containers
/
automation-tests
mirror of https://github.com/containers/automation-tests.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1237 from flouthoc/network-scoped-dns-common 

libnetwork, Network: add field `NetworkDNSServers` for network scoped dns
This commit is contained in:
OpenShift Merge Robot 2022-11-21 15:31:07 -05:00 committed by GitHub
parent c07e61841a f1cb293c6e
commit eadaea507a
5 changed files with 58 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
common/libnetwork/cni/config.go
View File

@ -36,6 +36,9 @@ func (n *cniNetwork) NetworkCreate(net types.Network) (types.Network, error) {
// networkCreate will fill out the given network struct and return the new network entry. // networkCreate will fill out the given network struct and return the new network entry.
// If defaultNet is true it will not validate against used subnets and it will not write the cni config to disk. // If defaultNet is true it will not validate against used subnets and it will not write the cni config to disk.
func (n *cniNetwork) networkCreate(newNetwork *types.Network, defaultNet bool) (*network, error) { func (n *cniNetwork) networkCreate(newNetwork *types.Network, defaultNet bool) (*network, error) {
if len(newNetwork.NetworkDNSServers) > 0 {
return nil, fmt.Errorf("NetworkDNSServers cannot be configured for backend CNI: %w", types.ErrInvalidArg)
}
// if no driver is set use the default one // if no driver is set use the default one
if newNetwork.Driver == "" { if newNetwork.Driver == "" {
newNetwork.Driver = types.DefaultNetworkDriver newNetwork.Driver = types.DefaultNetworkDriver

10
common/libnetwork/cni/config_test.go
View File

@ -143,6 +143,16 @@ var _ = Describe("Config", func() {
Expect(network2.Subnets[0].Subnet.Contains(network1.Subnets[0].Subnet.IP)).To(BeFalse()) Expect(network2.Subnets[0].Subnet.Contains(network1.Subnets[0].Subnet.IP)).To(BeFalse())
}) })
It("create network with NetworDNSServers with DNSEnabled=false", func() {
network := types.Network{
NetworkDNSServers: []string{"8.8.8.8", "3.3.3.3"},
DNSEnabled: false,
}
_, err := libpodNet.NetworkCreate(network)
Expect(err).To(HaveOccurred())
Expect(err.Error()).To(ContainSubstring(`NetworkDNSServers cannot be configured for backend CNI`))
})
It("create bridge config", func() { It("create bridge config", func() {
network := types.Network{Driver: "bridge"} network := types.Network{Driver: "bridge"}
network1, err := libpodNet.NetworkCreate(network) network1, err := libpodNet.NetworkCreate(network)

11
common/libnetwork/netavark/config.go
View File

@ -137,6 +137,17 @@ func (n *netavarkNetwork) networkCreate(newNetwork *types.Network, defaultNet bo
// when we do not have ipam we must disable dns // when we do not have ipam we must disable dns
internalutil.IpamNoneDisableDNS(newNetwork) internalutil.IpamNoneDisableDNS(newNetwork)
// process NetworkDNSServers
if len(newNetwork.NetworkDNSServers) > 0 && !newNetwork.DNSEnabled {
return nil, fmt.Errorf("Cannot set NetworkDNSServers if DNS is not enabled for the network: %w", types.ErrInvalidArg)
}
// validate ip address
for _, dnsServer := range newNetwork.NetworkDNSServers {
if net.ParseIP(dnsServer) == nil {
return nil, fmt.Errorf("Unable to parse ip %s specified in NetworkDNSServers: %w", dnsServer, types.ErrInvalidArg)
}
}
// add gateway when not internal or dns enabled // add gateway when not internal or dns enabled
addGateway := !newNetwork.Internal || newNetwork.DNSEnabled addGateway := !newNetwork.Internal || newNetwork.DNSEnabled
err = internalutil.ValidateSubnets(newNetwork, addGateway, usedNetworks) err = internalutil.ValidateSubnets(newNetwork, addGateway, usedNetworks)

30
common/libnetwork/netavark/config_test.go
View File

@ -618,6 +618,36 @@ var _ = Describe("Config", func() {
Expect(network1.Internal).To(BeTrue()) Expect(network1.Internal).To(BeTrue())
}) })
It("create network with NetworDNSServers", func() {
network := types.Network{
NetworkDNSServers: []string{"8.8.8.8", "3.3.3.3"},
DNSEnabled: true,
}
network1, err := libpodNet.NetworkCreate(network)
Expect(err).To(BeNil())
Expect(network1.NetworkDNSServers).To(Equal([]string{"8.8.8.8", "3.3.3.3"}))
})
It("create network with NetworDNSServers with invalid IP", func() {
network := types.Network{
NetworkDNSServers: []string{"a.b.c.d", "3.3.3.3"},
DNSEnabled: true,
}
_, err := libpodNet.NetworkCreate(network)
Expect(err).To(HaveOccurred())
Expect(err.Error()).To(ContainSubstring(`Unable to parse ip a.b.c.d`))
})
It("create network with NetworDNSServers with DNSEnabled=false", func() {
network := types.Network{
NetworkDNSServers: []string{"8.8.8.8", "3.3.3.3"},
DNSEnabled: false,
}
_, err := libpodNet.NetworkCreate(network)
Expect(err).To(HaveOccurred())
Expect(err.Error()).To(ContainSubstring(`Cannot set NetworkDNSServers if DNS is not enabled for the network`))
})
It("create network with labels", func() { It("create network with labels", func() {
network := types.Network{ network := types.Network{
Labels: map[string]string{ Labels: map[string]string{

4
common/libnetwork/types/network.go
View File

@ -56,6 +56,10 @@ type Network struct {
// DNSEnabled is whether name resolution is active for container on // DNSEnabled is whether name resolution is active for container on
// this Network. Only supported with the bridge driver. // this Network. Only supported with the bridge driver.
DNSEnabled bool `json:"dns_enabled"` DNSEnabled bool `json:"dns_enabled"`
// List of custom DNS server for podman's DNS resolver at network level,
// all the containers attached to this network will consider resolvers
// configured at network level.
NetworkDNSServers []string `json:"network_dns_servers,omitempty"`
// Labels is a set of key-value labels that have been applied to the // Labels is a set of key-value labels that have been applied to the
// Network. // Network.
Labels map[string]string `json:"labels,omitempty"` Labels map[string]string `json:"labels,omitempty"`