Detect if in podman machine virtual vm

When in podman machine virtual machines, podman needs to be able to detect as such. One implementation for this is when creating networks, the podman-machine cni plugin needs to be added to the configuration. This PR also includes the latest containers-common. [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
2024-10-19 08:44:11 +00:00 · 2021-04-30 09:12:22 -05:00 · 2021-04-30 09:12:22 -05:00 · d21c1aafe2
parent d6ec38f2ee
commit d21c1aafe2
10 changed files with 65 additions and 9 deletions
--- a/go.mod
+++ b/go.mod
@ -12,7 +12,7 @@ require (
 	github.com/containernetworking/cni v0.8.1
 	github.com/containernetworking/plugins v0.9.1
 	github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8
-	github.com/containers/common v0.37.0
+	github.com/containers/common v0.37.1
 	github.com/containers/conmon v2.0.20+incompatible
 	github.com/containers/image/v5 v5.11.1
 	github.com/containers/ocicrypt v1.1.1
--- a/go.sum
+++ b/go.sum
@ -195,8 +195,8 @@ github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRD
 github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8 h1:RlqbDlfE3+qrq4bNTZG7NVPqCDzfZrgE/yicu0VAykQ=
 github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8/go.mod h1:iowyscoAC5jwNDhs3c5CLGdBZ9FJk5UOoN2I5TdmXFs=
 github.com/containers/common v0.35.4/go.mod h1:rMzxgD7nMGw++cEbsp+NZv0UJO4rgXbm7F7IbJPTwIE=
-github.com/containers/common v0.37.0 h1:RRyR8FITTJXfrF7J9KXKSplywY4zsXoA2kuQXMaUaNo=
-github.com/containers/common v0.37.0/go.mod h1:dgbJcccCPTmncqxhma56+XW+6d5VzqGF6jtkMHyu3v0=
+github.com/containers/common v0.37.1 h1:V71FK6k2KsNgcNtspGlrdCaKrSml/SO6bKmJdWjSnaY=
+github.com/containers/common v0.37.1/go.mod h1:ONPdpc69oQG9e75v/eBzzAReuv0we5NcGdEzK4meDv4=
 github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg=
 github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
 github.com/containers/image/v5 v5.10.5/go.mod h1:SgIbWEedCNBbn2FI5cH0/jed1Ecy2s8XK5zTxvJTzII=
@ -216,7 +216,6 @@ github.com/containers/storage v1.24.8/go.mod h1:YC+2pY8SkfEAcZkwycxYbpK8EiRbx5so
 github.com/containers/storage v1.28.0/go.mod h1:ixAwO7Bj31cigqPEG7aCz+PYmxkDxbIFdUFioYdxbzI=
 github.com/containers/storage v1.28.1/go.mod h1:5bwiMh2LkrN3AWIfDFMH7A/xbVNLcve+oeXYvHvW8cc=
 github.com/containers/storage v1.29.0/go.mod h1:u84RU4CCufGeJBNTRNwMB+FoE+AiFeFw4SsMoqAOeCM=
-github.com/containers/storage v1.30.0/go.mod h1:M/xn0pg6ReYFrLtWl5YELI/a4Xjq+Z3e5GJxQrJCcDI=
 github.com/containers/storage v1.30.1 h1:+87sZDoUp0uNsP45dWypHTWTEoy0eNDgFYjTU1XIRVQ=
 github.com/containers/storage v1.30.1/go.mod h1:NDJkiwxnSHD1Is+4DGcyR3SIEYSDOa0xnAW+uGQFx9E=
 github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
@ -505,7 +504,6 @@ github.com/klauspost/compress v1.11.5/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYs
 github.com/klauspost/compress v1.11.7/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
 github.com/klauspost/compress v1.11.12/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
 github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
-github.com/klauspost/compress v1.12.1/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
 github.com/klauspost/compress v1.12.2 h1:2KCfW3I9M7nSc5wOqXAlW2v2U6v+w6cbjvbfp+OykW8=
 github.com/klauspost/compress v1.12.2/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
 github.com/klauspost/pgzip v1.2.5 h1:qnWYvvKqedOF2ulHpMG72XQol4ILEJ8k2wwRl/Km8oE=
--- a/libpod/network/config.go
+++ b/libpod/network/config.go
@ -149,7 +149,18 @@ type DNSNameConfig struct {
 	Capabilities map[string]bool `json:"capabilities"`
 }

+//  PodmanMachineConfig enables port handling on the host OS
+type PodmanMachineConfig struct {
+	PluginType   string          `json:"type"`
+	Capabilities map[string]bool `json:"capabilities"`
+}
+
 // Bytes outputs the configuration as []byte
 func (d DNSNameConfig) Bytes() ([]byte, error) {
 	return json.MarshalIndent(d, "", "\t")
 }
+
+// Bytes outputs the configuration as []byte
+func (p PodmanMachineConfig) Bytes() ([]byte, error) {
+	return json.MarshalIndent(p, "", "\t")
+}
--- a/libpod/network/create.go
+++ b/libpod/network/create.go
@ -231,6 +231,10 @@ func createBridge(name string, options entities.NetworkCreateOptions, runtimeCon
 			plugins = append(plugins, NewDNSNamePlugin(DefaultPodmanDomainName))
 		}
 	}
+	// Add the podman-machine CNI plugin if we are in a machine
+	if runtimeConfig.MachineEnabled() { // check if we are in a machine vm
+		plugins = append(plugins, NewPodmanMachinePlugin())
+	}
 	ncList["plugins"] = plugins
 	b, err := json.MarshalIndent(ncList, "", "   ")
 	if err != nil {
--- a/libpod/network/netconflist.go
+++ b/libpod/network/netconflist.go
@ -293,3 +293,12 @@ func getCreatedTimestamp(config *config.Config, netconf *libcni.NetworkConfigLis
 	created := time.Unix(int64(stat.Ctim.Sec), int64(stat.Ctim.Nsec)) // nolint: unconvert
 	return &created, nil
 }
+
+func NewPodmanMachinePlugin() PodmanMachineConfig {
+	caps := make(map[string]bool, 1)
+	caps["portMappings"] = true
+	return PodmanMachineConfig{
+		PluginType:   "podman-machine",
+		Capabilities: caps,
+	}
+}
--- a/vendor/github.com/containers/common/pkg/config/config.go
+++ b/vendor/github.com/containers/common/pkg/config/config.go
@ -263,6 +263,9 @@ type EngineConfig struct {
 	// LockType is the type of locking to use.
 	LockType string `toml:"lock_type,omitempty"`

+	// MachineEnabled indicates if Podman is running in a podman-machine VM
+	MachineEnabled bool `toml:"machine_enabled,omitempty"`
+
 	// MultiImageArchive - if true, the container engine allows for storing
 	// archives (e.g., of the docker-archive transport) with multiple
 	// images.  By default, Podman creates single-image archives.
--- a/vendor/github.com/containers/common/pkg/config/containers.conf
+++ b/vendor/github.com/containers/common/pkg/config/containers.conf
@ -336,6 +336,11 @@ default_sysctls = [
 #
 # lock_type** = "shm"

+# Indicates if Podman is running inside a VM via Podman Machine.
+# Podman uses this value to do extra setup around networking from the
+# container inside the VM to to host.
+# machine_enabled=false
+
 # MultiImageArchive - if true, the container engine allows for storing archives
 # (e.g., of the docker-archive transport) with multiple images.  By default,
 # Podman creates single-image archives.
@ -403,7 +408,7 @@ default_sysctls = [
 # List of the OCI runtimes that support --format=json.  When json is supported
 # engine will use it for reporting nicer errors.
 #
-# runtime_supports_json = ["crun", "runc", "kata"]
+# runtime_supports_json = ["crun", "runc", "kata", "runsc"]

 # List of the OCI runtimes that supports running containers without cgroups.
 #
@ -432,7 +437,7 @@ default_sysctls = [
 #     Path to file containing ssh identity key
 #     identity = "~/.ssh/id_rsa"

-# Paths to look for a valid OCI runtime (crun, runc, kata, etc)
+# Paths to look for a valid OCI runtime (crun, runc, kata, runsc, etc)
 [engine.runtimes]
 # crun = [
 #            "/usr/bin/crun",
@ -465,6 +470,16 @@ default_sysctls = [
 #            "/usr/bin/kata-fc",
 # ]

+# runsc = [
+#            "/usr/bin/runsc",
+#            "/usr/sbin/runsc",
+#            "/usr/local/bin/runsc",
+#            "/usr/local/sbin/runsc",
+#            "/bin/runsc",
+#            "/sbin/runsc",
+#            "/run/current-system/sw/bin/runsc",
+# ]
+
 [engine.volume_plugins]
 # testplugin = "/run/podman/plugins/test.sock"

--- a/vendor/github.com/containers/common/pkg/config/default.go
+++ b/vendor/github.com/containers/common/pkg/config/default.go
@ -278,6 +278,15 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
 			"/usr/bin/kata-qemu",
 			"/usr/bin/kata-fc",
 		},
+		"runsc": {
+			"/usr/bin/runsc",
+			"/usr/sbin/runsc",
+			"/usr/local/bin/runsc",
+			"/usr/local/sbin/runsc",
+			"/bin/runsc",
+			"/sbin/runsc",
+			"/run/current-system/sw/bin/runsc",
+		},
 	}
 	// Needs to be called after populating c.OCIRuntimes
 	c.OCIRuntime = c.findRuntime()
@ -299,6 +308,8 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
 	c.RuntimeSupportsJSON = []string{
 		"crun",
 		"runc",
+		"kata",
+		"runsc",
 	}
 	c.RuntimeSupportsNoCgroups = []string{"crun"}
 	c.RuntimeSupportsKVM = []string{"kata", "kata-runtime", "kata-qemu", "kata-fc"}
@ -314,6 +325,7 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
 	// TODO - ideally we should expose a `type LockType string` along with
 	// constants.
 	c.LockType = "shm"
+	c.MachineEnabled = false

 	return c, nil
 }
@ -524,3 +536,7 @@ func (c *Config) Umask() string {
 func (c *Config) LogDriver() string {
 	return c.Containers.LogDriver
 }
+
+func (c *Config) MachineEnabled() bool {
+	return c.Engine.MachineEnabled
+}
--- a/vendor/github.com/containers/common/version/version.go
+++ b/vendor/github.com/containers/common/version/version.go
@ -1,4 +1,4 @@
 package version

 // Version is the version of the build.
-const Version = "0.37.0"
+const Version = "0.37.1"
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -96,7 +96,7 @@ github.com/containers/buildah/pkg/parse
 github.com/containers/buildah/pkg/rusage
 github.com/containers/buildah/pkg/supplemented
 github.com/containers/buildah/util
-# github.com/containers/common v0.37.0
+# github.com/containers/common v0.37.1
 github.com/containers/common/pkg/apparmor
 github.com/containers/common/pkg/apparmor/internal/supported
 github.com/containers/common/pkg/auth