containers / podman

Podman: A tool for managing OCI containers and pods.
https://podman.io
Apache License 2.0
23.83k stars 2.42k forks source link

DNS options have no effect for containers in a pod #4770

Closed 0x022b closed 4 years ago

0x022b commented 4 years ago

/kind bug

Description

Unable to set DNS options for containers that are run in a pod.

Steps to reproduce the issue:

  1. podman pod create --name dns-test

  2. podman run -it --rm --pod dns-test --dns 1.1.1.1 --dns-search . alpine cat /etc/resolv.conf

Describe the results you received:

search <redacted>
nameserver 10.0.2.3
nameserver 10.0.20.1

Describe the results you expected:

nameserver 1.1.1.1

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Version:            1.6.2
RemoteAPI Version:  1
Go Version:         go1.13.1
OS/Arch:            linux/amd64

Output of podman info --debug:

debug:
  compiler: gc
  git commit: ""
  go version: go1.13.1
  podman version: 1.6.2
host:
  BuildahVersion: 1.11.3
  CgroupVersion: v1
  Conmon:
    package: conmon-2.0.2-1.fc31.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.2, commit: 186a550ba0866ce799d74006dab97969a2107979'
  Distribution:
    distribution: fedora
    version: "31"
  IDMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  MemFree: 177729536
  MemTotal: 16478408704
  OCIRuntime:
    name: runc
    package: runc-1.0.0-101.rc9.gitc1485a1.fc31.x86_64
    path: /usr/bin/runc
    version: |-
      runc version 1.0.0-rc9+dev
      commit: ce97911e3cd37a5ce3ef98f7f1d4add21a3ac162
      spec: 1.0.1-dev
  SwapFree: 6726066176
  SwapTotal: 8308912128
  arch: amd64
  cpus: 4
  eventlogger: journald
  hostname: <redacted>
  kernel: 5.3.16-300.fc31.x86_64
  os: linux
  rootless: true
  slirp4netns:
    Executable: /usr/bin/slirp4netns
    Package: slirp4netns-0.4.0-20.1.dev.gitbbd6f25.fc31.x86_64
    Version: |-
      slirp4netns version 0.4.0-beta.3+dev
      commit: bbd6f25c70d5db2a1cd3bfb0416a8db99a75ed7e
  uptime: 255h 9m 34.6s (Approximately 10.62 days)
registries:
  blocked: null
  insecure: null
  search:
  - docker.io
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - registry.centos.org
  - quay.io
store:
  ConfigFile: /home/<redacted>/.config/containers/storage.conf
  ContainerStore:
    number: 1
  GraphDriverName: overlay
  GraphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: fuse-overlayfs-0.7.2-2.fc31.x86_64
      Version: |-
        fusermount3 version: 3.6.2
        fuse-overlayfs: version 0.7.2
        FUSE library version 3.6.2
        using FUSE kernel interface version 7.29
  GraphRoot: /home/<redacted>/.local/share/containers/storage
  GraphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  ImageStore:
    number: 17
  RunRoot: /run/user/1000
  VolumePath: /home/<redacted>/.local/share/containers/storage/volumes

Package info (e.g. output of rpm -q podman or apt list podman):

podman-1.6.2-2.fc31.x86_64

Additional environment details (AWS, VirtualBox, physical, etc.):

Physical machine

ensc commented 4 years ago

still with podman-1.7.0-0.5.rc2.fc31.x86_64

rhatdan commented 4 years ago

@haircommander @mheon PTAL

mheon commented 4 years ago

I think the safest option for this is to allow a local copy of /etc/resolv.conf, /etc/hosts for containers in a pod if they specify these options, instead of using the pod-level files.

mheon commented 4 years ago

To be clear, this means that --dns will affect only one container in the pod, not the entire pod.

To change the entire pod, we'd want to add --dns to podman pod create.

vrothberg commented 4 years ago

To be clear, this means that --dns will affect only one container in the pod, not the entire pod.

To change the entire pod, we'd want to add --dns to podman pod create.

Sounds good to me. @rhatdan WDYT?

mheon commented 4 years ago

We are actually in the process of adding --dns to podman pod create.

rhatdan commented 4 years ago

:+1:

rhatdan commented 4 years ago

Hopefully @mheon patch #5241 gets in and we can close this issue.