Fix dnsname when joining a different network namespace in a pod

When creating a container in a pod the podname was always set as
the dns entry. This is incorrect when the container is not part
of the pods network namespace. This happend both rootful and
rootless. To fix this check if we are part of the pods network
namespace and if not use the container name as dns entry.

Signed-off-by: Paul Holzinger <paul.holzinger@web.de>

libpod/networking_linux.go

@@ -102,17 +102,7 @@ func (r *Runtime) configureNetNS(ctr *Container, ctrNS ns.NetNS) ([]*cnitypes.Re
 		requestedMAC = ctr.config.StaticMAC
 	}
 
-	// If we are in a pod use the pod name for the network, otherwise the container name
-	var podName string
-	if ctr.PodID() != "" {
-		pod, err := r.GetPod(ctr.PodID())
-		if err == nil {
-			podName = pod.Name()
-		}
-	}
-	if podName == "" {
-		podName = ctr.Name()
-	}
+	podName := getCNIPodName(ctr)
 
 	podNetwork := r.getPodNetwork(ctr.ID(), podName, ctrNS.Path(), ctr.config.Networks, ctr.config.PortMappings, requestedIP, requestedMAC)
 

libpod/rootless_cni_linux.go

@@ -53,7 +53,7 @@ func AllocRootlessCNI(ctx context.Context, c *Container) (ns.NetNS, []*cnitypes.
 	if err != nil {
 		return nil, nil, err
 	}
-	k8sPodName := getPodOrContainerName(c) // passed to CNI as K8S_POD_NAME
+	k8sPodName := getCNIPodName(c) // passed to CNI as K8S_POD_NAME
 	cniResults := make([]*cnitypes.Result, len(c.config.Networks))
 	for i, nw := range c.config.Networks {
 		cniRes, err := rootlessCNIInfraCallAlloc(infra, c.ID(), nw, k8sPodName)
@@ -115,12 +115,16 @@ func getRootlessCNIInfraLock(r *Runtime) (lockfile.Locker, error) {
 	return lockfile.GetLockfile(fname)
 }
 
-func getPodOrContainerName(c *Container) string {
-	pod, err := c.runtime.GetPod(c.PodID())
-	if err != nil || pod.config.Name == "" {
-		return c.Name()
+// getCNIPodName return the pod name (hostname) used by CNI and the dnsname plugin.
+// If we are in the pod network namespace use the pod name otherwise the container name
+func getCNIPodName(c *Container) string {
+	if c.config.NetMode.IsPod() || c.IsInfra() {
+		pod, err := c.runtime.GetPod(c.PodID())
+		if err == nil {
+			return pod.Name()
+		}
 	}
-	return pod.config.Name
+	return c.Name()
 }
 
 func rootlessCNIInfraCallAlloc(infra *Container, id, nw, k8sPodName string) (*cnitypes.Result, error) {

test/e2e/run_networking_test.go

@@ -594,4 +594,39 @@ var _ = Describe("Podman run networking", func() {
 		Expect(run.ExitCode()).To(BeZero())
 		Expect(strings.Contains(run.OutputToString(), hostname)).To(BeTrue())
 	})
+
+	It("podman run check dnsname plugin", func() {
+		pod := "testpod"
+		session := podmanTest.Podman([]string{"pod", "create", "--name", pod})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(BeZero())
+
+		net := "dnsNetTest"
+		session = podmanTest.Podman([]string{"network", "create", net})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(BeZero())
+		defer podmanTest.removeCNINetwork(net)
+
+		pod2 := "testpod2"
+		session = podmanTest.Podman([]string{"pod", "create", "--network", net, "--name", pod2})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(BeZero())
+
+		session = podmanTest.Podman([]string{"run", "--name", "con1", "--network", net, ALPINE, "nslookup", "con1"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(BeZero())
+
+		session = podmanTest.Podman([]string{"run", "--name", "con2", "--pod", pod, "--network", net, ALPINE, "nslookup", "con2"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(BeZero())
+
+		session = podmanTest.Podman([]string{"run", "--name", "con3", "--pod", pod2, ALPINE, "nslookup", "con3"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(1))
+		Expect(session.ErrorToString()).To(ContainSubstring("can't resolve 'con3'"))
+
+		session = podmanTest.Podman([]string{"run", "--name", "con4", "--network", net, ALPINE, "nslookup", pod2})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(BeZero())
+	})
 })