Skip to content

libnetwork/etchosts: add host.containers.internal for machine #2464

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
openshift-merge-bot merged 1 commit into from
Jul 7, 2025
Merged

libnetwork/etchosts: add host.containers.internal for machine #2464

openshift-merge-bot merged 1 commit into from
Jul 7, 2025

Conversation

@Luap99
Copy link
Member

@Luap99 Luap99 commented Jul 7, 2025
edited by sourcery-ai bot
Loading

When running inside podman machine we cannot use the normal ip lookup logic for host.containers.internal because that should refer to the actual host system and not the VM ip.

gvproxy already resolves the host.containers.internal name correctly but the issue is when a users wants to set a custom name via --add-host foobar:host-gateway then we need to know the actual ip to replace the host-gateway part. Right now we just always error which is not good.

To fix this just look up the name ourselves so we can add it to /etc/hosts.

Fixes: containers/podman#21681

Summary by Sourcery

Resolve and cache the host.containers.internal address via DNS in Podman machine mode so that custom host-gateway mappings can be added to /etc/hosts without errors

New Features:

  • Add DNS lookup for host.containers.internal IP when running inside a Podman machine

Bug Fixes:

  • Enable --add-host foobar:host-gateway to work by populating /etc/hosts with the resolved host.containers.internal IP instead of erroring

Enhancements:

  • Cache the machine host-containers.internal lookup result using sync.OnceValue

@sourcery-ai
Copy link

sourcery-ai bot commented Jul 7, 2025
edited
Loading

Reviewer's Guide

Adds a one-time DNS lookup for host.containers.internal and plugs that lookup into GetHostContainersInternalIP so custom --add-host entries resolve correctly when running in a Podman machine with gvproxy.

Sequence diagram for resolving host.containers.internal in Podman machine

sequenceDiagram
    participant User
    participant Podman
    participant etchosts
    participant machine
    participant net

    User->>Podman: Run container with --add-host foobar:host-gateway
    Podman->>etchosts: Call GetHostContainersInternalIP(opts)
    etchosts->>machine: IsGvProxyBased()
    alt machine is gvproxy-based
        etchosts->>etchosts: machineHostContainersInternalIP()
        etchosts->>net: LookupIP("host.containers.internal")
        net-->>etchosts: IP address
        etchosts-->>Podman: Return resolved IP
    else not gvproxy-based
        etchosts-->>Podman: Use default logic
    end
    Podman-->>User: /etc/hosts updated with correct IP
Loading

Class diagram for updated GetHostContainersInternalIP logic

classDiagram
    class HostContainersInternalOptions {
        Conf ConfType
        PreferIP string
    }
    class ConfType {
        Containers ContainersType
    }
    class ContainersType {
        HostContainersInternalIP string
    }
    class machine {
        +IsGvProxyBased() bool
    }
    class etchosts {
        +GetHostContainersInternalIP(opts HostContainersInternalOptions) string
        +machineHostContainersInternalIP() string
    }
    HostContainersInternalOptions --> ConfType : Conf
    ConfType --> ContainersType : Containers
    etchosts ..> machine : uses
    etchosts ..> HostContainersInternalOptions : uses
    etchosts ..> machineHostContainersInternalIP : calls
    machineHostContainersInternalIP ..> net : LookupIP
Loading

File-Level Changes

Change Details Files
Introduce cached DNS lookup for host.containers.internal
  • Define machineHostContainersInternalIP as a sync.OnceValue
  • Perform net.LookupIP on HostContainersInternal and return first result
  • Fallback to empty string if lookup fails
 libnetwork/etchosts/ip.go
Use the new lookup in GetHostContainersInternalIP when using gvproxy
  • Change branch for machine.IsGvProxyBased to return machineHostContainersInternalIP() instead of empty
  • Refine comments to explain name resolution under gvproxy
  • Preserve existing behavior for empty and "none" options
 libnetwork/etchosts/ip.go
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@openshift-ci openshift-ci bot added the approved label Jul 7, 2025
sourcery-ai[bot]
sourcery-ai bot approved these changes Jul 7, 2025
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @Luap99 - I've reviewed your changes and they look great!

Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jul 7, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Luap99, sourcery-ai[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@baude
Copy link
Member

baude commented Jul 7, 2025

LGTM, i assume there is no value in logging any errors there in the new function.

@Luap99
Copy link
Member Author

Luap99 commented Jul 7, 2025

LGTM, i assume there is no value in logging any errors there in the new function.

I also could log it as warning so we see it in the journal if we ever have to ask users for logs it might be worth it. gvproxy should always resolve the name and we have the condition that checks that we are a gvproxy machine so I guess this never fails unless gvproxy is misbehaving.

I think I need to update the docs here as well as we leaked some implementation details into them that now need to be updated.

@Luap99
libnetwork/etchosts: add host.containers.internal for machine
02d7ba7 
When running inside podman machine we cannot use the normal ip lookup
logic for host.containers.internal because that should refer to the
actual host system and not the VM ip.

gvproxy already resolves the host.containers.internal name correctly but
the issue is when a users wants to set a custom name via --add-host
foobar:host-gateway then we need to know the actual ip to replace the
host-gateway part. Right now we just always error which is not good.

To fix this just look up the name ourselves so we can add it to
/etc/hosts.

Fixes: containers/podman#21681

Signed-off-by: Paul Holzinger <[email protected]>
@baude
Copy link
Member

baude commented Jul 7, 2025

LGTM

@Luap99
Copy link
Member Author

Luap99 commented Jul 7, 2025

@mheon PTAL

(For reference I tested this change inside the machine and it worked as expected)

@mheon
Copy link
Member

mheon commented Jul 7, 2025

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Jul 7, 2025
@openshift-merge-bot openshift-merge-bot bot merged commit 2b4e95a into containers:main Jul 7, 2025
14 checks passed
@Luap99 Luap99 deleted the machine-host branch July 7, 2025 20:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@mheon mheon

Labels

approved lgtm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Mac: current HEAD errors out on --add-host using host-gateway with "host containers internal IP address is empty"

3 participants

@Luap99 @baude @mheon