Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Podman play|generate kube isn't creating a pod with the equivalent of the -p option #5964

Closed
rsletten opened this issue Apr 23, 2020 · 17 comments · Fixed by #7053
Closed

Podman play|generate kube isn't creating a pod with the equivalent of the -p option #5964

rsletten opened this issue Apr 23, 2020 · 17 comments · Fixed by #7053
Assignees
@ashley-cui
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. stale-issue

Comments

@rsletten
Copy link

rsletten commented Apr 23, 2020
edited
Loading

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

podman generate kube doesn't seem to create any kube yaml which would run the equivalent of podman pod create -p 192.168.1.239:5000:5000/tcp

Or podman play kube doesn't create the pod with the hostIP assigned to the container.

[root@fedora31 ~]# podman pod create --name test -p 192.168.1.239:5000:5000/tcp
e3964a45d3c98a05e40c7e665f4c8b17aae7d948028995163a84cec1dd395491

[root@fedora31 ~]# podman run -dt -i --pod test alpine top
bc54853cf573bdd8e2930fd7014d0b1cde85f8d1abdb80628bfaf8ab31ab552f

[root@fedora31 ~]# podman ps -a
CONTAINER ID  IMAGE                            COMMAND  CREATED         STATUS            PORTS                         NAMES
bc54853cf573  docker.io/library/alpine:latest  top      6 seconds ago   Up 5 seconds ago  192.168.1.239:5000->5000/tcp  thirsty_moore
ed77b6ae8591  k8s.gcr.io/pause:3.2                      11 seconds ago  Up 5 seconds ago  192.168.1.239:5000->5000/tcp  e3964a45d3c9-infra

[root@fedora31 ~]# podman pod ps
POD ID         NAME   STATUS    CREATED          # OF CONTAINERS   INFRA ID
e3964a45d3c9   test   Running   18 seconds ago   2                 ed77b6ae8591

[root@fedora31 ~]# podman generate kube test > play.yaml

[root@fedora31 ~]# cat play.yaml
# Generation of Kubernetes YAML is still under development!
#
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-1.9.0
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: "2020-04-23T21:50:13Z"
  labels:
    app: test
  name: test
spec:
  containers:
  - command:
    - top
    env:
    - name: PATH
      value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
    - name: TERM
      value: xterm
    - name: container
      value: podman
    - name: HOSTNAME
      value: test
    image: docker.io/library/alpine:latest
    name: thirstymoore
    ports:
    - containerPort: 5000
      hostIP: 192.168.1.239
      hostPort: 5000
      protocol: TCP
    resources: {}
    securityContext:
      allowPrivilegeEscalation: true
      capabilities: {}
      privileged: false
      readOnlyRootFilesystem: false
      seLinuxOptions: {}
    stdin: true
    tty: true
    workingDir: /
status: {}
 
[root@fedora31 ~]# podman pod rm -f test
e3964a45d3c98a05e40c7e665f4c8b17aae7d948028995163a84cec1dd395491

[root@fedora31 ~]# podman play kube play.yaml
Trying to pull docker.io/library/alpine:latest...
Getting image source signatures
Copying blob aad63a933944 [--------------------------------------] 0.0b / 0.0b
Copying config a187dde48c done
Writing manifest to image destination
Storing signatures
Pod:
c8a16308d400e7918ee4d5d3201f69f951057d89980480de037809d13bf1aa45
Container:
aeae6717809db4d23d55e7ee803450005a0c069972cb4da140709f597b11b669

[root@fedora31 ~]# podman ps -a
CONTAINER ID  IMAGE                            COMMAND  CREATED        STATUS            PORTS                   NAMES
aeae6717809d  docker.io/library/alpine:latest  top      5 seconds ago  Up 4 seconds ago  0.0.0.0:5000->5000/tcp  thirstymoore
cceba00f69de  k8s.gcr.io/pause:3.2                      7 seconds ago  Up 5 seconds ago  0.0.0.0:5000->5000/tcp  c8a16308d400-infra

[root@fedora31 ~]# podman pod ps
POD ID         NAME   STATUS    CREATED          # OF CONTAINERS   INFRA ID
c8a16308d400   test   Running   38 seconds ago   2                 cceba00f69de

[root@fedora31 ~]# podman version
Version:            1.9.0
RemoteAPI Version:  1
Go Version:         go1.13.9
OS/Arch:            linux/amd64

Describe the results you received:

[root@fedora31 ~]# podman play kube play.yaml
Trying to pull docker.io/library/alpine:latest...
Getting image source signatures
Copying blob aad63a933944 [--------------------------------------] 0.0b / 0.0b
Copying config a187dde48c done
Writing manifest to image destination
Storing signatures
Pod:
c8a16308d400e7918ee4d5d3201f69f951057d89980480de037809d13bf1aa45
Container:
aeae6717809db4d23d55e7ee803450005a0c069972cb4da140709f597b11b669

[root@fedora31 ~]# podman ps -a
CONTAINER ID  IMAGE                            COMMAND  CREATED        STATUS            PORTS                   NAMES
aeae6717809d  docker.io/library/alpine:latest  top      5 seconds ago  Up 4 seconds ago  0.0.0.0:5000->5000/tcp  thirstymoore
cceba00f69de  k8s.gcr.io/pause:3.2                      7 seconds ago  Up 5 seconds ago  0.0.0.0:5000->5000/tcp  c8a16308d400-infra

Describe the results you expected:

[root@fedora31 ~]# podman play kube play.yaml
Trying to pull docker.io/library/alpine:latest...
Getting image source signatures
Copying blob aad63a933944 [--------------------------------------] 0.0b / 0.0b
Copying config a187dde48c done
Writing manifest to image destination
Storing signatures
Pod:
c8a16308d400e7918ee4d5d3201f69f951057d89980480de037809d13bf1aa45
Container:
aeae6717809db4d23d55e7ee803450005a0c069972cb4da140709f597b11b669

CONTAINER ID  IMAGE                            COMMAND  CREATED         STATUS            PORTS                         NAMES
bc54853cf573  docker.io/library/alpine:latest  top      6 seconds ago   Up 5 seconds ago  192.168.1.239:5000->5000/tcp  thirsty_moore
ed77b6ae8591  k8s.gcr.io/pause:3.2                      11 seconds ago  Up 5 seconds ago  192.168.1.239:5000->5000/tcp  e3964a45d3c9-infra

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Version:            1.9.0
RemoteAPI Version:  1
Go Version:         go1.13.9
OS/Arch:            linux/amd64

Output of podman info --debug:

debug:
  compiler: gc
  gitCommit: ""
  goVersion: go1.13.9
  podmanVersion: 1.9.0
host:
  arch: amd64
  buildahVersion: 1.14.8
  cgroupVersion: v2
  conmon:
    package: conmon-2.0.15-1.fc31.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.15, commit: 4152e6044da92e0c5f246e5adf14c85f41443759'
  cpus: 4
  distribution:
    distribution: fedora
    version: "31"
  eventLogger: journald
  hostname: fedora31.rsletten.com
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 5.5.17-200.fc31.x86_64
  memFree: 2741886976
  memTotal: 4120424448
  ociRuntime:
    name: crun
    package: crun-0.13-2.fc31.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 0.13
      commit: e79e4de4ac16da0ce48777afb72c6241de870525
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  rootless: false
  slirp4netns:
    executable: ""
    package: ""
    version: ""
  swapFree: 4261408768
  swapTotal: 4261408768
  uptime: 1h 15m 37.83s (Approximately 0.04 days)
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - registry.centos.org
  - docker.io
store:
  configFile: /etc/containers/storage.conf
  containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
  graphDriverName: overlay
  graphOptions:
    overlay.mountopt: nodev,metacopy=on
  graphRoot: /var/lib/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "true"
  imageStore:
    number: 2
  runRoot: /var/run/containers/storage
  volumePath: /var/lib/containers/storage/volumes

Package info (e.g. output of rpm -q podman or apt list podman):

podman-1.9.0-1.fc31.x86_64

Additional environment details (AWS, VirtualBox, physical, etc.):

VM on Proxmox
@openshift-ci-robot openshift-ci-robot added the kind/bug Categorizes issue or PR as related to a bug. label Apr 23, 2020
@rhatdan
Copy link
Member

rhatdan commented Apr 24, 2020

@haircommander WDYT?

@haircommander
Copy link
Collaborator

We have the hostPort options wired up, but it's possible there's somewhere it's dropped. I'll try to look at this later today

@tylarb
Copy link
Contributor

tylarb commented Apr 24, 2020

I remember from working on #5642, port parsing should be fine, but there's no bind to individual IP supported.

As of 1.9 it's not supported https://github.com/containers/libpod/blob/d985723506a29766ed21585ba8541033db6bd572/pkg/adapter/pods.go#L798

Where did pkg/adapter go in v2?

@x70b1
Copy link

x70b1 commented May 22, 2020

I can confirm this.

    ports:
    - containerPort: 9095
      hostIP: 10.4.0.61
      hostPort: 9095
      protocol: TCP

This yaml create a container like:

PORTS
0.0.0.0:9095->9095/tcp

@mheon
Copy link
Member

mheon commented Jun 2, 2020

We should fix this for v2.0

@mheon
Copy link
Member

mheon commented Jun 8, 2020

@ashley-cui PTAL

@mheon mheon assigned ashley-cui and unassigned haircommander Jun 8, 2020
@x70b1
Copy link

x70b1 commented Jun 19, 2020

@mheon Unfortunately it is not fixed in v2.0.

This is a real problem. It is currently not possible to use a port twice if you have multiple IPs on the host.

@github-actions
Copy link

A friendly reminder that this issue had no activity for 30 days.

@rhatdan
Copy link
Member

rhatdan commented Jul 20, 2020

@ashley-cui Did you ever get a chance to look at this?
@ryanchpowell Any chance you could look at this?

@ashley-cui
Copy link
Member

@rhatdan Didn't get a chance to look at it, but should be free to take it today, unless @ryanchpowell wants it

@rhatdan
Copy link
Member

rhatdan commented Jul 20, 2020

@ashley-cui you take it.

@ashley-cui
Copy link
Member

@rhatdan How do I write tests for this? Since IP's change from machine to machine

@ashley-cui ashley-cui mentioned this issue Jul 22, 2020
Merged
@x70b1
Copy link

x70b1 commented Aug 4, 2020
edited
Loading

This issue seems to be fixed with the PR. In which version will this be shipped?
I installed 2.0.4 and the issue is still there.

@zhangguanzhang
Copy link
Collaborator

I test it , it's ok in 2.0.4 @x70b1

root@develop:~# podman pod create --name test -p 127.0.0.1:5000:5000/tcp
ab80c59f25f86548e4a650844ea4e7eaa7af003299e7096675b003553271f88d
root@develop:~# podman run -dt -i --pod test alpine top -d 10
8839a33de99021534a3876e9b7cda8a7d5caa054022c3bea07a5112e604b5295
root@develop:~# podman generate kube test
# Generation of Kubernetes YAML is still under development!
#
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-2.0.2
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: "2020-08-04T13:06:22Z"
  labels:
    app: test
  name: test
spec:
  containers:
  - command:
    - top
    - -d
    - "10"
    env:
    - name: PATH
      value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
    - name: TERM
      value: xterm
    - name: container
      value: podman
    - name: HOSTNAME
      value: test
    image: docker.io/library/alpine:3.12
    name: kindmeitner
    ports:
    - containerPort: 5000
      hostIP: 127.0.0.1
      hostPort: 5000
      protocol: TCP
    resources: {}
    securityContext:
      allowPrivilegeEscalation: true
      capabilities: {}
      privileged: false
      readOnlyRootFilesystem: false
      seLinuxOptions: {}
    stdin: true
    tty: true
    workingDir: /
status: {}
---
metadata:
  creationTimestamp: null
spec: {}
status:
  loadBalancer: {}

root@develop:~# podman --version
podman version 2.0.4

@x70b1
Copy link

x70b1 commented Aug 4, 2020
edited
Loading

@zhangguanzhang What did you exactly test?

The problem here is that podman listen on all adresses instead of the defined one.

#  netstat -tulpen | grep conmon
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      0          23029      1096/conmon
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      0          23030      1096/conmon

# podman --version
podman version 2.0.4

That is my kubernetes.yaml:

spec:

...

    - image: localhost/nginx
      name: nginx
      ports:
       - containerPort: 80
         hostIP: 192.168.100.1
         hostPort: 80
         protocol: tcp
       - containerPort: 443
         hostIP: 192.168.100.1
         hostPort: 443
         protocol: tcp

@ashley-cui
Copy link
Member

Looks like it didn't get into 2.0.4 but is in master

@x70b1
Copy link

x70b1 commented Aug 4, 2020

Well, then lets hope for 2.0.5 🤞

@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 23, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@ashley-cui ashley-cui

Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. stale-issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Publish IP from YAML (podman play kube) ashley-cui/podman
9 participants
@rhatdan @rsletten @mheon @haircommander @x70b1 @zhangguanzhang @tylarb @openshift-ci-robot @ashley-cui