 	_networkrmCommand,

diff --git a/cmd/podman/network_create.go b/cmd/podman/network_create.go
@@ -0,0 +1,70 @@
+// +build !remoteclient
+
+package main
+
+import (
+	"fmt"
+	"github.com/containers/libpod/pkg/network"
+	"net"
+
+	"github.com/containers/libpod/cmd/podman/cliconfig"
+	"github.com/containers/libpod/pkg/adapter"
+	"github.com/containers/libpod/pkg/rootless"
+	"github.com/pkg/errors"
+	"github.com/spf13/cobra"
+)
+
+var (
+	networkCreateCommand     cliconfig.NetworkCreateValues
+	networkCreateDescription = `create CNI networks for containers and pods`
+	_networkCreateCommand    = &cobra.Command{
+		Use:   "create [flags] [NETWORK]",
+		Short: "network create",
+		Long:  networkCreateDescription,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			networkCreateCommand.InputArgs = args
+			networkCreateCommand.GlobalFlags = MainGlobalOpts
+			networkCreateCommand.Remote = remoteclient
+			return networkcreateCmd(&networkCreateCommand)
+		},
+		Example: `podman network create podman1`,
+	}
+)
+
+func init() {
+	networkCreateCommand.Command = _networkCreateCommand
+	networkCreateCommand.SetHelpTemplate(HelpTemplate())
+	networkCreateCommand.SetUsageTemplate(UsageTemplate())
+	flags := networkCreateCommand.Flags()
+	flags.StringVarP(&networkCreateCommand.Driver, "driver", "d", "bridge", "driver to manage the network")
+	flags.IPVar(&networkCreateCommand.Gateway, "gateway", nil, "IPv4 or IPv6 gateway for the subnet")
+	flags.BoolVar(&networkCreateCommand.Internal, "internal", false, "restrict external access from this network")
+	flags.IPNetVar(&networkCreateCommand.IPRange, "ip-range", net.IPNet{}, "allocate container IP from range")
+	// TODO not supported yet
+	//flags.StringVar(&networkCreateCommand.IPamDriver, "ipam-driver", "",  "IP Address Management Driver")
+	// TODO enable when IPv6 is working
+	//flags.BoolVar(&networkCreateCommand.IPV6, "IPv6", false, "enable IPv6 networking")
+	flags.IPNetVar(&networkCreateCommand.Network, "subnet", net.IPNet{}, "subnet in CIDR format")
+
+}
+
+func networkcreateCmd(c *cliconfig.NetworkCreateValues) error {
+	if err := network.IsSupportedDriver(c.Driver); err != nil {
+		return err
+	}
+	if rootless.IsRootless() && !remoteclient {
+		return errors.New("network create is not supported for rootless mode")
+	}
+	if len(c.InputArgs) > 1 {
+		return errors.Errorf("only one network can be created at a time")
+	}
+	runtime, err := adapter.GetRuntimeNoStore(getContext(), &c.PodmanCommand)
+	if err != nil {
+		return err
+	}
+	fileName, err := runtime.NetworkCreate(c)
+	if err == nil {
+		fmt.Println(fileName)
+	}
+	return err
+}
diff --git a/commands.md b/commands.md
@@ -45,6 +45,7 @@
 | [podman-logs(1)](/docs/podman-logs.1.md)                                 | Display the logs of a container                                            |
 | [podman-mount(1)](/docs/podman-mount.1.md)                               | Mount a working container's root filesystem                                |
 | [podman-network(1)](/docs/podman-network.1.md)                           | Manage Podman CNI networks             |
+| [podman-network-create(1)](/docs/podman-network-create.1.md)             | Create a CNI network             |
 | [podman-network-inspect(1)](/docs/podman-network-inspect.1.md)           | Inspect one or more Podman networks             |
 | [podman-network-ls(1)](/docs/podman-network-ls.1.md)                     | Display a summary of Podman networks             |
 | [podman-network-rm(1)](/docs/podman-network-rm.1.md)                     | Remove one or more Podman networks             |

diff --git a/completions/bash/podman b/completions/bash/podman
@@ -952,6 +952,7 @@ _podman_network() {
 	-h
 	"
      subcommands="
+     create
 	 inspect
 	 ls
 	 rm
@@ -968,6 +969,27 @@ _podman_network() {
      esac
 }
 
+_podman_network_create() {
+    local options_with_args="
+    -d
+    --driver
+    --gateway
+    --ip-range
+    --subnet
+     "
+    local boolean_options="
+	--help
+	-h
+	--internal
+    "
+    _complete_ "$options_with_args" "$boolean_options"
+
+    case "$cur" in
+	-*)
+	    COMPREPLY=($(compgen -W "$boolean_options $options_with_args" -- "$cur"))
+	    ;;
+    esac
+}
 _podman_network_inspect() {
     local options_with_args="
      "
@@ -1002,7 +1024,7 @@ _podman_network_ls() {
     esac
 }
 
-_podman_network_ls() {
+_podman_network_rm() {
     local options_with_args="
      "
     local boolean_options="

diff --git a/docs/podman-network-create.1.md b/docs/podman-network-create.1.md
@@ -0,0 +1,70 @@
+% podman-network-create(1)
+
+## NAME
+podman\-network-create - Create a Podman CNI network
+
+## SYNOPSIS
+**podman network create**  [*options*] name
+
+## DESCRIPTION
+Create a CNI-network configuration for use with Podman. At the time of this writing, the only network
+type that can be created is a *bridge* network.
+
+If no options are provided, Podman will assign a free subnet and name for your network.
+
+Upon completion of creating the network, Podman will display the path to the newly added network file.
+
+## OPTIONS
+**-d**, , **--driver**
+
+Driver to manage the network (default "bridge").  Currently on `bridge` is supported.
+
+**--gateway**
+
+Define a gateway for the subnet. If you want to provide a gateway address, you must also provide a
+*subnet* option.
+
+**--internal**
+
+Restrict external access of this network
+
+**--ip-range**
+
+Allocate container IP from a range.  The range must be a complete subnet and in CIDR notation.  The *ip-range* option
+must be used with a *subnet* option.
+
+**--subnet**
+
+The subnet in CIDR notation.
+
+## EXAMPLE
+
+Create a network with no options
+```
+# podman network create
+/etc/cni/net.d/cni-podman-4.conflist
+```
+
+Create a network named *newnet* that uses *192.5.0.0/16* for its subnet.
+```
+# podman network create --subnet 192.5.0.0/16 newnet
+/etc/cni/net.d/newnet.conflist
+```
+
+Create a network named *newnet* that uses *192.168.33.0/24* and defines a gateway as *192.168.133.3*
+```
+# podman network create --subnet 192.168.33.0/24 --gateway 192.168.33.3 newnet
+/etc/cni/net.d/newnet.conflist
+```
+
+Create a network that uses a *192.168.55.0/24** subnet and has an IP address range of *192.168.55.129 - 192.168.55.254*.
+```
+# podman network create --subnet 192.168.55.0/24 --ip-range 192.168.55.128/25
+/etc/cni/net.d/cni-podman-5.conflist
+```
+
+## SEE ALSO
+podman(1), podman-network(1), podman-network-inspect(1)
+
+## HISTORY
+August 2019, Originally compiled by Brent Baude <bbaude@redhat.com>
diff --git a/docs/podman-network-ls.1.md b/docs/podman-network-ls.1.md
@@ -12,7 +12,7 @@ Displays a list of existing podman networks. This command is not available for r
 ## OPTIONS
 **--quiet**, **-q**
 
-The `quiet` options will restrict the output to only the network names
+The `quiet` option will restrict the output to only the network names
 
 ## EXAMPLE
 

diff --git a/docs/podman-network.1.md b/docs/podman-network.1.md
@@ -13,6 +13,7 @@ The network command manages CNI networks for Podman. It is not supported for roo
 
 | Command  | Man Page                                            | Description                                                                  |
 | -------  | --------------------------------------------------- | ---------------------------------------------------------------------------- |
+| create | [podman-network-create(1)](podman-network-create.1.md)| Create a Podman CNI network|
 | inspect | [podman-network-inspect(1)](podman-network-inspect.1.md)| Displays the raw CNI network configuration for one or more networks|
 | ls | [podman-network-ls(1)](podman-network-ls.1.md)| Display a summary of CNI networks                        |
 | rm | [podman-network-rm(1)](podman-network-rm.1.md)| Remove one or more CNI networks                        |

diff --git a/go.mod b/go.mod
@@ -20,6 +20,7 @@ require (
 	github.com/containers/storage v1.13.2
 	github.com/coreos/bbolt v1.3.3 // indirect
 	github.com/coreos/etcd v3.3.13+incompatible // indirect
+	github.com/coreos/go-iptables v0.4.2 // indirect
 	github.com/coreos/go-semver v0.3.0 // indirect
 	github.com/coreos/go-systemd v0.0.0-20190620071333-e64a0ec8b42a
 	github.com/cri-o/ocicni v0.1.1-0.20190702175919-7762645d18ca
@@ -75,6 +76,7 @@ require (
 	github.com/pmezard/go-difflib v1.0.0
 	github.com/prometheus/common v0.6.0 // indirect
 	github.com/rogpeppe/fastuuid v1.1.0 // indirect
+	github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8 // indirect
 	github.com/seccomp/containers-golang v0.0.0-20190312124753-8ca8945ccf5f // indirect
 	github.com/seccomp/libseccomp-golang v0.9.1 // indirect
 	github.com/sirupsen/logrus v1.4.2

diff --git a/go.sum b/go.sum
@@ -114,6 +114,8 @@ github.com/coreos/go-iptables v0.4.0 h1:wh4UbVs8DhLUbpyq97GLJDKrQMjEDD63T1xE4Crs
 github.com/coreos/go-iptables v0.4.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU=
 github.com/coreos/go-iptables v0.4.1 h1:TyEMaK2xD/EcB0385QcvX/OvI2XI7s4SJEI2EhZFfEU=
 github.com/coreos/go-iptables v0.4.1/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU=
+github.com/coreos/go-iptables v0.4.2 h1:KH0EwId05JwWIfb96gWvkiT2cbuOu8ygqUaB+yPAwIg=
+github.com/coreos/go-iptables v0.4.2/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU=
 github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7 h1:u9SHYsPQNyt5tgDm3YN7+9dYrpK96E5wFilTFWIDZOM=
@@ -461,6 +463,8 @@ github.com/rogpeppe/fastuuid v1.1.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6L
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
 github.com/russross/blackfriday v2.0.0+incompatible/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
+github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8 h1:2c1EFnZHIPCW8qKWgHMH/fX2PkSabFc5mrVzfUNdg5U=
+github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4=
 github.com/seccomp/containers-golang v0.0.0-20180629143253-cdfdaa7543f4 h1:rOG9oHVIndNR14f3HRyBy9UPQYmIPniWqTU1TDdHhq4=
 github.com/seccomp/containers-golang v0.0.0-20180629143253-cdfdaa7543f4/go.mod h1:f/98/SnvAzhAEFQJ3u836FePXvcbE8BS0YGMQNn4mhA=
 github.com/seccomp/containers-golang v0.0.0-20190312124753-8ca8945ccf5f h1:OtU/w6sBKmXYaw2KEODxjcYi3oPSyyslhgGFgIJVGAI=