Actions
action #176850
closed[Containers] Add test for network isolation
Start date:
2025-02-10
Due date:
% Done:
0%
Estimated time:
Tags:
Description
We should add a test that checks if the network isolation works as expected [1].
We need to perform the following steps
- Create a new (bridge) network with the
--internalfunction - Ensure containers in this network can access the host
- Ensure containers in this network cannot access the internet
- Ensure containers in this network cannot modify the IP routes (e.g.
ip route add default HOSTIP)
Acceptance criteria¶
- AC1: A test runs that ensure the
--internalfunction of a podman network works as defined above
Weblinks¶
[1] https://docs.podman.io/en/latest/markdown/podman-network-create.1.html#internal
Updated by rbranco 17 days ago
RFC:
We can check whether this is implemented in the upstream tests and submit it here:
https://github.com/containers/podman/blob/main/test/system/500-networking.bats
Updated by rbranco 4 days ago
Fix issue in JeOS & docker-stable:
https://github.com/os-autoinst/os-autoinst-distri-opensuse/pull/21454
Updated by rbranco 3 days ago
Bug on docker-stable: https://bugzilla.opensuse.org/show_bug.cgi?id=1239596
Updated by rbranco 3 days ago
TODO:
- Use busybox image when https://bugzilla.suse.com/show_bug.cgi?id=1239176 is solved
- https://github.com/os-autoinst/os-autoinst-distri-opensuse/pull/21458
Updated by rbranco 3 days ago
Fix docker rootless cleanup
https://github.com/os-autoinst/os-autoinst-distri-opensuse/pull/21468
Updated by rbranco 3 days ago
Re-enable on SLES:
https://github.com/os-autoinst/os-autoinst-distri-opensuse/pull/21470
Actions