From 673358c0d94f82ac56d9f4f6e7aec7ff5761e1cc Mon Sep 17 00:00:00 2001 From: Andrei Vagin Date: Tue, 28 May 2019 11:47:46 -0700 Subject: runsc/do: allow to run commands in a host network namespace PiperOrigin-RevId: 250329795 --- runsc/cmd/do.go | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'runsc/cmd/do.go') diff --git a/runsc/cmd/do.go b/runsc/cmd/do.go index 425db8efe..c057f3087 100644 --- a/runsc/cmd/do.go +++ b/runsc/cmd/do.go @@ -39,9 +39,10 @@ import ( // Do implements subcommands.Command for the "do" command. It sets up a simple // sandbox and executes the command inside it. See Usage() for more details. type Do struct { - root string - cwd string - ip string + root string + cwd string + ip string + networkNamespace bool } // Name implements subcommands.Command.Name. @@ -71,6 +72,7 @@ func (c *Do) SetFlags(f *flag.FlagSet) { f.StringVar(&c.root, "root", "/", `path to the root directory, defaults to "/"`) f.StringVar(&c.cwd, "cwd", ".", "path to the current directory, defaults to the current directory") f.StringVar(&c.ip, "ip", "192.168.10.2", "IPv4 address for the sandbox") + f.BoolVar(&c.networkNamespace, "netns", true, "run in a new network namespace") } // Execute implements subcommands.Command.Execute. @@ -118,7 +120,11 @@ func (c *Do) Execute(_ context.Context, f *flag.FlagSet, args ...interface{}) su specutils.LogSpec(spec) cid := fmt.Sprintf("runsc-%06d", rand.Int31n(1000000)) - if conf.Network != boot.NetworkNone { + if !c.networkNamespace { + if conf.Network != boot.NetworkHost { + Fatalf("The current network namespace can be used only if --network=host is set", nil) + } + } else if conf.Network != boot.NetworkNone { clean, err := c.setupNet(cid, spec) if err != nil { return Errorf("Error setting up network: %v", err) -- cgit v1.2.3