feature: add container's network files

[shaloulcy]

Signed-off-by: Eric Li lcy041536@gmail.com

Ⅰ. Describe what this PR did

Now when we start a container, it has no network files, including /etc/hosts, /etc/hostname and /etc/resolv.conf. In this PR, we will generate container's network files when container starts

Ⅱ. Does this pull request fix one issue?

fixes #1162

Ⅲ. Describe how you did it

The libnetwork will help us generate network files(/etc/hosts and /etc/resolv.conf). /etc/hostname will be generated by pouchd.

At last, we should mount it into container.

Ⅳ. Describe how to verify it

start a container, and list /etc

# pouch run -it --hostname helloPouch  reg.docker.alibaba-inc.com/busybox:latest sh


BusyBox v1.21.1 (Ubuntu 1:1.21.0-1ubuntu1) built-in shell (ash)
Enter 'help' for a list of built-in commands.

~ # ls /etc/
group          hosts          passwd
hostname       nsswitch.conf  resolv.conf

check network files

~ # cat /etc/hostname
helloPouch
~ # cat /etc/hosts
127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
172.17.0.5	helloPouch
~ # ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:05  
          inet addr:172.17.0.5  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::42:acff:fe11:5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:648 (648.0 B)  TX bytes:648 (648.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

~ # cat /etc/resolv.conf 
search DHCP
nameserver 127.0.0.11
options ndots:0

Ⅴ. Special notes for reviews

[codecov-io]

Codecov Report

Merging #1403 into master will increase coverage by 20.93%.
The diff coverage is 43.67%.

@@             Coverage Diff             @@
##           master    #1403       +/-   ##
===========================================
+ Coverage   16.26%   37.19%   +20.93%     
===========================================
  Files         206      252       +46     
  Lines       13759    17545     +3786     
===========================================
+ Hits         2238     6526     +4288     
+ Misses      11365    10185     -1180     
- Partials      156      834      +678

Impacted Files	Coverage Δ
cri/v1alpha2/cri_utils.go	28.35% <0%> (-0.07%)	⬇️
cli/common_flags.go	0% <0%> (ø)	⬆️
cli/container.go	0% <0%> (ø)	⬆️
cri/v1alpha1/cri_utils.go	29.25% <0%> (-0.07%)	⬇️
daemon/mgr/container.go	35.12% <45.16%> (+35.12%)	⬆️
daemon/mgr/spec_mount.go	72.61% <63.15%> (+72.61%)	⬆️
pkg/multierror/def.go	0% <0%> (-100%)	⬇️
cli/main.go	0% <0%> (ø)	⬆️
cli/pull.go	0% <0%> (ø)	⬆️
cli/upgrade.go	0% <0%> (ø)	⬆️
... and 129 more

[allencloud]

I would like to invite @HusterWan to take a review of the design. I think adding network files into the container will make the usage inside our environment incompatible. Right?

[HusterWan]

@allencloud Yes, we have discuss offline, i will review this PR

BTW, thanks a lot for your works @shaloulcy

[HusterWan]

there are many duplicate codes here, maybe we can use

for _, bind := range []pathBinding{{Src: xxx, Dst: xxx}} {
}

WDYT? :)

[shaloulcy]

agree it

[HusterWan]

How about code below ?

if utils.StringInSlice([]string{"/etc/hostname", "/etc/hosts", "/etc/resolv.conf", mount.Destination})
    xxx

the function just set one file, if user set all three files, should we also set them for c ?

[shaloulcy]

the outer function will iterator all mountpoints

[HusterWan]

should we put check switch code in here?

if c.Config.DisableHostsfiles {
    mounts = append(mounts, generateNetworkMounts(c)...)

[shaloulcy]

agree it

[HusterWan]

Hostsfiles may not so good, do we have more properly name for /etc/hosts, /etc/hostname, /etc/resolve.conf files? 😆

cc @allencloud @rudyfly

[allencloud]

I do not like the naming of DisableHostsfiles , either. How about DisableLocalFiles or DisableNetworkFiles?

[HusterWan]

DisableNetworkFiles +1

[shaloulcy]

agree it

[HusterWan]

LGTM

BTW, can we add some test cases for this feature?

[fuweid]

@HusterWan I think we should add cases before merged. The test debt is rising right now... WDYT?

[HusterWan]

@fuweid Yes, of course we should add test cases before merged this PR, take it easy dude ! 😆 😆

[fuweid]

@HusterWan If the final can run into the Game7....yeah...of course!

[shaloulcy]

@fuweid @HusterWan I have add some test cases

[allencloud]

I found that here we have so much blocks about network handling in this Create function. And this make the code much much longer and a little bit difficult to read. Is there any way to encapsulate these blocks into a single function? @shaloulcy
Maybe in another pull request.

[HusterWan]

@shaloulcy since the DisableNetworkFiles flag will affect all already running containers on host using PouchContainer in alibaba group, we must set DisableNetworkFiles to true before this feature releases online.

• first, we stop pouchd
• second, set all containers's DisableNetworkFiles to true by using script
• then we start pouchd again

cc @yyb196

[HusterWan]

we may make sure the test image never contains this three files, just comment.