From d21c1aafe28cf59143655c7646f6eec7f9496686 Mon Sep 17 00:00:00 2001 From: Brent Baude Date: Fri, 30 Apr 2021 09:12:22 -0500 Subject: [PATCH] Detect if in podman machine virtual vm When in podman machine virtual machines, podman needs to be able to detect as such. One implementation for this is when creating networks, the podman-machine cni plugin needs to be added to the configuration. This PR also includes the latest containers-common. [NO TESTS NEEDED] Signed-off-by: Brent Baude --- go.mod | 2 +- go.sum | 6 ++---- libpod/network/config.go | 11 +++++++++++ libpod/network/create.go | 4 ++++ libpod/network/netconflist.go | 9 +++++++++ .../containers/common/pkg/config/config.go | 3 +++ .../common/pkg/config/containers.conf | 19 +++++++++++++++++-- .../containers/common/pkg/config/default.go | 16 ++++++++++++++++ .../containers/common/version/version.go | 2 +- vendor/modules.txt | 2 +- 10 files changed, 65 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index fb55562805..6bdb3d3905 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/containernetworking/cni v0.8.1 github.com/containernetworking/plugins v0.9.1 github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8 - github.com/containers/common v0.37.0 + github.com/containers/common v0.37.1 github.com/containers/conmon v2.0.20+incompatible github.com/containers/image/v5 v5.11.1 github.com/containers/ocicrypt v1.1.1 diff --git a/go.sum b/go.sum index 7bef90bdf4..36b0dce22e 100644 --- a/go.sum +++ b/go.sum @@ -195,8 +195,8 @@ github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRD github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8 h1:RlqbDlfE3+qrq4bNTZG7NVPqCDzfZrgE/yicu0VAykQ= github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8/go.mod h1:iowyscoAC5jwNDhs3c5CLGdBZ9FJk5UOoN2I5TdmXFs= github.com/containers/common v0.35.4/go.mod h1:rMzxgD7nMGw++cEbsp+NZv0UJO4rgXbm7F7IbJPTwIE= -github.com/containers/common v0.37.0 h1:RRyR8FITTJXfrF7J9KXKSplywY4zsXoA2kuQXMaUaNo= -github.com/containers/common v0.37.0/go.mod h1:dgbJcccCPTmncqxhma56+XW+6d5VzqGF6jtkMHyu3v0= +github.com/containers/common v0.37.1 h1:V71FK6k2KsNgcNtspGlrdCaKrSml/SO6bKmJdWjSnaY= +github.com/containers/common v0.37.1/go.mod h1:ONPdpc69oQG9e75v/eBzzAReuv0we5NcGdEzK4meDv4= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/image/v5 v5.10.5/go.mod h1:SgIbWEedCNBbn2FI5cH0/jed1Ecy2s8XK5zTxvJTzII= @@ -216,7 +216,6 @@ github.com/containers/storage v1.24.8/go.mod h1:YC+2pY8SkfEAcZkwycxYbpK8EiRbx5so github.com/containers/storage v1.28.0/go.mod h1:ixAwO7Bj31cigqPEG7aCz+PYmxkDxbIFdUFioYdxbzI= github.com/containers/storage v1.28.1/go.mod h1:5bwiMh2LkrN3AWIfDFMH7A/xbVNLcve+oeXYvHvW8cc= github.com/containers/storage v1.29.0/go.mod h1:u84RU4CCufGeJBNTRNwMB+FoE+AiFeFw4SsMoqAOeCM= -github.com/containers/storage v1.30.0/go.mod h1:M/xn0pg6ReYFrLtWl5YELI/a4Xjq+Z3e5GJxQrJCcDI= github.com/containers/storage v1.30.1 h1:+87sZDoUp0uNsP45dWypHTWTEoy0eNDgFYjTU1XIRVQ= github.com/containers/storage v1.30.1/go.mod h1:NDJkiwxnSHD1Is+4DGcyR3SIEYSDOa0xnAW+uGQFx9E= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= @@ -505,7 +504,6 @@ github.com/klauspost/compress v1.11.5/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYs github.com/klauspost/compress v1.11.7/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.12/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.12.1/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= github.com/klauspost/compress v1.12.2 h1:2KCfW3I9M7nSc5wOqXAlW2v2U6v+w6cbjvbfp+OykW8= github.com/klauspost/compress v1.12.2/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= github.com/klauspost/pgzip v1.2.5 h1:qnWYvvKqedOF2ulHpMG72XQol4ILEJ8k2wwRl/Km8oE= diff --git a/libpod/network/config.go b/libpod/network/config.go index 294e235094..ac44786023 100644 --- a/libpod/network/config.go +++ b/libpod/network/config.go @@ -149,7 +149,18 @@ type DNSNameConfig struct { Capabilities map[string]bool `json:"capabilities"` } +// PodmanMachineConfig enables port handling on the host OS +type PodmanMachineConfig struct { + PluginType string `json:"type"` + Capabilities map[string]bool `json:"capabilities"` +} + // Bytes outputs the configuration as []byte func (d DNSNameConfig) Bytes() ([]byte, error) { return json.MarshalIndent(d, "", "\t") } + +// Bytes outputs the configuration as []byte +func (p PodmanMachineConfig) Bytes() ([]byte, error) { + return json.MarshalIndent(p, "", "\t") +} diff --git a/libpod/network/create.go b/libpod/network/create.go index 4fe9b445f9..aca8150b54 100644 --- a/libpod/network/create.go +++ b/libpod/network/create.go @@ -231,6 +231,10 @@ func createBridge(name string, options entities.NetworkCreateOptions, runtimeCon plugins = append(plugins, NewDNSNamePlugin(DefaultPodmanDomainName)) } } + // Add the podman-machine CNI plugin if we are in a machine + if runtimeConfig.MachineEnabled() { // check if we are in a machine vm + plugins = append(plugins, NewPodmanMachinePlugin()) + } ncList["plugins"] = plugins b, err := json.MarshalIndent(ncList, "", " ") if err != nil { diff --git a/libpod/network/netconflist.go b/libpod/network/netconflist.go index 08816f2bdf..d2031df6d1 100644 --- a/libpod/network/netconflist.go +++ b/libpod/network/netconflist.go @@ -293,3 +293,12 @@ func getCreatedTimestamp(config *config.Config, netconf *libcni.NetworkConfigLis created := time.Unix(int64(stat.Ctim.Sec), int64(stat.Ctim.Nsec)) // nolint: unconvert return &created, nil } + +func NewPodmanMachinePlugin() PodmanMachineConfig { + caps := make(map[string]bool, 1) + caps["portMappings"] = true + return PodmanMachineConfig{ + PluginType: "podman-machine", + Capabilities: caps, + } +} diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go index 1629bea29d..1531422cd4 100644 --- a/vendor/github.com/containers/common/pkg/config/config.go +++ b/vendor/github.com/containers/common/pkg/config/config.go @@ -263,6 +263,9 @@ type EngineConfig struct { // LockType is the type of locking to use. LockType string `toml:"lock_type,omitempty"` + // MachineEnabled indicates if Podman is running in a podman-machine VM + MachineEnabled bool `toml:"machine_enabled,omitempty"` + // MultiImageArchive - if true, the container engine allows for storing // archives (e.g., of the docker-archive transport) with multiple // images. By default, Podman creates single-image archives. diff --git a/vendor/github.com/containers/common/pkg/config/containers.conf b/vendor/github.com/containers/common/pkg/config/containers.conf index 0114f29757..00edd54383 100644 --- a/vendor/github.com/containers/common/pkg/config/containers.conf +++ b/vendor/github.com/containers/common/pkg/config/containers.conf @@ -336,6 +336,11 @@ default_sysctls = [ # # lock_type** = "shm" +# Indicates if Podman is running inside a VM via Podman Machine. +# Podman uses this value to do extra setup around networking from the +# container inside the VM to to host. +# machine_enabled=false + # MultiImageArchive - if true, the container engine allows for storing archives # (e.g., of the docker-archive transport) with multiple images. By default, # Podman creates single-image archives. @@ -403,7 +408,7 @@ default_sysctls = [ # List of the OCI runtimes that support --format=json. When json is supported # engine will use it for reporting nicer errors. # -# runtime_supports_json = ["crun", "runc", "kata"] +# runtime_supports_json = ["crun", "runc", "kata", "runsc"] # List of the OCI runtimes that supports running containers without cgroups. # @@ -432,7 +437,7 @@ default_sysctls = [ # Path to file containing ssh identity key # identity = "~/.ssh/id_rsa" -# Paths to look for a valid OCI runtime (crun, runc, kata, etc) +# Paths to look for a valid OCI runtime (crun, runc, kata, runsc, etc) [engine.runtimes] # crun = [ # "/usr/bin/crun", @@ -465,6 +470,16 @@ default_sysctls = [ # "/usr/bin/kata-fc", # ] +# runsc = [ +# "/usr/bin/runsc", +# "/usr/sbin/runsc", +# "/usr/local/bin/runsc", +# "/usr/local/sbin/runsc", +# "/bin/runsc", +# "/sbin/runsc", +# "/run/current-system/sw/bin/runsc", +# ] + [engine.volume_plugins] # testplugin = "/run/podman/plugins/test.sock" diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go index 72744bb12c..34a360bf57 100644 --- a/vendor/github.com/containers/common/pkg/config/default.go +++ b/vendor/github.com/containers/common/pkg/config/default.go @@ -278,6 +278,15 @@ func defaultConfigFromMemory() (*EngineConfig, error) { "/usr/bin/kata-qemu", "/usr/bin/kata-fc", }, + "runsc": { + "/usr/bin/runsc", + "/usr/sbin/runsc", + "/usr/local/bin/runsc", + "/usr/local/sbin/runsc", + "/bin/runsc", + "/sbin/runsc", + "/run/current-system/sw/bin/runsc", + }, } // Needs to be called after populating c.OCIRuntimes c.OCIRuntime = c.findRuntime() @@ -299,6 +308,8 @@ func defaultConfigFromMemory() (*EngineConfig, error) { c.RuntimeSupportsJSON = []string{ "crun", "runc", + "kata", + "runsc", } c.RuntimeSupportsNoCgroups = []string{"crun"} c.RuntimeSupportsKVM = []string{"kata", "kata-runtime", "kata-qemu", "kata-fc"} @@ -314,6 +325,7 @@ func defaultConfigFromMemory() (*EngineConfig, error) { // TODO - ideally we should expose a `type LockType string` along with // constants. c.LockType = "shm" + c.MachineEnabled = false return c, nil } @@ -524,3 +536,7 @@ func (c *Config) Umask() string { func (c *Config) LogDriver() string { return c.Containers.LogDriver } + +func (c *Config) MachineEnabled() bool { + return c.Engine.MachineEnabled +} diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go index d9e7ffec7f..cb1eb342dd 100644 --- a/vendor/github.com/containers/common/version/version.go +++ b/vendor/github.com/containers/common/version/version.go @@ -1,4 +1,4 @@ package version // Version is the version of the build. -const Version = "0.37.0" +const Version = "0.37.1" diff --git a/vendor/modules.txt b/vendor/modules.txt index d59b6b731d..4460816232 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -96,7 +96,7 @@ github.com/containers/buildah/pkg/parse github.com/containers/buildah/pkg/rusage github.com/containers/buildah/pkg/supplemented github.com/containers/buildah/util -# github.com/containers/common v0.37.0 +# github.com/containers/common v0.37.1 github.com/containers/common/pkg/apparmor github.com/containers/common/pkg/apparmor/internal/supported github.com/containers/common/pkg/auth