From ee6bf7e9af5c6a25177a652f6a455ebb7438186d Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 21 Apr 2021 19:34:47 +0200 Subject: containers: T2216: the first IP address is always reserved for podman --- src/conf_mode/containers.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'src/conf_mode') diff --git a/src/conf_mode/containers.py b/src/conf_mode/containers.py index ded82d155..9b7a52d26 100755 --- a/src/conf_mode/containers.py +++ b/src/conf_mode/containers.py @@ -113,17 +113,21 @@ def verify(container): raise ConfigError(f'Can not use "address" without "network" for container "{name}"!') address = container_config['network'][network_name]['address'] - network = container['network'][network_name]['prefix'] - network = None if is_ipv4(address): network = [x for x in container['network'][network_name]['prefix'] if is_ipv4(x)][0] elif is_ipv6(address): network = [x for x in container['network'][network_name]['prefix'] if is_ipv6(x)][0] + # Specified container IP address must belong to network prefix if ip_address(address) not in ip_network(network): raise ConfigError(f'Used container address "{address}" not in network "{network}"!') + # We can not use the first IP address of a network prefix as this is used by podman + if ip_address(address) == ip_network(network)[1]: + raise ConfigError(f'Address "{address}" reserved for the container engine!') + + # Container image is a mandatory option if 'image' not in container_config: raise ConfigError(f'Container image for "{name}" is mandatory!') -- cgit v1.2.3