-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
podman create --device invalid-device --privileged does not raise error #23132
Comments
Please share the exact command you use to create the container and how do you run them. Without a proper reproducer it will be impossible to debug this. From your given container inspect it seems the container ignored the given network and just uses the default podman one. Are you using using podman network connect/disconnect by any chance? |
The command is in the |
Aargh, I now noticed the problem. There's a stray |
That already creates an error for me, it is not clear how you managed to create the container like this. |
@Luap99 What's confusing by the way, is what way of specifying static IP addresses is supported given how many IP addresses, networking mode, number of networks. Ideally there would be a single way. Also, the difference between bridge mode and other modes in this respect, for instance in being able to connect networks by ID vs. name, seems to differ from Docker engine's CLI. |
Which Podman version have you tested? |
By the way, I use |
Please be specific, using name of ID should not matter, the reason there are several ways is because I tested with podman 4.9.4 and main, and using |
I have minimal reproducer of the defect: podman container create --device --network=bb7c9de1d0966a607e8d2d219210641f570e8d947f8d886e3694990bfad19955:ip=172.16.128.2,ip6=fde5:c139:5e49:5ad6::2 --privileged -- ghcr.io/siderolabs/talos:v1.7.5 The |
Ah yes with |
If you mean with specific, provide more support for the claim that ID vs. name is accepted based on networking mode, then please consider this excerpt from the
As my custom network has |
Bridge network mode != bridge network driver, the bridge mode is really more of a internal detail and is the same thing as the custom (user-defined) networks |
I suppose you can see why that's confusing. Perhaps it's possible to move implementation or design details from the user docs to dev docs. |
yes of course |
Issue Description
I cannot reliably assign static IP addresses, and force to use the custom network in the first place. I've tried multiple ways to specifcy the network and the static IP addresses, and this method seems to fully comply with the (confusing) instructions in the
podman create
docs.Steps to reproduce the issue
Create a container that matches this inspect dump:
And a network that matches this
network inspect
dump:Describe the results you received
Sometimes (not always, with the same invocation) another IP-address in a custom network's subnet is assigned. Sometimes, the custom network isn't selected but rather the default network
podman
, and IP-addresses in its subnet.Describe the results you expected
I expect any fault condition, such as specifying a custom network that cannot be found or used for some reason, to cause a fatal fault, rather than silently reverting to the default network. I also expect that custom networks can be specified including IP address assignment.
podman info output
Podman in a container
No
Privileged Or Rootless
Privileged
Upstream Latest Release
No
Additional environment details
Additional environment details
Additional information
Client: Podman Engine
Version: 4.9.3
API Version: 4.9.3
Go Version: go1.22.1
Built: Thu Jan 1 01:00:00 1970
OS/Arch: linux/amd64
The text was updated successfully, but these errors were encountered: