containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13485 from Luap99/ipv6-slirp 

slirp: fix setup on ipv6 disabled systems
This commit is contained in:
OpenShift Merge Robot 2022-03-14 16:06:04 -04:00 committed by GitHub
parent 33d808108f 3bb046a5e3
commit ae7997ab50
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 30 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
libpod/networking_slirp4netns.go
View File

@ -13,6 +13,7 @@ import (
"path/filepath" "path/filepath"
"strconv" "strconv"
"strings" "strings"
"sync"
"syscall" "syscall"
"time" "time"
@ -302,11 +303,15 @@ func (r *Runtime) setupSlirp4netns(ctr *Container, netns ns.NetNS) error {
cmd.Stdout = logFile cmd.Stdout = logFile
cmd.Stderr = logFile cmd.Stderr = logFile
var slirpReadyChan (chan struct{}) var slirpReadyWg, netnsReadyWg *sync.WaitGroup
if netOptions.enableIPv6 { if netOptions.enableIPv6 {
slirpReadyChan = make(chan struct{}) // use two wait groups to make sure we set the sysctl before
defer close(slirpReadyChan) // starting slirp and reset it only after slirp is ready
slirpReadyWg = &sync.WaitGroup{}
netnsReadyWg = &sync.WaitGroup{}
slirpReadyWg.Add(1)
netnsReadyWg.Add(1)
go func() { go func() {
err := ns.WithNetNSPath(netnsPath, func(_ ns.NetNS) error { err := ns.WithNetNSPath(netnsPath, func(_ ns.NetNS) error {
// Duplicate Address Detection slows the ipv6 setup down for 1-2 seconds. // Duplicate Address Detection slows the ipv6 setup down for 1-2 seconds.
@ -318,23 +323,37 @@ func (r *Runtime) setupSlirp4netns(ctr *Container, netns ns.NetNS) error {
// is ready in case users rely on this sysctl. // is ready in case users rely on this sysctl.
orgValue, err := ioutil.ReadFile(ipv6ConfDefaultAcceptDadSysctl) orgValue, err := ioutil.ReadFile(ipv6ConfDefaultAcceptDadSysctl)
if err != nil { if err != nil {
netnsReadyWg.Done()
// on ipv6 disabled systems the sysctl does not exists
// so we should not error
if errors.Is(err, os.ErrNotExist) {
return nil
}
return err return err
} }
err = ioutil.WriteFile(ipv6ConfDefaultAcceptDadSysctl, []byte("0"), 0644) err = ioutil.WriteFile(ipv6ConfDefaultAcceptDadSysctl, []byte("0"), 0644)
netnsReadyWg.Done()
if err != nil { if err != nil {
return err return err
} }
// wait for slirp to finish setup
<-slirpReadyChan // wait until slirp4nets is ready before reseting this value
slirpReadyWg.Wait()
return ioutil.WriteFile(ipv6ConfDefaultAcceptDadSysctl, orgValue, 0644) return ioutil.WriteFile(ipv6ConfDefaultAcceptDadSysctl, orgValue, 0644)
}) })
if err != nil { if err != nil {
logrus.Warnf("failed to set net.ipv6.conf.default.accept_dad sysctl: %v", err) logrus.Warnf("failed to set net.ipv6.conf.default.accept_dad sysctl: %v", err)
} }
}() }()
// wait until we set the sysctl
netnsReadyWg.Wait()
} }
if err := cmd.Start(); err != nil { if err := cmd.Start(); err != nil {
if netOptions.enableIPv6 {
slirpReadyWg.Done()
}
return errors.Wrapf(err, "failed to start slirp4netns process") return errors.Wrapf(err, "failed to start slirp4netns process")
} }
defer func() { defer func() {
@ -344,11 +363,12 @@ func (r *Runtime) setupSlirp4netns(ctr *Container, netns ns.NetNS) error {
} }
}() }()
if err := waitForSync(syncR, cmd, logFile, 1*time.Second); err != nil { err = waitForSync(syncR, cmd, logFile, 1*time.Second)
return err if netOptions.enableIPv6 {
slirpReadyWg.Done()
} }
if slirpReadyChan != nil { if err != nil {
slirpReadyChan <- struct{}{} return err
} }
// Set a default slirp subnet. Parsing a string with the net helper is easier than building the struct myself // Set a default slirp subnet. Parsing a string with the net helper is easier than building the struct myself