From f67e217f2716937115a3bdf6d316b172bbec75e5 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Fri, 6 Sep 2024 17:57:24 +0200 Subject: container: T6702: re-add missing UNIX API socket During podman upgrade and a build from the original source the UNIX socket definition for systemd got lost in translation. This commit re-adds the UNIX socket which is started on boot to interact with Podman. Example: curl --unix-socket /run/podman/podman.sock -H 'content-type: application/json' \ -sf http://localhost/containers/json --- debian/vyos-1x.postinst | 3 +++ smoketest/scripts/cli/test_container.py | 18 ++++++++++++++++++ src/systemd/podman.service | 16 ++++++++++++++++ src/systemd/podman.socket | 10 ++++++++++ 4 files changed, 47 insertions(+) create mode 100644 src/systemd/podman.service create mode 100644 src/systemd/podman.socket diff --git a/debian/vyos-1x.postinst b/debian/vyos-1x.postinst index 141a9e8f9..dc8ada267 100644 --- a/debian/vyos-1x.postinst +++ b/debian/vyos-1x.postinst @@ -244,6 +244,9 @@ fi # Enable Cloud-init pre-configuration service systemctl enable vyos-config-cloud-init.service +# Enable Podman API +systemctl enable podman.service + # Generate API GraphQL schema /usr/libexec/vyos/services/api/graphql/generate/generate_schema.py diff --git a/smoketest/scripts/cli/test_container.py b/smoketest/scripts/cli/test_container.py index 3dd97a175..5e33eba40 100755 --- a/smoketest/scripts/cli/test_container.py +++ b/smoketest/scripts/cli/test_container.py @@ -230,5 +230,23 @@ class TestContainer(VyOSUnitTestSHIM.TestCase): tmp = cmd(f'sudo podman exec -it {cont_name} id -g') self.assertEqual(tmp, gid) + def test_api_socket(self): + base_name = 'api-test' + container_list = range(1, 5) + + for ii in container_list: + name = f'{base_name}-{ii}' + self.cli_set(base_path + ['name', name, 'image', cont_image]) + self.cli_set(base_path + ['name', name, 'allow-host-networks']) + + self.cli_commit() + + # Query API about running containers + tmp = cmd("sudo curl --unix-socket /run/podman/podman.sock -H 'content-type: application/json' -sf http://localhost/containers/json") + tmp = json.loads(tmp) + + # We expect the same amount of containers from the API that we started above + self.assertEqual(len(container_list), len(tmp)) + if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/src/systemd/podman.service b/src/systemd/podman.service new file mode 100644 index 000000000..20a16304b --- /dev/null +++ b/src/systemd/podman.service @@ -0,0 +1,16 @@ +[Unit] +Description=Podman API Service +Requires=podman.socket +After=podman.socket +Documentation=man:podman-system-service(1) +StartLimitIntervalSec=0 + +[Service] +Delegate=true +Type=exec +KillMode=process +Environment=LOGGING="--log-level=info" +ExecStart=/usr/bin/podman $LOGGING system service + +[Install] +WantedBy=default.target diff --git a/src/systemd/podman.socket b/src/systemd/podman.socket new file mode 100644 index 000000000..397058ee4 --- /dev/null +++ b/src/systemd/podman.socket @@ -0,0 +1,10 @@ +[Unit] +Description=Podman API Socket +Documentation=man:podman-system-service(1) + +[Socket] +ListenStream=%t/podman/podman.sock +SocketMode=0660 + +[Install] +WantedBy=sockets.target -- cgit v1.2.3