Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support dnsConfig in kube yaml with "podman play kube" #9132

Closed
phlogistonjohn opened this issue Jan 27, 2021 · 4 comments · Fixed by #9150
Closed

Support dnsConfig in kube yaml with "podman play kube" #9132

phlogistonjohn opened this issue Jan 27, 2021 · 4 comments · Fixed by #9150
Assignees
@baude
Labels
Good First Issue This issue would be a good issue for a first time contributor to undertake. In Progress This issue is actively being worked by the assignee, please do not work on this at this time. kind/feature Categorizes issue or PR as related to a new feature. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@phlogistonjohn
Copy link

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind feature

Description

Support "dnsConfig" in pod YAML when running podman play kube.

AFAICT it doesn't show up in a code search at github and only appears in one issue (linked below) so I assume its not implemented yet so I chose feature. :-)

Steps to reproduce the issue:

  1. I have a test set up where I run a specifc DNS server locally but that is not connected to the system resolv.conf. I can use podman pod create to establish this DNS server for my test pod.

  2. The command podman generate kube doesn't reflect these added options

  3. Following the k8s documentation to manaully add "dnsPolicy" and "dnsConfig" subsections does not seem to change the behavior of the containers in the pod.

Describe the results you received:

The dnsConfig subsection appears to be ignored.

Describe the results you expected:

Podman treats the dnsConfig options similarly to the podman pod create options --dns, --dns-opt and --dns-search

Additional information you deem important (e.g. issue happens only occasionally):

I found the following by searching github: #5620 (comment)
From this it was not clear that if these were already supported or simply should be supported in the future.

FWIW I'm running this rootless. But since the podman pod create options worked rootless I would assume the kube yaml could apply to either rootless or rootful.

Output of podman version:

Version:      2.2.1
API Version:  2.1.0
Go Version:   go1.14.10
Built:        Tue Dec  8 09:37:43 2020
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.18.0
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.0.21-2.fc32.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.21, commit: 81d18b6c3ffc266abdef7ca94c1450e669a6a388'
  cpus: 8
  distribution:
    distribution: fedora
    version: "32"
  eventLogger: journald
  hostname: popcorn
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 210000
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 210000
  kernel: 5.9.13-100.fc32.x86_64
  linkmode: dynamic
  memFree: 9700519936
  memTotal: 32880840704
  ociRuntime:
    name: crun
    package: crun-0.16-1.fc32.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 0.16
      commit: eb0145e5ad4d8207e84a327248af76663d4e50dd
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  remoteSocket:
    path: /run/user/1000/podman/podman.sock
  rootless: true
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.1.8-1.fc32.x86_64
    version: |-
      slirp4netns version 1.1.8
      commit: d361001f495417b880f20329121e3aa431a8f90f
      libslirp: 4.3.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.0
  swapFree: 15654551552
  swapTotal: 16542330880
  uptime: 1084h 16m 7.68s (Approximately 45.17 days)
registries:
  localhost:5555:
    Blocked: false
    Insecure: true
    Location: localhost:5555
    MirrorByDigestOnly: false
    Mirrors: null
    Prefix: localhost:5555
  search:
  - docker.io
  - quay.io
store:
  configFile: /home/jmulliga/.config/containers/storage.conf
  containerStore:
    number: 8
    paused: 0
    running: 5
    stopped: 3
  graphDriverName: overlay
  graphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: fuse-overlayfs-1.3.0-1.fc32.x86_64
      Version: |-
        fusermount3 version: 3.9.1
        fuse-overlayfs: version 1.3
        FUSE library version 3.9.1
        using FUSE kernel interface version 7.31
  graphRoot: /srv/bulk/users/jmulliga/containers/storage
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 1225
  runRoot: /run/user/1000
  volumePath: /srv/bulk/users/jmulliga/containers/storage/volumes
version:
  APIVersion: 2.1.0
  Built: 1607438263
  BuiltTime: Tue Dec  8 09:37:43 2020
  GitCommit: ""
  GoVersion: go1.14.10
  OsArch: linux/amd64
  Version: 2.2.1

Package info (e.g. output of rpm -q podman or apt list podman):

podman-2.2.1-1.fc32.x86_64

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide?

Yes/No

Additional environment details (AWS, VirtualBox, physical, etc.):
@openshift-ci-robot openshift-ci-robot added the kind/feature Categorizes issue or PR as related to a new feature. label Jan 27, 2021
@mheon
Copy link
Member

mheon commented Jan 27, 2021

Should be very easy addition (most changes would be in pkg/specgen/generate/kube/kube.go, going to tag this as a good first issue.

@mheon mheon added the Good First Issue This issue would be a good issue for a first time contributor to undertake. label Jan 27, 2021
@baude
Copy link
Member

baude commented Jan 27, 2021

can you cite the documentation?

@phlogistonjohn
Copy link
Author

https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config

@baude baude self-assigned this Jan 28, 2021
@baude baude added the In Progress This issue is actively being worked by the assignee, please do not work on this at this time. label Jan 28, 2021
@baude baude mentioned this issue Jan 28, 2021
Merged
@baude
Copy link
Member

baude commented Jan 28, 2021

@phlogistonjohn if you would like to try out the PR #9150 , you feedback would be welcome

baude added a commit to baude/podman that referenced this issue Jan 29, 2021
@baude
Honor custom DNS in play|generate kube
ca0dd76 
when creating kubernetes yaml from containers and pods, we should honor
any custom dns settings the user provided. in the case of generate kube,
these would be provided by --dns, --dns-search, and --dns-opt. if
multiple containers are involved in the generate, the options will be
cumulative and unique with the exception of dns-opt.

when replaying a kube file that has kubernetes dns information, we now
also add that information to the pod creation.

the options for dnspolicy is not enabled as there seemed to be no direct
correlation between kubernetes and podman.

Fixes: containers#9132

Signed-off-by: baude <[email protected]>
mheon pushed a commit to mheon/libpod that referenced this issue Feb 4, 2021
@baude @mheon
Honor custom DNS in play|generate kube
c749515 
when creating kubernetes yaml from containers and pods, we should honor
any custom dns settings the user provided. in the case of generate kube,
these would be provided by --dns, --dns-search, and --dns-opt. if
multiple containers are involved in the generate, the options will be
cumulative and unique with the exception of dns-opt.

when replaying a kube file that has kubernetes dns information, we now
also add that information to the pod creation.

the options for dnspolicy is not enabled as there seemed to be no direct
correlation between kubernetes and podman.

Fixes: containers#9132

Signed-off-by: baude <[email protected]>
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 22, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 22, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@baude baude

Labels
Good First Issue This issue would be a good issue for a first time contributor to undertake. In Progress This issue is actively being worked by the assignee, please do not work on this at this time. kind/feature Categorizes issue or PR as related to a new feature. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Honor custom DNS in play|generate kube baude/podman
4 participants
@mheon @baude @openshift-ci-robot @phlogistonjohn