Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix incorrect host.containers.internal entry for rootless bridge mode #22740

Merged
merged 2 commits into from
May 20, 2024
Merged

fix incorrect host.containers.internal entry for rootless bridge mode #22740

merged 2 commits into from
May 20, 2024

Conversation

Luap99
Copy link
Member

@Luap99 Luap99 commented May 17, 2024

We have to exclude the ips in the rootless netns as they are not the
host. Now that fix only works if there are more than one ip one the
host available, if there is only one we do not set the entry at all
which I consider better as failing to resolve this name is a much better
error for users than connecting to a wrong ip. It also matches what
--network pasta already does.

Fixes #22653

Does this PR introduce a user-facing change?

Fixed a bug where a incorrect host.containers.internal entry could be added when running rootless with the bridge network mode.

@Luap99
vendor latest c/common main
54ce5c6 
Includes a new libnetwork API to get the rootlessnetns ips.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
@Luap99
fix incorrect host.containers.internal entry for rootless bridge mode
fb2ab83 
We have to exclude the ips in the rootless netns as they are not the
host. Now that fix only works if there are more than one ip one the
host available, if there is only one we do not set the entry at all
which I consider better as failing to resolve this name is a much better
error for users than connecting to a wrong ip. It also matches what
--network pasta already does.

The test is bit more compilcated as I would like, however it must deal
with both cases one ip, more than one so there is no way around it I
think.

Fixes containers#22653

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
@openshift-ci openshift-ci bot added release-note approved Indicates a PR has been approved by an approver from all required OWNERS files. labels May 17, 2024
@packit-as-a-service Packit-as-a-Service
Copy link

Ephemeral COPR build failed. @containers/packit-build please check.

@mheon
Copy link
Member

mheon commented May 17, 2024

/cherry-pick v5.1

@openshift-cherrypick-robot
Copy link
Collaborator

@mheon: once the present PR merges, I will cherry-pick it on top of v5.1 in a new PR and assign it to you.

In response to this:

/cherry-pick v5.1

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@mheon
Copy link
Member

mheon commented May 17, 2024

LGTM

1 similar comment
@rhatdan
Copy link
Member

rhatdan commented May 17, 2024

LGTM

edsantiago
edsantiago approved these changes May 20, 2024
View reviewed changes
Copy link
Collaborator

@edsantiago edsantiago left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Test LGTM

@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented May 20, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: edsantiago, Luap99

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@rhatdan
Copy link
Member

rhatdan commented May 20, 2024

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label May 20, 2024
@openshift-merge-bot openshift-merge-bot bot merged commit 8bb8658 into containers:main May 20, 2024
89 of 91 checks passed
@openshift-cherrypick-robot
Copy link
Collaborator

@mheon: new pull request created: #22755

In response to this:

/cherry-pick v5.1

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request May 20, 2024
Merged
@Luap99 Luap99 deleted the rootlessnetns-hosts branch May 21, 2024 11:12
@dgibson dgibson mentioned this pull request May 22, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@edsantiago edsantiago edsantiago approved these changes

Assignees

@rhatdan rhatdan

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. release-note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Host unreachable from container with bridge network on Podman v5
5 participants
@Luap99 @mheon @openshift-cherrypick-robot @rhatdan @edsantiago