Skip to content

Add support for --network=netns:/proc/pid/ns/net#272

Merged
runcom merged 1 commit intoprojectatomic:docker-1.13.1from
runcom:netns-1.13
Sep 15, 2017
Merged

Add support for --network=netns:/proc/pid/ns/net#272
runcom merged 1 commit intoprojectatomic:docker-1.13.1from
runcom:netns-1.13

Conversation

@runcom
Copy link
Copy Markdown
Collaborator

@runcom runcom commented Sep 15, 2017

This patch is the same as #271 but for 1.13.1 because I wasn't able to test for 1.12.6. This contains, however, some more stuff in daemon/container_operations.go (@mrunalp PTAL and update #271 accordingly).
The testing went fine:

# WITH CRI-O

$ sudo ./crioctl ctr execsync --id d03 ip a                 
Stdout:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
3: eth0@if11: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
    link/ether 0a:58:0a:58:1a:37 brd ff:ff:ff:ff:ff:ff
    inet 10.88.26.55/16 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::a85c:a7ff:fed3:ee5b/64 scope link
       valid_lft forever preferred_lft forever

Stderr:

Exit code: 0

# WITH DOCKER

$ docker run -ti --network=netns:/var/run/netns/k8s_test3425234523fdadfsafdafa_redhat.test.crio_redhat-test-crio_1-b015acd2 busybox sh
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
3: eth0@if11: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
    link/ether 0a:58:0a:58:1a:37 brd ff:ff:ff:ff:ff:ff
    inet 10.88.26.55/16 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::a85c:a7ff:fed3:ee5b/64 scope link
       valid_lft forever preferred_lft forever

You can see both containers in CRI-O and docker have the same IP address.

However, it's not clear in docker if the hostname is important. Right now, if you use this patch the docker container won't have the same hostname as the CRI-O container. I left a TODO here https://github.com/projectatomic/docker/compare/docker-1.13.1...runcom:netns-1.13?expand=1#diff-3a40f2cc412a64610c68b78a6bb97132R869

/cc @rhatdan @lsm5
@bparees @mrunalp Let me know if the hostname is important (I don't think so)

Signed-off-by: Antonio Murdaca runcom@redhat.com

@runcom
Add support for --network=netns:/proc/pid/ns/net
7ff032d 
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
@runcom runcom mentioned this pull request Sep 15, 2017
Merged
@rhatdan
Copy link
Copy Markdown
Member

rhatdan commented Sep 15, 2017

LGTM

@mrunalp
Copy link
Copy Markdown

mrunalp commented Sep 15, 2017

@runcom We need resolv.conf which we can bind mount from the annotations that we expose in inspect endpoint already. I don't think we should need hostname, but if required we can do the same thing there.

@runcom runcom merged commit 790e958 into projectatomic:docker-1.13.1 Sep 15, 2017
@runcom runcom deleted the netns-1.13 branch September 15, 2017 22:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@runcom @rhatdan @mrunalp