From c85722eb9f552f2456d33589a1417264369a6366 Mon Sep 17 00:00:00 2001 From: Charlie Doern Date: Mon, 25 Jul 2022 10:21:14 -0400 Subject: [PATCH] pod create --share none should not create infra for podman pod create, when we are not sharing any namespaces there is no point for the infra container. This is especially true since resources have also been decoupled from the container recently. handle this on the cmd level so that we can still create infra if set explicitly resolves #15048 Signed-off-by: Charlie Doern --- cmd/podman/pods/create.go | 6 ++++++ docs/source/markdown/podman-pod-create.1.md | 2 +- test/e2e/pod_infra_container_test.go | 16 ++++++++++++++++ 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/cmd/podman/pods/create.go b/cmd/podman/pods/create.go index aea8a7229d..4f1f66ad6f 100644 --- a/cmd/podman/pods/create.go +++ b/cmd/podman/pods/create.go @@ -134,6 +134,12 @@ func create(cmd *cobra.Command, args []string) error { imageName = infraImage } img := imageName + + if !cmd.Flag("infra").Changed && (share == "none" || share == "") { + // we do not want an infra container when not sharing namespaces + createOptions.Infra = false + } + if !createOptions.Infra { if cmd.Flag("no-hosts").Changed { return fmt.Errorf("cannot specify --no-hosts without an infra container") diff --git a/docs/source/markdown/podman-pod-create.1.md b/docs/source/markdown/podman-pod-create.1.md index f6af4daa40..843aed3570 100644 --- a/docs/source/markdown/podman-pod-create.1.md +++ b/docs/source/markdown/podman-pod-create.1.md @@ -303,7 +303,7 @@ Note: Labeling can be disabled for all containers by setting label=false in the #### **--share**=*namespace* -A comma-separated list of kernel namespaces to share. If none or "" is specified, no namespaces will be shared. The namespaces to choose from are cgroup, ipc, net, pid, uts. If the option is prefixed with a "+" then the namespace is appended to the default list, otherwise it replaces the default list. Defaults matches Kubernetes default (ipc, net, uts) +A comma-separated list of kernel namespaces to share. If none or "" is specified, no namespaces will be shared and the infra container will not be created unless expiclity specified via **--infra=true**. The namespaces to choose from are cgroup, ipc, net, pid, uts. If the option is prefixed with a "+" then the namespace is appended to the default list, otherwise it replaces the default list. Defaults matches Kubernetes default (ipc, net, uts) #### **--share-parent** diff --git a/test/e2e/pod_infra_container_test.go b/test/e2e/pod_infra_container_test.go index a2e0905240..b536301562 100644 --- a/test/e2e/pod_infra_container_test.go +++ b/test/e2e/pod_infra_container_test.go @@ -435,4 +435,20 @@ var _ = Describe("Podman pod create", func() { Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring(hostname)) }) + + tests := []string{"", "none"} + for _, test := range tests { + test := test + It("podman pod create --share="+test+" should not create an infra ctr", func() { + session := podmanTest.Podman([]string{"pod", "create", "--share", test}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"pod", "inspect", "--format", "{{.NumContainers}}", session.OutputToString()}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).Should((Equal("0"))) + }) + } + })