mirror of
https://github.com/GNS3/gns3-server.git
synced 2024-11-16 08:44:52 +02:00
Fix run Docker containers with user namespaces enabled. Fixes #2414
This commit is contained in:
grossmj
parent
dbe2b8a5fb
commit
48b7e6ca50
@ -383,8 +383,8 @@ class DockerVM(BaseNode):
|
|||||||
"CapAdd": ["ALL"],
|
"CapAdd": ["ALL"],
|
||||||
"Privileged": True,
|
"Privileged": True,
|
||||||
"Binds": self._mount_binds(image_infos),
|
"Binds": self._mount_binds(image_infos),
|
||||||
|
"UsernsMode": "host",
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"Env": ["container=docker"], # Systemd compliant: https://github.com/GNS3/gns3-server/issues/573
|
"Env": ["container=docker"], # Systemd compliant: https://github.com/GNS3/gns3-server/issues/573
|
||||||
"Cmd": [],
|
"Cmd": [],
|
||||||
@ -451,6 +451,7 @@ class DockerVM(BaseNode):
|
|||||||
if extra_hosts:
|
if extra_hosts:
|
||||||
params["Env"].append("GNS3_EXTRA_HOSTS={}".format(extra_hosts))
|
params["Env"].append("GNS3_EXTRA_HOSTS={}".format(extra_hosts))
|
||||||
|
|
||||||
|
print(params)
|
||||||
result = await self.manager.query("POST", "containers/create", data=params)
|
result = await self.manager.query("POST", "containers/create", data=params)
|
||||||
self._cid = result['Id']
|
self._cid = result['Id']
|
||||||
log.info("Docker container '{name}' [{id}] created".format(name=self._name, id=self._id))
|
log.info("Docker container '{name}' [{id}] created".format(name=self._name, id=self._id))
|
||||||
|
|||||||
@ -107,9 +107,9 @@ async def test_create(compute_project, manager):
|
|||||||
"{}:/gns3:ro".format(Docker.resources_path()),
|
"{}:/gns3:ro".format(Docker.resources_path()),
|
||||||
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -146,9 +146,9 @@ async def test_create_with_tag(compute_project, manager):
|
|||||||
"{}:/gns3:ro".format(Docker.resources_path()),
|
"{}:/gns3:ro".format(Docker.resources_path()),
|
||||||
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -189,9 +189,9 @@ async def test_create_vnc(compute_project, manager):
|
|||||||
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network")),
|
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network")),
|
||||||
"/tmp/.X11-unix/X{0}:/tmp/.X11-unix/X{0}:ro".format(vm._display)
|
"/tmp/.X11-unix/X{0}:/tmp/.X11-unix/X{0}:ro".format(vm._display)
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -319,9 +319,9 @@ async def test_create_start_cmd(compute_project, manager):
|
|||||||
"{}:/gns3:ro".format(Docker.resources_path()),
|
"{}:/gns3:ro".format(Docker.resources_path()),
|
||||||
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"Entrypoint": ["/gns3/init.sh"],
|
"Entrypoint": ["/gns3/init.sh"],
|
||||||
"Cmd": ["/bin/ls"],
|
"Cmd": ["/bin/ls"],
|
||||||
@ -418,9 +418,9 @@ async def test_create_image_not_available(compute_project, manager):
|
|||||||
"{}:/gns3:ro".format(Docker.resources_path()),
|
"{}:/gns3:ro".format(Docker.resources_path()),
|
||||||
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -462,9 +462,9 @@ async def test_create_with_user(compute_project, manager):
|
|||||||
"{}:/gns3:ro".format(Docker.resources_path()),
|
"{}:/gns3:ro".format(Docker.resources_path()),
|
||||||
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -546,9 +546,9 @@ async def test_create_with_extra_volumes_duplicate_1_image(compute_project, mana
|
|||||||
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network")),
|
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network")),
|
||||||
"{}:/gns3volumes/vol/1".format(os.path.join(vm.working_dir, "vol", "1")),
|
"{}:/gns3volumes/vol/1".format(os.path.join(vm.working_dir, "vol", "1")),
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -586,9 +586,9 @@ async def test_create_with_extra_volumes_duplicate_2_user(compute_project, manag
|
|||||||
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network")),
|
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network")),
|
||||||
"{}:/gns3volumes/vol/1".format(os.path.join(vm.working_dir, "vol", "1")),
|
"{}:/gns3volumes/vol/1".format(os.path.join(vm.working_dir, "vol", "1")),
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -626,9 +626,9 @@ async def test_create_with_extra_volumes_duplicate_3_subdir(compute_project, man
|
|||||||
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network")),
|
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network")),
|
||||||
"{}:/gns3volumes/vol".format(os.path.join(vm.working_dir, "vol")),
|
"{}:/gns3volumes/vol".format(os.path.join(vm.working_dir, "vol")),
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -666,9 +666,9 @@ async def test_create_with_extra_volumes_duplicate_4_backslash(compute_project,
|
|||||||
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network")),
|
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network")),
|
||||||
"{}:/gns3volumes/vol".format(os.path.join(vm.working_dir, "vol")),
|
"{}:/gns3volumes/vol".format(os.path.join(vm.working_dir, "vol")),
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -705,9 +705,9 @@ async def test_create_with_extra_volumes_duplicate_5_subdir_issue_1595(compute_p
|
|||||||
"{}:/gns3:ro".format(Docker.resources_path()),
|
"{}:/gns3:ro".format(Docker.resources_path()),
|
||||||
"{}:/gns3volumes/etc".format(os.path.join(vm.working_dir, "etc")),
|
"{}:/gns3volumes/etc".format(os.path.join(vm.working_dir, "etc")),
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -744,9 +744,9 @@ async def test_create_with_extra_volumes_duplicate_6_subdir_issue_1595(compute_p
|
|||||||
"{}:/gns3:ro".format(Docker.resources_path()),
|
"{}:/gns3:ro".format(Docker.resources_path()),
|
||||||
"{}:/gns3volumes/etc".format(os.path.join(vm.working_dir, "etc")),
|
"{}:/gns3volumes/etc".format(os.path.join(vm.working_dir, "etc")),
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -791,9 +791,9 @@ async def test_create_with_extra_volumes(compute_project, manager):
|
|||||||
"{}:/gns3volumes/vol/1".format(os.path.join(vm.working_dir, "vol", "1")),
|
"{}:/gns3volumes/vol/1".format(os.path.join(vm.working_dir, "vol", "1")),
|
||||||
"{}:/gns3volumes/vol/2".format(os.path.join(vm.working_dir, "vol", "2")),
|
"{}:/gns3volumes/vol/2".format(os.path.join(vm.working_dir, "vol", "2")),
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -1040,9 +1040,9 @@ async def test_update(vm):
|
|||||||
"{}:/gns3:ro".format(Docker.resources_path()),
|
"{}:/gns3:ro".format(Docker.resources_path()),
|
||||||
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
@ -1109,9 +1109,9 @@ async def test_update_running(vm):
|
|||||||
"{}:/gns3:ro".format(Docker.resources_path()),
|
"{}:/gns3:ro".format(Docker.resources_path()),
|
||||||
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
"{}:/gns3volumes/etc/network".format(os.path.join(vm.working_dir, "etc", "network"))
|
||||||
],
|
],
|
||||||
"Privileged": True
|
"Privileged": True,
|
||||||
|
"UsernsMode": "host"
|
||||||
},
|
},
|
||||||
"UsernsMode": "host",
|
|
||||||
"Volumes": {},
|
"Volumes": {},
|
||||||
"NetworkDisabled": True,
|
"NetworkDisabled": True,
|
||||||
"Hostname": "test",
|
"Hostname": "test",
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user