Podman: Podman play|generate kube isn't creating a pod with the equivalent of the -p option

Created on 24 Apr 2020 · 17Comments · Source: containers/podman

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

podman generate kube doesn't seem to create any kube yaml which would run the equivalent of podman pod create -p 192.168.1.239:5000:5000/tcp

Or podman play kube doesn't create the pod with the hostIP assigned to the container.

[root@fedora31 ~]# podman pod create --name test -p 192.168.1.239:5000:5000/tcp
e3964a45d3c98a05e40c7e665f4c8b17aae7d948028995163a84cec1dd395491

[root@fedora31 ~]# podman run -dt -i --pod test alpine top
bc54853cf573bdd8e2930fd7014d0b1cde85f8d1abdb80628bfaf8ab31ab552f

[root@fedora31 ~]# podman ps -a
CONTAINER ID  IMAGE                            COMMAND  CREATED         STATUS            PORTS                         NAMES
bc54853cf573  docker.io/library/alpine:latest  top      6 seconds ago   Up 5 seconds ago  192.168.1.239:5000->5000/tcp  thirsty_moore
ed77b6ae8591  k8s.gcr.io/pause:3.2                      11 seconds ago  Up 5 seconds ago  192.168.1.239:5000->5000/tcp  e3964a45d3c9-infra

[root@fedora31 ~]# podman pod ps
POD ID         NAME   STATUS    CREATED          # OF CONTAINERS   INFRA ID
e3964a45d3c9   test   Running   18 seconds ago   2                 ed77b6ae8591

[root@fedora31 ~]# podman generate kube test > play.yaml

[root@fedora31 ~]# cat play.yaml
# Generation of Kubernetes YAML is still under development!
#
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-1.9.0
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: "2020-04-23T21:50:13Z"
  labels:
    app: test
  name: test
spec:
  containers:
  - command:
    - top
    env:
    - name: PATH
      value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
    - name: TERM
      value: xterm
    - name: container
      value: podman
    - name: HOSTNAME
      value: test
    image: docker.io/library/alpine:latest
    name: thirstymoore
    ports:
    - containerPort: 5000
      hostIP: 192.168.1.239
      hostPort: 5000
      protocol: TCP
    resources: {}
    securityContext:
      allowPrivilegeEscalation: true
      capabilities: {}
      privileged: false
      readOnlyRootFilesystem: false
      seLinuxOptions: {}
    stdin: true
    tty: true
    workingDir: /
status: {}

[root@fedora31 ~]# podman pod rm -f test
e3964a45d3c98a05e40c7e665f4c8b17aae7d948028995163a84cec1dd395491

[root@fedora31 ~]# podman play kube play.yaml
Trying to pull docker.io/library/alpine:latest...
Getting image source signatures
Copying blob aad63a933944 [--------------------------------------] 0.0b / 0.0b
Copying config a187dde48c done
Writing manifest to image destination
Storing signatures
Pod:
c8a16308d400e7918ee4d5d3201f69f951057d89980480de037809d13bf1aa45
Container:
aeae6717809db4d23d55e7ee803450005a0c069972cb4da140709f597b11b669

[root@fedora31 ~]# podman ps -a
CONTAINER ID  IMAGE                            COMMAND  CREATED        STATUS            PORTS                   NAMES
aeae6717809d  docker.io/library/alpine:latest  top      5 seconds ago  Up 4 seconds ago  0.0.0.0:5000->5000/tcp  thirstymoore
cceba00f69de  k8s.gcr.io/pause:3.2                      7 seconds ago  Up 5 seconds ago  0.0.0.0:5000->5000/tcp  c8a16308d400-infra

[root@fedora31 ~]# podman pod ps
POD ID         NAME   STATUS    CREATED          # OF CONTAINERS   INFRA ID
c8a16308d400   test   Running   38 seconds ago   2                 cceba00f69de

[root@fedora31 ~]# podman version
Version:            1.9.0
RemoteAPI Version:  1
Go Version:         go1.13.9
OS/Arch:            linux/amd64

Describe the results you received:

[root@fedora31 ~]# podman play kube play.yaml
Trying to pull docker.io/library/alpine:latest...
Getting image source signatures
Copying blob aad63a933944 [--------------------------------------] 0.0b / 0.0b
Copying config a187dde48c done
Writing manifest to image destination
Storing signatures
Pod:
c8a16308d400e7918ee4d5d3201f69f951057d89980480de037809d13bf1aa45
Container:
aeae6717809db4d23d55e7ee803450005a0c069972cb4da140709f597b11b669

[root@fedora31 ~]# podman ps -a
CONTAINER ID  IMAGE                            COMMAND  CREATED        STATUS            PORTS                   NAMES
aeae6717809d  docker.io/library/alpine:latest  top      5 seconds ago  Up 4 seconds ago  0.0.0.0:5000->5000/tcp  thirstymoore
cceba00f69de  k8s.gcr.io/pause:3.2                      7 seconds ago  Up 5 seconds ago  0.0.0.0:5000->5000/tcp  c8a16308d400-infra

Describe the results you expected:

[root@fedora31 ~]# podman play kube play.yaml
Trying to pull docker.io/library/alpine:latest...
Getting image source signatures
Copying blob aad63a933944 [--------------------------------------] 0.0b / 0.0b
Copying config a187dde48c done
Writing manifest to image destination
Storing signatures
Pod:
c8a16308d400e7918ee4d5d3201f69f951057d89980480de037809d13bf1aa45
Container:
aeae6717809db4d23d55e7ee803450005a0c069972cb4da140709f597b11b669

CONTAINER ID  IMAGE                            COMMAND  CREATED         STATUS            PORTS                         NAMES
bc54853cf573  docker.io/library/alpine:latest  top      6 seconds ago   Up 5 seconds ago  192.168.1.239:5000->5000/tcp  thirsty_moore
ed77b6ae8591  k8s.gcr.io/pause:3.2                      11 seconds ago  Up 5 seconds ago  192.168.1.239:5000->5000/tcp  e3964a45d3c9-infra

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Version:            1.9.0
RemoteAPI Version:  1
Go Version:         go1.13.9
OS/Arch:            linux/amd64

Output of podman info --debug:

debug:
  compiler: gc
  gitCommit: ""
  goVersion: go1.13.9
  podmanVersion: 1.9.0
host:
  arch: amd64
  buildahVersion: 1.14.8
  cgroupVersion: v2
  conmon:
    package: conmon-2.0.15-1.fc31.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.15, commit: 4152e6044da92e0c5f246e5adf14c85f41443759'
  cpus: 4
  distribution:
    distribution: fedora
    version: "31"
  eventLogger: journald
  hostname: fedora31.rsletten.com
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 5.5.17-200.fc31.x86_64
  memFree: 2741886976
  memTotal: 4120424448
  ociRuntime:
    name: crun
    package: crun-0.13-2.fc31.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 0.13
      commit: e79e4de4ac16da0ce48777afb72c6241de870525
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  rootless: false
  slirp4netns:
    executable: ""
    package: ""
    version: ""
  swapFree: 4261408768
  swapTotal: 4261408768
  uptime: 1h 15m 37.83s (Approximately 0.04 days)
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - registry.centos.org
  - docker.io
store:
  configFile: /etc/containers/storage.conf
  containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
  graphDriverName: overlay
  graphOptions:
    overlay.mountopt: nodev,metacopy=on
  graphRoot: /var/lib/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "true"
  imageStore:
    number: 2
  runRoot: /var/run/containers/storage
  volumePath: /var/lib/containers/storage/volumes

Package info (e.g. output of rpm -q podman or apt list podman):

podman-1.9.0-1.fc31.x86_64

Additional environment details (AWS, VirtualBox, physical, etc.):

VM on Proxmox

kinbug stale-issue

Source

rsletten

Most helpful comment

@ashley-cui you take it.

rhatdan on 20 Jul 2020

👍2 🎉1

All 17 comments

@haircommander WDYT?

rhatdan on 24 Apr 2020

We have the hostPort options wired up, but it's possible there's somewhere it's dropped. I'll try to look at this later today

haircommander on 24 Apr 2020

I remember from working on https://github.com/containers/libpod/pull/5642/, port parsing should be fine, but there's no bind to individual IP supported.

As of 1.9 it's not supported https://github.com/containers/libpod/blob/d985723506a29766ed21585ba8541033db6bd572/pkg/adapter/pods.go#L798

Where did pkg/adapter go in v2?

tylarb on 24 Apr 2020

I can confirm this.

    ports:
    - containerPort: 9095
      hostIP: 10.4.0.61
      hostPort: 9095
      protocol: TCP

This yaml create a container like:

PORTS
0.0.0.0:9095->9095/tcp

x70b1 on 22 May 2020

We should fix this for v2.0

mheon on 2 Jun 2020

❤1

@ashley-cui PTAL

mheon on 8 Jun 2020

@mheon Unfortunately it is not fixed in v2.0.

This is a real problem. It is currently not possible to use a port twice if you have multiple IPs on the host.

x70b1 on 19 Jun 2020

A friendly reminder that this issue had no activity for 30 days.

github-actions[bot] on 20 Jul 2020

@ashley-cui Did you ever get a chance to look at this?
@ryanchpowell Any chance you could look at this?

rhatdan on 20 Jul 2020

@rhatdan Didn't get a chance to look at it, but should be free to take it today, unless @ryanchpowell wants it

ashley-cui on 20 Jul 2020

@ashley-cui you take it.

rhatdan on 20 Jul 2020

👍2 🎉1

@rhatdan How do I write tests for this? Since IP's change from machine to machine

ashley-cui on 22 Jul 2020

This issue seems to be fixed with the PR. In which version will this be shipped?
I installed 2.0.4 and the issue is still there.

x70b1 on 4 Aug 2020

I test it , it's ok in 2.0.4 @x70b1

root@develop:~# podman pod create --name test -p 127.0.0.1:5000:5000/tcp
ab80c59f25f86548e4a650844ea4e7eaa7af003299e7096675b003553271f88d
root@develop:~# podman run -dt -i --pod test alpine top -d 10
8839a33de99021534a3876e9b7cda8a7d5caa054022c3bea07a5112e604b5295
root@develop:~# podman generate kube test
# Generation of Kubernetes YAML is still under development!
#
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-2.0.2
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: "2020-08-04T13:06:22Z"
  labels:
    app: test
  name: test
spec:
  containers:
  - command:
    - top
    - -d
    - "10"
    env:
    - name: PATH
      value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
    - name: TERM
      value: xterm
    - name: container
      value: podman
    - name: HOSTNAME
      value: test
    image: docker.io/library/alpine:3.12
    name: kindmeitner
    ports:
    - containerPort: 5000
      hostIP: 127.0.0.1
      hostPort: 5000
      protocol: TCP
    resources: {}
    securityContext:
      allowPrivilegeEscalation: true
      capabilities: {}
      privileged: false
      readOnlyRootFilesystem: false
      seLinuxOptions: {}
    stdin: true
    tty: true
    workingDir: /
status: {}
---
metadata:
  creationTimestamp: null
spec: {}
status:
  loadBalancer: {}

root@develop:~# podman --version
podman version 2.0.4

zhangguanzhang on 4 Aug 2020

@zhangguanzhang What did you exactly test?

The problem here is that podman listen on all adresses instead of the defined one.

#  netstat -tulpen | grep conmon
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      0          23029      1096/conmon
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      0          23030      1096/conmon

# podman --version
podman version 2.0.4



md5-9678f386106b5b3eed63146460aed2d8



spec:

...

    - image: localhost/nginx
      name: nginx
      ports:
       - containerPort: 80
         hostIP: 192.168.100.1
         hostPort: 80
         protocol: tcp
       - containerPort: 443
         hostIP: 192.168.100.1
         hostPort: 443
         protocol: tcp

x70b1 on 4 Aug 2020

Looks like it didn't get into 2.0.4 but is in master

ashley-cui on 4 Aug 2020

Well, then lets hope for 2.0.5 :crossed_fingers:

x70b1 on 4 Aug 2020

Was this page helpful?

0 / 5 - 0 ratings