12
"github.com/containernetworking/plugins/pkg/ns"
13
"github.com/containers/podman/v5/pkg/domain/entities"
14
. "github.com/containers/podman/v5/test/utils"
15
"github.com/containers/storage/pkg/stringid"
16
. "github.com/onsi/ginkgo/v2"
17
. "github.com/onsi/gomega"
18
. "github.com/onsi/gomega/gexec"
19
"github.com/vishvananda/netlink"
22
var _ = Describe("Podman run networking", func() {
24
hostname, _ := os.Hostname()
26
It("podman verify network scoped DNS server and also verify updating network dns server", func() {
29
net := createNetworkName("IntTest")
30
session := podmanTest.Podman([]string{"network", "create", net, "--dns", "1.1.1.1"})
31
session.WaitWithDefaultTimeout()
32
defer podmanTest.removeNetwork(net)
33
Expect(session).Should(ExitCleanly())
35
session = podmanTest.Podman([]string{"network", "inspect", net})
36
session.WaitWithDefaultTimeout()
37
defer podmanTest.removeNetwork(net)
38
Expect(session).Should(ExitCleanly())
39
var results []entities.NetworkInspectReport
40
err := json.Unmarshal([]byte(session.OutputToString()), &results)
41
Expect(err).ToNot(HaveOccurred())
42
Expect(results).To(HaveLen(1))
44
Expect(result.Subnets).To(HaveLen(1))
45
aardvarkDNSGateway := result.Subnets[0].Gateway.String()
46
Expect(result.NetworkDNSServers).To(Equal([]string{"1.1.1.1"}))
48
session = podmanTest.Podman([]string{"run", "-d", "--name", "con1", "--network", net, "busybox", "top"})
49
session.WaitWithDefaultTimeout()
50
Expect(session).Should(ExitCleanly())
52
session = podmanTest.Podman([]string{"exec", "con1", "nslookup", "google.com", aardvarkDNSGateway})
53
session.WaitWithDefaultTimeout()
54
Expect(session).Should(ExitCleanly())
55
Expect(session.OutputToString()).To(ContainSubstring("Non-authoritative answer: Name: google.com Address:"))
58
session = podmanTest.Podman([]string{"network", "update", net, "--dns-add", "127.0.0.255"})
59
session.WaitWithDefaultTimeout()
60
Expect(session).Should(ExitCleanly())
63
session = podmanTest.Podman([]string{"network", "update", net, "--dns-drop=1.1.1.1"})
64
session.WaitWithDefaultTimeout()
65
Expect(session).Should(ExitCleanly())
67
session = podmanTest.Podman([]string{"exec", "con1", "nslookup", "google.com", aardvarkDNSGateway})
68
session.WaitWithDefaultTimeout()
69
Expect(session).Should(Exit(1))
70
Expect(session.OutputToString()).To(ContainSubstring(";; connection timed out; no servers could be reached"))
73
It("podman network dns multiple servers", func() {
76
net := createNetworkName("IntTest")
77
session := podmanTest.Podman([]string{"network", "create", net, "--dns", "1.1.1.1,8.8.8.8", "--dns", "8.4.4.8"})
78
session.WaitWithDefaultTimeout()
79
defer podmanTest.removeNetwork(net)
80
Expect(session).Should(ExitCleanly())
82
session = podmanTest.Podman([]string{"network", "inspect", net})
83
session.WaitWithDefaultTimeout()
84
defer podmanTest.removeNetwork(net)
85
Expect(session).Should(ExitCleanly())
86
var results []entities.NetworkInspectReport
87
err := json.Unmarshal([]byte(session.OutputToString()), &results)
88
Expect(err).ToNot(HaveOccurred())
89
Expect(results).To(HaveLen(1))
91
Expect(result.Subnets).To(HaveLen(1))
92
aardvarkDNSGateway := result.Subnets[0].Gateway.String()
93
Expect(result.NetworkDNSServers).To(Equal([]string{"1.1.1.1", "8.8.8.8", "8.4.4.8"}))
95
session = podmanTest.Podman([]string{"run", "-d", "--name", "con1", "--network", net, "busybox", "top"})
96
session.WaitWithDefaultTimeout()
97
Expect(session).Should(ExitCleanly())
99
session = podmanTest.Podman([]string{"exec", "con1", "nslookup", "google.com", aardvarkDNSGateway})
100
session.WaitWithDefaultTimeout()
101
Expect(session).Should(ExitCleanly())
102
Expect(session.OutputToString()).To(ContainSubstring("Non-authoritative answer: Name: google.com Address:"))
105
session = podmanTest.Podman([]string{"network", "update", net, "--dns-drop=1.1.1.1,8.8.8.8",
106
"--dns-drop", "8.4.4.8", "--dns-add", "127.0.0.253,127.0.0.254", "--dns-add", "127.0.0.255"})
107
session.WaitWithDefaultTimeout()
108
Expect(session).Should(ExitCleanly())
110
session = podmanTest.Podman([]string{"network", "inspect", net})
111
session.WaitWithDefaultTimeout()
112
defer podmanTest.removeNetwork(net)
113
Expect(session).Should(ExitCleanly())
114
err = json.Unmarshal([]byte(session.OutputToString()), &results)
115
Expect(err).ToNot(HaveOccurred())
116
Expect(results).To(HaveLen(1))
117
Expect(results[0].NetworkDNSServers).To(Equal([]string{"127.0.0.253", "127.0.0.254", "127.0.0.255"}))
119
session = podmanTest.Podman([]string{"exec", "con1", "nslookup", "google.com", aardvarkDNSGateway})
120
session.WaitWithDefaultTimeout()
121
Expect(session).Should(Exit(1))
122
Expect(session.OutputToString()).To(ContainSubstring(";; connection timed out; no servers could be reached"))
125
It("podman run network connection with default bridge", func() {
126
session := podmanTest.RunContainerWithNetworkTest("")
127
session.WaitWithDefaultTimeout()
128
Expect(session).Should(ExitCleanly())
131
It("podman run network connection with host", func() {
132
session := podmanTest.RunContainerWithNetworkTest("host")
133
session.WaitWithDefaultTimeout()
134
Expect(session).Should(ExitCleanly())
137
It("podman run network connection with default", func() {
138
session := podmanTest.RunContainerWithNetworkTest("default")
139
session.WaitWithDefaultTimeout()
140
Expect(session).Should(ExitCleanly())
143
It("podman run network connection with none", func() {
144
session := podmanTest.RunContainerWithNetworkTest("none")
145
session.WaitWithDefaultTimeout()
146
if _, found := os.LookupEnv("http_proxy"); found {
147
Expect(session).Should(Exit(5))
148
Expect(session.ErrorToString()).To(ContainSubstring("Could not resolve proxy:"))
150
Expect(session).Should(Exit(6))
151
Expect(session.ErrorToString()).To(ContainSubstring("Could not resolve host: www.redhat.com"))
155
It("podman run network connection with private", func() {
156
session := podmanTest.RunContainerWithNetworkTest("private")
157
session.WaitWithDefaultTimeout()
158
Expect(session).Should(ExitCleanly())
161
It("podman verify resolv.conf with --dns + --network", func() {
164
SkipIfCNI(podmanTest)
165
net := createNetworkName("IntTest")
166
session := podmanTest.Podman([]string{"network", "create", net})
167
session.WaitWithDefaultTimeout()
168
defer podmanTest.removeNetwork(net)
169
Expect(session).Should(ExitCleanly())
171
session = podmanTest.Podman([]string{"run", "--name", "con1", "--dns", "1.1.1.1", "--network", net, ALPINE, "cat", "/etc/resolv.conf"})
172
session.WaitWithDefaultTimeout()
173
Expect(session).Should(ExitCleanly())
178
Expect(session.OutputToString()).ToNot(ContainSubstring("nameserver 1.1.1.1"))
181
Expect(session.OutputToString()).To(ContainSubstring("nameserver"))
183
session = podmanTest.Podman([]string{"run", "--name", "con2", "--dns", "1.1.1.1", ALPINE, "cat", "/etc/resolv.conf"})
184
session.WaitWithDefaultTimeout()
185
Expect(session).Should(ExitCleanly())
189
Expect(session.OutputToString()).To(ContainSubstring("nameserver 1.1.1.1"))
192
It("podman run network expose port 222", func() {
193
SkipIfRootless("iptables is not supported for rootless users")
194
session := podmanTest.Podman([]string{"run", "-dt", "--expose", "222-223", "-P", ALPINE, "/bin/sh"})
195
session.WaitWithDefaultTimeout()
196
Expect(session).Should(ExitCleanly())
197
results := SystemExec("iptables", []string{"-t", "nat", "-nvL"})
198
Expect(results).Should(ExitCleanly())
199
Expect(results.OutputToString()).To(ContainSubstring("222"))
200
Expect(results.OutputToString()).To(ContainSubstring("223"))
203
It("podman run -p 80", func() {
205
session := podmanTest.Podman([]string{"create", "-t", "-p", "80", "--name", name, ALPINE, "/bin/sh"})
206
session.WaitWithDefaultTimeout()
207
inspectOut := podmanTest.InspectContainer(name)
208
Expect(inspectOut).To(HaveLen(1))
209
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
210
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"]).To(HaveLen(1))
211
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0].HostPort).To(Not(Equal("80")))
212
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
215
It("podman run -p 80-82 -p 8090:8090", func() {
217
session := podmanTest.Podman([]string{"create", "-t", "-p", "80-82", "-p", "8090:8090", "--name", name, ALPINE, "/bin/sh"})
218
session.WaitWithDefaultTimeout()
219
inspectOut := podmanTest.InspectContainer(name)
220
Expect(inspectOut).To(HaveLen(1))
221
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(4))
222
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"]).To(HaveLen(1))
223
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0].HostPort).To(Not(Equal("80")))
224
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
225
Expect(inspectOut[0].NetworkSettings.Ports["81/tcp"]).To(HaveLen(1))
226
Expect(inspectOut[0].NetworkSettings.Ports["81/tcp"][0].HostPort).To(Not(Equal("81")))
227
Expect(inspectOut[0].NetworkSettings.Ports["81/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
228
Expect(inspectOut[0].NetworkSettings.Ports["82/tcp"]).To(HaveLen(1))
229
Expect(inspectOut[0].NetworkSettings.Ports["82/tcp"][0].HostPort).To(Not(Equal("82")))
230
Expect(inspectOut[0].NetworkSettings.Ports["82/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
231
Expect(inspectOut[0].NetworkSettings.Ports["8090/tcp"]).To(HaveLen(1))
232
Expect(inspectOut[0].NetworkSettings.Ports["8090/tcp"][0]).To(HaveField("HostPort", "8090"))
233
Expect(inspectOut[0].NetworkSettings.Ports["8090/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
236
It("podman run -p 80-81 -p 8180-8181", func() {
238
session := podmanTest.Podman([]string{"create", "-t", "-p", "80-81", "-p", "8180-8181", "--name", name, ALPINE, "/bin/sh"})
239
session.WaitWithDefaultTimeout()
240
inspectOut := podmanTest.InspectContainer(name)
241
Expect(inspectOut).To(HaveLen(1))
242
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(4))
243
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"]).To(HaveLen(1))
244
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0].HostPort).To(Not(Equal("80")))
245
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
246
Expect(inspectOut[0].NetworkSettings.Ports["81/tcp"]).To(HaveLen(1))
247
Expect(inspectOut[0].NetworkSettings.Ports["81/tcp"][0].HostPort).To(Not(Equal("81")))
248
Expect(inspectOut[0].NetworkSettings.Ports["81/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
249
Expect(inspectOut[0].NetworkSettings.Ports["8180/tcp"]).To(HaveLen(1))
250
Expect(inspectOut[0].NetworkSettings.Ports["8180/tcp"][0].HostPort).To(Not(Equal("8180")))
251
Expect(inspectOut[0].NetworkSettings.Ports["8180/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
252
Expect(inspectOut[0].NetworkSettings.Ports["8181/tcp"]).To(HaveLen(1))
253
Expect(inspectOut[0].NetworkSettings.Ports["8181/tcp"][0].HostPort).To(Not(Equal("8181")))
254
Expect(inspectOut[0].NetworkSettings.Ports["8181/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
257
It("podman run -p 80 -p 8280-8282:8280-8282", func() {
259
session := podmanTest.Podman([]string{"create", "-t", "-p", "80", "-p", "8280-8282:8280-8282", "--name", name, ALPINE, "/bin/sh"})
260
session.WaitWithDefaultTimeout()
261
inspectOut := podmanTest.InspectContainer(name)
262
Expect(inspectOut).To(HaveLen(1))
263
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(4))
264
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"]).To(HaveLen(1))
265
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0].HostPort).To(Not(Equal("80")))
266
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
267
Expect(inspectOut[0].NetworkSettings.Ports["8280/tcp"]).To(HaveLen(1))
268
Expect(inspectOut[0].NetworkSettings.Ports["8280/tcp"][0]).To(HaveField("HostPort", "8280"))
269
Expect(inspectOut[0].NetworkSettings.Ports["8280/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
270
Expect(inspectOut[0].NetworkSettings.Ports["8281/tcp"]).To(HaveLen(1))
271
Expect(inspectOut[0].NetworkSettings.Ports["8281/tcp"][0]).To(HaveField("HostPort", "8281"))
272
Expect(inspectOut[0].NetworkSettings.Ports["8281/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
273
Expect(inspectOut[0].NetworkSettings.Ports["8282/tcp"]).To(HaveLen(1))
274
Expect(inspectOut[0].NetworkSettings.Ports["8282/tcp"][0]).To(HaveField("HostPort", "8282"))
275
Expect(inspectOut[0].NetworkSettings.Ports["8282/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
278
It("podman run -p 8380:80", func() {
280
session := podmanTest.Podman([]string{"create", "-t", "-p", "8380:80", "--name", name, ALPINE, "/bin/sh"})
281
session.WaitWithDefaultTimeout()
282
inspectOut := podmanTest.InspectContainer(name)
283
Expect(inspectOut).To(HaveLen(1))
284
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
285
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"]).To(HaveLen(1))
286
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostPort", "8380"))
287
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
290
It("podman run -p 8480:80/TCP", func() {
293
session := podmanTest.Podman([]string{"create", "-t", "-p", "8480:80/TCP", "--name", name, ALPINE, "/bin/sh"})
294
session.WaitWithDefaultTimeout()
295
inspectOut := podmanTest.InspectContainer(name)
296
Expect(inspectOut).To(HaveLen(1))
297
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
299
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"]).To(HaveLen(1))
300
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostPort", "8480"))
301
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
304
It("podman run -p 80/udp", func() {
306
session := podmanTest.Podman([]string{"create", "-t", "-p", "80/udp", "--name", name, ALPINE, "/bin/sh"})
307
session.WaitWithDefaultTimeout()
308
inspectOut := podmanTest.InspectContainer(name)
309
Expect(inspectOut).To(HaveLen(1))
310
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
311
Expect(inspectOut[0].NetworkSettings.Ports["80/udp"]).To(HaveLen(1))
312
Expect(inspectOut[0].NetworkSettings.Ports["80/udp"][0].HostPort).To(Not(Equal("80")))
313
Expect(inspectOut[0].NetworkSettings.Ports["80/udp"][0]).To(HaveField("HostIP", "0.0.0.0"))
316
It("podman run -p 127.0.0.1:8580:80", func() {
318
session := podmanTest.Podman([]string{"create", "-t", "-p", "127.0.0.1:8580:80", "--name", name, ALPINE, "/bin/sh"})
319
session.WaitWithDefaultTimeout()
320
inspectOut := podmanTest.InspectContainer(name)
321
Expect(inspectOut).To(HaveLen(1))
322
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
323
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"]).To(HaveLen(1))
324
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostPort", "8580"))
325
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostIP", "127.0.0.1"))
328
It("podman run -p 127.0.0.1:8680:80/udp", func() {
330
session := podmanTest.Podman([]string{"create", "-t", "-p", "127.0.0.1:8680:80/udp", "--name", name, ALPINE, "/bin/sh"})
331
session.WaitWithDefaultTimeout()
332
inspectOut := podmanTest.InspectContainer(name)
333
Expect(inspectOut).To(HaveLen(1))
334
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
335
Expect(inspectOut[0].NetworkSettings.Ports["80/udp"]).To(HaveLen(1))
336
Expect(inspectOut[0].NetworkSettings.Ports["80/udp"][0]).To(HaveField("HostPort", "8680"))
337
Expect(inspectOut[0].NetworkSettings.Ports["80/udp"][0]).To(HaveField("HostIP", "127.0.0.1"))
340
It("podman run -p [::1]:8780:80/udp", func() {
342
session := podmanTest.Podman([]string{"create", "-t", "-p", "[::1]:8780:80/udp", "--name", name, ALPINE, "/bin/sh"})
343
session.WaitWithDefaultTimeout()
344
inspectOut := podmanTest.InspectContainer(name)
345
Expect(inspectOut).To(HaveLen(1))
346
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
347
Expect(inspectOut[0].NetworkSettings.Ports["80/udp"]).To(HaveLen(1))
348
Expect(inspectOut[0].NetworkSettings.Ports["80/udp"][0]).To(HaveField("HostPort", "8780"))
349
Expect(inspectOut[0].NetworkSettings.Ports["80/udp"][0]).To(HaveField("HostIP", "::1"))
352
It("podman run -p [::1]:8880:80/tcp", func() {
354
session := podmanTest.Podman([]string{"create", "-t", "-p", "[::1]:8880:80/tcp", "--name", name, ALPINE, "/bin/sh"})
355
session.WaitWithDefaultTimeout()
356
inspectOut := podmanTest.InspectContainer(name)
357
Expect(inspectOut).To(HaveLen(1))
358
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
359
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"]).To(HaveLen(1))
360
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostPort", "8880"))
361
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostIP", "::1"))
364
It("podman run --expose 80 -P", func() {
366
session := podmanTest.Podman([]string{"create", "-t", "--expose", "80", "-P", "--name", name, ALPINE, "/bin/sh"})
367
session.WaitWithDefaultTimeout()
368
inspectOut := podmanTest.InspectContainer(name)
369
Expect(inspectOut).To(HaveLen(1))
370
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
371
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"]).To(HaveLen(1))
372
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0].HostPort).To(Not(Equal("0")))
373
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
376
It("podman run --expose 80/udp -P", func() {
378
session := podmanTest.Podman([]string{"create", "-t", "--expose", "80/udp", "-P", "--name", name, ALPINE, "/bin/sh"})
379
session.WaitWithDefaultTimeout()
380
inspectOut := podmanTest.InspectContainer(name)
381
Expect(inspectOut).To(HaveLen(1))
382
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
383
Expect(inspectOut[0].NetworkSettings.Ports["80/udp"]).To(HaveLen(1))
384
Expect(inspectOut[0].NetworkSettings.Ports["80/udp"][0].HostPort).To(Not(Equal("0")))
385
Expect(inspectOut[0].NetworkSettings.Ports["80/udp"][0]).To(HaveField("HostIP", "0.0.0.0"))
388
It("podman run --expose 80 -p 80", func() {
390
session := podmanTest.Podman([]string{"create", "-t", "--expose", "80", "-p", "80", "--name", name, ALPINE, "/bin/sh"})
391
session.WaitWithDefaultTimeout()
392
inspectOut := podmanTest.InspectContainer(name)
393
Expect(inspectOut).To(HaveLen(1))
394
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
395
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"]).To(HaveLen(1))
396
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0].HostPort).To(Not(Equal("80")))
397
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
400
It("podman run --publish-all with EXPOSE port ranges in Dockerfile", func() {
402
podmanTest.AddImageToRWStore(ALPINE)
403
dockerfile := fmt.Sprintf(`FROM %s
406
EXPOSE 2004-2005/tcp`, ALPINE)
407
imageName := "testimg"
408
podmanTest.BuildImage(dockerfile, imageName, "false")
411
inspect := podmanTest.Podman([]string{"inspect", imageName})
412
inspect.WaitWithDefaultTimeout()
413
image := inspect.InspectImageJSON()
414
Expect(image).To(HaveLen(1))
415
Expect(image[0].Config.ExposedPorts).To(HaveLen(3))
416
Expect(image[0].Config.ExposedPorts).To(HaveKey("2002/tcp"))
417
Expect(image[0].Config.ExposedPorts).To(HaveKey("2001-2003/tcp"))
418
Expect(image[0].Config.ExposedPorts).To(HaveKey("2004-2005/tcp"))
420
containerName := "testcontainer"
421
session := podmanTest.Podman([]string{"create", "--publish-all", "--name", containerName, imageName, "true"})
422
session.WaitWithDefaultTimeout()
423
inspectOut := podmanTest.InspectContainer(containerName)
424
Expect(inspectOut).To(HaveLen(1))
428
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(5))
429
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveKey("2001/tcp"))
430
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveKey("2002/tcp"))
431
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveKey("2003/tcp"))
432
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveKey("2004/tcp"))
433
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveKey("2005/tcp"))
434
Expect(inspectOut[0].HostConfig.PublishAllPorts).To(BeTrue())
437
It("podman run -p 127.0.0.1::8980/udp", func() {
439
session := podmanTest.Podman([]string{"create", "-t", "-p", "127.0.0.1::8980/udp", "--name", name, ALPINE, "/bin/sh"})
440
session.WaitWithDefaultTimeout()
441
inspectOut := podmanTest.InspectContainer(name)
442
Expect(inspectOut).To(HaveLen(1))
443
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
444
Expect(inspectOut[0].NetworkSettings.Ports["8980/udp"]).To(HaveLen(1))
445
Expect(inspectOut[0].NetworkSettings.Ports["8980/udp"][0].HostPort).To(Not(Equal("8980")))
446
Expect(inspectOut[0].NetworkSettings.Ports["8980/udp"][0]).To(HaveField("HostIP", "127.0.0.1"))
449
It("podman run -p :8181", func() {
451
session := podmanTest.Podman([]string{"create", "-t", "-p", ":8181", "--name", name, ALPINE, "/bin/sh"})
452
session.WaitWithDefaultTimeout()
453
inspectOut := podmanTest.InspectContainer(name)
454
Expect(inspectOut).To(HaveLen(1))
455
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
456
Expect(inspectOut[0].NetworkSettings.Ports["8181/tcp"]).To(HaveLen(1))
457
Expect(inspectOut[0].NetworkSettings.Ports["8181/tcp"][0].HostPort).To(Not(Equal("8181")))
458
Expect(inspectOut[0].NetworkSettings.Ports["8181/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
461
It("podman run -p xxx:8080 -p yyy:8080", func() {
463
session := podmanTest.Podman([]string{"create", "-t", "-p", "4444:8080", "-p", "5555:8080", "--name", name, ALPINE, "/bin/sh"})
464
session.WaitWithDefaultTimeout()
465
inspectOut := podmanTest.InspectContainer(name)
466
Expect(inspectOut).To(HaveLen(1))
467
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
468
Expect(inspectOut[0].NetworkSettings.Ports["8080/tcp"]).To(HaveLen(2))
470
hp1 := inspectOut[0].NetworkSettings.Ports["8080/tcp"][0].HostPort
471
hp2 := inspectOut[0].NetworkSettings.Ports["8080/tcp"][1].HostPort
474
Expect((hp1 == "4444" && hp2 == "5555") || (hp1 == "5555" && hp2 == "4444")).To(BeTrue())
477
It("podman run -p 0.0.0.0:9280:80", func() {
479
session := podmanTest.Podman([]string{"create", "-t", "-p", "0.0.0.0:9280:80", "--name", name, ALPINE, "/bin/sh"})
480
session.WaitWithDefaultTimeout()
481
inspectOut := podmanTest.InspectContainer(name)
482
Expect(inspectOut).To(HaveLen(1))
483
Expect(inspectOut[0].NetworkSettings.Ports).To(HaveLen(1))
484
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"]).To(HaveLen(1))
485
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostPort", "9280"))
486
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0]).To(HaveField("HostIP", "0.0.0.0"))
489
It("podman run network expose host port 80 to container port", func() {
490
SkipIfRootless("iptables is not supported for rootless users")
493
session := podmanTest.Podman([]string{"run", "-dt", "-p", fmt.Sprintf("%d:%d", port1, port2), ALPINE, "/bin/sh"})
494
session.WaitWithDefaultTimeout()
495
Expect(session).Should(ExitCleanly())
496
results := SystemExec("iptables", []string{"-t", "nat", "-nvL"})
497
Expect(results).Should(ExitCleanly())
498
Expect(results.OutputToString()).To(ContainSubstring(strconv.Itoa(port2)))
500
ncBusy := SystemExec("nc", []string{"-l", "-p", strconv.Itoa(port1)})
501
Expect(ncBusy).To(ExitWithError())
504
It("podman run network expose host port 18081 to container port 8000 using rootlesskit port handler", func() {
507
session := podmanTest.Podman([]string{"run", "--network", "slirp4netns:port_handler=rootlesskit", "-dt", "-p", fmt.Sprintf("%d:%d", port2, port1), ALPINE, "/bin/sh"})
508
session.WaitWithDefaultTimeout()
509
Expect(session).Should(ExitCleanly())
511
ncBusy := SystemExec("nc", []string{"-l", "-p", strconv.Itoa(port2)})
512
Expect(ncBusy).To(ExitWithError())
515
It("podman run slirp4netns verify net.ipv6.conf.default.accept_dad=0", func() {
516
session := podmanTest.Podman([]string{"run", "--network", "slirp4netns:enable_ipv6=true", ALPINE, "ip", "addr"})
517
session.WaitWithDefaultTimeout()
518
Expect(session).Should(ExitCleanly())
520
Expect(session.OutputToString()).To(ContainSubstring("inet6 fd00::"))
522
const ipv6ConfDefaultAcceptDadSysctl = "/proc/sys/net/ipv6/conf/all/accept_dad"
524
cat := SystemExec("cat", []string{ipv6ConfDefaultAcceptDadSysctl})
525
cat.WaitWithDefaultTimeout()
526
Expect(cat).Should(ExitCleanly())
527
sysctlValue := cat.OutputToString()
529
session = podmanTest.Podman([]string{"run", "--network", "slirp4netns:enable_ipv6=true", ALPINE, "cat", ipv6ConfDefaultAcceptDadSysctl})
530
session.WaitWithDefaultTimeout()
531
Expect(session).Should(ExitCleanly())
532
Expect(session.OutputToString()).To(Equal(sysctlValue))
535
It("podman run network expose host port 18082 to container port 8000 using slirp4netns port handler", func() {
536
session := podmanTest.Podman([]string{"run", "--network", "slirp4netns:port_handler=slirp4netns", "-dt", "-p", "18082:8000", ALPINE, "/bin/sh"})
538
Expect(session).Should(ExitCleanly())
539
ncBusy := SystemExec("nc", []string{"-l", "-p", "18082"})
540
Expect(ncBusy).To(ExitWithError())
543
It("podman run network expose host port 8080 to container port 8000 using invalid port handler", func() {
544
session := podmanTest.Podman([]string{"run", "--network", "slirp4netns:port_handler=invalid", "-dt", "-p", "8080:8000", ALPINE, "/bin/sh"})
546
Expect(session).To(ExitWithError())
549
It("podman run slirp4netns network with host loopback", func() {
550
session := podmanTest.Podman([]string{"run", "--cap-add", "net_raw", "--network", "slirp4netns:allow_host_loopback=true", ALPINE, "ping", "-c1", "10.0.2.2"})
552
Expect(session).Should(ExitCleanly())
555
It("podman run slirp4netns network with mtu", func() {
556
session := podmanTest.Podman([]string{"run", "--network", "slirp4netns:mtu=9000", ALPINE, "ip", "addr"})
558
Expect(session).Should(ExitCleanly())
559
Expect(session.OutputToString()).To(ContainSubstring("mtu 9000"))
562
It("podman run slirp4netns network with different cidr", func() {
563
slirp4netnsHelp := SystemExec("slirp4netns", []string{"--help"})
564
Expect(slirp4netnsHelp).Should(ExitCleanly())
566
networkConfiguration := "slirp4netns:cidr=192.168.0.0/24,allow_host_loopback=true"
567
session := podmanTest.Podman([]string{"run", "--cap-add", "net_raw", "--network", networkConfiguration, ALPINE, "ping", "-c1", "192.168.0.2"})
570
if strings.Contains(slirp4netnsHelp.OutputToString(), "cidr") {
571
Expect(session).Should(ExitCleanly())
573
Expect(session).To(ExitWithError())
574
Expect(session.ErrorToString()).To(ContainSubstring("cidr not supported"))
578
It("podman run network bind to 127.0.0.1", func() {
579
slirp4netnsHelp := SystemExec("slirp4netns", []string{"--help"})
580
Expect(slirp4netnsHelp).Should(ExitCleanly())
581
networkConfiguration := "slirp4netns:outbound_addr=127.0.0.1,allow_host_loopback=true"
582
port := strconv.Itoa(GetPort())
584
if strings.Contains(slirp4netnsHelp.OutputToString(), "outbound-addr") {
585
ncListener := StartSystemExec("nc", []string{"-v", "-n", "-l", "-p", port})
586
session := podmanTest.Podman([]string{"run", "--network", networkConfiguration, "-dt", ALPINE, "nc", "-w", "2", "10.0.2.2", port})
587
session.WaitWithDefaultTimeout()
588
ncListener.WaitWithDefaultTimeout()
590
Expect(session).Should(ExitCleanly())
591
Expect(ncListener).Should(Exit(0))
592
Expect(ncListener.ErrorToString()).To(ContainSubstring("Connection from 127.0.0.1"))
594
session := podmanTest.Podman([]string{"run", "--network", networkConfiguration, "-dt", ALPINE, "nc", "-w", "2", "10.0.2.2", port})
595
session.WaitWithDefaultTimeout()
596
Expect(session).To(ExitWithError())
597
Expect(session.ErrorToString()).To(ContainSubstring("outbound_addr not supported"))
601
It("podman run network bind to HostIP", func() {
603
conn, err := net.Dial("udp", "8.8.8.8:80")
604
Expect(err).ToNot(HaveOccurred())
607
ip := conn.LocalAddr().(*net.UDPAddr).IP
608
port := strconv.Itoa(GetPort())
610
slirp4netnsHelp := SystemExec("slirp4netns", []string{"--help"})
611
Expect(slirp4netnsHelp).Should(ExitCleanly())
612
networkConfiguration := fmt.Sprintf("slirp4netns:outbound_addr=%s,allow_host_loopback=true", ip.String())
614
if strings.Contains(slirp4netnsHelp.OutputToString(), "outbound-addr") {
615
ncListener := StartSystemExec("nc", []string{"-v", "-n", "-l", "-p", port})
616
session := podmanTest.Podman([]string{"run", "--network", networkConfiguration, ALPINE, "nc", "-w", "2", "10.0.2.2", port})
620
Expect(session).Should(ExitCleanly())
621
Expect(ncListener).Should(Exit(0))
622
Expect(ncListener.ErrorToString()).To(ContainSubstring("Connection from " + ip.String()))
624
session := podmanTest.Podman([]string{"run", "--network", networkConfiguration, ALPINE, "nc", "-w", "2", "10.0.2.2", port})
626
Expect(session).To(ExitWithError())
627
Expect(session.ErrorToString()).To(ContainSubstring("outbound_addr not supported"))
631
It("podman run network expose ports in image metadata", func() {
632
session := podmanTest.Podman([]string{"create", "--name", "test", "-t", "-P", NGINX_IMAGE})
633
session.WaitWithDefaultTimeout()
634
Expect(session).Should(ExitCleanly())
635
results := podmanTest.Podman([]string{"inspect", "test"})
636
results.WaitWithDefaultTimeout()
637
Expect(results).Should(ExitCleanly())
638
Expect(results.OutputToString()).To(ContainSubstring(`"80/tcp":`))
641
It("podman run network expose duplicate host port results in error", func() {
642
port := "8190" // Make sure this isn't used anywhere else
644
session := podmanTest.Podman([]string{"run", "--name", "test", "-dt", "-p", port, ALPINE, "/bin/sh"})
645
session.WaitWithDefaultTimeout()
646
Expect(session).Should(ExitCleanly())
648
inspect := podmanTest.Podman([]string{"inspect", "test"})
649
inspect.WaitWithDefaultTimeout()
650
Expect(inspect).Should(ExitCleanly())
652
containerConfig := inspect.InspectContainerToJSON()
653
Expect(containerConfig[0].NetworkSettings.Ports).To(Not(BeNil()))
654
Expect(containerConfig[0].NetworkSettings.Ports).To(HaveKeyWithValue(port+"/tcp", Not(BeNil())))
655
Expect(containerConfig[0].NetworkSettings.Ports[port+"/tcp"][0].HostPort).ToNot(Equal(port))
658
It("podman run forward sctp protocol", func() {
659
SkipIfRootless("sctp protocol only works as root")
660
session := podmanTest.Podman([]string{"--log-level=info", "run", "--name=test", "-p", "80/sctp", "-p", "81/sctp", ALPINE})
661
session.WaitWithDefaultTimeout()
662
Expect(session).Should(Exit(0))
663
// we can only check logrus on local podman
665
// check that the info message for sctp protocol is only displayed once
666
Expect(strings.Count(session.ErrorToString(), "Port reservation for SCTP is not supported")).To(Equal(1), "`Port reservation for SCTP is not supported` is not displayed exactly one time in the logrus logs")
668
results := podmanTest.Podman([]string{"inspect", "test"})
669
results.WaitWithDefaultTimeout()
670
Expect(results).Should(ExitCleanly())
671
Expect(results.OutputToString()).To(ContainSubstring(`"80/sctp":`))
672
Expect(results.OutputToString()).To(ContainSubstring(`"81/sctp":`))
675
It("podman run hostname test", func() {
676
session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "printenv", "HOSTNAME"})
677
session.WaitWithDefaultTimeout()
678
Expect(session).Should(ExitCleanly())
679
Expect(session.OutputToString()).To(Not(ContainSubstring(hostname)))
682
It("podman run --net host hostname test", func() {
683
session := podmanTest.Podman([]string{"run", "--rm", "--net", "host", ALPINE, "printenv", "HOSTNAME"})
684
session.WaitWithDefaultTimeout()
685
Expect(session).Should(ExitCleanly())
686
Expect(session.OutputToString()).To(ContainSubstring(hostname))
688
It("podman run --net host --uts host hostname test", func() {
689
session := podmanTest.Podman([]string{"run", "--rm", "--net", "host", "--uts", "host", ALPINE, "printenv", "HOSTNAME"})
690
session.WaitWithDefaultTimeout()
691
Expect(session).Should(ExitCleanly())
692
Expect(session.OutputToString()).To(ContainSubstring(hostname))
694
It("podman run --uts host hostname test", func() {
695
session := podmanTest.Podman([]string{"run", "--rm", "--uts", "host", ALPINE, "printenv", "HOSTNAME"})
696
session.WaitWithDefaultTimeout()
697
Expect(session).Should(ExitCleanly())
698
Expect(session.OutputToString()).To(ContainSubstring(hostname))
701
It("podman run --net host --hostname ... hostname test", func() {
702
session := podmanTest.Podman([]string{"run", "--rm", "--net", "host", "--hostname", "foobar", ALPINE, "printenv", "HOSTNAME"})
703
session.WaitWithDefaultTimeout()
704
Expect(session).Should(ExitCleanly())
705
Expect(session.OutputToString()).To(ContainSubstring("foobar"))
708
It("podman run --hostname ... hostname test", func() {
709
session := podmanTest.Podman([]string{"run", "--rm", "--hostname", "foobar", ALPINE, "printenv", "HOSTNAME"})
710
session.WaitWithDefaultTimeout()
711
Expect(session).Should(ExitCleanly())
712
Expect(session.OutputToString()).To(ContainSubstring("foobar"))
715
It("podman run --net container: and --uts container:", func() {
716
ctrName := "ctrToJoin"
717
ctr1 := podmanTest.RunTopContainer(ctrName)
718
ctr1.WaitWithDefaultTimeout()
719
Expect(ctr1).Should(ExitCleanly())
721
ctr2 := podmanTest.Podman([]string{"run", "-d", "--net=container:" + ctrName, "--uts=container:" + ctrName, ALPINE, "true"})
722
ctr2.WaitWithDefaultTimeout()
723
Expect(ctr2).Should(ExitCleanly())
726
It("podman run --net container: and --add-host should fail", func() {
727
ctrName := "ctrToJoin"
728
ctr1 := podmanTest.RunTopContainer(ctrName)
729
ctr1.WaitWithDefaultTimeout()
730
Expect(ctr1).Should(ExitCleanly())
732
ctr2 := podmanTest.Podman([]string{"run", "-d", "--net=container:" + ctrName, "--add-host", "host1:127.0.0.1", ALPINE, "true"})
733
ctr2.WaitWithDefaultTimeout()
734
Expect(ctr2).Should(ExitWithError())
735
Expect(ctr2.ErrorToString()).Should(ContainSubstring("cannot set extra host entries when the container is joined to another containers network namespace: invalid configuration"))
738
It("podman run --net container: copies hosts and resolv", func() {
740
ctr1 := podmanTest.RunTopContainer(ctrName)
741
ctr1.WaitWithDefaultTimeout()
742
Expect(ctr1).Should(ExitCleanly())
744
// Exec in and modify /etc/resolv.conf and /etc/hosts
745
exec1 := podmanTest.Podman([]string{"exec", ctrName, "sh", "-c", "echo nameserver 192.0.2.1 > /etc/resolv.conf"})
746
exec1.WaitWithDefaultTimeout()
747
Expect(exec1).Should(ExitCleanly())
749
exec2 := podmanTest.Podman([]string{"exec", ctrName, "sh", "-c", "echo 192.0.2.2 test1 > /etc/hosts"})
750
exec2.WaitWithDefaultTimeout()
751
Expect(exec2).Should(ExitCleanly())
754
ctr2 := podmanTest.Podman([]string{"run", "-d", "--net=container:" + ctrName, "--name", ctrName2, ALPINE, "top"})
755
ctr2.WaitWithDefaultTimeout()
756
Expect(ctr2).Should(ExitCleanly())
758
exec3 := podmanTest.Podman([]string{"exec", ctrName2, "cat", "/etc/resolv.conf"})
759
exec3.WaitWithDefaultTimeout()
760
Expect(exec3).Should(ExitCleanly())
761
Expect(exec3.OutputToString()).To(ContainSubstring("nameserver 192.0.2.1"))
763
exec4 := podmanTest.Podman([]string{"exec", ctrName2, "cat", "/etc/hosts"})
764
exec4.WaitWithDefaultTimeout()
765
Expect(exec4).Should(ExitCleanly())
766
Expect(exec4.OutputToString()).To(ContainSubstring("192.0.2.2 test1"))
769
It("podman run /etc/hosts contains --hostname", func() {
770
session := podmanTest.Podman([]string{"run", "--rm", "--hostname", "foohostname", ALPINE, "grep", "foohostname", "/etc/hosts"})
771
session.WaitWithDefaultTimeout()
772
Expect(session).Should(ExitCleanly())
775
It("podman run --uidmap /etc/hosts contains --hostname", func() {
776
SkipIfRootless("uidmap population of cninetworks not supported for rootless users")
777
session := podmanTest.Podman([]string{"run", "--uidmap", "0:100000:1000", "--rm", "--hostname", "foohostname", ALPINE, "grep", "foohostname", "/etc/hosts"})
778
session.WaitWithDefaultTimeout()
779
Expect(session).Should(ExitCleanly())
781
session = podmanTest.Podman([]string{"run", "--uidmap", "0:100000:1000", "--rm", "--hostname", "foohostname", "-v", "/etc/hosts:/etc/hosts", ALPINE, "grep", "foohostname", "/etc/hosts"})
782
session.WaitWithDefaultTimeout()
783
Expect(session).Should(Exit(1))
786
It("podman run network in user created network namespace", func() {
787
SkipIfRootless("ip netns is not supported for rootless users")
789
Skip("Cannot be run within a container.")
791
addXXX := SystemExec("ip", []string{"netns", "add", "xxx"})
792
Expect(addXXX).Should(ExitCleanly())
794
delXXX := SystemExec("ip", []string{"netns", "delete", "xxx"})
795
Expect(delXXX).Should(ExitCleanly())
798
session := podmanTest.Podman([]string{"run", "-dt", "--net", "ns:/run/netns/xxx", ALPINE, "wget", "www.redhat.com"})
800
Expect(session).Should(ExitCleanly())
803
It("podman run n user created network namespace with resolv.conf", func() {
804
SkipIfRootless("ip netns is not supported for rootless users")
806
Skip("Cannot be run within a container.")
808
addXXX2 := SystemExec("ip", []string{"netns", "add", "xxx2"})
809
Expect(addXXX2).Should(ExitCleanly())
811
delXXX2 := SystemExec("ip", []string{"netns", "delete", "xxx2"})
812
Expect(delXXX2).Should(ExitCleanly())
815
mdXXX2 := SystemExec("mkdir", []string{"-p", "/etc/netns/xxx2"})
816
Expect(mdXXX2).Should(ExitCleanly())
817
defer os.RemoveAll("/etc/netns/xxx2")
819
nsXXX2 := SystemExec("bash", []string{"-c", "echo nameserver 11.11.11.11 > /etc/netns/xxx2/resolv.conf"})
820
Expect(nsXXX2).Should(ExitCleanly())
822
session := podmanTest.Podman([]string{"run", "--net", "ns:/run/netns/xxx2", ALPINE, "cat", "/etc/resolv.conf"})
824
Expect(session).Should(ExitCleanly())
825
Expect(session.OutputToString()).To(ContainSubstring("11.11.11.11"))
828
addAddr := func(cidr string, containerInterface netlink.Link) error {
829
_, ipnet, err := net.ParseCIDR(cidr)
830
Expect(err).ToNot(HaveOccurred())
831
addr := &netlink.Addr{IPNet: ipnet, Label: ""}
832
if err := netlink.AddrAdd(containerInterface, addr); err != nil && err != syscall.EEXIST {
838
loopbackup := func() {
839
lo, err := netlink.LinkByName("lo")
840
Expect(err).ToNot(HaveOccurred())
841
err = netlink.LinkSetUp(lo)
842
Expect(err).ToNot(HaveOccurred())
845
linkup := func(name string, mac string, addresses []string) {
846
linkAttr := netlink.NewLinkAttrs()
848
m, err := net.ParseMAC(mac)
849
Expect(err).ToNot(HaveOccurred())
850
linkAttr.HardwareAddr = m
851
eth := &netlink.Dummy{LinkAttrs: linkAttr}
852
err = netlink.LinkAdd(eth)
853
Expect(err).ToNot(HaveOccurred())
854
err = netlink.LinkSetUp(eth)
855
Expect(err).ToNot(HaveOccurred())
856
for _, address := range addresses {
857
err := addAddr(address, eth)
858
Expect(err).ToNot(HaveOccurred())
862
routeAdd := func(gateway string) {
863
gw := net.ParseIP(gateway)
864
route := &netlink.Route{Dst: nil, Gw: gw}
865
err = netlink.RouteAdd(route)
866
Expect(err).ToNot(HaveOccurred())
869
setupNetworkNs := func(networkNSName string) {
870
_ = ns.WithNetNSPath("/run/netns/"+networkNSName, func(_ ns.NetNS) error {
872
linkup("eth0", "46:7f:45:6e:4f:c8", []string{"10.25.40.0/24", "fd04:3e42:4a4e:3381::/64"})
873
linkup("eth1", "56:6e:35:5d:3e:a8", []string{"10.88.0.0/16"})
875
routeAdd("10.25.40.0")
880
checkNetworkNsInspect := func(name string) {
881
inspectOut := podmanTest.InspectContainer(name)
882
Expect(inspectOut[0].NetworkSettings).To(HaveField("IPAddress", "10.25.40.0"))
883
Expect(inspectOut[0].NetworkSettings).To(HaveField("IPPrefixLen", 24))
884
Expect(inspectOut[0].NetworkSettings.SecondaryIPAddresses).To(HaveLen(1))
885
Expect(inspectOut[0].NetworkSettings.SecondaryIPAddresses[0]).To(HaveField("Addr", "10.88.0.0"))
886
Expect(inspectOut[0].NetworkSettings.SecondaryIPAddresses[0]).To(HaveField("PrefixLength", 16))
887
Expect(inspectOut[0].NetworkSettings).To(HaveField("GlobalIPv6Address", "fd04:3e42:4a4e:3381::"))
888
Expect(inspectOut[0].NetworkSettings).To(HaveField("GlobalIPv6PrefixLen", 64))
889
Expect(inspectOut[0].NetworkSettings.SecondaryIPv6Addresses).To(BeEmpty())
890
Expect(inspectOut[0].NetworkSettings).To(HaveField("MacAddress", "46:7f:45:6e:4f:c8"))
891
Expect(inspectOut[0].NetworkSettings.AdditionalMacAddresses).To(HaveLen(1))
892
Expect(inspectOut[0].NetworkSettings.AdditionalMacAddresses[0]).To(Equal("56:6e:35:5d:3e:a8"))
893
Expect(inspectOut[0].NetworkSettings).To(HaveField("Gateway", "10.25.40.0"))
897
It("podman run network inspect fails gracefully on non-reachable network ns", func() {
898
SkipIfRootless("ip netns is not supported for rootless users")
900
networkNSName := RandomString(12)
901
addNamedNetwork := SystemExec("ip", []string{"netns", "add", networkNSName})
902
Expect(addNamedNetwork).Should(ExitCleanly())
904
setupNetworkNs(networkNSName)
906
name := RandomString(12)
907
session := podmanTest.Podman([]string{"run", "-d", "--name", name, "--net", "ns:/run/netns/" + networkNSName, ALPINE, "top"})
908
session.WaitWithDefaultTimeout()
910
// delete the named network ns before inspect
911
delNetworkNamespace := SystemExec("ip", []string{"netns", "delete", networkNSName})
912
Expect(delNetworkNamespace).Should(ExitCleanly())
914
inspectOut := podmanTest.InspectContainer(name)
915
Expect(inspectOut[0].NetworkSettings).To(HaveField("IPAddress", ""))
916
Expect(inspectOut[0].NetworkSettings.Networks).To(BeEmpty())
919
It("podman inspect can handle joined network ns with multiple interfaces", func() {
920
SkipIfRootless("ip netns is not supported for rootless users")
922
networkNSName := RandomString(12)
923
addNamedNetwork := SystemExec("ip", []string{"netns", "add", networkNSName})
924
Expect(addNamedNetwork).Should(ExitCleanly())
926
delNetworkNamespace := SystemExec("ip", []string{"netns", "delete", networkNSName})
927
Expect(delNetworkNamespace).Should(ExitCleanly())
929
setupNetworkNs(networkNSName)
931
name := RandomString(12)
932
session := podmanTest.Podman([]string{"run", "--name", name, "--net", "ns:/run/netns/" + networkNSName, ALPINE})
933
session.WaitWithDefaultTimeout()
935
session = podmanTest.Podman([]string{"container", "rm", name})
936
session.WaitWithDefaultTimeout()
938
// no network teardown should touch joined network ns interfaces
939
session = podmanTest.Podman([]string{"run", "-d", "--replace", "--name", name, "--net", "ns:/run/netns/" + networkNSName, ALPINE, "top"})
940
session.WaitWithDefaultTimeout()
942
checkNetworkNsInspect(name)
945
It("podman do not tamper with joined network ns interfaces", func() {
946
SkipIfRootless("ip netns is not supported for rootless users")
948
networkNSName := RandomString(12)
949
addNamedNetwork := SystemExec("ip", []string{"netns", "add", networkNSName})
950
Expect(addNamedNetwork).Should(ExitCleanly())
952
delNetworkNamespace := SystemExec("ip", []string{"netns", "delete", networkNSName})
953
Expect(delNetworkNamespace).Should(ExitCleanly())
956
setupNetworkNs(networkNSName)
958
name := RandomString(12)
959
session := podmanTest.Podman([]string{"run", "--name", name, "--net", "ns:/run/netns/" + networkNSName, ALPINE})
960
session.WaitWithDefaultTimeout()
962
checkNetworkNsInspect(name)
964
name = RandomString(12)
965
session = podmanTest.Podman([]string{"run", "--name", name, "--net", "ns:/run/netns/" + networkNSName, ALPINE})
966
session.WaitWithDefaultTimeout()
968
checkNetworkNsInspect(name)
970
// delete container, the network inspect should not change
971
session = podmanTest.Podman([]string{"container", "rm", name})
972
session.WaitWithDefaultTimeout()
974
session = podmanTest.Podman([]string{"run", "-d", "--replace", "--name", name, "--net", "ns:/run/netns/" + networkNSName, ALPINE, "top"})
975
session.WaitWithDefaultTimeout()
977
checkNetworkNsInspect(name)
980
It("podman run network in bogus user created network namespace", func() {
981
session := podmanTest.Podman([]string{"run", "-dt", "--net", "ns:/run/netns/xxy", ALPINE, "wget", "www.redhat.com"})
983
Expect(session).To(ExitWithError())
984
Expect(session.ErrorToString()).To(ContainSubstring("faccessat /run/netns/xxy: no such file or directory"))
987
It("podman run in custom CNI network with --static-ip", func() {
988
netName := stringid.GenerateRandomID()
989
ipAddr := "10.25.30.128"
990
create := podmanTest.Podman([]string{"network", "create", "--subnet", "10.25.30.0/24", netName})
991
create.WaitWithDefaultTimeout()
992
Expect(create).Should(ExitCleanly())
993
defer podmanTest.removeNetwork(netName)
995
run := podmanTest.Podman([]string{"run", "--rm", "--net", netName, "--ip", ipAddr, ALPINE, "ip", "addr"})
996
run.WaitWithDefaultTimeout()
997
Expect(run).Should(ExitCleanly())
998
Expect(run.OutputToString()).To(ContainSubstring(ipAddr))
1001
It("podman network works across user ns", func() {
1002
netName := createNetworkName("")
1003
create := podmanTest.Podman([]string{"network", "create", netName})
1004
create.WaitWithDefaultTimeout()
1005
Expect(create).Should(ExitCleanly())
1006
defer podmanTest.removeNetwork(netName)
1009
run := podmanTest.Podman([]string{"run", "--log-driver", "k8s-file", "-d", "--name", name, "--net", netName, ALPINE, "nc", "-l", "-p", "9480"})
1010
run.WaitWithDefaultTimeout()
1011
Expect(run).Should(ExitCleanly())
1013
// NOTE: we force the k8s-file log driver to make sure the
1014
// tests are passing inside a container.
1015
// "sleep" needed to give aardvark-dns time to come up; #16272
1016
run = podmanTest.Podman([]string{"run", "--log-driver", "k8s-file", "--rm", "--net", netName, "--uidmap", "0:1:4096", ALPINE, "sh", "-c", fmt.Sprintf("sleep 2;echo podman | nc -w 1 %s.dns.podman 9480", name)})
1017
run.WaitWithDefaultTimeout()
1018
Expect(run).Should(ExitCleanly())
1020
log := podmanTest.Podman([]string{"logs", name})
1021
log.WaitWithDefaultTimeout()
1022
Expect(log).Should(ExitCleanly())
1023
Expect(log.OutputToString()).To(Equal("podman"))
1026
It("podman run with new:pod and static-ip", func() {
1027
netName := stringid.GenerateRandomID()
1028
ipAddr := "10.25.40.128"
1029
podname := "testpod"
1030
create := podmanTest.Podman([]string{"network", "create", "--subnet", "10.25.40.0/24", netName})
1031
create.WaitWithDefaultTimeout()
1032
Expect(create).Should(ExitCleanly())
1033
defer podmanTest.removeNetwork(netName)
1035
run := podmanTest.Podman([]string{"run", "--rm", "--pod", "new:" + podname, "--net", netName, "--ip", ipAddr, ALPINE, "ip", "addr"})
1036
run.WaitWithDefaultTimeout()
1037
Expect(run).Should(ExitCleanly())
1038
Expect(run.OutputToString()).To(ContainSubstring(ipAddr))
1040
podrm := podmanTest.Podman([]string{"pod", "rm", "-t", "0", "-f", podname})
1041
podrm.WaitWithDefaultTimeout()
1042
Expect(podrm).Should(ExitCleanly())
1045
It("podman run with --net=host and --hostname sets correct hostname", func() {
1046
hostname := "testctr"
1047
run := podmanTest.Podman([]string{"run", "--net=host", "--hostname", hostname, ALPINE, "hostname"})
1048
run.WaitWithDefaultTimeout()
1049
Expect(run).Should(ExitCleanly())
1050
Expect(run.OutputToString()).To(ContainSubstring(hostname))
1053
It("podman run with --net=none sets hostname", func() {
1054
hostname := "testctr"
1055
run := podmanTest.Podman([]string{"run", "--net=none", "--hostname", hostname, ALPINE, "hostname"})
1056
run.WaitWithDefaultTimeout()
1057
Expect(run).Should(ExitCleanly())
1058
Expect(run.OutputToString()).To(ContainSubstring(hostname))
1061
It("podman run with --net=none adds hostname to /etc/hosts", func() {
1062
hostname := "testctr"
1063
run := podmanTest.Podman([]string{"run", "--net=none", "--hostname", hostname, ALPINE, "cat", "/etc/hosts"})
1064
run.WaitWithDefaultTimeout()
1065
Expect(run).Should(ExitCleanly())
1066
Expect(run.OutputToString()).To(ContainSubstring(hostname))
1069
It("podman run with pod does not add extra 127 entry to /etc/hosts", func() {
1071
hostname := "test-hostname"
1072
run := podmanTest.Podman([]string{"pod", "create", "--hostname", hostname, "--name", pod})
1073
run.WaitWithDefaultTimeout()
1074
Expect(run).Should(ExitCleanly())
1075
run = podmanTest.Podman([]string{"run", "--pod", pod, ALPINE, "cat", "/etc/hosts"})
1076
run.WaitWithDefaultTimeout()
1077
Expect(run).Should(ExitCleanly())
1078
Expect(run.OutputToString()).ToNot(ContainSubstring("127.0.0.1 %s", hostname))
1081
pingTest := func(netns string) {
1082
hostname := "testctr"
1083
run := podmanTest.Podman([]string{"run", netns, "--cap-add", "net_raw", "--hostname", hostname, ALPINE, "ping", "-c", "1", hostname})
1084
run.WaitWithDefaultTimeout()
1085
Expect(run).Should(ExitCleanly())
1087
run = podmanTest.Podman([]string{"run", netns, "--cap-add", "net_raw", "--hostname", hostname, "--name", "test", ALPINE, "ping", "-c", "1", "test"})
1088
run.WaitWithDefaultTimeout()
1089
Expect(run).Should(ExitCleanly())
1092
It("podman attempt to ping container name and hostname --net=none", func() {
1093
pingTest("--net=none")
1096
It("podman attempt to ping container name and hostname --net=private", func() {
1097
pingTest("--net=private")
1100
It("podman run check dns", func() {
1101
SkipIfCNI(podmanTest)
1103
session := podmanTest.Podman([]string{"pod", "create", "--name", pod})
1104
session.WaitWithDefaultTimeout()
1105
Expect(session).Should(ExitCleanly())
1107
net := createNetworkName("IntTest")
1108
session = podmanTest.Podman([]string{"network", "create", net})
1109
session.WaitWithDefaultTimeout()
1110
defer podmanTest.removeNetwork(net)
1111
Expect(session).Should(ExitCleanly())
1114
hostname := "hostn1"
1115
session = podmanTest.Podman([]string{"pod", "create", "--network", net, "--name", pod2, "--hostname", hostname})
1116
session.WaitWithDefaultTimeout()
1117
Expect(session).Should(ExitCleanly())
1119
session = podmanTest.Podman([]string{"run", "--name", "con1", "--network", net, CITEST_IMAGE, "nslookup", "con1"})
1120
session.WaitWithDefaultTimeout()
1121
Expect(session).Should(ExitCleanly())
1123
session = podmanTest.Podman([]string{"run", "--name", "con2", "--pod", pod, "--network", net, CITEST_IMAGE, "nslookup", "con2"})
1124
session.WaitWithDefaultTimeout()
1125
Expect(session).Should(ExitCleanly())
1127
session = podmanTest.Podman([]string{"run", "--name", "con3", "--pod", pod2, CITEST_IMAGE, "nslookup", "con1"})
1128
session.WaitWithDefaultTimeout()
1129
Expect(session).Should(Exit(1))
1130
Expect(session.OutputToString()).To(ContainSubstring("server can't find con1.dns.podman: NXDOMAIN"))
1132
session = podmanTest.Podman([]string{"run", "--name", "con4", "--network", net, CITEST_IMAGE, "nslookup", pod2 + ".dns.podman"})
1133
session.WaitWithDefaultTimeout()
1134
Expect(session).Should(ExitCleanly())
1136
session = podmanTest.Podman([]string{"run", "--network", net, CITEST_IMAGE, "nslookup", hostname})
1137
session.WaitWithDefaultTimeout()
1138
Expect(session).Should(ExitCleanly())
1141
It("podman network adds dns search domain with dns", func() {
1142
net := createNetworkName("dnsname")
1143
session := podmanTest.Podman([]string{"network", "create", net})
1144
session.WaitWithDefaultTimeout()
1145
defer podmanTest.removeNetwork(net)
1146
Expect(session).Should(ExitCleanly())
1148
session = podmanTest.Podman([]string{"run", "--network", net, ALPINE, "cat", "/etc/resolv.conf"})
1149
session.WaitWithDefaultTimeout()
1150
Expect(session).Should(ExitCleanly())
1151
Expect(session.OutputToString()).To(ContainSubstring("search dns.podman"))
1154
It("Rootless podman run with --net=bridge works and connects to default network", func() {
1155
// This is harmless when run as root, so we'll just let it run.
1156
ctrName := "testctr"
1157
ctr := podmanTest.Podman([]string{"run", "-d", "--net=bridge", "--name", ctrName, ALPINE, "top"})
1158
ctr.WaitWithDefaultTimeout()
1159
Expect(ctr).Should(ExitCleanly())
1161
inspectOut := podmanTest.InspectContainer(ctrName)
1162
Expect(inspectOut).To(HaveLen(1))
1163
Expect(inspectOut[0].NetworkSettings.Networks).To(HaveLen(1))
1164
Expect(inspectOut[0].NetworkSettings.Networks).To(HaveKey("podman"))
1167
// see https://github.com/containers/podman/issues/12972
1168
It("podman run check network-alias works on networks without dns", func() {
1169
net := "dns" + stringid.GenerateRandomID()
1170
session := podmanTest.Podman([]string{"network", "create", "--disable-dns", net})
1171
session.WaitWithDefaultTimeout()
1172
defer podmanTest.removeNetwork(net)
1173
Expect(session).Should(ExitCleanly())
1175
session = podmanTest.Podman([]string{"run", "--network", net, "--network-alias", "abcdef", ALPINE, "true"})
1176
session.WaitWithDefaultTimeout()
1177
Expect(session).Should(ExitCleanly())
1180
It("podman run with ipam none driver", func() {
1181
net := "ipam" + stringid.GenerateRandomID()
1182
session := podmanTest.Podman([]string{"network", "create", "--ipam-driver=none", net})
1183
session.WaitWithDefaultTimeout()
1184
defer podmanTest.removeNetwork(net)
1185
Expect(session).Should(ExitCleanly())
1187
session = podmanTest.Podman([]string{"run", "--network", net, ALPINE, "ip", "addr", "show", "eth0"})
1188
session.WaitWithDefaultTimeout()
1189
Expect(session).Should(ExitCleanly())
1190
Expect(session.OutputToStringArray()).To(HaveLen(4), "output should only show link local address")
1193
It("podman run with macvlan network", func() {
1194
net := "mv-" + stringid.GenerateRandomID()
1195
session := podmanTest.Podman([]string{"network", "create", "-d", "macvlan", "--subnet", "10.10.0.0/24", net})
1196
session.WaitWithDefaultTimeout()
1197
defer podmanTest.removeNetwork(net)
1198
Expect(session).Should(ExitCleanly())
1200
// use options and search to make sure we get the same resolv.conf everywhere
1201
run := podmanTest.Podman([]string{"run", "--network", net, "--dns", "127.0.0.128",
1202
"--dns-option", "ndots:1", "--dns-search", ".", ALPINE, "cat", "/etc/resolv.conf"})
1203
run.WaitWithDefaultTimeout()
1204
Expect(run).Should(ExitCleanly())
1205
Expect(string(run.Out.Contents())).To(Equal(`nameserver 127.0.0.128